CNEL推出广告服务大优惠 14:2:19:322
通栏广告 标题广告 预知详情:http://www.cnelc.com/ad/3.htm 中国工业电器网广告投放报价单 服务内容 制作效果 大小尺寸 广告投放时间及报价(元) 申 请 1个月 3个月 6个月 1年 首页 通栏广告 平面 768×35 5000 14000 26000 5 申 请 标题广告 平面 100×40 1000 2800 5200 1 申 请 栏目首页 通栏广告 平面、动画 768×35 1000 2800 5200 1 申 请 标题广告 平面、动画 100×40 300 800 1700 3200 申 请 区域市场栏目 通栏广告 平面 768×35 800 2200 4000 7500 申 请 标题广告 平面、动画 100×40 300 800 1700 3200 申 请 专业市场栏目 通栏广告 平面、动画 768×35 800 2200 4000 7500 申 请 标题广告 平面、动画 100×40 300 800 1700 3200 申 请 联系方式: 中国工业电器网地址:上海市天目中路538号北苑大厦13楼 电话:021-33031114技术中心:021-33036114 传真:021-63532355 邮编:200070网址:www.cnelc.com 销售部 [EMAIL PROTECTED]联系人:陈波 浙江温州地区业务联系:地址:浙江省乐清市北白象镇开创路130号电话:0577-62999758 手机:13506777309联系人:郑成光 公司汇款资料:公司全称:上海易电网络科技有限公司开户行:农行闸北支天目所帐号: 033623-08016162886 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Especially for
Title: The Secret on How PORN STARS Grew Big DICKS ! The answer is here. Turn off notifications here. . WV International Exports Ltd St. #9247Belize City, Belize .
Re: New SSL Certificates for Postfix & Courier-imap
On Tue, Dec 14, 2004 at 06:03:23AM +, [EMAIL PROTECTED] wrote: > Ce jour Mon, 13 Dec 2004, W.Andrew Loe III a dit: > > > I am trying to figure out how to re-build my SSL certificates for > > postfix and courier-imap. Right now my certificate for postfix has some > > errors on it (wrong CN), but I am able to download it and set it to be > > accepted by OS X (ends pop-ups in Mail.app). My courier-imap > > certificate does not work in OS X, I've tried using mkimapdcert in > > /usr/sbin/ but it is not generating certificates that are compatible > > with OS X. Suggestions on how I can use OpenSSL to generate > > certificates for both? > > i wrote a goofy script to create server certs: try this one instead. it makes certificates which can either be used in a postfix-tls server or in a mail client for encryption and or relay authentication. (NOTE: i am far from an expert in SSL certificates. i wrote the script after reading various HOWTOs and notes on the web. it may or may not be the best way, or even a good way, of generating certificates. i probably wouldn't use it where identity & authentication was important. but it works for opportunistic encryption of mail transport and for client-certificate based relaying) ---cut here--- #! /bin/sh # make-postfix-cert.sh # Craig Sanders <[EMAIL PROTECTED]>2000-09-03 # this script is hereby placed in the public domain. # this script assumes that you already have a CA set up, as the openssl # default "demoCA" under the current directory. if you haven't done it # already, run "/usr/lib/ssl/misc/CA.pl -newca" (or where the path to # openssl's CA.pl script is on your system). # # then run this script like so: # #./make-postfix-cert.sh hostname.your.domain.com # # it will create the certificate and key files for that host and put # them into a subdirectory. site="$1" # edit these values to suit your site. COUNTRY="AU" PROVINCE="Victoria" LOCALITY="Melbourne" ORGANISATION="" ORG_UNIT="" COMMON_NAME=$site EMAIL="[EMAIL PROTECTED]" OPTIONAL_COMPANY_NAME="" # leave challenge password blank CHALLENGE_PASSWORD="" # generate a certificate valid for 10 years # (probably not a good idea if you care about authentication, but should # be fine if you only care about encryption of the smtp session) # comment this out if you want the openssl default (1 year, usually) DAYS="-days 3652" # create the certificate request cat <<__EOF__ | openssl req -new $DAYS -nodes -keyout newreq.pem -out newreq.pem $COUNTRY $PROVINCE $LOCALITY $ORGANISATION $ORG_UNIT $COMMON_NAME $EMAIL $CHALLENGE_PASSWORD $OPTIONAL_COMPANY_NAME __EOF__ # sign it openssl ca $DAYS -policy policy_anything -out newcert.pem -infiles newreq.pem # move it mkdir -p $site mv newreq.pem $site/key.pem chmod 400 $site/key.pem mv newcert.pem $site/cert.pem cd $site # create server.pem for smtpd cat cert.pem ../demoCA/cacert.pem key.pem >server.pem chmod 400 server.pem # create fingerprint file openssl x509 -fingerprint -in cert.pem -noout > fingerprint # uncomment to create pkcs12 certificate for netscape # (probably not needed) #openssl pkcs12 -export -in cert.pem -inkey key.pem \ # -certfile ../demoCA/cacert.pem -name "$site" -out cert.p12 cd .. ---cut here--- run it like so: ./make-postfix-cert.sh FQDN you should use the server's announced FQDN host-name as the server name in the certificate. once the cert has been created, copy $site/*.pem and demoCA/cacert.pem into /etc/postfix on the target system. and add the following to /etc/postfix/main.cf to enable TLS encryption. ---cut here--- smtpd_tls_cert_file = /etc/postfix/server.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_use_tls = yes smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_tls_CApath = /etc/postfix/certs smtp_tls_loglevel = 1 smtp_use_tls = yes smtp_tls_per_site = hash:/etc/postfix/tls_per_site smtp_tls_note_starttls_offer = yes tls_random_source = dev:/dev/urandom tls_daemon_random_source = dev:/dev/urandom ---cut here--- then: echo ". MAY" >/etc/postfix/tls_per_site postmap hash:/etc/postfix/tls_per_site mkdir /etc/postfix/certs /etc/init.d/postfix restart tls_per_site allows you to control which remote sites are offered TLS and which are not. useful because some sites have broken implementations so you need to disable TLS for them. if you want postfix to verify remote certs, you can put CA certs for them into /etc/postfix/certs. this is not strictly necessary - encryption works fine without cert verification. i run this as a matter of routine whenever i create a new mail host in my domain. if i'm doing it for a new domain, i copy the script to somewhere else (usually to somewhere on the target system) and create a new demoCA for that domain, and then run the script there for all hosts and relay clients in that domain. finally, to allow a client with a known cert to relay through post
Re: dearly for this little
Congratulatoins! You were a p proved for special New Year M o rt gage program. You can refi na n ce with 3.2% and get your c as h for the holidays in just 3 days. Use this link to activate your egift http://www.nnamecom.com/ and Have a Happy Holiday. Jody Yang PR Department -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Notification Of Bequest!!!
ATTENTION; Sir NOTIFICATION OF BEQUEST . This is sequel to your non response of our earlier letter to you on behalf of the Trustees and Executors to the Will of late of Sir Engr.Thomas Whyte(KSM),I wish to notify you that you were listed as a beneficiary to the bequest of the sum of Five Million One Hundred Thousand US Dollars in the codicil and last testament of the deceased. The late Sir Thomas Whyte until his death was a former Managing Director and pioneer staff of a big construction company Julius Berger BV . He was a very dedicated Sufis and a great philanthropist during his life time. Late Sir Thomas Whyte died on 9th February 2003 at the age of 68,He was buried on the23rd of February. Late Sir Thomas Whyte even though he was an American living and working in Holland here as a foreigner he requested before his death that he be buried here in his words, "I regard here as My home and the people as my people". He said that this token is to support your ministry and help to the less- privileged. I hereby request that you forward any proof of identities of yours, your current telephone and fax numbers and your forwarding address to enable us file necessary documents at the High Court of Justice probate division for the release of this bequest of money. Congratulations. Yours faithfully, Dr.Van De Groot N.B FOR THE PURPOSE OF CONFIDENTIALITY, FORWARD THE REQUESTED INFORMATION TO [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Notification Of Bequest!!!
ATTENTION; Sir NOTIFICATION OF BEQUEST . This is sequel to your non response of our earlier letter to you on behalf of the Trustees and Executors to the Will of late of Sir Engr.Thomas Whyte(KSM),I wish to notify you that you were listed as a beneficiary to the bequest of the sum of Five Million One Hundred Thousand US Dollars in the codicil and last testament of the deceased. The late Sir Thomas Whyte until his death was a former Managing Director and pioneer staff of a big construction company Julius Berger BV . He was a very dedicated Sufis and a great philanthropist during his life time. Late Sir Thomas Whyte died on 9th February 2003 at the age of 68,He was buried on the23rd of February. Late Sir Thomas Whyte even though he was an American living and working in Holland here as a foreigner he requested before his death that he be buried here in his words, "I regard here as My home and the people as my people". He said that this token is to support your ministry and help to the less- privileged. I hereby request that you forward any proof of identities of yours, your current telephone and fax numbers and your forwarding address to enable us file necessary documents at the High Court of Justice probate division for the release of this bequest of money. Congratulations. Yours faithfully, Dr.Van De Groot N.B FOR THE PURPOSE OF CONFIDENTIALITY, FORWARD THE REQUESTED INFORMATION TO [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
..helping law enforcement log and prevent DDOS on Groklaw.net
Hi, ..as isp staffers etc, we have obligations under law to help law enforcement prevent DDOS attacks, and secure evidence? ;-) > > O/T Troll Forecast: Heavy showers, mixed with intermittent DDOS, > through the 21st > > Authored by: AllParadox on Wednesday, December 15 2004 @ 10:01 AM EST > > The SCO Group has a quartly conference on the 21st. > > Senior TSG management salaries depend on maintaining stock prices. > > The announcement on the 21st is probably scheduled to get the least > amount of news coverage, due to very bad earnings reports. > > In the past, a few days before bad news was announced, Troll activity > picked up significantly on the Yahoo! SCOX message board and on > Groklaw. There appeared to be some correlation between the amount of > Troll activity, the length of intensive pre-release Trolling, and the > severity of the bad news. > The TSG announcement on the 21st, just from publicly available > information, cannot be good. Quite likely, it will be very bad. > > Troll posts picked up considerably yesterday, and today we are seeing > what may be DDOS attacks on Ibiblio. > > TSG may be in a panic that stock prices will plummet from their > current bottom-hugging values. > > Forecast: Expect continuous Troll showers, heavy at times, > occasionally > mixed with DDOS, through the 21st. > > --- > All is paradox: I no longer practice law, so this is just another > layman's opinion. For a Real Legal Opinion, buy one from a licensed > Attorney > http://www.groklaw.net/comment.php?mode=display&sid=20041214182428433&title=O%2FT%20Troll%20Forecast%3A%20Heavy%20showers%2C%20mixed%20with%20intermittent%20DDOS%2C%20through%20the%2021st&type=article&order=&hideanonymous=0&pid=250843#c251024 -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Notification Of Bequest!!!
ATTENTION; Sir NOTIFICATION OF BEQUEST . This is sequel to your non response of our earlier letter to you on behalf of the Trustees and Executors to the Will of late of Sir Engr.Thomas Whyte(KSM),I wish to notify you that you were listed as a beneficiary to the bequest of the sum of Five Million One Hundred Thousand US Dollars in the codicil and last testament of the deceased. The late Sir Thomas Whyte until his death was a former Managing Director and pioneer staff of a big construction company Julius Berger BV . He was a very dedicated Sufis and a great philanthropist during his life time. Late Sir Thomas Whyte died on 9th February 2003 at the age of 68,He was buried on the23rd of February. Late Sir Thomas Whyte even though he was an American living and working in Holland here as a foreigner he requested before his death that he be buried here in his words, "I regard here as My home and the people as my people". He said that this token is to support your ministry and help to the less- privileged. I hereby request that you forward any proof of identities of yours, your current telephone and fax numbers and your forwarding address to enable us file necessary documents at the High Court of Justice probate division for the release of this bequest of money. Congratulations. Yours faithfully, Dr.Van De Groot N.B FOR THE PURPOSE OF CONFIDENTIALITY, FORWARD THE REQUESTED INFORMATION TO [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Re: ntpd listening on alias interfaces seems non-trivial
Excuse my reply to an 11 month old thread in googles top 30 on this subject. No solution was posted in that thread, here is one I've just tested and it works for me. I guess NTPD simply receives the packet on the 0.0.0.0:123 socket and the source address is set by way of the interface address after routing has been worked out. It would probably be undesirable to have NTPD to see and bind to each aliases interface, maybe NTPD should allow an 'interface [ifname|ipaddr]' that will at a minimum create a 'restrict' rule with the 'interface' flag set, this could allow for automatic re-binding to unavailable interfaces at the time NTPD was started. My solutions creates a dummy network interface that give NTPD a real interface to see and bind to, this only problem with this is that if the real ethernet based interface is downed (administrative or disabled) then the local host will still be able to route to that IP, unless you remembered to down dummy0 too. $ /etc/init.d/ntpd stop $ modprobe dummy $ ifconfig dummy0 $ /etc/init.d/ntpd start $ ntpdc ntpdc> reslist address maskcountflags = 255.255.255.255 0 ntpport, interface, ignore ntpdc> [Ctrl-D] $ netstat -uan | grep 123 udp0 0 :123 0.0.0.0:* Maybe this will be of use to someone else or someone has a better solution. On Sun, 2004-01-18 at 23:31, Marius Olsthoorn wrote: Ntp uses its own protocol on top of UDP. Each ntp packet includes source and destination addresses of the communication. The ntpd server uses this data and checks if a answer came from the same host the request was sent to. If this is not the case, it assumes something is wrong. Whatever the technical reasons, ntp is not happy if the response comes from a different IP to the one the request was sent to (this doesn't require IP's in the packet... the client could be just checking the src/dest IP's match). -- Darryl L. Miles -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]