Re: blacklists
Michelle Konzack wrote: I have tested in sequenz: sbl-xbl.spamhaus.org cbl.abuseat.org relays.ordb.org opm.blitzed.org list.dsbl.org dul.dnsbl.sorbs.org blackholes.mail-abuse.org dialups.mail-abuse.org But now I have removed all exept the first two. "spamhaus" catchs more then 50% of my spams and "abuseat" around 10%. The rest is done by "Blacklists" and spamassassin. cbl.abuseat.org is included in xbl.spamhaus.org so it is not needed to use both. If you use sbl.spamhaus.org I do not see why not to use bl.spamcop.net as well. Both have some collateral damage and false positives but still prove to be very useful. I can also advise to use list.dsbl.org. To see some statistics on the hit rate of various blacklists see: http://cgi.monitor.nl/popstats.html http://www.sdsc.edu/~jeff/spam/cbc.html I you use Spamassassin be sure to use SURBL. That is a very effective blacklist with virtually no false positives. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Value of backup MX
On Tue, 9 Nov 2004, Dale E. Martin wrote: > > i usually have my backup MX accept everything and then don't treat > > them specially on the primary. thus, policy is still enforced on the > > primary, but there is a proper backup path *under my control* should > > the primary be unreachable for whatever reason. > > With this approach you can't bounce RBLed messages at SMTP connect time > though, right? (I realize that RBLs are semi-controversial, especially at > the ISP level.) > > We recently dropped our secondary MX as it was just being abused to get > spam past the RBLs on our primary. (I.e. _no_ valid mails were being > delivered through the secondary MX.) The secondary MX was not under my > direct control which complicated matters a little as then I could not even > attempt to make the policy the same on the secondary as it was in the > primary. I had the same problem - no control over my MX boxen... I did manage to reduce (significantly) the number of bounces the MX must handle, and will soon have it down to virtually none ! And, you can do this without loss of function (RBL, SMTP time rejection). I setup sendmail (of course), mime-defang, SA, clamav, and fprot on the main mail machine. mime-defang runs as a milter (Mail fILTER), and can do SMTP time rejections (at helo, mail, rcpt, data...). The trick was to augment mime-defang such that it has a list of valid MX (and other forwarding - like d.o) machines. If a mail is classified as spam, or a virus, or hits an RBL, etc... I have mime-defang check the MX list and silently DROP mails from valid relays... but REJECT (5xx) all others. -- Rick Nelson I will be known as Ian Black, Ean can be Ian Red, Netgod Ian Blue, Che gets Ian Yellow, CQ is Ian Purple and Joey is Ian Indigo -- Some #Debian channel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: help with BIND SRV
On Wed, 6 Oct 2004, August MacBeth wrote: > thanks for your reply. I must have missed the section about how 'most' > software doesn't support SRV (http://dns.vanrein.org/srv/tools/).. It > seems like an incredible idea to me however, are there any alternatives > you could suggest? I'm after some kind of software load balancing / > fault tolerance.. Yes, a very unfortunate issue - as SRV would handle balancing, failover, etc. :( Your next best bet is to probably rely on DNS round-robin and define a few addresses for your ftp server... Any decent client/server DNS will rotate the addresses automagically. If you need more, there are some Debian packages to handle balancing - but I've not yet had the need to investigate them; my setup is small. -- Rick Nelson "As you journey through life take a minute every now and then to give a thought for the other fellow. He could be plotting something." -- Hagar the Horrible -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: help with BIND SRV
On Tue, 5 Oct 2004, August MacBeth wrote: > server# host ftp3.domain.net > server# telnet ftp3.domain.net 21 > telnet: could not resolve ftp3.domain.net/21: No address associated with > hostname > server# > > I've tried changing around the format of the RR, but nothing seems to > have an effect.. > > here's an example of my current setup: > [...] > host1 A 12.123.12.15 > ftp CNAME host1 > ftp2A 12.123.12.14 > > _ftp._tcp.ftp3SRV1 0 21 ftp > _ftp._tcp.ftp3SRV2 0 21 ftp2 hrm, is the final '.ftp3' required ? Mine don't have it (but I don't have a client that supports SRV either). Does your client surely know about SRV records ? -- Rick Nelson But what can you do with it? -- ubiquitous cry from Linux-user partner. (Submitted by Andy Pearce, [EMAIL PROTECTED]) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian, Php-4.3.4 and Oracle-Connector
Volker Lieder wrote: Hello List, hope there is somebody who can help me ;-) I have a Debain-Server installed wit the oracle-client 9i and php4.3.4 Everthing works for its own, but now i have to add the php-option --with-oracle in the php-config. I have build php from the debian-packages and if i want to compile it myself i got a lot of errors that some packages must be reinstalled, but i don't know why. Perhaps anybody has solved this problem or has a package that i can add so that the oracle-support for php will work. If you post the errors you get here we might be able to explain them. Try --with-oci8 in the first place. On Oracle 8 I needed a list of header files that I could only get from a full Oracle install: nzerror.h nzt.h oci.h oci1.h oci8dp.h ociap.h ociapr.h ocidfn.h ociextp.h oratypes.h ori.h orl.h oro.h ort.h tnsapi.h But it seems this is not necessary anymore on 9i or you can install them with the client. I saw something as easy like: cd php-4.x cd ext/oci8 phpize ./configure --enable-sigchild make make install Add the Oracle lib path to the LD_LIBRARY_PATH. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: You can start saving now
Pascal Hakim wrote: > We are running spam assassin plus a whole bunch of custom procmail, as well as something called cross-assassin which gets cross posts against lists. For those wondering about the numbers, as far as this month is concerned, 376 messages (3.3 Mb) did not make it onto the list. This includes 207 emails stopped by cross assassin, and 90 stopped by spam assassin. Maybe the SpamCopURI plugin can help even more: http://www.surbl.org/ I will look into setting up SpamAssassin myself again. After it trashed e-mails from my girlfriend I stopped using it two years ago and went to RBL only which works good enough for me. Richard
Re: You can start saving now
Pascal Hakim wrote: > We are running spam assassin plus a whole bunch of custom procmail, as well as something called cross-assassin which gets cross posts against lists. For those wondering about the numbers, as far as this month is concerned, 376 messages (3.3 Mb) did not make it onto the list. This includes 207 emails stopped by cross assassin, and 90 stopped by spam assassin. Maybe the SpamCopURI plugin can help even more: http://www.surbl.org/ I will look into setting up SpamAssassin myself again. After it trashed e-mails from my girlfriend I stopped using it two years ago and went to RBL only which works good enough for me. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: You can start saving now
Somebody please make this list member-only. I am sick of the spam I receive through this list, it is my main source of spam. Richard --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.677 / Virus Database: 439 - Release Date: 4-5-2004 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: You can start saving now
Somebody please make this list member-only. I am sick of the spam I receive through this list, it is my main source of spam. Richard --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.677 / Virus Database: 439 - Release Date: 4-5-2004
Re: Little BIG problem with Backbone
Michelle Konzack wrote: > Hello, > > because I am in paning of a CyberCenter Network in Marocco the idea is > exploding !!! Exactly, I need very much Backbone-Power which can not > provided from the "Maroc Telecom" Aren't there other providers? I remember many routes to Morocco using Seabone. You can find a contact at http://www.tisparkle.it/contacts.htm And I know also Sprint has a PoP available in Morocco. There should be more. What about France Telecom, Telenor and Telefonica? Of course you should plan your CyberCenter close to an important crossroads of telecom infrastructure since Maroc Telecom will probably charge a lot for leased lines with such high bandwidth while you actually need dark fiber. kind regards, Richard Zuidhof
Re: Little BIG problem with Backbone
Michelle Konzack wrote: > Hello, > > because I am in paning of a CyberCenter Network in Marocco the idea is > exploding !!! Exactly, I need very much Backbone-Power which can not > provided from the "Maroc Telecom" Aren't there other providers? I remember many routes to Morocco using Seabone. You can find a contact at http://www.tisparkle.it/contacts.htm And I know also Sprint has a PoP available in Morocco. There should be more. What about France Telecom, Telenor and Telefonica? Of course you should plan your CyberCenter close to an important crossroads of telecom infrastructure since Maroc Telecom will probably charge a lot for leased lines with such high bandwidth while you actually need dark fiber. kind regards, Richard Zuidhof -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ...please
Russell Coker wrote: On Tue, 16 Mar 2004 03:40, Michael Loftis <[EMAIL PROTECTED]> wrote: or how about even restricting to subscribers only, that'd be a start. Yes, then you don't need DNSBLs. But some measure is necessary. I do not care which one. Forging the From: field is standard practise for spam, forging it to be a list subscriber is no technical challenge. It is even too much of a challenge for spammers. They use bulk practices on all email addresses they can lay their hands on. Richard
Re: ...please
Russell Coker wrote: On Tue, 16 Mar 2004 03:40, Michael Loftis <[EMAIL PROTECTED]> wrote: or how about even restricting to subscribers only, that'd be a start. Yes, then you don't need DNSBLs. But some measure is necessary. I do not care which one. Forging the From: field is standard practise for spam, forging it to be a list subscriber is no technical challenge. It is even too much of a challenge for spammers. They use bulk practices on all email addresses they can lay their hands on. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: qmail relaying
William Dode <[EMAIL PROTECTED]>: > I must change the machine of a mx. The first one is with qmail and the > second with exim. > Before the dns propagation, i would like that all the mail who still > arrive on the qmail machine will be redirected to the new one. But i > don't know qmail... > > Is it enough to remove the domain from > /var/qmail/control/virtualsdomains and put it on rcpthosts ? It needs to stay in rcpthosts but you need to create an smtproute to get the mail on the second server. /var/qmail/control/smtproutes should contain a line like: domain.com:eximmx.domain.com Richard
Re: qmail relaying
William Dode <[EMAIL PROTECTED]>: > I must change the machine of a mx. The first one is with qmail and the > second with exim. > Before the dns propagation, i would like that all the mail who still > arrive on the qmail machine will be redirected to the new one. But i > don't know qmail... > > Is it enough to remove the domain from > /var/qmail/control/virtualsdomains and put it on rcpthosts ? It needs to stay in rcpthosts but you need to create an smtproute to get the mail on the second server. /var/qmail/control/smtproutes should contain a line like: domain.com:eximmx.domain.com Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How do you deploy a new system ?
Lucas Albers wrote: I would deploy debian on more desktops, but the hardware detections is just not up to par compared to fedora 1. only 1 in 4 does it successfuly detects and configures x. I do not know what tricks Knoppix does to detect hardware but I think it detects better than normal Debian setup. I think a Knoppix install can be a nice start for a Debian desktop. I am running one as my primary workstation since almost three months now. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PHP Nuke 7.0
3rd Update . . . After twiddling about in various things, a bit of apt-get here and there - it works Not sure what I did exactly, but it's all working in harmony now. Good thing for the help I got from the list ;) (joking) MT - Original Message - From: "Richard Brooks" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 18, 2004 11:24 PM Subject: Re: PHP Nuke 7.0 > Quick update . . . > > After sitting here thinking about it for a moment, I did ifconfig and got > the ip number of the ppp0 connection and accessed that. > > It was able to make the username without it reverting to null, but wouldn't > accept the activation unless I changed the link to show the IP number and > not tactful.ods.org. > > Is it beginning to sound like a DNS/Apache issue ? Any hints would be > appreciated. > > Regards, > Richard > > - Original Message - > From: "Richard Brooks" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, February 18, 2004 11:10 PM > Subject: PHP Nuke 7.0 > > > > I am using debian 3.0, updated to testing. > > > > The problem I have is when the site is accessed over the Internet, and > > someone tries to create a new user, the username they have chosen is wiped > > out and " null " is in it's place. > > > > The problem doesn't occur when accessing it via the LAN. > > > > At first it was the wrong version of PHP at fault ( I thought ) which > > neccessitated the change to testing for the later version. > > > > The domain name is through ods.org, and resolves fine for email & ssh, and > > apache > > > > http://tactful.ods.org/uptime.html ud display > > > > http://tactful.ods.org/phpsysinfo/sysinfo - so I know PHP is > working > > > > http://tactful.ods.org/server-info > > http://tactful.ods.org/server-statusapache info - enabled so you > can > > look to help :) > > > > http://tactful.ods.org/ > > http://tactful.ods.org/tlctechnology/the two websites not working > so > > far > > > > I think it can be one of the following :- > > > > 1.Networking - problem with using localhost > > > > 2.MySQL Config - do I need to make any adjustments to .conf files ? > > > > 3.I should stick to html > > > > http://phpnuke.org is the website I got it from originally. > > > > Any comments or suggestions would be highly appreciated. > > > > Regards, > > Richard > > > > (no comments about posting from XP - please ) > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PHP Nuke 7.0
Quick update . . . After sitting here thinking about it for a moment, I did ifconfig and got the ip number of the ppp0 connection and accessed that. It was able to make the username without it reverting to null, but wouldn't accept the activation unless I changed the link to show the IP number and not tactful.ods.org. Is it beginning to sound like a DNS/Apache issue ? Any hints would be appreciated. Regards, Richard - Original Message - From: "Richard Brooks" <[EMAIL PROTECTED]> To: Sent: Wednesday, February 18, 2004 11:10 PM Subject: PHP Nuke 7.0 > I am using debian 3.0, updated to testing. > > The problem I have is when the site is accessed over the Internet, and > someone tries to create a new user, the username they have chosen is wiped > out and " null " is in it's place. > > The problem doesn't occur when accessing it via the LAN. > > At first it was the wrong version of PHP at fault ( I thought ) which > neccessitated the change to testing for the later version. > > The domain name is through ods.org, and resolves fine for email & ssh, and > apache > > http://tactful.ods.org/uptime.html ud display > > http://tactful.ods.org/phpsysinfo/sysinfo - so I know PHP is working > > http://tactful.ods.org/server-info > http://tactful.ods.org/server-statusapache info - enabled so you can > look to help :) > > http://tactful.ods.org/ > http://tactful.ods.org/tlctechnology/the two websites not working so > far > > I think it can be one of the following :- > > 1.Networking - problem with using localhost > > 2.MySQL Config - do I need to make any adjustments to .conf files ? > > 3.I should stick to html > > http://phpnuke.org is the website I got it from originally. > > Any comments or suggestions would be highly appreciated. > > Regards, > Richard > > (no comments about posting from XP - please ) > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
PHP Nuke 7.0
I am using debian 3.0, updated to testing. The problem I have is when the site is accessed over the Internet, and someone tries to create a new user, the username they have chosen is wiped out and " null " is in it's place. The problem doesn't occur when accessing it via the LAN. At first it was the wrong version of PHP at fault ( I thought ) which neccessitated the change to testing for the later version. The domain name is through ods.org, and resolves fine for email & ssh, and apache http://tactful.ods.org/uptime.html ud display http://tactful.ods.org/phpsysinfo/sysinfo - so I know PHP is working http://tactful.ods.org/server-info http://tactful.ods.org/server-statusapache info - enabled so you can look to help :) http://tactful.ods.org/ http://tactful.ods.org/tlctechnology/the two websites not working so far I think it can be one of the following :- 1.Networking - problem with using localhost 2.MySQL Config - do I need to make any adjustments to .conf files ? 3.I should stick to html http://phpnuke.org is the website I got it from originally. Any comments or suggestions would be highly appreciated. Regards, Richard (no comments about posting from XP - please )
Re: PHP Nuke 7.0
Quick update . . . After sitting here thinking about it for a moment, I did ifconfig and got the ip number of the ppp0 connection and accessed that. It was able to make the username without it reverting to null, but wouldn't accept the activation unless I changed the link to show the IP number and not tactful.ods.org. Is it beginning to sound like a DNS/Apache issue ? Any hints would be appreciated. Regards, Richard - Original Message - From: "Richard Brooks" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 18, 2004 11:10 PM Subject: PHP Nuke 7.0 > I am using debian 3.0, updated to testing. > > The problem I have is when the site is accessed over the Internet, and > someone tries to create a new user, the username they have chosen is wiped > out and " null " is in it's place. > > The problem doesn't occur when accessing it via the LAN. > > At first it was the wrong version of PHP at fault ( I thought ) which > neccessitated the change to testing for the later version. > > The domain name is through ods.org, and resolves fine for email & ssh, and > apache > > http://tactful.ods.org/uptime.html ud display > > http://tactful.ods.org/phpsysinfo/sysinfo - so I know PHP is working > > http://tactful.ods.org/server-info > http://tactful.ods.org/server-statusapache info - enabled so you can > look to help :) > > http://tactful.ods.org/ > http://tactful.ods.org/tlctechnology/the two websites not working so > far > > I think it can be one of the following :- > > 1.Networking - problem with using localhost > > 2.MySQL Config - do I need to make any adjustments to .conf files ? > > 3.I should stick to html > > http://phpnuke.org is the website I got it from originally. > > Any comments or suggestions would be highly appreciated. > > Regards, > Richard > > (no comments about posting from XP - please ) > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
PHP Nuke 7.0
I am using debian 3.0, updated to testing. The problem I have is when the site is accessed over the Internet, and someone tries to create a new user, the username they have chosen is wiped out and " null " is in it's place. The problem doesn't occur when accessing it via the LAN. At first it was the wrong version of PHP at fault ( I thought ) which neccessitated the change to testing for the later version. The domain name is through ods.org, and resolves fine for email & ssh, and apache http://tactful.ods.org/uptime.html ud display http://tactful.ods.org/phpsysinfo/sysinfo - so I know PHP is working http://tactful.ods.org/server-info http://tactful.ods.org/server-statusapache info - enabled so you can look to help :) http://tactful.ods.org/ http://tactful.ods.org/tlctechnology/the two websites not working so far I think it can be one of the following :- 1.Networking - problem with using localhost 2.MySQL Config - do I need to make any adjustments to .conf files ? 3.I should stick to html http://phpnuke.org is the website I got it from originally. Any comments or suggestions would be highly appreciated. Regards, Richard (no comments about posting from XP - please ) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix and SMTP-AUTH once again
Hi, I'm trying to set up SMTP-Auth with postfix. The requirement is that System users can send mail independent of their connection to the internet so smtp-after pop or smtp-auth would be solutions. I'd prefer smtp-auth though. I'm using debian testing and installed postfix and postfix-tls. I searched the net and tried just about any howto and any suggestion I could find but it just doesn't work. If I enable sasl auth in postfix (main.cf), I always get: postfix/smtpd[7306]: fatal: no SASL authentication mechanisms postfix/master[579]: warning: process /usr/lib/postfix/smtpd pid 7306 exit status 1 postfix/master[579]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling I have an smtpd.conf in /usr/lib/sasl and /etc/postfix/sasl that specifies an authentication method. It seems though that those files are not even evaluated since I can put just about anything there without it making any difference. My postfix setup ist *not* chrooted for now. Is there anyone out there who has managed to get those two to work with debian testing? Since I can't activate sasl at all with postfix I'm beginning to wonder that the packages might be broken. I'd really appreciate any hint on how to further track down the problem or a solution on how to get those two to work. Does anyone know how to strace the smtpd process? Maybe the conf file just needs a different name. Thanks a lot, Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix and SMTP-AUTH once again (SOLVED)
Sorry folks, I accidentally mailed my initial question to the list after I initially forgot to change my identity to an emailadress accepted by the debian list software. This is what I wanted to post again. My apologies. Hi again, On Tuesday 05 August 2003 06:05, Rod Rodolico wrote: > I've been running unstable on our main web server (60+ domains, 200+ > users, apache, perl, mysql, bind, exim, courier, etc...) for two years and > had only a few problems. I have an identical machine running in the office > and always upgrade it first. I have had problems two or three times during > upgrades, then waited a couple of days and upgraded again and it works. > Then, I upgrade the main server. > > I love to tell my friends who live by RedHat or Mandrake that my > production Debian box runs unstable better than their release installs :) > > Rod thanks for the info. That sounded good enough for me. I just updated to unstable and it worked like a charm. Then I configured postfix and sasl the way it is described in the numerous howtos which I also followed before and ... hold your breath ... it worked with just some very minor adjustments. Usually I'm very reluctant to blame things on packages or software since usually the problem is in front of the monitor but I think in this case I can say the debian testing postfix-tls-sasl-smtp-auth thing is officially broken. One thing that might be of interest to others is a permission problem I ran into. I'm using saslauthd now and postfix at first couldn't access saslauthd's mux socket. After fixing that, it worked. The error message was: SASL authentication failure: cannot connect to saslauthd server: Permission denied Thanks again for any suggestions made. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Watchdog Program
Hi, > help. Is there a package that I can use to monitor a whole range of > systems remotely? Any help appreciated. you could try BigBrother (http://bb4.com/) or BigSister (http://bigsister.graeff.com/home.html). I don't know BigSister that much but basically it's a clone of BigBrother. BigBrother is just a set of shell scripts that can monitor the various services running on the machines you want to montor. It gives you a status output (http://bb4.com/bb/) of all the machines and you can also get statistics. Also Alerting is possible via various means. Since it's a set of shell scripts it should be possible to monitor the mailserver and trigger a modem dialing your mobild phone number in case the mailserver goes down. Otherwise I think mail is the default method for alerting. I know of a small ISP and telephone provider that uses bb4 as the primary alerting mechanism for the tech guys running independant of the larger setup with HP OpenView (I think) at the nmc. Often bb4 is quicker :-) Hope that was the answer to your question. Regards, Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix and SMTP-AUTH once again
Hi, > Hint: Run either unstable or stable. Testing has no support with > security patches. Hmm, I thought about that for quite some time. Stable is way too old for some things I need to do with the server, unstable really sometimes is unsatable. I noticed that on my desktop but there it's ok. I usually have a close look at security annoucements. Worst case scenario is that I have to build my own fixes until a new package is released. Even though it's another subject, does running unstable on a server make any sense? Does it work fairly decent? The machine is not that critical. > > postfix/smtpd[7306]: fatal: no SASL authentication mechanisms > > It seems you've forgot to install the actual sasl plugins: > > [stable, probably more for unstable/testing] > ii libsasl-modules-plain 1.5.27-3 Basic Pluggable Authentication > Modules for SASL ii libsasl71.5.27-3 Authentication > abstraction library. ii sasl-bin1.5.27-3 Programs for > manipulating the SASL users database Sorry, I forgot to mention that. I have all those packages installed. Regards, Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Postfix and SMTP-AUTH once again
Hi, I'm trying to set up SMTP-Auth with postfix. The requirement is that System users can send mail independent of their connection to the internet so smtp-after pop or smtp-auth would be solutions. I'd prefer smtp-auth though. I'm using debian testing and installed postfix and postfix-tls. I searched the net and tried just about any howto and any suggestion I could find but it just doesn't work. If I enable sasl auth in postfix (main.cf), I always get: postfix/smtpd[7306]: fatal: no SASL authentication mechanisms postfix/master[579]: warning: process /usr/lib/postfix/smtpd pid 7306 exit status 1 postfix/master[579]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling I have an smtpd.conf in /usr/lib/sasl and /etc/postfix/sasl that specifies an authentication method. It seems though that those files are not even evaluated since I can put just about anything there without it making any difference. My postfix setup ist *not* chrooted for now. Is there anyone out there who has managed to get those two to work with debian testing? Since I can't activate sasl at all with postfix I'm beginning to wonder that the packages might be broken. I'd really appreciate any hint on how to further track down the problem or a solution on how to get those two to work. Does anyone know how to strace the smtpd process? Maybe the conf file just needs a different name. Thanks a lot, Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: loadbalancing
Quoting Joost Veldkamp <[EMAIL PROTECTED]>: > We're using old cisco Localdirectors for loadbalancing between > webservers. These need to be replaced by something else, because they > are EOL. > Are there software packages that can do the same as the localdirector, > with failover functionality? > I looked at ultramonkey.org, (it has woody packages;-) ) and i'm > wondering if this is the best solution, or if there are other packages > around that might be of more use. > Of course you can use Linux Virtual Server for load balancing. But if you want something between do it yourself and the high-end big-bucks products you can have a look at the B100 from One4net. It is Linux based but that is not so relevant because it behaves like a hardware box that is manageable with different software tools. http://www.one4net.com/products/netappliance/produktindex.html Richard -- _ 2x sneller ADSL met Zon Breedband Family. In combinatie met ZonTel nu voor maar 29 euro per maand. Bestel nu op www.zonnet.nl/breedband Bovendien met gratis modem en geen aansluitkosten!
Re: loadbalancing
Quoting Joost Veldkamp <[EMAIL PROTECTED]>: > We're using old cisco Localdirectors for loadbalancing between > webservers. These need to be replaced by something else, because they > are EOL. > Are there software packages that can do the same as the localdirector, > with failover functionality? > I looked at ultramonkey.org, (it has woody packages;-) ) and i'm > wondering if this is the best solution, or if there are other packages > around that might be of more use. > Of course you can use Linux Virtual Server for load balancing. But if you want something between do it yourself and the high-end big-bucks products you can have a look at the B100 from One4net. It is Linux based but that is not so relevant because it behaves like a hardware box that is manageable with different software tools. http://www.one4net.com/products/netappliance/produktindex.html Richard -- _ 2x sneller ADSL met Zon Breedband Family. In combinatie met ZonTel nu voor maar 29 euro per maand. Bestel nu op www.zonnet.nl/breedband Bovendien met gratis modem en geen aansluitkosten! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
trying to get Microsoft ICW to work
I have been trying to get Microsoft's Internet Connection Wizard to work with one of our Debian servers. I started with the perl scripts provided by microsoft and have customized them to gather the information we need and corrected the bugs in the original scripts. The problem I am seeing is when I have selected a POP and click next, the system disconnects from the internet and displays an error that it cannot contact the server. Has anyone had any luck getting this wonderful setup from Microsoft to work or am I just wasting my time fighting it ??? Technical Administrator Tele-NET --- Tele-NET Internet Services http://www.tele-net.net Yerington, Nv 89447 (775)463-3737(main) (775)463-2355(secondary) --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: /root/ drwxr-xr-x?
On Thu, 1 Aug 2002, Phillip Baker wrote: Phillip, > If it's not a security risk, and will 'never be changed', why does debian > now allow you the option of setting the home directories (when created) to > be user readable only now, instead of setting 755 like it used to? I think youre looking for DIR_MODE= in /etc/adduser.conf Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get!
Re: Setting user passwords non-interactively
- Original Message - From: "Gene Grimm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 17, 2002 10:42 AM Subject: Re: Setting user passwords non-interactively > > i think chpasswd is what your looking for. > > chpasswd user:pass > > > > on woody atleast its included in the passwd package > > > > > im wondering if there is any non-interactive way to set a user's > > > password...i need to do it through a scriptplease > > Actually, I use Perl script with a shell system call to 'usermod' or > 'useradd' with the '-p' option, however you have to remember to crypt the > password - crypt($passwd,$seed) - in the Perl script. I used this in a perl script to set up a temp user on a system and set the password for it: $groupadd="groupadd $tempuser"; system("$groupadd\n"); $syscall = "useradd -m -c \"$firstname $lastname,,,\($ac\)$phone\" -e \"$datef\" -g $tempuser $tempuser"; system("$syscall"); $chngpasswd= "echo $tempuser\:$password|chpasswd"; system("$chngpasswd\n"); works great Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Help with managing multiple debian boxes in a lab
On Mon, 29 Apr 2002, B. Ash wrote: > I was wondering if anybody knew a good way to keep a Debian Lab with > over 15 computers in sync with eachother as far as software goes? > Doing an apt-get install for all of the machines seems redundant. Is > there away to setup a master Debian host that can be accessed by of a > slave to maintain the slaves as clones of the master? fai (fully automatic install) http://www.informatik.uni-koeln.de/fai/ cfengine http://www.cfengine.org Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic analysis tools
On Mon, 29 Apr 2002, Craig wrote: > I am looking for traffic analysis tools for Apache > virtual hosts, any suggestions on what works well > and is relativley easy to configure ?> http://www.mrunix.net/webalizer/ Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Diverting smtp traffic
On Thu, 14 Feb 2002, I. Forbes wrote: > Has anybody done this before? The machine is running potato with > a 2.2.19 kernel. Yes, but not with Linux. I'm doing this on two places with two different solutions. One: FreeBSD/OpenBSD server with ipfilter and ipnat. Via ipnat rule (rdr) everything for port 25 get's redirected to an other mailserver Two: Using an Alteon switch (at a ISP), but this is very expensive Option one, can be build in a half hour. Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get!
Re: Diverting smtp traffic
On Thu, 14 Feb 2002, I. Forbes wrote: > Has anybody done this before? The machine is running potato with > a 2.2.19 kernel. Yes, but not with Linux. I'm doing this on two places with two different solutions. One: FreeBSD/OpenBSD server with ipfilter and ipnat. Via ipnat rule (rdr) everything for port 25 get's redirected to an other mailserver Two: Using an Alteon switch (at a ISP), but this is very expensive Option one, can be build in a half hour. Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: opinions on swap size and usage?
On 12 Feb 2002, Jeff S Wheeler wrote: > For years I've been configuring my machines with "small" swap spaces, no > larger than 128MB in most cases, even though most of my systems have > 512MB - 1GB of memory. My desktop computer has zero swap, although I > have more ram than even X + gnome + mozilla + xemacs can use. :-) I always learned: swap = mem x 2 and above 1 GB swap = mem x 1.5 Swap isn't only used by programs that run out of swap, but also core dumps could be bigger than youre memory. But maybe swapd is something to look at: http://cvs.linux.hr/swapd/ There's a Debian package for it. Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get!
Re: opinions on swap size and usage?
On 12 Feb 2002, Jeff S Wheeler wrote: > For years I've been configuring my machines with "small" swap spaces, no > larger than 128MB in most cases, even though most of my systems have > 512MB - 1GB of memory. My desktop computer has zero swap, although I > have more ram than even X + gnome + mozilla + xemacs can use. :-) I always learned: swap = mem x 2 and above 1 GB swap = mem x 1.5 Swap isn't only used by programs that run out of swap, but also core dumps could be bigger than youre memory. But maybe swapd is something to look at: http://cvs.linux.hr/swapd/ There's a Debian package for it. Greetings, Richard. An OS is like swiss cheese, the bigger it is, the more holes you get! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: moving mail system from one ISP to another
I just dealt with this for a single customer, but I think you could hack a quick script to do it for a number of people. I think you may need root access on the old mail server for it to work. I used a command like the following to forward all of her mail after I had added her to aliases to the new address. cat /var/spool/mail/userbox|mail -s "forward of your mail" [EMAIL PROTECTED] She reported that she got all of her mail as individual messages. I hope this helps.... Richard Bailey Tele-NET - Original Message - From: <[EMAIL PROTECTED]> To: Sent: Tuesday, January 15, 2002 5:51 AM Subject: Re: moving mail system from one ISP to another > On Tue, Jan 15, 2002 at 01:17:09PM +0100, Olivier MACCHIONI wrote: > > >Depending on the MTA you are using there are ways of doing the forwarding, > > >with > > >exim you can add a line to the bottom of the exim.conf file that tells it > > >where > > >to redirect the mail to, its quite well documented in the exim info pages. > > >With postfix you can use the transports file to redirect the mail. Not sure > > >about other MTAs, hope that helps. > > > > Could help a lot... The problem is to retreive the mail which has already > > been delivered to the "old" mailboxes. > > > > I don't know of any good way to do that for a large number of POP accounts > > and heterogenous mail storage systems. > > > > If you have a complete list of login / passwords you can use fetchmail to > > get the mail from the old accounts and send it to the new ones. > > > > If you don't have such a list some tcpflow on port 110 with some filtering > > could give you most of the accounts (hopefully not too many people are on > > vacations and don't check their mails). > > > > Good luck > > > > Olivier > > Hrm. Ahh. That's always "fun". Now, If you've got time you could use mutt as > root, open the mailboxes one at a time, tag the whole lot, and bounce them to > the new address... (or the old address if that's now directed else where). Time > consuming, yes. But its the only way I can think of doing it at the moment :/ > > Best of luck, > > -- > Brett Parker > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: moving mail system from one ISP to another
I just dealt with this for a single customer, but I think you could hack a quick script to do it for a number of people. I think you may need root access on the old mail server for it to work. I used a command like the following to forward all of her mail after I had added her to aliases to the new address. cat /var/spool/mail/userbox|mail -s "forward of your mail" newaddress@newdomain She reported that she got all of her mail as individual messages. I hope this helps.... Richard Bailey Tele-NET - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, January 15, 2002 5:51 AM Subject: Re: moving mail system from one ISP to another > On Tue, Jan 15, 2002 at 01:17:09PM +0100, Olivier MACCHIONI wrote: > > >Depending on the MTA you are using there are ways of doing the forwarding, > > >with > > >exim you can add a line to the bottom of the exim.conf file that tells it > > >where > > >to redirect the mail to, its quite well documented in the exim info pages. > > >With postfix you can use the transports file to redirect the mail. Not sure > > >about other MTAs, hope that helps. > > > > Could help a lot... The problem is to retreive the mail which has already > > been delivered to the "old" mailboxes. > > > > I don't know of any good way to do that for a large number of POP accounts > > and heterogenous mail storage systems. > > > > If you have a complete list of login / passwords you can use fetchmail to > > get the mail from the old accounts and send it to the new ones. > > > > If you don't have such a list some tcpflow on port 110 with some filtering > > could give you most of the accounts (hopefully not too many people are on > > vacations and don't check their mails). > > > > Good luck > > > > Olivier > > Hrm. Ahh. That's always "fun". Now, If you've got time you could use mutt as > root, open the mailboxes one at a time, tag the whole lot, and bounce them to > the new address... (or the old address if that's now directed else where). Time > consuming, yes. But its the only way I can think of doing it at the moment :/ > > Best of luck, > > -- > Brett Parker > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: System Time Problems.
Lo, on Tuesday, November 27, Bulent Murtezaoglu did write: > >>>>> "JCR" == Jeremy C Reed <[EMAIL PROTECTED]> writes: > [...] > JCR> Use something like: hwclock --systohc --utc > > Yes this would set the hw clock to UTC. I think the OP was asking for > how to notify the system that that is not the case. The place to do > that is in /etc/default/rcS I believe. > > But anyway, why not have the battery backed clock set to UTC? The machine may be set up to dual-boot into Windows. I know that Win95 can't handle the hardware clock and localtime being in different timezones. (Me, I spend most of my time in Linux, so I set the hardware clock to UTC and just subtract 5 or 6 hours when I'm in Windows, depending on the time of year. This may not be an acceptable solution for everyone, though.) Richard
Re: System Time Problems.
Lo, on Tuesday, November 27, Bulent Murtezaoglu did write: > >>>>> "JCR" == Jeremy C Reed <[EMAIL PROTECTED]> writes: > [...] > JCR> Use something like: hwclock --systohc --utc > > Yes this would set the hw clock to UTC. I think the OP was asking for > how to notify the system that that is not the case. The place to do > that is in /etc/default/rcS I believe. > > But anyway, why not have the battery backed clock set to UTC? The machine may be set up to dual-boot into Windows. I know that Win95 can't handle the hardware clock and localtime being in different timezones. (Me, I spend most of my time in Linux, so I set the hardware clock to UTC and just subtract 5 or 6 hours when I'm in Windows, depending on the time of year. This may not be an acceptable solution for everyone, though.) Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: traffic accounting
I use fiprad ( Fast IP router accounting daemon) for logging traffic from multiple gateways to a central mSQL server. It uses stuff all CPU. I am very impressed with it. I have added a few small things of my own such as an fiprad.rc start/stop script and am working on some PHP scripts for interacting with the data on the mSQL server and a few other basic things. I intend to offer everything I have done to the maintainers of the package, so it can be included, if they dont produce something first that is. http://www.umplug.org/fipra/ Cheers, Richard -Original Message- From: Teun Vink [mailto:[EMAIL PROTECTED]] Sent: Friday, 19 January 2001 3:17 a.m. To: [EMAIL PROTECTED] Subject: traffic accounting Hi, I would like to setup up some sort of traffic accounting in our network. I know how to do this using ipchains rules, but the problem is that our network is completely redundant, so each machine in the network has two gateways (both Debian boxes). Does anybody know of a tool which can automatically combine the accounting of multiple routers into one set of statistics? Regards, Teun -- Teun Vink - [EMAIL PROTECTED] - icq: 15001247 - http://teun.moonblade.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: remote management
Upgrade your kernel to at least 2.2.18 to help the situation. 2.2.19 (when it gets released) should fix it this problem. Alan and Andrea are working on it. If you feel brave, try using 2.2.19pre2 since it contains Andrea's VM patches. Rich "J. Malkic" wrote: > Hi > > I'm running a BIND 8.2.2.- patch 5 and occasionaly I get this message > from system (Debian): > > Out of memory! > Callback called exit at /usr/bin/mrtg line 73. > BEGIN failed--compilation aborted at /usr/bin/mrtg line 73. > > which is followed by crashing od BIND. > > In the same time the kernel is reporting: > > Dec 15 22:04:56 sun kernel: VM: killing process who.pl > Dec 15 22:06:23 sun kernel: VM: killing process apache-ssl > Dec 15 22:06:27 sun kernel: VM: killing process sendmail > Dec 15 22:06:27 sun kernel: VM: killing process apache-ssl > Dec 15 22:06:28 sun kernel: VM: killing process named > Dec 15 22:07:51 sun kernel: VM: killing process apache-ssl > Dec 15 22:09:06 sun kernel: VM: killing process apache-ssl > Dec 15 22:09:10 sun kernel: VM: killing process apache-ssl > > But Apache and sendmail remain untouched. > > Is it possible that it's all about a bug (e.g. zxfr bug) which affects > this version of BIND or it's just weakest of all this so it goes down? > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ISDN & MRTG (or similar)
Yes, Run MRTG under linux, It is in the distribution. Richard - Original Message - From: "Robert Davidson" <[EMAIL PROTECTED]> To: Sent: Monday, September 04, 2000 7:57 PM Subject: ISDN & MRTG (or similar) > > Hi Guys, > > I have a linux box with 2 NETjet ISDN cards in it maintaining links to > two different ISP's. > > Previously they were running on our PortMaster 3 and we were using MRTG > to monitor them. Is there a way we can monitor them with MRTG on the > linux box, or is there some other program that can do it, and > preferably publish it to a webpage or into a file? > > Regards, > Robert Davidson. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: ISDN & MRTG (or similar)
Yes, Run MRTG under linux, It is in the distribution. Richard - Original Message - From: "Robert Davidson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 04, 2000 7:57 PM Subject: ISDN & MRTG (or similar) > > Hi Guys, > > I have a linux box with 2 NETjet ISDN cards in it maintaining links to > two different ISP's. > > Previously they were running on our PortMaster 3 and we were using MRTG > to monitor them. Is there a way we can monitor them with MRTG on the > linux box, or is there some other program that can do it, and > preferably publish it to a webpage or into a file? > > Regards, > Robert Davidson. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: user server
Wayne, Apache does this, the user web pages need to be in a public_html subfolder of the user home directory. Richard Tele-NET webmaster - Original Message - From: "Wayne Sitton" <[EMAIL PROTECTED]> To: Sent: Monday, May 15, 2000 3:21 PM Subject: user server > I have recently acquired a domain with quite alot of user webpages. The > server it was originnally on was a FreeBSD box. It placed the users under a > strange directoty path. For example the url > http://home.techgod.net/~user on the the server it goes to > /server/ftp/u/user/html > in other words after the ftp directory, the path goes to the first letter of > the username and then the username, and then an html folder. I have to move > this to my own server. I use Debian 2.1r4. Instead of keeping the > Directory structure, I moved all users out of the alfabetical directory > structure, and put them all under /home. I ran a password convert, and all > the users can log in and access their ftp. Now what I can't seem to get > done is to get apache to recognize that /~username goes to > /home/username/html > Can anyone help me get this done easily? > > > Wayne > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >