Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Sat, Jan 31, 2004 at 09:43:39AM +1100, Craig Sanders wrote:
> On Fri, Jan 30, 2004 at 03:35:33PM -0500, [EMAIL PROTECTED] wrote:
> > I don't have the results after all this time. Exim beat postfix in raw
> > speed of moving mail in and/or out by over 15%. 
> 
> that must be specific to your particular hardware and/or usage, because it's
> contrary to every other postfix vs exim benchmark i've ever heard of.

What we did was mail 500k messages of various type, short, long, with 
attachments, without, etc. and measured the time it took to do final
delivery of all the mail. We used the exact same hardware for all tests.
I tried to simulate what was 'real world' for us.

> e.g. Matthias Andree did a comprehensive benchmark comparison of postfix,
> qmail, and exim, and sendmailand a followup comparison about a year later.
> 
> it seems to have vanished off the web at the moment, but is still available by
> google cachei've saved a copy of both benchmark pages at
> http://siva.taz.net.au/~cas/matthias/ (vsqmail.html is the first, bench2.html
> is the second).
> 
> he tested the MTAs in various configurations, and postfix came out ahead in 
> all
> of them - in one case, with postfix getting four times the throughput of exim
> (16.1 msgs/second vs 3.8).

Right now, I have a machine that is delivering > 15 msgs/second, and it's
not even a dedicated machine. I guess that says a lot about benchmarks. :)

> significantly, the only way that either exim or qmail could come close to
> postfix's speed was to enable the "softupdates" option of the freebsd
> filesystem, which risks losing mail if there is a crash or power-outage.
> postfix doesn't have that risk because it ensures that all mail is synced to
> disk before sending a "250 OK".
> > However, if you want the most blazingly fast mailer, use zmailer. It's just
> > not a general purpose MTA
> 
> true.

For our mailman server, all mail goes to our zmailer (dedicated) machine,
and BOY does that mail just fly outa there! The first time we tried this,
I thought something was wrong, since the queue was empty before we had a 
chance to look! :)

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   
>> <<
><

Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Sat, Jan 31, 2004 at 09:43:39AM +1100, Craig Sanders wrote:
> On Fri, Jan 30, 2004 at 03:35:33PM -0500, [EMAIL PROTECTED] wrote:
> > I don't have the results after all this time. Exim beat postfix in raw
> > speed of moving mail in and/or out by over 15%. 
> 
> that must be specific to your particular hardware and/or usage, because it's
> contrary to every other postfix vs exim benchmark i've ever heard of.

What we did was mail 500k messages of various type, short, long, with 
attachments, without, etc. and measured the time it took to do final
delivery of all the mail. We used the exact same hardware for all tests.
I tried to simulate what was 'real world' for us.

> e.g. Matthias Andree did a comprehensive benchmark comparison of postfix,
> qmail, and exim, and sendmailand a followup comparison about a year later.
> 
> it seems to have vanished off the web at the moment, but is still available by
> google cachei've saved a copy of both benchmark pages at
> http://siva.taz.net.au/~cas/matthias/ (vsqmail.html is the first, bench2.html
> is the second).
> 
> he tested the MTAs in various configurations, and postfix came out ahead in all
> of them - in one case, with postfix getting four times the throughput of exim
> (16.1 msgs/second vs 3.8).

Right now, I have a machine that is delivering > 15 msgs/second, and it's
not even a dedicated machine. I guess that says a lot about benchmarks. :)

> significantly, the only way that either exim or qmail could come close to
> postfix's speed was to enable the "softupdates" option of the freebsd
> filesystem, which risks losing mail if there is a crash or power-outage.
> postfix doesn't have that risk because it ensures that all mail is synced to
> disk before sending a "250 OK".
> > However, if you want the most blazingly fast mailer, use zmailer. It's just
> > not a general purpose MTA
> 
> true.

For our mailman server, all mail goes to our zmailer (dedicated) machine,
and BOY does that mail just fly outa there! The first time we tried this,
I thought something was wrong, since the queue was empty before we had a 
chance to look! :)

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Thu, Jan 29, 2004 at 04:37:07PM +0100, Thomas GOIRAND wrote:
> 
> - Original Message - 
> From: <[EMAIL PROTECTED]>
> To: "Craig Sanders" <[EMAIL PROTECTED]>
> Cc: 
> Sent: Thursday, January 29, 2004 12:54 AM
> Subject: Re: Why doesn't Exim ever clean out /var/spool/exim/input?
> 
> 
> > On Thu, Jan 29, 2004 at 10:36:29AM +1100, Craig Sanders wrote:
> > > i can't answer your question, but here's some relevant advice for you:
> > >
> > > exim doesn't scale.  if you want performance, switch to postfix.
> >
> > I'm curious why you say that. I have exim on 3 smtp gateway machines
> > servicing 11G+ email/day, hundreds of thousands of actual messages,
> > doing LDAP lookups for routing, and MailScanner/f-prot running on all
> > the boxes.
> >
> > Seriously, I'm not looking for a fight, just info. When I did performance
> > tests on all the MTAs a few years back, exim beat the crap out of
> > everything.
> 
> Not looking for a fight either, but...
> ALL the MTAs? What are the results for qmail then? I've always heard it's
> the fastest...

I don't have the results after all this time. Exim beat postfix in raw
speed of moving mail in and/or out by over 15%. Qmail came in 3rd in
the tests. However, if you want the most blazingly fast mailer, use
zmailer. It's just not a general purpose MTA

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   
>> <<
><

Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Thu, Jan 29, 2004 at 04:37:07PM +0100, Thomas GOIRAND wrote:
> 
> - Original Message - 
> From: <[EMAIL PROTECTED]>
> To: "Craig Sanders" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Thursday, January 29, 2004 12:54 AM
> Subject: Re: Why doesn't Exim ever clean out /var/spool/exim/input?
> 
> 
> > On Thu, Jan 29, 2004 at 10:36:29AM +1100, Craig Sanders wrote:
> > > i can't answer your question, but here's some relevant advice for you:
> > >
> > > exim doesn't scale.  if you want performance, switch to postfix.
> >
> > I'm curious why you say that. I have exim on 3 smtp gateway machines
> > servicing 11G+ email/day, hundreds of thousands of actual messages,
> > doing LDAP lookups for routing, and MailScanner/f-prot running on all
> > the boxes.
> >
> > Seriously, I'm not looking for a fight, just info. When I did performance
> > tests on all the MTAs a few years back, exim beat the crap out of
> > everything.
> 
> Not looking for a fight either, but...
> ALL the MTAs? What are the results for qmail then? I've always heard it's
> the fastest...

I don't have the results after all this time. Exim beat postfix in raw
speed of moving mail in and/or out by over 15%. Qmail came in 3rd in
the tests. However, if you want the most blazingly fast mailer, use
zmailer. It's just not a general purpose MTA

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Thu, Jan 29, 2004 at 10:36:29AM +1100, Craig Sanders wrote:
> i can't answer your question, but here's some relevant advice for you:
> 
> exim doesn't scale.  if you want performance, switch to postfix.

I'm curious why you say that. I have exim on 3 smtp gateway machines
servicing 11G+ email/day, hundreds of thousands of actual messages,
doing LDAP lookups for routing, and MailScanner/f-prot running on all
the boxes.

Seriously, I'm not looking for a fight, just info. When I did performance
tests on all the MTAs a few years back, exim beat the crap out of
everything.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   
>> <<
><

Re: Why doesn't Exim ever clean out /var/spool/exim/input?

[tps]

On Thu, Jan 29, 2004 at 10:36:29AM +1100, Craig Sanders wrote:
> i can't answer your question, but here's some relevant advice for you:
> 
> exim doesn't scale.  if you want performance, switch to postfix.

I'm curious why you say that. I have exim on 3 smtp gateway machines
servicing 11G+ email/day, hundreds of thousands of actual messages,
doing LDAP lookups for routing, and MailScanner/f-prot running on all
the boxes.

Seriously, I'm not looking for a fight, just info. When I did performance
tests on all the MTAs a few years back, exim beat the crap out of
everything.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: AOL testing new anti-spam technology

[tps]

On Fri, Jan 23, 2004 at 08:25:52PM -0600, Andy Gardner wrote:
> 
> On Jan 23, 2004, at 7:23 PM, [EMAIL PROTECTED] wrote:
> 
> >spf.pobox.com
> 
> Am I correct in thinking that if I set up a TXT DNS record "v=spf1 
> -all" for all domains that DON'T have email addresses attached to them, 
> that this will prevent people from hijacking those domains to use for 
> fake email addresses for spamming AOL?

THat's the plan. SPF is quick and painless to set up, even if you
don't use it yourself. I've had it running on a few domains, and
have seen thousands of queries on the TXT records, which is nice to see.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   
>> <<
><

Re: AOL testing new anti-spam technology

[tps]

On Fri, Jan 23, 2004 at 08:25:52PM -0600, Andy Gardner wrote:
> 
> On Jan 23, 2004, at 7:23 PM, [EMAIL PROTECTED] wrote:
> 
> >spf.pobox.com
> 
> Am I correct in thinking that if I set up a TXT DNS record "v=spf1 
> -all" for all domains that DON'T have email addresses attached to them, 
> that this will prevent people from hijacking those domains to use for 
> fake email addresses for spamming AOL?

THat's the plan. SPF is quick and painless to set up, even if you
don't use it yourself. I've had it running on a few domains, and
have seen thousands of queries on the TXT records, which is nice to see.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: AOL testing new anti-spam technology

[tps]

On Sat, Jan 24, 2004 at 11:59:18AM +1100, Russell Coker wrote:
> One of the worst aspects of spam is the way much of it uses 
> forged sender addresses. AOL is hoping to stir up some organized 
> resistance to the practice of address forgery through a new 
> e-mail protocol called Sender Permitted From, or SPF. 
>  

spf.pobox.com is the main site IIRC. It's a good idea, easy to implement.
If everyone would start to use it, SPAM would be cut down.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   
>> <<
><

Re: AOL testing new anti-spam technology

[tps]

On Sat, Jan 24, 2004 at 11:59:18AM +1100, Russell Coker wrote:
> One of the worst aspects of spam is the way much of it uses 
> forged sender addresses. AOL is hoping to stir up some organized 
> resistance to the practice of address forgery through a new 
> e-mail protocol called Sender Permitted From, or SPF. 
>  

spf.pobox.com is the main site IIRC. It's a good idea, easy to implement.
If everyone would start to use it, SPAM would be cut down.

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

mailscanner 4.x debs

[tps]

Has anyone built any 4.x version of mailscanner and has the debs around?
I need to get mailscanner updated, and don't want to go through the pain
of rolling my own debs if I can possibly help it...

Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 726  <<
>> http://www.buoy.com  ><  Moriches, NY 11955  <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)399-2910  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: reinstall slapd

[tps]

I've discovered a unique bug, I think. I ran dpkg-reconfigure debconf,
and selected readline, instead of dialog, and now it's prompting for
the admin password. Sheesh. All that time wasted...

Tim

On Wed, May 14, 2003 at 12:50:00PM -0400, [EMAIL PROTECTED] wrote:
> Guys-n-gals,
>   I'm trying to build up an LDAP server on a Debian box that had
> some base install of LDAP on it, someone mucked about, and then
> left the company that hired me. I'm trying to install the latest slapd
> on the box (running unstable). The package installs, and... nothing. I can't
> get in, since it NEVER PROMPTED FOR THE @#$*(&^*&^% ADMIN PASSWORD!
> I've blown away everything relating to slapd, and, still, somewhere,
> somehow, this thing is picking what seems to be a random admin password,
> which I don't know about. 
> 
> It seems I'm clueless, and debconf has me beat. Can anyone, someone,
> give me a clue?
> 
> Thanks,
> Tim
> 
> -- 
> ><
> >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
> >> Network and Systems Operations   ><  PO Box 671  <<
> >> http://www.buoy.com  ><  Ridge, NY 11961 <<
> >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728  
> >>  <<
> ><
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 
> 

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 671  <<
>> http://www.buoy.com  ><  Ridge, NY 11961 <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   
>> <<
><

reinstall slapd

[tps]

Guys-n-gals,
  I'm trying to build up an LDAP server on a Debian box that had
some base install of LDAP on it, someone mucked about, and then
left the company that hired me. I'm trying to install the latest slapd
on the box (running unstable). The package installs, and... nothing. I can't
get in, since it NEVER PROMPTED FOR THE @#$*(&^*&^% ADMIN PASSWORD!
I've blown away everything relating to slapd, and, still, somewhere,
somehow, this thing is picking what seems to be a random admin password,
which I don't know about. 

It seems I'm clueless, and debconf has me beat. Can anyone, someone,
give me a clue?

Thanks,
Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 671  <<
>> http://www.buoy.com  ><  Ridge, NY 11961 <<
>> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   
>> <<
><

Exim and LDAP

[tps]

Folks,
  I'm trying to get a business set up with a Debian system running Exim
talking to LDAP for user lookups. This is working fine, but right after
I was ready to get them to sign off on the project, they came up with
"Oh, does the old feature of [EMAIL PROTECTED] still work? We have
to have that!" Well, short of creating thousands of new aliases, and a
way for them to maintain them, can anyone figure out a creative way
in an Exim/LDAP filter to match the localpart of 'First.Last' against
the sn and givenname attributes? I've started at this so long, I'm
going nuts...

Thanks,
Tim

-- 
><
>> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
>> Network and Systems Operations   ><  PO Box 671  <<
>> http://www.buoy.com  ><  Ridge, NY 11961 <<
>> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: exim and radius

[tps]

On Tue, Nov 26, 2002 at 01:32:11PM +0800, Daniel Hooper wrote:
> orange:/# apt-cache search drac
> drac - Dynamic Relay Authorization Control (pop-before-smtp)
> drac-dev - Dynamic Relay Authorization Control (development files)
> qpopper-drac - Qpopper with DRAC Support

Yeah. Most of my users are IMAP. :(

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

exim and radius

[tps]

I'm using multiple companies to give me good POP coverage, but I'm
having a bear of a time allowing my dialup users to be able to send
mail through my server, since I have the relaying locked down fairly
well. How is anyone doing this. I'm using exim. I've tinkered with the
idea of watching the radius log file, and trying to do something with
the IP's that are assigned...

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

ssh and pam_mkhomedir

[tps]

Simce I'm well on my way to being fully LDAP, I decided to try the
pam_mkhomedir module with ssh on a machine that actually will allow
a limited number of users shell access (controlled by the host attribute).
Well, it doesn't work, I think because of the priv. separation that
the Debian package defaults to. The only way to have the /home mode 777,
or owned by sshd, neither of which I'm real keen on. Anyone else run
into this, and actually found a way around it?

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

LDAP and email

[tps]

Has anyone LDAPized their email system, along with /etc/aliases? If
so, can you give me a pointer how you did that?

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728 
  <<
   ><

LDAP and email

[tps]

Has anyone LDAPized their email system, along with /etc/aliases? If
so, can you give me a pointer how you did that?

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: webmail

[tps]

On Sun, Jun 16, 2002 at 11:09:44PM +0200, Russell Coker wrote:
> What's a good webmail system to use?
> 
> There are several in Debian, I've had experience with IMP, but that 
> experience has been mostly painful.  Upgrading it is always difficult, and 
> the packages insist on Postgresql even though it's not needed at all unless 
> you have a cluster.
> 
> How do the other webmail systems compare?
> 
> Calendaring support which integrates with Outlook would be a bonus, but apart 
> from that I just need basic functionality.

Openwebmail or squirrelmail are the two most popular according to my
users. I run both of them, since the users cant' decide on which one to
use 

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728 
  <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ISP manager.

[tps]

On Tue, May 14, 2002 at 10:42:03AM +0300, Alexandru Stefan-Voicu wrote:
>   Does anyone know and can recommend me a good suite of administration programs 
>for an ISP ?
>   I mean web administration from a remote computer for:
>   ProFTPD
>   BIND
>   Qmail
>   Apache
>   Samba
>   Dial-in accounts
>   all bundled into a single utility ?
>   Thank you in advance.

Heh. We use vi and perl.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

msyslog

[tps]

Has anyone gotten this to work with logging to mysql? I'm trying to
set up a central logging host with an sql backend, but for some reason,
the mysql connection doesn't work. Running ldd on the binary, I don't
even see the mysql libs! This may require a bug report... :(

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Another stupid question

[tps]

On Sun, Mar 17, 2002 at 09:56:43AM +1100, Seung H. Lee wrote:
> On Sat, Mar 16, 2002 at 12:53:21PM -0500, Bob Billson wrote:
> > On Sat, Mar 16, 2002 at 12:02:04PM -0500, [EMAIL PROTECTED] wrote:
> > 
> > > > If there is a way to get mutt to show size with maildir, I'd like to know
> > > > what it is! :)
> > > 
> > > Since I use procmail for all local delivery, I'll see if I can persuade
> > > procmail to do something like this.
> > 
> > Please post the recipe if you can.
> 
> In your .procmailrc
> 
> :0 Bfh
> * H ?? !^Lines:
> * -1^0
> *  1^1 ^.*$
> | formail -A "Lines: $="
> 
> I was searching for the answer to the exactly same question a while
> back, and found the above answer from a google search.

Beautiful! THANK YOU ALL! I'll create a web page with this info on
it. I hate reinventing the wheel. I bet these will be as popular
as the pages I did years ago about mgetty, portslave, etc.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Another stupid question

[tps]

On Sat, Mar 16, 2002 at 11:28:28AM -0500, Bob Billson wrote:
> On Sat, Mar 16, 2002 at 10:29:53AM -0500, [EMAIL PROTECTED] wrote:
> > DEFAULT = $HOME/Maildir
> > 
> > in either your /etc/procmailrc (for systemwide delivery) or in your
> > private .procmailrc for just you.
> 
> Almost.  It should be $HOME/Maildir/.  Without the trailing / procmail
> assumes an mbox folder.

Yup. I mis-cut-n-pasted. :)

> > If you are using Mutt for a local mailreader, you need to add
> > 
> > set mbox_type=Maildir
> 
> Correct.

I found that if you set MAIL=$HOME/Maildir , this works too.

> > 1190 O   Mar 15 Jones, Susan M  (  19) after work get-together for Bill
> > 1191 N F Mar 16 To Tim Sailer   (   0) test mail
> > 
> > notice that message 1190 hsa 19 lines and 1191 shows 0 lines, although
> > it has 10. The 1190 was from the mbox2mdir conversion, the new ones all
> > show up as 0 lines
> 
> Same here.  I haven't figured out either.  I *think* it might have
> something to do with the way mutt opens the mailbox.  With mbox style,
> it only has to open the one file and count lines.  With maildir, it has
> to open each file and *then* count lines.  With a big mailbox, this can
> take a while.  My guess is the conversion script added a header with a
> line count, which mutt looks for.

Yup, from one of the old mails:

Status: O
Content-Length: 3634
Lines: 72

> If there is a way to get mutt to show size with maildir, I'd like to know
> what it is! :)

Since I use procmail for all local delivery, I'll see if I can persuade
procmail to do something like this.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Another stupid question

[tps]

On Fri, Mar 15, 2002 at 11:09:20PM -0500, [EMAIL PROTECTED] wrote:
> On Fri, Mar 15, 2002 at 09:14:03PM -0500, Bob Billson wrote:
> > On Fri, Mar 15, 2002 at 07:20:11PM -0500, Tim Sailer wrote:
> > > OK, I'm number than I thought. I see nothing but a mere mention of
> > > maildir in one or two spots. Can you give a little more obvious pointer?
> > 
> > hrmm... You're right.  I can't find it either.  It used to be there.
> > That's where I found out how to do it.
> > 
> > Well, here is a relevant snippet from my exim.conf.  It should help get
> > you going.  Note I deliver mail on my machine to the directory
> > /home/$USER/Maildir rather than the *directory* /var/mail/$USER.  Either
> > way, you *also* need to create three subdirs: new, cur, and tmp, e.g.
> > 
> > mkdir /home/$USER/Maildir/{new,cur,tmp}
> > 
> > Without them, mail won't get delivered.  I found that out the hard way. :)
> > Hope this helps.  If not, give a yell.
> 
> 
> YLL! :) I think my problem is in procmail. I had almost exactly
> what you had. Looking at the exim logs, everything is going through
> the procmail_pipe since I have a very extensive .procmailrc . I'll have to
> figure out how to make procmail behave with maildir.

OK, I have it figured out. You have to have 

DEFAULT = $HOME/Maildir

in either your /etc/procmailrc (for systemwide delivery) or in your
private .procmailrc for just you.

If you are using Mutt for a local mailreader, you need to add

set mbox_type=Maildir

in your .muttrc . 

Now, the interesting thing about mutt is, it looks liks this:

1190 O   Mar 15 Jones, Susan M  (  19) after work get-together for Bill
1191 N F Mar 16 To Tim Sailer   (   0) test mail


notice that message 1190 hsa 19 lines and 1191 shows 0 lines, although
it has 10. The 1190 was from the mbox2mdir conversion, the new ones all
show up as 0 lines

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Another stupid question

[tps]

On Fri, Mar 15, 2002 at 09:14:03PM -0500, Bob Billson wrote:
> On Fri, Mar 15, 2002 at 07:20:11PM -0500, Tim Sailer wrote:
> > OK, I'm number than I thought. I see nothing but a mere mention of
> > maildir in one or two spots. Can you give a little more obvious pointer?
> 
> hrmm... You're right.  I can't find it either.  It used to be there.
> That's where I found out how to do it.
> 
> Well, here is a relevant snippet from my exim.conf.  It should help get
> you going.  Note I deliver mail on my machine to the directory
> /home/$USER/Maildir rather than the *directory* /var/mail/$USER.  Either
> way, you *also* need to create three subdirs: new, cur, and tmp, e.g.
> 
> mkdir /home/$USER/Maildir/{new,cur,tmp}
> 
> Without them, mail won't get delivered.  I found that out the hard way. :)
> Hope this helps.  If not, give a yell.


YLL! :) I think my problem is in procmail. I had almost exactly
what you had. Looking at the exim logs, everything is going through
the procmail_pipe since I have a very extensive .procmailrc . I'll have to
figure out how to make procmail behave with maildir.

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Another stupid question

[tps]

OK, folks. I appear to have the clueness of a head of cabbage. I want to
switch over to maildir in Exim, but, no matter what I try, I still get
the files in /var/spool/mail . Is there a working example somewhere?

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: LDAP: EMAIL SERVER AND BIND

[tps]

On Mon, Mar 04, 2002 at 12:58:10PM +, falkom wrote:
> Hi all!
> 
> I try to install qmail + vpopmail in ldap server. It is not working 
> well.
> 
> Please, could you tell me any email server (POP/SMTP) to work well in 
> ldap server, please?

The Debian default MTA, Exim, works with LDAP.

> And please, can you tell me if there is documentation to join LDAP with 
> Bind?

There's nothing mainstream yet. A look on freshmeat.net for 'ldap bind'
will give you quite a bit.

Tim

PS: Now, what I'm working on is virtual hosting and LDAP. Anyone have
pointers on that? I'm creating users with 
'adduser --host /home/domain.com/username username' to group the
accounts per domain, but I still have the name collision.

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SSH Daemon failing

[tps]

On Mon, Feb 25, 2002 at 03:27:07PM +1100, Andrew Tait wrote:
> Hi All,
> 
> A few days ago SSH just failed on me, out of the blue.
> 
> Everytime I start ssh (/etc/init.d/ssh start), this appears in the auth.log
> file:
> 
> Feb 25 13:50:44 porky sshd[453]: fatal: daemon() failed: Success
> 
> I can run ssh in debug mode (sshd -d) or by telling it not to detach
> (sshd -D) and it runs fine. It just when it tried to daemonise itself that
> it fails, as you can see by the log files. Other processes such as syslogd
> start/stop fine.
> 
> Any suggestions?

What version of ssh? If you have a machine with the exact same sshd
binary, compare the md5sums. If you were running ssh v1, you may have been
hacked, and a trojaned sshd installed.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728 
  <<
   ><

Re: SSH Daemon failing

[tps]

On Mon, Feb 25, 2002 at 03:27:07PM +1100, Andrew Tait wrote:
> Hi All,
> 
> A few days ago SSH just failed on me, out of the blue.
> 
> Everytime I start ssh (/etc/init.d/ssh start), this appears in the auth.log
> file:
> 
> Feb 25 13:50:44 porky sshd[453]: fatal: daemon() failed: Success
> 
> I can run ssh in debug mode (sshd -d) or by telling it not to detach
> (sshd -D) and it runs fine. It just when it tried to daemonise itself that
> it fails, as you can see by the log files. Other processes such as syslogd
> start/stop fine.
> 
> Any suggestions?

What version of ssh? If you have a machine with the exact same sshd
binary, compare the md5sums. If you were running ssh v1, you may have been
hacked, and a trojaned sshd installed.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: [OT] IT Support/Ticket tracking application

[tps]

On Sat, Feb 23, 2002 at 01:45:05PM -0600, Michael Merritt wrote:
> I'm looking for a support/ticket tracking application.  Here are two I've 
> found:
> 
> Double Choco Latte:  http://dcl.sourceforge.net/
> RT (Request Tracker):  http://www.bestpractical.com/rt/
> 
> I've started to set up RT, but it is a royal pain, and I don't know enough 
> about the required Apache modules to get it working.  I'm about to start 
> working with DCL to see if it will do what I need it to.
> 
> However, I thought I would pose the question to the list to see if anyone 
> here is running a support ticket tracking application for a helpdesk/ISP type 
> scenario, and if so, what are you using?  I know this may be off-topic, other 
> than the fact that it will run on a Debian server.  ;-)

I'm running the 1.X version of RT (webrt) that comes with Debian. I've heard
rumors of the 2.x series being available soon as a .deb, with an upgrade
script from 1 to 2.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728 
  <<
   ><

Re: [OT] IT Support/Ticket tracking application

[tps]

On Sat, Feb 23, 2002 at 01:45:05PM -0600, Michael Merritt wrote:
> I'm looking for a support/ticket tracking application.  Here are two I've 
> found:
> 
> Double Choco Latte:  http://dcl.sourceforge.net/
> RT (Request Tracker):  http://www.bestpractical.com/rt/
> 
> I've started to set up RT, but it is a royal pain, and I don't know enough 
> about the required Apache modules to get it working.  I'm about to start 
> working with DCL to see if it will do what I need it to.
> 
> However, I thought I would pose the question to the list to see if anyone 
> here is running a support ticket tracking application for a helpdesk/ISP type 
> scenario, and if so, what are you using?  I know this may be off-topic, other 
> than the fact that it will run on a Debian server.  ;-)

I'm running the 1.X version of RT (webrt) that comes with Debian. I've heard
rumors of the 2.x series being available soon as a .deb, with an upgrade
script from 1 to 2.

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

samba and PAM/LDAP

[tps]

Hi, Folks.
  I'm in the process of helping create a fully PAMified box with
LDAP authentication, and one thing I can not figure out how to work
is SAMBA and PAM. We've recompiled samba with PAM support, ldd shows
the pam libs linked, but authentication fails, and we never see any hits
on the LDAP server. Has anyone gone down this road before?

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728 
  <<
   ><

samba and PAM/LDAP

[tps]

Hi, Folks.
  I'm in the process of helping create a fully PAMified box with
LDAP authentication, and one thing I can not figure out how to work
is SAMBA and PAM. We've recompiled samba with PAM support, ldd shows
the pam libs linked, but authentication fails, and we never see any hits
on the LDAP server. Has anyone gone down this road before?

Thanks,
Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Strange problem

[tps]

OK, folks. I have a stumper here. An associate has a machine that was
upgraded to unstable in the last few days. The machine was rebooted today,
and came up in a very strange state. No users could log in, only root, and
things like ps, w, and top wouldn't work. I was called, got in via ssh,
and finally had enough sense to run 'mount'. It looks like /proc and /
were exactly the same, which is impossible. I unmounted and remounted
/proc by hand, started up the utils that didn't start, checked things out
the best I could, and rebooted again. Same thing. I've gone through 
everything I can think of remotely. I can't figure this one out. Has anyone
else ever seen something like this?

Tim

-- 
  
   ><
   >> Tim Sailer (at home) ><  Coastal Internet,Inc.   <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)924-3728  (888) 924-3728   <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: PPOP3 Webmail

[tps]

On Sun, Jan 20, 2002 at 01:54:58PM -0300, Fernando Casas wrote:
> Right now i?m using OpenWebmail (http://www.openwebmail.org) 1.53 . The
> implementation was t easy and smoothly that i can?t believe it. And my
> users are VERY happy. ;)
> We are using it for a few months and didn?t have any problems. It?s FAST and
> very COMPLETE solution, with low requirements.
> So i recommend OpenWebmail, i tried some of the solutions proposed in other
> responses to your msg, but were hard or complicated at implementation time,
> or the requirements were too much for a webmail, from my point of view (like
> SQL, or IMAP).
> I insist. Give OpenWebmail a chance.

I agree! I have squirrelmail (which is still broken in Debian), IMP and
openwebmail. my users like openwebmail the best. I wish there was a Debian
package for it.

Tim

> Fernando.
> 
> PD: excuse my bad english.

Your english is better than most of us who use it as our primary language!

Tim

-- 
  
><
   >> Tim Sailer (at home) ><  Coastal Internet,
Inc.  <<
   >> Network and Systems Operations   ><  PO Box
671  <<
   >> http://www.buoy.com  ><  Ridge, NY
11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631)
924-3728  <<
  
><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SSH & Debian Woody

[tps]

On Mon, Dec 17, 2001 at 11:58:26AM +1030, James Mclean wrote:
> 
> 
> All,
> 
> I am building a debian woody machine as we speak, and i have installed the 
> latest .deb of OpenSSH...
> 
> Installed fine, but it fails to authenticate a remote login, and if i try a 
> login from the same machine's command line it also fails.
> 
> This is the message from the command line...
> # ssh -l jamesmc xxx.xxx.xxx.xxx
> Neighbour Table Overflow
> ssh: connect to address xxx.xxx.xxx.xxx port 22. No Buffer Space
> 
> I recieve no errors when attempting to login remotely, but fails to 
> authenticate and continues to ask for the password...
> I cannot see anything the messages or syslog logfiles.
> 
> # ssh -V
> OpenSSH_3.0.1p1, SSH Protocols 1.5/2.0, OpenSSL 0x0090602f
> 
> I am tempted to install from source next. Any Ideas?

Try running 'ssh -v -l jamesmc xxx.xxx.xxx.xxx' and see if that tells you
anything more...

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: SSH & Debian Woody

[tps]

On Mon, Dec 17, 2001 at 11:58:26AM +1030, James Mclean wrote:
> 
> 
> All,
> 
> I am building a debian woody machine as we speak, and i have installed the 
> latest .deb of OpenSSH...
> 
> Installed fine, but it fails to authenticate a remote login, and if i try a 
> login from the same machine's command line it also fails.
> 
> This is the message from the command line...
> # ssh -l jamesmc xxx.xxx.xxx.xxx
> Neighbour Table Overflow
> ssh: connect to address xxx.xxx.xxx.xxx port 22. No Buffer Space
> 
> I recieve no errors when attempting to login remotely, but fails to 
> authenticate and continues to ask for the password...
> I cannot see anything the messages or syslog logfiles.
> 
> # ssh -V
> OpenSSH_3.0.1p1, SSH Protocols 1.5/2.0, OpenSSL 0x0090602f
> 
> I am tempted to install from source next. Any Ideas?

Try running 'ssh -v -l jamesmc xxx.xxx.xxx.xxx' and see if that tells you
anything more...

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Help... SSH CRC-32 compensation attack detector vulnerability

[tps]

On Mon, Dec 03, 2001 at 09:33:07AM +1100, Jason Lim wrote:
> Hi,
> 
> sigh... yes... some of our servers have been hit with the "SSH CRC-32
> compensation attack detector vulnerability" attack.
> 
> some servers have been compromised, and the usual rootkit stuff (install
> root shells in /etc/inetd.conf, bogus syslogd, haxored ps, etc.).
> 
> What is an easy way to locate binaries that are different from the ones
> provided in the original debs?

You *are* running either tripwire, or aide, right? :(

> And is there any other relatively easier way of cleaning up a system that
> has had a rootkit installed?

debsums will help you with identifying if a binary changed, but if
something was added, you will never know unless you stumble off of it.

> We've done a netstat -a and removed/killed all strange processes, and
> cleaned inetd.conf as much as we can, but some of the programs in
> inetd.conf have themselves also been tampered with (eg. in.telnetd).
> 
> Please help... I have a bad feeling the crackers are coming back real soon
> to really finish off the job... so any help at this time in removing all
> their crap would be greatly appreciated.

I'm really going to have to write up something on securing a machine. There
is no such thing as an uncrackable machine, but your job of cleaning it
up can be a little easier if you prepare ahead of time for it.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: Help... SSH CRC-32 compensation attack detector vulnerability

[tps]

On Mon, Dec 03, 2001 at 09:33:07AM +1100, Jason Lim wrote:
> Hi,
> 
> sigh... yes... some of our servers have been hit with the "SSH CRC-32
> compensation attack detector vulnerability" attack.
> 
> some servers have been compromised, and the usual rootkit stuff (install
> root shells in /etc/inetd.conf, bogus syslogd, haxored ps, etc.).
> 
> What is an easy way to locate binaries that are different from the ones
> provided in the original debs?

You *are* running either tripwire, or aide, right? :(

> And is there any other relatively easier way of cleaning up a system that
> has had a rootkit installed?

debsums will help you with identifying if a binary changed, but if
something was added, you will never know unless you stumble off of it.

> We've done a netstat -a and removed/killed all strange processes, and
> cleaned inetd.conf as much as we can, but some of the programs in
> inetd.conf have themselves also been tampered with (eg. in.telnetd).
> 
> Please help... I have a bad feeling the crackers are coming back real soon
> to really finish off the job... so any help at this time in removing all
> their crap would be greatly appreciated.

I'm really going to have to write up something on securing a machine. There
is no such thing as an uncrackable machine, but your job of cleaning it
up can be a little easier if you prepare ahead of time for it.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian firewall/router distro?

[tps]

On Tue, Nov 20, 2001 at 10:30:43PM -0500, Jesse Goerz wrote:
> Is there a debian-firewall/router distro similar in function to 
> smoothwall?
> 
> All the server needs to do is act as a firewall/router for the 
> internal lan and the webserver.  It won't be offering any other 
> services.

Storm Linux makes such a beast, I believe.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: Debian firewall/router distro?

[tps]

On Tue, Nov 20, 2001 at 10:30:43PM -0500, Jesse Goerz wrote:
> Is there a debian-firewall/router distro similar in function to 
> smoothwall?
> 
> All the server needs to do is act as a firewall/router for the 
> internal lan and the webserver.  It won't be offering any other 
> services.

Storm Linux makes such a beast, I believe.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SSL and Mailman?, was Re: Mailing Lists

[tps]

On Mon, Nov 12, 2001 at 10:34:57PM -0600, [EMAIL PROTECTED] wrote:
> Hello!
> 
> On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote:
> ...
> > you should be able to do that in your apache configuration - either deny
> > access to unencrypted connections or send a redirect to the encrypted
> > URL.
> ...
> 
> Eric Jennings yet sent kindly the recipe :) And I rushed to implement
> it, when I realized that for survival reasons I am using the boa web
> server.
> 
> 
> > it's not really mailman's job to do that.
> ...
> 
> You are surely right, but, is there another boa-like small&|fast web
> server which supports ssl?  Is there some ssl-cgi-sandwich which
> allows to use ssl on servers that do not have built in support?

stunnel is your friend.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: SSL and Mailman?, was Re: Mailing Lists

[tps]

On Mon, Nov 12, 2001 at 10:34:57PM -0600, [EMAIL PROTECTED] wrote:
> Hello!
> 
> On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote:
> ...
> > you should be able to do that in your apache configuration - either deny
> > access to unencrypted connections or send a redirect to the encrypted
> > URL.
> ...
> 
> Eric Jennings yet sent kindly the recipe :) And I rushed to implement
> it, when I realized that for survival reasons I am using the boa web
> server.
> 
> 
> > it's not really mailman's job to do that.
> ...
> 
> You are surely right, but, is there another boa-like small&|fast web
> server which supports ssl?  Is there some ssl-cgi-sandwich which
> allows to use ssl on servers that do not have built in support?

stunnel is your friend.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Mailing Lists

[tps]

On Thu, Nov 08, 2001 at 02:19:47PM +0200, Craigsc wrote:
> Hi scholars and gentlemen
> 
> We are wanting to set-up a mailing list for our clients
> and were wondering which program(s) we should use. At
> present our mail is handled by exim.

Mailman. Smartlist is second choise. I have 7-8k users on one mailman
list, and it performs well.

For extreme speed though, use smartlist and zmailer on the box. Given
a fast disk and enough RAM, this combo CRANKS.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: Apache/PHP

[tps]

On Sun, Aug 12, 2001 at 11:58:06AM -0500, Nathan E Norman wrote:
> Bug in the libc6 package ... check d-devel or d-user for a post today
> from Ben Collins.  He's put a fixed version in his homedir and said
> package will appear in the archive soon (I imagine it's in incoming
> now).

Outstanding! Thank you, and Ben!

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

snort

[tps]

Does anyone know how to turn off the spp_http_decode module without
recompiling snort? It seems to be flagging every outbound web connection
on certain hosts as a Unicode attack...

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: An LDAP authentication howto for Debian?

[tps]

On Sun, May 06, 2001 at 11:22:09AM +0200, Russell Coker wrote:
> On Saturday 05 May 2001 06:48, [EMAIL PROTECTED] wrote:
> > Since we're on the subject of LDAP, one thing I hate about LDAP, and it
> > may be just my ignorance, is this: I'm use to using PH for mail routing.
> > Within  PH, for the user record, you can add many aliases for them,
> > which sendmail happily uses. I can't figure out how to do this with
> > LDAP! Does anyone have an eyedeer?
> 
> When using LDAP for email aliases you have multi-valued attributes for both 
> the incoming address and the delivery address.  This allows you to have one 
> user with multiple email addresses, an alias expansion to multiple users, or 
> a multi-user alias with multiple addresses.

I think I tried all that. What attributes? All the ones I tried are being
limitted to a single value.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: An LDAP authentication howto for Debian?

[tps]

On Sun, May 06, 2001 at 11:22:09AM +0200, Russell Coker wrote:
> On Saturday 05 May 2001 06:48, [EMAIL PROTECTED] wrote:
> > Since we're on the subject of LDAP, one thing I hate about LDAP, and it
> > may be just my ignorance, is this: I'm use to using PH for mail routing.
> > Within  PH, for the user record, you can add many aliases for them,
> > which sendmail happily uses. I can't figure out how to do this with
> > LDAP! Does anyone have an eyedeer?
> 
> When using LDAP for email aliases you have multi-valued attributes for both 
> the incoming address and the delivery address.  This allows you to have one 
> user with multiple email addresses, an alias expansion to multiple users, or 
> a multi-user alias with multiple addresses.

I think I tried all that. What attributes? All the ones I tried are being
limitted to a single value.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: An LDAP authentication howto for Debian?

[tps]

Since we're on the subject of LDAP, one thing I hate about LDAP, and it
may be just my ignorance, is this: I'm use to using PH for mail routing.
Within  PH, for the user record, you can add many aliases for them, 
which sendmail happily uses. I can't figure out how to do this with
LDAP! Does anyone have an eyedeer?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: An LDAP authentication howto for Debian?

[tps]

Since we're on the subject of LDAP, one thing I hate about LDAP, and it
may be just my ignorance, is this: I'm use to using PH for mail routing.
Within  PH, for the user record, you can add many aliases for them, 
which sendmail happily uses. I can't figure out how to do this with
LDAP! Does anyone have an eyedeer?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Machine Registration

[tps]

Hi All,
  I've been asked to develop something like they have in Hotels,
where, when you plug into the building Network, and fire up
Nutscrape, the only thing you can get to is a page asking you
register your machine before you can get out on the Net.

Now I can't believe that this is so proprietary, but I've not seen
anything like this, even for $$$. Does anyone have an idea how they
do this, or, even better, have something like this working already?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Machine Registration

[tps]

Hi All,
  I've been asked to develop something like they have in Hotels,
where, when you plug into the building Network, and fire up
Nutscrape, the only thing you can get to is a page asking you
register your machine before you can get out on the Net.

Now I can't believe that this is so proprietary, but I've not seen
anything like this, even for $$$. Does anyone have an idea how they
do this, or, even better, have something like this working already?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: victim of stealthy rootkit

[tps]

On Mon, Apr 09, 2001 at 12:16:18PM -0700, Erik Abella wrote:
> Hello All,
> 
> A persistent joker attacked me with lion, ramen, and I trojan I still
> haven't found. I fired-up the free ID-scripts from SANS; did a whole lot of
> combing the filesystems; done away with cgi-bin; retained only root and my
> account as /bin/bash; and uninstalling everything except gnome+enlightenment
> and basic services - Just when I think that I've cleaned this menace out my
> system, he's back to wreak more havok.
> 
> Is it possible that he rolled-up a "trojan kernel" with daemons that nmap,
> lsof and grep cannot detect to be listening? Now, postfix gets 'Name service
> errors' for any domain except mine; has my eth0 automatically going
> promiscuous for sniffing; and even managed to lock /etc/passwd.
> 
> We're reinstalling the system but it's important for me to know how exactly
> this guys does what he does. Comments, anyone?

I would hope you are using something like tripwire or aide, and keeping it
current. Anything that changed on the system would be pointed out. Set these
up *before* opening your system up to the world, and use and IDS like snort
to watch things from a network level. Also, syslog to a secure(r) host so
logs can not be tampered with.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: victim of stealthy rootkit

[tps]

On Mon, Apr 09, 2001 at 12:16:18PM -0700, Erik Abella wrote:
> Hello All,
> 
> A persistent joker attacked me with lion, ramen, and I trojan I still
> haven't found. I fired-up the free ID-scripts from SANS; did a whole lot of
> combing the filesystems; done away with cgi-bin; retained only root and my
> account as /bin/bash; and uninstalling everything except gnome+enlightenment
> and basic services - Just when I think that I've cleaned this menace out my
> system, he's back to wreak more havok.
> 
> Is it possible that he rolled-up a "trojan kernel" with daemons that nmap,
> lsof and grep cannot detect to be listening? Now, postfix gets 'Name service
> errors' for any domain except mine; has my eth0 automatically going
> promiscuous for sniffing; and even managed to lock /etc/passwd.
> 
> We're reinstalling the system but it's important for me to know how exactly
> this guys does what he does. Comments, anyone?

I would hope you are using something like tripwire or aide, and keeping it
current. Anything that changed on the system would be pointed out. Set these
up *before* opening your system up to the world, and use and IDS like snort
to watch things from a network level. Also, syslog to a secure(r) host so
logs can not be tampered with.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Time Conversion

[tps]

On Sat, Apr 07, 2001 at 11:24:21AM -0700, brian moore wrote:
> On Sat, Apr 07, 2001 at 01:09:32PM -0400, [EMAIL PROTECTED] wrote:
> > I saw somewhere recently a perl oneliner to convert epoch time to
> > normal time. Does anyone have this, or a pointer to it?
> 
> You mean like:
> 
> [durin:~] 159 % perl -e 'print scalar localtime (986667817), "\n"'
> Sat Apr  7 11:23:37 2001

That's it! Thanks!

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: Time Conversion

[tps]

On Sat, Apr 07, 2001 at 11:24:21AM -0700, brian moore wrote:
> On Sat, Apr 07, 2001 at 01:09:32PM -0400, [EMAIL PROTECTED] wrote:
> > I saw somewhere recently a perl oneliner to convert epoch time to
> > normal time. Does anyone have this, or a pointer to it?
> 
> You mean like:
> 
> [durin:~] 159 % perl -e 'print scalar localtime (986667817), "\n"'
> Sat Apr  7 11:23:37 2001

That's it! Thanks!

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Time Conversion

[tps]

I saw somewhere recently a perl oneliner to convert epoch time to
normal time. Does anyone have this, or a pointer to it?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Time Conversion

[tps]

I saw somewhere recently a perl oneliner to convert epoch time to
normal time. Does anyone have this, or a pointer to it?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Virtual Domain Users

[tps]

G'Day, fellow ISPers.
  My user base is getting to the point where keeping flat /home, /var/mail
and other various directories is getting hard to maintain. Also, virtual
domain users add to the confusion. Is there a method out there already that
will allow the nice sorting of users (/home/a, /home/b, etc) and some way
to break out virtual domain users, along with their mail, that will work
with the POP and IMAP daemons, and exim?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Virtual Domain Users

[tps]

G'Day, fellow ISPers.
  My user base is getting to the point where keeping flat /home, /var/mail
and other various directories is getting hard to maintain. Also, virtual
domain users add to the confusion. Is there a method out there already that
will allow the nice sorting of users (/home/a, /home/b, etc) and some way
to break out virtual domain users, along with their mail, that will work
with the POP and IMAP daemons, and exim?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: pam failure

[tps]

On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote:
> [from /var/log/messages]
> Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR
> db, Authentication failure
> Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM
> masquerade.micron.com FOR (null), Conversation error
> 
> This just started happening.  Any normal user will recieve a "login
> incorrect" message when putting in their username and password, and I had to
> edit the /etc/pam.d/login file to not check /etc/securetty in order to let
> root login at all (it was previously accepting logons but immediately dumping
> you back to getty without giving you a prompt).  Of course, this is a sudden
> problem, and all the other admins claim "we didn't do nuttin".Any 
> ideas?  I
> keep thinking it's a pam thing, cuz I hate pam ;-), but so far my
> troubleshooting has come up with naught.  

(Groan) You're *allowing* root to log in remotely? Root should 
never log in directly from anywhere but the console. Use ssh, with
properly propogated public keys if you have to log in as root, since it
will be encrypted. But only if you trust the remote host...

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: pam failure

[tps]

On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote:
> [from /var/log/messages]
> Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR
> db, Authentication failure
> Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM
> masquerade.micron.com FOR (null), Conversation error
> 
> This just started happening.  Any normal user will recieve a "login
> incorrect" message when putting in their username and password, and I had to
> edit the /etc/pam.d/login file to not check /etc/securetty in order to let
> root login at all (it was previously accepting logons but immediately dumping
> you back to getty without giving you a prompt).  Of course, this is a sudden
> problem, and all the other admins claim "we didn't do nuttin".Any ideas?  I
> keep thinking it's a pam thing, cuz I hate pam ;-), but so far my
> troubleshooting has come up with naught.  

(Groan) You're *allowing* root to log in remotely? Root should 
never log in directly from anywhere but the console. Use ssh, with
properly propogated public keys if you have to log in as root, since it
will be encrypted. But only if you trust the remote host...

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: POP3 and SMTP server for an ISP

[tps]

On Sat, Feb 17, 2001 at 08:42:04AM -0800, Jeremy C. Reed wrote:
> On Fri, 16 Feb 2001, [iso-8859-2] Litzler Mihály wrote:
> 
> > Okey, what do you think about the security of exim?
> 
> I couldn't find any Exim advisories or incident or Vulnerability notes at
> CERT.

There are none.

> I found a July 1997 BugTraq posting for a very old version of Exim (posted
> by Qmail's author).

Go figure. :)

> You can't really easily search the SecurityFocus website for Exim --
> because the headers are indexed AND many emails were sent by Exim :)
> 
> This subject of "security of exim" has been discussed on the exim-users
> mailing lists various times and it always reports that there has been very
> few security issues, no known exploits and a bunch of testimonials for
> using Exim.

Yup. I've been using Exim since way before it was part of Debian. I've
*never* had a problem.

> I use exim because: 1) simple, easy-to-understand syntax; 2) extremely
> detailed documentation, FAQ and examples; 3) friendly mailing list; 4)
> friendly author/developer; 5) many testimonials; 6) no known security
> issues; 7) numerous capabilities, such as anti-relaying features,
> filtering, mail routing control, etc.; 8) it was default with Debian :)
> 
> I have read several testimonials of Exim like: "we use an old SparcStation
> 20 to ship around 60,000 emails a day and according to the exim stats 98%
> of those are shipped in under a minute." And "have used exim to cope with
> the mail for freeserve (3 million users) and we never had any problems
> with it." And "processed several hundred thousand messages a day across
> 7000+ virtual domains."

Well, another testimony is that I use Exim on the SMTP gateway machine
for bnl.gov, and it uses an extensive filter to look for 'nasties', 
does the black-list blocking, along with our own long list of unsavory
sites, subjects and content filtering. Nominal traffic is about 1.5-2.0
GB/day, each way. All mail for the site goes through this box. It's
handled up to about 20GB in a single day, and the load on the box never 
went above .10. This is a PIII-500 with 512MB RAM. *Way* overkill for
what it's handling. 

Someday in the near future (6-10 months) we'll be upgrading the WAN
connection from OC-3 to OC-12. It may be a little more loaded at that
point, but I doubt it.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 924-3728
  <<
   ><

Re: POP3 and SMTP server for an ISP

[tps]

On Sat, Feb 17, 2001 at 08:42:04AM -0800, Jeremy C. Reed wrote:
> On Fri, 16 Feb 2001, [iso-8859-2] Litzler Mihály wrote:
> 
> > Okey, what do you think about the security of exim?
> 
> I couldn't find any Exim advisories or incident or Vulnerability notes at
> CERT.

There are none.

> I found a July 1997 BugTraq posting for a very old version of Exim (posted
> by Qmail's author).

Go figure. :)

> You can't really easily search the SecurityFocus website for Exim --
> because the headers are indexed AND many emails were sent by Exim :)
> 
> This subject of "security of exim" has been discussed on the exim-users
> mailing lists various times and it always reports that there has been very
> few security issues, no known exploits and a bunch of testimonials for
> using Exim.

Yup. I've been using Exim since way before it was part of Debian. I've
*never* had a problem.

> I use exim because: 1) simple, easy-to-understand syntax; 2) extremely
> detailed documentation, FAQ and examples; 3) friendly mailing list; 4)
> friendly author/developer; 5) many testimonials; 6) no known security
> issues; 7) numerous capabilities, such as anti-relaying features,
> filtering, mail routing control, etc.; 8) it was default with Debian :)
> 
> I have read several testimonials of Exim like: "we use an old SparcStation
> 20 to ship around 60,000 emails a day and according to the exim stats 98%
> of those are shipped in under a minute." And "have used exim to cope with
> the mail for freeserve (3 million users) and we never had any problems
> with it." And "processed several hundred thousand messages a day across
> 7000+ virtual domains."

Well, another testimony is that I use Exim on the SMTP gateway machine
for bnl.gov, and it uses an extensive filter to look for 'nasties', 
does the black-list blocking, along with our own long list of unsavory
sites, subjects and content filtering. Nominal traffic is about 1.5-2.0
GB/day, each way. All mail for the site goes through this box. It's
handled up to about 20GB in a single day, and the load on the box never 
went above .10. This is a PIII-500 with 512MB RAM. *Way* overkill for
what it's handling. 

Someday in the near future (6-10 months) we'll be upgrading the WAN
connection from OC-3 to OC-12. It may be a little more loaded at that
point, but I doubt it.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 924-3728  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: (nearly) dynamic DNS update

[tps]

> On Sat, 3 Feb 2001, Sanjeev Gupta wrote:
> 
> > My idea was to write a cron job that would get the current IP address, and
> > ftp over a file to a "well known server".  As I am charged for each minute
> > that actual traffic flows, I do not wish to use dhis.net, as it sends a
> > packet each minute.  A packet every 15minutes, or so, is quite fine.
> > 
> > 2 questions:
> > 1   Is there a dynDNS provider, who has a longer, configurable
> > ping interval?

Yeah. Me. :)

I have a dyndns setup using stock bind8 and a web page. This is for people
that have a relatively stable IP address. You can contact me offline for
further info...

Tim
-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Re: (nearly) dynamic DNS update

[tps]

> On Sat, 3 Feb 2001, Sanjeev Gupta wrote:
> 
> > My idea was to write a cron job that would get the current IP address, and
> > ftp over a file to a "well known server".  As I am charged for each minute
> > that actual traffic flows, I do not wish to use dhis.net, as it sends a
> > packet each minute.  A packet every 15minutes, or so, is quite fine.
> > 
> > 2 questions:
> > 1   Is there a dynDNS provider, who has a longer, configurable
> > ping interval?

Yeah. Me. :)

I have a dyndns setup using stock bind8 and a web page. This is for people
that have a relatively stable IP address. You can contact me offline for
further info...

Tim
-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Exim as a gateway

[tps]

OK, here's the picture. I have a Debian box as the SMTP gateway for
about 4000 active nodes on a class B network. Many of these machines
run sendmail, misconfigured, of course. I have MX records for the inside
machines in the DNS all pointing to the gateway, which is configured to
deny 3rd party relay. But, since it just forwards to the real machine,
the relays still happen. Is there any way to stop this at the gateway
machine?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Scripting question

[tps]

On Tue, Jan 09, 2001 at 10:08:05AM +1100, Nathan Ridge wrote:
> I am trying to write a script for a couple of novice admins that changes
> shell to bash from false, logs in, runs elm from where they can purge
> certain emails from a users mailbox and then exit to change the shell back
> to false. So far I have:
> 
> #!/bin/bash
> USR=$1
> usermod -s /bin/bash $USR
> su - $USR
> elm
> usermod -s /bin/false $USR
> 
> but when the su - changes accounts the script stops, any help appreciated.

As pointed out already, you need su - $USR -c "elm"

Also, instead of mucking about with the shell, you can use 'passwd -l username'
to lock the account (if that is the ultimate goal) and then passwd -u username
to unlock it.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: DSL

[tps]

On Mon, Jan 08, 2001 at 07:42:35AM -0800, Duane Powers wrote:
> Is he going to be using static ip's?

Yup. It's for his business.

> I don't know of any ISP that will perform the routing nescessary for 
> this for DSL customers (not enough revenue.)
> 
> If he is just using dynamic ip's, and running something like a linux 
> router (ipchains, masq, et al:) then he could *conceivably* do it, but 
> since you then ask about BGP.
> 
> The rules for BGP specify a multi-homed connection (at least 2 different 
> providers) and most ISP's want you to have at least a /24 before they'll 
> run BGP with you, My ISP charges $BIG_BUCKS for the setup, due to the 
> very nature of bgp. Quite frankly, that won't be an option.

I never thought of that. My current primary upstream (verio) had no
problem with just sending me full routes.

> Also, in order to run BGP, you need a router that will do it. (most 
> often a CISCO, but you can do it with a linux box.)

Right. I'm using a Linux box with an SDL N2 board, and running Zebra

> IMHO, Look at the prices for two "business class DSL" services, then 
> compare that to the T1, not as large a difference for the level of 
> service... and remember, T-1 is 1.544M, synchronous, DSL is "up to" 1.5M 
> download, 128K upload.  HUGE difference.

Well, around here, SDSL 1.5/1.5 Mb with a full /24 runs about $350/mo.
Most local providers, us included, charge about $1000/mo for a full T1,
and then you have the local loop charge. That's not cheap either.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

DSL

[tps]

Hi folks,
  I have a client that wants a fast reliable connection into their
office complex. I'm trying to sell him a T1, but he keeps looking at
DSL rates, and wants that. I think I impressed on him enough about the
lack of reliability in DSL, so he asked if you could get 2 DSL lines
and have one failover to the other. Huh... a client with a clue! My
question is: DSL router for 2 lines? Or is there a way to make a 
Linux box talk DSL? How about BGP in DSL land?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ftp?

[tps]

On Mon, Jan 08, 2001 at 10:14:50AM +1100, Marc-Adrian Napoli wrote:
> hi,
> 
> have a wierd problem here. we have standard debian box here running wuftp,
> as well as an NT box with iis 5.0. (and ftp)
> 
> a particular customer sitting behind a NAT'd firewall cant connect to our
> debian wuftp server, but has no problem with the NT box.
> 
> ive allowed their specific class C range access in hosts.allow and i can ftp
> into the box with their account no problems.
> 
> the customer gets an FTP connection but no prompt for username and password,
> has anyone seen this before?

Are you letting both ports through (20 and 21) the NAT?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: [sailer@bnl.gov: Network Throughput]

[tps]

On Wed, Jan 03, 2001 at 10:19:18PM -0800, Luca Filipozzi wrote:
> On Thu, Jan 04, 2001 at 01:10:39AM -0500, [EMAIL PROTECTED] wrote:
> > I have a Debian box with 2 NICs. Both 100Meg, running in full duplex. This
> > machine is running as a ftp proxy. As part of the traffic going through the
> > box, some streams have 1000k window size for a certain reason. How do
> > I tune the NICs to handle the streams better? There are ways of doing this
> > on other OSs. Right now, the box only does about 1.8Mb when it should be doing
> > 80+Mb.
> > 
> > Thanks,
> > Tim
> > 
> > PS: This is really something to do with the window size and WAN latency.
> > The box does well when traffic goes in one NIC and out the other, as long
> > as the end point is local When it hits the WAN, it all dies. Traffic not
> > going through the box just flies rignt along.
> 
> you may wish to modify the MTU of the interfaces

It's set at 1500, which is the mac, I believe.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

[sailer@bnl.gov: Network Throughput]

[tps]

- Forwarded message from Tim Sailer <[EMAIL PROTECTED]> -

>From tps  Wed Jan  3 17:38:17 2001
Date: Wed, 3 Jan 2001 17:37:56 -0500
From: Tim Sailer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Network Throughput
User-Agent: Mutt/1.2.5i
Resent-Message-ID: 
Resent-From: [EMAIL PROTECTED]
X-Mailing-List: <[EMAIL PROTECTED]> archive/latest/125696
X-Loop: [EMAIL PROTECTED]
Precedence: list
Resent-Sender: [EMAIL PROTECTED]
Resent-Bcc:
Resent-Date: Wed, 03 Jan 2001 17:38:17 -0500

I have a Debian box with 2 NICs. Both 100Meg, running in full duplex. This
machine is running as a ftp proxy. As part of the traffic going through the
box, some streams have 1000k window size for a certain reason. How do
I tune the NICs to handle the streams better? There are ways of doing this
on other OSs. Right now, the box only does about 1.8Mb when it should be doing
80+Mb.

Thanks,
Tim

PS: This is really something to do with the window size and WAN latency.
The box does well when traffic goes in one NIC and out the other, as long
as the end point is local When it hits the WAN, it all dies. Traffic not
going through the box just flies rignt along.

-- 
Tim Sailer <[EMAIL PROTECTED]> Cyber Security Operations
Brookhaven National Laboratory  (631) 344-3001


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]


- End forwarded message -

-- 
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Exim+mailmain

[tps]

On Sat, Dec 16, 2000 at 12:38:03PM -0500, Ryan Golbeck wrote:
> Hello;
> 
> I've been trying to setup mailman to manage some mailing lists with exim
> but I'm having troubles whenever mailman has to send mail off host.  I've
> been getting this sort of error in my exim/mainlog:
> 
> 2000-12-15 00:28:32 refused relay (host accept) to  from 
><[EMAIL PROTECTED]> H=localhost (cayley.dhs.org) [127.0.0.1]
> 
> So I was looking through the exim documentation on their webpage, but some
> of it seems out of date, but either way I've been playing with the relaying
> configuration options in exim.conf but nothing seems to get rid of the error
> and allow mail to be sent.

You need to relay specifically for localhost. Either in 
local_domains = localhost:cayley.dhs.org

or 

relay_domains = localhost:cayley.dhs.org

See what that does for you.

Tim


-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Kernel >= 2.2.17 or 2.4.* for FW/Proxy

[tps]

On Fri, Dec 08, 2000 at 04:01:41PM +0800, Michael Boman wrote:
> [EMAIL PROTECTED] wrote:
> [snip]
> 
> > Has anyone gotten lvm to work under Linux? I remember with fondness my AIX
> > experience with lvm. I'd love to see it work on some of my big boxen.
> > 
> > Tim
> 
> Yes, I am running it here (but in a non-production enviroment). It seems
> like it works just fine and I am currently working on a WebMin Module
> for WebMin.

Huh. What was the trick to getting it to do anything? This is what I get:

unslept:~# pvscan
pvscan -- invalid i/o protocol version

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Kernel >= 2.2.17 or 2.4.* for FW/Proxy

[tps]

On Thu, Dec 07, 2000 at 05:30:34PM +0100, Russell Coker wrote:
> test10 and test11 both worked fine for me in my tests.  I've heard some 
> reports of file system problems with test11 so I'm running test10.

test 11 has been working fine for me, even under heavy load (mail exploder
where the load runs up over 30 most of the time).

> test5 was the first unpatched version of Linux to ever do software RAID for 
> me.  Sure you can get non-standard kernels from Red Hat, VA, etc that are 
> 2.2.x with RAIDtools2 patches but if you want that functionality in a 
> standard kernel released by Linus then you need 2.4.0-test5 minimum!

Has anyone gotten lvm to work under Linux? I remember with fondness my AIX
experience with lvm. I'd love to see it work on some of my big boxen.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ppp (howto?)

[tps]

On Tue, Dec 05, 2000 at 06:15:13PM +, Kozman Balint wrote:
> 
> Hi!
> 
> Can someone tell me how to make a linux box able to accept a PPP request?
> Whowatch says the AutoPPP user is authenticated, but it gets kicked out
> after 2 secs. I'm using mgetty to accept PPP. What can be wrong?

www.buoy.com/isp

Look quick. I'm taking the section down at the end of this year.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

lvm

[tps]

Has anyone gotten lvm to work at all? This is what I get:

unslept:~# uname -a
Linux unslept 2.4.0-test10 #2 Mon Nov 13 07:28:48 EST 2000 i586 unknown
unslept:~# /etc/init.d/lvm stop
Shutting down LVM Volume Groups...
vgchange -- invalid i/o protocol version

unslept:~# /etc/init.d/lvm start
Setting up LVM Volume Groups...
vgscan -- invalid i/o protocol version

vgchange -- invalid i/o protocol version


unslept:~# pvcreate /dev/hdc1
pvcreate -- invalid i/o protocol version


Any ideas?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

VPN

[tps]

'Lo Folks,
  In an effort to expand our VPN services, I'm looking at any opensource
VPN solution I can find to replace our Shiva box. What I'd love to see
is to be able to set up a Linux box with the VPN server software running
on it, and to have IPSec compliant clients (wintel, linux, slowaris, mac)
connect and have to do authentication via radius (We use CiscoSecure backended
by Cryptocards Cryptoadmin server for OTP signon). Is there anything 
like this out there? I've not been able to find it as of yet... pointers?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Exim bounce message

[tps]

I know I'm not the first one to try this out, but I can't find anything
on the exim site, so I turn to you guys. :)

As many of you know, I work at bnl.gov (Brookhaven National Lab) during
the day. I've implemented a Perimeter Defense network (firewall) utilizing
a Cisco Pix, and application proxies running Debian. Along with this, I have
a smtp gateway that all mail must pass through. We are getting ready to
start blocking email directly to the individual machines, and making
all mail go to '[EMAIL PROTECTED]'. However, I'd like Exim, on the smtp gateway,
to be able to send email back to the sender, if the email is sent to
[EMAIL PROTECTED], sorta like "I'm sorry, mail to this machine is 
disabled. Please try sending mail to [EMAIL PROTECTED] bla bla bla". I can;t
figure this out. Anyone else try something like this?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Exim bounce message

[tps]

I know I'm not the first one to try this out, but I can't find anything
on the exim site, so I turn to you guys. :)

As many of you know, I work at bnl.gov (Brookhaven National Lab) during
the day. I've implemented a Perimeter Defense network (firewall) utilizing
a Cisco Pix, and application proxies running Debian. Along with this, I have
a smtp gateway that all mail must pass through. We are getting ready to
start blocking email directly to the individual machines, and making
all mail go to '[EMAIL PROTECTED]'. However, I'd like Exim, on the smtp gateway,
to be able to send email back to the sender, if the email is sent to
[EMAIL PROTECTED], sorta like "I'm sorry, mail to this machine is 
disabled. Please try sending mail to [EMAIL PROTECTED] bla bla bla". I can;t
figure this out. Anyone else try something like this?

Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Exim on potato

[tps]

On Sat, Sep 16, 2000 at 08:00:02AM -0500, Gregory Wood wrote:
> When the customer trys to send to an account outside the local ISP's control, 
> it receives an immediate 'look-up' error (i.e. DNS failure). Likewise when an 
> outside account tries to access the customer, they get an 'account not found' 
> type of error. It is as if they could not find the user on the email server.
> 
> Lastly, the tech that set this up on the ISP's side is gone until Tuesday.
> 
> Is there any obvious problem that I can fix by changing exim?

Just to see a little more what is happening, run 'exim -bt [EMAIL PROTECTED]'
as root, and that may give you a clue. Make suer that you can reach their DNS
servers, or point to another working one in /etc/resolv.conf

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Re: Exim on potato

[tps]

On Sat, Sep 16, 2000 at 08:00:02AM -0500, Gregory Wood wrote:
> When the customer trys to send to an account outside the local ISP's control, it 
>receives an immediate 'look-up' error (i.e. DNS failure). Likewise when an outside 
>account tries to access the customer, they get an 'account not found' type of error. 
>It is as if they could not find the user on the email server.
> 
> Lastly, the tech that set this up on the ISP's side is gone until Tuesday.
> 
> Is there any obvious problem that I can fix by changing exim?

Just to see a little more what is happening, run 'exim -bt [EMAIL PROTECTED]'
as root, and that may give you a clue. Make suer that you can reach their DNS
servers, or point to another working one in /etc/resolv.conf

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Another question

[tps]

On Tue, Aug 29, 2000 at 11:35:10PM -0600, Nathan wrote:
> Check the Readme's with the Kernel source - there is actualy a device you
> have to mount in your fstab file (you know, for bootup;) that enables
> shared memory.  It uses a "imaginary" mount point like /proc does.

OK, I found it. It actually uses a *real* mount point. From the docs:

none/dev/shmshm defaults0 0


Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Re: Another question

[tps]

On Tue, Aug 29, 2000 at 11:35:10PM -0600, Nathan wrote:
> Check the Readme's with the Kernel source - there is actualy a device you
> have to mount in your fstab file (you know, for bootup;) that enables
> shared memory.  It uses a "imaginary" mount point like /proc does.

OK, I found it. It actually uses a *real* mount point. From the docs:

none/dev/shmshm defaults0 0


Thanks,
Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Another question

[tps]

Maybe I missed it, but what's the deal with the new kernels (2.4.0xxx)
and shared memory? From top:

CPU states:   5.2% user,   1.8% system,   0.0% nice,  93.0% idle
Mem:   78592K av,  75848K used,   2744K free,  0K shrd,   1932K buff
Swap: 185464K av,  11520K used, 173944K free 40308K cached


Shared mem is always 0 ?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

lvm

[tps]

Has anyone had any luck getting the lvm stuff to work? 

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Another question

[tps]

Maybe I missed it, but what's the deal with the new kernels (2.4.0xxx)
and shared memory? From top:

CPU states:   5.2% user,   1.8% system,   0.0% nice,  93.0% idle
Mem:   78592K av,  75848K used,   2744K free,  0K shrd,   1932K buff
Swap: 185464K av,  11520K used, 173944K free 40308K cached


Shared mem is always 0 ?

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

lvm

[tps]

Has anyone had any luck getting the lvm stuff to work? 

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Squid log file analyser

[tps]

On Fri, Jul 14, 2000 at 04:53:15PM +0800, Sanjeev Gupta wrote:
> Folks,
> 
> A client wants me to place squid on his Linux box, not with an idea to 
> improve response, but to be able to see what staff are upto.  Ethical 
> issues are dealt with, in the sense that staff have been formally informed 
> that all email and other access is not confidential.
> 
> Is there some CGI stuff, or maybe static, that could let the Manager see:
> 
> Who is surfing how much?
>  Where is he going too?
>  Who is going to this site?
> 
> Something Debian-able, preferably.

sqmgrlog should do the basics, and also calamaris

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Re: Squid log file analyser

[tps]

On Fri, Jul 14, 2000 at 04:53:15PM +0800, Sanjeev Gupta wrote:
> Folks,
> 
> A client wants me to place squid on his Linux box, not with an idea to 
> improve response, but to be able to see what staff are upto.  Ethical 
> issues are dealt with, in the sense that staff have been formally informed 
> that all email and other access is not confidential.
> 
> Is there some CGI stuff, or maybe static, that could let the Manager see:
> 
> Who is surfing how much?
>  Where is he going too?
>  Who is going to this site?
> 
> Something Debian-able, preferably.

sqmgrlog should do the basics, and also calamaris

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: 2nd plea!

[tps]

On Sat, Jun 17, 2000 at 12:18:09PM +0100, Chris Evans wrote:
> I posted a request for help with bouncing or blackholing an idiot's 
> Email at SMTP or TCP/IP level on a Hamm/Sendmail 8.9 box.  
> (Idiot has set up a dire holiday autoresponder.)  No response from 
> you wonderful people.  

You can block him using ipchains/ipfw at the TCP level, but, if you
have external MX hosts, you'll get his mail anyway. You should
install on of the spam blocking packages. spamdb is one of them, I believe.
You should be able to add your choice of hosts/domains to the list.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED] ><  (631) 476-3031
  <<
   ><

Re: 2nd plea!

[tps]

On Sat, Jun 17, 2000 at 12:18:09PM +0100, Chris Evans wrote:
> I posted a request for help with bouncing or blackholing an idiot's 
> Email at SMTP or TCP/IP level on a Hamm/Sendmail 8.9 box.  
> (Idiot has set up a dire holiday autoresponder.)  No response from 
> you wonderful people.  

You can block him using ipchains/ipfw at the TCP level, but, if you
have external MX hosts, you'll get his mail anyway. You should
install on of the spam blocking packages. spamdb is one of them, I believe.
You should be able to add your choice of hosts/domains to the list.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED][EMAIL PROTECTED] ><  (631) 476-3031  <<
   ><


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian vs Red Hat??? I need info.

[tps]

On Wed, May 17, 2000 at 05:28:54PM +1000, Craig Sanders wrote:
> On Tue, May 16, 2000 at 10:43:20PM -0400, Chris Wagner wrote:
> > At 07:29 PM 5/16/00 -0400, Jeremy Hansen wrote:
> > >Autoinstall (Red Hat's kickstart)
> > > This is also something fairly important.  We need this as we do a
> > > lot of mass installs.
> >
> > For mass installs, just make a standard issue CD, boot from that CD,
> > and copy over the OS.  Or you could even make a disk image and dd it
> > onto the hard drive.  That assumes you have the same hard drive in all
> > the machines.  You can turn a 20GB drive into a 10GB drive. :) But
> > even if you have 4 or 5 different hard drives in your organization,
> > using disk images will still save you tons of time.
> 
> even better, you can make a tar.gz image of your "standard install",
> stick it on an nfs server and then create a boot floppy with nfs
> support.  
> 
> when building a new box, boot with the floppy, partition the disk
> (scriptable using sfdisk), mount the nfs drive, untar the archive, and
> then run a script which customises whatever needs to be customised (e.g.
> hostname, IP address, etc). then run lilo to make it bootable from the
> hard disk.

This is what I did at BNL for maintaining the 'black wall' of 150 VALinux
boxes. I built 1 box like I wanted, and made a tarball of it and put it
out on a NFS server. Then I created a kernel with nfsroot and bootp
support. As long as I know the MAC of the NIC in the maachine, you can
boot, get all the network stuff assigned by the bootp server, and 
it nfs mounts a small root partition with a hacked up rcS script.
This script partitions the disk using sfdisk, formats the partitions,
mounts them, then nfs mounts the old image, untars it, then fiddles 
with the config files, runs lilo, and reboots. On the 350MB install,
this takes about 5 minutes for the whole procedure. Now, with the
bootp kernel, we never have to touch the machines again. If we
update the image, we run a command on each box via ssh that copies the
bootp kernel over the normal one, runs lilo, and reboots, and the
whole thing runs by itself. We only have to touch the machine 1 time,
to get it to boot off the floppy for the initial install.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED]  ><  (631) 476-3031  
<<
   ><

Re: OK I should have asked for this earlier

[tps]

On Fri, Apr 21, 2000 at 09:59:24AM -0400, Allen Ahoffman wrote:
> At the risk of asking twice:
> 
> Please someone recommend a web based help-desk type tracking system to me.
> 
> I'd like it to be flexible, stable, and fairly straightforward to setup
> and administer.
> 
> It doesn't have to do everything imaginable, but straightforward trouble
> ticket and tracking functions would be nice.

Request Tracker (RT)

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED]  ><  (631) 476-3031  
<<
   ><

Re: Ethernet card recommendations?

[tps]

On Wed, Apr 05, 2000 at 06:55:13PM +1000, Neale Banks wrote:
> Greetings all,
> 
> Any recommendations on a *reliable* ethernet card to spec for a Debian
> (potato) box to be deployed as a dedicated mail exchanger?
> 
> Not thinking so much of the fastest, as something that will reliably pump
> data.
> 
> 10/100, Full-duplex, PCI prefered (what else would you use in a "serious"
> server?).

Intel EEPro100. Get the latest driver from the intel web site.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED]  ><  (631) 476-3031  
<<
   ><

Re: ppp-server with radius athentication.

[tps]

On Sat, Apr 01, 2000 at 08:12:06PM +0400, Alex Toropov wrote:
> I'd like to organize authentication by using some kind of RADIUS server. 
> (cistron for example)
> Can any one give me some steps in making this ?
> I was looking for some PAM way of making this, but I didn't find any PAM 
> authenticating module,
> that is able to athenticate through RADIUS server.

http://www.buoy.com/isp

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED]  ><  (631) 476-3031  
<<
   ><

Re: Frozen Messages (Exim)

[tps]

On Fri, Mar 31, 2000 at 02:38:34AM +, Fraser Campbell wrote:
> I installed Exim on a spare server of ours (Debian/Sparc) to act as a
> secondary MX for all of the domains we host.  It worked like a charm from
> the moment I installed it with one small problem.
> 
> There are getting to be a lot of messages in the queue that shouldn't be
> there.  There are messages in the queue that are 45 days old.  I haven't
> changed the default configuration which is supposed to fail messages after
> 4 days from what I understand:
> 
> *  *   F,2h,15m; G,16h,2h,1.5; F,4d,8h
> 
> The messages (when running mailq) are all labelled as "frozen".  What does
> this mean and why aren't the messages simply failing with a bounce as most
> would and should?

Frozen messages are just that. Frozen. They will never be queued for
delivery. I see these mostly when there is no valid return address
for them. Like such, on this system here at home.

39d  2.1K 12Mc06-0006sT-00 <> *** frozen ***
  [EMAIL PROTECTED]

Using eximon, unfreeze it, and try to force delivery. You'll see
the message why it was frozen.

Tim

-- 
   ><
   >> Tim Sailer (at home) ><  Coastal Internet, Inc.  <<
   >> Network and Systems Operations   ><  PO Box 671  <<
   >> http://www.buoy.com  ><  Ridge, NY 11961 <<
   >> [EMAIL PROTECTED]/[EMAIL PROTECTED]  ><  (631) 476-3031  
<<
   ><