Re: [expert] Re: Cyrus-imapd
Am Donnerstag, 6. November 2003 22:27 schrieb Luca Olivetti: Luca Olivetti wrote: In fact, I don't even know how to configure postfix to check for local users (using mailbox_transport = lmtp:). Duh, it's on by default in recent postfix, local_recipient_maps, configured by mandrake as proxy:unix:passwd.byname $alias_maps. I didn't know it. So it should be modified to blank if you want mail for users with no local account. afaik no. postfix only accepts mails for addresses listed in local_recipient_maps for local delivery. if you have mailusers only in your cyrus store, you have to add either a seperate database for cyrus users to postfix or you have to add an alias for every user in cyrus to your postfix alias database. Bye Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Re: Cyrus-imapd
Am Donnerstag, 6. November 2003 01:05 schrieb Norman Zhang: The second issue is aliases. Of course you can have a mailbox nzhang with an alias (in postfix) norman.zhang. Or you can create a mailbox norman.zhang (actually you cannot in the default configuration, since the dot is the hierarchy separator in cyrus, but you can change it with altnamespace in /etc/imapd.conf). If I have a mailbox nzhang but with alias norman.zhang. Does that mean mail for both nzhang @ abc.com and norman.zhang @ abc.com will get to mailbox nzhang? If I want to only accept mail for norman.zhang @ abc.com, I need to create a mailbox norman.zhang? No, Your MTA (usualy postfix) does not know anything of the data stored in cyrus. By default postfix only knows addresses from users stored in the local user base (unix users) and the aliased addresses. If nzhang is not a local user and not listed as an alias, postfix rejects the mail. Regards, Norman Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Re: Cyrus-imapd
Am Freitag, 7. November 2003 01:49 schrieb Norman Zhang: Hi, Does that mean mail for both nzhang @ abc.com and norman.zhang @ abc.com will get to mailbox nzhang? If I want to only accept mail for norman.zhang @ abc.com, I need to create a mailbox norman.zhang? No, Your MTA (usualy postfix) does not know anything of the data stored in cyrus. By default postfix only knows addresses from users stored in the local user base (unix users) and the aliased addresses. If nzhang is not a local user and not listed as an alias, postfix rejects the mail. I have created user nzhang and mailbox nzhang in cyrus. I also added nzhang: norman.zhang It is the wrong order, type (the left hand side is expanded to the right hand side) norman.zhang: nzhang to /etc/postfix/aliases. I still can't receive mail in cyrus' inbox. BTW, I'm using lmtp TCP sockets as per suggestion given in README.RPM. I changed mailbox_transport = lmtp:$myhostname I don't use the tcp socket but it seems correct so far. BTW, the tcp socket needs authentication by default. Possibly you have to add the port number of the lmtp server. Is this correct? Regards, Norman Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Single login server for Linux clients
Am Donnerstag, 2. Oktober 2003 08:55 schrieb James Sparenberg: [...] A lot more secure (and robust) is to use shfs. I've not built it on 9.2 but I've used it on 8.2 - 9.1 without a hitch. URL is http://shfs.sourceforge.net/ One thing it doesn't do is hang my box if I loose connectivity. I use to make my home box a file server for my laptop... dang handy. Since it operates over ssh I don't have to have extra ports open etc. What's about the performance in relation to NFS? James Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix - How to block a domain
Am Donnerstag, 2. Oktober 2003 14:58 schrieb Thomas Deutsch: Hi How can I block a domain in my postfix. Exaple: I don't like to recieve mails from default.com. So where can I block default.com? greetings Thomas Add to your smtpd_recipient_restrictions in main.cf the following line check_sender_access regexp:/etc/postfix/unwanted_sender andd add to toe file unwanted_sender something like /[EMAIL PROTECTED]/ 550 Not accepted sender address reload postfix and off you are. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix - How to block a domain
Am Donnerstag, 2. Oktober 2003 15:09 schrieb Thomas Deutsch: Thomas Deutsch wrote: Hi How can I block a domain in my postfix. Exaple: I don't like to recieve mails from default.com. So where can I block default.com? Is this right? main.cf: header_checks=regexp:/etc/postfix/bad_headers Na, the header does not specify the sender butv something you can freely compose. Look at this mailing list. This mail is from me (obvious) but it is send to you from [EMAIL PROTECTED] so the header_checks only checks my sending mail entry in the FROM Header. The real sender is only in the envelope. bad_headers: /^From: default.com REJECT Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix - How to block a domain
Am Donnerstag, 2. Oktober 2003 15:30 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Donnerstag, 2. Oktober 2003 14:58 schrieb Thomas Deutsch: Hi How can I block a domain in my postfix. Exaple: I don't like to recieve mails from default.com. So where can I block default.com? Add to your smtpd_recipient_restrictions in main.cf the following line check_sender_access regexp:/etc/postfix/unwanted_sender andd add to toe file unwanted_sender something like /[EMAIL PROTECTED]/ 550 Not accepted sender address I've put this in the main.cf (On one line): smtpd_recipient_restrictions = check_sender_access regexp:/etc/postfix/unwanted_sender But postfix says in the syslog: Oct 2 15:25:26 homer postfix/smtpd[20850]: fatal: parameter smtpd_recipient_restrictions: specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit Do you know where the problem is? yes, you should add it to you current configuration. If you don't have a smtpd_recipient_restrictions parameter set, see postconf smtpd_recipient_restrictions for the default (comment out your current entry) The default is smtpd_recipient_restrictions = permit_mynetworks,check_relay_domains or that (depends on version of postfix I think) smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination so add it to this and everything shout work. Your settings should look like smtpd_recipient_restrictions = permit_mynetworks check_sender_access regexp:/etc/postfix/unwanted_sender reject_unauth_destination greetings Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Single login server for Linux clients
Am Mittwoch, 1. Oktober 2003 20:18 schrieb James D. Parra: Hello, What is the best method to have one central Linux server handling login authentication for Linux and windows machines? What I would like to achieve is; 1) Provide only network server logins for Linux boxes and have no local accounts on any Linux machine. LDAP is the way to go. use pam_ldap if only linx accounts are used. If you want to use the sam password for windows and linux use pam_smb. 2) Have /home/$USER reside on the centralized Linux login server and not on local machines. NFS (but it is insecure if you don't trust your network). 3) Ditto for windows machines (I know I can achieve this with Samba for windows clients, unless there is a better way) See above. you need samba to authenticate windows. samba handles the user acounts via ldap too. If anyone has this type of environment set up, I would greatly appreciate your help and advice. Yes, we have configured it that way. But wee use different passwords for windowsd and unix accounts. Everything is in ldap. We have three ldap server (one master, two slaves) postfix is configured via ldap (aliases canonicals et al). Only cyrus (imap server) has its own user database. Addressbook is stored in LDAP (KMail, Mozilla and Outlook grabs the e-mail addresses from the ldap store -- autocompletion). Every authentication is done against ldap (wherever possible) like proxy mail and others more. Many thanks in advance, James Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] re-installed mdk 9.1 now unable to use cdrw?
Am Freitag, 26. September 2003 12:54 schrieb Fajar Priyanto: On Thursday 25 September 2003 12:12 pm, Martin Fahrendorf wrote: I had some similar problem with my ide-writer. The problem is partialy in the ide-cd module wich is loaded before the ide-scsi module. As root I had to unload the ide-cd and the ide-scsi module and after loading ide-scsi again k3b works again (at least on my system). Martin When I want to burn some cds using k3b, it just shows my cdrw on both reader and writer dialog box, whereas I have a cdrom drive for the reader. However, in the k3b's device list, it shows both the cdrom and cdrw. Do you think I have the same problem with k3b? Possibly, but try it out. run the following as root: rmmod ide-cd rmmod ide-scsi modprobe ide-scsi and start k3b. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] re-installed mdk 9.1 now unable to use cdrw?
Am Mittwoch, 24. September 2003 22:30 schrieb Rolf Pedersen: Anne Wilson wrote: On Wednesday 24 Sep 2003 3:33 pm, Rolf Pedersen wrote: [...] Yes, Anne, I saw that. What I am thinking of is that both the reader, if you have one, and the writer must be scsi-emulated for some apps to work. Here is a post where such advice to make the reader also scsi-emulated for k3b to work is mentioned: http://lists.suse.com/archive/suse-linux-e/2003-Jul/2997.html I had some similar problem with my ide-writer. The problem is partialy in the ide-cd module wich is loaded before the ide-scsi module. As root I had to unload the ide-cd and the ide-scsi module and after loading ide-scsi again k3b works again (at least on my system). Rolf Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 07:51 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Dienstag, 23. September 2003 15:49 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Dienstag, 23. September 2003 15:31 schrieb Thomas Deutsch: [...] so you have un-chrooted the wron line. search something like smtp unix - - n - - smtp (remeber the missing d at the end). Yes. I've now changed the y to n. Is it necessary to change the smtpd line back to y? Because it don't work The smtpd don't work? It don't work with chroot to y or n? With or without chroot of smtp, the authentification will always fail. Generaly it is not nessesary to use postfix chrooted. By default postfix on mandrake only listen on the loopback interface. And, if you want to configure something it is recomended to test it without the chroot and if it works as expected, enable chroot (if you realy need it). I don't know what is wrong: master.cf: smtpinetn - y - - smtpd #smtpsinet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes #submission inetn - n - - smtpd # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes [...] smtpunix- - n - - smtp relay unix- - y - - smtp main.cf: smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, check_relay_domains argh, can you see the obvious? you have enabled the SMTPD sasl stuff, but not the SMTP sasl. The difference is the d. so use smtp_sasl_local_domain = smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous /usr/lib/sasl/smtp.conf: pwcheck_method: saslauthd Can you help me? Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 08:30 schrieb Martin Fahrendorf: [...] argh, can you see the obvious? you have enabled the SMTPD sasl stuff, but not the SMTP sasl. The difference is the d. so use smtp_sasl_local_domain = smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous sorry, wrong. Use smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd and read the SASL_README in the postfix documentation. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 08:37 schrieb Martin Fahrendorf: Am Mittwoch, 24. September 2003 08:30 schrieb Martin Fahrendorf: [...] argh, can you see the obvious? you have enabled the SMTPD sasl stuff, but not the SMTP sasl. The difference is the d. so use smtp_sasl_local_domain = smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous sorry, wrong. Use smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd sorry again, missing one line. use smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd in your main.cf and in /etc/postfix/sasl_passwd use host.to-login.tomy-user-name:a-seecret-password and postmap it. and read the SASL_README in the postfix documentation. Martin Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 08:39 schrieb Thomas Deutsch: [...] The File looks now like: smtp_sasl_local_domain = smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous #broken_sasl_auth_clients = yes #smtpd_recipient_restrictions = permit_sasl_authenticated, check_relay_domains But Postfix don't want an Autentication. Why? To clearify something: Should postfix want a authentication from a client (as a server)? then you have to configure the smtpd stuff. Should postfix use authentication as a client (against a other server)? Then you have to configure the smtp stuff. The sasldb is only use in the first case. so you hav to use the smtpd_* things in your main.cf (as you had before). the sasl configuration file ist smtpd.conf. So what do you want to do? [...] Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 09:25 schrieb Thomas Deutsch: I don't have received your last mail, because my server was out of function. But I've read it in my Colleague's mailbox. My problem is that I try to configure the Mailserver in such a way that only authenticated mailclient can send emails trought my server. If I unterstand it correctly, must I take the smtpd stuff, right? But the smtpd stuff does not work proper, because the authentication always fails. so use smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes in your main.cf. use pwcheck_method: saslauthd in your smtpd.conf and configure your saslauthd to use pam (or what else you want) in your /etc/sysconfig/saslauthd file (remeber the d in smtpd.conf). Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 09:54 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Mittwoch, 24. September 2003 09:25 schrieb Thomas Deutsch: I don't have received your last mail, because my server was out of function. But I've read it in my Colleague's mailbox. My problem is that I try to configure the Mailserver in such a way that only authenticated mailclient can send emails trought my server. If I unterstand it correctly, must I take the smtpd stuff, right? But the smtpd stuff does not work proper, because the authentication always fails. so use smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes in your main.cf. use pwcheck_method: saslauthd in your smtpd.conf and configure your saslauthd to use pam (or what else you want) in your /etc/sysconfig/saslauthd file (remeber the d in smtpd.conf). Now I have it exactly how you write it above, but: [EMAIL PROTECTED] docs]# telnet homer.skydesign.org 25 Trying 80.218.8.41... Connected to homer.skydesign.org (80.218.8.41). Escape character is '^]'. 220 homer.skydesign.org ESMTP Postfix (2.0.6) (Mandrake Linux) ehlo bart.skydesign.org 250-homer.skydesign.org 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH CRAM-MD5 LOGIN PLAIN 250-AUTH=CRAM-MD5 LOGIN PLAIN 250-XVERP 250 8BITMIME AUTH PLAIN dGhvb***Z4OGc= 535 Error: authentication failed Ok, now it is time for debuging. add your testinghost to the debug_peer_list and set debug_peer_level to 4. reload postfix and retry your login. See the data in the log. Your password shuld be listed there (and many other stuff) See, if it is the correct password and username. Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 10:54 schrieb Thomas Deutsch: With debug_peer_level = 4, the syslog shows: Sep 24 10:49:58 homer postfix/smtpd[29656]: warning: adsl-212-101-20-210.solnet.ch[212.101.20.210]: SASL PLAIN authentication failed Sep 24 10:49:59 homer postfix/smtpd[29656]: warning: SASL authentication problem: unrecognized plaintext verifier saslauthd Sep 24 10:49:59 homer postfix/smtpd[29656]: warning: adsl-212-101-20-210.solnet.ch[212.101.20.210]: SASL LOGIN authentication failed So, I fear, saslauthd is not suported by your version of sasl. Which mdk are you using? and which sasl version? Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 12:47 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Mandrake 9.1 with cyrus-sasl-2.1.12-1mdk.i586 postfix-2.0.6-1mdk.i586 libsasl2-2.1.12-1mdk.i586 libsasl2-plug-plain-2.1.12-1mdk.i586 ok, no wonder. postfix in mdk9.1 needs cyrus sasl 1.5.28. So, please check your sasl packages. Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 13:04 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Mittwoch, 24. September 2003 12:47 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Mandrake 9.1 with cyrus-sasl-2.1.12-1mdk.i586 postfix-2.0.6-1mdk.i586 libsasl2-2.1.12-1mdk.i586 libsasl2-plug-plain-2.1.12-1mdk.i586 ok, no wonder. postfix in mdk9.1 needs cyrus sasl 1.5.28. So, please check your sasl packages. Hmmm I don't like downgrades. Is it enought when I upgrade my postfix to postfix-2.0.13-3mdk? postfix 2.0.13 needs a other openssl lib afaik. but you can try it. Btw: why do you want to use saslauthd? Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 13:18 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Mittwoch, 24. September 2003 13:04 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Mittwoch, 24. September 2003 12:47 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Mandrake 9.1 with cyrus-sasl-2.1.12-1mdk.i586 postfix-2.0.6-1mdk.i586 libsasl2-2.1.12-1mdk.i586 libsasl2-plug-plain-2.1.12-1mdk.i586 ok, no wonder. postfix in mdk9.1 needs cyrus sasl 1.5.28. So, please check your sasl packages. Hmmm I don't like downgrades. Is it enought when I upgrade my postfix to postfix-2.0.13-3mdk? postfix 2.0.13 needs a other openssl lib afaik. but you can try it. Btw: why do you want to use saslauthd? I don't know if I must use this. The only thing I want is that the system does not use the sasldb. I want use the nurmal users on the system. So use ldap as your user base and authenticate sasl against ldap. This is highly portable. You can use samba with ldap, sasl, maildrop and courier mail and some other stuff more. even postfix can use aliasing and all other map stuff with ldap. To the sasl stuff. It is very dangerous to mix up sasl2 and sasl1. mdk9.1 is a sasl1 base Distro. And it is not that easy to change everything to sasl2. If you don't use cyrus 2.1 it is better to keep the whole system to sasl1. There is no reason not to do, except of beeing state of the art. mfg Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Mittwoch, 24. September 2003 13:41 schrieb Thomas Deutsch: Martin Fahrendorf wrote: First, I have no idea how to configure ldap. Hey, it is woth a try. If you have more than 20 users, it is recommended imho. There is a realy great article about installing ldap at mandrakesecure.org from vincent. Second, when I install the Postfix-2.0.6 which comes with mdk 9.1 it does require to install cyrus-sasl-2.1.12. There is no option to install an older one. When I noe does urpme cyrus-sasl to install an older version of cyrus-sasl, postfix needs also be uninstalled. No, that is a misunderstanding. postfix requires a cyrus-sasl package. A version is not given in the requirements. I use sasl 1.5.28 (a patched one, to get ldap-auth working) on all my servers. and i deinstall the sasl2 stuff because no package in the whole mandrake distribution (besides cyrus imap 2.1 from contrib) need sasl2. I don't know why they even install sasl2. Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
echAm Dienstag, 23. September 2003 13:58 schrieb Thomas Deutsch: Hi Since three weeks, I tried to get SASL and Postfix working together. Since the last evening it works, but not really how I will. The problem is, that SASL will use the /etc/sasldb to authenticate the users, but I want to use pwcheck. But no of the Howtos I've found on the net has helped me. I've tried it with a smtp.conf file in /var/lib/sasl2, or in /usr/lib/sasl, or in /etc/sasl (in every howto is another path) but no one will work. For the Mandrake 9.0 and 9.1 use /usr/lib/sasl. The smtp.conf file looks like: pwcheck_method:pwcheck but saslauthd / postfix will always use the sasldb. This one depens on your selected authentication method. Sasl supports plain, login, digest-md5 and cram-md5 (at least). with digest/cram-md5 sasl always uses the sasldb. This is independent of the setting in your smtp.conf file. Only for plain text passwords, sasl is able to use all the alternative pwcheck_methods. Can anybody help me? Try it with a plain password. Remove the user from the sasldb file. Use saslauthd instead of pwcheck. greetings Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Dienstag, 23. September 2003 14:32 schrieb Thomas Deutsch: [...] I've tested it with remove the hole sasldb file. But it don't work. How can I remove the useres from the sasldb? saslpasswd -d Use saslauthd instead of pwcheck. It don't work. Hm, try to unchroot your postfix. Postfix with Mandrake uses chroot environment and saslauthd uses sockets to talk with the smtp programm. And btw: If you want authenticated sending of EMail TO your postfix use smtpd.conf if you want to send authenticated Mails FROM your postfix use smtp.conf. Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Dienstag, 23. September 2003 15:31 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Dienstag, 23. September 2003 14:32 schrieb Thomas Deutsch: [...] I've tested it with remove the hole sasldb file. But it don't work. How can I remove the useres from the sasldb? saslpasswd -d Thx, my sasldb is now empty. Use saslauthd instead of pwcheck. It don't work. Hm, try to unchroot your postfix. Postfix with Mandrake uses chroot environment and saslauthd uses sockets to talk with the smtp programm. In my master.cf, the line looks like: smtpinetn n n - - smtpd And btw: If you want authenticated sending of EMail TO your postfix use smtpd.conf if you want to send authenticated Mails FROM your postfix use smtp.conf. I will configure the second one. My /usr/lib/sasl/smtp.conf has the following line: pwcheck_method: saslauthd so you have un-chrooted the wron line. search something like smtp unix - - n - - smtp (remeber the missing d at the end). But it don't work. thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix with SASL
Am Dienstag, 23. September 2003 15:49 schrieb Thomas Deutsch: Martin Fahrendorf wrote: Am Dienstag, 23. September 2003 15:31 schrieb Thomas Deutsch: [...] so you have un-chrooted the wron line. search something like smtp unix - - n - - smtp (remeber the missing d at the end). Yes. I've now changed the y to n. Is it necessary to change the smtpd line back to y? Because it don't work The smtpd don't work? It don't work with chroot to y or n? Generaly it is not nessesary to use postfix chrooted. By default postfix on mandrake only listen on the loopback interface. And, if you want to configure something it is recomended to test it without the chroot and if it works as expected, enable chroot (if you realy need it). Thomas Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix help
Am Freitag, 12. September 2003 02:27 schrieb Bill Witherspoon: Hi All, I have been using postfix for sometime now, but am definitely not an *expert*. Anyhow, my problem is that I'm seeing more and more 'undeliverable' messages from ISPs that won't accept direct connections from a dynamic IP (I'm on a cable modem). I'm trying to setup postfix to relay through my ISP, but they use SASL for authentication. I have the relayhost variable set in my main.cf, but I get immediately rejected because I'm not authenticating (I assume). Can anyone point me in the right direction? TIA, Bill Read /usr/share/doc/postfix-xxx/README_FILES/SASL_README and there the section Enabling SASL authentication in the Postfix SMTP client. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] linux multitask performance?
Am Mittwoch, 10. September 2003 18:40 schrieb diego: I'd bet it's not using DMA With IDE drives: man hddparm would tell you the command, but no idea about how to get it when at scsi emulation :-(( It's the same. There are still the ide device names. So you can chenage de DMA via hdparm. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix TLS ? certificate creation ...
Am Freitag, 5. September 2003 11:31 schrieb Joerg Mertin: Hi Martin, you could be right for the missing stuff. After recreating the certificate with the newhostreq method - the newreq.pem was a null-file, e.g. empty. Does the generation of the certificate print any error? After recreating it with the normal newreq options - it's OK now. Here it's content (start of the file): Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: md5WithRSAEncryption Issuer: C=DE, ST=Neuchatel, L=Neuchatel, O=Solar System Servers, OU=Sun Server, CN=Joerg Mertin/[EMAIL PROTECTED] Validity Not Before: Sep 5 09:15:56 2003 GMT Not After : Sep 4 09:15:56 2004 GMT Subject: C=DE, ST=Neuchatel, L=Neuchatel, O=Solar System Servers, OU=Sun Server, CN=Joerg Mertin/[EMAIL PROTECTED] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): . etc So you have the problem with the password. The only difference between newhostreq and newreq ist the -nodes parameter in the system call which disables the password. However - with all the hints I got so far - I'm still n ot able to get it to work - as you can see from the syslog output. Sep 5 11:23:44 sun postfix/smtpd[29222]: starting TLS engine Sep 5 11:23:44 sun postfix/smtpd[29222]: unable to get private key from '/etc/newreq.pem' Sep 5 11:23:44 sun postfix/smtpd[29222]: 29222:error:0906406D:PEM routines:DEF_CALLBACK:problems getting password:pem_lib.c:105: Sep 5 11:23:44 sun postfix/smtpd[29222]: 29222:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:399: Sep 5 11:23:44 sun postfix/smtpd[29222]: 29222:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:707: Sep 5 11:23:44 sun postfix/smtpd[29222]: TLS engine: cannot load RSA cert/key data Sep 5 11:23:44 sun postfix/smtpd[29222]: connect from pandora.solsys.org[10.0.2.47] Could anyone having TLS working be so kind and check the openssl rpm's installed on his system - look similar to mine ? [EMAIL PROTECTED] etc]# rpm -qa | grep openssl openssl-0.9.7a-1.1mdk libopenssl0.9.7-devel-0.9.7a-1.1mdk libopenssl0-0.9.6i-1.1mdk libopenssl0.9.7-0.9.7a-1.1mdk I don't thing it is a problem with your openssl stuff. There is a little book about openssl at http://www.dfn-pca.de/certify/ssl/handbuch/ossl092/ (a little bit outdated, but still usefull - but it is in german). The problem is in creating the certificate. Thx Cheers Joerg Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix TLS ? certificate creation ...
Am Donnerstag, 4. September 2003 10:38 schrieb Joerg Mertin: Hia folks, seems the odds are against me. Just trying to get TLS working - but it won't. Seems - the password is missing. I do remember that under apache - you can circumvent this by calling an external script - but how to do this under postfix ? Followed the following HOWTO: http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_suppor t.html Here's how I created my certs. Under /usr/lib/ssl/misc ./CA.pl -newca (No empty password possible) ./CA.pl -newreq (No empty password possible) ./CA.pl -sign For host certificate generate a new entry in the CA.pl script. Add the followings lines } elsif (/^-newhostreq$/) { # create a certificate request system ($REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS); $RET=$?; print Host-Request (and private key) is in newreq.pem\n; under the line with -newreq and run ./CA.pl -newhostreq. and then use it as before. ... Thx Joerg Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix TLS ? certificate creation ...
Am Donnerstag, 4. September 2003 15:42 schrieb Joerg Mertin: Hi Martin, thx for the hint. Done it the way you suggested and here is wat came out: Sep 4 15:36:14 sun postfix/postfix-script: starting the Postfix mail system Sep 4 15:36:14 sun postfix: succeeded Sep 4 15:36:14 sun postfix/master[31278]: daemon started -- version 2.0.6 Sep 4 15:36:18 sun postfix/smtpd[31285]: starting TLS engine Sep 4 15:36:18 sun postfix/smtpd[31285]: unable to get certificate from '/etc/postfix/newcert.pem' Sep 4 15:36:18 sun postfix/smtpd[31285]: 31285:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:632:Expecting: CERTIFIC ATE: Sep 4 15:36:18 sun postfix/smtpd[31285]: 31285:error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib:ssl_rsa.c:765: Sep 4 15:36:18 sun postfix/smtpd[31285]: TLS engine: cannot load RSA cert/key data I did all the same steps - except replaced newreq with newhostreq. No Difference... Failure again. Anyone got another idea ? Do your newcert file looks something like this? Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: md5WithRSAEncryption Issuer: C=DE, ST=Hessen, ... Authority/[EMAIL PROTECTED] Validity Not Before: Jun 30 09:56:28 2003 GMT Not After : Jun 29 09:56:28 2005 GMT The error message says something like 'Certificate: Text missing in File' (PEM_read_bio:no start line:pem_lib.c:632:Expecting: CERTIFICATE:) BTW for testing reasons it is wise to disable the chroot stuff in postfix (in master.cf) smtpd reads the certificates before entering the chroot environment. Thx Cheers Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] advice please postfix ect.
Am Sonntag, 27. Juli 2003 20:12 schrieb richard bown: Hi Jack well a fair progress. I can send mail to myself routing it thru the mail redirectat freeparking, to dyndns and thru postfix on this machine , with evolution pulling the mail from /var/spool/mail. However there a small snag I send a mail from evolution to [EMAIL PROTECTED] thats sent to smtp.blueyonder.co.uk which sends it to freeparking which redirects it as [EMAIL PROTECTED] which sorta flys past dyndns to postfix on this machine. My hostname here is gb7tf.org.uk in /etc/postfix/aliases richard:[EMAIL PROTECTED] in /etc/posfix/virtual [EMAIL PROTECTED] richard in etc/postfix/main.cf mydestination = $myhostname, localhost.$mydomain rf-engineer.homelinux.com ##thats all 1 line the domain/host rf-engineer.homelinux.com is either virtual or it is in mydestination but never both. Think of it. mydestination defines the domain/hostpart which postfix consider as final destination to himself. virtual_alias_maps = hash:/etc/postfix/virtual alias_database = hash:/etc/postfix/aliases myhostname = gb7tf.org.uk myorigin = $mydomain masquerade_domains = $mydomain virtual_maps = hash:/etc/postfix/virtual canonical_maps = hash:/etc/postfix/canonical relayhost = smtp.blueyonder.co.uk I did get some help with the mydestination line on the club site tnx so what happens is the mail arrives addressed to [EMAIL PROTECTED] BUT it arrives in evolution as [EMAIL PROTECTED] and thats also the reply address which is not so good. You have to rewrite the recipient address (use the canonical map) At least I can send mail to myself and it takes a few 10's of seconds now , compared with up to 10 mins via my ISP's popserver, also their pop sever can take up to 30 mins to authenticate the password The marvels of microsoft :) Any ideas where where that missing part of the address is going on my system. The last time I played with mail servers was on NOS which is a clone of the NOS written by Phil Karn nearly 20 years ago. And then rewrite files were called rewrite files. TIA Richard And, if you are in doublt what postfix is doing look in the logs. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] advice please postfix ect.
Am Sonntag, 27. Juli 2003 22:18 schrieb Richard Bown: Hi Bill On Sun, 2003-07-27 at 20:08, Bill Mullen wrote: Ensure here that there is a comma after localhost.$mydomain. No there was'nt , but there is now There is no need for a comma. Postfix uses whitespaces or commas to seperate. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 07:46 schrieb Frankie: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of James ... Don't doubt you on this ... but if you are feeling left out ... I can send you some of what we get *grin*. James # Yeah, worst thing I did was add wildcard address's to the virtual file.. @mydomain.com franki between that and my postmaster admin accounts amount to about 30% or more of the 50-100 spam I get a day... If I didn't have spamassassin running on the server, I'd have been driven up the wall by now. The main problem with amavis and postfix is a missing feature in the current postfix version. You can not reject spam mails. So you lose ane defence line in your battle against spam. regards Franki Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 08:41 schrieb Martin Fahrendorf: Am Mittwoch, 23. Juli 2003 07:46 schrieb Frankie: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of James ... Don't doubt you on this ... but if you are feeling left out ... I can send you some of what we get *grin*. James # Yeah, worst thing I did was add wildcard address's to the virtual file.. @mydomain.com franki between that and my postmaster admin accounts amount to about 30% or more of the 50-100 spam I get a day... If I didn't have spamassassin running on the server, I'd have been driven up the wall by now. The main problem with amavis and postfix is a missing feature in the current postfix version. You can not reject spam mails. So you lose ane defence line in your battle against spam. Oh, the main problem is not amavis but spamassassin (but we run spamassassin by amavisd-new). Martin regards Franki Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 09:55 schrieb Joerg Mertin: Hi Martin, On Wednesday 23 July 2003 08:47, Martin Fahrendorf wrote: [...] The main problem with amavis and postfix is a missing feature in the current postfix version. You can not reject spam mails. So you lose ane defence line in your battle against spam. Oh, the main problem is not amavis but spamassassin (but we run spamassassin by amavisd-new). I know that I could reject spam directly through spamassassin - however - I do use the combaination: postfix, cyrus-imapd, spamassassin, anomyser - and have not yet found a decent script that rejects Spam when it comes in. Would be nice - as I have about 5 Persons (Friends) getting Mails through my server - and we're getting in about 50 Spams/Day ... Any hint on that, LInk I could read some stuff etc. The example that came with anomy/spamassassin-scripts are not all that satisfaying IMHO. Thx for a hint Joerg As Frankie said, the new postfix (the snapshot releases do it as well) kan handle the rejection via the proxy method. the first postfix instance take the mail but does not tell the sending server that it accepts it. Only if some proxy program like spamassassin accepts it, postfix accepts it too and the delivery contains. But if spamassassin says no, the mail will be rejected. There is no way to tell postfix reject spam mail with spamassassin in the current version. But afaik the snapshot versions of postfix are relative stable. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 10:49 schrieb Joerg Mertin: Hi Martin, thx for the hint. I might give it a try. However - what buzzes me here is that if you use the proxy method to identify spam - you have to get the spam anyway through it - don't you ? So - the spam will use your bandwidth to get analyzed by the proxy application - and the proxy application then returns a Spam-Detected message which will be interpreted by the postfix process and which will make that one reject the message definitly. IMHO - the only difference is that the remote side will get a reject message if I understood correctly the process. Please correct me if I'm wrong. Jepp, that's right. Do you think this reject message will inhibit spammers to send you more mail ? Hm, that is wild guessing. I think spamers dont want to waste bandwith, they want to get their mails read. If you silently delete the spam the spamer don't know if their mails get read or not. So they assume thei can send their mails again. If the spam get rejected they know that you don't accept the mail. It is up to the sending server to handle the rejection. Do they send spam again? Yes, I fear they see it as a kind of sport to get their spam trough. But doing nothing is no sollution. NOTE - the actual spamassassin/postfix/anomy method enables you to actually get the Mail in, spamassassin checks it through spamc/spamd - and if it's beeing detected a SPAM - you can tell the delivery script to delete it or move it to a local-file for laer analysis ... Cheers Joerg Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 19:10 schrieb Luca Olivetti: Frankie wrote: If the spam get rejected they know that you don't accept the mail. It is up to the sending server to handle the rejection. OTOH, since spam detection mechanisms are not perfect (and black lists based ones are evil), rejecting means you can lose good emails, while with filtering you give yourself (and your users) an option to look at the spam folder from time to time to see if a good message has been flagged as a false positive. Bye Jep, thats why we don't delete spam. there was some valid mails (it is realy spam too, but the receiver has subscribed to this list) droped by spamassassin. So we tag all spam and every user can set up a filter to delete the spam by a level she/he wants. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Dienstag, 22. Juli 2003 13:48 schrieb stefmit: On Tuesday 22 July 2003 12:18 am, Martin Fahrendorf wrote: Am Montag, 21. Juli 2003 22:18 schrieb JoeHill: Hello, ... I have the same setup at home (postfix for localhost, and dynamically assigned address), and what I found out from some receiving systems/ISPs was that they were rejecting my email not because of the membership to a specific pool of addresses, but rather because of the reverse lookup, that would either fail, or be dynamically associated with broadband or dial-up domains. The moment I registered my domain, and pointed back to my IP address (which - by the way - as dynamic as it was advertised, I just fixed it on my firewall, and never had a problem ;)), all emails started flowing just fine, regardless of the pool of IPs I was part of ... so check out this alternative, also. It is a little bit of both. Some dynamic IP addresses will be blocked because they are dynamic and some don't. The forward and reverse lookup is a complete different thing. every ip address and domain in e-mail traffic must be forward and reverse resolvable. sometimes it works without, but most of the time it don't. Stef Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Dienstag, 22. Juli 2003 20:56 schrieb James Sparenberg: On Tue, 2003-07-22 at 06:28, Martin Fahrendorf wrote: Am Dienstag, 22. Juli 2003 13:48 schrieb stefmit: On Tuesday 22 July 2003 12:18 am, Martin Fahrendorf wrote: Am Montag, 21. Juli 2003 22:18 schrieb JoeHill: Hello, ... I have the same setup at home (postfix for localhost, and dynamically assigned address), and what I found out from some receiving systems/ISPs was that they were rejecting my email not because of the membership to a specific pool of addresses, but rather because of the reverse lookup, that would either fail, or be dynamically associated with broadband or dial-up domains. The moment I registered my domain, and pointed back to my IP address (which - by the way - as dynamic as it was advertised, I just fixed it on my firewall, and never had a problem ;)), all emails started flowing just fine, regardless of the pool of IPs I was part of ... so check out this alternative, also. It is a little bit of both. Some dynamic IP addresses will be blocked because they are dynamic and some don't. The forward and reverse lookup is a complete different thing. every ip address and domain in e-mail traffic must be forward and reverse resolvable. sometimes it works without, but most of the time it don't. Stef The other thing I've run into..(Mainly with gnu list serv lists.) is that apparently the RFC requires that [EMAIL PROTECTED] exist. If it doesn't they will refuse all e-mail, Even if you have reverse DNS etc. Great idea now I'm guaranteed to have an e-mail address spammers can send to. It is not only this address. There are some more. If you dont hav all these addresses enabled you can find your server on a list of rfc-ignorant.org. There are som mail server outside which don't accept mails from servers listed in rfc-ignorant.org. But on the other hand, if you have problems with one Mailserver how can you inform the server administrator if the postmaster mailbox does not exists? BTW, in the last four years, I haven't got any spam on the postmaster mailbox. James Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Mittwoch, 23. Juli 2003 07:35 schrieb James Sparenberg: On Tue, 2003-07-22 at 22:04, Martin Fahrendorf wrote: Am Dienstag, 22. Juli 2003 20:56 schrieb James Sparenberg: ... But on the other hand, if you have problems with one Mailserver how can you inform the server administrator if the postmaster mailbox does not exists? BTW, in the last four years, I haven't got any spam on the postmaster mailbox. Don't doubt you on this ... but if you are feeling left out ... I can send you some of what we get *grin*. James No thanks. I fight spam as much as possible. And the next version of postfix will make it a little bit easier to reject spam. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Using Postfix to send mail.
Am Montag, 21. Juli 2003 22:18 schrieb JoeHill: Hello, I am on a small internal LAN which does not use a Domain name or even have a DNS server, well, except for the router in a way I suppose. Anyway, I want to try to use my mailserver, simply called localhost, to send mail out rather than my ISP's smtp server. Mainly a learning exercise, you know, start small and all that. I have used sendmail in the past and run into several problems wherein receiving domains see me as an open relay and bounce the mail back to me as potential spam. They don't do it weil because they see you as an open relay but because you have a dynamic IP address and those addresses were missused for spaming. They take the easy way and block whole known dynamic IP address ranges (It is something like that: oh, there are drivers of rented cars who can not drive so to be sure none of those drivers get on our roads lets block our roads to all rented cars). I a looking at the postfix docs right now, and I am confused about a few things. In my mail client, I choose sendmail for sending mail, but how does this relate to Postfix? Does Postfix simply receive all commands from sendmail and process them? postfix has a sanemail compatibility layer. the postfix/sendmail has nothing to do with the sendmail program. It is only called the same. There are some programs out there which needs a programm called sendmail with the known functionality of the famous sendmail. If so, how to I configure Postfix (I am assuming this is in /etc/postfix/main.cf) to let receivers know I am not an open relay and they have nothing to fear from me. You can not. All the big ISP which reject your mails don't care wether you can send mails from your own mailserver or not. I read in the docs that by default Postfix will not relay mail by default, so I rest easy that I am *not* an open relay, correct? It is not that easy. To run a mailserver is mor than to install postfix. you are responsible for your configuration and your users who are allowed to use your mailserver. And there are so many poor installed and configured mailserver out there. It is hard to collect all this servers with static ip addresses, but with dynamic addresses it is not possible. And, your intention may be not to build a open relay, but are you shure you ar the only person, who is able to configure your server? So, you may know that your server is save, but the rest of the wold only may guess. And you are not able to give a guarantee. Your server can not get prooven while changing the IP address. Anyhow, thanks for any assistance! So, in the beginnig, configure your mailserver to use the mailserver of your ISP as a relay. Please see the postfix FAQ on www.postfix.org. There are some config examples for this special needs. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Automated Mail with Mozilla
Am Mittwoch, 16. Juli 2003 23:37 schrieb Colin Close: Hi, I'm on holiday from the 28th July (first time in years) and I don't want to miss any mail from the lists. Does anyone know how to automate Mozilla to do auto downloads. I know I could do a cron for the timimg but I've no idea how to automate Mozilla Mail. Any suggestions gratefully accepted. Colin Close Why not use fetchmail? Btw, your clock is incredible fast. You live in the future. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Transfer mail from uw-Imap - Cyrus Imapd ?
Am Mittwoch, 2. Juli 2003 11:52 schrieb Joerg Mertin: Hi Folks, just a request. While I have a Server with loads of mails using the default Mandrake Imap-Server (uw-imap), I was wondering what would be the easyest way of migrating the Mails to the new Server - Cyrus Imap. Anyone got a Hint on where to look for ? I think there is no easy sollution. Try to run both servers parallel and you can copy every mail from one server to the other. Thx Cheers Joerg Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Setting up Cyrus-imapd/Posfix under Mdk-9.1
Am Sonntag, 29. Juni 2003 02:14 schrieb Joerg Mertin: Hi Folks, I have a slight problem with the Cyrus Server n a box I have (Via EPIA 5000 running Mandrake 9.1). I tried the cyrus-imapd version 2.1.12 from Contrib. Actually - the cyrus-imapd works, and the postfix Server too - if both ae not connected - but I get the followig mssage in the Postfix logs: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 15AD9B26E 394 Sat Jun 28 18:34:04 [EMAIL PROTECTED] (connect to /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: No such file or directory) [EMAIL PROTECTED] Hi, your solution solved one point. But I think you don't know the reason. In standard mdk9.1 postfix runs chroot, so does the lmtp process. That means, the file /var/lib/imap/socket/lmtp is there but postfix/lmtp needs this file in /var/spool/postfix/var/lib/imap/socket/lmtp. A hardlink should solve the prolem too. I think the new cyrus package solved this by adding the link or moving the socket into the postfix chroot jail. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Open relay using Postfix. Need config help.
Am Mittwoch, 25. Juni 2003 16:49 schrieb Ralph Crongeyer: Hi Ralph, Hi all, I have been using postfix for about a year or so and I needed to change my configuration and now I can't seem to get it working the same way I had it. At the end of my /etc/postfix/main.cf file I have: mydestination = $myhostname, localhost.$mydomain, $mydomain myorigin = $mydomain smtpd_recipient_restrictions = permit_mynetworks, check_client_access, hash:/etc/postfix/access, check_relay_domains and then in the /etc/postfix/access I have: 111.222.333.444 OK 222.333.444.555 OK and so on. But now, with this setup, anyone can send mail through? i.e. Open Relay. No, normaly not (if all your listed IP addresse ar static to the hosts you want to relay). I need it to beable to send mail for the entire domain and some clients outside the domain. The entire domain is matched by the mynetwork stuff. the outsiders should use smtp-auth. Ralph Don't use access-file to allow relaying unless the IP addresses you listed are absolute static. Use smtp auth instead. This is more flexible and users from dynamic IP addresses can relay through you mailserver too. Btw: does your smtpd_recipient_restrictions relay look like the list above? There should be a warning or an error in the logfiles (in /var/log/mail) about a mistyping. Normaly smtpd_recipient_restrictions should look like this (there is no comma between check_client_access and the hash table) : smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_unknown_sender_domain reject_non_fqdn_sender reject_non_fqdn_recipient permit_mynetworks check_client_access hash:/etc/postfix/access reject_unauth_destination and did you rehash the access file? Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Open relay using Postfix. Need config help.
Am Donnerstag, 26. Juni 2003 13:28 schrieb Pierre Fortin: On Thu, 26 Jun 2003 07:40:35 +0200 Martin Fahrendorf [EMAIL PROTECTED] wrote: Am Mittwoch, 25. Juni 2003 16:49 schrieb Ralph Crongeyer: smtpd_recipient_restrictions = permit_mynetworks, check_client_access, hash:/etc/postfix/access, check_relay_domains Btw: does your smtpd_recipient_restrictions relay look like the list above? There should be a warning or an error in the logfiles (in /var/log/mail) about a mistyping. Normaly smtpd_recipient_restrictions should look like this (there is no comma between check_client_access and the hash table) : smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_unknown_sender_domain reject_non_fqdn_sender reject_non_fqdn_recipient permit_mynetworks check_client_access hash:/etc/postfix/access reject_unauth_destination No, both forms are OK -- though it's easier to make mistakes with the comma separated list. The leading space form is better IMO, cleaner (then again, I prefer Python). IIRC, don't put comments in the middle though... Jep, thats right. Postfix treats commas like whitespaces. But nevertheless, the given restriction does not work (there must be a warning or a error from postfix). You can not continue one line without a leading whitspace in the continued line. But I think that is only a mailer issue (word wrap). Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Open relay using Postfix. Need config help.
Am Donnerstag, 26. Juni 2003 15:23 schrieb Ralph Crongeyer: Thanks for the tip, i'll try it. BTW, I can stop Postfix uninstall it and can still relay e-mail!!! What the heck is that all about? I mean imap shouldn't relay messages, right?? It's like there is another MTA running? Ralph Check ich a server is running. 'netstat -napt' will tell you all open ports. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Open relay using Postfix. Need config help.
Am Donnerstag, 26. Juni 2003 17:35 schrieb Ralph Crongeyer: 'netstat -napt' doesn't reveal anything odd. Ok so when I have smtpd_recipient_restrictions = permit_mynetworks, check_recepient_access hash:/etc/postfix/access, check_relay_domains It will relay for any host. Even if the /etc/postfix/access is empty (no IP addresses). No, It will not relay for any host. Not by default. so what is in mynetworks and what is in relay_domains. Or simply, add the output from postconf -n I thought that the /etc/postfix/access files list of address would only permit those machines to relay e-mail??? Is this right?? Not entirely. It allows receiving mails too. The restriction classes are somwhat difficult. Here is my situation. I need to have the mail server accept e-mail for the entire domain but only allow certin clients (or routers, for networks that masqurade ip addresses) to relay e-mail through the server. So take the default postfix configuration, change the mydestination to accept your domain mails, change the mynetworks and mynetworks_style to accept mails on any network devices you plug in your host, add permit_sasl_authenticated to your recipient restriction and add smtpd_sasl_* stuff to main.cf. Now you have to give usernames and passwords (via saslpasswd if you want to use sasldb) to your users you want to relay and up it goes. Beware, user password are mostly send unencrypted over the net, so use SSL/TLS encryption with postfix. Thanks Ralph Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Postfix Relay question...
Am Donnerstag, 26. Juni 2003 20:10 schrieb Ralph Crongeyer: OK, thanks to everyone's help it looks like I got my MTA configured right now. How can I allow a single client (IP address) besids the $mynetworks = 111.222.333.0/24, 222.333.444.0/24 variable or can I do it with that variable like $mynetworks = 111.222.333.0/24, 222.333.444.0/24, 333.444.555.10/24. Is that possable? Should be, but 333.444.555.10/24 is not a single host but a entire network. So only add networks to mynetworks if and only if you trust the entire network. Else add only single hosts (to access for example) or use authentification methods. What is the best solution for this?? Thanks, Ralph -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Mail address masquerading
Am Dienstag, 24. Juni 2003 11:55 schrieb Guy Van Sanden: Hi Does anyone know how I can rewrite addresses to the outside? What I want to do is this, I have an internal Email server with local users. My provider allows outgoing Emails only if the 'From' is an valid/existing domain. Now, I would like to set up something that couples users to alternate email addresses when sending mail outside the local network. e.g. map user gvs to [EMAIL PROTECTED] Is this possible? I'm interested in both options for Sendmail and Postfix (I'm currently running sendmail, but comtemplating the switch to Postfix). Thanks With Postfix use sender_canonical_maps (see sample-canonical.cf in /usr/share/doc/postfix-xxx/samples). You can map mail-sender addresses to others. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] a bit of a mailserver technical question
Am Montag, 23. Juni 2003 21:54 schrieb Adrian Golumbovici: Hi all, I just installed/configured/secured my own postfix server with a dyndns address. My dyndns entry is as MX server registered and it is working. I normally have about maximum 5 minutes offline time. My provider disconnects me each 24 hours, but linux PC connects again immediately and updates dyndns entry, which normally takes about maximum 5 minutes to propagate). In this time the dyndns still points to the old ip address, which is either not connected (no user got it in so short time) or points to someone who doesn't have the ports opened (no email server). I wondered what happens if someone/some-server tries to deliver me email in this time. Will it be bounced or will it retry and finally send it to me when connection available again? Best regards, Adrian There are three possible ways (mor or less): The mail is rejected (permanent error) by the host with your old ip address (this host is not configured to accept mails directed to you) so the sender will get a notification about the rejection. There is no further delivery attemp. The mail will be bounced by the host with your old ip address (temporary error). The sender will try to send the mail again. But, a correct configured mailserver would not bounce a mail which is directed to a not local domain, it will reject it instead (it is a relay access denied). If there is no host or the service is not available, the sending server will try it again. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] sasl
Am Montag, 2. Juni 2003 17:08 schrieb Jack Coates: Thanks Luca and Martin, There's a few things to answer so I went up the thread a bit and will try to do both. Luca noted, But it won't do you any good if all your secrets are in sasldb. What happens if you remove completely /usr/lib/sasl/smtpd.conf? (sasldb should be the default then). When I remove it, SASLDB keeps working. So, does this mean that the PAM setting never worked at all, and choosing a method which was somehow valid but not enabled caused the fallthrough to sasldb? I'm just very puzzled by it not working when I specify sasldb. and Luca also noted: This is wrong: the sasldb for v1 and v2 have a different layout, so they should be two separate and distinct files. This has nothing to do with your problem though. Sorry,I caught that and did the conversion, so the v2 sasldb now lives in /var/lib/sasl2/sasl.db Martin asked, What about to use sasldb as authentication method? One of the things I've done while looking on the web is to note that sasl's default sasldb location is /etc/sasldb, not /var/lib/sasl/sasl.db. So, I put in a symlink to the v1 version. This is a configuration issue at compiletime (or by *.conf file). By default mandrake uses /var/lib/sasl/sasl.db. It just started working when I switched to pwcheck_method: pam. By just started working, I mean 250-AUTH LOGIN DIGEST-MD5 PLAIN CRAM-MD5 250-AUTH=LOGIN DIGEST-MD5 PLAIN CRAM-MD5 And Martin notes This has nothing to do with the authentication mehtod (besides that only sasldb is able to handle *-MD5 passwords). This two lines only says thas smtpd is able to use those password encryption systems (or plain). Understood now -- so the presence of the *-MD5 options means that Postfix can now communicate with sasldb whereas it couldn't before. So, this could be caused by either the symlink of the v1 db into /etc, or the symlink of /var/lib/sasl2/ to /var/state/saslauthd (another change suggested by Googling). Not entirely; there are some libs in sasl (like libsasl7-plug-digestmd5 package). These libs gives sasl the capability to use digest-md5 or something else. The auth line only says that smtpd is able to handle *-md5 passwords. It don't mean that it is able to autehnticate with it (for example if sasldb is missing). now you're probably wondering what these two things have to do with one another... I know I am. I should also clarify that I turned off chrooting in /etc/postfix/main.cf many moons ago. wise decission. Urgency is decreased now, but I'm certainly intrigued by the PAM integration option and I will try to get that working. One possilbe problem is a wrong configure in the *.spec file of your changed sasl srpm. To be sure, recompile it again and watch for the configure line. there should be listed something like '--enable-pam'. thanks again, Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] sasl
Am Montag, 2. Juni 2003 07:31 schrieb Jack Coates: On Sun, 2003-06-01 at 19:48, Jack Coates wrote: ... I'm running out of ideas, and I need to get it working soon. Help, please :-) More info -- read enough and used testsaslauthd enough to decide sasl is basically working... I've now found an actual live and relevant error message! When I try to send an authenticated message, Postfix complains that whatever pwcheck method I specified in /usr/lib/sasl/smtpd.conf is unrecognized: Jun 1 22:12:57 felix postfix/smtpd[5896]: warning: SASL authentication problem: unrecognized plaintext verifier saslauthd Jun 1 22:17:09 felix postfix/smtpd[5958]: warning: SASL authentication problem: unrecognized plaintext verifier pwcheck One exception, pwcheck_method of pam gets no error message at all -- no mail, either, even if I... [insert filthy unprintables here] What about to use sasldb as authentication method? It just started working when I switched to pwcheck_method: pam. By just started working, I mean 250-AUTH LOGIN DIGEST-MD5 PLAIN CRAM-MD5 250-AUTH=LOGIN DIGEST-MD5 PLAIN CRAM-MD5 now you're probably wondering what these two things have to do with one another... I know I am. This has nothing to do with the authentication mehtod (besides that only sasldb is able to handle *-MD5 passwords). This two lines only says thas smtpd is able to use those password encryption systems (or plain). Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 D-60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
[expert] openLDAP in 9.1
Hi, I have done a upgrade from 9.0 to 9.1 yesterday and it works well so far. But the openLDAP stuff is messed up. in 9.0 the internal database ldbm uses db3 (afaik) but in 9.1 it uses gdbm. So you can not simply upgrade the package. So why is gdbm used for the 9.1 ldap server? Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] print multi-page TIFF files?
Am Dienstag, 1. April 2003 03:19 schrieb Jack Coates: any one have a way to print a multiple-page fax sent as a TIFF? I hate to boot VMware just to print it, but it looks like that's the only option -- everything in Linux only shows page 1. ah, you can do it with efix (part of the efax package) simply run 'efix tifffile.tiff psfile.ps'. But afaik kfax can do it too. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] Kernel and glibc updates?
Am Samstag, 22. März 2003 01:38 schrieb Vox: This time Bryan Whitehead [EMAIL PROTECTED] becomes daring and writes: Are we going to be getting kernel updates for the local root problem? Vincent and the kernel dudes are working on this...some time next week you'll get them. Meanwhile you can do, as root: echo /path/to/non-existant/file /proc/sys/kernel/modprobe So, what does this exactly do? And you'll be protected. Vox Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] postfix configuration ?
Am Donnerstag, 6. März 2003 16:11 schrieb Carter Harris: I installed postfix during the installation of my 8.2 mandrake os. The postfix version is 20020228, I think. I am trying to setup postfix using the Postfix+Courier-IMAP+MySQL documentation but I'm getting the following error message: Mar 6 08:56:55 linuxserver postfix/qmgr[15746]: fatal: unsupported dictionary type: mysql Mar 6 08:57:00 linuxserver postfix/tlsmgr[15747]: fatal: unsupported dictionary type: mysql Mar 6 08:57:39 linuxserver postfix/smtpd[15810]: fatal: unsupported dictionary type: mysql Mar 6 08:57:45 linuxserver postfix/pickup[15812]: fatal: unsupported dictionary type: mysql I looked on google and found a couple of references to email archives for another distro that indicated that postfix was not compiled with the correct modules and thus generated this message. Can anyone tell me what modules are included in the standard mandrake compile of postfix or how to see what modules were included? I know in apache I can -l and get a list but that according to the man pages postfix doesn't support something similar. Thanks for a reply. Carter AFAIK, mdk does not link postfix to mysql by default. So use the SRPMS and change the spec file to your needs. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] pgp0.pgp Description: signature
Re: [expert] what could be wrong? PHP viewing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Montag, 24. Februar 2003 13:42 schrieb David McGlone: Hi all, I created a test.php app and put it in /var/www/html but Konq will not display it, but instead asks if I want to open it using Kwrite. I have all php apps installed, apache, and mysql. http://localhost works fine, but viewing PHP scripts isn't working. Any ideas? Thanks, You have enclosed your php script in ?php ... ?, did you? Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+WhpOBG198cnayKQRAjTeAJ4ly3xmFX8yZLJrGSa/AI2ObEaSqgCfS342 DBmC0JDq36f92/rW5JRLBag= =IO6z -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] what could be wrong? PHP viewing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Montag, 24. Februar 2003 15:22 schrieb David McGlone: On Monday 24 February 2003 08:12 am, Martin Fahrendorf wrote: yup, sure did: html head titlePHP Test/title /head body ?php echo pHello World/p; ? /body /html Usualy there is a file php.conf in the dir /etc/httpd/conf/addon-modules. This should contain something like IfModule mod_php4.c AddType application/x-httpd-php .php .php4 .php3 .phtml AddType application/x-httpd-php-source .phps /IfModule And, of course, it should be included either from httpd.conf or from commonhttpd.conf with a line like Include conf/addon-modules/php.conf Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+WjIlBG198cnayKQRAgsmAJ4gRMoRkk5+mLZ1GFx/OhqOpa5vtgCfZQ2i vb3u8xFwWgClZuoDAsLjtJ0= =EPkG -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Xnest questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Donnerstag, 13. Februar 2003 10:21 schrieb Chuck Burns: On Friday 14 February 2003 3:16 pm, Dave Laird wrote: *snipped stuff about xnest gui* In case your findings come to you off this list, could you please forward any information you may find about this? I've begun playing with Xnest, too, and would like to have a gui tooie. 8-) Dave certainly. And here's another question I would like to pose... Let's just say I have an old box, and I want to run gdm on it, so I can xdmcp into it.. BUT! here's the kicker.. I dont want X to run on the box locally... IOW, I don't want X to take up a VT on the system, ONLY be a remote X server.. anyone have any ideas here? :) I don't know about gdm, but with xdm and kdm change the file /etc/X11/xdm Xservers: Comment out the line ':0 local /bin/nice -n ...' and run telinit 3; telinit 5 and there will be no X server running localy, but accepts any xdmcp connections. Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+UIomBG198cnayKQRAqvSAJ4025teY7qS2rHc1eMugCVpkHSUaACfYltJ ZVfDyrgsq9sJ3y6guDFgJWQ= =3i5q -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix sasl smpt auth problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Sonntag, 16. Februar 2003 16:03 schrieb leo: Sometime ago i had setup a mdk8.2 machine with postfix and sasl which worked great. Now I've got another machine where i installed mdk 9.0 and did the same configuration but when I try to telnet into the postfix server i get 535 Error: authentication failed: 220 server.home ESMTP Postfix (1.1.11) (Mandrake Linux) ehlo client.home 250-server.home 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH CRAM-MD5 LOGIN DIGEST-MD5 PLAIN 250-AUTH=CRAM-MD5 LOGIN DIGEST-MD5 PLAIN 250-XVERP 250 8BITMIME auth plain dGVzdGUAdGVzdGUAdGVzdGVwYXNz 535 Error: authentication failed I've checked the password many times and it seems to be correct. Mailclients (outlook) also cannot login. I'm using the sasldb method. Does anyone has any ideas abou this? ___ Leonardo Sá Recife - PE - Brazil Just a shot in the dark, did you copy the sasl passwordfile to /var/spool/postfix directory (if you use sasldb)? If you don't want to copy this file, disable chroot setting in /etc/postfix/master.cf. Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+UI0ABG198cnayKQRAoxpAJ4zqJGpnI7y1Fw3MHk3ex31Mb55qACaAgLF HlniaoEY7oehElIGoXtyxaY= =1GbH -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Postfix nonsense
Am Montag, 27. Januar 2003 15:53 schrieb Kwan Lowe: On Mon, 2003-01-27 at 02:25, Martin Fahrendorf wrote: this is no postfix nonsens, it is a nonsens in coniguration of postfix by mandrake. chroot is a very secure way to do something IF YOU KNOW WHAT YOU WANT. Please, Mandrake, disable the chroot stuff of postfix (at least the default settings). It is not worth the trubble. disable all the chroot stuff in /etc/postfix/master.cf and the configuration is much easier. This is probably one of those things that Mandrake is damned if they do and damned if they don't. I think chroot'ed Postfix is a good idea and well worth the hassle of configuring and hope that Mandrake continues to do so. I can understand some of the frustrations that some of you are seeing, but I'd rather they err on the side of caution than ship a less secure product. I think there is a reason, why Wietse Venema always pointed out, that chroot is only for experienced users. it is not easy to set up. Even if you dont have static IP addresses. Everytime you get your internet connection, you have to sync some config files (and you have to know which ones). Its is not that easy, to sync it only on postfix startup. An what is the benefit? in the default configuration of mandrake, postfix listens only on localhost device, so only local users are able to harm your host. But there are easyer ways for local users than compromize postfix. Na, I think chroot of postfix is not woth the trouble. Especialy, as long as bind is running not chroot. The simpliest way is to combine the chroot flags from postfix with the msec settings. in the secure mode 'higher' and 'paranoid' they use chroot and in all the other settings they don't. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg65055/pgp0.pgp Description: signature
Re: [expert] Postfix nonsense
Am Freitag, 24. Januar 2003 18:35 schrieb Praedor Atrebates: I am running into ridiculous problems with postfix that I do not understand. I have a valid fully qualified hostname (stonekeep.ravenhome.net). I have DNS setup (right now by kppp with entries for my proper DNS's in my resolv.conf file. If I ping yahoo.com, no problem, it pings as expected. If I send an email to myself at yahoo.com via my local postfix, however, I get a messages thus: Jan 24 17:29:20 stonekeep postfix/smtp[3701]: 95785402248: to=[EMAIL PROTECTED], relay=none, delay=1565, status=deferred (Name service error for yahoo.com: Host not found, try again) What?! Is postfix retarded? Why is it not able to use the DNS like every other net app on my system? Why can't it find yahoo.com? I have also run into this with a few other email addresses that DO exist yet postfix refuses to send because the hostname couldn't be found. What does it take for postfix to accept DNS reality? I am not sure that this message will get out either but on the off-chance that it does...Help please? I have a number of other problems I need to work out via other mailing lists and this inability to mail extant domains is killing me. praedor Hi, this is no postfix nonsens, it is a nonsens in coniguration of postfix by mandrake. chroot is a very secure way to do something IF YOU KNOW WHAT YOU WANT. Please, Mandrake, disable the chroot stuff of postfix (at least the default settings). It is not worth the trubble. disable all the chroot stuff in /etc/postfix/master.cf and the configuration is much easier. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg65004/pgp0.pgp Description: signature
Re: [expert] IMAP clients very slow
Am Mittwoch, 22. Januar 2003 09:15 schrieb Stefano Pogliani: Why IMAP clients on Linux (Mozilla, Evolution especially !!!) are much slower than using IMAP clients on Windows (on the same Linux IMAP folders) ? It seems strange, but it is much quicker to work from a remote Windows machine than from a local Linux one! There is certainly something I am missing. TIA /Stefano Stfano, it is realy hard to implement an imap client. and it is much complicated while using different imap server with different implementation of imap. some server dies not support this and others does not support that. So some client does not support this and others does not support that. And the next problem is, this is not neccessary the fact for all client-server combinations. mozilla works great with the cyrus imap server but possibily not so great with the uw imap server. So, eveolution seems to work not so great with the uw server. simply try out the courier server. Possibly evolution is much faster with this one. Btw. normaly courier is much faster than uw and more secure. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64760/pgp0.pgp Description: signature
Re: [expert] Evolution VERY SLOW
Am Mittwoch, 22. Januar 2003 12:15 schrieb Stefano Pogliani: Mark, which things should I look at in order to confirm your diagnosis ? TIA Does the command 'host my-imap.server.com' return the ip address very quick or does it not. do you have setup a dns server? /Stefano On Wed, 2003-01-22 at 12:04, Mark wrote: Hello Stefano, Not sure what's is causing the problem that you having.. but my guess is that it could be DNS related forward and reverse problems and the way your workstation or the server is resolving... The IMAP folders that I use in the standard Evolution usually end up with quite a few thousand messages in them before I archive them.. The speed is very quick.. Cheers Mark Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64764/pgp0.pgp Description: signature
Re: [expert] imap server and kmail features
Am Dienstag, 21. Januar 2003 14:37 schrieb Ric Tibbetts: On Tue, Jan 21, 2003 at 08:30:30AM +0100, Martin Fahrendorf wrote: Content-Description: signed data Am Dienstag, 21. Januar 2003 02:58 schrieb bascule: i've been doing some reading with the intention of setting up a box to collect all my mail so that i can use imap to look at mail from any box and any os but i just thought of what for me could be a showstopper, i use the multiple identities feature of kmail a lot, mail is sorted into folders and identities associated, now maybe i could set up all my linux installs with kmailset up individualy but this seems to be missing the point, plus on win what? i have been assuming that fetchmail would be fetching mail from my isps, procmail would put it into mail folders on the server and some imap server would server them out to the lan, assuming i have this right is there a way to avoid find a client for each machine that supports the features of kmail and having to configure it seperately, is the only way to run kmail locally in an x session on the server and use vnc or something over the lan? bascule Forget K-Mail. It won't filter into imap folders. Go with either Mozilla Mail, or Evolution. Either one does an excelent job of filtering into imapp folders. I use this set up myself, so that I can always get to my mail, from any client, anywhere, and ALL my mail is there. I got tired of the POP thing a long time ago, when all my mail was on myh home desktop, and I was traveling with a laptop. IMAP is the way to go. Ric To state it clear, it is not the job of a E-Mail client to filter something on a imap-server. You can contact with a lot of different clients an it is not a funny job to configure it always to the same filter. so use the filter, the imap server offers to you and your mail will be filtert regardles of the ability of your mailclient. So you can use sylpheed or mutt on a remote connection and mozilla, kmail or evolution on your local Unix connection and (for those who realy want) Outlook on a Windows system. Thas what IMAP is for. Martin PS: If your IMAP server doe not support filter, drop it and use either courier or cyrus. -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64720/pgp0.pgp Description: signature
Re: [expert] imap server and kmail features
Am Dienstag, 21. Januar 2003 17:08 schrieb Ric Tibbetts: On Tue, Jan 21, 2003 at 09:44:52AM -0600, Chuck Burns wrote: On Tue, January 21 2003 9:26 am, Tibbetts, Ric wrote: *snip* You can't possibly be suggesting to add filters directly into imap, for every user... If you had a system with 1000 users, and they had 20 filters each... That's hardly practical. That is why it *IS* the job of the client to do it's filtering. If it cannot do it properly, find a client that will, there are plenty out there. *snip* That's exactly what he is saying, and it is quite feasible. If your users want their mail filtered, they can set up their personal procmail settings in their own home directory, if they dont, then they dont have to. -- Chuck Burns, Jr [EMAIL PROTECTED] Agreed. They can. IF they have 1) the access, and 2) the ability. Not everyone does. If I were to use the e-Mail address from my ISP for example, I would not be able to do that. I do not have access. I'd have to set up fetch mail on my Linux box, and get the mail from them, and filter it locally. That would only work for one box. What if I had 3 or 4 different laptops that I might carry around. Plus, need to access my mail from nearly any i-net attached client. I'd need to depend on the client to do the filtering. And indeed, many do it right. Mozilla Mail, Netscape Mail, Evolution, etc. If they can't I don't use them. It's that simple. If someone want's me to use their e-Mail client, it needs to properly support IMAP filtering. All the rest is just techno-geek toys. I, and my users, just want to read our mail. I'm not going to go to excessive measures on the servers make that happen. IMAP does the job exceedingly well, and it serves to any client, be it Linux, Mac, or Windows. I can check my mail from any client, anywhere in the world. As long as it properly supports IMAP filtering. People like to diss Netscape. But what other client is out there that properly supports IMAP filtering and will run on ANY OS?!? All that other stuff is just more stuff to go wrong, and more stuff to maintain. A straight up, out of the box IMAP server will exactly what I need it to do, with minimum fuss, and muss. Isn't that how this stuff is supposed to work? Ric Hi Ric, think a little bit different. Naturally, you can and should be able to use the filter from your mozilla, netscape and others. But think of users who want to use their web-Mail frontend sometimes and don't want to have all the Mails for the mailinglists. Yes, of course, this is only usefull, if the user has acces to the filter (with procmail you have to get a real accout, with cyrus you can use sieve (build in) and with courier you can use the filter build in maildrop). The best is to get both. Martin ---==--- Involvement with people is always a very delicate thing -- it requires real maturity to become involved and not get all messed up. -- Bernard Cooke Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64726/pgp0.pgp Description: signature
Re: [expert] hostname and postfix
Am Montag, 20. Januar 2003 07:28 schrieb bascule: so, what have i forgotten, it's clear that #hostname -f gives the required result but i still get: [root@mycroft bascule]# mail bascule Subject: test Cc: Null message body; hope that's ok [root@mycroft bascule]# send-mail: warning: My hostname mycroft is not a fully qualified name - set myhostname or mydomain in /etc/postfix/main.cf postdrop: warning: My hostname mycroft is not a fully qualified name - set myhostname or mydomain in /etc/postfix/main.cf [root@mycroft bascule]# postfix calculates the domainname from your hostname. so a hostname like my.hostname.com results in a domainname hostname.com. if your hostname is simply my, there is no way to get the domain name. so either specify your hostname as bascule.excession or change the entries mydomain and myhostname in /etc/postfix/main.cf. btw: please disable the chroot settings of postfix. This stuff brings only confusion to the user. Why handle two resolv.conf etc. and even Wietse Venema says: only experienced users should use chroot. note i haven't touched ../main.cf or ../main.cf.default and i don't see why i should since i didn't touch them on a previous box i installed 9.0 on, the only difference here is that this is a clean install and the other install was an upgrade from 8.2 so if there any ideas beyond 'this is really simple man just issue #hostname mycroft.excession' and 'edit /etc/sysconfig/network' or 'edit /etc/hosts' or 'you can't be doing it right', i would be grateful to hear them bascule Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64704/pgp0.pgp Description: signature
Re: [expert] imap server and kmail features
Am Dienstag, 21. Januar 2003 02:58 schrieb bascule: i've been doing some reading with the intention of setting up a box to collect all my mail so that i can use imap to look at mail from any box and any os but i just thought of what for me could be a showstopper, i use the multiple identities feature of kmail a lot, mail is sorted into folders and identities associated, now maybe i could set up all my linux installs with kmailset up individualy but this seems to be missing the point, plus on win what? i have been assuming that fetchmail would be fetching mail from my isps, procmail would put it into mail folders on the server and some imap server would server them out to the lan, assuming i have this right is there a way to avoid find a client for each machine that supports the features of kmail and having to configure it seperately, is the only way to run kmail locally in an x session on the server and use vnc or something over the lan? bascule Hi bascule, kmail is currently not able to filter into imap folders. so you have to filter in the imap or something else (postfix, sieve... depends on your imap server). the other thing: you either can use nfs to share your home-account over the network, so you only need the settings once, or you have to configure it on every host you use. But you can simply copy the neccessary files to all hosts you want to use. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64705/pgp0.pgp Description: signature
Re: [expert] MTA help (maybe)
Am Mittwoch, 15. Januar 2003 04:51 schrieb Bill Witherspoon: Thanks for the responses, Here's what I think I've learned (please correct me): 1) Mutt doesn't have any SMTP code (although oddly it appears that the Windows very does??) 2) sendmail/postfix/qmail/exim - full blown mail servers that for my single workstation seems a bit overblown. They also appear to like having a 'real' domain names to work with. 3) gui apps that require XFree86 like Kmail/Sylpheed that do pop/imap reading, and smtp/auth sending. Perfect if I run a Gui. 4) some simple daemons that do smtp like nullmailer, but do not do smtp/auth. (There's an open invitation to add that to nullmailer (if you're good at C++) on their mailing list). Has anyone run into a similar roadblock trying to Mutt without postfix/sendmail? Hm, try esmtp from cooker. This litte Program does SMTP-AUTH. TIA, Bill Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64271/pgp0.pgp Description: signature
Re: [expert] MTA help (maybe)
Am Dienstag, 14. Januar 2003 03:28 schrieb Bill Witherspoon: Hi all, I'm trying to set up the following: 1) fetchmail getting my POP mail from my ISP. 2) Using procmail to filter, and deliver into my local mailbox. 3) Using Mutt to read it but I'll be darned if I can send mail. I think the word I'm looking for is 'relay' (please correct me). I need to authenticate to my ISP no, relay is to forward (relay) a mail from a host outside your network to another host outside your network. All hosts inside your network usualy does not need to relay. (sasl?). I've tried looking at postfix sendmail but all the docs are setup for server type applications. I have no need to send mail either locally or to remote machines. I *just* need to relay to my ISP ;-) Do I really need full blown sendmail just to give mail to my ISP? Any help would be appreciated. (course both sylpheed kmail can do it!) No, you don't need a full mta. especialy not with smtp auth and all its trapdoors. KMail (for example) can do smtp auth by itself (I think mutt can do it, too). But, If your host runs longer than a couple of hours (lets say 24hours a day) It is far better to have a mta running (at least in the default configuration). Every failure in a cronjob is reported by mail. And some msec reports too. So you don't get this information if you don't have a mta running. Martin Bill -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64171/pgp0.pgp Description: signature
Re: [expert] pgp sigs
Am Freitag, 10. Januar 2003 19:26 schrieb Todd Lyons: Charles A Edwards wrote on Fri, Jan 10, 2003 at 01:22:15PM -0500 : Mark, your messages are not recognized by mutt as being signed messages. I can tell this because I can see your pgp sig as quoted above instead of being verified. Could we do some offlist email exchanges to see what is the culprit in this? I can see possibly filing a bug report to the mutt guys. Isn't he just using clear sign Yes, but so am I. Mine get verified. His don't (at least not on my system). So I'm trying to figure out who's non-compliant, mutt or mozilla or kmail or sylpheed or etc. I get yours verified, but not Marks (using KMail 4.1rc6). Marks public key is missing and I can't get it from a public keyserver. Martin Blue skies... Todd -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg64107/pgp0.pgp Description: signature
Re: [expert] MySQL not starting at boot
Am Samstag, 19. Oktober 2002 21:51 schrieb David Guntner: This question was asked by someone else earlier, but I never saw a response. Sorry if one was given and I was just being blind... :-) I've done chkconfig --add mysql so I know it should be starting. When checking the comments at the beginning of the /etc/rc.d/init.d/mysql script, I see: # Comments to support chkconfig on RedHat Linux # chkconfig: 2345 90 90 # description: A very fast and reliable SQL database engine. Which says that it should be getting started in run levels 2 through 5. And yet, upoon booting, there's no mysql daemon running. I have to manually do a /etc/init.d/mysql start to bring it up. Checking the startup configuration, I find: # chkconfig --list mysql mysql 0:off 1:off 2:on3:off 4:on5:off 6:off Ok, so how come mysql is only set to come in in run levels 2 and 4, when the comments at the beginning of the script say 2 through 5? I'm thinking that maybe it's related to running msec level 4. If that's the case, how do you override and tell it to allow that service to run at startup? Any help would be appreciated. --Dave Hey, a little late, but I found the sollution. The 'off' in runlevel 3 and 5 is caused by the lsb stuff. somewhere in the mysql file in /etc/init.d there are the lines # Default-Start: 3 5 # Default-Stop: 3 5 but they should be # Default-Start: 2 3 4 5 # Default-Stop: 1 6 I is obvious, now, why runlevel 3 and 5 does not start mysql. Its a Bug in the mysql init-script. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg63025/pgp0.pgp Description: signature
Re: [expert] Postfix does not work after migrating to 9.0
Am Montag, 16. Dezember 2002 09:58 schrieb Stefano Pogliani: I migrated yesterday to 9.0. I saved my account and the etc structure so that (I thought) I could reconfigure easily. So, In 8.2 I had an IMAP service on my PC which was using the Postfix SMTP. My server is scarlet.poglianis.net (the domain does not exist in reality, it is just inside my firewall). I tried to configure all the postfix files as they were before, but NO LUCK. When I try to connect to any of my IMAP folders, I get the error saying Could not connect to mail server scarlet.poglianis.net; the connection was refused. What did I do wrong? I saw that the config of postfix changed between 8.2 and 9.0. (at least the part under /var/spool/postifx seems to have changed quite a lot). Thanks a lot indeed. Best regards /stefano postfix does not play IMAP! does your connect to IMAP fail or your connect to SMTP? If IMAP failes check /etc/hosts.{allow|deny} and the open ports. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62855/pgp0.pgp Description: signature
[expert] rmmod used kernel-modules
Hi, how can i rmmod a user kernelmodule? The Problem: xsane craches during a scan. after a restart it can not find any valid scanner. So i tried to unload the scanner kernel module but it say 'resource busy' but there is no prozess hanging on /dev/usb/scanner0. So Only a restart enables my scanner (just like windows). Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62871/pgp0.pgp Description: signature
Re: [expert] Geheimnis
Am Freitag, 6. Dezember 2002 10:13 schrieb Guy Van Sanden: Hello Does anyone know where to get RPM's for geheimnis? IMO, it's the best graphical tool for GnuPG. Alternative suggestions are also welcome (I've tried gnomepgp, tkpgp, gpa). Thanks Guy try kgpg. It has a nicely konqueror plugin to encrypt files via rmb. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62260/pgp0.pgp Description: signature
[expert] openPGP
Hm, there is something weired in this mailinglist. All mails from me and from vox gets a warning with invalid signature. someon is changeing the content on the way (and it is not my mailserver). there are changes from '=2D' to a '-'. The Mails on the secureity-discuss mailinglist works very well. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62264/pgp0.pgp Description: signature
Re: [expert] openPGP
Am Freitag, 6. Dezember 2002 12:50 schrieb Wolfgang Bornath: On Fri, Dec 06, 2002 at 12:03 +0100, Martin Fahrendorf wrote: Content-Description: signed data Hm, there is something weired in this mailinglist. All mails from me and from vox gets a warning with invalid signature. someon is changeing the content on the way (and it is not my mailserver). there are changes from '=2D' to a '-'. Hallo neighbour (living in the same town!), What I see in Mutt is: gpg: Unterschrift vom Fre 06 Dez 2002 12:03:04 CET, DSA Schlüssel ID C9DAC8A4 gpg: Unterschrift kann nicht geprüft werden: Öffentlicher Schlüssel nicht gefunden For the non-German readers: gpg: Signature cannot be verified: No public key found I checked the connection to the keyserver by letting a friend send a signed mail and it worked all right. Don't know whether this has anything to do with your question, though. no, not realy. you can download my public key form 'blackhole.pca.dfn.de' or I can send you my public key by mail. Then mutt should say that the signature does not match the mail (because the content was changed). wobo Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62272/pgp0.pgp Description: signature
Re: [expert] openPGP
Am Freitag, 6. Dezember 2002 18:10 schrieb Vincent Danen: On Friday, December 6, 2002, at 07:01 AM, Martin Fahrendorf wrote: there is something weired in this mailinglist. All mails from me and from vox gets a warning with invalid signature. someon is changeing the content on the way (and it is not my mailserver). there are changes from '=2D' to a '-'. In some, not so rare, instances, sympa will rewrite messages and insert MIME data instead of regular text data which, of course, screws up gpg sigs. ezmlm-idx, which runs the MandrakeSecure lists, doesn't have this peculiar behaviour. Todd Lyons and I tracked down sympa as the culprit a few months ago, but I'm not sure what the reason for sympa doing it was (it was a particular characteristic of an email). Something like a space behind a triple dash or something. Ah, thanks. Nice to know. Martin -- MandrakeSoft Security; http://www.mandrakesecure.net/ lynx -source http://linsec.ca/vdanen.asc | gpg --import {FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg62285/pgp0.pgp Description: signature
Re: [expert] traffic control
Am Mittwoch, 27. November 2002 13:44 schrieb Alex Bennee: On Tue, 2002-11-26 at 08:06, Martin Fahrendorf wrote: It is realy a version mismatch. I grabed the tc-patch from http://luxik.cdi.cz/~devik/qos/htb/ and replaced the patch in the src.rpm with it and after a rebuild it runs like a charme. So it seems to be a bug in the iproute2 package. Do you have any pointers to replacing patches for rebuilding src rpms? I've been meaning to try deviks connbytes patch but I wanted to do it in the context of the MDK RPM's without manually extracting source and patches and building from scratch. Install the iproute2 src rpm grab the tc-patch from the web-page above and replace the iproute2 patch 'iproute2-htb.patch.bz2' with this tc-patch (rename and bzip2 it of course). a rpm -bb /usr/src/RPM/SPEC/iproute2.spec and a little later there is a ready mdk rpm in /usr/src/RPM/ix86. Of course the mdk signature is missing, so rpmdrake is complainig about it. If you change the Release Name in the .spec file to 4.1mdk before you run rpm -bb you can simply run a rpm -Fvh to the resultin package. I hoped someone at madrake would fix this bug so we can get a new package official from mandrake. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg61774/pgp0.pgp Description: signature
Re: [expert] traffic control
Am Montag, 25. November 2002 14:25 schrieb Martin Fahrendorf: Hi there, I have played a little bit with the traffic control system (tc) and the hierachicak tocken buckets (htb) to limit the use of some services (those mules und donkeys). I have mdk9 and all the tools and kernelmodules are in there, but they have a version mismatch. the command tc qdisc add dev eth0 root handle 1: htb default 12 failes and logs in the syslog: kernel: HTB init, kernel part version 3.6 kernel: HTB: need tc/htb version 3 (minor is 6), you have 10 It is realy a version mismatch. I grabed the tc-patch from http://luxik.cdi.cz/~devik/qos/htb/ and replaced the patch in the src.rpm with it and after a rebuild it runs like a charme. So it seems to be a bug in the iproute2 package. Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg61676/pgp0.pgp Description: signature
[expert] traffic control
Hi there, I have played a little bit with the traffic control system (tc) and the hierachicak tocken buckets (htb) to limit the use of some services (those mules und donkeys). I have mdk9 and all the tools and kernelmodules are in there, but they have a version mismatch. the command tc qdisc add dev eth0 root handle 1: htb default 12 failes and logs in the syslog: kernel: HTB init, kernel part version 3.6 kernel: HTB: need tc/htb version 3 (minor is 6), you have 10 what to do? some comments? Martin -- H E L I X Gesellschaft für Software Engineering mbH Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 http://www.helix-gmbh.net[EMAIL PROTECTED] msg61624/pgp0.pgp Description: signature
Re: [expert] LM 9.0 - Install Fails - SCSI Disks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Mittwoch, 13. November 2002 22:18 schrieb Albert E. Whale: Can someone PLEASE explain to me why on Earth I cannot install LM 9.0 on a SCSI based system? It was running 8.2 fine, and my upgrade failed (something about the RPM Database rebuild failed, which then lead to an X Windows CRASH). After that I attempted Twice to Install LM 9.0. Each time fails at a different Point in the installation. WHY MUST I Boot off of the Floppy with a cdrom.img in order to install LM? Can someone PLEASE let me know why? What works differently from the traditional boot from CD-ROM? Hi, I had the same problem. The failed update attemp destroyed my rpm database. every Install attemp faild at a other state. It seems to me like a bug in supermount. Try to switch to a console (alt+F3 I think) and list the content of your cdrom. there are lot of files missing. I solved it by installing a ATAPI CD-ROM drive from my old machine and almost every thing went through (besides a problem I had since mdk7.x with the graphical installation). So supermount was a real Horror. I was so angry about it that I compiled the new kernel without these crap (in my special environment). Martin -- Albert E. Whale - CISSP http://www.abs-comptech.com -- ABS Computer Technology, Inc. - ESM, Computer Networking Specialists Sr. Security, Network, and Systems Consultant Board of Directors - InfraGard - Pittsburgh, PA - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE900WqBG198cnayKQRAhBLAJ9upvEoDp1phwr1lGf7tzRYKgQ55ACfeto+ caE0CaW8Fi+EKH5g15pa4TE= =jlfl -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] arts not working in two displays at once
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Donnerstag, 24. Oktober 2002 03:09 schrieb bascule: this devfs thing is really starting to hack me off, i see no reason why the 'first' user to log on locally gets to be 'king of audio'. if i try to avoid using devfs will this behaviour change? Hi, this is not a feature of devfs but of a little pam-module called pam_console (see man pam_console). i thought groups were the way to handle this sort of thing, but my ability to customise my machine is being removed by automation that requires actual coding skills to get around limitations it's introducing 'to make things easier' na, you can see it both sides. In about more than 80% the standard behavior is no miss. an a poweruser in any case changes the whole system. i think mandrake should stop and consider the few folk for whom auto mountpoint creation for usb/removable devices is a pita and permissions getting set whether you like it or not, are not helpful, and allow us to opt out easily thanks for the info, i won't of course be doing anything about this now, i'll be too busy learning perl just to be able to understand what happens when i plug in my camera - let alone change it! (i don't think) can you tell i'm annoyed? bascule Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9t5FCBG198cnayKQRAnu4AJ9OR0OYODVtOVyO0hgJShOhAoJk1QCdHdzb 2lNs/+e2MLWxlO5dUuEUW5s= =0xC9 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Using gcc 3.2: 'cc1' warning message
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Mittwoch, 23. Oktober 2002 21:30 schrieb Aleksey Naumov: Dear experts, I am using gcc 3.2 (on ML 9.0) and I get a lot of warnings from cc1: cc1: warning: changing search order for system directory /usr/local/include cc1: warning: as it has already been specified as a non-system directory I understand this warning is caused by '-I/usr/local/include' in the compilation line. So, '/usr/local/include' must be a system include directory in gcc 3.2. Is there any way to suppress this message, or remove '/usr/local/include' from the default include list? A lot of packages I have to compile use '-I/usr/local/include' and it is a pain to deal with the flood of identical cc1 warnings. It's more than a pain; cyrus' imap-2.0.16 does not configure correctly because they interprete these warning as an error. So thats the big advantage of OpenSource, use the Source. search for /usr/local/include in the configure-scripts or Makefiles and remove it. Martin Thank you, Aleksey - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9t5IaBG198cnayKQRAvemAJ9gg8rw0Z+htfftueerVmCmIWF6HgCfUVqf PgFUogW7JO/JCs2jCbHVKJQ= =ln7+ -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Re: DNS problems on 9.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Dienstag, 22. Oktober 2002 21:22 schrieb Jim C: Jim C wrote: For project reasons I've installed a DNS server on my gateway/router using techniques that worked on the previous version of Mandrake. Specifically I'ld been following the instructions in O'Reilly's book on ... the clients. I'm thinking that the wizard is not properly setting up the *.db file. Now understand that I have a copy of O'Rielly's DNS and BIND and that I have done this several times before. However if there is an error here, then I am missing it. The only changes I've made from the wizards settings are the last two lines. Here is the *.db file. Note that I do not own microverse.net, rather I am using views to keep it from the outside world. As you may have noticed, I am none to concerned about security. Before anyone asks there are reasons for that but they will not be discussed. ;-) $ORIGIN . $TTL 86400 ; 1 day microverse.net IN SOA microverse.net. root.microverse.net. ( 2002102200; Serial number 3600; 1 hour refresh 300 ; 5 minutes retry 172800 ; 2 days expiry 43200 ) ; 12 hours minimum ; List the name servers in use. Unresolved (entries in other zones) ; will go to our ISP's name server isp.domain.name.com IN NS enigma. IN MX 10enigma. $ORIGIN microverse.net. $TTL 86400 ; 1 day IN A192.168.1.254 localhost IN A 127.0.0.1 ; Alias (canonical) names ftp IN CNAMEenigma. www IN CNAMEenigma. mailIN CNAMEenigma. ; List of machine names addresses spartack. IN A192.168.1.253 ; comment homeworld. IN A192.168.1.252 ; comment Hi, is there realy a dot (.) after the name enigma? so the host ftp resolves to enigma. includes the dot and not to enigma.microverse.net. enigma. can not be resolved. The dot at the end of a hostname in the bind db says not to append the domainname to the name. Replace the dot at the end of the hostnames and retry. Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9tkWNBG198cnayKQRAnt8AJ9pvSFZBdCiwb6kubsO24ZdWZsu5wCdHU5N h+aM0i8O+D3BmF43koCLtYM= =BIjE -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] ML 9.0 - postfix calls *all* connections unknown
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Freitag, 11. Oktober 2002 01:22 schrieb Tommy Wareing: There's the question of security: this now allows a breached postfix to rewrite resolv.conf for the rest of my machine, although only that single file. So it's safer than not chroot-ing, but not as good as fixing all the applications which write to resolv.conf (linuxconf and dhcp being the two I can think of, but there may be sufficient others to mean this isn't viable). Of course, if we ever have two different chroot'd applications, this won't be viable, so in the long term, it's still a potential problem. with the resolv.conf there is a simple solution: setting up a local cachingonly nameserver and ignore the warning of postfix for different resolv.conf file. btw: only the masterdaemon of postfix runs as root. all the other are running als postfix and cannot change resolv.conf. Martin But at least I can continue to outfunction all our office Solaris boxes ;-) - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9pmnzBG198cnayKQRAjb8AKCGqSAMXvyeiyDIiXMjnaDuHVJsAQCfdDvl bftPcu3HDtiuilaNBmkUp8k= =ww78 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Strange = Portsentry Security Violations home.english-quest.com.br 09/05/02:04.02 system check (fwd)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Donnerstag, 5. September 2002 20:46 schrieb Ricardo Castanho de O. Freitas: What could be happening in here? I don't understand why security violations... I use Postfix... Is it any misconfig (Postifix)? TIA Ricardo -- Forwarded message -- Subject: home.english-quest.com.br 09/05/02:04.02 system check Date: Thu, 05 Sep 2002 04:02:04 -0300 Security Violations =-=-=-=-=-=-=-=-=-= Sep 5 03:18:04 home -- root[10079]: ROOT LOGIN ON tty1 Sep 4 04:50:05 home postfix/qmgr[1643]: 01C5F8AEF3: from=[EMAIL PROTECTED], size=23291, nrcpt=1 (queue active) Sep 4 07:03:10 home postfix/cleanup[17463]: 6855B8AEF5: message-id=038901c253f8$66fbad80$7a0aa8c0@HOC0105 Sep 4 08:40:36 home postfix/qmgr[1643]: 4292C8AEF3: Hi, it's the litte word bad, which is contained in we-bad-min that the logcheker finds and realy, all bad is bad (at least to logcheck). Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9eEQJBG198cnayKQRAhumAJ9yi/ASirrITa80tsH5f6Abt9CrvwCfTYvZ r35vJYaH1pl2c8WPrEHdSds= =yfKq -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Need a script to rename a file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Sonntag, 1. September 2002 10:16 schrieb Phil: Hello all, My shell script takes a jpeg file as the input like this: myscript test.jpg. After some processing I then create an empty file in a subdirectory named text like this: touch ../text/$1. The question is, how do I replace the suffix jpg with txt? In this case I want to end up with a file called test.txt. My initial efforts have centred around sed s/jpg/txt/ and mv but without success. either try filename=`echo $1 | grep sed s/jpg/txt/g` or filename=`basename $1 .jpg` if $1 is your filename to handle. Martin - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9czsTBG198cnayKQRAuiVAJ0XoXOgcISv83T6Cn3F13e9d73omgCfTRoS 98tq0xNtkyBL/anvy1+oQ94= =Vw8T -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Just installed KDE 3.03...still broken!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Mittwoch, 28. August 2002 22:07 schrieb Praedor Tempus: What is up with this? I installed KDE 3.0.3 (stable) thinking that surely by now the KDE people would have fixed the konsole-noxft problem. Nope. Still there. You try to start konsole from the panel and the panel freezes and become useless until you close konsole at which point you get an error message about not being able to start konsole-noxft. This has been a ridiculous problem since kde 3 beta. Does anyone have a _permanent_ fix for this? In the past, before I dumped kde 3.0.1 and went back to 2.2.2, I was able to fix this problem for a session but next time I logged in it would re-appear, rendering my changes temporary. I am terribly annoyed so forgive my tone but...C'MON! Fix it already. DUMP konsole-noxft forever! Hi there, this is not a KDE issue. I installed some recent KDE versions and had no problems with the konsole started via kicker. Simply don't use konsole-noxft (its a wraper script and calls konsole --noxft and comes with kde from mandrake). konsole was broken in kde2 while using antialiasing. The problem is solved with kde3. praedor Martin -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9bhkFBG198cnayKQRAhBLAJwIDr166+AOCH0ggHtv4k/h80R4tACfbXCk wVnUO2fY+k+U7Je9igZb1AA= =56a8 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] tar.bz2 - how to ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Freitag, 16. August 2002 11:32 schrieb hans schneidhofer: Hi, use 'j' instead of the 'z' for bz2 tar archives Martin hi, was looking in man tar for that, but doesn't find anything about. how can I do a tar xvfz a bz2 file ? thanks for helping bye hans - -- - H E L I X Gesellschaft für Software Engineering mbH - Hanauer Landstrasse 52 Telefon (069) 4789 35-30 60314 Frankfurt am Main Telefax (069) 4789 35-44 - http://www.helix-gmbh.net[EMAIL PROTECTED] - -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9XMmCBG198cnayKQRAofsAKCDbELnYcMUVYaOW9g0/ICNckjwnACdGxnw IUUcLmFNlysB8tNGifdKU4I= =3GUK -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com