Extra sendmail processes after install of spamassassin 3.0.1
Hi All, I have started seeing a problem with extra sendmail processes since upgrading to SpamAssassin 3.0.1 from 2.63 yesterday. I would normally have only a few sendmail processes at any one time unless I am mailing out. Now I seem to get an extra 20 or so extra after a while. They seem to be trying to deliver spam (china, korea etc) but do not complete (see a snippet of ps -aux a the end). I am loathe to kill them off as they are unable to deliver to due to a mis-config but I am not seeing any evidence of the mis configuration in the logs -- in fact I do not see the listed (ps) sendmail processes in the log at all. Has anyone seen this problem with SA? Is there a way to trace the process and see why/where is was spawned from - giving my some clue as to the cause. Suggestions? TIA Steve FreeBSD 4.7 Sendmail 8.12.6 SA 3.0.1 Ps -aux snippet: root 15439 0.0 0.7 2940 1460 ?? I11:03PM 0:00.01 sendmail: server [219.249.65.111] cmd read (sendmail) root 15446 0.0 0.7 2940 1460 ?? I11:03PM 0:00.01 sendmail: server [222.179.235.17] cmd read (sendmail) root 15454 0.0 0.7 2940 1460 ?? I11:03PM 0:00.01 sendmail: server [61.75.24.214] cmd read (sendmail) root 15462 0.0 0.7 2940 1460 ?? I11:04PM 0:00.01 sendmail: server [EMAIL PROTECTED] cmd read (sendmail) root 15465 0.0 0.7 2940 1460 ?? I11:04PM 0:00.01 sendmail: server [211.245.74.234] cmd read (sendmail) root 15468 0.0 0.7 3068 1480 ?? I11:04PM 0:00.01 sendmail: server [219.241.54.127] cmd read (sendmail) root 15478 0.0 0.7 2940 1468 ?? I11:05PM 0:00.01 sendmail: server 81-1-105-12.homechoice.co.uk [81.1.105.12] root 15484 0.0 0.7 2940 1460 ?? I11:05PM 0:00.01 sendmail: server [211.36.174.109] cmd read (sendmail) root 15487 0.0 0.7 2940 1460 ?? I11:05PM 0:00.01 sendmail: server [61.73.18.25] cmd read (sendmail) root 15490 0.0 0.7 3068 1504 ?? I11:05PM 0:00.01 sendmail: server wbar11.sea1-4.27.86.140.sea1.dsl-verizon.n root 15504 0.0 0.7 2940 1468 ?? I11:06PM 0:00.01 sendmail: server [211.215.12.207] cmd read (sendmail) root 15507 0.0 0.7 2940 1468 ?? I11:06PM 0:00.01 sendmail: server [61.109.136.55] cmd read (sendmail) root 15510 0.0 0.7 3068 1504 ?? I11:06PM 0:00.01 sendmail: server [EMAIL PROTECTED] root 15513 0.0 0.7 2940 1476 ?? I11:06PM 0:00.01 sendmail: server [EMAIL PROTECTED] [211.1 root 15520 0.0 0.7 2940 1468 ?? I11:07PM 0:00.01 sendmail: server [EMAIL PROTECTED] cmd read (sendma root 15525 0.0 0.7 2940 1468 ?? I11:07PM 0:00.01 sendmail: server [EMAIL PROTECTED] [66.94.208.97] root 15577 0.0 0.7 2940 1468 ?? I11:13PM 0:00.01 sendmail: server 81-1-105-12.homechoice.co.uk [81.1.105.12] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Ssh security with hosts.allow
Hi All, Since implementing a hosts.allow deny on SSHD for all but my IP I am seeing a slew of ssh attempts from overseas. My questions are: Is a good password and hosts.allow enough to keep out the bad guys? Is this normal? (I assume these attempts are automated) Thanks Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How to mirror
Hi All, It would appear my FreeBSD 4.8 server is down again due to another HD crash sigh but that's a whole other problem. However the related question is - what is the standard way to mirror a server? I will need to mirror mail, dns, apache and MySQL so that if one machine goes down, the other will pick up requests and then hand back / re-sync when the main server comes back up. I know it is a big question so are there any articles / websites / suggestions etc ? TIA... Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Something rotten in the OS?
Hey All, I have just had my 2nd HD crash in a year - different machine, different type of drive etc - the only consistency is the OS and the installed software. It looks like this is some kind of overflow This problem seems to start after about a month and is indicated by there being fragments of the kernel config data in the daily kernel log messages. I asked about that on this list but people seemed to think it was just some kind of log rotation. I caught the machine a couple of months ago with nearly all the swap used (800meg out of 1 gig) and rebooted which kept the machine happy. I recently noticed the kernel log messages had the config fragments again and was going to to a reboot - but alas too late. The machine is down, HD is damaged and we are trying to get data off the drive... This is exactly the problem that occurred 6 months ago. That time I put it down to lousy overheated hosting but now I don't have that excuse. Has anyone seen this before? Does FreeBSD have to be re-booted every month for safety? Should I give up and use Linux? A frustrated sysadmin Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Kernel about to crash?
Hi All, My daily security run is starting to show pieces of the kernel config file it's kernel log messages - when this happens the OS starts to use up more and more swap space too. Last time this happened I let it go and the server went down so I have been rebooting if I see this happening and avoid the crash. It seems to take about 25-30 days for this to occur. Has anyone seen this before? -- excerpts from security run output --- la.servername.com kernel log messages: initialized, divert disabled, rule-based forwarding enabled, default to accept, logging limited to 100 packets/entry by default la.servername.com kernel log messages: rom ufs:/dev/ad0s1a --- - FreeBSD 4.7 running on Athlon 1.5Ghz w/256meg TIA Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Freebsd - restarting itself?!
Hi All, Is it possible for FreeBSD to shut itself down and restart for no reason? My machine was restarted last night and my hosting company claims they did not touch the server or have any problems. This has been going of for a few months now -- intermittent restarts that no one claims responsibility for. This is a new machine with the latest OS (4.7) so I can't blame a faulty power supply or something like -- I have more fans than Britney in the server, for HD and CPU so I don't think it's a temp problem. Thoughts, suggestions? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Ifconfig - no aliases?
Hey All, Can some bright spark spot a mistake in this? For some reason I cannot get my NIC aliases to come up. Everything looks fine but no go. Here are the entries in rc.conf for the card (the first two digits are xx'd for this email): hostname=not-sharing-that-rightnow defaultrouter xx.100.110.1 ifconfig_rl0=inet xx.100.110.160 netmask 255.255.255.0 broadcast xx.100.110.255 # virtual IP ports ifconfig_rl0_alias0=inet xx.100.110.161 netmask 255.255.255.0 broadcast xx.100 .110.255 snipmore entries/ And here is the ifconfig output - everything is happy on the main IP - just no one else wants come and play ns1# ifconfig rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet xx.100.110.160 netmask 0xff00 broadcast xx.100.110.255 inet6 fe80::205:5dff:fe36:b97%rl0 prefixlen 64 scopeid 0x1 ether 00:05:5d:36:0b:97 media: Ethernet autoselect (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet 127.0.0.1 netmask 0xff00 faith0: flags=8002BROADCAST,MULTICAST mtu 1500 suggestions? Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
nasty HD crash -- can any one help with suggestions?
Murphy struck with a vengeance this morning. I have all my clients data on drive 2 in my server (why, because I was about to do a machine / OS swap). However, for some reason the second drive went down raaaly hard early this morning, some 4-5 hours before the changeover. So the question is, can I recover from this? I cannot boot the server with the second drive in fstab as it hangs when it hits the corrupted part. Running fsck gives me the same errors, it hits a segment and poops - it can't even continue. Exact message from boot seq: ad2s1e hard error reading fsbn 12714175 of 6357056-6357167 (ad2s1e bn 12714175; cn 791 tn 107 sn 19)ad2s1e hard error reading fsbn 12714175 of 6357056-6357167 (ad2s1e bn 12714175; cn 791 tn 107 sn 19) status=59 error=40 ad2: DMA problem fallback to PIO mode /dev/ad2s1e cannot read blk 6357056 Fsck show block 6357056 and 6357058 have problems but hangs after *58 Thoughts, suggestions gratefully received - please don't beat me up, I know I screwed up but I let my paranoia slip. TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
SMTP-AUTH + SSL - Possible?
Hi All, I am looking at ways to provide my clients with more convenience. One of those ways is to be able to send and receive email via my server. However, I know this can be a huge security hole and not one I would like to open. I feel that SMTP-AUTH without SSL is probably not that secure so -- 1. Is SMTP-AUTH a pain in the butt to set up? [yes I have read the handbook but I want to make sure] 2. Does SMTP over SSL use a standard SSL cert and is that relatively easy to set up? 3. Has anyone managed to use a chained SSL cert for SMTP over SSL (yes, I'm cheap :) All suggestions, URLs and docs gratefully received, TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Sendmail - blackhole da spam?
Hey All, I seem to be getting more spam lately and in an effort to protect my clients I use a catch all in the the virtuser table @domain-name.ext error:nouser However, this is resulting in more traffic as the spam needs to be bounced back out, to a server that refuses the mail and so on. Question is: is it possible to send catch all mail to a blackhole? dev/null for example Thanks Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Upgrade to 4.7 possible?
Hi again, I am looking at (finally) upgrading from 4.3 to 4.7 and before I dive in, has anyone had the pleasure of doing this? Did it go OK? Are there any gotchas to watch out for? Suggestions and upgrade experiences welocome :) Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Deleting a soft link that points to a directory - how?
Hey All, I cannot seem to delete a soft link (ln -s) that is pointing to a directory without renaming the directory first. If I try to delete the link it complains that the link is a directory (which it is pointing to). If I delete using rm -rf, it deletes the directory that is pointed to but not the link -- I have been burned by that one! FreeBSD 4.3 Here is a little test: %pwd /tmp %mkdir me %cd /root %ln -s /tmp/me MyTmp %rm -f MyTmp/ rm: MyTmp/: is a directory % %rm -rf MyTmp/ (deletes the directory it points to) %rm -f MyTmp(deletes the link) % Help, suggestions, magic? Thanks Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Moving sendmail mail files
Hi All, I am trying to move Sendmail mail files from /var/mail to each users home directory (this will help with back up and disk space). However, I have not managed to get sendmail to recognize the new mail file location. Any suggestions? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Mail: operation timed out... Why?
Hi All, I have mail stacking up in the outbound mail queue all with the same error: Deferred: Operation timed out with isp name here I have gone through my configs and everything looks correct. Could some one tell me what could cause this error as I have checked everything I can think of. The only thing left that might be incorrect is my ISP has a reverse DNS entry for my server as xxx.com not servername.xxx.com... Could that be it? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
DNS / Sendmail
Hi All, After moving a site to a new server I am having an email/DNS problem. Hopefully some kind soul can help as I cannot seem to fix this. --- I am using PHP to send email to the website users at they request (reminders etc). Apache runs as user nobody. Server is la.mylocalnet.com on 12.158.234.68 - DNS is on this server. I am getting bounces from bunch of ISPs with an error header like this - The following addresses had permanent fatal errors - [EMAIL PROTECTED] (reason: 550 rejected: cannot route to sender [EMAIL PROTECTED]) I am assuming that the bounce is happening due to an incorrect reverse DNS - Am I correct? This is what I get if I do an nslookup for reverse on my server: la# nslookup Default Server: localhost.mylocalnet.com Address: 127.0.0.1 set type=PTR 12.158.234.68 Server: localhost.mylocalnet.com Address: 127.0.0.1 68.234.158.12.in-addr.arpa name = mylocalnet.com 234.158.12.in-addr.arpa nameserver = la.mylocalnet.com And if I do alookup from another server on another network: oak:~$ nslookup Default Server: monitor.he.net Address: 216.218.130.50 set type=PTR 12.158.234.68 Server: monitor.he.net Address: 216.218.130.50 Non-authoritative answer: 68.234.158.12.in-addr.arpa name = dewnay.com Authoritative answers can be found from: 234.158.12.in-addr.arpa nameserver = ctmsq2ns2.cotennet.com 234.158.12.in-addr.arpa nameserver = ctmsq1ns1.cotennet.com ctmsq1ns1.cotennet.com internet address = 206.169.62.212 It appears my bandwidth provider is causing the problem with an incorrect reverse entry to dewnay.com. Again, am I correct? If so, should I just get them to delete the entry and let my DNS do its thing? Any help, ideas or suggestions gratefully received. I have a lot of mail stacking up! Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Bazillion kernel messages?
I have a bazillion of these kernel messages showing up in my logs... Jan 9 13:53:30 la last message repeated 7 times Jan 9 13:59:21 la /kernel: arp: 00:05:32:0e:64:12 attempts to modify permanententry for 12.158.234.65 on rl0 I know rl0 is my ethernet but I don't host the .65 address. I have not seen these before - does anyone know what these messages mean? As always, advice and suggestions gratefully received. Thanks Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Pw - name too long ??
Hi All, I am trying to add a user name with the pw command and get the name too long error after 15 or 16 characters. However, I also use Webmin which has allowed me to use much longer user names. Is there a switch or setting I am missing? Example: pw adduser longdomain-henry2 -w random -d /home/longdomain/henry2 -g nogroup -s /sbin/nologin -c henry two -h 0 Suggestions? Remember, Webmin can do longer names for some reason... TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Port 4976 ?
Hi All, Just checking my security and noticed port 4976 is open. I cannot find a listing / notation for this and it appears to be under named - do I need this? Sockstat -4 output root named 864 udp4 *:4976 root named 86 20 udp4 12.158.234.68:53 *:* root named 86 21 tcp4 12.158.234.68:53 *:* Thanks Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Pw - name too long ??
Hi All, I am trying to add a user name with the pw command and get the name too long error after 15 or 16 characters. However, I also use Webmin which has allowed me to use much longer user names. Is there a switch or setting I am missing? Example: pw adduser longdomain-henry2 -w random -d /home/longdomain/henry2 -g nogroup -s /sbin/nologin -c henry two -h 0 Suggestions? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Separating the OS from the data - tough to do?
Hi, -- Problem: Separating OS from underlying data. Which parts of the BSD OS are not part of the initial, never modified OS? Or, which pieces of the OS change due to useage. -- Goal: To have a slightly modified BSD OS structure where the OS can be upgraded, yet the variable data remains the untouched (DNS, websites, mail etc), on another partition or disk, allowing an OS upgrade that can be as plug play as possible. -- THEORY -- See reference below for BSD file system details. At first glance it looks like I can just move and soft link a few directories, /etc, /usr/local, /usr/home (websites) and /var. However if one upgrades the OS, is it possible to have all the installed apps separate? For example, I have Apache, MySQL and PHP installed. By moving/linking /usr/local to another partition or disk, is it possible that these apps will run properly once the OS is upgraded and the soft link re-setablished? Will /var still function properly? Will MySQL re-write the DB files somewhere else next time it is optimized or repaired? All thoughts, ideas and input gratefully received. Hopefully this discussion will be of use to a few more people that just me :) --- For reference -- From: Filesystem Hierarchy Standard Version 2.2 final Filesystem Hierarchy Standard Group the standard unix FS, moveable? directories marked with a # bin Essential command binaries # boot Static files of the boot loader # dev Device files etc Host-specific system configuration # lib Essential shared libraries and kernel modules # mnt Mount point for mounting a filesystem temporarily # opt Add-on application software packages # sbin Essential system binaries # tmp Temporary files # usr Secondary hierarchy usr/local * var Variable data Note: The /usr/local hierarchy is for use by the system administrator when installing software locally. It needs to be safe from being overwritten when the system software is updated. It may be used for programs and data that are shareable amongst a group of hosts, but not found in /usr. Need a copy? Email me for the PDF Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Separating the OS from the data [Addendum]
[Addendum] Cvsup / makeworld: I apologize for missing that piece of information Yes, I could use the usual update procedure, however, this is a production machine. So my thought is: build a new OS on a staging machine, add required symlinks, pull the drive (sled) and slot it into the production machine. In THEORY it should be possible to do an upgrade in the time it takes to do a reboot. For server farms this would be a big benefit... Steve -- Problem: Separating OS from underlying data. Which parts of the BSD OS are not part of the initial, never modified OS? Or, which pieces of the OS change due to useage. [...snip...] Not a direct answer to your question, as I assume you want to reformat the disk for every new installation, but... The easiest way to upgrade the OS is by using cvsup. Then you'll get the changes of the source files, and after you've cvsup'ed you just compile the sources and install them. It's as easy as this... cvsup sources make buildworld make buildkernel KERNCONF=KERNEL mergemaster -p make installkernel reboot make installworld mergemaster reboot(?) (If I remember the steps correct) No need to reformat the disk, no need to recreate symbolic links and all is updated. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Sendmail: non-relay secure
Hi, I have sendmail / qpopper running on a production machine and have yet to figure out a way to open mail up to my client sin a secure way. Eg. Client logs in from aol.com to check and send mail. Is there a way to do this that will not open my machine up to abuse? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Yes, but how do I upgrade?
Hi I have a 4.3 BSD machine to upgrade, and it's a production machine :( On a test machine I have learned to CVSUP. I have used sysinstall and played around with the upgrade potion of the menu. I have configured, built and installed the kernel a few times. Ok, got that, but how do I upgrade? I am probably missing the point, but do I have to CVSUP, sysinstall/upgrade, AND build-install the kernel? I looked at makeworld in the handbook but it read like the instructions to building a house! Surely it's not a complicated as it looks? Anyway, suggestions, links etc all gratefully received. TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
2 drives + 2 IDE channels = better?
Hi, Is is better to run a 2nd drive on another IDE channel or on the same bus? Eg. IDE channel 1 = ad0 (main OS), IDE channel 2 = ad1 (other data - maybe MySQL and websites?) Thoughts, opinions? TIA Steve. PS. Is it obvious I'm building a new machine :) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
UDMA limited to 33 - resolution
Hi, Thanks to all of you that answered my call for help. Problem: dmesg / boot reported bus limited to UDMA33. Results: - CD-Rom was causing the problem. Once taken off the bus, UDMA100 was recognized. - Added a UDMA66 HD in place of the CD and the bus was limited to UDMA33 - Swapped the placement of the UDMA100 Master and the UDMA66 Slave on the bus and all items were recognized correctly. Master is now last on the chain. hth Steve Warwick To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
OS upgrade planning?
Hi All, Thanks to everyone for their help with my odd problems. This is just a venture an opinion if you have a moment question. Problem: need to upgrade FreeBSD 4.3 on a production machine. My plan so far - feel free to shoot this down :P DEFINITIONS: - Drive1/Master = D1 - Drive2/Slave = D2 - Production Machine ID = PD - Staging Machine ID: SM - Shared = Contains client data. mail, website files, mySQL DBs etc. PD: 2 drives SM: 2 drives # 1: PM:D2 - make Shared # 2: move all shared data to PM:D2 # 3: symlink from filesystem on PM:D1 to PM:D2 # 4: SM:D1 - install latest FreeBSD stable. # 5: SM:D2 - make into a Shared partition # 6: symlink from filesystem on SM:D1 to SM:D2 # 7: test SM # 8: Replace PM:D1 with SM:D1 In theory I should now be able to swap PM:D1 with newer installed versions from SM:D1 whenever I have installed and tested them. I know I can do a make buildworld but I quite like the idea of swapping out one drive with another (via sled) as this means reverting takes less than a minute and testing can be at my leisure. I am also a little scared of doing a buildworld on a production machine in case it all goes horribly wrong :) Anyway, thoughts, ideas and suggestions gratefully received. TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Setup: UDMA133 - recognized?
Hi, I noticed that during boot ad0 is limited to UDMA33 - I have UDMA133 motherboard and drive so, is this really true? TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Make always fails on new system
Hi All, Just starting a new system and every attempt to build / make anything fails with some kind of LD failure, followed by signal 11 errors. The install of the system seemed to go fine. Any suggestions what I have missed? -- New install: 4.6.2 from floppy / FTP On Athlon 1600 / shuttle AK31 / 256meg ddr ram / Dlink 530tx+ enet TIA Steve To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message