Re: [gentoo-user] Alternate Incoming Mail Server
On 4/7/20 4:53 AM, Ashley Dixon wrote: Grant's mail server, I assume, is configured with the highest security in mind, so I can see how a mail server with a dynamic I.P. could cause issues in some contexts. I don't do any checking to see if the IP is from a dynamic net block or not. Some people do. I just wish my I.S.P. offered _any_ sort of static I.P. package, but given that I live in remote area in the north of England, I.S.P.s aren't exactly plentiful. If all you're after is a static IP and aren't worried about sending email from it, you can get a cheap VPS and establish a VPN from your house to it. Use the static IP of said VPS as your home static IP. }:-) -- Grant. . . . unix || die -- Grant. . . . unix || die
Re: [gentoo-user] Alternate Incoming Mail Server
On 4/6/20 10:49 PM, J. Roeleveld wrote: I am afraid most (if not all) ISPs will reject emails if the reverse DNS does not match. My experience has been that there needs to be something for both the forward and reverse DNS. Hopefully they match each other and — and what I call — round resolve each other. Ideally, they round resolve /and/ match the SMTP HELO / EHLO name. I think you can get away with at least the first part. There will likely be warnings, but they probably won't prevent email delivery in and of themselves. Using a dynamic range is another "spam" indicator and will also get your emails blocked by (nearly) all ISPs. Yep. If it's not blatant blocking of believed to be dynamic clients (how is left up to the reader's imagination), you start to run into additional filtering that may or may not reject the message. I would suggest putting your outbound SMTP server on a cheap VM hosted somewhere else. Or you get an outbound SMTP-service that allows you to decide on domain name and email addresses. Unfortunately the spammers have made many such cheap VMs IP net blocks have bad reputations. I'm starting to see more people blocking the cheaper VPS providers. -- Grant. . . . unix || die
Re: [gentoo-user] ...recreating exactly the same applications on a new harddisc?
On 7/4/20 5:15 am, Neil Bothwick wrote: On Mon, 6 Apr 2020 22:02:04 +0100, antlists wrote: This isn't strictly true, the ESP must be vfat, but you can still have an ext? /boot. This isn't true at all - you've got the cart before the horse. The original (U)EFI spec comes from Sun, I believe, with no vfat in sight. A standards-compliant factory-fresh Mac boots using UEFI with no vfat in sight. That's true, but firmware on commodity PC motherboards can only be relied upon to handle vfat. So while my use of "must" is a bit strong, it should be vfat if you want to be sure it will boot on a PC. Years ago I installed refind to dual boot gentoo and Win10 on a surface pro4 tablet. The recommendation then was / is a linux FS (btrfs in my case) and vfat (because MS will always be vfat - no choice!) for the EFI mounted on /boot/efi: bunyip ~ # mount|grep nv /dev/nvme0n1p6 on / type btrfs (rw,noatime,compress=lzo,ssd,discard,space_cache,subvolid=5,subvol=/) /dev/nvme0n1p1 on /boot/efi type vfat (rw,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro) bunyip ~ # tree /boot /boot ├── amd-uc.img ├── early_ucode.cpio └── efi └── EFI ├── Boot │ └── bootx64.efi ├── gentoo │ ├── initramfs-5.4.25-gentoo-x86_64.img │ ├── initramfs-5.4.26-gentoo-x86_64.img │ ├── initramfs-5.5.10-gentoo-x86_64.img │ ├── System.map-5.4.25-gentoo-x86_64 │ ├── System.map-5.4.26-gentoo-x86_64 │ ├── System.map-5.5.10-gentoo-x86_64 │ ├── vmlinuz-5.4.25-gentoo-x86_64 │ ├── vmlinuz-5.4.26-gentoo-x86_64 │ └── vmlinuz-5.5.10-gentoo-x86_64 ├── Microsoft │ ├── Boot │ │ ├── ar-SA │ │ │ ├── bootmgfw.efi.mui │ │ │ └── bootmgr.efi.mui │ │ ├── BCD │ │ ├── BCD.LOG │ │ ├── BCD.LOG1 │ │ ├── BCD.LOG2 │ │ ├── bg-BG │ │ │ ├── bootmgfw.efi.mui │ │ │ └── bootmgr.efi.mui │ │ ├── bootmgfw.efi │ │ ├── bootmgr.efi │ │ ├── BOOTSTAT.DAT │ │ ├── boot.stl │ │ ├── cs-CZ ...
Re: [gentoo-user] Per package /bin/sh selection
On Tue, Apr 7, 2020 at 2:48 PM Alessandro Barbieri wrote: > > I already filed bugs here: > > https://bugs.gentoo.org/716504 > https://bugs.gentoo.org/716496 > > I need the workaround for the two above plus this > https://bugs.gentoo.org/714094 In the future, please mention you are using dash as /bin/sh and block bug 714092 when you file bugs about this kind of issue. The fontforge bug report doesn't mention anything about it.
[gentoo-user] Possible bug: 'emerge borgbackup msgpack' fails due to conflicting stabilization
Hi, I have opened a bug for this [1], but am not sure, how the stabilization policies are, and are point to this list. To quote from the bug report: > I'm not sure if this a bug, but as far as I know on a stable system such > packages should fit together. Currently, app-backup/borgbackup needs > dev-python/msgpack-0.5.6, while dev-python/msgpack-0.6.2 is stable. > As I direct consequence, portage complains about this in a normal update. > Emerging a newer borgbackup seems to fix the error (as the dependency on > msgpack is gone). > Reproducible: Always > Steps to Reproduce: > 1. emerge borgbackup msgpack > Actual Results: > Should work. > Expected Results: > Conflicts. This is not a support request. I know how to fix it for my installation. This is a request/info for fixing it upstream (if this is against the Gentoo stabilization policy). Best, Gerion [1] https://bugs.gentoo.org/716588 signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
J. Roeleveld wrote: > > The only time I have seen DSL work without a filter is when the modem is > connected directly to the incoming port and no analog device can be connected > anywhere in the line. > > That location gets 60meg down and 20meg up. > > I am also 100÷ certain noone can connect an analog phone as there is no plug > available. > > Reason why I said a filter is needed everywhere is because I have seen > locations where the ADSL router was behind a filter, but the phone, connected > to a different port, was not behind a filter. > The occupant of that house were quick to blame the router and ISP, but had > difficulty realising the consistency of the connection dropping as soon as > someone picked up the phone or the phone starting to ring. > > -- > Joost The info that came with the modem and install kit also says that each phone port must have a filter. The modem however does not, unless you use a filter and plug it into the modem port. Basically, the modem has to be connected directly to the phone line. The phones have to be filtered. The filter removes or attenuates/isolates the DSL signal so that the voice part still works. When I rewired the phone lines after cutting off the phone part, I only connected the wire that goes to my modem, nothing else. I removed the wires that went to the old satellite box, the living room and other phone lines that went somewhere. Since I no longer have phone service, why run those wires at all. Right now it is just after 3PM here. My connection is already slow. It's been raining so I suspect everyone is inside watching TV and surfing the net tho. I'm getting around 40K down according to gkrellm. On occasion, I get several seconds of full speed or very close to it. I suspect the DSL box is just getting to much traffic. It is rumored that our local power company is about to offer internet service. One friend who has seen some info said it is well over 10MBs/sec. I think she said her cost would be just a few dollars more than what I'm paying now for 1.5MBs/sec. You can bet, if it does come here, I'm switching at lightening speed. Of all the things I enjoy most, internet and what I can do with it is the most important. Videos is the top thing, placing orders online and then being able to access banking and such comes after that. The first one is the bandwidth hog tho. It's also what I do most. I left dial-up behind. Now I'm hoping for either cable or something else faster, power company is possible, so I can leave this slow DSL behind. Dale :-) :-)
Re: [gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
On 7 April 2020 21:40:56 CEST, Grant Edwards wrote: >On 2020-04-07, Michael wrote: >> On Tuesday, 7 April 2020 05:55:06 BST J. Roeleveld wrote: >>> On Tuesday, April 7, 2020 5:54:25 AM CEST Ian Zimmerman wrote: >>> > On 2020-04-06 22:14, Dale wrote: >>> > > I have DSL and it isn't to fast to begin with. At >>> > > times tho, I'm only getting about 20 or 30% of what I should. >>> > >>> > Are you often on the phone at those times? May it be poor >filtering? >>> > >>> > At my last residence - also "in the sticks", LOL - we had to give >up on >>> > DSL completely, because 6 times out of 10 when we got a phone call >the >>> > internet dropped. Seriously. We're not proud to support the >Comcast >>> > monopoly, but what a difference. >>> >>> This is likely caused by NOT having a filter for every device. >>> >>> Longer version: >>> >>> DSL requires a splitter/filter between the wall-socket (where the >phone >>> normally plugs in) and the DSL modem. It also has a 2nd connection >for the >>> phone. >> >> It is not the ADSL modem which requires the filter, but the analogue >> telephone. > >My experience with multiple different installations is that lack of a >filter can pretty much kill the ADSL signal and redner the DSL mode >useless. > > >> The filter cuts out audible frequencies so you can't hear them >> when you're making a call. > >In my experience, it often also prevents the phones and connected >lines from presenting such a screwed up impedance to the DSL signal >that DSL stops working. > >-- >Grant The only time I have seen DSL work without a filter is when the modem is connected directly to the incoming port and no analog device can be connected anywhere in the line. That location gets 60meg down and 20meg up. I am also 100÷ certain noone can connect an analog phone as there is no plug available. Reason why I said a filter is needed everywhere is because I have seen locations where the ADSL router was behind a filter, but the phone, connected to a different port, was not behind a filter. The occupant of that house were quick to blame the router and ISP, but had difficulty realising the consistency of the connection dropping as soon as someone picked up the phone or the phone starting to ring. -- Joost -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
[gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
On 2020-04-07, Michael wrote: > On Tuesday, 7 April 2020 05:55:06 BST J. Roeleveld wrote: >> On Tuesday, April 7, 2020 5:54:25 AM CEST Ian Zimmerman wrote: >> > On 2020-04-06 22:14, Dale wrote: >> > > I have DSL and it isn't to fast to begin with. At >> > > times tho, I'm only getting about 20 or 30% of what I should. >> > >> > Are you often on the phone at those times? May it be poor filtering? >> > >> > At my last residence - also "in the sticks", LOL - we had to give up on >> > DSL completely, because 6 times out of 10 when we got a phone call the >> > internet dropped. Seriously. We're not proud to support the Comcast >> > monopoly, but what a difference. >> >> This is likely caused by NOT having a filter for every device. >> >> Longer version: >> >> DSL requires a splitter/filter between the wall-socket (where the phone >> normally plugs in) and the DSL modem. It also has a 2nd connection for the >> phone. > > It is not the ADSL modem which requires the filter, but the analogue > telephone. My experience with multiple different installations is that lack of a filter can pretty much kill the ADSL signal and redner the DSL mode useless. > The filter cuts out audible frequencies so you can't hear them > when you're making a call. In my experience, it often also prevents the phones and connected lines from presenting such a screwed up impedance to the DSL signal that DSL stops working. -- Grant
Re: [gentoo-user] Difficulties to install a bootloader for the new system
> rc.log stops here: > > * Executing: /lib/rc/sh/openrc-run.sh /lib/rc/sh/openrc-run.sh > /etc/init.d/local start > * Starting local ... > [ ok ] So apparently it's booting all the way... Looking at my working config (asus x370 prime, ryzen 7 1700, UEFI boot from an NVMe SSD), you might want to try a couple of other things: 1) recompile your kernel with CONFIG_FB_SIMPLE=y 2) set "GRUB_GFXMODE=auto" and "GRUB_GFXPAYLOAD_LINUX=keep" in /etc/default/grub and rebuild grub.cfg andrea
Re: [gentoo-user] Alternate Incoming Mail Server
On 4/7/20 2:54 PM, Stefan Schmiedl wrote: > >> DKIM fails on many mailing lists. This list, for example, modifies your >> subject to add "[gentoo user]" but leaves the DKIM signature intact. If >> the sender has a p=reject DMARC policy, that can make his messages >> "disappear" for recipients who check and enforce DMARC. > > I'm pretty sure that I'm not the first one to ask, but given that > DMARC and DKIM seem to have become a thing, would it not be "better" > for delivery if the mailing list software removed the DKIM signature > if it modified a header that was signed? It's a tricky question, but I know e.g. Mailman has tried that before. The RFCs say that you should treat the signature header like a Received-from header; i.e. leave it alone. Stripping off the signature can cause other new and exciting problems, like getting you sent to Junk at the big freemail providers. I always attempt the simplest solution first: don't modify the message. Some lists now have clever ways of modifying the "From" so that the message appears to come from the list, and not from the person who sent it, but they don't work in 100% of cases either. Off the top of my head, it involves adding another type of "Sender" header, but that can only be done if the original message doesn't have one, or something like that. I'd check the available options in the latest version of Mailman to see what it can do. There's a lot of boring work that has been done on this, e.g. https://tools.ietf.org/html/rfc6377 but I'm not totally up to date on the best practices. I switched my own domain to p=none after a few years of pain and suffering, and haven't looked back.
Re: [gentoo-user] Alternate Incoming Mail Server
"Michael Orlitzky" , 07.04.2020, 20:34: > Blaming lists.gentoo.org (or any other MTA) for not retrying after a 4xx > without evidence is seeing hoof prints and thinking zebras. Ockham's > razor: you fucked up. I'm watching my exim logs right now and can confirm that the gentoo mailing list server does cope well with greylisting, i.e. it attempts delivery again after a few minutes. Also, messages from me to others pass DKIM checks, unless they are modified by what you suggested: > DKIM fails on many mailing lists. This list, for example, modifies your > subject to add "[gentoo user]" but leaves the DKIM signature intact. If > the sender has a p=reject DMARC policy, that can make his messages > "disappear" for recipients who check and enforce DMARC. I'm pretty sure that I'm not the first one to ask, but given that DMARC and DKIM seem to have become a thing, would it not be "better" for delivery if the mailing list software removed the DKIM signature if it modified a header that was signed? s.
Re: [gentoo-user] Per package /bin/sh selection
On 4/7/20 2:48 PM, Alessandro Barbieri wrote: > I already filed bugs here: > > https://bugs.gentoo.org/716504 > https://bugs.gentoo.org/716496 > > I need the workaround for the two above plus > this https://bugs.gentoo.org/714094 > Thanks, this will be a PITA for a while (again). Another developer had patched /bin/dash so that it was effectively broken, to the point where ./configure scripts would decide on their own use bash instead (even if you set /bin/sh to point to dash). This "fixed" the errors, but meant that everyone who thought he switched to dash was actually still using slow old bash for every build. I undid that patch (so that now dash acts like it does upstream), but as a result there's going to be a bunch of previously-hidden bashisms in ./configure scripts that need to be fixed.
Re: [gentoo-user] Per package /bin/sh selection
I already filed bugs here: https://bugs.gentoo.org/716504 https://bugs.gentoo.org/716496 I need the workaround for the two above plus this https://bugs.gentoo.org/714094 Il Mar 7 Apr 2020, 18:10 Michael Orlitzky ha scritto: > On 4/7/20 11:13 AM, Alessandro Barbieri wrote: > > How can I change /bin/sh in a per package way using /etc/portage/env? > > I need to set bash some packages while I run dash for the system. > > If it's the ./configure script failing, you can set > > CONFIG_SHELL="/bin/bash" > > to override it only in that configure script (but please report a bug > first; configure scripts are supposed to be POSIX sh). > >
Re: [gentoo-user] Alternate Incoming Mail Server
"Michael" , 07.04.2020, 19:10: > This thread has been covered in depth for a while now, but I noticed something > noteworthy. > On Monday, 6 April 2020 19:13:06 BST Stefan Schmiedl wrote: >> >> And here's an example for J. Roeleveld's observed missed original >> messages: >> >> A few days ago I sent a message to this list. As usual, I received >> a bunch of DMARC reports from mailservers rejecting the messages. >> >> > From: "Seznam.cz" >> > This is a spf/dkim authentication-failure report for an email message >> > received> >> > from IP 208.92.234.80 on Sun, 05 Apr 2020 22:14:23 +0200. >> > >> > The message below did not meet the sending domain's dmarc policy. > The reason your message was *rejected*, rather than failed to be delivered/ > gone missing, was because there is a DKIM failure in its headers. This is not > the non-delivery failure Joost was talking about when an MX server has gone > offline. As I understood it, were I someb...@seznam.cz, I would not have received the original message but only the replies to it, hence observing the same strange behaviour of "missed original message but received replies" due to issues completely out of somebody's control. >> The headers of that rejected message start with >> >> > Received: from lists.gentoo.org (unknown [208.92.234.80]) >> > >> > by email-smtpd3.ng.seznam.cz (Seznam SMTPD 1.3.108) with ESMTP; >> > Sun, 05 Apr 2020 22:14:22 +0200 (CEST) >> >> This means that folks @seznam.cz (among others) will not get to see >> this message unless somebody replies to it from a domain that uses >> a less restrictive combination of SPF, DKIM and DMARC rules. > I would think the @seznam.cz recipient server obliges by following the DMARC > policy published, but ... the tag "p=none" in _dmarc.xss.de TXT means it > should neither reject, nor quarantine the message. :-/ It's been a while since I set this up, but according to RFC 7489, section 6.7 "policies of "p=none" SHOULD NOT modify existing mail disposition processing", which I understood as "the receiver can do what it wants, but I get notified about DMARC related problems". I'll update the record to quarantine and see what breaks. > In other messages the 'bh=' hash is before the 'h=' string. The sequence of > tags is: > bh=.; > h=..; > b=... > In Stefan's message the sequence is different: > h=..; > bh=.; > b=... > Perhaps the order in which recipients servers parse the headers cause the DKIM > check to fail? I really hope that is not the case as the sequence is whatever exim uses as default sequence. Outgoing mail uses this transport: remote_smtp: driver = smtp dkim_domain = ${lc:${domain:$h_from:}} dkim_selector = s1 dkim_private_key = CONFDIR/dkim/dkim.private.key dkim_canon = relaxed > This is what I see here in the headers delivered by Stephan via the gentoo- > user M/L: > Authentication-Results: ; > dkim=fail header.d=xss.de; <== DKIM checks failed == > spf=pass (sender IP is 208.92.234.80) > [snip ...] The problem could be that the header list includes things like h=...:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; which are not in my original message but are added by the mailing list software. So if you received one of my DKIM signed messages directly, the signature would work, but if you received it after it passed through a mailing list, your DKIM check would fail because it would include List-Id in the test and the test would fail. Michael, you should receive two copies of this message, one via list one directly. Could you do me the favour and let me know (offline) what the Authentication-Results for both messages look like? Thanks, s.
Re: [gentoo-user] Alternate Incoming Mail Server
On 4/7/20 1:10 PM, Michael wrote: > > Perhaps the order in which recipients servers parse the headers cause the > DKIM > check to fail? > DKIM fails on many mailing lists. This list, for example, modifies your subject to add "[gentoo user]" but leaves the DKIM signature intact. If the sender has a p=reject DMARC policy, that can make his messages "disappear" for recipients who check and enforce DMARC. Stefan was putting forth another much more plausible explanation for Joost's "missing" messages: he rejected them. Blaming lists.gentoo.org (or any other MTA) for not retrying after a 4xx without evidence is seeing hoof prints and thinking zebras. Ockham's razor: you fucked up.
Re: [gentoo-user] Difficulties to install a bootloader for the new system
On 04/07 05:18, Andrea Conti wrote: > On 07/04/20 11:32, tu...@posteo.de wrote: > > > When I boot this setup, grub starts and displays: > > > > booting Linux 5051500-64-RT ... > > > > and freezes. I have to powercycle the whole thing. > > If you're getting there, your firmware was successful in loading GRUB from > your system partition, so you can probably rule out problems with > partitioning or GRUB setup and concentrate on the actual kernel. > > Make sure your kernel has CONFIG_FB_EFI=y (it's under Device > Drivers/Graphics support/Frame buffer Devices/Support for frame buffer > defices/EFI-based Framebuffer Support), or you won't see any output from the > kernel until your video driver is loaded. > > andrea > > Hi Andrea, I have switched the harddisks again and I am back at my "old" (but working) system. I have review the logs the new system has left behind in /var/log...and according to the "dmesg" file it shows the but untill all partitions get mounted. rc.log stops here: * Executing: /lib/rc/sh/openrc-run.sh /lib/rc/sh/openrc-run.sh /etc/init.d/local start * Starting local ... [ ok ] rc default logging stopped at Tue Apr 7 19:29:36 2020 which is identical to what rc.log shows at my old system. So nice to fine...or... I have tried to login blindly but that does not work... It seems, that the framebuffer thingie is the culprit here...I have reconfigured the kernel according to what you have suggested...but nothing changed... I have no further ideas... Cheers! Meino
Re: [gentoo-user] Alternate Incoming Mail Server
This thread has been covered in depth for a while now, but I noticed something noteworthy. On Monday, 6 April 2020 19:13:06 BST Stefan Schmiedl wrote: > "Michael Orlitzky" , 06.04.2020, 19:35: > > On 4/6/20 1:32 PM, J. Roeleveld wrote: > >> The messages were missing due to the MX being unavailable for a short > >> period. Retries were not attempted as I would have received them. > >> > >> The spam filter is configured with certain mailing lists whitelisted. > > > > Here is proof that the Gentoo list server retries after ~8 minutes: > > > > Mar 12 15:15:42 mx1 postfix/postscreen[27586]: NOQUEUE: reject: RCPT > > from [208.92.234.80]:47590: 450 4.3.2 Service currently unavailable; > > from=, > > to=, proto=ESMTP, helo= > > > > Mar 12 15:23:07 mx1 policyd-spf[20627]: prepend Received-SPF: Pass > > (mailfrom) identity=mailfrom; client-ip=208.92.234.80; > > helo=lists.gentoo.org; envelope-from > > =gentoo-announce+bounces-2524-michael=orlitzky@lists.gentoo.org; > > receiver= > > > > I'm not saying you're lying about what happened, but that the conclusion > > you're drawing from it is premature. The Gentoo list server (and every > > other real MTA) retries deliveries. If you lost a message, I'd bet > > that's not the reason why. > > And here's an example for J. Roeleveld's observed missed original > messages: > > A few days ago I sent a message to this list. As usual, I received > a bunch of DMARC reports from mailservers rejecting the messages. > > > From: "Seznam.cz" > > This is a spf/dkim authentication-failure report for an email message > > received> > > from IP 208.92.234.80 on Sun, 05 Apr 2020 22:14:23 +0200. > > > > The message below did not meet the sending domain's dmarc policy. The reason your message was *rejected*, rather than failed to be delivered/ gone missing, was because there is a DKIM failure in its headers. This is not the non-delivery failure Joost was talking about when an MX server has gone offline. > The headers of that rejected message start with > > > Received: from lists.gentoo.org (unknown [208.92.234.80]) > > > > by email-smtpd3.ng.seznam.cz (Seznam SMTPD 1.3.108) with ESMTP; > > Sun, 05 Apr 2020 22:14:22 +0200 (CEST) > > This means that folks @seznam.cz (among others) will not get to see > this message unless somebody replies to it from a domain that uses > a less restrictive combination of SPF, DKIM and DMARC rules. I would think the @seznam.cz recipient server obliges by following the DMARC policy published, but ... the tag "p=none" in _dmarc.xss.de TXT means it should neither reject, nor quarantine the message. :-/ This is what I see here in the headers delivered by Stephan via the gentoo- user M/L: Authentication-Results: ; dkim=fail header.d=xss.de; <== DKIM checks failed == spf=pass (sender IP is 208.92.234.80) [snip ...] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xss.de; s=s1; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply- To:Subject:To:Message-ID:From:Date:Sender:Reply-To:Cc:Content-ID:Content- Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent- Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List- Owner:List-Archive; bh=IcmyWppZGnE0ObrMblHXHftN8IgNTO770eJL89ETQwQ=; b=g+t6Zx2l9CbrtDTrLtTlyRMSPvuW4LQZ2s0aBdpPEOjp+jp7IutK42gCOTzgq/BH5Lj+/ TLm3dD7ctngYCiMmPlMQlevvDFteUSgueZ 7vKRd87NpPM9O0G9rd+xT84em298YzVm0GAIBSv/ 4hb2StCOaC5TcDkKrtOw1vAc5i30=; I've split the DKIM header above to illustrate a point. Assuming the digital signatures are correct, the only thing I noticed being different from other DKIM headers which do not fail, is the sequence of the various DKIM tags above. I don't know if this is important - the DKIM RFC needs reading more than once to understand it - but here it goes: In other messages the 'bh=' hash is before the 'h=' string. The sequence of tags is: bh=.; h=..; b=... In Stefan's message the sequence is different: h=..; bh=.; b=... Perhaps the order in which recipients servers parse the headers cause the DKIM check to fail? signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
On Tuesday, 7 April 2020 06:56:04 BST Dale wrote: > J. Roeleveld wrote: > > On Tuesday, April 7, 2020 5:54:25 AM CEST Ian Zimmerman wrote: > >> On 2020-04-06 22:14, Dale wrote: > >>> I have DSL and it isn't to fast to begin with. At > >>> times tho, I'm only getting about 20 or 30% of what I should. > >> > >> Are you often on the phone at those times? May it be poor filtering? > >> > >> At my last residence - also "in the sticks", LOL - we had to give up on > >> DSL completely, because 6 times out of 10 when we got a phone call the > >> internet dropped. Seriously. We're not proud to support the Comcast > >> monopoly, but what a difference. > > > > This is likely caused by NOT having a filter for every device. > > > > Longer version: > > > > DSL requires a splitter/filter between the wall-socket (where the phone > > normally plugs in) and the DSL modem. It also has a 2nd connection for the > > phone. > > > > This filter needs to be installed between ALL phone-wall-sockets and any > > device plugged in. > > > > (Alternatively, you place the filter at the main entry-point and connect > > the router from that filter and run the "phone" port to the rest of the > > house.) > The phone part has been cut off for a long time. The only wire left is > the one to the modem itself. I forgot but I ran a brand new wire a good > while back when I moved the jack. This is a long term issue tho. I > might add, the DSL box up the road is full. The only way a new person > can get DSL is if someone else cuts theirs off. It's been full since > about three months after they installed the DSL box. I actually have > some extra filters tho. Since I don't have any use for them anymore. lol > > It was a good thought tho. I had a filter go bad once and it did wreak > havoc on the DSL. Poor internet, DSL signal lost at times. If the > phone rang or anyone picked up a phone, dead DSL for sure. > > Dale > > :-) :-) Removing/reducing unneeded internal telephone wiring and placing the modem as close as possible to the drop wire when it enters the house, is the best way to reduce noise on the line and be able to sync at higher speeds. Getting the telecom provider to test the copper wire connections for high resistance faults between your house and the telephone exchange, is another approach to getting a higher ADSL sync speed. It is unlikely privatised monopoly suppliers will get out of bed to do this on your request, no matter how much subsidy they pocket from the government supposedly to improve their infrastructure. However, the problem you are describing is only related to poor wiring and copper telephone circuit faults if the modem reports dropped connections to the exchange. If the modem remains connected without suddenly re-syncing with the exchange at lower speeds, but your downloads from the Internet reduce all the same, then the problem is one of an over-subscribed ADSL line. Many ISPs tend to seek profit maximisation by over-subscribing their limited capacity infrastructure to more and more customers. The contention ratio becomes too high if all customers suddenly start downloading 4K UHD videos from the Internet at the same time every evening, while using an infrastructure which was designed before the Internet was invented. It used to be the case kids would return from school, go on the Internet and hammer youtube video downloads. So just before dinner time the Internet grinds to halt, only to pick up again speed later at night, until early in the morning. In countries with free market competition (OK, don't laugh) there should be other ISPs available, who for a price will be able to offer you an ADSL service with a lower contention ratio. Usually they sell these packages to business customers and of course charge more for the privilege. In the last couple of weeks, in many countries around the world there has been a lockdown to reduce the spread of the Coronavirus and many people who can, now work from home. This has increased the amount of videoconferencing and consequently the already burdened infrastructure is further constrained. However, this would cause a reduction in speeds during the day, than in the evening and it would be cause by upstream capacity getting exhausted, rather than what your ISP has provisioned your local exchange with. A final point to note: Bufferbloat. On assymetric DSL the achievable downstream speed is limited by the capacity/ load on the upstream path. Setting up traffic-shaping on your router on the upstream path will allow you to saturate the upstream and therefore maximise whatever downstream rate your line can deliver. You can read more about it here: https://www.linksysinfo.org/index.php?threads/qos-tutorial.68795/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
On Tuesday, 7 April 2020 05:55:06 BST J. Roeleveld wrote: > On Tuesday, April 7, 2020 5:54:25 AM CEST Ian Zimmerman wrote: > > On 2020-04-06 22:14, Dale wrote: > > > I have DSL and it isn't to fast to begin with. At > > > times tho, I'm only getting about 20 or 30% of what I should. > > > > Are you often on the phone at those times? May it be poor filtering? > > > > At my last residence - also "in the sticks", LOL - we had to give up on > > DSL completely, because 6 times out of 10 when we got a phone call the > > internet dropped. Seriously. We're not proud to support the Comcast > > monopoly, but what a difference. > > This is likely caused by NOT having a filter for every device. > > Longer version: > > DSL requires a splitter/filter between the wall-socket (where the phone > normally plugs in) and the DSL modem. It also has a 2nd connection for the > phone. It is not the ADSL modem which requires the filter, but the analogue telephone. The filter cuts out audible frequencies so you can't hear them when you're making a call. A failed/failing ADSL z-filter will be noticed because the line will suddenly have an audible hum/buz when you pick up the phone and press a button - or perform a quiet line test. signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Per package /bin/sh selection
On 4/7/20 11:13 AM, Alessandro Barbieri wrote: > How can I change /bin/sh in a per package way using /etc/portage/env? > I need to set bash some packages while I run dash for the system. If it's the ./configure script failing, you can set CONFIG_SHELL="/bin/bash" to override it only in that configure script (but please report a bug first; configure scripts are supposed to be POSIX sh).
Re: [gentoo-user] Re: Internet slow at times. Can't figure out why. ISP??
On Tuesday, 7 April 2020 04:54:25 BST Ian Zimmerman wrote: > On 2020-04-06 22:14, Dale wrote: > > I have DSL and it isn't to fast to begin with. At > > times tho, I'm only getting about 20 or 30% of what I should. > > Are you often on the phone at those times? May it be poor filtering? > > At my last residence - also "in the sticks", LOL - we had to give up on > DSL completely, because 6 times out of 10 when we got a phone call the > internet dropped. Seriously. We're not proud to support the Comcast > monopoly, but what a difference. This may have been caused by an MTU installed somewhere on the external line, which should be removed,[1] or it could have been a DECT phone - some were causing these problems and needed replacement or more than one ADSL filter inline - or it could be lengthy telephone extensions inside the house making acting as aerials and making the connection marginal for ADSL purposes. [1] https://rdist.root.org/2009/02/04/fixing-dsl-lost-sync-problem/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] ...recreating exactly the same applications on a new harddisc?
On 07/04/2020 00:38, Michael wrote: Perhaps older UEFI specifications allowed Mac-baked filesystems, or perhaps Apple were/are doing their own thing. The current UEFI specification *requires* a FAT 12/16/32 filesystem type on an ESP partition to boot an OS image/bootloader from - see section '13.3 File System Format': Reading the spec, it said "must *support*", not must *require*. What I was told - by someone I see no reason to disbelieve - was that if a vendor wants to support a different filesystem *in addition*, provided it supports all the calls then there's no problem. (Incidentally, if that's the final spec, I think I've spotted a mistake in it - it clearly doesn't actually mean what it says in at least one place ...) Cheers, Wol
Re: [gentoo-user] Difficulties to install a bootloader for the new system
On 07/04/20 11:32, tu...@posteo.de wrote: When I boot this setup, grub starts and displays: booting Linux 5051500-64-RT ... and freezes. I have to powercycle the whole thing. If you're getting there, your firmware was successful in loading GRUB from your system partition, so you can probably rule out problems with partitioning or GRUB setup and concentrate on the actual kernel. Make sure your kernel has CONFIG_FB_EFI=y (it's under Device Drivers/Graphics support/Frame buffer Devices/Support for frame buffer defices/EFI-based Framebuffer Support), or you won't see any output from the kernel until your video driver is loaded. andrea
[gentoo-user] Per package /bin/sh selection
How can I change /bin/sh in a per package way using /etc/portage/env? I need to set bash some packages while I run dash for the system.
[gentoo-user] No keyserver available
I have a long standing "gpg can't check signature: No public key" error while running # emerge-webrsync It appears because the webrsync-gpg feature has been set in my make.conf however I do not want to switch it off. The app-crypt/gentoo-keys is installed, so it is not the reason for above error. I have just tried to download gentoo pgp keys manually with the command gpg --keyserver hkps://keys.gentoo.org --recv-keys 13EBBDBEDE7A12775DFDB1BABB572E0E2D182910 and got the following error message: gpg: keyserver receive failed: No keyserver available Can anybody explain me how to fix this?
Re: [gentoo-user] Difficulties to install a bootloader for the new system
Meino, On Tuesday, 2020-04-07 11:32:09 +0200, you wrote: > ... > This was created via > grub-install --efi-directory=/boot/efi > grub-mkconfig -o /boot/grub/grub.cfg According to the notes I took when installing Gentoo for the first time I did: # echo 'GRUB_PLATFORMS="efi-64"' >> /etc/portage/make.conf # emerge --ask --verbose sys-boot/grub:2 # grub-install --target=x86_64-efi --efi-directory=/boot # grub-mkconfig -o /boot/grub/grub.cfg and on my system there is no directory "/boot/efi/": # ls -dp /boot/*/* | grep /$ /boot/EFI/gentoo/ /boot/grub/fonts/ /boot/grub/locale/ /boot/grub/themes/ /boot/grub/x86_64-efi/ Not sure whether or not this is relevant for your problem. Sincerely, Rainer
Re: [gentoo-user] Alternate Incoming Mail Server
On Tue, Apr 07, 2020 at 06:49:08AM +0200, J. Roeleveld wrote: > I am afraid most (if not all) ISPs will reject emails if the reverse DNS does > not match. Using a dynamic range is another "spam" indicator and will also > get your emails blocked by (nearly) all ISPs. > > I would suggest putting your outbound SMTP server on a cheap VM hosted > somewhere else. Or you get an outbound SMTP-service that allows you to decide > on domain name and email addresses. I've had a surprisingly-small amount of trouble with that. I've made sure to correctly configure all the elements I can control, such as D.K.I.M., S.P.F., T.L.S.\ encryption, etc., and most common e-mail services (Gmail, Yahoo, and Outlook) all receive my e-mail with no problems. Grant's mail server, I assume, is configured with the highest security in mind, so I can see how a mail server with a dynamic I.P.\ could cause issues in some contexts. I just wish my I.S.P.\ offered _any_ sort of static I.P.\ package, but given that I live in remote area in the north of England, I.S.P.s aren't exactly plentiful. -- Ashley Dixon suugaku.co.uk 2A9A 4117 DA96 D18A 8A7B B0D2 A30E BF25 F290 A8AA signature.asc Description: PGP signature
Re: [gentoo-user] Re: mail cannot send emails (trying to use it with smartd)
On Friday, April 3, 2020 10:42 AM, Caveman Al Toraboran wrote: > nullmailer is now configured, and test with`echo "Subject: ..." | sendmail -v > m...@dom.com` works. but, smartd's test mail is not working, with this error: > > Apr 03 10:15:09 blah smartd[219171]: Test of to m...@dom.com produced > unexpected output (65 bytes) to STDOUT/STDERR: > > Apr 03 10:15:09 blah smartd[219171]: mail: cannot send message: Process > exited with a non-zero status > Apr 03 10:15:09 blah smartd[219171]: Test of to m...@dom.com: > failed (32-bit/8-bit exit status: 9216/36) > > > tried to test`mail` in isolation: > > echo "test body" | mail -s "test subj" m...@dom.com --debug-level=3 > mail: sendmail binary: /usr/sbin/sendmail > mail: source=system, name=me, passwd=x, uid=1000, gid=1000, gecos=, > dir=/home/me, shell=/bin/fish, mailbox=.maildir, quota=0, change_uid=1 > mail: source=system, name=me, passwd=x, uid=1000, gid=1000, gecos=, > dir=/home/me, shell=/bin/fish, mailbox=.maildir, quota=0, change_uid=1 > mail: mu_mailer_send_message(): using From: me@localhost > mail: Sending headers... > mail: Sending body... > mail: /usr/sbin/sendmail exited with: 1 > mail: progmailer error: Process exited with a non-zero status > mail: cannot send message: Process exited with a non-zero status > mail: source=system, name=me, passwd=x, uid=1000, gid=1000, gecos=, > dir=/home/me, shell=/bin/fish, mailbox=.maildir, quota=0, change_uid=1 > > i've also monitored `watch -n .1 tree /var/spool/nullmailer/` and verified > that > the queue never gets filled with any message when i use the `mail` command > (which, i think, is what `smartd` uses). but, the queues get filled when i > used `sendmail` by the command in my 1st paragraph. extra info: i've just found that it only fails when sender address is `@locahost`. if i manually execute `mail` with `-aFrom:lol@safsdfsd` it will work, even tho the `From:...` is total garbage. but somehow just can't work when `From:lol@localhost`. something personal going on with `mail` and `localhost`. any idea what's going on? and what did i do wrong? hence what's the most elegant way to fix this?
[gentoo-user] Difficulties to install a bootloader for the new system
Hi, for what reason ever, my attempts to install a bootloader for my new system fails. Current setup: Partioning: GPT fdisk (gdisk) version 1.0.5 Partition table scan: MBR: protective BSD: not present APM: not present GPT: present Found valid GPT with protective MBR; using GPT. Disk /dev/sdb: 5860533168 sectors, 2.7 TiB Model: EZRZ-00GXCB0 Sector size (logical/physical): 512/4096 bytes Disk identifier (GUID): 45EED4D4-B137-452E-88B7-BA2EF068056B Partition table holds up to 128 entries Main partition table begins at sector 2 and ends at sector 33 First usable sector is 34, last usable sector is 5860533134 Partitions will be aligned on 2048-sector boundaries Total free space is 4973 sectors (2.4 MiB) Number Start (sector)End (sector) Size Code Name File system 120486143 2.0 MiB EF02 GRUB 26144 268287 128.0 MiB EF00 boot fat32 3 268288 1316863 512.0 MiB 8300 swap linux-swap(v1) 4 1316864 525604863 250.0 GiB 8300 root ext4 5 525604864 1049892863 250.0 GiB 8300 home ext4 6 1049892864 1574180863 250.0 GiB 8300 pool00ext4 7 1574180864 2098468863 250.0 GiB 8300 pool01ext4 8 2098468864 2622756863 250.0 GiB 8300 pool02ext4 9 2622756864 3147044863 250.0 GiB 8300 pool03ext4 10 3147044864 3671332863 250.0 GiB 8300 pool04ext4 11 3671332864 4195620863 250.0 GiB 8300 pool05ext4 12 4195620864 4719908863 250.0 GiB 8300 pool06ext4 13 4719908864 5244196863 250.0 GiB 8300 pool07ext4 14 5244196864 5860530175 293.9 GiB 8300 pool08ext4 (filesystem types added by me by hand, taken from the output of parted -l ) Mounting the system under /mnt/gentoo and chrooting into it and after submitting a 'mount -a' I get: (list is sorted alphabetically/manually for better reading) /dev/sdb4 on / type ext4 (rw,relatime) /dev/sdb2 on /boot/efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro) /dev/sdb10 on /home/user/data/pool04 type ext4 (rw,noatime) /dev/sdb11 on /home/user/data/pool05 type ext4 (rw,noatime) /dev/sdb12 on /home/user/data/pool06 type ext4 (rw,noatime) /dev/sdb13 on /home/user/data/pool07 type ext4 (rw,noatime) /dev/sdb14 on /home/user/data/pool08 type ext4 (rw,noatime) /dev/sdb5 on /home type ext4 (rw,noatime) /dev/sdb6 on /home/user/data/pool00 type ext4 (rw,noatime) /dev/sdb7 on /home/user/data/pool01 type ext4 (rw,noatime) /dev/sdb8 on /home/user/data/pool02 type ext4 (rw,noatime) /dev/sdb9 on /home/user/data/pool03 type ext4 (rw,noatime) /proc on /proc type proc (rw,relatime) blkio on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755) configfs on /config type configfs (rw,relatime) configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime) cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu) cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct) cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset) debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime) devices on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) devtmpfs on /dev type devtmpfs (rw,nosuid,relatime,size=10240k,nr_inodes=4104014,mode=755) freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime) memory on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory) mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime) none on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc) perf_event on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event) pids on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids) rdma on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma) shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime) sysfs on /sys type sysfs (rw,relatime) the contents of /boot is: . ./.keep ./grub ./grub/themes/... ./grub/x86_64-efi/... ./grub/grubenv ./grub/fonts ./grub/fonts/unicode.pf2 ./grub/grub.cfg ./efi