Re: [ilugd] Our IP getting listed in cbl again and again
We are running Ubuntu 5.10 / Kolab 2.0 on our mail server whose IP is getting listed on cbl again and again. We have verified the checklist given by cbl and observed that we are fulfilling all the conditions specified by them but still we are getting listed. The security considerations we have setup are pop3/imap for local users pop3/imap ssl for remote users smtp securefor remote users Any hints/pointers at what could be wrong are highly appreciated. - 1.Setup a reverse DNS for your mail server IP. 2.Remove from CBL / SBL This removes it permanently. --Naresh Narang ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] [Gllug] NICs on RHEL 4.0
Kenneth Gonsalves wrote: On 08-Nov-06, at 9:29 PM, Yashpal Nagar wrote: you can get the redhat support contact details from their website at http://www.redhat.com/ :) does that mean, nobody know RHEL? apart from Redhat itself. Or there is any restriction of discussing anything about RHEL in any open forum like this ? it means that since you have paid Redhat, you should extract support from them - if they are unable/refuse to give support, then report here and we will put them in the hall of shame. This is a discussion and _not_ a support list. People are free to discuss as long as it follows the list guidelines. The point of whether Nagar should contact RH or not is none of our business. And what would you prove putting RH into your hall of shame list ? Ritesh -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com Necessity is the mother of invention. Stealing logic from one person is plagiarism, stealing from many is research. The great are those who achieve the impossible, the petty are those who cannot - rrs ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
On 11/9/06, Kenneth Gonsalves [EMAIL PROTECTED] wrote: On 09-Nov-06, at 10:29 AM, Sangeeta Joneja wrote: We are running Ubuntu 5.10 / Kolab 2.0 on our mail server whose IP which ISP? static IP or dynamic IP? It's static IP. We have a broad band connection (DSL) from Airtel with static IP. On router we have opened the ports 993 (IMAP/SSL), 995 (POP3/SSL), 465 (SMTP/SSL). I am hereby giving you the configuration parameters for postfix. Output of postconf -n alias_database = hash:/kolab/etc/postfix/aliases alias_maps = hash:/kolab/etc/postfix/aliases broken_sasl_auth_clients = yes canonical_maps = hash:/kolab/etc/postfix/canonical command_directory = /kolab/sbin config_directory = /kolab/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /kolab/libexec/postfix default_privs = kolab-n local_recipient_maps = $virtual_maps mail_owner = kolab mailbox_transport = kolabmailboxfilter masquerade_domains = $mydomain masquerade_exceptions = root message_size_limit = 20971520 mydestination = $mydomain example.com example1.com mydomain = example.com myhostname = example.com mynetworks = 127.0.0.0/8 our local network(x.0.0.0)/8 myorigin = $mydomain queue_directory = /kolab/var/postfix recipient_delimiter = + relay_domains = relayhost = relocated_maps = hash:/kolab/etc/postfix/relocated setgid_group = kolab-r smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination, reject_unlisted_recipient, check_policy_service unix:private/kolabpolicy,reject_rbl_client sbl-xbl.spamhaus.orgreject_rbl_client spamcop.net smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/kolab/etc/postfix/restricted_senders smtpd_starttls_timeout = 300s smtpd_timeout = 300s smtpd_tls_auth_only = yes smtpd_tls_cert_file = /kolab/etc/kolab/cert.pem smtpd_tls_key_file = /kolab/etc/kolab/key.pem smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/kolab/etc/postfix/transport, ldap:ldaptransport Regards, Sangeeta ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
Sangeeta Joneja wrote: On 11/9/06, Kenneth Gonsalves [EMAIL PROTECTED] wrote: On 09-Nov-06, at 10:29 AM, Sangeeta Joneja wrote: We are running Ubuntu 5.10 / Kolab 2.0 on our mail server whose IP which ISP? static IP or dynamic IP? It's static IP. We have a broad band connection (DSL) from Airtel with static IP. On router we have opened the ports 993 (IMAP/SSL), 995 (POP3/SSL), 465 (SMTP/SSL). I am hereby giving you the configuration parameters for postfix. Output of postconf -n alias_database = hash:/kolab/etc/postfix/aliases alias_maps = hash:/kolab/etc/postfix/aliases broken_sasl_auth_clients = yes canonical_maps = hash:/kolab/etc/postfix/canonical command_directory = /kolab/sbin config_directory = /kolab/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /kolab/libexec/postfix default_privs = kolab-n local_recipient_maps = $virtual_maps mail_owner = kolab mailbox_transport = kolabmailboxfilter masquerade_domains = $mydomain masquerade_exceptions = root message_size_limit = 20971520 mydestination = $mydomain example.com example1.com mydomain = example.com myhostname = example.com mynetworks = 127.0.0.0/8 our local network(x.0.0.0)/8 myorigin = $mydomain queue_directory = /kolab/var/postfix recipient_delimiter = + relay_domains = relayhost = relocated_maps = hash:/kolab/etc/postfix/relocated setgid_group = kolab-r smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination, reject_unlisted_recipient, check_policy_service unix:private/kolabpolicy,reject_rbl_client sbl-xbl.spamhaus.orgreject_rbl_client spamcop.net smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/kolab/etc/postfix/restricted_senders smtpd_starttls_timeout = 300s smtpd_timeout = 300s smtpd_tls_auth_only = yes smtpd_tls_cert_file = /kolab/etc/kolab/cert.pem smtpd_tls_key_file = /kolab/etc/kolab/key.pem smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/kolab/etc/postfix/transport, ldap:ldaptransport rantCBL sux, its a complete and total waste of time and people's resources. Someone should walk over and give them a solid whack on their head!/rant Is your machine claiming to be something that it isnt ? eg. if you say that you are 'example.com' does example.com resolve back to your IP ? ( well, MX for example.com that is ). Even claiming to be localhost.localdomain wont work. To see what you are calling yourself, telnet yourpublic IP 25, that should give you a good idea. Easiest workaround, just disable the greeter from showing any domain name. Thats what the spammers do, and it effectively renders cbl useless. The other thing is to just firewall off the cbl netblock, so they can never check your :25 at all. further rantWhlie you are out whacking the CBL guys, make sure you get a good whack at all the idiots who actually use CBL to score against /further rant -- Karanbir Singh : http://www.karan.org/ : [EMAIL PROTECTED] ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
in infinite wisdom Naresh Narang spoke thus On 11/09/2006 01:36 PM: 1.Setup a reverse DNS for your mail server IP. 2.Remove from CBL / SBL Any pointers to why this would work ? Though I too am of the opinion CBL/SBL is a complete waste of time. -- raj shekhar facts: http://rajshekhar.net | opinions: http://rajshekhar.net/blog WE APOLOGIZE FOR THE INCONVENIENCE -- God's Last Message to his Creation ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
in infinite wisdom Sangeeta Joneja spoke thus On 11/09/2006 04:12 PM: mydestination = $mydomain example.com example1.com mydomain = example.com myhostname = example.com Did you change these values to protect your domain or are they set as example.com in the real server itself ? -- raj shekhar facts: http://rajshekhar.net | opinions: http://rajshekhar.net/blog WE APOLOGIZE FOR THE INCONVENIENCE -- God's Last Message to his Creation ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
in infinite wisdom Sangeeta Joneja spoke thus On 11/09/2006 10:29 AM: We are running Ubuntu 5.10 / Kolab 2.0 on our mail server whose IP is getting listed on cbl again and again. What is the reason they give for blacklisting you ? -- raj shekhar facts: http://rajshekhar.net | opinions: http://rajshekhar.net/blog WE APOLOGIZE FOR THE INCONVENIENCE -- God's Last Message to his Creation ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] RHEL AS and ES which is better
Well Abhi i will sujest first check with your environment requirements. If in feature you are planning to increase your CPU then you can go with AS .. and then check your budget i mean company's budget.Then choose it .. -Manish Popli On 11/9/06, abhishek jain [EMAIL PROTECTED] wrote: Hi, I need to choose the right OS for a server of mine company. I decided to use RHEL but is confused for the AS and ES ones. Which is better? The system configuration will be double CPU, 4 GB RAM, etc. I visited http://www.redhat.com/rhel/compare/server/ but is still loking for more replies. Any help will be appreciated. -- Regards, Abhishek jain ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ -- Manish Popli ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] Looking for Linux Performance Benchmarks
Looking for Linux Performance Benchmarks compared to other UNIXes and MS Windows, for mission critical applications. Any pointers to resources /publications /links? Any studies by European Union, NASA, World Bank, Gartner etc? anand shankar ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] NICs on RHEL 4.0
Replace the card on hardware base. -Manish Popli On 11/8/06, Yashpal Nagar [EMAIL PROTECTED] wrote: Hi All, I have a Redhat Enterprise linux 4.0 with two NICs on a DL320, 32 bit arch HP server. Problem is every reboot the interface eth0 flips over to the other physical interface and then i have to physically move the cable to other interface. I get the following on console. Nov 8 12:29:40 servername ifup: Device eth0 has different MAC address than expected, ignoring. What i have tried: 1. By specifying the HWADDR keyword in ifcfg-eth0 but no luck. 2. i have also tried putting BOOTPROTO=none and placing the /sbin/ifconfig eth0 hw ether 00:0B:CD:4E:31:C1 in /etc/rc.d/rc/local and then restart the network interface as told at http://www.redhat.com/archives/redhat-list/2003-April/msg02721.html http://whoozoo.co.uk/mac-spoof-linux.htm but still same problem. The both NIC is NetXtreme BCM5702X Gigabit Ethernet. Any pointer/hack would be highly appreciated. Regards Yashpal ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ -- Manish Popli ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] RHEL AS and ES which is better
Hi, I need to choose the right OS for a server of mine company. I decided to use RHEL but is confused for the AS and ES ones. Which is better? The system configuration will be double CPU, 4 GB RAM, etc. I visited http://www.redhat.com/rhel/compare/server/ but is still loking for more replies. = The question is not Which is better, the question is Which features do I need --Naresh Narang ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
in infinite wisdom Naresh Narang spoke thus On 11/09/2006 01:36 PM: 1.Setup a reverse DNS for your mail server IP. 2.Remove from CBL / SBL Any pointers to why this would work ? Though I too am of the opinion CBL/SBL is a complete waste of time. -- -- To understand this, you have to know How spam works. How mail servers work. How spam filters work. How DNS works. I gave a solution in 2 lines, to do the research is left for you as an exercise. --Naresh Narang ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Our IP getting listed in cbl again and again
On 10-11-06 9:44 AM, Naresh Narang wrote: in infinite wisdom Naresh Narang spoke thus On 11/09/2006 01:36 PM: 1.Setup a reverse DNS for your mail server IP. 2.Remove from CBL / SBL Naresh is right, we went through this last year. Setting up a reverse DNS is the only real option IMHO and Airtel doesnt do that for its DSL customers. Ankur. ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/