Re: Configure SSL on Debian Linux Server
apt-get install libapache-mod-ssl And then check your configuration file that you are loading the module and have a key and certificate. James Debian Developer. [EMAIL PROTECTED] 09/26/02 05:58am Hi all , I am naive to SSL technologies. We are trying to install SSL on Debian Linux Server. We are having a Debian released Apache version . Where I can get good documentation about installing SSL on Debian Linux. What all do I need to configure the SSL ? As far as my knowledge , we need to install Open-SSL along with mod-ssl on the server and set the necessary config files. Am I right? The server we are using is going to host some applications/ web pages , which are accessed from PDA phones. , I appreciate if any one can brief how and where to start with. Thanks in advance Regards Ibrahim --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.391 / Virus Database: 222 - Release Date: 9/19/2002 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
User Certificates: emailAddress type needs to be of typeIA5STRING
Hey all, I know this is mod-ssl-users and not openssl-users, but I thought I'd ask here anyway. I have a user cert I am trying to sign with my private CA, and I am getting a problem with: Enter PEM pass phrase: Check that the request matches the signature Signature ok The Subjects Distinguished Name is as follows emailAddress :ASN.1 12:' emailAddress type needs to be of type IA5STRING The Subject of the CSR I am dealing with (altered to protect the innocent): Subject: [EMAIL PROTECTED], C=AU, O=ZZ, OU=ZZ, CN=ZZ This CSR was generated using keytool from the J2SDK1.4.1 RC1 distribution from java.sun.com. Now, a CSR I generated with OpenSSL gives me a format of Subject Name=Val/Name=Val/..., not Subject: Name=Val, Name=Val, Does any one know what the ASN.1 encoding thing is all about here in the CSR, and how it can be corrected with OpenSSL (0.9.6g-engine) at signing time, and if the change of formatting (slash separated from comma separated) of the Subject in the CSR is important? I tired to override the CSR's subject by setting the subject with the same values using '/ as the OID separator, but that didn't help. Regards, James Bromberger -- James Bromberger, Webmaster/Senior Systems Administrator Client Technical Services, Hartleys Limited, www.hartleys.com.au www.jdv.com P: +61 8 9268 2909M: +61 417 322 500 F: +61 8 9266 0200E: [EMAIL PROTECTED] Hartleys Ltd ABN 67 009 136 029, its Directors and Associates declare that they from time to time hold interests in/and or earn brokerage, fees or other benefits mentioned in documents to clients. Any securities recommendation contained in this document is unsolicited general information only. Do not act on a recommendation without first consulting your investment advisor to determine whether the recommendation is appropriate for your investment objectives, financial situation and particular needs. Hartleys Limited believes that any information or advice (including any securities recommendation) contained in this document is accurate when issued. However, Hartleys Limited does not warrant its accuracy or reliability. Hartleys Limited, its officers, agents and employees exclude all liability whatsoever, in negligence or otherwise, for any loss or damage relating to this document to the full extent permitted by law. Hartleys Limited may collect information from you in order to provide any services you have requested. A copy of Hartleys Limited's privacy policy is available on www.hartleys.com.au. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
SSLCryptoDevice: works as a static, not as a DSO...?
Hey people. I have been running fine with Apache + Mod_SSL under Solaris with everything working fine. I am now recompiling to Apache 1.3.26, Mod_SSL 2.8.10, OpenSSL 0.9.6d, and MM1.1.3. My httpd.conf is pretty much the default, except for just above the SSLPassPhraseDialog (around line 1090) where I have: SSLCryptoDevice cswift (it is a Sun Cyrpto Accelerator 1 (just a rebadged CryptoSwift) in a Netra T1, on Solaris 8) There are two compiles I have done: one where I have done everything as a static, and one where it is DSO. When static, I removed my LoadModules and AddModules, and of course, when as a DSO, I add these back in. ALl pretty straight forward. When I use static, my hardware crypto is working and everything is wonderful. Birds sing, etc... When I go DSO and then `apachectl configtest`: Invalid command 'SSLCryptoDevice', perhaps mis-spelled or defined by a module not included in the server configuration Which is odd, because all the other SSL directives are OK. If I do a `strings libexec/libssl.so` then I can see that the SSLCryptoDevice is mentioned in the module, however using mod_info, it is not mentioned against mod_ssl as being available. Does anyone know what is going on here? Why would this work fine as a static, and not as a DSO? This was working with earlier versions (1.3.20 2.8.4 0.9.6b). Any help appreciate. James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9266 0200 JDV - e-Commerce and Outsourcing Solutions for Financial Services http://www.jdv.com/ JDV is a division of Hartleys Limited ABN 67 009 136 029 (JDV). Any securities recommendation contained in this document is unsolicited general information only. Do not act on a recommendation without first consulting your investment advisor to determine whether the recommendation is appropriate for your investment objectives, financial situation and particular needs. JDV believes that any information or advice (including any securities recommendation) contained in this document is accurate when issued. However, JDV does not warrant its accuracy or reliability. JDV, its officers, agents and employees exclude all liability whatsoever, in negligence or otherwise, for any loss or damage relating to this document to the full extent permitted by law. JDV may collect personal information from you in order to provide any services you have requested. A copy of JDV's privacy policy is available at http://www.jdv.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSLCryptoDevice: works as a static, not as a DSO...?
Thanks Ron... I just did this, and there was no change -- it still doesn't like this directive: Invalid command 'SSLCryptoDevice', perhaps mis-spelled or defined by a module not included in the server configuration My build was effectively: cd openssl* sh config -fPIC -DSSL_EXPERIMENTAL shared make cd .. cd mm-1.1.3 ./configure --disable-shared make cd .. cd mod_ssl-2.8.10-1.3.26 ./configure --with-apache=../apache_1.3.26 \ --with-ssl=../openssl-engine-0.9.6d \ --with-mm=../mm-1.1.3 \ --enable-rule=SSL_EXPERIMENTAL \ --enable-module=ssl \ --prefix=/usr/local/apache --enable-shared=ssl \ --enable-module=most \ --enable-shared=max --enable-module=so cd .. cd apache_1.3.26 make make install package-root=`pwd`/package-root The difference I am doing is removing the --enable-shared=ssl and --enable-shared=max, and then it works (as a static). Thanks, James [EMAIL PROTECTED] 06/28/02 01:45pm It might depend upon how you compliled openssl, was it compiled shared also? Thanks, Ron DuFresne On Fri, 28 Jun 2002, James Bromberger wrote: Hey people. I have been running fine with Apache + Mod_SSL under Solaris with everything working fine. I am now recompiling to Apache 1.3.26, Mod_SSL 2.8.10, OpenSSL 0.9.6d, and MM1.1.3. My httpd.conf is pretty much the default, except for just above the SSLPassPhraseDialog (around line 1090) where I have: SSLCryptoDevice cswift (it is a Sun Cyrpto Accelerator 1 (just a rebadged CryptoSwift) in a Netra T1, on Solaris 8) There are two compiles I have done: one where I have done everything as a static, and one where it is DSO. When static, I removed my LoadModules and AddModules, and of course, when as a DSO, I add these back in. ALl pretty straight forward. When I use static, my hardware crypto is working and everything is wonderful. Birds sing, etc... When I go DSO and then `apachectl configtest`: Invalid command 'SSLCryptoDevice', perhaps mis-spelled or defined by a module not included in the server configuration Which is odd, because all the other SSL directives are OK. If I do a `strings libexec/libssl.so` then I can see that the SSLCryptoDevice is mentioned in the module, however using mod_info, it is not mentioned against mod_ssl as being available. Does anyone know what is going on here? Why would this work fine as a static, and not as a DSO? This was working with earlier versions (1.3.20 2.8.4 0.9.6b). Any help appreciate. James -- ~~ admin senior security consultant: sysinfo.com http://sysinfo.com Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation. -- Johnny Hart testing, only testing, and damn good at it too! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9266 0200 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Apache 1.3.26 and mod_ssl
Seems that the current 2.8.8 has some problems patching into some of the mod_proxy code: ./ap/Makefile.tmpl.rej ./modules/proxy/mod_proxy.c.rej ./modules/proxy/proxy_http.c.rej Apart from those three files (536 bytes, 1312 bytes, 2607 bytes) it looks clean... James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9266 0200 http://conf.linux.org.au/ [EMAIL PROTECTED] 06/19/02 07:54am On Tue, 18 Jun 2002, Matthew Ruzicka wrote: Pardon my possible ignorance here, but has anyone come up with any good work arounds for getting mod_ssl to work with the (patched) Apache 1.3.26 since 2.8.8-1.3.24 only wants to work with 1.3.24? I'm looking into it. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Apache 1.3.26 and mod_ssl
Attached are my diffs from the 1.3.26 tarball and what I did when I merged in the 2.8.8 rejected patches. Is it just me, or are other people seeing these problems? Can someone tell me if my changes look right? Regards, James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9266 0200 http://conf.linux.org.au/ [EMAIL PROTECTED] 06/19/02 08:30am Seems that the current 2.8.8 has some problems patching into some of the mod_proxy code: ./ap/Makefile.tmpl.rej ./modules/proxy/mod_proxy.c.rej ./modules/proxy/proxy_http.c.rej Apart from those three files (536 bytes, 1312 bytes, 2607 bytes) it looks clean... James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9266 0200 http://conf.linux.org.au/ [EMAIL PROTECTED] 06/19/02 07:54am On Tue, 18 Jun 2002, Matthew Ruzicka wrote: Pardon my possible ignorance here, but has anyone come up with any good work arounds for getting mod_ssl to work with the (patched) Apache 1.3.26 since 2.8.8-1.3.24 only wants to work with 1.3.24? I'm looking into it. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] proxy_http.c.jebpatch Description: Binary data mod_proxy.c.jebpatch Description: Binary data Makefile.tmpl.jebpatch Description: Binary data
SOLN: Sun Crypto Accelerator Board 1, OpenSSL 0.9.6
Hello Everyone, About a month or two ago I was looking for help on the Sun Crypto Board 1 with OpenSSL 0.9.6-engine. My symptoms were that despite installing the Sun kernel drivers, and then building OpenSSL, Mod_SSL, and Apache as described, the card did not seem to be used (no flashy orange LED on the hardware, no increments on the counters with `cstest`). The error message that was turning up in my Apache error.log file was Failed to initialise API 'cswift', followed by Apache exiting. I have now go this working. http://www.james.rcpt.to/2001/sun-crypto Specifically: the Sun (effectively the Rainbow libswift.so) library is installed into /opt/SUNWconn/sunsecure/lib, while Mod_SSL/OpenSSL is looking in /usr/lib. The solution: symbolic link from /opt/SUNWconn/sunsecure/lib/libswift.so to /usr/lib/libswift.so. Hope this helps someone. James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9268 0200 JDV - e-Commerce and Outsourcing Solutions for Financial Services http://www.jdv.com/ Any securities recommendation contained in this document is unsolicited general information only. Do not act on a recommendation without first consulting your investment advisor to determine whether the recommendation is appropriate for your investment objectives, financial situation and particular needs. JDV believes that any information or advice (including any securities recommendation) contained in this document is accurate when issued. However, JDV does not warrant its accuracy or reliability. JDV, its officers, agents and employees exclude all liability whatsoever, in negligence or otherwise, for any loss or damage relating to this document to the full extent permitted by law. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Sun Crypto Accelerator Board?
Ta Geoff, I'll try to fill in the answers below... On Wed, 30 May 2001, Geoff Thorpe wrote: On Wed, 30 May 2001, James Bromberger wrote: chomp I built 0.9.6a-engine under Solaris 8 and have the hardware device configured. Sun ships a library called libswift.so (a link to libswift.so.5.2.2), along with libraries for Netscape Server (swiftns351.so, swiftns351.so.1) and iPlanet (cryptoki.jar, libcryptoki22.so). chomp 4189:error:26067072:engine routines:CSWIFT_MOD_EXP_CRT:request failed:hw_cswift.c:524:CryptoSwift error number is -10004 1 1024 bit private RSA's in 0.90s Doing 1024 bit public rsa's for 10s: RSA verify failure 4189:error:26066072:engine routines:CSWIFT_MOD_EXP:request failed:hw_cswift.c:413:CryptoSwift error number is -10004 1 1024 bit public RSA's in 0.71s chomp The above errors were with the engine cswift. The following is the output from the speed test without the engine, which completed with no error messages being displayed (which is why I chomped it first time around; see below for a complete output). Compared to without trying to use the cswift: signverifysign/s verify/s rsa 1024 bits 0.0287s 0.0016s 34.9642.1 Actually, the output you quoted showed errors in first operation (for both signing and verifying). So the stats can effectively be disregarded. As you quote a second set of stats (without its preceding output) it's difficult to know whether that failed also - I think it probably did because normally the sign/verify times are close to 10.000 s, not 0.0*** s! Please check your error output and run any diagnostics that go with your card+drivers to check the card and support software is working OK. The second output is re-run and quoted in full below: # ./openssl speed rsa1024 Doing 1024 bit private rsa's for 10s: 349 1024 bit private RSA's in 10.20s Doing 1024 bit public rsa's for 10s: 6402 1024 bit public RSA's in 10.00s OpenSSL 0.9.6a [engine] 5 Apr 2001 built on: Wed May 30 12:44:49 WST 2001 options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr) compiler: gcc -fPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall - DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM signverifysign/s verify/s rsa 1024 bits 0.0287s 0.0016s 34.8640.2 Yes, for the openssl *** commands (such as speed, s_client, etc), you use the -engine id switch to specify an engine. There is also an openssl engine command for listing (and if you want, testing) the engines available. I tried the engine option to get a listing: # ./openssl engine openssl:Error: 'engine' is an invalid command. Standard commands chomp - command summary If you specify -engine with no engine specified, it says just as much... no engine given. I'd recommend playing with that until you can see that openssl-based apps are using your card OK, and only then start worrying about speed (which is obviously less help in testing that the hardware is working). Speed isn't really what I want; using the card is. The OpenSSL speed test was just a way of trying to determine if the lower layer in the whole Apache + mod_ssl + OpenSSL + crypto card are working. For other applications (eg. mod_ssl, Apache-SSL, mail-server embellishments, etc) you'll have to see what support, if any, they have for doing the same thing. OpenSSL has to be instructed to use a given ENGINE - and it's possible to have multiple ENGINEs in use at the same time for different roles and/or keys, so it's not sufficient for openssl to just try and pick an ENGINE par default. (Also, given it's generally *other* applications using the openssl libraries, it's not a good idea to take control away from the application developer of such things.) Eeek. I haven't seen anything for mod_ssl to use a specific ENGINE; can someone please point me to some doco on this? Interestingly, http://morpheus.dcs.it.mtu.edu/~tcpiket/cryptocard/ claims success compiling OpenSSL with the Sun board with Configure solaris-sparcv8-cc -L/usr/local/lib threads shared -ldl, and while I have gcc, I tried solaris-sparcv9-gcc instead, but this failed (ld doesn't like the options generated). I rebuild OpenSSL with the -ldl option to config, and retested, using both an LD_LIBRARY_PATH that included the directory containing the Sub supplied libswift.so, and then with LD_PRELOAD for the exact library, but with no joy. OK. Please try going through it again, but first running any tests you have to ensure your hardware and support software is functioning as expected. Well, I have the cstest binary that Sun ships, which probes the card and tells it's state. It reports the number of interrupts attempted serviced and the number of requests attempted serviced. My speed tests with the engine enabled do increment this, Below is a paste from
Sun Crypto Accelerator Board?
I tried posting the following to the openssl-users list, but it seems that my requests for subscription and my post regarding the following issue went into the ether. I'll quote what I wrote earlier, and although this question is more an openssl issue than modssl, I am sure some people here will have dealt with this. --- BEGIN-CROSSPOST- I can't seem to see anything in the mail archives for the openssl-* lists, so here goes... Sun has a hardware crypto accelerator based on the Rainbow Cryptoswift chip, and claim support for OpenSSL. Indeed, they ship a set of patches versus 0.9.4. Can anyone indicate what the state is of support for the Sun Crypto Accelerator 1 Board in 0.9.6a-engine? I know the Rainbow product is working, but the Sun product seems to be quite different. I built 0.9.6a-engine under Solaris 8 and have the hardware device configured. Sun ships a library called libswift.so (a link to libswift.so.5.2.2), along with libraries for Netscape Server (swiftns351.so, swiftns351.so.1) and iPlanet (cryptoki.jar, libcryptoki22.so). When I try and do an ./openssl speed rsa1024 -engine cswift I see: engine cswift set. Doing 1024 bit private rsa's for 10s: RSA sign failure 4189:error:26067072:engine routines:CSWIFT_MOD_EXP_CRT:request failed:hw_cswift.c:524:CryptoSwift error number is -10004 1 1024 bit private RSA's in 0.90s Doing 1024 bit public rsa's for 10s: RSA verify failure 4189:error:26066072:engine routines:CSWIFT_MOD_EXP:request failed:hw_cswift.c:413:CryptoSwift error number is -10004 1 1024 bit public RSA's in 0.71s OpenSSL 0.9.6a [engine] 5 Apr 2001 built on: Mon May 21 15:42:29 WST 2001 options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr) compiler: gcc -fPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM signverifysign/s verify/s rsa 1024 bits 0.0900s 0.7100s 11.1 1.4 Compared to without trying to use the cswift: signverifysign/s verify/s rsa 1024 bits 0.0287s 0.0016s 34.9642.1 Not exactly accelerating much... ;) Does anyone have one of these boards working correctly with 0.9.6a-engine? Is there support for the Sun board in 0.9.6a-engine? My tests with cstest shows that the standard build of 0.9.6a-engine (with no options passed to config) is not using the crypto card by default. Is there something that must be done to get this working in this case? Interestingly, http://morpheus.dcs.it.mtu.edu/~tcpiket/cryptocard/ claims success compiling OpenSSL with the Sun board with Configure solaris-sparcv8-cc -L/usr/local/lib threads shared -ldl, and while I have gcc, I tried solaris-sparcv9-gcc instead, but this failed (ld doesn't like the options generated). I rebuild OpenSSL with the -ldl option to config, and retested, using both an LD_LIBRARY_PATH that included the directory containing the Sub supplied libswift.so, and then with LD_PRELOAD for the exact library, but with no joy. --- END--CROSSPOST--- So, are there modssl users using the Sun product? TIA, James -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9268 0200 JDV - e-Commerce and Outsourcing Solutions for Financial Services http://www.jdv.com/ Any securities recommendation contained in this document is unsolicited general information only. Do not act on a recommendation without first consulting your investment advisor to determine whether the recommendation is appropriate for your investment objectives, financial situation and particular needs. JDV believes that any information or advice (including any securities recommendation) contained in this document is accurate when issued. However, JDV does not warrant its accuracy or reliability. JDV, its officers, agents and employees exclude all liability whatsoever, in negligence or otherwise, for any loss or damage relating to this document to the full extent permitted by law. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: apache+mod_ssl in Debian Linux
Ie: LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so IfModule mod_ssl.c Listen 443 Listen 80 SSLMutex file:/var/tmp/apache.mutex SSLSessionCache dbm:/var/tmp/apache.session_cache_dbm SSLSessionCacheTimeout 300 SSLRandomSeed connect builtin SSLRandomSeed startup builtin /IfModule VirtualHost *:443 ServerName www.domain.com Port 443 SSLEngine on DocumentRoot /var/www/ DirectoryIndex index.cgi index.html SSLCertificateFile/etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache/ssl.key/server.key /VirtualHost ... works for me on unstable (Apache 1.3.19-1, 0.9.6a-1.0.1). James (Debian Maintainer, libapache-mod-backhand) http://www.rcpt.to/~james/ -- James Bromberger, Senior Web/Systems Administrator, JDV +61 8 9268 2909, +61 417 322 500 Fax: +61 8 9268 0200 [EMAIL PROTECTED] 05/31/00 02:55am On Tue, May 30, 2000 at 12:39:45PM -0500, Tim Willis wrote: I've done the dselect install of the mod_ssl packages in debian linux, however, I cannot hit https://localhost yet, is there a .config file I need to edit? Yep, there is a httpd.conf that probably needs to be edited. JDV - e-Commerce and Outsourcing Solutions for Financial Services http://www.jdv.com/ Any securities recommendation contained in this document is unsolicited general information only. Do not act on a recommendation without first consulting your investment advisor to determine whether the recommendation is appropriate for your investment objectives, financial situation and particular needs. JDV believes that any information or advice (including any securities recommendation) contained in this document is accurate when issued. However, JDV does not warrant its accuracy or reliability. JDV, its officers, agents and employees exclude all liability whatsoever, in negligence or otherwise, for any loss or damage relating to this document to the full extent permitted by law. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]