ead of depending on the
*text* output of some user check?
Don't create multiple UID 0 accounts. You'll horribly regret it later.
Been there, done that.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
"remove home directory" since it was the default. Whoops.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
that a line in INSTALL about configuring the
compiler and linker is appropriate. But the statements you're using to
support your argument are going too far.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Mark Delany [EMAIL PROTECTED] writes:
At 04:32 PM Tuesday 3/23/99, Russ Allbery wrote:
Mark, that's a standard compiler setup for a Solaris machine. Seriously.
What?! That the compiler is called gcc is a standard Solaris setup? Now
I don't understand. None of the Solaris machines I have
the e-mail address. sendmail
will add one with the name (from /etc/passwd) and e-mail address.
This will affect programs like elm, which don't add their own From header.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
more closely.
Could also be a poorly done RPM. A lot of RPMs for programs that have to
send mail incorrectly add a dependency on sendmail (rather than a more
general dependency on a mailer).
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
the entire environment of other processes.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
on NIS user IDs. We currently have UIDs up to
the 53000s in our NIS maps.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
.
And you still have to worry about 64K UIDs in most operating systems;
support for larger things is pretty spotty.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
negotiation, and have the proxy and
the server take care of that and then just expose regular SMTP to the
client.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Roman V Isaev [EMAIL PROTECTED] writes:
On 03/02, Russ Allbery wrote:
We did, for IMAP and POP. Was easier to write a proxy that spoke
Kerberos than it was to try to get vendors to support Kerberos. SMTP
is even simpler than those. (*Much* simpler than IMAP, which is a
royal pain
s, which I personally find distasteful. Being able to
indicate that yes, "Russ Allbery" is responding to you, but you should
send your responses to his mail to postmaster@leland so that other people
can help you too is valuable semantics.
MUAs like yours cause inexperienced users to over
e customer is dialed in.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
a problem there, because qmail-remote doesn't have a
way of binding to a specific IP address without patches.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ll* the lists at
one site, making things like global queries possible. A lot of people
have modified Majordomo implementations where global queries are even safe
and fast. This is not ezmlm's root philosophy, so even if you add support
for such things, it's not going to be as clean.
--
Russ Allbe
hat speaks this proprietary protocol and one that
speaks Internet mail protocols, and the user can simply reconfigure it to
solve the problem.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Adam D McKenna [EMAIL PROTECTED] writes:
From: Russ Allbery [EMAIL PROTECTED]
ezmlm is very easy to work with if you do and understand standard Unix
commands and files. But list owners don't normally have that kind of
access at nearly all list hosting sites that I'm aware of.
A few people
Harald Hanche-Olsen [EMAIL PROTECTED] writes:
- Russ Allbery [EMAIL PROTECTED]:
| There are cases where I'd rather fill the disk than lose logs. And
| predictable log rotation is actually something I'd rather like to
| have for a lot of things. I've wanted cyclog to be able to rotate
that
it's unlikely to happen since it's rather far away from the intended
purpose of cyclog.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
dress" in the directory ~alias/.qmail-my.
It's possible to use this to great effect to avoid having too many files
in the same directory and to more logically organize things. Since qmail
converts periods to colons, there's really no security problem with it.
--
Russ Allbery ([EMAIL PROTECTED])
better than the next guy, but wouldn't this be more
succinctly (and slightly faster) written as:
|bouncesaying 'Sorry, no mailbox here by that name. (#5.1.1)'
than with a Perl script?
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
johnjohn [EMAIL PROTECTED] writes:
On Thu, Feb 04, 1999 at 05:34:07PM -0800, Russ Allbery wrote:
johnjohn [EMAIL PROTECTED] writes:
No. This is after the embedding of a perl interpreter in qmail-local.
Ooo, bizarre. Yeah, that'd make Perl scripts faster.
What? Did I forget my smiley
disk accesses to show up as
paging since portions of that cache are freed and reallocated.
There was an excellent tutorial at the last LISA about this as well,
although it was pretty Solaris-specific.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
IP address provided to an end-user by an ISP. (At least possibly; I'm not
aware of whatever arrangements Dan has with his university. But here at
Stanford, I'd put faculty machines into that category.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Len Budney [EMAIL PROTECTED] writes:
I for one would be glad to pay at least .37 US dollars per email, if
it helps to reduce spam.
I wouldn't. Nor will I.
Period.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
most MTAs,
including qmail, but pretty much everyone has to be sendmail-compatible so
that works most everywhere. (With the caveat that you may need to change
/usr/lib to /usr/sbin on some platforms.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ot; output that doesn't confuse some clients and automatic
gunzip of .gz files if downloaded without the .gz extension.
I've wanted this badly enough that I've considered a few times just
patching Dan's code for both of these features.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
that I trust
least is the anonymous ftp server.
Hearing about break-ins always makes me think over the potential access
vulnerabilities in my own system. Dan's ftp server is *much*
lighter-weight and far more likely to be secure than wu-ftpd, and I'd like
to use it.
--
Russ Allbery ([EMAIL
ing return addresses of the form:
list-bounces-@host-@[]
it generates them as:
list+bounces+@host-@[]
I believe you'll immediately get what you want.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ng)
getpid( die_nomem();
}
if (flaghackrecip)
- if (!stralloc_cats(hackedruser,"-")) die_nomem();
+ if (!stralloc_cats(hackedruser,auto_break)) die_nomem();
if (!token822_ready(drp,10)) die_nomem();
drp.len = 0;
drp.t[drp.len].type = TOKEN822_ATOM;
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
can run.
The number I've heard is that setting up a new network TCP connection
requires ~200KB of kernel memory. How much of that is then freed after
the connection is up, I don't know.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
er.
I'm sorry to come across as picking on you. I'm really not. I'm being
cynical and grouchy more than anything else.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
, then, that the "right" answer to Tim's problem
is not the patch I provided but rather to use a QMAILSUSER of
list-request+bounces instead of list-request, so that sendmail will still
deliver to list-request and the dashes instead of + won't matter?
--
Russ Allbery ([EMAIL PROTECTED])
them into doing port blocking if they'd quit trying to misrepresent it as
a "feature."
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
eople from doing things they want to do is a "feature" and
that they shouldn't be trying to do those things in the first place. This
is just newspeak, and I don't have a lot of patience for it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
-distance call).
Now think back before spam became the number one issue people worry about
when running mail systems. Some people have been doing this for a while.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
their backs.
Which one do you think they chose?
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
resources devoted to keeping one's site from abusing the Internet. It may
be necessary, but you can't sell it as a feature.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Denis Voitenko [EMAIL PROTECTED] writes:
Or you could simply install LDAP :-)
Isn't that sort of like "simply" bringing about world peace? :)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
er by anobody
(right?).
Nope. It allows anyone to send you mail, but since RELAYCLIENT isn't set,
they can't use your server to mail other people. Looks fine to me.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
a serious problem since
now only active users can receive mail.
Possible workaround solution: Use the qmail-users mechanism to tell qmail
to deliver to /opt/home rather than to the home directories listed in the
password file.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
version of elm
on hpux9 (ver 70.85).
Ew. The "contrib" software shipped with HP-UX 9 was something like two
years old when they shipped it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
certainly a net
loss.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
will be
able to deploy hot-fixes until Dan can fix any problems that crop up, and
so that the software is guaranteed to have a future beyond the life or
interest of any one person.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
security patches, just
that Red Hat's reputation for moving away from the quick fixes and back to
mainline source as soon as possible isn't stellar.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
a chance before.
What they've accomplished when viewed as a *marketing company* is
extremely impressive. I wouldn't evaluate them with a metric of veteran
programmers spending all their time writing code any more than I'd
evaluate Dan on how well he markets his product.
--
Russ Allbery ([EMAIL
authentication and file servers).
Accusing tripwire of being less secure than an MD5 checksumming scheme
because you didn't follow the tripwire documentation is a little
questionable.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
"[EMAIL PROTECTED]" rather than "[EMAIL PROTECTED]"?
qmail's sendmail emulation is much less forgiving of such things than
sendmail itself.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
nd a home directory, and doesn't work if a
.qmail-default file exists with other delivery instructions. I'm thinking
of something that just delivers to a maildir. No other lookups, nothing
fancy, never looks at qmail-users or .qmail files, doesn't need to know
anything about users or their home directories.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
*grin*
Sure, I wasn't expecting hostile users; if someone tries hard enough to
break their email delivery, I'm *quite* sure they can succeed.
I would have gotten away with it if it weren't for you pesky users and
that dog!
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
deliveries to a
maildir out of another package and don't want to patch maildir support
into it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
penknife is all that's needed rather
than the Swiss Army knife. And at least theoretically it should be able
to just reuse the maildir delivery code from qmail-local, making it pretty
trivial to add to qmail proper.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
or will be reserved by IANA as a guaranteed
invalid TLD.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
an
SMTP session with qmail's normal mail logs.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
hing quite similar for software management in AFS as well.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
.
It also doesn't rely on just one checksum method for sensitive binaries.
RPM's verification thing is nice, but I really wouldn't rely on it as a
replacement for tripwire.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
.
And a potential network access on start to do NIS lookups.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
this mailing list. The only ones I've ever seen are regular bounces from
a mailing list I run, properly directed to the envelope sender, that
appear to be due to local misconfiguration at one site.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
201 - 258 of 258 matches
Mail list logo