Re: PPOP3 Webmail
On Sun, 20 Jan 2002 12:08:46 EST, [EMAIL PROTECTED] writes: >I agree! I have squirrelmail (which is still broken in Debian), <...> What exactly is broken in squirrelmail? Works just fine here: ii cyrus-admin1.5.19-2 Cyrus mail system (administration tool) ii cyrus-common 1.5.19-2 Cyrus mail system (common files) ii cyrus-imapd1.5.19-2 Cyrus mail system (IMAP support) ii cyrus-pop3d1.5.19-2 Cyrus mail system (POP3 support) ii squirrelmail 1.2.2-1Webmail for nuts ii php4 4.0.3pl1-0pota A server-side, HTML-embedded scripting langu cheers, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / msg04947/pgp0.pgp Description: PGP signature
Re: interpreting email headers
On Mon, 21 Jan 2002 01:44:14 +0100, Russell Coker writes: >I have attached a strange bounce message I received, and would like some >advice in understanding exactly what happened. This looks like a somewhat braindead bounce, but the headers look just fine. What exactly makes you wonder? cheers, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / msg04948/pgp0.pgp Description: PGP signature
Re: interpreting email headers
On 21/01/02, Russell Coker wrote: > I have attached a strange bounce message I received, and would like some > advice in understanding exactly what happened. Well, since you didn't include any specific information, I can only try to analyze the header step by step and hope that's what you are asking for. Otherwise please tell us, what your exact problem is. > >>From [EMAIL PROTECTED] Mon Jan 21 01:37:31 2002 > Return-Path: <> Since the Return-Path has been set to <>, we can assume that this mail is coming from the address <> which is used for sending bounces. > Delivered-To: [EMAIL PROTECTED] Added by the MTA on sws_sat.sws.net.au when he delievered the mail into a mailbox. Could have been written by postfix. > Received: (qmail 23329 invoked from network); 21 Jan 2002 00:34:17 - qmail received a mail from the network, but wrote no further details. > Received: from unknown (HELO sws?sat.sws.net.au) (10.10.10.30) > by 10.10.10.8 with SMTP; 21 Jan 2002 00:34:17 - The time looks fine, so we assume that this line is correct. A Host with the IP 10.10.10.8 received a mail from an host with the IP 10.10.10.30 which claimed to be sws_sat.sws.net.au, but which was not verifiable via DNS. Looks like an internal forwarding. > Received: from ivanova.coker.com.au (ivanova.coker.com.au [203.36.46.209]) > by sws_sat.sws.net.au (Postfix) with ESMTP id 6E647CA51 > for <[EMAIL PROTECTED]>; Mon, 21 Jan 2002 11:34:16 +1100 (EST) The host ivanova.coker.com.au send a mail to the host called sws_sat.sws.net.au. The IP for this host is 203.36.46.209 and the name is also correct. The mail was destinated for rjc.sws.net.au. Compared with the headers which are following, I would assume that ivanova is either rewriting this or some more headers or simply forwarding everything. But since it's your MX this should be well know to you. ;-) > Received: by ivanova.coker.com.au (Postfix) > id 02D7CFAD2; Mon, 21 Jan 2002 11:34:15 +1100 (EST) The postfix instance on ivanova received a mail which. If I'm not mistaken the header also suggest that it was directly forwarded because of the postfix setup and not by an external tool. > Delivered-To: [EMAIL PROTECTED] Added by postfix on ivanova.coker.com.au, I would say. > Received: from debianlinux.net (c88006.upc-c.chello.nl [212.187.88.6]) > (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) > (Client did not present a certificate) > by ivanova.coker.com.au (Postfix) with ESMTP id 79134FB51 > for <[EMAIL PROTECTED]>; Mon, 21 Jan 2002 11:34:04 +1100 (EST) Okay, so ivanova.coker.com.au received this mail from a host which pretended to be debianlinux.net, but is really c88006.upc-c.chello.nl witht the IP address 212.187.88.6. It used TLS to deliver the mail, but didn't had a certificate available. The mail was for [EMAIL PROTECTED] Again a look in the logfiles on your MX should help you figure out what's exactly happening. > Received: from localhost (localhost [127.0.0.1]) > (ftp://ftp.isi.edu/in-notes/rfc1894.txt) > by debianlinux.net with dsn; Mon, 21 Jan 2002 01:37:31 +0100 debianlinux.net received a mail from a host called localhost, which has been verified. After checking the URL that is mentioned in this header here, I would say that DSN stands for Delivery Status Notification. > To: undisclosed-recipients: ; Hm, that one looks a bit strange here. Looks to me like it was send via Bcc instead of To or Cc. > From: [EMAIL PROTECTED] And this header seems to be from the MTA for the domain.coker.com.au, which was involved. Such a header would also be allowed for a DSN. But for a real DSN this header is lacking at least a correct content-type header. So I would merely suspect it's either a bounce generated because of a wrongly-formatted mail, which may should have been a DSN. Without inspecting the logfiles on the host ivanova.coker.com.au to find out as much information and then contacting the owner of the MTA for the domain debianlinux.net (IP: 212.187.88.6) and letting him inspect his logfiles also, this will be difficult to say. But at least the protocol that was used between localhost and debianlinux.net suggest that it should have been a DSN. > Status: R > X-Status: N Do you use mutt to read and write mails? If yes, mutt has certainly added those headers. Christian -- Debian Developer (http://www.debian.org) 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853 msg04949/pgp0.pgp Description: PGP signature
Phantom routes in the Linux kernel, not replaced by Zebra
[I'm not sure of my choice of mailing lists, see the discussion at the end.] We use only Linux routers and, from time to time, we have phantom routes. I mean routes that once were legitimate (learned via BGP) but should have been suppressed when BGP info changed and were not. These routes are displayed by Zebra as "kernel" routes (the normal routes are displayed as "ospf" or "bgp") and restarting Zebra does not make them disappear. I have to manually delete them. Rebooting, a la MS-Windows, solves everything. FreeBSD zealots keep bothering me that it is because Linux does not know RTF_STATIC ($KERNEL/include/linux/route.h), which prevents to pinpoint phantom routes. It seems true but this flag in nevertheless in GNU libc's headers (/usr/include/net/route.h). So, who is wrong, Linux, Zebra or me? What can I do to solve the problem? What can I do to workaround the problem? (Anyone has a Perl script which will telnet to the Zebra console and find all "kernel" routes?) Kernel 2.4.9 and 2.4.17. Zebra 0.92. PS: Regarding the choice of the mailing lists. The problem seems to be Linux-specific but I cannot find a good mailing list to discuss this sort of stuff (RTF_STATIC...). Don't tell me to subscribe to linux-kernel, I cannot swallow hundreds of messages relarted with the VM or with the device drivers. Feel free to reply in private (I'll summarize) or to reply only to the list you find suitable. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PPOP3 Webmail
On Mon, 2002-01-21 at 05:14, Robert Waldner wrote: > > On Sun, 20 Jan 2002 12:08:46 EST, [EMAIL PROTECTED] writes: > >I agree! I have squirrelmail (which is still broken in Debian), > <...> > > What exactly is broken in squirrelmail? Works just fine here: I'm running unstable for a number of reasons, and for the last two uploaded versions, you can't even log in. Tim > ii cyrus-admin1.5.19-2 Cyrus mail system (administration tool) > ii cyrus-common 1.5.19-2 Cyrus mail system (common files) > ii cyrus-imapd1.5.19-2 Cyrus mail system (IMAP support) > ii cyrus-pop3d1.5.19-2 Cyrus mail system (POP3 support) > ii squirrelmail 1.2.2-1Webmail for nuts > ii php4 4.0.3pl1-0pota A server-side, HTML-embedded scripting langu > > cheers, > &rw > -- > / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ > \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PPOP3 Webmail
On 21 Jan 2002 08:41:14 EST, Tim Sailer writes: >> >I agree! I have squirrelmail (which is still broken in Debian), >> <...> >> >> What exactly is broken in squirrelmail? Works just fine here: > >I'm running unstable for a number of reasons, and for the last two >uploaded versions, you can't even log in. Well, sounds like a configuration problem, and judging from experience[0] it's most likely to be with apache/php4, not squirrelmail. 0: If you enable register_globals in php.ini _and_ in a vhost-statement, it's...off. cheers, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / msg04952/pgp0.pgp Description: PGP signature
Re: [zebra 11943] Phantom routes in the Linux kernel, not replaced by Zebra
On Mon, Jan 21, 2002 at 01:29:26PM +0100, Stephane Bortzmeyer wrote: > These routes are displayed by Zebra as "kernel" routes (the normal routes are > displayed as "ospf" or "bgp") and restarting Zebra does not make them > disappear. I have to manually delete them. Rebooting, a la MS-Windows, solves > everything. > > FreeBSD zealots keep bothering me that it is because Linux does not know > RTF_STATIC ($KERNEL/include/linux/route.h), which prevents to pinpoint phantom Actually, it looks like Zebra under BSD uses the RTF_PROTO1 flag instead to distinguish its own routes. It shows up as a "1" in the flags column in netstat. Under Linux, no such thing as RTF_PROTO1. Instead, from a quick glance at the code in zebra/rt_netlink.c, it looks like Zebra tries to use RTPROT_ZEBRA in Netlink messages. But this does not seem to be stored by the kernel in the routing table (at least this field is not shown by netstat or route). So back to square one: unless I'm mistaken (which is quite possible since I'm not a Linux guru), no way for Zebra under Linux to clean up its own routes when it restarts. -- Pierre Beyssac [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [zebra 11946] Re: Phantom routes in the Linux kernel, not replacedby Zebra
On Mon, 21 Jan 2002, Pierre Beyssac wrote: > So back to square one: unless I'm mistaken (which is quite possible > since I'm not a Linux guru), no way for Zebra under Linux to clean > up its own routes when it restarts. "ip route flush proto zebra" works for me. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
