The FreeBSD7
Wikipedia says, http://en.wikipedia.org/wiki/Freebsd FreeBSD 7.0 is on >> Improved scheduler and locking scalability for 32+ CPU systems (prototyping) Does Any One know How Many CPU Does FreeBSD 6.2 Supports ? THANKS IN ADVANCE ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
On Saturday 10 March 2007 22:14, Wojciech Puchar said: > >> with sshd and rshd it can be set, with telnetd - no success. > > > > That is a REALLY BAD idea. Why don't you just publish your > > address and set the root password to nothing. It's only going to > > take a cracker a couple of minutes or less to own your server > > once they find you (and they will). > > another stupid one not answering the question. > > could you describe how you get my password in a couple of minutes > if you are so intelligent? There are and have been many known exploits through telnet. The most recent one a couple of weeks ago affects SunOS where you can, using telnet, get root privileges without even logging in as root. Telnet does everything in clear text including passwords. All that's needed is to get in and install some network sniffing and the first time root logs in they would have the password. For a valid normal user on the LAN, it would be even easier. If you're looking for ease of login look into ssh and keys, that way you don't even need a password. Details are in the handbook. Even works from windows. I don't know anyone that still uses telnet except for testing on a totally closed network. An ISP I worked for disabled it and firewalled the port more than five years ago. Beech -- --- Beech Rintoul - Port Maintainer - [EMAIL PROTECTED] /"\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://www.freebsd.org X - NO Word docs in e-mail | Latest Release: / \ - http://www.freebsd.org/releases/6.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
On 11/03/07, Wojciech Puchar <[EMAIL PROTECTED]> wrote: >> >> with sshd and rshd it can be set, with telnetd - no success. > > That is a REALLY BAD idea. Why don't you just publish your address and > set the root password to nothing. It's only going to take a cracker a > couple of minutes or less to own your server once they find you (and > they will). another stupid one not answering the question. could you describe how you get my password in a couple of minutes if you are so intelligent? Oh, it's really simple: *If* the machine you're trying to configure root access via telnet is connected to the internet - in other terms the telnet port on the machine is accessible from the internet - one can actually brute force his/her way in. And in days of broadband connection several hundred different passwords can be guessed in a matter of seconds. There are tools like "john" that can do a bruteforce or dictionary attacks against password files, but there are similar tools that can do this over the network. To answer the question who should be able to snort you: Some script kiddies who don't understand what's actually going on, but who want to have some fun. This is why you've been told that configuring root access via telnet is a bad idea, just as any other here on this list is being told that it is a bad to configure root login via ssh - for the very same reason. And people asked you for your IP so that they could take care of your host. Since we can't know the IP adress of your host we had to ask. ;) But people who want to crack other machines don't need specific IP adress, they just scan entire networks. As most list members can tell you there are constant attacks against open ssh ports are going on. So this isn't stupidity really. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD7
did we not have this question yet? On Mar 11, 2007, at 4:37 PM, Susanth K wrote: Wikipedia says, http://en.wikipedia.org/wiki/Freebsd FreeBSD 7.0 is on >> Improved scheduler and locking scalability for 32+ CPU systems (prototyping) Does Any One know How Many CPU Does FreeBSD 6.2 Supports ? THANKS IN ADVANCE ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
if you are so intelligent? There are and have been many known exploits through telnet. The most recent one a couple of weeks ago affects SunOS where you can, using telnet, get root privileges without even logging in as root. Telnet does it affect FreeBSD? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
Oh, it's really simple: *If* the machine you're trying to configure root access via telnet is connected to the internet - in other terms the telnet port on the machine is accessible from the internet - one can actually brute force his/her way in. so please crack me 83.18.148.142 or 2001:4070:101:1::2 through telnetd ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [freebsd-questions] root login with telnetd
Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. once again - can someone answer my question instead of giving very "intelligent" comments? ___ If I remember correctly, you edit /etc/ttys and set some of your ttyp* (i.e. network ptys) to be 'SECURE'. It really isn't a good idea though. The reason I don't remember is that I haven't done it in about 10 years. If it's a remote program that needs root access, you can probably do something with ssh - you can allow ssh RootLogin, but not with passwords only public key auth, and you can *also* limit the key to be allowed to only connect from certain addresses and only run specific commands (e.g. some backup software works this way). You can have multiple keys with different restrictions even - Host A can run rsync only, and host B can run rdiff-backup only. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [freebsd-questions] root login with telnetd
once again - can someone answer my question instead of giving very "intelligent" comments? ___ If I remember correctly, you edit /etc/ttys and set some of your ttyp* (i.e. network ptys) to be 'SECURE'. It really isn't a good idea though. The reason it works. but it is strange solution, as rshd and sshd can be set up this way. why telnetd can't? i tried allow_root in /etc/pam.d/telnetd every place (like with /etc/pam/rsh) and it doesn't work. something with ssh - you can allow ssh RootLogin, but not with passwords only yes i already use PermitRootLogin in sshd_config and ssh root login works. same with rshd by changing /etc/pam.d/rsh but with telnet it does not. very funny is reading other people's replies about security, showing that they simply don't understand how things works. i don't ask if telnetd can be sniffed, because i know it can. as well as telnet when logging to non-root user, as well as rsh. and if there were exploits for telnetd for SunOS or FreeBSD, they exploited bugs in telnetd, and not guessing root password. so allowing root login or not doesn't make any difference. so generalizing that "telnet and rsh is bad" is as stupid as telling that oxygen is bad as it makes fires. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Tool for validating sender address as spam-fighting technique?
smf-sav is one sendmail milter which does this: http://smfs.sourceforge.net/smf-sav.html SAV v1.3.0 - console utility for e-Mail Sender Address Verification (also at http://smfs.sf.net/ ) Cheers, Phil -Original Message- From: Kelly Jones [mailto:[EMAIL PROTECTED] Sent: 10 March 2007 19:28 To: freebsd-questions@freebsd.org; users@spamassassin.apache.org; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Tool for validating sender address as spam-fighting technique? To fight spam, I want to validate the address (not necessarily in real-time) of the a given email sender. Is there a Unix tool that does this? The basics are simple: to validate "[EMAIL PROTECTED]", I connect to the MX record of wnonline.net and go as far as "RCPT TO" as follows: > host -t mx wnonline.net wnonline.net mail is handled by 5 wnspf.bayou.com. > telnet wnspf.bayou.com. 25 Trying 209.209.192.75... Connected to wnspf.bayou.com.. Escape character is '^]'. 220 Welcome to Bayou mxfilter HELO domaintester.com 250 mxfilter.bayou.com MAIL FROM: <[EMAIL PROTECTED]> 250 Ok RCPT TO: <[EMAIL PROTECTED]> 550 <[EMAIL PROTECTED]>: Recipient address rejected: 5.1.1 <[EMAIL PROTECTED]>... User unknown QUIT 221 Bye Connection closed by foreign host. This tells me [EMAIL PROTECTED] is an invalid address and that mail from that address is probably bogus. A more sophisticated tool would cache results, handle temporary failures (eg, inability to connect to the MX server), handle multiple MX records, perhaps even publish results [carefully, to avoid giving spammers a source of legit email addresses!], etc. Plus, I'd prefer to use a tested tool vs hacking something up myself. I realize this technique is far from perfect: Spammers spoof legit addresses Bounces/Mailing lists/etc legitimately use "do not reply" addresses It could be considered unfriendly to the target MX servers Some mail servers incorrectly say "user unknown" when they see spam, figuring it's more of a deterrent than saying "you're a spammer" Some mail servers inefficiently accept mail for "[EMAIL PROTECTED]" (where xxx.com is one of their domains), figure out if foo exists later, and send a bounce back to the envelope sender, instead of rejecting email at the SMTP level (a really good tool would create throwaway addresses to catch these cases too) ... but I still think it might help. -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [freebsd-questions] [freebsd-questions] root login with telnetd
Wojciech Puchar wrote: so generalizing that "telnet and rsh is bad" is as stupid as telling that oxygen is bad as it makes fires. Well, that's true, but if you have the choice, there are better choices. You *can* hammer in nails with the butt of a gun, but there's a chance you'll somehow shoot yourself in the arm. A hammer doesn't have that risk. There have been *many* problems over the years with rsh and telnet. rsh's security model comes from a time when people thought computers would never lie to each other. SSH does allow you to give only enough access, with the side-benefits (in your case) of compression and encryption. Even if you used ssh without those, the key-based authentication is still safer, and the code more modern and securely designed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [freebsd-questions] [freebsd-questions] root login with telnetd
There have been *many* problems over the years with rsh and telnet. rsh's security model comes from a time when people thought computers would never exactly true. so i use rsh between MY machines and rsh and telnet when sniffing is not a problem. wasn't easier just to answer the question? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
installing i386.rpm files on FBSD-6.1 amd64
Is it possible to do this? I've already installed linux_base-8 and rpm ports but when I try to install a "i386.rpm" file the system claims for some libs (libpopt, libtiff, glibc.so.6 , libxml, bash) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
When Will The FreeBSD 7.0 be released
Dear Friends, When Will The FreeBSD 7.0 be released ? SUSANTH K ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! Hence, the spam recipients now get twice as much mail from each spam run -- spam aimed at them, *and* bounce blowback from hundreds of spams aimed at others, forged to appear to be from them. It's the obvious response to SAV, which is one reason why we never implemented something like that in SpamAssassin. --j. Kelly Jones writes: > To fight spam, I want to validate the address (not necessarily in > real-time) of the a given email sender. Is there a Unix tool that does > this? > > The basics are simple: to validate "[EMAIL PROTECTED]", I connect to > the MX record of wnonline.net and go as far as "RCPT TO" as follows: > > > host -t mx wnonline.net > wnonline.net mail is handled by 5 wnspf.bayou.com. > > > telnet wnspf.bayou.com. 25 > Trying 209.209.192.75... > Connected to wnspf.bayou.com.. > Escape character is '^]'. > 220 Welcome to Bayou mxfilter > HELO domaintester.com > 250 mxfilter.bayou.com > MAIL FROM: <[EMAIL PROTECTED]> > 250 Ok > RCPT TO: <[EMAIL PROTECTED]> > 550 <[EMAIL PROTECTED]>: Recipient address rejected: 5.1.1 > <[EMAIL PROTECTED]>... User unknown > QUIT > 221 Bye > Connection closed by foreign host. > > This tells me [EMAIL PROTECTED] is an invalid address and that mail > from that address is probably bogus. > > A more sophisticated tool would cache results, handle temporary > failures (eg, inability to connect to the MX server), handle multiple > MX records, perhaps even publish results [carefully, to avoid giving > spammers a source of legit email addresses!], etc. Plus, I'd prefer to > use a tested tool vs hacking something up myself. > > I realize this technique is far from perfect: > > Spammers spoof legit addresses > > Bounces/Mailing lists/etc legitimately use "do not reply" addresses > > It could be considered unfriendly to the target MX servers > > Some mail servers incorrectly say "user unknown" when they see spam, > figuring it's more of a deterrent than saying "you're a spammer" > > Some mail servers inefficiently accept mail for "[EMAIL PROTECTED]" (where > xxx.com is one of their domains), figure out if foo exists later, and > send a bounce back to the envelope sender, instead of rejecting email > at the SMTP level (a really good tool would create throwaway addresses > to catch these cases too) > > ... but I still think it might help. > > -- > We're just a Bunch Of Regular Guys, a collective group that's trying > to understand and assimilate technology. We feel that resistance to > new ideas and technology is unwise and ultimately futile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
clean-hoststat
Hi; Just built a new server and got this error: Removing stale entries from sendmail host status cache: /etc/periodic/daily/150.clean-hoststat: purgestat: Permission denied # ls -al /etc/periodic/daily/150.clean-hoststat -rwxr-xr-x 1 root wheel 588 Jan 12 07:42 /etc/periodic/daily/150.clean-hoststat Please advise. TIA, Drew2 - Expecting? Get great news right away with email Auto-Check. Try the Yahoo! Mail Beta. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
Hello... I see you issues about telenet... I use the inetd+telnet for more than 20 years and using BSD with RSA, and obviiously with a good password. I have never been cracked down... and I have 10 of my /etc/ttys entries setted to "secure" ttyp0 nonenetwork off secure ttyp1 nonenetwork off secure ttyp2 nonenetwork off secure ttyp3 nonenetwork off secure ttyp4 nonenetwork off secure ttyp5 nonenetwork off secure ttyp6 nonenetwork off secure ttyp7 nonenetwork off secure ttyp8 nonenetwork off secure ttyp9 nonenetwork off secure ttypa nonenetwork off secure ttypb nonenetwork off secure ttypc nonenetwork off secure in my /etc/master.passwd. root:*:0:0::0:0:Charlie &:/root:/bin/csh a "kill -1 1" would allow root do dial in I block the root account in /etc/master.passwd by put a "*" as md5hash and setted up an "supper" account. pw adduser x -d /root -s /usr/local/bin/bash -u 0 -g 0 -h 0 Than is done... All the cracking I have seen is from someone that is INSIDE the machine (http using php,pop,imap, ssh,...) that is you have yet allowed him to come in, you gave them the password (in the case of ssh), or in http... A "normal" FreeBSD 6.2 or an OpenBSD, is incredible solid... You must know the "superuser" login AND the password choose a password with letters and numbers, or something in portuguese (only 7 countries speak that): biruta22, pezinho12, 45pinheiiros, tovazioagora, batatinha744, 45canastra96. I tested in an security system and it says is have good security... (pgp)... Besides.. using brute force in a word like "itacolomi" using a 1 second delay would result "forever" Besides, BSD have the ability to force a new password once it is too old... a new password every 3 months is a good choice and you must stilll pass through RSA . Thanks for sharing the experience... now I know I am not the one that uses "telenet" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: When Will The FreeBSD 7.0 be released
Susanth K wrote: Dear Friends, When Will The FreeBSD 7.0 be released ? Check: http://www.freebsd.org/releng/index.html Appears the release process is set to start in june. What is not yet clear is if RELENG_7 has been branched off yet so we should all update our supfile? I suppose this will happen before the the release process sets off. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org smime.p7s Description: S/MIME Cryptographic Signature
Re: root login with telnetd The FINAL SOLUTION
So. resuming: 1) change some lines in /etc/ttys to: ttyp0 nonenetwork off secure ttyp1 nonenetwork off secure ttyp2 nonenetwork off secure ttyp3 nonenetwork off secure ttyp4 nonenetwork off secure ttyp5 nonenetwork off secure ttyp6 nonenetwork off secure ttyp7 nonenetwork off secure ttyp8 nonenetwork off secure ttyp9 nonenetwork off secure ttypa nonenetwork off secure ttypb nonenetwork off secure ttypc nonenetwork off secure > 2) signal init to read it : kill -1 1 3) make sure inetd is running see the /etc/rc.conf must have inetd_enable="YES" 4) remove the "#" at the line telnet in inetd.conf 5) make inetd run /etc/rc.d/inetd restart 6) change root password echo "mysecretpassword" | pw usermod root -h 0 7) telnet to your server should now allow root login Sergio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: When Will The FreeBSD 7.0 be released
On 2007-03-11 15:14, Erik Norgaard <[EMAIL PROTECTED]> wrote: >Susanth K wrote: >> Dear Friends, >> >> When Will The FreeBSD 7.0 be released ? > > Check: > > http://www.freebsd.org/releng/index.html > > Appears the release process is set to start in june. > > What is not yet clear is if RELENG_7 has been branched off yet so we > should all update our supfile? I suppose this will happen before the > the release process sets off. For what it's worth, no RELENG_7 has not been branched yet. To answer Susanth's question, the scheduler published by the release engineering team is the one which should be the authoritative answer. The HEAD of CVS is now 7.0-CURRENT. Until a release is announced by the RE team, you should assume that the officially supported releases are the ones listed on our web site. Regards, Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
portupgrade bombing out for java
portupgrade is bombing due to the file tzupdater-1.1.0-2007c.zip not being found in /usr/ports/distfiles. however, when i visit http://www.freebsdfoundation.org/downloads/java.shtml, there appears to be no link or no information about such a file. does anyone know what the story is, and where this file is available from? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem Launching Applications in Gnome
On Thu, 08 Mar 2007 13:04:48 -0600, Edward Ruggeri <[EMAIL PROTECTED]> wrote: On Thu, 08 Mar 2007 12:54:55 -0600, Chuck Swiger <[EMAIL PROTECTED]> wrote: On Mar 7, 2007, at 6:57 PM, [EMAIL PROTECTED] wrote: The main application I run is Vim, which I run through Gnome- Terminal. I frequently have several copies running simultaneously. In general response to Gnome-Terminal commands is very fast, but sometimes when I try to open a file with Vim it takes up to 20-30 seconds to load. The files are not particularly large (max 300 lines). During this time, if I try to launch another application in Gnome (e.g., Opera or another Gnome-Terminal), it will not come up. It is as if everything is frozen until finally Vi loads and opens the file, at which point anything else I have tried to open works fine. Is it possible that you're low on RAM, and the system has to swap in a bunch of stuff to let you task-switch to Opera or GT? Is it only the combination of GT & Vim, or do you sometimes encounter this long delay when switching between applications doing other things? I have of course looked at top when this problem occurs. CPU usage is about 2%, and there is no significant memory usage either. It would be helpful to know what state the GT & vim processes were in, too. RAM usage remains very low throughout. In addition, I have 2GB of RAM on this system, so while that was also my first suspicion, I don't think that's it. When vim exhibits this behavior (which it doesn't always do), it will sit in sbwait and will finally load as it comes out of sbwait. If I try to open another GT during vim's stalling, it will also be stuck in sbwait, generally coming out of it at the same time as vim. Thanks very much for your thoughts! -- Ned Ruggeri Sorry to post again in response to my own email, but I have some new information. In addition to the processes being stuck in sbwait, it also appears that when loading they start on the second core but switch to the first when getting out of the sbwait state. Also, this problem definitely seems to be exhibited in other applications. Sometimes I have to wait 15 seconds for Gnome-Terminal to load even with no applications running. I'm suspicious this might be related to Gnome's Screensaver, since GT opens slowly generally after coming out of screensaver. Any thoughts? It's a real drag, because freeBSD is so fast for me outside this problem, but it's making it impossible to use... Thanks guys! Sincerely, -- Ned Ruggeri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Daylight Savings Time -- /etc/localtime and what else?
A month ago I downloaded tzdata2007b.tar.gz, compiled it and installed a new /etc/localtime. All seemed OK. Now, after the time change, I've had to restart both 'fetchmail' and 'sendmail' to get '/var/log/maillog' in-sync with the new time. Not a problem; apparently these processes use time-data based on their original startup. But what else needs to be restarted? 'top' (edited) for root shows: PID STATETIME WCPUCPU COMMAND 242 select 4:37 0.00% 0.00% syslogd 386 nanslp 3:28 0.00% 0.00% cron 418 select 0:32 0.00% 0.00% inetd 18001 select 0:01 0.00% 0.00% sshd 6985 RUN 0:00 0.00% 0.00% top 6844 pause0:00 0.00% 0.00% csh 423 ttyin0:00 0.00% 0.00% getty (x8 Lines) 167 pause0:00 0.00% 0.00% adjkerntz 224 select 0:00 0.00% 0.00% devd Maybe 'cron' -- daily & security email is an hour off. Should I just restart the whole system? (FreeBSD 5.4, i386) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
jails and crashes
is there any fix for crashing when using jails i have few jails on one machine, almost nothing running outside jails, and it crashes. as far as i found - crash is always when allocating pty - when logging with ssh telnet etc. to one of jails. any fixes? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: portupgrade bombing out for java
On Sun, 11 Mar 2007, Jonathan Horne wrote: portupgrade is bombing due to the file tzupdater-1.1.0-2007c.zip not being found in /usr/ports/distfiles. however, when i visit http://www.freebsdfoundation.org/downloads/java.shtml, there appears to be no link or no information about such a file. Type # make install manually into your java port's directory. It will tell you where to find this file. Regards, Uli. does anyone know what the story is, and where this file is available from? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Peter Ulrich Kruppa Wuppertal Germany ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
getting mail to work
I use freebsd on an older computer in my home network to run a webserver, a few web apps (bugzilla, tikiwiki), and samba. I just installed postfix via the ports collection so I can use the mail functionality of bugzilla. Bugzilla does its part correctly; I can see the message in the mailq, but all messages time out. From the postfix site, I learned about the MTU black hole issue (http://www.postfix.org/faq.html#timeouts). After spending some time messing both with my bsd machine's hostname and my home network gateway's settings (domain name and mtu size), I got nowhere. But then I read somewhere (sorry, I don't have the reference) that the handshake that goes on between my MTA and the destination machine includes a check that I'm not spoofing a domain that I don't control. Makes sense! So, I figured that I don't have an MTU problem at all, but a hostname/domain name problem. What I'm a little weak on is understanding is this... I own my_domain.com. I've paid a hoster for the last couple years, but that's ending in a week or so. Meanwhile, I've used dyndns to point foo.homedns.org to my IP. Originally, I had left the gateway's domain as the default (something based on my isp's domain), and set the bsd machine's hostname to foo.my_domain.com. But that's why mail was failing (I think) because dns was reporting that my_domain.com was not the same as my IP. Is this correct? Also, what are valid entries then for hostname then? Anything I want, as long as it's not some domain already known in the dns? Does it matter if I change my "domain" name on my LAN router? Finally, what I'd really like to do is just manage all this myself. I'm not providing any services to anyone but myself. (I don't have users, and don't need to receive mail.) My plan had been to pay dyndns to handle pointing to my_domain.com for me, but now I'm wondering if I can't just do that too. So, last question: does setting up dns on my bsd box mean I can propogate my IP for my_domain.com myself? Thanks in advance for help! e. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd The FINAL SOLUTION
works fine. thank you very much (point 6 wasn't needed) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: When Will The FreeBSD 7.0 be released
Dear Friends, When Will The FreeBSD 7.0 be released ? when it will be ready. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
"Ed Zwart" <[EMAIL PROTECTED]> wrote: > > I use freebsd on an older computer in my home network to run a > webserver, a few web apps (bugzilla, tikiwiki), and samba. I just > installed postfix via the ports collection so I can use the mail > functionality of bugzilla. > > Bugzilla does its part correctly; I can see the message in the mailq, > but all messages time out. From the postfix site, I learned about the > MTU black hole issue (http://www.postfix.org/faq.html#timeouts). > After spending some time messing both with my bsd machine's hostname > and my home network gateway's settings (domain name and mtu size), I > got nowhere. > > But then I read somewhere (sorry, I don't have the reference) that the > handshake that goes on between my MTA and the destination machine > includes a check that I'm not spoofing a domain that I don't control. > Makes sense! So, I figured that I don't have an MTU problem at all, > but a hostname/domain name problem. > > What I'm a little weak on is understanding is this... > > I own my_domain.com. I've paid a hoster for the last couple years, > but that's ending in a week or so. Meanwhile, I've used dyndns to > point foo.homedns.org to my IP. > > Originally, I had left the gateway's domain as the default (something > based on my isp's domain), and set the bsd machine's hostname to > foo.my_domain.com. But that's why mail was failing (I think) because > dns was reporting that my_domain.com was not the same as my IP. Is > this correct? > > Also, what are valid entries then for hostname then? Anything I want, > as long as it's not some domain already known in the dns? Does it > matter if I change my "domain" name on my LAN router? > > Finally, what I'd really like to do is just manage all this myself. > I'm not providing any services to anyone but myself. (I don't have > users, and don't need to receive mail.) My plan had been to pay > dyndns to handle pointing to my_domain.com for me, but now I'm > wondering if I can't just do that too. So, last question: does setting > up dns on my bsd box mean I can propogate my IP for my_domain.com > myself? First, you need to figure out what the problem is. You're making a lot of guesses right now. However, I would suspect that your best bet would be to specify that all outgoing mail routes through your ISP. Their MTA should be configured to allow all mail from their customers to be sent. In postfix, define the relayhost parameter to be your ISP's outgoing server. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: installing i386.rpm files on FBSD-6.1 amd64
On Sun, 11 Mar 2007 12:44:38 + Luiz A B de Campos wrote: > Is it possible to do this? I've already installed linux_base-8 and rpm ports It is recommended to use linux_base-fc4 nowadays. > but when I try to install a "i386.rpm" file the system claims for some libs > (libpopt, libtiff, glibc.so.6 , libxml, bash) All those apps are already at the ports tree. Which app do you need to run? If it presents at the ports tree one should use ports/packages to install. WBR -- Boris Samorodov (bsam) Research Engineer, http://www.ipt.ru Telephone & Internet SP FreeBSD committer, http://www.FreeBSD.org The Power To Serve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
On Sunday 11 March 2007 10:45, Ed Zwart wrote: > I use freebsd on an older computer in my home network to run a > webserver, a few web apps (bugzilla, tikiwiki), and samba. I just > installed postfix via the ports collection so I can use the mail > functionality of bugzilla. > > Bugzilla does its part correctly; I can see the message in the > mailq, but all messages time out. From the postfix site, I learned > about the MTU black hole issue > (http://www.postfix.org/faq.html#timeouts). After spending some > time messing both with my bsd machine's hostname and my home > network gateway's settings (domain name and mtu size), I got > nowhere. > > But then I read somewhere (sorry, I don't have the reference) that > the handshake that goes on between my MTA and the destination > machine includes a check that I'm not spoofing a domain that I > don't control. Makes sense! So, I figured that I don't have an MTU > problem at all, but a hostname/domain name problem. > > What I'm a little weak on is understanding is this... > > I own my_domain.com. I've paid a hoster for the last couple years, > but that's ending in a week or so. Meanwhile, I've used dyndns to > point foo.homedns.org to my IP. > > Originally, I had left the gateway's domain as the default > (something based on my isp's domain), and set the bsd machine's > hostname to foo.my_domain.com. But that's why mail was failing (I > think) because dns was reporting that my_domain.com was not the > same as my IP. Is this correct? > > Also, what are valid entries then for hostname then? Anything I > want, as long as it's not some domain already known in the dns? > Does it matter if I change my "domain" name on my LAN router? > > Finally, what I'd really like to do is just manage all this myself. > I'm not providing any services to anyone but myself. (I don't have > users, and don't need to receive mail.) My plan had been to pay > dyndns to handle pointing to my_domain.com for me, but now I'm > wondering if I can't just do that too. So, last question: does > setting up dns on my bsd box mean I can propogate my IP for > my_domain.com myself? > > Thanks in advance for help! > > e. Your ISP is probably just blocking outgoing connections to port 25...set postfix to use their smtp servers as a relayhost. -- Thanks, Josh Paetzel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
Wojciech Puchar wrote: Err, sure; and for completeness, be sure and send the IP back to this list, and publish it on the front page of your website/blog/whatnot. and what if i will? do you know my root password? OK, cynicism aside, why on earth would you want to do this? That's a fool's errand in today's world. Or, are you on a 2-machine network via crossover if you can't answer the question, just shut up. EOT I am.. amazed by your aggressive attitute towards everyone else and being ironic and calling everyone VIM's. What you fail to realize is the dumbness of what you're trying to do, there are no nice words I can use to explain it. We were being ironic with you so that you could understand just how bad what you're trying to achieve is. You are being ironic with us because you think there's nothing wrong with logging in as root with telnet. There are a thousand ways I could go about explaining how bad it is and why it is bad, but in the end you'd just say I'm a VIM, so I won't even bother. Oh well, your server, your password. Just don't say you were not warned. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
Sergio Lenzi wrote: Hello... I see you issues about telenet... I use the inetd+telnet for more than 20 years and using BSD with RSA, and obviiously with a good password. I have never been cracked down... and I have 10 of my /etc/ttys entries setted to "secure" ttyp0 nonenetwork off secure ttyp1 nonenetwork off secure ttyp2 nonenetwork off secure ttyp3 nonenetwork off secure ttyp4 nonenetwork off secure ttyp5 nonenetwork off secure ttyp6 nonenetwork off secure ttyp7 nonenetwork off secure ttyp8 nonenetwork off secure ttyp9 nonenetwork off secure ttypa nonenetwork off secure ttypb nonenetwork off secure ttypc nonenetwork off secure in my /etc/master.passwd. root:*:0:0::0:0:Charlie &:/root:/bin/csh a "kill -1 1" would allow root do dial in I block the root account in /etc/master.passwd by put a "*" as md5hash and setted up an "supper" account. You could have just changed it's name, and the end result is exactly the same. If you have other services running in this server, there are various ways to figure out who has uid 0. Changing root's account or adding another uid 0 won't make it any harder. pw adduser x -d /root -s /usr/local/bin/bash -u 0 -g 0 -h 0 Than is done... All the cracking I have seen is from someone that is INSIDE the machine (http using php,pop,imap, ssh,...) that is you have yet allowed him to come in, you gave them the password (in the case of ssh), or in http... A "normal" FreeBSD 6.2 or an OpenBSD, is incredible solid... Indeed, that's exactly why it comes with sshd instead of telnetd and they both DO NOT allow root logins by default. You must know the "superuser" login AND the password With sshd and root logins off, you need to know your username's password/passphrase for DSA/RSA, you need to be in the right group so you can even attempt to become root, and you need the root password too. Ontop of all that, everything's encrypted. Please do not even TRY to compare. choose a password with letters and numbers, or something in portuguese (only 7 countries speak that): biruta22, pezinho12, 45pinheiiros, tovazioagora, batatinha744, 45canastra96. Spoken in:Angola, Brazil, Mozambique, Portugal, and several other CPLP countries Total speakers:Native: 210 million Total: 230 million Brilliant. I tested in an security system and it says is have good security... (pgp)... I won't comment this. Besides.. using brute force in a word like "itacolomi" using a 1 second delay would result "forever" Besides, BSD have the ability to force a new password once it is too old... a new password every 3 months is a good choice and you must stilll pass through RSA . Thanks for sharing the experience... now I know I am not the one that uses "telenet" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
The FreeBSD's Implementation Language
Dear Friends, Is FreeBSD Completely Written in C ? Is there any part of OS written in C++ ? And I Guess GCC Compiler is used for compilation; ( Is it so ? ) Please correct me; if am not. Am new to FreeBSD; ( Sorry; if Any of u find this as a silly Question ) SUSANTH K ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd The FINAL SOLUTION
--On March 11, 2007 11:22:42 AM -0300 Sergio Lenzi <[EMAIL PROTECTED]> wrote: 7) telnet to your server should now allow root login What do you gain by allowing telnet access to your hosts that you don't get with ssh? Paul Schmehl ([EMAIL PROTECTED]) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
OpenSSH Problem with disconnects
Hi, I am having a big problem with the OpenSSH Daemon on my server. Whenever I am connected to the server and the connection is idle for a few seconds it gets disconnected. It's almost impossible to work from remote on the server when the connection is always getting dropped. The server is running FreeBSD angmar.domain.com 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP i386 and the SSHD installed by sysinstall OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 . I tried a complete FreeBSD reinstall but it did not help, I tried various settings like KeepAlive TCPKeepAlive but they did not help either. I upgraded OpenSSL to 0.9.8e and I installed OpenSSH 4.6p1 but it did not solve the problem. When I run SSH with loglevel debug I see this in the auth.log when I am getting disconnected: Read error from remote host 192.168.2.100: Connection reset by peer . When I use strace to monitor the process I see this on disconnect 643 wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], WNOHANG, NULL) = 4975 643 wait4(-1, 0xbfbfdc9c, WNOHANG, NULL) = -1 ECHILD (No child processes) 643 syscall_416(0x14, 0, 0xbfbfdc20) = 0 643 syscall_417(0xbfbfdcd0) = -1 (errno 4) 643 select(7, [3 4], NULL, NULL, NULL I tried to find information's about syscall_417 but had no luck with that. I am stuck here and have no idea what to do. When I am connected to the server by FTP I don't get disconnected when the connection is idle ( no nohup or so being sent ) and when I connect by Telnet I also don't get disconnected when the connection is idle. I am not sure if I should add the dmesg output here for sys specs or not. I don't do it now but can give it if needed. I installed Debian on another HDD of the server today and I am not having any problems there. No SSH disconnects all the time. Thanks for any help. -Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Assemblers for FreBSD
If one wanted to learn Assembly Language Programming, would he be better served starting with as(1) or nasm(1)? Also, are either of those applicable to AMD64, or just i386? TIA, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
polling my FreeBSD compariots...
ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD's Implementation Language
Dear Friends, Is FreeBSD Completely Written in C ? Is there any part of OS written in C++ ? see the sources. And I Guess GCC Compiler is used for compilation; ( Is it so ? ) Please correct me; if am not. Am new to FreeBSD; ( Sorry; if Any of u find this as a silly Question ) you need answers to some kind of quiz or test... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
Jonathan Horne wrote: ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Jonathan; Take a look at WindowMaker, or BlackBox if you want to get real minimal. Both are excellent window managers (not desktops) and can be found in ports. Firefox, Thunderbird, and all the rest work just fine. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
Jonathan Horne <[EMAIL PROTECTED]> wrote: > > ive been a KDE user for as long as i can remember. this week, im off from > work, and want to spend some time trying something new with my laptop. so > far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. > > id like to try to try something thats not gnome, or basically id like to try > some of the lesser known, but still just as functional desktops. > > can i get some recommendations, as well as what graphical mail reader and web > browser works best with your recommendation? I've been using xfce4 for quite a while. I like it because it's got everything I need, and not a lot of extra junk to get in my way (I find KDE and GNOME bloated) I use Sylpheed for mail and Firefox for web. HTH -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
Jonathan Horne wrote: ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Check out http://www.enlightenment.org/Enlightenment/DR17/ It's in ports and its probably what you're looking for, fast, function and a fair bit of eyecandy. I honestly opt for Opera because its fast, functional and it has all the functionality I want built right in. As for mail, it seems Opera dropped the ball on IMAP support. It's utterly horrid in Opera 9. Because of this I go for thunderbird because it just works the way I want. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD's Implementation Language
Susanth K wrote: > Dear Friends, > > Is FreeBSD Completely Written in C ? Almost. The kernel and most parts are. > Is there any part of OS written in C++ ? There are some but there are not many of them. It's not a matter of policy but of the individual choice of a developer. > And I Guess GCC Compiler is used for compilation; ( Is it so ? ) Yes. signature.asc Description: OpenPGP digital signature
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. Hence, the spam recipients now get twice as much mail from each spam run -- spam aimed at them, *and* bounce blowback from hundreds of spams aimed at others, forged to appear to be from them. It's the obvious response to SAV, which is one reason why we never implemented something like that in SpamAssassin. Sorry, but you conclusion does not follow. Sender verification has been around for a while and this has not happened in my experience. Ie, there is no greater use of real FROM addresses than there was before. Most MTAs have in-built routines to do this, with exim having a particularly good facility for this. Technically, with exim's, you are actually validating the sending server's adherence to the RFCs about accept DSN replies back. Chad --j. Kelly Jones writes: To fight spam, I want to validate the address (not necessarily in real-time) of the a given email sender. Is there a Unix tool that does this? The basics are simple: to validate "[EMAIL PROTECTED]", I connect to the MX record of wnonline.net and go as far as "RCPT TO" as follows: host -t mx wnonline.net wnonline.net mail is handled by 5 wnspf.bayou.com. telnet wnspf.bayou.com. 25 Trying 209.209.192.75... Connected to wnspf.bayou.com.. Escape character is '^]'. 220 Welcome to Bayou mxfilter HELO domaintester.com 250 mxfilter.bayou.com MAIL FROM: <[EMAIL PROTECTED]> 250 Ok RCPT TO: <[EMAIL PROTECTED]> 550 <[EMAIL PROTECTED]>: Recipient address rejected: 5.1.1 <[EMAIL PROTECTED]>... User unknown QUIT 221 Bye Connection closed by foreign host. This tells me [EMAIL PROTECTED] is an invalid address and that mail from that address is probably bogus. A more sophisticated tool would cache results, handle temporary failures (eg, inability to connect to the MX server), handle multiple MX records, perhaps even publish results [carefully, to avoid giving spammers a source of legit email addresses!], etc. Plus, I'd prefer to use a tested tool vs hacking something up myself. I realize this technique is far from perfect: Spammers spoof legit addresses Bounces/Mailing lists/etc legitimately use "do not reply" addresses It could be considered unfriendly to the target MX servers Some mail servers incorrectly say "user unknown" when they see spam, figuring it's more of a deterrent than saying "you're a spammer" Some mail servers inefficiently accept mail for "[EMAIL PROTECTED]" (where xxx.com is one of their domains), figure out if foo exists later, and send a bounce back to the envelope sender, instead of rejecting email at the SMTP level (a really good tool would create throwaway addresses to catch these cases too) ... but I still think it might help. -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
--- Jonathan Horne <[EMAIL PROTECTED]> wrote: > ive been a KDE user for as long as i can remember. > this week, im off from > work, and want to spend some time trying something > new with my laptop. so > far i have it built with 6.2-RELEASE-p2, and xorg up > to the minimal desktop. > > id like to try to try something thats not gnome, or > basically id like to try > some of the lesser known, but still just as > functional desktops. > > can i get some recommendations, as well as what > graphical mail reader and web > browser works best with your recommendation? > > thanks, > jonathan > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > Hello Jonathan, Here are a few questions: 1) Are you looking for a Desktop Environment (DE)? 2) Are you looking for a Window Manager (WM)? Here is a little blurb that describes the differences: http://xwinman.org/intro.php The above site also has a very comprehensive list of both DE's and WM's. Basically; decide if you want a very integrated environment or something less integrated . Personally; I prefer WM's over DE's. From that point; I select the applications that I want on my system. WM are basically very streamlined with few utilities (if any). Contrast that with Gnome or KDE; which come with an array of support tools (IE: browsers, file managers, printer configuration tools, system utilities, et al). In essence; it is a matter of choice. My vote is for Fluxbox (WM). PS: Keep in mind that some lines blur with DE and WMs. In my humble opinion some WM have a DE feel to them. explore the above link and see what strikes a chord. Regards, Paulette McGee The fish are biting. Get more visitors on your site using Yahoo! Search Marketing. http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote: > > On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: > > > > >for what it's worth, I would suggest *not* adopting this > >as an anti-spam technique. > > > >Sender-address verification is _bad_ as an anti-spam technique, in my > >opinion. Basically, there's one obvious response for spammers > >looking to > >evade it -- use "real" sender addresses. Where's an easy place to find > >real addresses? On the list of target addresses they're spamming! > > This is a red-herring. They already do that. They have been doing > that for a long time. And it has nothing to do with sender > verification. > > Sender verification works and works well. I hate sender verification because it forces me (the sender) to jump through hoops just for the privilege of sending email to you. I send a lot of "courtesy" emails to e.g. port maintainers who have problems with their ports, and when I encounter someone with such a system I usually don't bother following up (their port just gets marked broken in the usual way, and they can follow up on it on their own if they want to). Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. I hate sender verification because it forces me (the sender) to jump through hoops just for the privilege of sending email to you. No, it forces you to set up a correct RFC abiding system I send a lot of "courtesy" emails to e.g. port maintainers who have problems with their ports, and when I encounter someone with such a system I usually don't bother following up (their port just gets marked broken in the usual way, and they can follow up on it on their own if they want to). If your system is following the RFCs then you should have no problems. YOU should fix your broken system. Sending emails without a valid from address is disconsiderate. Why should I accept a mail from an account that violates the RFCs about accepting DSN back? Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Sun, Mar 11, 2007 at 01:43:22PM -0600, Chad Leigh -- Shire.Net LLC wrote: > > On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: > > >On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net > >LLC wrote: > >> > >>On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: > >> > >>> > >>>for what it's worth, I would suggest *not* adopting this > >>>as an anti-spam technique. > >>> > >>>Sender-address verification is _bad_ as an anti-spam technique, > >>>in my > >>>opinion. Basically, there's one obvious response for spammers > >>>looking to > >>>evade it -- use "real" sender addresses. Where's an easy place to > >>>find > >>>real addresses? On the list of target addresses they're spamming! > >> > >>This is a red-herring. They already do that. They have been doing > >>that for a long time. And it has nothing to do with sender > >>verification. > >> > >>Sender verification works and works well. > > > >I hate sender verification because it forces me (the sender) to jump > >through hoops just for the privilege of sending email to you. > > No, it forces you to set up a correct RFC abiding system > > >I send > >a lot of "courtesy" emails to e.g. port maintainers who have problems > >with their ports, and when I encounter someone with such a system I > >usually don't bother following up (their port just gets marked broken > >in the usual way, and they can follow up on it on their own if they > >want to). > > If your system is following the RFCs then you should have no > problems. YOU should fix your broken system. Sending emails without > a valid from address is disconsiderate. Why should I accept a mail > from an account that violates the RFCs about accepting DSN back? Perhaps we are talking about different things, I am talking about systems which send me an email back requiring me to do steps a, b or c in order to complete delivery of the email. kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenSSH Problem with disconnects
On Sun, Mar 11, 2007, Alexander Schlichting wrote: > > >Hi, > > > >I am having a big problem with the OpenSSH Daemon on my server. Whenever I >am connected to the server and the connection is idle for a few seconds it >gets disconnected. It's almost impossible to work from remote on the server. It's been my experience that this has been related to NAT (Network Address Translation), IP masquerading or possibly other firewall settings, and may well not be FreeBSD specific. One of my customers had a problem like this in the last week or so and tracked it down to settings on their LinkSys BEFVP41 VPN router which had some firewall setting that caused ssh connections to drop (it wasn't NAT on this as I've not had this problem with other BEFVP41s). We ran all internal traffic through a Caldera OpenLinux 2.3 system, with a 2.4 Linux kernel with ipchains IP masquerading, and it would drop ssh connections after several minuted of inactivity (I would often run top on the remote system just to keep the connection alive when I wasn't doing something that would create activity). When we switched our border machine to a SLES9 machine with a 2.6 Linux kernel and iptables NAT the problem went away. There are also ssh_config and sshd_config parameters that relate to tcp timeouts and keep alive actions. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software, LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 ``I presume you all know who I am. I am humble Abraham Lincoln. I have been solicited by many friends to become a candidate for the legistlature. My politics are short and sweet, like the old woman's dance. I am in favor of a national bank ... in favor of the internal improvements system, and a high protective tariff.'' -- Abraham Lincoln, 1832 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [freebsd-questions] [freebsd-questions] root login with telnetd
On 11/03/07, Wojciech Puchar <[EMAIL PROTECTED]> wrote: > There have been *many* problems over the years with rsh and telnet. rsh's > security model comes from a time when people thought computers would never exactly true. so i use rsh between MY machines and rsh and telnet when sniffing is not a problem. wasn't easier just to answer the question? Well, no offense ment, but there are many people posting questions to this list, and some of them aren't aware of potential security problems of actions they want to perform. So generally if a question with a potential harmfull consequence is asked people are told of these fact, because noone here on this list can guess if it is known, or not. Wouldn't it have been easier for you to tell people on this list that you are aware of the problems? I mean, instead of getting rude? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
Perhaps we are talking about different things, I am talking about systems which send me an email back requiring me to do steps a, b or c in order to complete delivery of the email. that's challenge/response, which has been widely discredited for years. SAV is a receiving MX probing the MX of [EMAIL PROTECTED] for verification of sender as known recipient. Len ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:44 PM, John Levine wrote: Sender verification works and works well. I suppose that if you define "works" to include mailbombing innocent third parties, then that might be true. I have some fairly heavily forged domains, and on a bad day I see upwards of 300,000 connections from bounces, "validation", and the like attacking the little BSD box under my desk where the MTA is. Gee, thanks a lot. Verification has nothing to do with bounces and mail bombs. You may get some traffic from verification but you would need to separate that out from the rest which is unrelated before you have a meaningful statistic. Sorry, but you conclusion does not follow. Sender verification has been around for a while and this has not happened in my experience. Ie, there is no greater use of real FROM addresses than there was before. What planet have you been on? A few years back spam return addresses were typically complete fakes in nonexistent domains. Now they're picked out of the same victim lists as the targets. They have been doing that for ages. I run a hosting service and have had that problem way before sender verification became in vogue. I've had to locally blacklist a few places specifically because of all of their abusive verification. If that's what you want, well ... That is up to you. If you claim to handle mail services for a certain domain, that includes verifying that mail is from you or not. YOU are responsible for the mail sent with your domain on it. Oh, and the way my MTA is set up, a verification callback doesn't work. But that doesn't keep the clueless from trying. That is your business. But you are in violation of the RFCs Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:46 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 01:43:22PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. I hate sender verification because it forces me (the sender) to jump through hoops just for the privilege of sending email to you. No, it forces you to set up a correct RFC abiding system I send a lot of "courtesy" emails to e.g. port maintainers who have problems with their ports, and when I encounter someone with such a system I usually don't bother following up (their port just gets marked broken in the usual way, and they can follow up on it on their own if they want to). If your system is following the RFCs then you should have no problems. YOU should fix your broken system. Sending emails without a valid from address is disconsiderate. Why should I accept a mail from an account that violates the RFCs about accepting DSN back? Perhaps we are talking about different things, I am talking about systems which send me an email back requiring me to do steps a, b or c in order to complete delivery of the email. No, we are talking about the MTA verifying that the sender address is a real address that can accept either mail back or at least a properly formatted DSN back. The things you talk about ARE a PITA and I usually ignore them unless the person is wanting to give me money... (Ie a customer who placed an order with another business I run for example). Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
>> I have some fairly heavily forged domains, and on a bad day I see >> upwards of 300,000 connections from bounces, "validation", and the >> like attacking the little BSD box under my desk where the MTA is. >> Gee, thanks a lot. > >Verification has nothing to do with bounces and mail bombs. You may >get some traffic from verification but you would need to separate >that out from the rest which is unrelated before you have a >meaningful statistic. I have, it's meaningful. Verizon is the worst offender, but at least they put their attack hosts in a separate easy to block IP range. >> What planet have you been on? A few years back spam return addresses >> were typically complete fakes in nonexistent domains. Now they're >> picked out of the same victim lists as the targets. > >They have been doing that for ages. I run a hosting service and have >had that problem way before sender verification became in vogue. Definitely different planets. Bye. R's, John PS: >> YOU are responsible for the mail sent with your domain on it. Oh, OK. So when someone sends out mail with your forged return address saying "buy this worthless stock, then get your kiddy porn here", you will report directly to jail without complaining, right? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
On Sun, 11 Mar 2007 16:20:03 + Hugo Silva <[EMAIL PROTECTED]> wrote: [...] > Oh well, your server, your password. Just don't say you were not > warned. I believe the following sums up my feeling on the matter. It is not the OS's job to stop you from shooting yourself in the foot. Rather, if you so choose to do so, then it is the OS's job to deliver Mr. Bullet to Mr. Foot in the most efficient manner possible. -- Gerard "The only secure computer is one that's unplugged, locked in a safe, and buried 20 feet under the ground in a secret location ... and I'm not even too sure about that one" Dennis Huges, F.B.I. signature.asc Description: PGP signature
Re: Tool for validating sender address as spam-fighting technique?
>Sender verification works and works well. I suppose that if you define "works" to include mailbombing innocent third parties, then that might be true. I have some fairly heavily forged domains, and on a bad day I see upwards of 300,000 connections from bounces, "validation", and the like attacking the little BSD box under my desk where the MTA is. Gee, thanks a lot. >Sorry, but you conclusion does not follow. Sender verification has >been around for a while and this has not happened in my experience. >Ie, there is no greater use of real FROM addresses than there was >before. What planet have you been on? A few years back spam return addresses were typically complete fakes in nonexistent domains. Now they're picked out of the same victim lists as the targets. I've had to locally blacklist a few places specifically because of all of their abusive verification. If that's what you want, well ... Oh, and the way my MTA is set up, a verification callback doesn't work. But that doesn't keep the clueless from trying. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor "More Wiener schnitzel, please", said Tom, revealingly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Manual updates
As a newb to FreeBSD I find that the manual/handbook is not great in detail, (understatement), and I seem to be relying on this questions list for a lot of help. In my opinion it relies on far too high a plateau of knowledge by it's readers to be of initial use. Am I really that thick or does anyone else feel this way? Do the email list respondents find themselves answering the same questions over and over? Is there some way I can help to upgrade the manual entries with the detail I find necessary to get things working and understand how they work, thereby hopefully benefiting following newbs? Is there a FreeBSD for dummies? Thanks Andy (very frustrated) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 2:08 PM, John Levine wrote: I have some fairly heavily forged domains, and on a bad day I see upwards of 300,000 connections from bounces, "validation", and the like attacking the little BSD box under my desk where the MTA is. Gee, thanks a lot. Verification has nothing to do with bounces and mail bombs. You may get some traffic from verification but you would need to separate that out from the rest which is unrelated before you have a meaningful statistic. I have, it's meaningful. Verizon is the worst offender, but at least they put their attack hosts in a separate easy to block IP range. Amazing, as I run mail for lots of domains, and replying to sender verification is almost a nonexistent load compared to the mail bombs and bounces etc. Show me your numbers. What planet have you been on? A few years back spam return addresses were typically complete fakes in nonexistent domains. Now they're picked out of the same victim lists as the targets. They have been doing that for ages. I run a hosting service and have had that problem way before sender verification became in vogue. Definitely different planets. Bye. When you come back to earth, let us know :-) R's, John PS: YOU are responsible for the mail sent with your domain on it. Oh, OK. So when someone sends out mail with your forged return address saying "buy this worthless stock, then get your kiddy porn here", you will report directly to jail without complaining, right? I phrased it wrong. You are not responsible for the content, but you are responsible for the mail domain and that includes verifying that mail is validly from your domain you are responsible for. email is a cooperative service where all people promise to expend resources to make it work, and to follow the RFCs. If you block valid verification, you are abrogating your responsibility to the rest of the net to cooperate in the exchange of email and you are breaking the RFCs. (valid verification includes checking that the sender can accept a proper DSN back, which is required of the sender to do). Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
On 3/11/07, Andy Kendall <[EMAIL PROTECTED]> wrote: As a newb to FreeBSD I find that the manual/handbook is not great in detail, (understatement), and I seem to be relying on this questions list for a lot of help. In my opinion it relies on far too high a plateau of knowledge by it's readers to be of initial use. Am I really that thick or does anyone else feel this way? Do the email list respondents find themselves answering the same questions over and over? Is there some way I can help to upgrade the manual entries with the detail I find necessary to get things working and understand how they work, thereby hopefully benefiting following newbs? Is there a FreeBSD for dummies? I agree. I've been using FreeBSD for more than 7 years. I love it, but it has taken me a while to get to this point. Others I know also have trouble with it initially. A lot of that is due to the installer and what they find on www.freebsd.org. I think the reason for that is most of the core people spend most of their time in the core of the system, since most users are people who have been using unix for a long time and so already know a lot about it. With that said (typed), I think it has steadily improved. If you have some time to spare, you can join the documentation project - http://www.freebsd.org/docproj/who.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
Patrick Bowen wrote: Jonathan Horne wrote: ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Jonathan; Take a look at WindowMaker, or BlackBox if you want to get real minimal. Both are excellent window managers (not desktops) and can be found in ports. Firefox, Thunderbird, and all the rest work just fine. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Jonathan, I have used XFCE 3.* on all my free BSD boxes for years. It is a Simple GUI which I use on any Desktops I build. The video is clear and is simple. ( XFCE4* I did not like the concept.) Emails etc all work and install easily from ports. Aloha, ~Al Plant - Honolulu, Hawaii 808-284-2740 + http://hawaiidakine.com + http://freebsdinfo.org + [EMAIL PROTECTED] + + http://internetohana.org - Supporting - FreeBSD 6.* - 7.* + "All that's really worth doing is what we do for others."- Lewis Carrol ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. you should first define what "desktop" is. i use xorg+fvwm2 with much modified (cut down) configuration, having most of things attached to keys. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? i use opera and links. for mail i use text-mode pine ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
I believe the following sums up my feeling on the matter. It is not the OS's job to stop you from shooting yourself in the foot. boom... i'm dead.. at least for 4 years :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
As a newb to FreeBSD I find that the manual/handbook is not great in detail, (understatement), and I seem to be relying on this questions list for a lot of help. what's missing? i think it's quite detailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
Hello Jonathan, I had great help from this mailing list setting up wdm+fluxbox recently. They're minimalistic and slick to use. If you should need to connect with a windows box there's Xming. Look in the archives! Good luck! Jonathan Horne skrev: ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
I phrased it wrong. You are not responsible for the content, but you are responsible for the mail domain and that includes verifying that mail is validly from your domain you are responsible for. Oh, OK. So if someone sends pump and dump with a [EMAIL PROTECTED] return address, and I do a callback and your MTA says "yup! that's a 100% valid address!" then I turn you in to the SEC, rignt? You have now confirmed that the mail is from you, after all. Or if you haven't, what purpose did the callback serve? There is some reasonable validation technology coming along, most notably DKIM which which I presume you are familiar. But callbacks are not it. and you are breaking the RFCs. (valid verification includes checking that the sender can accept a proper DSN back, which is required of the sender to do). Uh huh. Which RFC is this that says I have to permit a fake partial DSN transaction? If you have a DSN, send it. If you don't, don't. Don't forget that the From: line address need not be the same as the bounce address; in my mail it never is. R's, John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Telnetd
> What do you gain by allowing telnet access to your hosts that you don't > get with ssh? > > Paul Schmehl ([EMAIL PROTECTED]) > Senior Information Security Analyst > The University of Texas at Dallas > http://www.utdallas.edu/ir/security/ > > --=7CEE76846768256DC8==-- > !DSPAM:3,45f438e7216243993713574! May be I am an incurable romantic from the old times that likes "telnet", sendmail, finger... daytime... bsd lpr and never give up from BSD, I use it since 1.0 release... I agree that ssh is better, etc... etc... but I still use sendmail and telnet... Once I setted up a mailserver with more that 2000 users with a single freebsd sendmailin a small machine (1Ghz,512Mb memory, Freebsd 4.X) one internet connection.. with virtual users, mailertable... and it worked for years... by the way... it had telnetd avaiable... Welll Have anyone yet "cracked" the telnet enable machine whose IP was published in the list? I remember some time ago a machine named "Coen." who challenged anynone crack it... she published the address, the login and the password... and in addition, she said there were a "bug" in the system... Well if I remember, the machine stayed alive for several months with all the hackers, crackers, and xxxckers hitting it... It was FreeBSD 5.X series Sergio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
On Sun, 11 Mar 2007 21:46:50 +0100 (CET) Wojciech Puchar <[EMAIL PROTECTED]> wrote: > > I believe the following sums up my feeling on the matter. > > > > It is not the OS's job to stop you from shooting yourself in the > > foot. > > boom... i'm dead.. > at least for 4 years :) Sorry to hear that! ... ;; ;; :; ;:' :; ;:; ;. ,:' ; OOO\ ::; ; O\ ;:; ; ,;::; ;' / OOO ;:`. ,,,;./ / DOO .';:;, / / D ,::;::;, / /DOOO ;`::`'::;;;: ,#/ / DOOO :`:::`;::;;::: ;::# /DOOO ::`:::`; ;# / DOO `:`:::`;:: ;::#/ DOO :::`:::`;; ;:##OO `:::`;;:::#OO `:`;'`:;::#O `:`;' / / `:# ::`:;' / / `# -- Gerard Don't crush that dwarf, hand me the pliers! Firesign Theatre signature.asc Description: PGP signature
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 2:55 PM, John L wrote: I phrased it wrong. You are not responsible for the content, but you are responsible for the mail domain and that includes verifying that mail is validly from your domain you are responsible for. Oh, OK. So if someone sends pump and dump with a [EMAIL PROTECTED] return address, and I do a callback and your MTA says "yup! that's a 100% valid address!" then I turn you in to the SEC, rignt? You do know what the SEC is, right? You have now confirmed that the mail is from you, after all. No, it only confirms that the sender address is an actual address. Or if you haven't, what purpose did the callback serve? It served to identify that it is possible a valid email. A failure is almost definitely a non valid email. It is a test which helps determine whether to accept it. We have a policy of not accepting mail from people who cannot accept DSNs back. That does not mean we give a blanket pass to those who pass address verification. There is some reasonable validation technology coming along, most notably DKIM which which I presume you are familiar. But callbacks are not it. Callbacks are one tool in the toolbox. Maybe someday there will be better tools and we can retire address verification. Callbacks, at this point in time, work very well for differentiating a large amount of non valid mail from a smaller pool of possibly valid mail. DKIM is interesting and I am watching it.I am in the process of adding some support for it btw, both for our authorized senders, as well as in our receive phase. For example, we are considering not doing address verification on incoming mail that has a valid DKIM signature. and you are breaking the RFCs. (valid verification includes checking that the sender can accept a proper DSN back, which is required of the sender to do). Uh huh. Which RFC is this that says I have to permit a fake partial DSN transaction? If you have a DSN, send it. If you don't, don't. The RFCs require you to accept back DSNs. Testing that you do is a valid test to see if I am talking with a valid sender -- one who implements the RFCs and is not a rogue internet user who does not cooperate in the exchange of emails according to the agreed standards. Show me some real verifiable numbers that show that verification traffic to your box is a significant portion of the otherwise bad traffic of mail bombs, bounces, etc. On my system, and we support a lot of mail domains, some of which (now or in recent past) we "big name" domains that had a lot of exposure. Address verification traffic has always been small compared to our overall load. You are complaining about a non issue. I can say that address verification helps us reject the lion's share of spam we receive without having to process it further. Chad Don't forget that the From: line address need not be the same as the bounce address; in my mail it never is. R's, John --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
onfirmed that the mail is from you, after all No. His MX has only verified his email address, which does not say he sent the msg. Len ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Sound Driver for REALTEK ALC660 ON BOARD
I'm looking for the driver files for the Realtek ALC660 onboard sound card. I'm using an ASUS M2V and it works great. Except the sound. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenSSH Problem with disconnects
On Sunday 11 March 2007 09:52, Alexander Schlichting wrote: > I am having a big problem with the OpenSSH Daemon on my server. Whenever I > am connected to the server and the connection is idle for a few seconds it > gets disconnected. It's almost impossible to work from remote on the server > when the connection is always getting dropped. It is likely related to something in your network path dropping the connection when it is idle. Try the following in your server's /etc/ssh/sshd_config file. ClientAliveInterval 30 ClientAliveCountMax 10 Note that TCP keep-alives usually don't help in this situation because their interval is too large. Cheers. -- Norbert. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
--- Wojciech Puchar <[EMAIL PROTECTED]> wrote: > > As a newb to FreeBSD I find that the > manual/handbook is not great in detail, > > (understatement), and I seem to be relying on this > questions list for a lot > > of help. > > what's missing? i think it's quite detailed > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > Hello Wojciech, Yes, the handbook is quite detailed; however there are somethings missing. Not to start a flame war; these are just a few thoughts and they are in my humble opinion. 1) Upgrading Ports: There is a general overview of how ports should be upgraded. Now the part that is lacking is the index. Looking at section 4.5 in the handbook there is no mention of the INDEX files. Some update tools like portupgrade require the use of the INDEX file. You don't see the mention of the INDEX until you get to section A.6. Section A.6 is dedicated to portsnap. Now if the user doesn't use port snap but cvs; then they miss that point that you need the INDEX. Now getting or building the INDEX can be done if various ways via make or portsdb. But it my humble opinion; the explanation or the process can be explained better. Please correct me if I am wrong (anyone) but a simple out line that goes into the process (IE): 1) Update ports 1a) CVS 2b) portsnap 2) Build INDEX (depends on the tool; identify tools). Also what are the pro's and con's of obtaining the index from the methods listed below. 2a) "make index" 2b) "make fetchindex" 2c) portsdb -Uu 3) Use Tool 'X' to update / upgrade your ports The above is just a brief illustration about how the process can be improved. Please understand that this is my humble opinion; I am not looking to start a flame war. Now, one other issue; off the top of my head: pkgtools.conf. How does pkgtools.conf interact with the makefile in their respective ports directory? 1) Does it completely override it? 2) Does if it take a diff between the two and build the app? Sorry, didn't mean to hijack the thread. All I wanted to do was answer the question as well as point out what I think could be improved. PS: I wish the old section of the handbook "the anatomy of a port" was put back in the handbook. Just my .02 cents worth. Regards, Paulette McGee We won't tell. Get more on shows you hate to love (and love to hate): Yahoo! TV's Guilty Pleasures list. http://tv.yahoo.com/collections/265 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Telnetd
On 11/03/07, Sergio Lenzi <[EMAIL PROTECTED]> wrote: > What do you gain by allowing telnet access to your hosts that you don't > get with ssh? > > Paul Schmehl ([EMAIL PROTECTED]) > Senior Information Security Analyst > The University of Texas at Dallas > http://www.utdallas.edu/ir/security/ > > --=7CEE76846768256DC8==-- > !DSPAM:3,45f438e7216243993713574! May be I am an incurable romantic from the old times that likes "telnet", sendmail, finger... daytime... bsd lpr and never give up from BSD, I use it since 1.0 release... Maybe you are, but even so, do you still use V7 on a PDP/11 or 32V on a VAX, make dumps to DECtape, or use a VT100? There's something to be said for modern PC hardware, xterms/gnome-terminal/konsole/screen, and yes, ssh. (Namely speed, convenience, and security, respectively). I went through a stage of using Linux with xman, xeyes, xterm, twm, etc., until I realised I was much more productive using KDE help and konsole/screen and kwin/WindowMaker. Jeff -- Q: What will happen in the Aftermath? A: Impossible to tell, since we're still in the Beforemath. http://latedeveloper.org.uk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
sound card ESI MAYA44MK2
Hello! FreeBSD 7.0-CURRENT is supported sound card ESI MAYA44MK2? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
On 03/11/2007 13:28, Sean Bryant wrote: Jonathan Horne wrote: ive been a KDE user for as long as i can remember. this week, im off from work, and want to spend some time trying something new with my laptop. so far i have it built with 6.2-RELEASE-p2, and xorg up to the minimal desktop. id like to try to try something thats not gnome, or basically id like to try some of the lesser known, but still just as functional desktops. can i get some recommendations, as well as what graphical mail reader and web browser works best with your recommendation? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Check out http://www.enlightenment.org/Enlightenment/DR17/ It's in ports and its probably what you're looking for, fast, function and a fair bit of eyecandy. I'll second the E17! I honestly opt for Opera because its fast, functional and it has all the functionality I want built right in. As for mail, it seems Opera dropped the ball on IMAP support. It's utterly horrid in Opera 9. Because of this I go for thunderbird because it just works the way I want. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Regards, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
onfirmed that the mail is from you, after all No. His MX has only verified his email address, which does not say he sent the msg. Then what was the point? "His MX has only verified his email address" Len ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
[mailed and posted] On Mar 11, 2007, at 10:45 AM, Ed Zwart wrote: I own my_domain.com. I've paid a hoster for the last couple years, but that's ending in a week or so. Meanwhile, I've used dyndns to point foo.homedns.org to my IP. I am going to add my voice to those suggesting that you use your ISP's mail server for outgoing mail. There are a number of reasons. First of all, if you are on a dynamic IP, it is very likely that your ISP blocks outgoing STMP traffic that doesn't go via their own mail server. That is, they won't allow "direct to MX" mailing from dynamic addresses. Another reason is that it just isn't a good idea to run your own direct to MX mail system, unless you have some real expertise in how mail transport works. Professionally, I set up mail servers for small and medium sized businesses, and in more and more cases, I actually suggest that they use outside mail servers for their out going mail. (Generally, I think that ISPs tend to do really poor jobs with email and that it is best to avoid being locked into your ISP for much, so I recommend services like fastmail.fm.) Let me also add, that while I do set up and manage mail servers for others, I don't do direct to MX from home myself. (Well, I do for a mailing list server I run, but not for my normal everyday mailing.) So even with the expertise needed, I don't really recommend running your own MX (incoming) or own Direct to MX (outgoing) servers unless you have a specific need to fill. Anyway With postfix you just need to specify relayhost=YOUR-ISPS-OUTGOING-SMTP-SERVER-HERE in /usr/local/etc/postfix/main.cf and then run # postfix reload Then just send a test, eg $ mail -s test [EMAIL PROTECTED] < /dev/null to see what happens. If your ISP wants authentication for handling your outgoing mail, look at http://macosx.com/tech-support/smtp-relay-host-authentication/938.html which describes how to configure postfix for that on Mac OS X. For FreeBSD just replace /private/etc/postfix/ in all of the paths mentioned with /usr/local/etc/postfix/ -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Telnetd
Maybe you are, but even so, do you still use V7 on a PDP/11 or 32V on a VAX, make dumps to DECtape, or use a VT100? There's something to be said for i still have (in many places) Wyse 120 terminals i've got for free, including one at home :) works at vt220 at 38400 baud, very well ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: root login with telnetd
... ;; ;; :; ;:' :; ;:; ;. ,:' ; OOO\ ::; ; O\ ;:; ; ,;::; ;' / OOO ;:`. ,,,;./ / DOO .';:;, / / D ,::;::;, / /DOOO ;`::`'::;;;: ,#/ / DOOO :`:::`;::;;::: ;::# /DOOO ::`:::`; ;# / DOO `:`:::`;:: ;::#/ DOO :::`:::`;; ;:##OO `:::`;;:::#OO `:`;'`:;::#O `:`;' / / `:# ::`:;' / / `# nice to meet you :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
Hello Wojciech, Yes, the handbook is quite detailed; however there are somethings missing. Not to start a flame war; these are just a few thoughts and they are in my humble opinion. why you don't write such part and fixes? i am sure it will be included in new releases if you only post them ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD's Implementation Language
[mailed and posted] On Mar 11, 2007, at 11:51 AM, Susanth K wrote: Am new to FreeBSD; ( Sorry; if Any of u find this as a silly Question ) Have you been given a course assignment which involves describing things about FreeBSD (and possibly other systems)? It certainly seems that way to me. So from this point on, for any question that you ask which can be answered with a little bit of your own digging around through what is already made public on the 'net, I am going to recommend that you do that digging yourself. -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Telnetd
Once I setted up a mailserver with more that 2000 users with a single freebsd sendmailin a small machine (1Ghz,512Mb memory, Freebsd 4.X) one internet connection.. with virtual users, mailertable... and it worked for years... by the way... it had telnetd avaiable... exactly like me. i do prefer sendmail for mail (+procmail), always provide both telnet, ssh and rsh/rlogin for shell users (and me), always use rsh/rcp when scrambling is not needed, etc. etc. Have anyone yet "cracked" the telnet enable machine whose IP was published in the list? i published mine. months with all the hackers, crackers, and xxxckers hitting it... if there will be security hole in one of your (or mine) services we use, someone will be able to crack. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: polling my FreeBSD compariots...
a fair bit of eyecandy. I'll second the E17! i like to get all icons, menus, frames and windows to minimum, as it doesn't improve productivity, while taking space of the screen. as i found (at least with fvwm2) that minimum=ZERO i did this and use that config for over 3 years (with netbsd before switching to freebsd) completely black desktop, 24 virtual "consoles" (keys Windows-F1 to F12, CTRL-F1 to F12 and Windows-arrows), x terminal with Windows-X, other programs with menu key and menu, all programs started full screen by default, window frames and titles removed, all screen available for ACTUAL USE. sometimes when i have to use windows machine, after few minutes of use i automatically press Windows-right arrow trying to switch console from that game and do something useful. unfortunately it doesn't work there ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Problems with SSHD
Hi, I am having a big problem with the OpenSSH Daemon on my server. Whenever I am connected to the server and the connection is idle for a few seconds it gets disconnected. It's almost impossible to work from remote on the server when the connection is always getting dropped. The server is running FreeBSD angmar.domain.com 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP i386 and the SSHD installed by sysinstall OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 . I tried a complete FreeBSD reinstall but it did not help, I tried various settings like KeepAlive TCPKeepAlive but they did not help either. I upgraded OpenSSL to 0.9.8e and I installed OpenSSH 4.6p1 but it did not solve the problem. When I run SSH with loglevel debug I see this in the auth.log when I am getting disconnected: Read error from remote host 192.168.2.100: Connection reset by peer . When I use strace to monitor the process I see this on disconnect 643 wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], WNOHANG, NULL) = 4975 643 wait4(-1, 0xbfbfdc9c, WNOHANG, NULL) = -1 ECHILD (No child processes) 643 syscall_416(0x14, 0, 0xbfbfdc20) = 0 643 syscall_417(0xbfbfdcd0) = -1 (errno 4) 643 select(7, [3 4], NULL, NULL, NULL I tried to find information's about syscall_417 but had no luck with that. I am stuck here and have no idea what to do. When I am connected to the server by FTP I don't get disconnected when the connection is idle ( no nohup or so being sent ) and when I connect by Telnet I also don't get disconnected when the connection is idle. I am not sure if I should add the dmesg output here for sys specs or not. I don't do it now but can give it if needed. I installed Debian on another HDD of the server today and I am not having any problems there. No SSH disconnects all the time. Thanks for any help. -Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD's Implementation Language
about FreeBSD (and possibly other systems)? It certainly seems that way to me. So from this point on, for any question for me it looks like writing well scored essay for computer lessons at school. it's very common on polish USENET on all computer groups, and it's clearly evident most cases that people don't really understand the question they ask. i don't state that it's Susanth case but it certainly looks this way. If not - why she don't ask about some available X CPU machines where X is amount of CPU she need. Of course assuming some type of CPU having known computing power. If so - she should specify what kind of task she would like to perform on that machine. With such question there will be possible answers like "this should be OK for that job" or not. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The FreeBSD's Implementation Language
On 2007-03-11 22:21, Susanth K <[EMAIL PROTECTED]> wrote: > Dear Friends, > Is FreeBSD Completely Written in C ? Sort of. Great parts of FreeBSD, in fact the vast majority of the source code, is written in C. But it is not *completely* written in C. > Is there any part of OS written in C++ ? Yes. The source code is freely available online. You can check for yourself :) > And I Guess GCC Compiler is used for compilation; ( Is it so ? ) Yes, the officially supported compiler is the GCC version that comes with the base system. But this does not mean that only the particular GCC compiler suite works for developing software on FreeBSD. You can find a wealth of compilers for a huge collection of languages in the Ports Collection. Compilers exist for FORTRAN, Haskell, Pascal, Modula 3, etc. Interpreters and interactive environments for Perl, Python, Ruby, Lisp and Scheme are easy to install too. You name it, and the Ports probably has a compiler or interpreter for it already. - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
[mailed and posted] On Mar 10, 2007, at 1:27 PM, Kelly Jones wrote: To fight spam, I want to validate the address (not necessarily in real-time) of the a given email sender. Is there a Unix tool that does this? The basics are simple: to validate "[EMAIL PROTECTED]", I connect to the MX record of wnonline.net and go as far as "RCPT TO" as follows: [...] RCPT TO: <[EMAIL PROTECTED]> 550 <[EMAIL PROTECTED]>: Recipient address rejected: 5.1.1 <[EMAIL PROTECTED]>... User unknown This tells me [EMAIL PROTECTED] is an invalid address and that mail from that address is probably bogus. A more sophisticated tool would cache results, handle temporary failures [...] In some anti-spam discussions what you are proposing is referred to as "call-backs". I realize this technique is far from perfect: Spammers spoof legit addresses Indeed they do. As someone who has at times received more than 100 bounces per minute over the span of a week because some spammer decided that my address would be a good one to forge, I am well aware of that. In general, we have a question of how well any spamming counter measure scales. If most SMTP servers did the kind of verification you wish to do, than most spam would be sent with forged genuine addresses. So when considering using such a system, consider the overall cost to legitimate users vs the counter counter measures spammers will take. In this case the counter counter measures available to spammers is so much easier and cheaper than the verification system itself, that it's not really a good idea to try such verification. Bounces/Mailing lists/etc legitimately use "do not reply" addresses It could be considered unfriendly to the target MX servers As you've already seen, some managers of MXes complain, others find the added load negligible. Some mail servers incorrectly say "user unknown" when they see spam, figuring it's more of a deterrent than saying "you're a spammer" Yes. An unknown user response is more likely to get the address removed from a list than a policy bounce. Some mail servers inefficiently accept mail for "[EMAIL PROTECTED]" (where xxx.com is one of their domains), figure out if foo exists later, and send a bounce back to the envelope sender, instead of rejecting email at the SMTP level Yes. While I'm a believer in "reject early, reject often" lots of sites don't or can't say that an address is bad at SMTP RCPT TO: time. Often these are situations where an MS-Exchange server is the "real" mailhub for an organization, but it is being protected from direct access from the Internet by having a Unix box stand between it and the network. Other MTAs just accept and then bounce (instead of rejected at SMTP time) as a matter of (mis)design. Some very deliberately don't provide verification at STMP time as a means to make it harder for spammers to collect email addresses. Indeed, this is why the VRFY command is almost never implemented by STMP servers these days. Anyway, others have pointed you to tools for doing what you want. The newsgroups or mailing lists (and FAQs) for the particular MTA you use will point you to how to plug in such tools into their MTA. As I've suggested, I'm not a particular fan of this particular counter measure, but you will have seen that opinions differ. Cheers, -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
On Mar 11, 2007, at 2:28 PM, Jeffrey Goldberg wrote: [mailed and posted] On Mar 11, 2007, at 10:45 AM, Ed Zwart wrote: I own my_domain.com. I've paid a hoster for the last couple years, but that's ending in a week or so. Meanwhile, I've used dyndns to point foo.homedns.org to my IP. If you will allow me to break in on this exchange; Does this advise apply if you have static ip service and are running web servers from these addresses, with the ISP's blessing? (meaning you also have at least two name servers running for the registered sites) This is important info for me, as I have that and am considering doing just that, run my own mail servers. I expect to have 5 machines doing various jobs, DNS web server(four registered web sites), mail server. I already have three of the four sites up and available from static ip addresses over ADSL. Thanks so much Jeff K. I am going to add my voice to those suggesting that you use your ISP's mail server for outgoing mail. There are a number of reasons. First of all, if you are on a dynamic IP, it is very likely that your ISP blocks outgoing STMP traffic that doesn't go via their own mail server. That is, they won't allow "direct to MX" mailing from dynamic addresses. Another reason is that it just isn't a good idea to run your own direct to MX mail system, unless you have some real expertise in how mail transport works. Professionally, I set up mail servers for small and medium sized businesses, and in more and more cases, I actually suggest that they use outside mail servers for their out going mail. (Generally, I think that ISPs tend to do really poor jobs with email and that it is best to avoid being locked into your ISP for much, so I recommend services like fastmail.fm.) Let me also add, that while I do set up and manage mail servers for others, I don't do direct to MX from home myself. (Well, I do for a mailing list server I run, but not for my normal everyday mailing.) So even with the expertise needed, I don't really recommend running your own MX (incoming) or own Direct to MX (outgoing) servers unless you have a specific need to fill. Anyway With postfix you just need to specify relayhost=YOUR-ISPS-OUTGOING-SMTP-SERVER-HERE in /usr/local/etc/postfix/main.cf and then run # postfix reload Then just send a test, eg $ mail -s test [EMAIL PROTECTED] < /dev/null to see what happens. If your ISP wants authentication for handling your outgoing mail, look at http://macosx.com/tech-support/smtp-relay-host-authentication/938.html which describes how to configure postfix for that on Mac OS X. For FreeBSD just replace /private/etc/postfix/ in all of the paths mentioned with /usr/local/etc/postfix/ -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: FreeBSD on IDE Flash disk drive
Hi, I have played around with using an EPIA 600-PD (Fanless Dual NICS), with 256MB RAM. Works well, however, a buildworld takes around 4 hours ;-) I am booting from a 512MB CF card, and run /var and /tmp from a RAM drive. Upon startup, the CF card /var and /tmp dir. are copied into the ram drives, the rest is Read Only. When it shuts down (not very often), the ram drive contents are copied back to the CF card. You could backup the ram drive to CF more frequently if required. I run off of 12V battery, so power failures don't affect me all that much. You could monitor the Battery/UPS for power failure conditions if needed etc. Running FreeBSD 6.0. Cheers, Paul > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Nejc Škoberne > Sent: Saturday, 10 March 2007 5:10 AM > To: User Questions > Subject: FreeBSD on IDE Flash disk drive > > > Hello, > > I plan to install a FreeBSD 6.2 router/gateway/DHCP server on > a EPIA box with 1GB Transcend IDE Flash drive. Since > Transcend says that this device is capable of "10,000 > insertion/removal cycles" I assume that I must minimize the > number of writes to the drive. It is okay with me if I have > to configure syslog to log to another machine. > > Any suggestions/instructions how to achieve this? Any > experienced users regarding this matter? > > Thanks for ideas and help. > Nejc > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Howmany CPU Does FreeBSD Support ?
On Sat, 10 Mar 2007 22:40:47 +0100 (CET) Wojciech Puchar <[EMAIL PROTECTED]> wrote: > > I have heard it does not scale well above 4 > > to be clear. > > kernel task (disk I/O, network etc.) is always on first processor, > everything else on any CPU. > > so as long as disk I/O network and other kernel tasks are able to > fit on one processor that's OK. > > for machines doing mostly pure computing 8-16 CPU may work fine, > for machines doing mostly fileserving and routing even 2 CPUs may > be not well utilized That is only true if the process is giant locked. When look at dmesg, look for things that say GIANT-LOCKED and those will be ones confined to one processor. There has been a massive push since 5 to get ride of those. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
--- Wojciech Puchar <[EMAIL PROTECTED]> wrote: > >> > > Hello Wojciech, > > Yes, the handbook is quite detailed; however there > are > > somethings missing. Not to start a flame war; > these > > are just a few thoughts and they are in my humble > > opinion. > > > > why you don't write such part and fixes? > > i am sure it will be included in new releases if you > only post them > Actually that was written and submitted to the doc project under an email address. Never heard a word back. Here is a link to an archived email that points to the email as well as the respective changes. Email was submitted for review on: Tue Aug 15 00:31:14 UTC 2006 http://lists.freebsd.org/pipermail/freebsd-doc/2006-August/010934.html Regards Paulette McGee Get your own web address. Have a HUGE year through Yahoo! Small Business. http://smallbusiness.yahoo.com/domains/?p=BESTDEAL ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
On Mar 11, 2007, at 8:27 PM, jekillen wrote: If you will allow me to break in on this exchange; Does this advise [don't run your own direct to MX mail server] apply if you have static ip service and are running web servers from these addresses, with the ISP's blessing? (meaning you also have at least two name servers running for the registered sites) First let's separate questions. One is dealing with your own incoming mail. The other is with sending mail out direct to MX. These two can (and often should) be separated. For the question of hosting your own MX there are positives and negatives. Here is a list off of the top of my head. It is far from complete. Positive: (1) You get to fully control your rejection/acceptance policy from the beginning. (2) You get the learn about running such a system. (3) You dramatically reduce your lock-in with an ISP (who can change their email policy or practice at any time. (4) You don't have to pay for some outside service (I use fastmail.fm) for hosting your incoming mail if you want something better than the "free" email service your ISP provides. Negatives: (a) You have to maintain what is really a surprisingly complex system for such a simple protocol. (b) You have to defend your system against attacks it otherwise wouldn't receive, including DoS attacks. (c) Damage of being overwhelmed (either by deliberate attack or spam blowback) may be harder to contain. (d) Your system needs to fail appropriately. For example, if you use something like LDAP to maintain username or email address information, you need to make sure that if your LDAP service fails your mail server fails in an appropriate way (say a complete shutdown) or issuing temporary (4xx) rejections instead of in an inappropriately issuing 5xx for mail that would be accepted normally. If (1) (or (2)) is really important to you, then go ahead. But probably the best way to see whether (1) really matters is to ask yourself what things you would like to do that you couldn't do unless you ran your own MX. For example, if you have strong feelings about whether DNSbls should be used prior to content filtering or as part of it. Or whether you want spam and virus rejections to occur at SMTP time or later. Whether you want SPF failures to generate immediate rejections. Whether you want to make use of sophisticated IMAP features that ISPs can't provide. If you don't have strong feelings about these sorts of questions, then I doubt that (1) applies to you. Now there is the second question about doing direct to MX for mail sending instead of going through your ISP or some third party service. Positives (i) You control queing and retry rates. (ii) For bulk mailing (mailing lists) there is an advantage of how out-going STMP session are organized. (iii) You are not as dependent on your ISP or a third party for getting your mail out, if they are slow or unreliable with mail (iv) If your ISP's mail server provide crappy bounce information and you need better information. (v) If your ISP adds junk to your mail or sends out mail in unfriendly so as to get itself on blacklists or leads to other forms of needless rejections. (vi) You get to learn about running such systems Negatives: (A) Even with a static IP address, your assigned address may look dynamic to other servers who may then reject mail coming directly from you. (B) Your ISP blocks/disallows this sort of thing (not a problem in your case) (C) The reverse DNS records for your IP need to correspond reasonably well to your domain name, otherwise lots of servers will reject mail from you. (D) You need to follow the RFCs and conventions strictly so that you don't get yourself added to blacklists (E) It is probably a little less network efficient for you to talk directly to servers all over the planet when you could just talk to your ISPs server which will be much closer to you. Here again, if (vi) is your primary reason for wanting to run your own direct to MX system, then use it just for one of your minor domains. That way, if you mess up, you won't get your major domains blacklisted. If (i) and (ii) really matter for you, then go ahead, but I think that you should have a real reason beyond "I can, therefore I ought" if it is going to be your primary way of getting mail out. In the end it is a matter of individual taste and need. With good DSL or FiOS lines, along with a proper backup regime and Uninterruptible Power Supply hosting your own website makes plenty of sense. But mail is a tricker thing to maintain than apache, so my view remains that unless you have some specific need for the kind of control you can get by running your own, let someone else handle your mail
Vt102 at home
> > Maybe you are, but even so, do you still use V7 on a PDP/11 or 32V on a VAX, > make dumps to DECtape, or use a VT100? There's something to be said for > modern PC hardware, xterms/gnome-terminal/konsole/screen, and yes, ssh. > (Namely speed, convenience, and security, respectively). > > I went through a stage of using Linux with xman, xeyes, xterm, twm, etc., > until I realised I was much more productive using KDE help and > konsole/screen and kwin/WindowMaker. > > Jeff > > Like Mr Wojciech Puchar, I have a VT100 clone here at home... that I use for kernel debug on a 9600 com1 port... and it works soo good.. May be when you are 55 (or 64 as the beatles song)... you will use konsole and the "boys" will use some kind of "brain cortex" wired interface I started to take BSD serious when 2 years ago I was in a "meeting" of linux users... they all showed those wonderful interfaces, light speed programs, and a zillion things they could do with linux... I became very impressed... than I asked... who else is using all this stuff?? I mean which company, how many users?? how many systems installed and running for how long??? well... no answers... got Than I asked them why don't they code an commercial application with all that power??? again... none Than I said that I coded applications for hundred users on DEC, and VAX... They laugh on me... than I sit in my home and coded a 200K lines of an complete ERP for fuel stations... and in 3 years I am back to the hackers show... Now they have kde 3.5.5 and gnome 2.18 and NO ONE application program... still... May be my method is not productive, "I still use GDB and CSCOPE" but for sure produces good result at last. Now I admin more than 200 BSD computers. in the old fashion way... with an mtbf of 15 years.. The next invention here is BSD for notebooks... an special "blended" BSD that will be installed in more than 5000 notebooks a year here... the project will begin to roll in some months Sergio. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 5:11 PM, Jeffrey Goldberg wrote: In this case the counter counter measures available to spammers is so much easier and cheaper than the verification system itself, that it's not really a good idea to try such verification. that is always true, at least with existing technology. The counter measures always cost more than the sending of the spam Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Periodic xl watchdog timeouts on 6.2-RELEASE
On Sat, 10 Mar 2007 10:57:59 -0500 "Brian J. Conway" <[EMAIL PROTECTED]> wrote: > > I had exactly the same problem in my acpi-blacklisted motherboard. I > > disabled acpi and the errors vanished. In my case, this error was not > > related with NICs, but exclusively with the motherboard. > > Interesting. I hadn't thought of that, but I am using ACPI now where I > was not on 4.x. I'll give that a try next time it happens. I would > have hoped the motherboard would be up to par (Intel D845GVSR with the > latest BIOS - > http://www.intel.com/products/motherboard/D845GVSR/index.htm), but maybe > not. Thanks. > > (Sorry for the bad threading, I'm off list and copying off the web > archive.) > > Brian J. Conway No luck, got the first timeout shortly (25 min) after boot without ACPI, again while mostly idle and I'm not able to repeat it more than once a day or so: Mar 12 01:49:19 imogen kernel: xl0: watchdog timeout Mar 12 01:49:19 imogen kernel: xl0: link state changed to DOWN Mar 12 01:49:21 imogen kernel: xl0: link state changed to UP Any other ideas? Original post, for reference: http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/144227.html -b ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with SSHD
On Sun, 11 Mar 2007 23:24:13 +0100 "Alexander Schlichting" <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > I am having a big problem with the OpenSSH Daemon on my server. Whenever I > am connected to the server and the connection is idle for a few seconds it > gets disconnected. It's almost impossible to work from remote on the server > when the connection is always getting dropped. The server is running FreeBSD > angmar.domain.com 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 > UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP i386 and > the SSHD installed by sysinstall OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL > 0.9.7e-p1 25 Oct 2004 . I tried a complete FreeBSD reinstall but it did not > help, I tried various settings like KeepAlive TCPKeepAlive but they did not > help either. I upgraded OpenSSL to 0.9.8e and I installed OpenSSH 4.6p1 but > it did not solve the problem. When I run SSH with loglevel debug I see this > in the auth.log when I am getting disconnected: Read error from remote host > 192.168.2.100: Connection reset by peer . When I use strace to monitor the > process I see this on disconnect > > > > 643 wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], WNOHANG, NULL) = 4975 > > 643 wait4(-1, 0xbfbfdc9c, WNOHANG, NULL) = -1 ECHILD (No child processes) > > 643 syscall_416(0x14, 0, 0xbfbfdc20) = 0 > > 643 syscall_417(0xbfbfdcd0) = -1 (errno 4) > > 643 select(7, [3 4], NULL, NULL, NULL > > > > I tried to find information's about syscall_417 but had no luck with that. I > am stuck here and have no idea what to do. When I am connected to the server > by FTP I don't get disconnected when the connection is idle ( no nohup or so > being sent ) and when I connect by Telnet I also don't get disconnected when > the connection is idle. I am not sure if I should add the dmesg output here > for sys specs or not. I don't do it now but can give it if needed. > > > > I installed Debian on another HDD of the server today and I am not having > any problems there. No SSH disconnects all the time. Thanks for any help. > > > > -Alex > out of curiosity, what kind of nic is in the machine, and did you try swapping it with another? cheers, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
Thanks Bill, Josh and Jeffrey for answering my question. It was my ISP. (So easy, I wish I had thought of that. I somehow managed to figure out they were blocking 80 a month or so ago.) I'm still a little fuzzy on legal entries for hostname and domain. I set them to be mine, and it worked, and then for kicks, set it to google.com, and that worked too. I looked at the headers, and can see that the source can be traced back to my machine, but that still seems kind of easy to spoof. Anyway, it's not something I'm overly worried about; I'm just not clear on what I SHOULD be using for hostname and domain. Any words of wisdom appreciated. Otherwise, thanks again for the already super help! e. On 3/11/07, Jeffrey Goldberg <[EMAIL PROTECTED]> wrote: On Mar 11, 2007, at 8:27 PM, jekillen wrote: > If you will allow me to break in on this exchange; > Does this advise [don't run your own direct to MX mail server] > apply if you have static ip service and are running web servers > from these addresses, with the ISP's blessing? (meaning you also > have at least two name servers running for the registered sites) First let's separate questions. One is dealing with your own incoming mail. The other is with sending mail out direct to MX. These two can (and often should) be separated. For the question of hosting your own MX there are positives and negatives. Here is a list off of the top of my head. It is far from complete. Positive: (1) You get to fully control your rejection/acceptance policy from the beginning. (2) You get the learn about running such a system. (3) You dramatically reduce your lock-in with an ISP (who can change their email policy or practice at any time. (4) You don't have to pay for some outside service (I use fastmail.fm) for hosting your incoming mail if you want something better than the "free" email service your ISP provides. Negatives: (a) You have to maintain what is really a surprisingly complex system for such a simple protocol. (b) You have to defend your system against attacks it otherwise wouldn't receive, including DoS attacks. (c) Damage of being overwhelmed (either by deliberate attack or spam blowback) may be harder to contain. (d) Your system needs to fail appropriately. For example, if you use something like LDAP to maintain username or email address information, you need to make sure that if your LDAP service fails your mail server fails in an appropriate way (say a complete shutdown) or issuing temporary (4xx) rejections instead of in an inappropriately issuing 5xx for mail that would be accepted normally. If (1) (or (2)) is really important to you, then go ahead. But probably the best way to see whether (1) really matters is to ask yourself what things you would like to do that you couldn't do unless you ran your own MX. For example, if you have strong feelings about whether DNSbls should be used prior to content filtering or as part of it. Or whether you want spam and virus rejections to occur at SMTP time or later. Whether you want SPF failures to generate immediate rejections. Whether you want to make use of sophisticated IMAP features that ISPs can't provide. If you don't have strong feelings about these sorts of questions, then I doubt that (1) applies to you. Now there is the second question about doing direct to MX for mail sending instead of going through your ISP or some third party service. Positives (i) You control queing and retry rates. (ii) For bulk mailing (mailing lists) there is an advantage of how out-going STMP session are organized. (iii) You are not as dependent on your ISP or a third party for getting your mail out, if they are slow or unreliable with mail (iv) If your ISP's mail server provide crappy bounce information and you need better information. (v) If your ISP adds junk to your mail or sends out mail in unfriendly so as to get itself on blacklists or leads to other forms of needless rejections. (vi) You get to learn about running such systems Negatives: (A) Even with a static IP address, your assigned address may look dynamic to other servers who may then reject mail coming directly from you. (B) Your ISP blocks/disallows this sort of thing (not a problem in your case) (C) The reverse DNS records for your IP need to correspond reasonably well to your domain name, otherwise lots of servers will reject mail from you. (D) You need to follow the RFCs and conventions strictly so that you don't get yourself added to blacklists (E) It is probably a little less network efficient for you to talk directly to servers all over the planet when you could just talk to your ISPs server which will be much closer to you. Here again, if (vi) is your primary reason for wanting to run your own direct to MX system, then use it just for one of
Re: polling my FreeBSD compariots...
On 03/11/2007 17:44, Wojciech Puchar wrote: a fair bit of eyecandy. I'll second the E17! i like to get all icons, menus, frames and windows to minimum, as it doesn't improve productivity, while taking space of the screen. as i found (at least with fvwm2) that minimum=ZERO i did this and use that config for over 3 years (with netbsd before switching to freebsd) completely black desktop, 24 virtual "consoles" (keys Windows-F1 to F12, CTRL-F1 to F12 and Windows-arrows), x terminal with Windows-X, other programs with menu key and menu, all programs started full screen by default, window frames and titles removed, all screen available for ACTUAL USE. All easily attainable in E17. :) sometimes when i have to use windows machine, after few minutes of use i automatically press Windows-right arrow trying to switch console from that game and do something useful. unfortunately it doesn't work there ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Regards, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Manual updates
Wojciech Puchar wrote: As a newb to FreeBSD I find that the manual/handbook is not great in detail, (understatement), and I seem to be relying on this questions list for a lot of help. what's missing? i think it's quite detailed I started with Linux years ago. I tried several versions and only Slackware was useable, and only because the lists were such great help. There was of course the RH books, not any better than Slackware Unleashed or the FreeBSD Handbook. In frustration I tried FreeBSD and got it up and running all by myself using the book, I was impressed. Once I found SeaFug I really got rolling. Overall I think the FreeBSD Handbook is one of the best. It doesn't have as much detail as it could, but it takes time and people to create such things. If FreeBSD is lacking in documentation it is not the book, it is because Linux has the enormous "How To" library available to new users. Funny thing though, I used most of the Linux How To docs when first learning FreeBSD. As far as applications and services go like Samba, NIS, NFS, etc. Most of the Linux How To docs work with FreeBSD. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
gcc internal error on buildkernel
Hello, After changing my make.conf to list my CPUTYPE as c3 on my VIA C3 Nehemiah (999.52-MHz 686-class CPU) system. I did a cvsup for /usr/src tag=RELENG_6_2 and successfully did a make buildworld and make installworld I then thought that with my newly compiled tools tuned for the processor in my box, I should rebuild my kernel. I made no changes to my kernel configuration file since my previous successful build a week and a half ago. However, now when I recompile the kernel, I get an internal compiler error from gcc. I rebooted the system and tried to build the kernel again, but got the same error. The last bit of the make output is -- >>> stage 2.3: build tools -- cd /usr/obj/usr/src/sys/DOBBY; MAKESRCPATH=/usr/src/sys/dev/aic7xxx/ aicasm make -DNO_CPU_CFLAGS -f /usr/src/sys/dev/aic7xxx/aicasm/Makefile Warning: Object directory not changed from original /usr/obj/usr/src/ sys/DOBBY cc -O -pipe -nostdinc -I/usr/include -I. -I/usr/src/sys/dev/aic7xxx/ aicasm -c /usr/src/sys/dev/aic7xxx/aicasm/aicasm.c /usr/src/sys/dev/aic7xxx/aicasm/aicasm.c: In function `main': /usr/src/sys/dev/aic7xxx/aicasm/aicasm.c:308: internal compiler error: Illegal instruction: 4 Please submit a full bug report, with preprocessed source if appropriate. See http://gcc.gnu.org/bugs.html> for instructions. *** Error code 1 Stop in /usr/obj/usr/src/sys/DOBBY. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. The full script of the make is at http://ntp0.goldmark.org/temp/kernelbuild.log the output of dmesg is at http://ntp0.goldmark.org/temp/dmesg A copy of my make.conf is at http://ntp0.goldmark.org/temp/make.conf And a copy of my kernel configuration file is at http://ntp0.goldmark.org/temp/DOBBY Any clues or suggestions would be most welcome. -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: getting mail to work
[mailed and posted] On Mar 11, 2007, at 10:36 PM, Ed Zwart wrote: I'm still a little fuzzy on legal entries for hostname and domain. I set them to be mine, and it worked, and then for kicks, set it to google.com, and that worked too. I looked at the headers, and can see that the source can be traced back to my machine, but that still seems kind of easy to spoof. It is extremely easy to spoof, but google has taken steps to make it easy for mail servers to detect if mail is spoofed. So if you send mail from "google.com" without it coming from your network, than any server making use of SPF (Sender Policy Framewokr) would immediately identify it as a spoof, and will be blocked. To learn more about this system, see http://www.openspf.org/ Anyway, it's not something I'm overly worried about; I'm just not clear on what I SHOULD be using for hostname and domain. Well, what is a hostname for the machine that is sending the mail. Since you are now going through your ISPs mailserver, it doesn't need to be a hostname that can be looked up. So something like mailout.my.dom.ain should do fine. Use your real domain for the my.dom.ain part. The more correct information you provide, the less mail from your system will look like spam. But even "localhost.local" would be OK (though a useful domain name would be better). Using "google.com" would make it look like you are up to no good. -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
