Re: New SSL Certificates for Postfix & Courier-imap

2004-12-17 Thread Craig Sanders
tication was important. but it works for opportunistic encryption of mail transport and for client-certificate based relaying) ---cut here--- #! /bin/sh # make-postfix-cert.sh # Craig Sanders <[EMAIL PROTECTED]>2000-09-03 # this script is hereby placed in the public domain. # this sc

Re: blacklists

2004-12-10 Thread Craig Sanders
On Fri, Dec 10, 2004 at 05:01:33PM -0700, Michael Loftis wrote: > So it's your fault they figured out the forged MAIL FROM trick! Bad > craig, no donut! ;) no, many of them already knew that. it was obvious anyway. craig -- craig sanders <[EMAIL PROTECTED]>

Re: blacklists

2004-12-10 Thread Craig Sanders
e most amusing thing about it. it not only sent it to a subset of the spammer database, it also used random addresses out of that db as the envelope and header sender addresses, so that they'd complain at each other. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: EHLO/HELO [was blacklists]

2004-12-10 Thread Craig Sanders
what kind of mail traffic is received). but it's your server, you get to choose what rules are on it. craig ps: yes, this is another rule i use at home but not at work. there are lots of windows MTAs out there run by the clueless. fortunately, at home i don't need or have to commun

Re: blacklists

2004-12-10 Thread Craig Sanders
On Thu, Dec 09, 2004 at 11:18:16PM -0700, Michael Loftis wrote: > --On Friday, December 10, 2004 16:43 +1100 Craig Sanders > <[EMAIL PROTECTED]> wrote: > > >DoS is a huge exaggeration. a few smtpd processes waiting to timeout > >does not constitute a DoS. neither does a

Re: blacklists

2004-12-09 Thread Craig Sanders
7;t seem to be really necessary now, but they were quite common a few years ago, mainly due to a particularly broken version of communigate) and it does basic pop-before-smtp (dovecot only because that's what i run). these two features are actually useful :) -- craig sanders <[EMAIL PRO

Re: blacklists

2004-12-09 Thread Craig Sanders
not noted for it's speed. if you want to trial it on a small subset, do something like this: tail -1000 /var/log/mail.log >/tmp/small.log compare-rbls.pl /tmp/small.log | less craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email

Re: blacklists

2004-12-08 Thread Craig Sanders
On Thu, Dec 09, 2004 at 11:27:27AM +1100, Russell Coker wrote: > On Thursday 09 December 2004 01:12, Craig Sanders <[EMAIL PROTECTED]> wrote: > > the log file noise issue is important to me - i've recently started > > monitoring mail.log and adding iptables rules to bloc

Re: blacklists

2004-12-08 Thread Craig Sanders
On Thu, Dec 09, 2004 at 11:27:27AM +1100, Russell Coker wrote: > On Thursday 09 December 2004 01:12, Craig Sanders <[EMAIL PROTECTED]> wrote: > > the log file noise issue is important to me - i've recently started > > monitoring mail.log and adding iptables rules to block

Re: blacklists

2004-12-08 Thread Craig Sanders
On Wed, Dec 08, 2004 at 03:38:36PM -0700, Michael Loftis wrote: > --On Thursday, December 09, 2004 01:12 +1100 Craig Sanders <[EMAIL > PROTECTED]> > wrote: > > >if it's a false positive, the sender will get a bounce from their MTA and > >they can fix the probl

Re: blacklists

2004-12-08 Thread Craig Sanders
all mail will originate from a dialup/dynamic IP. in local.cf, that looks like this: # ignore DUL score RCVD_IN_DYNABLOCK 0.0 craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: blacklists

2004-12-08 Thread Craig Sanders
On Thu, Dec 09, 2004 at 12:00:42AM +1100, Russell Coker wrote: > On Wednesday 08 December 2004 20:16, Craig Sanders <[EMAIL PROTECTED]> wrote: > > > Craig, why do you think it's undesirable to do so? > > > > because i dont want the extra retry traffic. i w

Re: blacklists

2004-12-08 Thread Craig Sanders
ammer :) even on my little home system, at the end of an adsl line, i reject nearly 10,000 spams per day (and climbing all the time). i would expect that to at least double or triple if i 4xx-ed them rather than 5xx, depending on how much came from open relays or spamhaus rather than dynamic/DUL

Re: a couple of postfix questions

2004-12-07 Thread Craig Sanders
s, and b) qmail doesn't even support many of the things required in a modern MTA, means that you have no choice but to ignore important things like backscatter and recipient validation. that's not a feature, that's a bug. that doesn't mean you *SHOULD* ignore them, it means

Re: a couple of postfix questions

2004-12-07 Thread Craig Sanders
On Tue, Dec 07, 2004 at 06:13:58PM -0900, W.D.McKinney wrote: > On Wed, 2004-12-08 at 08:14 +1100, Craig Sanders wrote: > > migrating to/from qmail is always a PITA. aside from being ancient (and > > thus > > not keeping up with current mail practices, especially spam

Re: blacklists

2004-12-07 Thread Craig Sanders
ything). > Now I reject by 554 code... should I change to 4xx? if it suits your needs. i wouldn't. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: a couple of postfix questions

2004-12-07 Thread Craig Sanders
h > feel no obligation to give free tech support :) well, if you've read the archives, you've already seen my reasons for preferring postfix, so i won't repeat them here. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: hanging imapd processes (was Re: Runaway processes ?)

2004-11-28 Thread Craig Sanders
eplace it with something sane. BTW, you chose the more difficult path. instead of just replacing uw-imapd with dovecot, which would have been a simple action with one isolated effect (changing the imap daemon), you chose to replace inetd with xinetd, which affects dozens or possibly hundreds

Re: Runaway processes ?

2004-11-24 Thread Craig Sanders
unt. the mail store machine can double as the outbound mail relay - giving it an SSD device for the mail queue is a good idea. (*) e.g. on multiple 15000 rpm hard disks on a hardware raid-5 controller with at least 128MB of non-volatile cache ram. or whatever else it takes to optimise th

Re: Runaway processes ?

2004-11-23 Thread Craig Sanders
it for mailboxes with postfix's 'mailbox_size_limit' parameter. this is per mailbox file. imap users can get around the quota by saving messages to different mailbox files. alternatively, if you must allow users to have huge mailboxes, then: 2. switch to Maildir rather than mbox.

Re: CMS

2004-11-22 Thread Craig Sanders
On Tue, Nov 23, 2004 at 09:20:33AM +1100, Craig Sanders wrote: > it's in perl, can use postgresql (or mysql too, i think) as the db backend, oops, wrong. it uses mysql, not postgres. i hacked it to work with postgres on my system because i didn't want to install rubbish like

Re: CMS

2004-11-22 Thread Craig Sanders
s/ doesn't look like it's been changed since Feb 2003. it's in perl, can use postgresql (or mysql too, i think) as the db backend, and the code was relatively easy to understand and modify. works with apache & CGI, or apache with mod-perl. not finished, but a pretty good bas

Re: Updated Debian boot-floppies for Proliant

2004-11-17 Thread Craig Sanders
On Thu, Nov 18, 2004 at 07:40:01AM +1100, Craig Sanders wrote: > one other problem, is that i can't get the kernel to detect the full > amount of RAM - it has 2GB, but it's only detecting 1GB. I tried > adding mem=1920M in grub but that didn't help. doh! i forgot to com

Re: Updated Debian boot-floppies for Proliant

2004-11-17 Thread Craig Sanders
M in grub but that didn't help. craig ps: i've got 4 more to convert to debian over the month or two, 2 x DL360s and 2 x DL380s. i'll have to figure out how to make a sarge installer iso with my custom kernel on it (and without initrd). -- craig sanders <[EMAIL PROTECTED]>

Re: exim or postfix

2004-11-12 Thread Craig Sanders
On Fri, Nov 12, 2004 at 10:09:36AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: > On Friday 12 November 2004 07.47, Craig Sanders wrote: > > On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: > > > > > 4 ETRN > > > > > >

Re: exim or postfix

2004-11-11 Thread Craig Sanders
your rule here is wrong. If I send you an e-mail from my > laptop, it is not going to send you an address of a server that can > receive mail (or has a DNS entry) in HELO, but everything else will be > valid, and I argue that this is OK. on my system, a good HELO is any real FQDN (e

Re: exim or postfix

2004-11-11 Thread Craig Sanders
On Thu, Nov 11, 2004 at 05:12:10PM -0500, Mark Bucciarelli wrote: > On Thursday 11 November 2004 17:04, Craig Sanders wrote: > > > 22256 Bad HELO > > wow. most of them being spammers trying to use my IP address or a bogus domain name in the HELO/EHLO string. and most

Re: exim or postfix

2004-11-11 Thread Craig Sanders
ing. that was a pretty average week, although (as ever) the number of attempts to deliver spam goes up all the time. 2 months ago, it was averaging about 30-35K rejects per week. now it's nearly 50K. the percentages don't change much, spam is already well over 90% of what my MTA se

Re: Value of backup MX

2004-11-10 Thread Craig Sanders
On Wed, Nov 10, 2004 at 02:18:50PM -0500, Robert Brockway wrote: > On Wed, 10 Nov 2004, Craig Sanders wrote: > > if you do have a backup MX, then you need to have the same anti-spam > > & anti-virus rules as on your primary server AND (most important!) it > > need

Re: Value of backup MX

2004-11-10 Thread Craig Sanders
On Wed, Nov 10, 2004 at 02:10:18PM -0500, Robert Brockway wrote: > On Wed, 10 Nov 2004, Craig Sanders wrote: > > > backup MX is obsolete these days, very few people need it (most of > > This does seem to be a prevailing opinion but I think backup MXs are > valuable now for

Re: exim or postfix

2004-11-10 Thread Craig Sanders
On Wed, Nov 10, 2004 at 11:09:47AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.1014 +0100]: > > > I agree. But exim can do it. And even though this is the LDA > > > part of it, postfix also includes an LDA, which is

Re: exim or postfix

2004-11-10 Thread Craig Sanders
On Wed, Nov 10, 2004 at 09:19:49AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0901 +0100]: > > > Anyway, if you are so confident about postfix, then maybe you > > > can teach me how to set up spamassassin to run under the

Re: exim or postfix

2004-11-10 Thread Craig Sanders
On Wed, Nov 10, 2004 at 08:21:14AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0010 +0100]: > > > There have been some very simple things that I've needed to find > > > solutions to with postfix in the past which I

Re: Value of backup MX

2004-11-09 Thread Craig Sanders
On Tue, Nov 09, 2004 at 11:56:04PM +0100, Christoph Moench-Tegeder wrote: > ## Craig Sanders ([EMAIL PROTECTED]): > > On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote: > > > also sprach Dale E. Martin <[EMAIL PROTECTED]> [2004.11.09.1954 +0100]: > >

Re: exim or postfix

2004-11-09 Thread Craig Sanders
x27;s features but didn't like the license and really didn't like the feeling that it was a dead-end incompatible trap as bad as any proprietary commercial software). then vmailer aka postfix came along and within a few months i had converted all machines to postfix and now i won'

Re: Value of backup MX

2004-11-09 Thread Craig Sanders
e and easy to use for this purpose. yep. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Value of backup MX

2004-11-09 Thread Craig Sanders
ch the same reasons as in case 1. above, plus the additional reason that there's not even an illusory benefit to them in doing it. > [...] > Now think what happens when viruses/spammers do this. My backup MX is > sending out a lot of bounce messages to potentially innocent victims fo

Re: Value of backup MX

2004-11-09 Thread Craig Sanders
ed exactly like the primary, then it > makes sense. but it's all too easy to get out of sync. > > i usually have my backup MX accept everything and then don't treat > them specially on the primary. then you are generating backscatter. i.e. you are part of the virus/spam proble

Re: Value of backup MX

2004-11-09 Thread Craig Sanders
. having a backup MX that you don't control is a very bad idea. if you don't control it, you can't maintain a list of valid recipients on it, so you will be generating vast quantities of backscatter to innocent third-parties whose email address has been forged by spammers or viruses.

Re: apache & log files

2004-11-05 Thread Craig Sanders
On Fri, Nov 05, 2004 at 09:40:28AM +0100, Francesco P. Lovergine wrote: > On Fri, Nov 05, 2004 at 09:09:16AM +1100, Craig Sanders wrote: > > > For ErrorLog you can pipe to a suitable program which does the same. > > > > but this doesn't. unless apache has added thi

Re: apache & log files

2004-11-04 Thread Craig Sanders
ith no vhost prefix on each line. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: apache & log files

2004-11-03 Thread Craig Sanders
do that, and i never bothered looking at the source to see how easy it would be to hack it in, so that means you either have a shared error.log for all vhosts or you put up with having lots of open file handles. i chose the latter, and occasionally increased both "ulimit -n" and /proc/sys/

Re: network monitoring

2004-10-31 Thread Craig Sanders
ert based on the time of day or day of week, and you can control how often an existing problem is re-alerted. . More information can be found at http://www.kernel.org/software/mon/. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to

Re: distributing SSH keys in a cluster environment

2004-10-29 Thread Craig Sanders
On Sat, Oct 30, 2004 at 12:37:31AM +0200, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.10.30.0015 +0200]: > > 3. when a machine is being built or rebuilt, install the correct > > ssh keys in /etc/ssh. they can be fetched via password-protected

Re: distributing SSH keys in a cluster environment

2004-10-29 Thread Craig Sanders
e to be completely paranoid about them - normal security precautions are adequate. this can be done before ssh is installed (in which case, the post-install script won't generate new keys), or it can be done after ssh is installed (in which case, sshd needs to be restarted after the key

Re: Advice for an IP accounting program

2004-10-19 Thread Craig Sanders
On Tue, Oct 19, 2004 at 09:31:24PM +0100, Steve Kemp wrote: > On Wed, Oct 20, 2004 at 06:18:26AM +1000, Craig Sanders wrote: > > > btw, there are also two libpcap-based netflow capturers already debianised - a > > netfilter/ulog alternative would be a good thing. > > >

Re: Advice for an IP accounting program

2004-10-19 Thread Craig Sanders
ten by cflowd btw, there are also two libpcap-based netflow capturers already debianised - a netfilter/ulog alternative would be a good thing. fprobe - exports NetFlow V5 datagrams to a remote collector pmacct - promiscuous mode traffic accountant craig -- craig sanders <[EMAIL PROT

Re: initrd in Debian kernel-image

2004-10-15 Thread Craig Sanders
module will be already on the system. the basic rule of thumb is: "if i'm likely to need it to boot or if it's essential for what the machine is supposed to do, then it gets compiled in to the kernel. otherwise as a module". craig -- craig sanders <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: problem with /var/mail and procmail

2004-09-27 Thread Craig Sanders
;t want either of those things to happen until you're sure that the changes are working without problem. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Defining ISP?

2004-09-17 Thread Craig Sanders
ect quoting & email netiquette: http://learn.to/edit_messages http://home.online.no/~vidaandr/news/FAQquoting.html http://www.iwillfollow.com/email.htm -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSC

Re: Defining ISP?

2004-09-16 Thread Craig Sanders
#x27;t know what packages they want to use really shouldn't be setting up ISP servers anyway. at minimum, they should spend some time getting familiar with the various alternatives so they can make a decision before going online. craig -- craig sanders <[EMAIL PROTECTED]> The nex

Re: apt upgrade

2004-09-07 Thread Craig Sanders
), then you really ought to test all upgrades on other servers or workstations first. the last thing you need is to discover that an upgraded apache or postfix or squid or whatever is broken AFTER you've upgraded it on the server that your users depend upon. craig -- craig sanders <[

Re: apt upgrade

2004-09-07 Thread Craig Sanders
ven if there are no packaging errors, you're occasionally going to get hit by something like this. upgrades really need someone competent watching them anyway. they should never be completely automated. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "

Re: RAID-1 to RAID-5 online migration?

2004-09-07 Thread Craig Sanders
CD, Manual, IDE cables. We are currently only shipping the SyncRAID 5000 product for Windows users. Apple and Linux versions will be available soon. NetCell is currently only shipping products to US and Canada." and similar phrasing on the info pages for the other models (3 drive and SATA

Re: RAID-1 to RAID-5 online migration?

2004-09-05 Thread Craig Sanders
rmance(*)...if i had a spare approx $600AUD, i'd buy an IDE raid card with at least 32MB non-volatile cache memory and that would give me raid-5 with decent performance, but it's just not worth that much to me for a workstation. (*) also because it gives me the 4 x 80GB drives to use in oth

Re: IIS worms and apache

2004-08-08 Thread Craig Sanders
ange whether they have responded or not. the notice you send them should tell them exactly what is going on, exactly what they have to do, and the consequences of what will happen (i.e. their site will be unreachable) if they don't. craig -- craig sanders <[EMAIL PROTECTED]> The n

Re: q re transferring mysql db from redhat to debian

2004-07-27 Thread Craig Sanders
line with postgres > and oracle's use of sequence tables, and makes porting easier. We don't > bother with ensuring that the next ID is higher than all previous ones - as > long as they're unique, that's sufficient, any references to a defunct entry > are remove

Re: q re transferring mysql db from redhat to debian

2004-07-27 Thread Craig Sanders
orrupted database when other tables refer to that id field. how are you supposed to restore a mysql db from backup then? craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Outlook and Qmail

2004-07-26 Thread Craig Sanders
ith OE + > Postfix. postfix doesn't do POP, that's the job of whatever POP daemon you're using. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Outlook and Qmail

2004-07-23 Thread Craig Sanders
On Fri, Jul 23, 2004 at 11:12:06AM -0400, Kris Deugau wrote: > Craig Sanders wrote: > > the problem is that outlook is broken. it's broken in many ways but > > this specific problem is due to the fact that outlook locks up when > > downloading "large"

Re: Outlook and Qmail

2004-07-23 Thread Craig Sanders
's stupid bugs and without outlook's stupid security holes. and it's free. if they don't like thunderbird there are many others to choose from, but the Golden Rule is "Anything But Outlook!". alternatively, get used to occasionally having to manually delete "

Re: [mailinglists] Re: Trusting Backports and unofficial Repositories

2004-07-20 Thread Craig Sanders
ackages you specify plus any required versions of dependancies will be upgraded (usually the exact same dependancies that would be required by any backports upgrade, except that they're official debian packages rather than unofficial and unsupported). the rest will stay as they were. so, who need

Re: Trusting Backports and unofficial Repositories

2004-07-19 Thread Craig Sanders
han the handful that use stable + backports (or worse, you're the ONLY person with YOUR exact combination of stable plus other packages). (*) no matter how nice it is, it's not a black coffee any more. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remembe

Re: configure squid to cache sites

2004-07-06 Thread Craig Sanders
er windows updaters refresh_pattern http://download\.macromedia\.com/ 0 80% 20160 reload-into-ims refresh_pattern ftp://ftp\.nai\.com/ 0 80% 20160 reload-into-ims refresh_pattern http://ftp\.software\.ibm\.com/ 0 80% 20160 reload-into-ims craig -- craig san

Re: configure squid to cache sites

2004-07-06 Thread Craig Sanders
refresh_pattern http://download\.macromedia\.com/ 0 80% 20160 reload-into-ims refresh_pattern ftp://ftp\.nai\.com/ 0 80% 20160 reload-into-ims refresh_pattern http://ftp\.software\.ibm\.com/ 0 80% 20160 reload-into-ims craig -- craig sanders <[EMAIL PROTEC

Re: Which Spam Block List to use for a network?

2004-06-26 Thread Craig Sanders
ve them). like me, you *can* have SPF records for your domain because you *can* list all the hosts allowed to send mail claiming to be from your domain. that just isn't the case for many domains. that is why SPF will never be a generic anti-spam tool. it is a tightly-focussed anti-forgery tool of very limited use. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Which Spam Block List to use for a network?

2004-06-26 Thread Craig Sanders
like me, you *can* have SPF records for your domain because you *can* list all the hosts allowed to send mail claiming to be from your domain. that just isn't the case for many domains. that is why SPF will never be a generic anti-spam tool. it is a tightly-focussed anti-forgery tool of

Re: Which Spam Block List to use for a network?

2004-06-24 Thread Craig Sanders
sorry to burst your bubble, but wishful thinking won't make it any different. craig ps: more on SPF records for debian.org..it's a good idea to think about the consequences of any action *BEFORE* doing it. jumping on the bandwagon just because it's fashionable or because it's all shiny and new is stupid. -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Which Spam Block List to use for a network?

2004-06-24 Thread Craig Sanders
sorry to burst your bubble, but wishful thinking won't make it any different. craig ps: more on SPF records for debian.org..it's a good idea to think about the consequences of any action *BEFORE* doing it. jumping on the bandwagon just because it's fashionable or because it's all

Re: Which Spam Block List to use for a network?

2004-06-23 Thread Craig Sanders
uoted message to be read in sequential order rather than reverse chronological order. top-posting screws up the chronological order of the replies making it a jarring chore to make sense of them - you have to scroll backwards and forwards trying to match who said what to whom and when. the longer a thread

Re: Which Spam Block List to use for a network?

2004-06-23 Thread Craig Sanders
On Wed, Jun 23, 2004 at 11:45:40AM +0200, Niccolo Rigacci wrote: > On Wed, Jun 23, 2004 at 09:56:02AM +1000, Craig Sanders wrote: > > > You want to block spam or viruses, this is OK but you are on the > > > wrong way. > > > > no, it's absolutely the righ

Re: Which Spam Block List to use for a network?

2004-06-23 Thread Craig Sanders
uoted message to be read in sequential order rather than reverse chronological order. top-posting screws up the chronological order of the replies making it a jarring chore to make sense of them - you have to scroll backwards and forwards trying to match who said what to whom and when. the longer a thread

Re: Which Spam Block List to use for a network?

2004-06-23 Thread Craig Sanders
On Wed, Jun 23, 2004 at 11:45:40AM +0200, Niccolo Rigacci wrote: > On Wed, Jun 23, 2004 at 09:56:02AM +1000, Craig Sanders wrote: > > > You want to block spam or viruses, this is OK but you are on the > > > wrong way. > > > > no, it's absolutely the righ

Re: Which Spam Block List to use for a network?

2004-06-22 Thread Craig Sanders
On Tue, Jun 22, 2004 at 09:04:03PM -0400, Blu wrote: > On Wed, Jun 23, 2004 at 09:56:02AM +1000, Craig Sanders wrote: > > On Tue, Jun 22, 2004 at 11:37:41AM +0200, Niccolo Rigacci wrote: > > > You want to block spam or viruses, this is OK but you are on the > > > w

Re: Which Spam Block List to use for a network?

2004-06-22 Thread Craig Sanders
at criteria, but you also have no right to prevent (or even whine about the fact) other people from rejecting mail from THEIR servers for that reason. their server, their rules. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Which Spam Block List to use for a network?

2004-06-22 Thread Craig Sanders
On Tue, Jun 22, 2004 at 09:04:03PM -0400, Blu wrote: > On Wed, Jun 23, 2004 at 09:56:02AM +1000, Craig Sanders wrote: > > On Tue, Jun 22, 2004 at 11:37:41AM +0200, Niccolo Rigacci wrote: > > > You want to block spam or viruses, this is OK but you are on the > > > w

Re: Which Spam Block List to use for a network?

2004-06-22 Thread Craig Sanders
at criteria, but you also have no right to prevent (or even whine about the fact) other people from rejecting mail from THEIR servers for that reason. their server, their rules. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Which Spam Block List to use for a network?

2004-06-22 Thread Craig Sanders
om external sources, but not a good idea to block from your own users). reject other dyn/dialups - they should use their own ISP or mail server. in postfix, you do that by putting the "permit_mynetworks" rule *before* the "reject_rbl_client " rule. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Which Spam Block List to use for a network?

2004-06-21 Thread Craig Sanders
om external sources, but not a good idea to block from your own users). reject other dyn/dialups - they should use their own ISP or mail server. in postfix, you do that by putting the "permit_mynetworks" rule *before* the "reject_rbl_client " rule. craig -- craig sand

Re: help with PHP/SQL

2004-05-18 Thread Craig Sanders
o store images in databases. you're much better off storing the image in the filesystem and using the database to store metadata about the image, including description, title, copyright details, and especially the path and/or URL to the image. craig -- craig sanders <[EMAIL PROTECTED

Re: Adjusting MTU

2004-05-18 Thread Craig Sanders
cument: http://www.freelabs.com/~whitis/isp_mistakes.html this document is fairly old now but is still very relevant - it should be required reading for all ISP tech and management staff. See also "Broken PMTU causes slow networks": http://www.burgettsys.com/stories/56239/ and "

Re: help with PHP/SQL

2004-05-18 Thread Craig Sanders
o store images in databases. you're much better off storing the image in the filesystem and using the database to store metadata about the image, including description, title, copyright details, and especially the path and/or URL to the image. craig -- craig sanders <[EMAIL PROTECTED

Re: Adjusting MTU

2004-05-18 Thread Craig Sanders
cument: http://www.freelabs.com/~whitis/isp_mistakes.html this document is fairly old now but is still very relevant - it should be required reading for all ISP tech and management staff. See also "Broken PMTU causes slow networks": http://www.burgettsys.com/stories/56239/ and "

Re: Fixed (hardisk) device names?

2004-04-01 Thread Craig Sanders
On Thu, Apr 01, 2004 at 09:06:33AM +0200, Arnd Vehling wrote: > And why doesnt the bootblock get copied when using identical discs and making > a dd if=/dev/had of=/dev/hdb? it does. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Fixed (hardisk) device names?

2004-04-01 Thread Craig Sanders
On Thu, Apr 01, 2004 at 09:06:33AM +0200, Arnd Vehling wrote: > And why doesnt the bootblock get copied when using identical discs and making > a dd if=/dev/had of=/dev/hdb? it does. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime chan

Re: Fixed (hardisk) device names?

2004-03-31 Thread Craig Sanders
rimary IDE master) and /dev/hdc (secondary IDE master) rather than /dev/hda & /dev/hdb. > and there are no raw devices on linux AFAIK. /dev/hd? ARE the raw devices. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Fixed (hardisk) device names?

2004-03-31 Thread Craig Sanders
rimary IDE master) and /dev/hdc (secondary IDE master) rather than /dev/hda & /dev/hdb. > and there are no raw devices on linux AFAIK. /dev/hd? ARE the raw devices. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at ho

Re: Which SATA RAID controller?

2004-03-23 Thread Craig Sanders
2.4.x and 2.6.x kernels - no idea how good, though. unlike the 3ware cards (or any other IDE/SATA raid cards i've heard of), they do have a large (128MB) write-cache - which is essential for raid-5 performance. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"

Re: Which SATA RAID controller?

2004-03-23 Thread Craig Sanders
2.4.x and 2.6.x kernels - no idea how good, though. unlike the 3ware cards (or any other IDE/SATA raid cards i've heard of), they do have a large (128MB) write-cache - which is essential for raid-5 performance. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, reme

Re: apt-get upgrade or .tgz

2004-03-03 Thread Craig Sanders
On Wed, Mar 03, 2004 at 09:03:51AM -0500, Andrew P. Kaplan wrote: > I have an old version of Postfix running on my Debian box. I don't remember > if I used apt-get or installed from a .tgz file. If I use apt-get install I > am concerned I could end up with two version of Postfix. What's the best wa

Re: apt-get upgrade or .tgz

2004-03-03 Thread Craig Sanders
On Wed, Mar 03, 2004 at 09:03:51AM -0500, Andrew P. Kaplan wrote: > I have an old version of Postfix running on my Debian box. I don't remember > if I used apt-get or installed from a .tgz file. If I use apt-get install I > am concerned I could end up with two version of Postfix. What's the best wa

Re: qmail or postfix? (was: RE: What is the best mailling list manager for qmail and Domain Tech. Control ?)

2004-02-27 Thread Craig Sanders
On Tue, Feb 24, 2004 at 03:29:04PM +0100, Thomas GOIRAND wrote: > - Original Message - > From: "Craig Sanders" <[EMAIL PROTECTED]> > > On Thu, Feb 19, 2004 at 09:34:52PM +0100, Bj?rnar Bj?rgum Larsen wrote: > > > > 4. the configuration is truly b

Re: qmail or postfix? (was: RE: What is the best mailling list manager for qmail and Domain Tech. Control ?)

2004-02-20 Thread Craig Sanders
On Fri, Feb 20, 2004 at 08:36:08AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: > On Thursday 19 February 2004 23.28, Craig Sanders wrote: > > On Thu, Feb 19, 2004 at 09:34:52PM +0100, Bj?rnar Bj?rgum Larsen wrote: > > > For example, I'd like comments on

Re: qmail or postfix? (was: RE: What is the best mailling list manager for qmail and Domain Tech. Control ?)

2004-02-19 Thread Craig Sanders
On Thu, Feb 19, 2004 at 09:34:52PM +0100, Bj?rnar Bj?rgum Larsen wrote: > For example, I'd like comments on > http://homepages.tesco.net/~J.deBoynePollard/Reviews/UnixMTSes/postfix.html a collection of lies, half-truths, and mistruths. the best that can be said about this document is that the aut

Re: qmail or postfix? (was: RE: What is the best mailling list manager for qmail and Domain Tech. Control ?)

2004-02-19 Thread Craig Sanders
On Thu, Feb 19, 2004 at 09:34:52PM +0100, Bj?rnar Bj?rgum Larsen wrote: > [3] Craig Sanders wrote: > > ps: qmail is a bad idea. postfix is better. > > Your conclusion may be right, but the arguments are missing. Would you please > share? search the archives of this list. MT

Re: What is the best mailling list manager for qmail and Domain Tech. Control ?

2004-02-18 Thread Craig Sanders
On Mon, Feb 16, 2004 at 08:19:20AM -0500, John Keimel wrote: > On Mon, Feb 16, 2004 at 07:17:57AM +0100, Thomas GOIRAND wrote: > > I wish to implement mailling list management to my software for all virtual > > domains. DTC uses qmail, so it has to be compatible with it. DTC will > > generate all c

Re: What is the best mailling list manager for qmail and Domain Tech. Control ?

2004-02-18 Thread Craig Sanders
On Mon, Feb 16, 2004 at 09:35:00PM +0100, Joris wrote: > >Majordomo is good, but I think you'd like "mailman" better. > > > >Web interface for both users and administrators, very configurable, etc. > > I'd recommend mailman too, but I have to warn for it's archive function. all list managers suck

Re: What is the best mailling list manager for qmail and Domain Tech. Control ?

2004-02-17 Thread Craig Sanders
On Mon, Feb 16, 2004 at 08:19:20AM -0500, John Keimel wrote: > On Mon, Feb 16, 2004 at 07:17:57AM +0100, Thomas GOIRAND wrote: > > I wish to implement mailling list management to my software for all virtual > > domains. DTC uses qmail, so it has to be compatible with it. DTC will > > generate all c

Re: What is the best mailling list manager for qmail and Domain Tech. Control ?

2004-02-17 Thread Craig Sanders
On Mon, Feb 16, 2004 at 09:35:00PM +0100, Joris wrote: > >Majordomo is good, but I think you'd like "mailman" better. > > > >Web interface for both users and administrators, very configurable, etc. > > I'd recommend mailman too, but I have to warn for it's archive function. all list managers suck

Re: configuring postfix to reject messages to non-existing user account

2004-02-07 Thread Craig Sanders
On Sat, Feb 07, 2004 at 04:38:58PM +, Shri Shrikumar wrote: > I have a postfix installation and it accepts all email to specified domains > regardless of the user part. This seems to pose a security hole in sending > spam / viruses. > > Say someone sends an email to the server with the from of

  1   2   3   4   5   >