Discuss October 2006

discuss@lists.centos.org

260 participants
296 discussions

RE: [CentOS] spam control
by Alex Palenschat 27 Oct '06

27 Oct '06

> So my question is: if my system has granted RELAY permission > to a system > which is in a dnsbl used by the sendmail configuration, does the > sendmail RELAY, or does it deny the connection attempt? > > Thanks for wading through this completely hypothetical situation. > I think you would be served by doing some googling on backscatter. Any time you have a "backup mx" server that does not do recipient validation for the domains it serves not only is it going to receive a lot of spam, it is going to be producing a lot. This is exactly the type of thing that lands IP addresses in blacklists in my experience. That being said you should be able to whitelist the IP of the blacklisted host before you do the rbl-checking. I know how to do this with postfix but not sendmail. I am not a sendmail user, but there are some sendmail users on the list who may be willing to help there. My guess is that if you post to the mailing list of the MTA in question you may raise their ire a bit as you seem to be trying to solve a problem further downstream than you should be (idiots on your network). I would fix your local problem (if you can). alex

6 6

ISA sound cards and stuff
by Aleksandar Milivojevic 27 Oct '06

27 Oct '06

I've created kernel-isa and kernel-isasmp packages (currently i586, there'll be i686 version soon too). Basically, it is centosplus kernel with ISA Plug and Play, ISA and PCMCIA sound cards and ISA network cards enabled. The change to kernel spec file to add these two packages was fairly simple, and I hope this might find the way into centosplus kernel. If maintainer(s) of centosplus kernel are interested, I can email the patch for the spec file and four additional kernel config files. I've tested it on my old laptop that has built-in ISA sound card (ESS ES1878). Kudzu and automatic sound card detection didn't work, however after I manually added entries to /etc/modprobe.conf, it all worked nicely. I had to manually specify io, irq, and dma settings in the options line, and I guess the same may be true for most ISA hardware. I don't really have anything Plug and Play to test, and no ISA network cards anymore. Anyhow, if anybody does have, it would be nice if (s)he could test if all works OK. The Plug and Play is in kernel, no userland tools should be needed (hopefully). The only sound card missing is Wavefront. The source code for device driver needs some updating (there seem to be a patch floating around somewhere though, haven't tested it yet). The way it is now, it produces unresolved symbols if compiled. I see these packages mostly useful for folks with older laptops (ISA based sound cards, buying cheap PCI card is no option on laptops). Also for folks with older motherboards that have run out of PCI slots, but still have a few free ISA slots. The packages are signed with my PGP key (same as the one used for this email, you can grab it from most PGP key servers). Key fingerprint is 46FE 7D24 2D50 566A FBF3 7395 4AE4 9AE0 D660 AA3F or something like that. The URL is http://www.milivojevic.org/linux/rpm/el4/i386/

2 3

compaq r4000
by Jerry Geis 26 Oct '06

26 Oct '06

I am trying to install x86_64 on a compaq r4000 laptop. booting the CD I have tried text mode only and graphicaly mode. I see the normal stuff flying by and I just get a black screen (in text for graphic install). I have tried linux acpi=off apci=off nousb nopcmcia linux noprobe all result in the same black screen. Once the screen goes black the CD is still being accessed but the screen is just black. I have tried CTRL-ALT-F1 or F2 and still nothing. CTL-ALT-DEL does reboot the machine. Anyone seen this? any ideas? the machine is compaq r4000, turian 64 bit cpu. ATI video. windows on the same machine works fine. jerry

3 3

Procmail Problem
by abhishek singh 26 Oct '06

26 Oct '06

Dear Friends, I am facing one problem in using procmail, i am using procmail as a MDA but problem is that whenever anyone mail is sending a mail to id hk.singh(a)example.com then that mail is going to hk.singh(a)example.com and to k.singh(a)example.com , plz help me out. thanks . waiting for response. Abhishek Kr. Singh System Administrator DSC. LTD. Mob.No. +91-9871563248 __________________________________________________________ Yahoo! India Answers: Share what you know. Learn something new http://in.answers.yahoo.com/

3 3

which http proxy to choose
by Mindaugas 26 Oct '06

26 Oct '06

Hello, Which http proxy to choose nowadays? Squid? But as far as I understand it is single process which sounds not too effective for current dual cpu dual core servers. Apache? Something else? Load can reach 1000-1500 simultaneous but slow speed connections (mobile phone clients). From more advanced features I need just possibility to redirect requests to certain domains to another proxy. Thanks, Mindaugas

3 3

vmware, rhel4(or us) problems w/virtual usb ports
by rado 26 Oct '06

26 Oct '06

I ran across this and glad I did...saved my .10 worth of sanity I got left: It came from: http://kb.vmware.com/KanisaPlatform/Publishing/612/774_f.SAL_Public.html Guest Cannot See USB Device on RHEL4-x64 Host This problem was identified on VMware Server, but may affect other VMware products. When you connect a USB device to a host running the RHEL4-x64 operating system, then try to access the USB from the VMware guest, the following error message appears: The Existing driver (usbhid) could not be successfully disconnected. (operation not permitted) Unload the driver manually then try again <OK>. In this situation, you cannot unload the driver manually from the host, because it does not exist as a module—it is compiled directly into the RHEL4-x64 kernel. Normally, this situation is not a problem for VMware software, but the kernel does not support the required ioctl (control device) function to allow VMware to disconnect the device from the usbhid driver. As a workaround, you can recompile the host's kernel with usbhid as a module, then manage its removal with rmmod. However, because the usbhid driver is necessary to allow the host and guest operating systems to interact with a USB mouse and keyboard, removing the module from the recompiled kernel may not be appropriate for your system. You may need to use an upgraded kernel or a different operating system instead. thx John Rose

3 3

CentOS - Spam List?
by John Hinton 25 Oct '06

25 Oct '06

The latest thread on Spam on the list has the potential of dominating the list for a long time. Is there any chance that perhaps the CentOS team might consider an Anti-Spam for CentOS mailing list? I would love to participate in such a list. From a subscriber point of view, I would think a 'CentOS A/S' list would be both pertinent and manageable from a volume standpoint. I know this is a bit to the side, but really for many of us sysadmins, Spam is much harder to deal with than any other single portion of running a CentOS server. Are there any others that might like such a list? Would the CentOS team consider adding this mailing list? Best Regards, John Hinton

3 2

RE: [CentOS] spam control
by Alex Palenschat 25 Oct '06

25 Oct '06

John Hinton wrote: > > I don't think my users would be too happy with greylisting, unless it > was done only on blocklist, as they have come to enjoy the immediate > delivery of email. Also, greylisting has the potential of > hurting other > ISPs, clogging their systems, just because they signed up a > few 'stupid > users' who got the latest virus/trojan. If you think back to > some of the > more successful viruses, mailservers everywhere suffered with many > choking and going down. Adding to their mail queues isn't so nice. While I have had a couple of mailservers that were sending legitimate mail complain about this (greylisting all mail), the vast majority have had no problem with it. I use the postgrey script (has it's own yum repo too :) and after a 5 minute delay the first time a triplet (client/sender/recipient) is seen it is auto-whitelisted. And the greylisting happens after all sanity checks and rbls. Vastly reduced spam from spambots which tend to just blast the mail out with no concern for the response. But I only have 200+ mailboxes and around 15-20k emails a day, so YMMV. I think the bottom line is that you have to pick your MTA/Content filter and then get on the mailing list and pay attention. It's an on-going war and there is no set-it and forget-it. alex

1 0

error messages when rebuilding centosplus kernel
by Aleksandar Milivojevic 25 Oct '06

25 Oct '06

I'm rebuilding the centosplus kernel with ISA P&P and ISA some devies enabled. At the very end of compilation, I got a lot of error messages that looked like: Error: ./init/initramfs.o .text refers to 0000046e R_386_PC32 .init.text Error: ./init/initramfs.o .text refers to 0000059c R_386_PC32 .init.text Error: ./init/initramfs.o .text refers to 000007a8 R_386_PC32 .init.text Hmmm... Are these normal, or is there something wrong with the kernel build? -- NOTICE: If you are not intended recipient, you are hereby notified that by reading this message you agreed not to disturb frogs during mating season. For more info, visit http://www.8-P.ca/

2 1

RE: [CentOS] spam control
by Alex Palenschat 25 Oct '06

25 Oct '06

> After that point, it starts to get ugly. We currently manage > to have 96% efficiency (false positives around 0.001%), and > thats a daily battle. Spam traps and new rules almost every > day (5 days a week, at least). > > For those interested, these are the RBLs I use: > sbl-xbl.spamhaus.org > relays.ordb.org > dnsbl.njabl.org > > Dropped spamcop some months ago. > > []s > > - -- > Rodrigo Barbosa One other thing that it may be good to point out is the course that the postfix group seems to be taking which is sanity checking incoming email before the DATA state. This is well worth checking out and I would guess that any well-maintained MTA would support this type of thing. So your rbl checks/helo checks/hostname and mx checks happen before the mail is received. This greatly reduces the amount of processing time on the MTA and allows it to handle far more mail in these spam-predominant times. You don't want to block most of your spam with a perl script IMHO. On our MTA, between the aforementioned and greylisting we block enough spam for it to be manageable on the back end with very, very few false-positives and close to zero maintenance. I'm sure that if we wanted to block more we could spend a lot more time setting up traps/writing SpamAssassin rules etc. But we're quite happy with this setup. FYI, rbls we use are: relays.ordb.org list.dsbl.org sbl-xbl.spamhaus.org <-- best one dul.dnsbl.sorbs.net the last being the only one I've seen any false positives on and only 2 since we set it up. YMMV. alex

2 1

← Newer
1
2
3
4
5
6
7
8
9
...
30
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss October 2006