RE: Email question
by Cowles, Steve
Jake McHenry wrote:
> I'm not running iptables ... on the old setup I had mailscanner
> running and another utility that gave me stats on email that could
> add spammers to the access db, maybe I'll just configure all that
> again. The only problem was some addresses entered into the access db
> were legitimate people. Can anyone recommend a better solution?
Jake,
I no longer use sendmail (I now use postfix), but I had a similar problem
with dictionary attacks because my sendmail MTA was a frontend for an
exchange server. To insure that sendmail "only" accepted/relayed e-mail for
valid accounts on the exchange server, I used the following approach (trick)
in /etc/mail/access. Maybe it will work for you. I have copy/pasted a backup
copy of my previous sendmail access file configuration (with a few edits).
As always, you milage may vary based on how sendmail is configured at your
end, so be sure to make a backup of your current access file -and- be sure
to run an open relay checker against any changes you make. I've always used
the following site for testing:
http://www.abuse.net/relay.html
<copy/paste /etc/mail/access>
# If this is both an inbound and outbound MTA, then add the systems that
# are allowed to relay e-mail through this system.
192.168.1 RELAY
# Reject both envelope sender (mail from) and recipients (rcpt to)
# that contain mydomain.com
mydomain.com REJECT
# To negate the above reject, add only "valid" recipients for mydomain.com
scowles(a)mydomain.com OK
postmaster(a)mydomain.com OK
etc...
Note 1: The above implementation was based on reading:
http://www.sendmail.org/m4/anti_spam.html#access_db
The really confusing part about sendmail (versus postfix) is understanding
in which context the access file is consulted. i.e. is the test done against
the envelope sender or recipient or both. What a PITA. Postfix does a lot
better job at implementing these types of tests.
Note 2: Maintaining a valid list of exchange recipients (mailboxes) on the
sendmail server was accomplished by writing a shell script that did an LDAP
query against the exchange server to build an access formatted list of valid
mailboxes. This script was run as an hourly cronjob. This way, when I made a
change (add/delete) on the exchange server, it was replicated to the
sendmail frontend. In fact, I still do this with postfix as a frontend.
Note 3: When an invalid recipient was specifed (like during a dictionary
attack), it was rejected after the "rcpt to"; thus no DSN/bounce was
generated by sendmail. i.e. The rejection occurs before the inbound e-mail
is submitted to the queue for delivery. Nice!!!
Hope the above solution at least points you in the right direction for
achieving your goal.
Steve Cowles
19 years, 8 months
Memory Performance Issue with Fedora Core 2 Kernels
by James Foris
I am forwarding this message for a co-worker; his email to "fedora-list" keeps
geting bounced. Having said that, I have worked with him on this issue and
will be able to answer questions/describe the issues well enough for anyone
who is kind enough to reply.
What he tried to send follows below:
-------------------------------------------------------------------------------------------------------------------------
I have run into an issue with memory bandwidth using the Fedora Core
2 kernels and I need help. I don't know what is wrong, but something
killed performance of my custom driver when I ported it from RedHat 7.3
to Fedora Core 2. I believe I have narrowed it down to the kernel.
My driver requires a large amount of contiguous physical memory for
DMA from a PCI device. I use the 'mem=YYY' command line parameter to
reserve the top of physical RAM for my driver. Then I allow mapping
via mmap() calls to user space. The user space app then uses this
pointer to save the data to disk.
Normally the user space app writes to disk using the mmap()'d pointer as
the source. With the new kernels these writes are taking way too long
(around 20 MB/s). Even when the write goes to /dev/shm, the speed is
limited to around 20 MB/s. A memcpy from the mmap()'d memory seems to
have no such slowdown.
This driver has been in use for some time on a RedHat 7.3 (2.4) kernel
with no issues. To narrow the problem down, I removed all code that talks
to the HW and created a driver that only maps host memory. The pattern
I use is shown below. It is almost identical to the code in the kernel
mem driver (...drivers/char/mem.c).
dev_mmap(...)
{
...
u32 remap_addr = num_physpages*PAGE_SIZE; // Top of memory
...
vma->vm_flags |= VM_IO;
vma->vm_flags |= VM_RESERVED;
status = remap_page_range(
vma,
vma->vm_start;
remap_addr,
vma->vm_end - vma->vm_start,
vma->vm_page_prot );
if( status )
return -EAGAIN;
...
}
I created a test program that opens the device, calls mmap() to get a
pointer, then saves 32 MB to /dev/shm and times it with the wall clock, as follows:
dev_fd = open("/dev/mydevice",O_RDWR,0);
shm_fd = open("/dev/shm/foo.dat",O_O_TRUNC|O_CREAT,0666);
void *devptr = mmap(0,0x2000000,PROT_READ,MAP_SHARED,dev_fd,0);
msync(devptr,num_bytes,MS_SYNC|MS_INVALIDATE);
double t1 = /* time in seconds using gettimeofday() */
int n = write(shm_fd,devptr,0x2000000);
double t2 = /* time in seconds using gettimeofday() */
/* check for errors */
I have tried this on several platforms and kernels and the results vary,
but the common denominator seems to be:
Fedora kernel + 32-bit Intel = poor performance (see below)
Processor Kernel Chipset Arch Results
Opteron 2.6.5-1.358smp AMD 64-bit Pass
Opteron 2.6.7-1.492smp AMD 32-bit Fail
Xeon 2.6.7-1.492smp Intel E7505 32-bit Fail
Xeon 2.6.6-1.435.2.3 Intel E7505 32-bit Fail
Xeon 2.6.6-1.435.2.3smp Intel E7505 32-bit Fail
Xeon 2.4.18-24smp Intel E7505 32-bit Pass
Xeon 2.4.18-24smp Intel E7501 32-bit Pass
P4 2.6.7 (kernel.org) Via ??? 32-bit Pass
Notes:
* The Fails are always around 20 MB/s
* When it passes, the performance depends on the chipset (e.g. 700+ MB/s)
* The E7505 is hosted in an HP xw8000.
* The E7501 is hosted on an Intel SE7501WV2 motherboard.
* The P4 is my home PC, which is a VIA chipset - don't ask me which.
Any help is appreciated.
Thanks,
John Fusco
-------------------------------------------------------------------------------------------------------------------------
Does anyone have any ideas where to begin with this one ? And is there some
other list that this question should be passed to ?
Thanks,
Jim Foris
19 years, 8 months
Fw: Problems with my mouse
by Pablo
Hi everybody.
I really need help with this. And I don´t know what to do now.
I´m running Fedora Core 2 on my computer and recently I've purchased a USB
wireless keyboard + mouse. Both, keyboard and mouse are working. The
keyboard has no problem. I can move the curson with mouse but ... there´s no
click!!! Neither the buttons are working nor the scroll wheel.
There is no BIOS missconfiguration and the mouse is working right in the
same wachine with Windoshit XP.
I even tryed all possible configurations with system-config-mouse.
What can I do with that? Is there any driver outta there? I couldn´t find
it.
So.. please I need some help!
This is the 2nd mail I write. I´m sorry for that but I´m in a big trouble
'cause I can´t use the system without it.
THANX.
Pablo.
19 years, 8 months
Moving users from FC1 to FC2
by Charles Layno
I am moving a server from an old PII that is running FC1 to a new Dell
Server that I have installed FC2 on. I am trying to move the users and
their passwords over to the new Dell FC2 server so I don't have to pee
them off by having all off them enter new passwords, but I am failing.
If you would rather not post on the list how to do it for security
reasons, please feel free to email me direct at clayno(a)w4cl.net
Thanks
Charles Layno
Greensboro, NC
19 years, 8 months
OT: Anyone managed to install Gentoo Under VMware (in FC2)?
by Ow Mun Heng
Guys,
I know this is off-topic. But I would like to play around with Gentoo
under a sandbox environment.
I currently tried to install Gentoo (2004.1) under FC2 with VNware
4.5.2-8848.
I've looked a 2 websites that detailed how they did it but for some
reason, mine doesn't work. I've tried both SCSI and IDE virtual drives.
Once booted into Gentoo, I do a fdisk, it will tell me that the disk is
not initialised and then I do a "w" and after that, I reboot, (nothing
else), then VMware will just hang there and do nothing else.
I even tried installing it all the way to the end but it proved to be
pointless.
Anyone has a clue??
--
Ow Mun Heng
Fedora GNU/Linux Core 2 on D600 1.4Ghz CPU kernel
2.6.7-2.jul1-interactive
Neuromancer 17:56:05 up 6:47, 5 users, load average: 1.74, 1.30, 1.00
19 years, 8 months
Fail to start Gnome environment
by Stephen Liu
Hi all folks,
Fedora Core 2
(upgrade from RH8.0)
After upgrade I tried several days uabling to start
Gnome environment, having played around with following
steps without a solution.
Remark:
On GUI login Session to start Gnome, it appeared as
KDE theme, all gnome applications not found including
Gnome-start (big foot). Right-click on the bottom
menu bar -> Add, still could not find
Gnome-applications
1)
Renamed all
following directories ~/
.gnome
.gnome2
.gnome_private
.gnome2_private
.gnome-desktop
as .old and Relogin Gnome (including rebooted PC).
Still could not start Gnome environment. A new set of
directories generated except ~/.gnome-desktop which
could not be found after reboot or relogin
2)
Started init 3 and login as USER
$ startx
Started KDE desktop straightwards
3)
Started 'Failsave_terminal) as USER
$ gnome-session
Also started KDE theme as login Gnome-session
mentioned above.
4)
Could not find
~/user/.xinitrc
/etc/X11/xinit/xinitrc.gnome
whereis and locate commands could not find
'xinitrc.gnome'
$ ls /etc/X11/xinit/
Xclients
xinitrc
xinitrc.d
Google search could not brought a right solution.
Kindly advise. TIA
B.R
satimis
_______________________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk
19 years, 8 months
K3bSetup
by Grega Fajdiga
Hi,
I can't find K3bSetup (the setup program for k3b on Fedora. Where can I
get it?
Thanks,
Grega
19 years, 8 months
About floppy
by Christian Loza
Hi,
A question OFF TOPIC, how can I disable floppy modules? I do not have
floppy, but when I boot or shutdown, there is an error saying something
about modules... floppy.o ... well. Do I have to recompile my kernel
without floppy support?
Sorry for my English, an Spanish Fedora Core 2 user.
Thanx,
Christian
--
Christian Loza <christianl(a)unete.com.bo>
UNETE Telecomunicaciones Ltda.
19 years, 8 months
partion error and usb trouble when upgrading
by javajunkie
Hello,
Trying to go from Shrike (RH9) to Fedora Core2, I got two errors of which the second stopped me:
For #1) I got a "unable to align partion properly ..." message which is what related to dual booting (note Win2000 is on another drive but I guess that's where the boot mgr is). Anyway, it said it's a fixable problem so I gave it a green light. Um assuming I get past two, how do I fix #1 later. I remember something about this came across this list but searching the archives didn't get me anything. If windows doesn't boot, I am not going to lose any sleep but I do need FC2 working properly.
For#2) I got a "error mounting /mnt/camera as sdc1 as" ...something like no media present or not formated. Funny thing is, when booting into RH9, that mounts just fine. Anyway, andaconda (the installer) stopped at that point and I had to reboot. I know I can take it out of fstab but what is this about I wonder.
Thanks for any and all help/insight you are able to provide.
--
Shawn
Karma is immutable, so act accordingly!
19 years, 8 months
How to upgrade to Fedora 2
by regatta
Hi
Anyone know how can I upgrade my OS from Fedora 1 to Fedora 2 ?
I want to upgrade using apt or yum without losing the workstation
even for one hour
Best Regards,
--------------------
-*- If Linux doesn't have the solution, you have the wrong problem -*-
19 years, 8 months