From owner-freebsd-isp@FreeBSD.ORG Sun Sep 7 14:29:06 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1CAD616A4BF for ; Sun, 7 Sep 2003 14:29:06 -0700 (PDT) Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id D69B143FF9 for ; Sun, 7 Sep 2003 14:29:04 -0700 (PDT) (envelope-from eyurtese@bessel.tekniikka.turkuamk.fi) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id AAA27562 for ; Mon, 8 Sep 2003 00:29:02 +0300 Date: Mon, 8 Sep 2003 00:29:02 +0300 (WET) From: Evren Yurtesen To: freebsd-isp@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: default file creation umask php4+apache X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Sep 2003 21:29:06 -0000 I wonder how to set the default file creation umask of the php? I dont want to set this in my scripts! I want to make the setting system wide available. This kind of interesting because first my php scripts created files with mode 755, and then when I changed the tmp directory they started to be created with mode 700 and now I realized that they are created by 777 mode. Because of some weird reason... I already tried to set the umask while starting apache but it doesnt seem to effect. I also tried to change the umask in /etc/login.conf and it also doesnt seem to effect. I am not sure if I did a mistake though. Do you have any suggestions or experiences? Thanks Evren From owner-freebsd-isp@FreeBSD.ORG Mon Sep 8 08:15:57 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD79D16A4C0 for ; Mon, 8 Sep 2003 08:15:57 -0700 (PDT) Received: from ctb-mesg2.saix.net (ctb-mesg2.saix.net [196.25.240.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3303F43FE9 for ; Mon, 8 Sep 2003 08:15:56 -0700 (PDT) (envelope-from james@organicwire.net) Received: from [192.168.1.2] (tpr-bras-130-81.telkom-ipnet.co.za [165.165.130.81]) by ctb-mesg2.saix.net (Postfix) with ESMTP id 40115375C for ; Mon, 8 Sep 2003 17:15:53 +0200 (SAST) User-Agent: Microsoft-Entourage/10.0.0.1309 Date: Mon, 08 Sep 2003 17:15:21 +0200 From: James Godwin To: Message-ID: In-Reply-To: <1062767877.8cbd42c952096@mail.encontacto.net> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2003 15:15:58 -0000 Hi, There has been no need for Anti Virus on our mail servers as most of our clients are Mac users and our windows clients have anti virus installed on their machines. Keeping windows virus updated updated is a mission so I was wondering what the ideal Anti Virus app I should use for our Sendmail and Qmail servers? Any ideas would be much appreciated. Kind regards, James From owner-freebsd-isp@FreeBSD.ORG Mon Sep 8 08:23:15 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A5D516A4BF for ; Mon, 8 Sep 2003 08:23:15 -0700 (PDT) Received: from unix1.sihope.com (unix1.sihope.com [207.195.195.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3057F43FB1 for ; Mon, 8 Sep 2003 08:23:14 -0700 (PDT) (envelope-from adamm@sihope.com) Received: from unix1.sihope.com (adamm@localhost.sihope.com [127.0.0.1]) by unix1.sihope.com (8.12.9/8.11.6) with ESMTP id h88FNAqL011540; Mon, 8 Sep 2003 10:23:10 -0500 (CDT) Received: from localhost (adamm@localhost)h88FNAnq011537; Mon, 8 Sep 2003 10:23:10 -0500 (CDT) X-Authentication-Warning: unix1.sihope.com: adamm owned process doing -bs Date: Mon, 8 Sep 2003 10:23:10 -0500 (CDT) From: Adam Maloney To: James Godwin In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2003 15:23:15 -0000 We have had good luck with McAfee's unix product, and it's very reasonably priced (even with support/upgrades). I've never used anything else on the unix side, so I can't offer a comparison, but it does precisely what we need and does it fairly well. I'm much more comfortable paying for A/V software, knowing that someone somewhere is getting paid to update the virus definitions regularly (versus the freebies available). But again, I haven't used anything else so I can't comment. Note we do NOT scan all of our user's mail by default, so YMMV. On Mon, 8 Sep 2003, James Godwin wrote: > Hi, > > There has been no need for Anti Virus on our mail servers as most of our > clients are Mac users and our windows clients have anti virus installed on > their machines. > > Keeping windows virus updated updated is a mission so I was wondering what > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? > > Any ideas would be much appreciated. > > Kind regards, > > James > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > Adam Maloney Systems Administrator Sihope Communications From owner-freebsd-isp@FreeBSD.ORG Mon Sep 8 09:24:42 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA69916A4BF for ; Mon, 8 Sep 2003 09:24:42 -0700 (PDT) Received: from accounts.amigo.net (smtp.amigo.net [209.94.64.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id D57EC43FE3 for ; Mon, 8 Sep 2003 09:24:40 -0700 (PDT) (envelope-from randys@amigo.net) Received: from stalker.amigo.net ([209.94.67.250]) by accounts.amigo.net with esmtp; Mon, 08 Sep 2003 10:24:38 -0600 Date: Mon, 8 Sep 2003 10:24:37 -0600 (MDT) From: Randy Smith X-X-Sender: randy@stalker.amigo.net To: James Godwin In-Reply-To: Message-ID: <20030908101931.S580@stalker.amigo.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: "freebsd-isp@freebsd.org" Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2003 16:24:43 -0000 On Mon, 8 Sep 2003, James Godwin wrote: > Date: Mon, 08 Sep 2003 17:15:21 +0200 > From: James Godwin > To: "freebsd-isp@freebsd.org" > Subject: Anti Virus for mail server > > Hi, > > There has been no need for Anti Virus on our mail servers as most of our > clients are Mac users and our windows clients have anti virus installed on > their machines. > > Keeping windows virus updated updated is a mission so I was wondering what > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? Amavis + clamav is reasonable if you want a "pure" OSS solution. My mail server runs courier-mta+amavis-ng+f-prot serving 7500 accounts. F-Prot is a fairly inexpensive system and runs fine on FreeBSD and Linux. > > Any ideas would be much appreciated. > > Kind regards, > > James > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > -- Randy Smith Amigo.Net Systems Administrator 1-719-589-6100 x 4185 http://www.amigo.net/ From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 01:44:13 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 64C4116A4BF for ; Tue, 9 Sep 2003 01:44:13 -0700 (PDT) Received: from flock1.newmail.ru (flock1.newmail.ru [212.48.140.157]) by mx1.FreeBSD.org (Postfix) with SMTP id 9678943F93 for ; Tue, 9 Sep 2003 01:44:11 -0700 (PDT) (envelope-from Andrew.Karjagin@newmail.ru) Received: (qmail 7535 invoked by alias); 9 Sep 2003 08:43:41 -0000 Message-ID: <20030909084341.7534.qmail@flock1.newmail.ru> From: Andrew Karjagin To: James Godwin X-Priority: 3 MIME-Version: 1.0 X-Mailer: DenMail v1.0 by ORC X-Uid: 689 X-RemoteIP: 81.89.65.2 (81.89.64.105) Date: Tue, 09 Sep 2003 12:43:41 +0400 In-Reply-To: X-DWM-In-Reply-To: <1063097021.7511.denwebmail-5280-INBOX@Andrew_Karjagin> Content-type: text/plain; charset="koi8-r" cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 08:44:13 -0000 Hello James Godwin I am using DrWeb (http://www.sald.com/ or http://www.drweb.net/) on two servers (freebsd and linux) with 4000 mailboxes. It work for me with Exim4+MySQL+Qpopper. No one e-mail virus is going through my servers. Very good antivirus with evaluation key - you can config and test your server before buy antivirus. Antivir databases updates every day. It have versions of program for any MTA. Пн, 08.09.2003 19:15:21 you wrote: > JG> Hi, JG> JG> There has been no need for Anti Virus on our mail servers as most of our JG> clients are Mac users and our windows clients have anti virus installed on JG> their machines. JG> JG> Keeping windows virus updated updated is a mission so I was wondering what JG> the ideal Anti Virus app I should use for our Sendmail and Qmail servers? JG> JG> Any ideas would be much appreciated. JG> JG> Kind regards, JG> JG> James JG> JG> _______________________________________________ JG> freebsd-isp@freebsd.org mailing list JG> http://lists.freebsd.org/mailman/listinfo/freebsd-isp JG> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" JG> __________ JG> http://www.newhost.ru - Уютно, по-домашнему, в тапочках..... __________ www.newmail.ru -- Новая Почта: все по-новому. From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 03:15:15 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A87B516A4BF; Tue, 9 Sep 2003 03:15:15 -0700 (PDT) Received: from yazzy.wrs.no (mail.wrs.no [213.236.173.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3922143FE5; Tue, 9 Sep 2003 03:15:12 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from h311r4iz3r.wrs (localhost [127.0.0.1]) by yazzy.wrs.no (Postfix) with SMTP id 878F7418D; Tue, 9 Sep 2003 12:14:57 +0200 (CEST) Date: Tue, 9 Sep 2003 12:14:57 +0200 From: Martin Jessa To: freebsd-isp , freebsd-small Message-Id: <20030909121457.672d3b41.freebsd@yazzy.org> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 10:15:15 -0000 Hi Guys. I am setting up system for a Wireless ISP trying to figure out how to enable MAC Address Access Control with a radius server. I need to find out how it can be done and what Radius server supports tricks like that. Any ideas? Thanks in advace. YazzY From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 03:28:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 43FD416A4BF for ; Tue, 9 Sep 2003 03:28:21 -0700 (PDT) Received: from mail.unina.it (mail.unina.it [192.132.34.73]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09CD743FDF for ; Tue, 9 Sep 2003 03:28:09 -0700 (PDT) (envelope-from root@cds.unina.it) Received: (from smmsp@localhost) by mail.unina.it (8.12.9/8.12.9) id h89ASala030960 for freebsd-isp@freebsd.org; Tue, 9 Sep 2003 12:28:36 +0200 X-Authentication-Warning: mail.unina.it: Processed by smmsp with -C /etc/mail/sendmail.cf Received: from cds.unina.it (cds.unina.it [192.132.34.41]) by mail.unina.it (8.12.9/8.12.9) with ESMTP id h89ASZcb030932 for ; Tue, 9 Sep 2003 12:28:35 +0200 Received: (from root@localhost) by cds.unina.it (8.12.9/8.12.9) id h89AVU0s047728 for freebsd-isp@freebsd.org; Tue, 9 Sep 2003 12:31:30 +0200 (CEST) Message-Id: <200309091031.h89AVU0s047728@cds.unina.it> Date: Tue, 09 Sep 2003 12:31:29 CEST From: avadmin@cds.unina.it To: freebsd-isp@freebsd.org X-scanner: scanned by Inflex 1.0.12.5 - (http://pldaniels.com/inflex/) Subject: Inflex scan report [0909123150275] X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: avadmin@unina.it List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 10:28:21 -0000 Administrator Email Reply Address: avadmin Email sent to: zelati@cds.unina.it Inflex ID: 0909123150275 Report Details ----------------------------------------------- AntiVirus Results... SWEEP virus detection utility Version 3.71, July 2003 [Digital Unix/Alpha] Includes detection for 82975 viruses, trojans and worms Copyright (c) 1989,2003 Sophos Plc, www.sophos.com System time 12:31:30, System date 09 September 2003 Command line qualifiers are: -archive -all -rec -sc IDE directory is: /usr/local/sav Using IDE file webber-a.ide Using IDE file gruel-a.ide Using IDE file coconuta.ide Using IDE file cmjspy-b.ide Using IDE file golon-a.ide Using IDE file ataka-e.ide Using IDE file migmaf-a.ide Using IDE file mofei-b.ide Using IDE file viewmova.ide Using IDE file israza.ide Using IDE file graps-a.ide Using IDE file larx-fam.ide Using IDE file zwmvc-b.ide Using IDE file adenu-a.ide Using IDE file mylife-m.ide Using IDE file mumu.ide Using IDE file revas-a.ide Using IDE file klexe-a.ide Using IDE file sage-a.ide Using IDE file sluter-a.ide Using IDE file colevo-a.ide Using IDE file slanpera.ide Using IDE file cailonta.ide Using IDE file sandesa.ide Using IDE file raleka.ide Using IDE file sobig-e.ide Using IDE file frtnghte.ide Using IDE file relax-c.ide Using IDE file pcghosta.ide Using IDE file haclineb.ide Using IDE file nofer-c.ide Using IDE file magold-d.ide Using IDE file redist-c.ide Using IDE file nofer-b.ide Using IDE file mumu-b.ide Using IDE file sobig-d.ide Using IDE file frtnghtf.ide Using IDE file mystri-a.ide Using IDE file crock-a.ide Using IDE file suhd-a.ide Using IDE file nofer-a.ide Using IDE file anaco-d.ide File panjang.ide is older than 90 days Using IDE file gruel-c.ide Using IDE file gruel-b.ide Using IDE file mapson-c.ide Using IDE file gruel-d.ide Using IDE file gruel-e.ide Using IDE file dwnld-di.ide Using IDE file gruelfam.ide Using IDE file mofei-c.ide Using IDE file jantic-b.ide Using IDE file frtnghth.ide Using IDE file qqpass-a.ide Using IDE file babybr-a.ide Using IDE file mimail-a.ide Using IDE file randonr.ide Using IDE file cidu-a.ide Using IDE file gruel-m.ide Using IDE file boohoo-a.ide Using IDE file maila.ide Using IDE file autort-a.ide Using IDE file lovgatel.ide Using IDE file sview-a.ide Using IDE file randex-d.ide Using IDE file blastera.ide Using IDE file rpcsdb-a.ide Using IDE file blasterb.ide Using IDE file donkc.ide Using IDE file graybird.ide Using IDE file nachi-a.ide Using IDE file blasterd.ide Using IDE file sobigf.ide Using IDE file dumaru-a.ide Using IDE file bdoorrq.ide Using IDE file pandem-b.ide Using IDE file agobot-q.ide Using IDE file tzet-a.ide Using IDE file blastere.ide Using IDE file nugosh-a.ide Using IDE file yaha-t.ide Using IDE file lovgatep.ide Using IDE file blasterf.ide Using IDE file w32cailb.ide Using IDE file quatersa.ide Using IDE file phone-b.ide Using IDE file jsurf-a.ide Using IDE file sbf-dam.ide Using IDE file exedropb.ide Using IDE file neroma.ide Using IDE file eyeveg-a.ide Quick Sweeping 00:01 _headers_ 00:01 textfile0 00:01 textfile1 00:01 document_9446.pif >>> Virus 'W32/Sobig-F' found in file /usr/local/inflex/tmp/inf_0909123150275/unpacked/document_9446.pif 00:01 textfile2 5 files swept in 1 second. 1 virus was discovered. 1 file out of 5 was infected. Please send infected samples to Sophos for analysis. For advice consult www.sophos.com, email support@sophos.com or telephone +44 1235 559933 End of Sweep. File NAME/TYPE Scan Results 0909123150275 from:freebsd-isp@freebsd.org to: zelati@cds.unina.itType scanning off. Name scanning off. Text scanning off. END OF MESSAGE. End. . From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 08:30:02 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 68D2316A4BF for ; Tue, 9 Sep 2003 08:30:02 -0700 (PDT) Received: from netmail02.services.quay.plus.net (netmail02.services.quay.plus.net [212.159.14.221]) by mx1.FreeBSD.org (Postfix) with SMTP id C8C0943FDD for ; Tue, 9 Sep 2003 08:29:59 -0700 (PDT) (envelope-from simong@desktop-guardian.com) Received: (qmail 28850 invoked from network); 9 Sep 2003 15:29:58 -0000 Received: from desktopguardian.plus.com (HELO desktop-guardian.com) (81.174.227.186) by netmail02.services.quay.plus.net with SMTP; 9 Sep 2003 15:29:58 -0000 Received: (qmail 27821 invoked by uid 1006); 9 Sep 2003 15:38:08 -0000 Received: from simong@desktop-guardian.com by dtg25 by uid 82 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.55. Clear:. Processed in 1.843906 secs); 09 Sep 2003 15:38:08 -0000 Received: from unknown (HELO dtg17) (192.168.0.17) by 192.168.0.25 with SMTP; 9 Sep 2003 15:38:05 -0000 Message-ID: <014e01c376e7$79353940$1100a8c0@dtg17> From: "Simon Gray" To: "James Godwin" , References: Date: Tue, 9 Sep 2003 16:31:43 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Simon Gray List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 15:30:02 -0000 with the right link this time :P http://logicsquad.net/freebsd/qmail-scanner-how-to.html From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 08:46:17 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 818E116A4BF for ; Tue, 9 Sep 2003 08:46:17 -0700 (PDT) Received: from murphys.services.quay.plus.net (murphys.services.quay.plus.net [212.159.14.225]) by mx1.FreeBSD.org (Postfix) with SMTP id EC92144008 for ; Tue, 9 Sep 2003 08:46:13 -0700 (PDT) (envelope-from simong@desktop-guardian.com) Received: (qmail 19918 invoked from network); 9 Sep 2003 15:28:51 -0000 Received: from desktopguardian.plus.com (HELO desktop-guardian.com) (81.174.227.186) by murphys.services.quay.plus.net with SMTP; 9 Sep 2003 15:28:51 -0000 Received: (qmail 27808 invoked by uid 1006); 9 Sep 2003 15:37:18 -0000 Received: from simong@desktop-guardian.com by dtg25 by uid 82 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.55. Clear:. Processed in 2.099901 secs); 09 Sep 2003 15:37:18 -0000 Received: from unknown (HELO dtg17) (192.168.0.17) by 192.168.0.25 with SMTP; 9 Sep 2003 15:37:15 -0000 Message-ID: <014a01c376e7$5b690cc0$1100a8c0@dtg17> From: "Simon Gray" To: "James Godwin" , References: Date: Tue, 9 Sep 2003 16:30:53 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Simon Gray List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 15:46:17 -0000 qmail + qmail-scanner + spamassassin + clamav works quite well and is easy to setup http://qmail-scanner.sourceforge.net/ http://clamav.elektrapro.com/ good howto @ http://logicsquad.net/freebsd/qmail-how-to.html ----- Original Message ----- From: "James Godwin" To: Sent: Monday, September 08, 2003 4:15 PM Subject: Anti Virus for mail server > Hi, > > There has been no need for Anti Virus on our mail servers as most of our > clients are Mac users and our windows clients have anti virus installed on > their machines. > > Keeping windows virus updated updated is a mission so I was wondering what > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? > > Any ideas would be much appreciated. > > Kind regards, > > James > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 09:56:59 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A51616A4BF for ; Tue, 9 Sep 2003 09:56:59 -0700 (PDT) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA3BD43FE5 for ; Tue, 9 Sep 2003 09:56:57 -0700 (PDT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id BEBED1FF8FC; Tue, 9 Sep 2003 18:56:55 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 91C281FF8FB; Tue, 9 Sep 2003 18:56:54 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id 1024A155E2; Tue, 9 Sep 2003 16:05:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id 0615515329; Tue, 9 Sep 2003 16:05:04 +0000 (UTC) Date: Tue, 9 Sep 2003 16:05:04 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: Martin Jessa In-Reply-To: <20030909121457.672d3b41.freebsd@yazzy.org> Message-ID: References: <20030909121457.672d3b41.freebsd@yazzy.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS snapshot-20020300 cc: freebsd-isp Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 16:56:59 -0000 On Tue, 9 Sep 2003, Martin Jessa wrote: Hi, > I am setting up system for a Wireless ISP trying to figure out how to > enable MAC Address Access Control with a radius server. > I need to find out how it can be done and what Radius server supports > tricks like that. > Any ideas? If your AP supports radius set radius secret and IP address there. Though I am not very happy with freeradius I am using this a home. radiator also supports this. freeradius user file entry with an orinoco ap may simply look like this: # someone's MAC 001234-56789a Auth-Type := Accept There is at least one paper around that describes how to set things up. I think you might find links on freeradius or radiator homepages. Thay also describe configuration with Windows clients if I remember correctly. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/ From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 11:01:30 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DED3016A4BF for ; Tue, 9 Sep 2003 11:01:30 -0700 (PDT) Received: from lapdance.yazzy.org (yazzy.org [217.8.140.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B24443FDD for ; Tue, 9 Sep 2003 11:01:29 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.org (Postfix) with SMTP id 3DFAC418E; Tue, 9 Sep 2003 20:01:15 +0200 (CEST) Date: Tue, 9 Sep 2003 20:01:14 +0200 From: Martin Jessa To: freebsd-isp@freebsd.org Message-Id: <20030909200114.2d36cdea.freebsd@yazzy.org> In-Reply-To: References: <20030909121457.672d3b41.freebsd@yazzy.org> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 18:01:31 -0000 Hi. What I really need is to make my AP's talk to the radius server which connects to an SQL backend and allows users to login. I have a setup now with radius server that authenticates my vpn users with data supplied by MySQL. The users get either static or dynamic IP's from different pools. It works great except for one thing. The commercial users are not allowed to create IPsec tunnels to other places. For that I want to use WPA and a controll system based on Mac-addresses. My AP supports radius and I wanted to give it a shot. I just don't understand how that authentication method works with radius Mac-addresses. Is there any tool for radiator that can be used to easly manage users with a web based interface? I don't want nor can teach my customer how to add users from command prompt. Thanks. YazzY On Tue, 9 Sep 2003 16:05:04 +0000 (UTC) "Bjoern A. Zeeb" wrote: > On Tue, 9 Sep 2003, Martin Jessa wrote: > > Hi, > > > I am setting up system for a Wireless ISP trying to figure out how to > > enable MAC Address Access Control with a radius server. > > I need to find out how it can be done and what Radius server supports > > tricks like that. > > Any ideas? > > If your AP supports radius set radius secret and IP address there. > Though I am not very happy with freeradius I am using this a home. > radiator also supports this. > > freeradius user file entry with an orinoco ap may simply look like > this: > > # someone's MAC > 001234-56789a Auth-Type := Accept > > > There is at least one paper around that describes how to set things > up. I think you might find links on freeradius or radiator homepages. > Thay also describe configuration with Windows clients if I remember > correctly. > > -- > Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT > 56 69 73 69 74 http://www.zabbadoz.net/ > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 11:20:17 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EAFDF16A4BF for ; Tue, 9 Sep 2003 11:20:17 -0700 (PDT) Received: from mail.ipsnetwork.net (mail.ipsnetwork.net [209.202.83.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC65643FFB for ; Tue, 9 Sep 2003 11:20:16 -0700 (PDT) (envelope-from nathan@vidican.com) Received: from webmail.ipsnetwork.net (localhost [127.0.0.1]) by mail.ipsnetwork.net (8.12.7/8.12.7) with ESMTP id h89MKfn5031314; Tue, 9 Sep 2003 18:20:45 -0400 (EDT) (envelope-from nathan@vidican.com) From: "Nathan Vidican" To: Martin Jessa Date: Tue, 9 Sep 2003 22:20:41 +0000 Message-Id: <20030909221635.M54304@vidican.com> In-Reply-To: <20030909121457.672d3b41.freebsd@yazzy.org> References: <20030909121457.672d3b41.freebsd@yazzy.org> X-Mailer: Innovative E-Mail! 1.90a 20030303 X-OriginatingIP: 207.164.251.185 (nvidican) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 cc: freebsd-isp@freebsd.org Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 18:20:18 -0000 Might I suggest you look into just using PPPoE for wireless applications? You can first off make use of WEP to secure the traffic to some extent, then run PPPoE (which can authenticate through radius) to have your clients login and what-not. This way you can control not only access to the network but also access to which IP address(es). We have a similar setup here, where we use private IP's from tower to tower and route traffic back to home base, where clients login with PPPoE to get an external IP address and it works very well thus far. Just my 2 cents, if you still want to block/control by mac address why not just use a switch which has radius support; eg: Cisco 2924XL. -- Nathan Vidican nathan@vidican.com Innovative Product Sales http://www.InnovativeProductSales.com/ On Tue, 9 Sep 2003 12:14:57 +0200, Martin Jessa wrote > Hi Guys. > > I am setting up system for a Wireless ISP trying to figure out how > to enable MAC Address Access Control with a radius server. I need to > find out how it can be done and what Radius server supports tricks > like that. Any ideas? > > Thanks in advace. > YazzY > _______________________________________________ > freebsd-small@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-small > To unsubscribe, send any mail to "freebsd-small-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 00:13:50 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7428C16A4BF for ; Wed, 10 Sep 2003 00:13:50 -0700 (PDT) Received: from webmail.akwireless.net (ns1.akwireless.net [192.189.218.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 3D07643FD7 for ; Wed, 10 Sep 2003 00:13:49 -0700 (PDT) (envelope-from dee@akwireless.net) Received: (qmail 17915 invoked from network); 10 Sep 2003 07:13:48 -0000 Received: from unknown (HELO 192.168.0.3) (127.0.0.1) by 0 with SMTP; 10 Sep 2003 07:13:48 -0000 From: "W.D. McKinney" To: freebsd-isp@freebsd.org Content-Type: text/plain Organization: Message-Id: <1063178091.2055.68.camel@papa.wdm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.3 Date: 09 Sep 2003 23:14:51 -0800 Content-Transfer-Encoding: 7bit Subject: moving from debian to FreeBSD X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 07:13:50 -0000 Hello All, New to this list & FreeBSD. We are almost done moving one server into the new colo, and I must say, I am thoroughly pleased with the differences between FreeBSD and Linux. I started running Linux when RedHat came out with the first commercial version (which I still have :-), and have been running it since. Yet when it was time to make a choice on OS's for the new servers, it was time to move on to FreeBSD. This for lots of reasons. I am not here to trash Linux. I just wanted to say I find FreeBSD excellent to run Apache and djbdns, and we run qmail + assorted other apps for MTA, etc.That's the next project. This list has been informative also, so thanks. Dee -- W.D.McKinney (Dee) Alaska Wireless Systems Direct (907)349-4308 -=- Mobile (907)230-5048 http://www.akwireless.net From owner-freebsd-isp@FreeBSD.ORG Tue Sep 9 19:20:37 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 02B9316A4BF for ; Tue, 9 Sep 2003 19:20:37 -0700 (PDT) Received: from web20808.mail.yahoo.com (web20808.mail.yahoo.com [216.136.226.197]) by mx1.FreeBSD.org (Postfix) with SMTP id C1E4D43FCB for ; Tue, 9 Sep 2003 19:20:34 -0700 (PDT) (envelope-from badpacket94501@yahoo.com) Message-ID: <20030910022034.54580.qmail@web20808.mail.yahoo.com> Received: from [192.12.78.250] by web20808.mail.yahoo.com via HTTP; Tue, 09 Sep 2003 19:20:34 PDT Date: Tue, 9 Sep 2003 19:20:34 -0700 (PDT) From: Fred To: Martin Jessa , freebsd-isp , freebsd-small In-Reply-To: <20030909121457.672d3b41.freebsd@yazzy.org> MIME-Version: 1.0 X-Mailman-Approved-At: Wed, 10 Sep 2003 07:14:15 -0700 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 02:20:37 -0000 Well, we are doing just that where I work, although it is for an enterprise lan. Using Cisco 1200 in the enterprise with EAP and Radius server. Its pretty easy and doable, at least on our limited scale. Not sure about a large ISP though. Do you WAP's support Radius and EAP? Martin Jessa wrote: Hi Guys. I am setting up system for a Wireless ISP trying to figure out how to enable MAC Address Access Control with a radius server. I need to find out how it can be done and what Radius server supports tricks like that. Any ideas? Thanks in advace. YazzY _______________________________________________ freebsd-small@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-small To unsubscribe, send any mail to "freebsd-small-unsubscribe@freebsd.org" --------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 08:58:53 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 88DB916A4BF for ; Wed, 10 Sep 2003 08:58:53 -0700 (PDT) Received: from yazzy.wrs.no (mail.wrs.no [213.236.173.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AAAE43FCB for ; Wed, 10 Sep 2003 08:58:50 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from h311r4iz3r.wrs (localhost [127.0.0.1]) by yazzy.wrs.no (Postfix) with SMTP id A80644127; Wed, 10 Sep 2003 17:58:38 +0200 (CEST) Date: Wed, 10 Sep 2003 17:58:38 +0200 From: Martin Jessa To: badpacket94501@yahoo.com Message-Id: <20030910175838.146e4d3a.freebsd@yazzy.org> In-Reply-To: <20030910022034.54580.qmail@web20808.mail.yahoo.com> References: <20030909121457.672d3b41.freebsd@yazzy.org> <20030910022034.54580.qmail@web20808.mail.yahoo.com> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 15:58:53 -0000 Hi Fred. Yes, they do. They are linux based and pretty flexible. What radius server do you use and forgive me but I am not familiar with Cisco. What does that Cisco 1200 box do? And if you could be so nice and explain me in few words how that setup works. How does the radius server deal with usernames and handing out of IP's based on user's MAC-addresses? Thanks. YazzY On Tue, 9 Sep 2003 19:20:34 -0700 (PDT) Fred wrote: > > > Well, we are doing just that where I work, although it is for an enterprise lan. Using Cisco 1200 in the enterprise with EAP and Radius server. Its pretty easy and doable, at least on our limited scale. Not sure about a large ISP though. Do you WAP's support Radius and EAP? > > > Martin Jessa wrote: > Hi Guys. > > I am setting up system for a Wireless ISP trying to figure out how to enable MAC Address Access Control with a radius server. > I need to find out how it can be done and what Radius server supports tricks like that. > Any ideas? > > Thanks in advace. > YazzY > _______________________________________________ > freebsd-small@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-small > To unsubscribe, send any mail to "freebsd-small-unsubscribe@freebsd.org" > > --------------------------------- > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 09:02:42 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EB0116A4D5 for ; Wed, 10 Sep 2003 09:02:42 -0700 (PDT) Received: from webxone.net (bdsl.66.13.252.74.gte.net [66.13.252.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id AACDD43FF2 for ; Wed, 10 Sep 2003 09:02:40 -0700 (PDT) (envelope-from lisa.usher@integrationone.com) Received: from lisaione ([172.16.1.11]) by webxone.net with Microsoft SMTPSVC(6.0.2600.1106); Wed, 10 Sep 2003 12:02:39 -0400 Message-ID: <004101c377b4$f568f1a0$0b0110ac@lisaione> From: "Lisa Usher" To: "James Godwin" , References: Date: Wed, 10 Sep 2003 12:02:36 -0400 Organization: Integration One, Inc. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-OriginalArrivalTime: 10 Sep 2003 16:02:39.0172 (UTC) FILETIME=[F56A7840:01C377B4] Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 16:02:42 -0000 Hi James, We have been using RAV antivirus for Sendmail Milter. However, RAV was recently sold to Microsoft and well... the rest is history. Their Main distributor here is offering other alternatives to RAV (ie; F-Prot fo Sendmail Milter). We like F-Prot and will probably switch to it once our RAV license has expired. you can check out all the Anti-virus solutions at: http://www.raeinternet.com ----- Original Message ----- From: "James Godwin" To: Sent: Monday, September 08, 2003 11:15 AM Subject: Anti Virus for mail server > Hi, > > There has been no need for Anti Virus on our mail servers as most of our > clients are Mac users and our windows clients have anti virus installed on > their machines. > > Keeping windows virus updated updated is a mission so I was wondering what > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? > > Any ideas would be much appreciated. > > Kind regards, > > James > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 13:53:09 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 67E7416A4BF for ; Wed, 10 Sep 2003 13:53:09 -0700 (PDT) Received: from smaug.vex.net (smaug.vex.net [216.138.210.98]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2ECC543FA3 for ; Wed, 10 Sep 2003 13:53:08 -0700 (PDT) (envelope-from x@Vex.Net) Received: from bee.vii.net (H98.C230.tor.velocet.net [216.138.230.98]) by smaug.vex.net (Postfix) with ESMTP id 4E49648531 for ; Wed, 10 Sep 2003 16:53:08 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by bee.vii.net (Postfix) with ESMTP id 4DA9A5C80 for ; Wed, 10 Sep 2003 16:52:35 -0400 (EDT) From: Tim Middleton Organization: xxvii.net To: freebsd-isp@freebsd.org Date: Wed, 10 Sep 2003 16:52:34 -0400 User-Agent: KMail/1.5.3 X-Whee: Yes, Please. MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200309101652.34637.x@Vex.Net> Subject: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 20:53:09 -0000 I am hoping to move some of the servers in our ISP to FreeBSD. I have been rather hoping 5.2 would be reliable enough, so that we can move to it and enjoy all the -CURRENT goodness. The test server locked up yesterday, during some heavy port building, after running for weeks with no problem. (-; I've not gone to investigate the cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted at all here, so I'm wanting it to make a good impression. I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and while there have been problems now and again with a few builds, once these have been solved my system here has been really very stable, which gave me hope it would be also OK for work... So what is the general opinion of those here? Should i play it safe and go back to 4.x until 5.x becomes officially "stable". Or do people think that for most general purpose stuff 5.x should be generally stable "enough"? "Enough" is a bit of a difficult word to define... of course one wants rock solid for a server... but one may be able to tolerate some sorts of problems as long as they can be sorted out quickly, and things are moving towards ultimate stability in the near future. These aren't huge servers (no multi-processor)... but moderately busy. Running the usual sorts of things... apache, postfix, python, zope, nfs, etc. I realise my post may be a little premature when I haven't even checked out what seems to have taken the test box down yet; but it's been on my mind to solicit opinions here before this happened, so... any thoughts or experiences running 5x on ISP servers to share out there? Are some snapshots known to be better than others? Any tips/tweaks on making 5.x just a little more stable---even at the cost of performance---than a default install (like disabling acpi, as the first thing). -- Tim Middleton | Cain Gang Ltd | A man is rich in proportion to the number of x@veX.net | www.Vex.Net | things which he can afford to let alone. HDT From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 14:07:55 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 57E3A16A4C0 for ; Wed, 10 Sep 2003 14:07:55 -0700 (PDT) Received: from shiva.openaccess.org (shiva.openaccess.org [216.57.214.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2BD9443F93 for ; Wed, 10 Sep 2003 14:07:54 -0700 (PDT) (envelope-from michael@staff.openaccess.org) Received: (from root@localhost) by shiva.openaccess.org (8.12.6p2/8.12.3) id h8AL7iL7002577; Wed, 10 Sep 2003 14:07:44 -0700 (PDT) (envelope-from michael@staff.openaccess.org) Received: from [192.168.1.97] ([216.57.214.121])h8AL7hRr002570; Wed, 10 Sep 2003 14:07:44 -0700 (PDT) (envelope-from michael@staff.openaccess.org) User-Agent: Microsoft-Entourage/10.0.0.1309 Date: Wed, 10 Sep 2003 14:07:54 -0700 From: Michael DeMan To: Tim Middleton , Message-ID: In-Reply-To: <200309101652.34637.x@Vex.Net> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-Virus-Scanned: by AMaViS perl-11 Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 21:07:55 -0000 We have had reasonable luck with 5.1. We have it running our development server (primary NFS exports) and in production for a backup internal monitoring box running OpenNMS with the jdk1.4.1 port. One catch for sure - background fsck crashes the box on Promise RAID1 controllers on both boxes. Disabling background fsck fixed it. I also have 5.1 for a workstation with good results. If you are talking serious production though with the possibilities of failure or problems taking out customer services, I would not do it. My 2-cents. - mike On 9/10/03 1:52 PM, "Tim Middleton" wrote: > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > rather hoping 5.2 would be reliable enough, so that we can move to it and > enjoy all the -CURRENT goodness. > > The test server locked up yesterday, during some heavy port building, after > running for weeks with no problem. (-; I've not gone to investigate the > cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted > at all here, so I'm wanting it to make a good impression. > > I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and > while there have been problems now and again with a few builds, once these > have been solved my system here has been really very stable, which gave me > hope it would be also OK for work... > > So what is the general opinion of those here? Should i play it safe and go > back to 4.x until 5.x becomes officially "stable". Or do people think that > for most general purpose stuff 5.x should be generally stable "enough"? > "Enough" is a bit of a difficult word to define... of course one wants rock > solid for a server... but one may be able to tolerate some sorts of problems > as long as they can be sorted out quickly, and things are moving towards > ultimate stability in the near future. These aren't huge servers (no > multi-processor)... but moderately busy. Running the usual sorts of things... > apache, postfix, python, zope, nfs, etc. > > I realise my post may be a little premature when I haven't even checked out > what seems to have taken the test box down yet; but it's been on my mind to > solicit opinions here before this happened, so... any thoughts or experiences > running 5x on ISP servers to share out there? Are some snapshots known to be > better than others? Any tips/tweaks on making 5.x just a little more > stable---even at the cost of performance---than a default install (like > disabling acpi, as the first thing). Michael F. DeMan Director of Technology OpenAccess Internet Services 1305 11th St., 3rd Floor Bellingham, WA 98225 Tel 360-647-0785 x204 Fax 360-738-9785 michael@staff.openaccess.org From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 14:19:03 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A428316A4DA for ; Wed, 10 Sep 2003 14:19:03 -0700 (PDT) Received: from mail.lambertfam.org (www.lambertfam.org [216.223.208.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id D5E5243FE5 for ; Wed, 10 Sep 2003 14:19:02 -0700 (PDT) (envelope-from lambert@lambertfam.org) Received: from laptop.lambertfam.org (laptop.int.lambertfam.org [10.1.0.2]) by mail.lambertfam.org (Postfix) with ESMTP id 635F834D2B for ; Wed, 10 Sep 2003 17:18:58 -0400 (EDT) Received: by laptop.lambertfam.org (Postfix, from userid 1000) id 55F4F87C0; Wed, 10 Sep 2003 17:18:52 -0400 (EDT) Date: Wed, 10 Sep 2003 17:18:52 -0400 From: Scott Lambert To: freebsd-isp@freebsd.org Message-ID: <20030910211852.GA16992@laptop.lambertfam.org> Mail-Followup-To: freebsd-isp@freebsd.org References: <200309101652.34637.x@Vex.Net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200309101652.34637.x@Vex.Net> User-Agent: Mutt/1.4.1i Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 21:19:03 -0000 On Wed, Sep 10, 2003 at 04:52:34PM -0400, Tim Middleton wrote: > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > rather hoping 5.2 would be reliable enough, so that we can move to it and > enjoy all the -CURRENT goodness. > > what seems to have taken the test box down yet; but it's been on my mind to > solicit opinions here before this happened, so... any thoughts or experiences > running 5x on ISP servers to share out there? Are some snapshots known to be > better than others? Any tips/tweaks on making 5.x just a little more > stable---even at the cost of performance---than a default install (like > disabling acpi, as the first thing). I have my workstation and one not so critical server on 5.x. While they tend to run fine most of the time, there is a performance penalty even with all the debug knobs turned off. Buildworld will probably always take longer of 5.x but on my system, I went from a 35 minute buildworld on 4.x to a 122 minute buildworld on 5.x My kernel builds (including modules) are now about 31 minutes. Also, since it is still -CURRENT, the developers tend to still be ripping out entire subsystems and replacing them with brand new code. I would say, you don't want to consider going to 5.x on production servers at least until 5.2 is -RELEASE. Move your workstations to 5.x now if you want. I'll wait a while after 5.2 to see what is happening development-wise to get a feel for whether or not the codebase has stablized enough to consider taking the production boxes there. I am in no rush to abandon 4.x. -- Scott Lambert KC5MLE Unix SysAdmin lambert@lambertfam.org From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 14:24:13 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11D5816A4BF for ; Wed, 10 Sep 2003 14:24:13 -0700 (PDT) Received: from lapdance.yazzy.org (yazzy.org [217.8.140.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1DD3543F75 for ; Wed, 10 Sep 2003 14:24:12 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.org (Postfix) with SMTP id 591DB4187 for ; Wed, 10 Sep 2003 23:02:45 +0200 (CEST) Date: Wed, 10 Sep 2003 23:02:45 +0200 From: Martin Jessa To: freebsd-isp@freebsd.org Message-Id: <20030910230245.56dea542.freebsd@yazzy.org> In-Reply-To: <200309101652.34637.x@Vex.Net> References: <200309101652.34637.x@Vex.Net> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 21:24:13 -0000 Hi. I moved all our production servers to 5.1. I've never had problems with any of them. I have one 5.1 box doing all sorts of things for a small ISP. It works as vpn server, mail server, web server, router, dns, dhcp, proxy and sql. So far after 2 months of uptime I didnt even have to touch it. The only one I did not dare to touch yet is our firewall and internal dns/dhcp server(years of uptime :) ). Hell, I even run one production box on 5.1-CURRENT and it works great. I'd say 5.1 works well enough to use it on servers. On Wed, 10 Sep 2003 16:52:34 -0400 Tim Middleton wrote: > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > rather hoping 5.2 would be reliable enough, so that we can move to it and > enjoy all the -CURRENT goodness. > > The test server locked up yesterday, during some heavy port building, after > running for weeks with no problem. (-; I've not gone to investigate the > cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted > at all here, so I'm wanting it to make a good impression. > > I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and > while there have been problems now and again with a few builds, once these > have been solved my system here has been really very stable, which gave me > hope it would be also OK for work... > > So what is the general opinion of those here? Should i play it safe and go > back to 4.x until 5.x becomes officially "stable". Or do people think that > for most general purpose stuff 5.x should be generally stable "enough"? > "Enough" is a bit of a difficult word to define... of course one wants rock > solid for a server... but one may be able to tolerate some sorts of problems > as long as they can be sorted out quickly, and things are moving towards > ultimate stability in the near future. These aren't huge servers (no > multi-processor)... but moderately busy. Running the usual sorts of things... > apache, postfix, python, zope, nfs, etc. > > I realise my post may be a little premature when I haven't even checked out > what seems to have taken the test box down yet; but it's been on my mind to > solicit opinions here before this happened, so... any thoughts or experiences > running 5x on ISP servers to share out there? Are some snapshots known to be > better than others? Any tips/tweaks on making 5.x just a little more > stable---even at the cost of performance---than a default install (like > disabling acpi, as the first thing). > > -- > Tim Middleton | Cain Gang Ltd | A man is rich in proportion to the number of > x@veX.net | www.Vex.Net | things which he can afford to let alone. HDT > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 14:30:01 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E983E16A4BF for ; Wed, 10 Sep 2003 14:30:00 -0700 (PDT) Received: from thud.tbe.net (thud.tbe.net [209.123.109.174]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2630543FE5 for ; Wed, 10 Sep 2003 14:30:00 -0700 (PDT) (envelope-from gary@tbe.net) Received: by thud.tbe.net (Postfix, from userid 1001) id 768141C946D; Wed, 10 Sep 2003 17:07:41 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by thud.tbe.net (Postfix) with ESMTP id 729A3DCE62; Wed, 10 Sep 2003 17:07:41 -0400 (EDT) Date: Wed, 10 Sep 2003 17:07:41 -0400 (EDT) From: "Gary D. Margiotta" To: Tim Middleton In-Reply-To: <200309101652.34637.x@Vex.Net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 21:30:01 -0000 All my production servers are running some variant of 4.x, mostly 4-STABLE, although I have some 4.x-RELEASE boxes still running original installs. I won't upgrade my production machines, which house customer web services until at the very least 5-CURRENT branches off into 5-STABLE and 6-CURRENT. I'm hoping to test outa build for a new production box after 5.2-RELEASE, but probably won't be doing any serious upgrades until 5.3 at the earliest. We're running a couple 5-CURRENT boxes for personal machines, workstations, etc, but 4.x is rock solid, and still has more than enough horsepower for our applications. If you want to make an impression, use 4-STABLE, show them how rock solid the boxes are, and then tell them that they're only going to get better when 5.x comes production ready. -Gary Running Windows is kinda like playing blackjack: User stays on success, reboots on failure On Wed, 10 Sep 2003, Tim Middleton wrote: > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > rather hoping 5.2 would be reliable enough, so that we can move to it and > enjoy all the -CURRENT goodness. > > The test server locked up yesterday, during some heavy port building, after > running for weeks with no problem. (-; I've not gone to investigate the > cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted > at all here, so I'm wanting it to make a good impression. > > I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and > while there have been problems now and again with a few builds, once these > have been solved my system here has been really very stable, which gave me > hope it would be also OK for work... > > So what is the general opinion of those here? Should i play it safe and go > back to 4.x until 5.x becomes officially "stable". Or do people think that > for most general purpose stuff 5.x should be generally stable "enough"? > "Enough" is a bit of a difficult word to define... of course one wants rock > solid for a server... but one may be able to tolerate some sorts of problems > as long as they can be sorted out quickly, and things are moving towards > ultimate stability in the near future. These aren't huge servers (no > multi-processor)... but moderately busy. Running the usual sorts of things... > apache, postfix, python, zope, nfs, etc. > > I realise my post may be a little premature when I haven't even checked out > what seems to have taken the test box down yet; but it's been on my mind to > solicit opinions here before this happened, so... any thoughts or experiences > running 5x on ISP servers to share out there? Are some snapshots known to be > better than others? Any tips/tweaks on making 5.x just a little more > stable---even at the cost of performance---than a default install (like > disabling acpi, as the first thing). > > -- > Tim Middleton | Cain Gang Ltd | A man is rich in proportion to the number of > x@veX.net | www.Vex.Net | things which he can afford to let alone. HDT > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 14:51:14 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E327A16A4BF for ; Wed, 10 Sep 2003 14:51:14 -0700 (PDT) Received: from aragorn.summit.net.au (aragorn.summit.net.au [203.221.180.33]) by mx1.FreeBSD.org (Postfix) with ESMTP id A272543FBF for ; Wed, 10 Sep 2003 14:51:13 -0700 (PDT) (envelope-from lachlan@fatpanda.net) Received: from 127.0.0.1 (localhost [127.0.0.1]) by mail.summit.net.au (Postfix) with SMTP id 802DC14CE0 for ; Thu, 11 Sep 2003 07:51:09 +1000 (EST) Received: from felix (project.summit.net.au [218.185.87.4]) by aragorn.summit.net.au (Postfix) with SMTP id 2298814CD0 for ; Thu, 11 Sep 2003 07:51:09 +1000 (EST) From: "Lachlan" To: Date: Thu, 11 Sep 2003 07:51:12 +1000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <200309101652.34637.x@Vex.Net> Importance: Normal Subject: RE: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 21:51:15 -0000 All of my production servers at work run 4.x I can goto bed at night feeling safe that my servers will not crash during the night for some unforseen reason. I'm with gary 100%. If you want to make a good impression, don't risk 5.x, start with 4. Regards, Lachlan -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Tim Middleton Sent: Thursday, September 11, 2003 6:53 AM To: freebsd-isp@freebsd.org Subject: is 5.x still too unstable? I am hoping to move some of the servers in our ISP to FreeBSD. I have been rather hoping 5.2 would be reliable enough, so that we can move to it and enjoy all the -CURRENT goodness. The test server locked up yesterday, during some heavy port building, after running for weeks with no problem. (-; I've not gone to investigate the cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted at all here, so I'm wanting it to make a good impression. I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and while there have been problems now and again with a few builds, once these have been solved my system here has been really very stable, which gave me hope it would be also OK for work... So what is the general opinion of those here? Should i play it safe and go back to 4.x until 5.x becomes officially "stable". Or do people think that for most general purpose stuff 5.x should be generally stable "enough"? "Enough" is a bit of a difficult word to define... of course one wants rock solid for a server... but one may be able to tolerate some sorts of problems as long as they can be sorted out quickly, and things are moving towards ultimate stability in the near future. These aren't huge servers (no multi-processor)... but moderately busy. Running the usual sorts of things... apache, postfix, python, zope, nfs, etc. I realise my post may be a little premature when I haven't even checked out what seems to have taken the test box down yet; but it's been on my mind to solicit opinions here before this happened, so... any thoughts or experiences running 5x on ISP servers to share out there? Are some snapshots known to be better than others? Any tips/tweaks on making 5.x just a little more stable---even at the cost of performance---than a default install (like disabling acpi, as the first thing). -- Tim Middleton | Cain Gang Ltd | A man is rich in proportion to the number of x@veX.net | www.Vex.Net | things which he can afford to let alone. HDT _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 22:42:26 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69BDE16A4BF for ; Wed, 10 Sep 2003 22:42:26 -0700 (PDT) Received: from mail.aros.net (mail.aros.net [66.219.192.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDEAB43FF7 for ; Wed, 10 Sep 2003 22:42:25 -0700 (PDT) (envelope-from dreamboy@aros.net) Received: from dreamboy.private.aros.net (firebat.aros.net [66.219.192.36]) by mail.aros.net (8.12.9/8.12.8) with ESMTP id h8B5gO4S079036 for ; Wed, 10 Sep 2003 23:42:24 -0600 (MDT) (envelope-from dreamboy@aros.net) From: Devin To: freebsd-isp@freebsd.org Content-Type: text/plain Message-Id: <1063258944.19647.5.camel@dreamboy.private.aros.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.3 (1.4.3-3) Date: 10 Sep 2003 23:42:24 -0600 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by mail.aros.net with amavisd-milter (http://amavis.org/) Subject: FreeBSD 4.9-PRERELEASE SMP Problem! X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 05:42:26 -0000 We currently have a Dual Athlon MP 2000+ Processor machine using an ASUS A7M266-D motherboard running the latest FreeBSD Stable source. What happened is the main drive in the machine decided to stop working so I put in a new hard drive and restore the system onto the machine using the restore command. I notice that now when the machine tries to boot up using the SMP kernel it gets to the point where it says "CPU #1 Launched" and then the machine reboots. I notice that if I boot the machine up with 1 processor kernel it boots just fine. After looking at the dmesg output it appears that a normal kernel would normally do: Waiting 5 seconds for SCSI devices to settle Mounting root from ufs:da0s1a So it appears maybe when in the SMP kernel it reboots around the time that it is suppose to be mounting the main root filesystem? I checked and the BIOS is seeing both processors just fine I am just not sure what could be the problem since I have never seen this behavior before. Any ideas would help greatly. Devin Atencio From owner-freebsd-isp@FreeBSD.ORG Wed Sep 10 23:55:54 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D76616A4BF for ; Wed, 10 Sep 2003 23:55:54 -0700 (PDT) Received: from light.sdf.com (light.sdf.com [207.200.153.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id EB9DE4400F for ; Wed, 10 Sep 2003 23:55:52 -0700 (PDT) (envelope-from tom@sdf.com) Received: from tom (helo=localhost) by light.sdf.com with local-esmtp (Exim 4.22) id 19xLOL-0004XF-TF; Wed, 10 Sep 2003 23:57:21 -0700 Date: Wed, 10 Sep 2003 23:57:21 -0700 (PDT) From: Tom To: Scott Lambert In-Reply-To: <20030910211852.GA16992@laptop.lambertfam.org> Message-ID: <20030910235202.L45512@light.sdf.com> References: <200309101652.34637.x@Vex.Net> <20030910211852.GA16992@laptop.lambertfam.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 06:55:54 -0000 On Wed, 10 Sep 2003, Scott Lambert wrote: > On Wed, Sep 10, 2003 at 04:52:34PM -0400, Tim Middleton wrote: > > > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > > rather hoping 5.2 would be reliable enough, so that we can move to it and > > enjoy all the -CURRENT goodness. > > > > what seems to have taken the test box down yet; but it's been on my mind to > > solicit opinions here before this happened, so... any thoughts or experiences > > running 5x on ISP servers to share out there? Are some snapshots known to be > > better than others? Any tips/tweaks on making 5.x just a little more > > stable---even at the cost of performance---than a default install (like > > disabling acpi, as the first thing). > > I have my workstation and one not so critical server on 5.x. While they > tend to run fine most of the time, there is a performance penalty even > with all the debug knobs turned off. Buildworld will probably always > take longer of 5.x but on my system, I went from a 35 minute buildworld > on 4.x to a 122 minute buildworld on 5.x My kernel builds (including > modules) are now about 31 minutes. This doesn't necessary mean that FreeBSD 5.x is slower than 4.x. It could mean that gcc has gotten slower, which is well known. Supposedly the new gcc produces better code. Plus, there is simply more code to compile in 5.x. Everything is bigger. There are drivers, and the updated userland is bigger. > Also, since it is still -CURRENT, the developers tend to still be > ripping out entire subsystems and replacing them with brand new code. > > I would say, you don't want to consider going to 5.x on production > servers at least until 5.2 is -RELEASE. Move your workstations to 5.x > now if you want. > > I'll wait a while after 5.2 to see what is happening development-wise > to get a feel for whether or not the codebase has stablized enough to > consider taking the production boxes there. > > I am in no rush to abandon 4.x. > > -- > Scott Lambert KC5MLE Unix SysAdmin > lambert@lambertfam.org Tom From owner-freebsd-isp@FreeBSD.ORG Thu Sep 11 03:11:07 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A28A716A4BF for ; Thu, 11 Sep 2003 03:11:07 -0700 (PDT) Received: from hotmail.com (sea1-f76.sea1.hotmail.com [207.68.163.76]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C94543FB1 for ; Thu, 11 Sep 2003 03:11:07 -0700 (PDT) (envelope-from sajjadw21@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 11 Sep 2003 03:11:06 -0700 Received: from 202.176.253.202 by sea1fd.sea1.hotmail.msn.com with HTTP; Thu, 11 Sep 2003 10:11:06 GMT X-Originating-IP: [202.176.253.202] X-Originating-Email: [sajjadw21@hotmail.com] From: "mouhammad sajjad" To: freebsd-isp@freebsd.org Date: Thu, 11 Sep 2003 10:11:06 +0000 Message-ID: X-OriginalArrivalTime: 11 Sep 2003 10:11:06.0911 (UTC) FILETIME=[03DC9AF0:01C3784D] MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Modem dialin problem X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 10:11:07 -0000 _________________________________________________________________ Protect your PC - [1]Click here for McAfee.com VirusScan Online References 1. http://g.msn.com/8HMMEN/2755??PS= From owner-freebsd-isp@FreeBSD.ORG Thu Sep 11 08:55:57 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A559616A4BF for ; Thu, 11 Sep 2003 08:55:57 -0700 (PDT) Received: from h2.liquidneon.com (h2.liquidneon.com [38.116.133.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id EAE2F43FBF for ; Thu, 11 Sep 2003 08:55:56 -0700 (PDT) (envelope-from bdavis@house.so14k.com) Received: (qmail 21786 invoked from network); 11 Sep 2003 15:55:56 -0000 Received: from 12-235-234-120.client.attbi.com (HELO mccaffrey.house.so14k.com) (@12.235.234.120) by h2.liquidneon.com with SMTP; 11 Sep 2003 15:55:56 -0000 Received: by mccaffrey.house.so14k.com (Postfix, from userid 1001) id 926B7638; Thu, 11 Sep 2003 09:55:55 -0600 (MDT) Date: Thu, 11 Sep 2003 09:55:55 -0600 From: Brad Davis To: freebsd-isp@freebsd.org Message-ID: <20030911155555.GA52373@mccaffrey.house.so14k.com> Mail-Followup-To: freebsd-isp@freebsd.org References: <200309101652.34637.x@Vex.Net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200309101652.34637.x@Vex.Net> User-Agent: Mutt/1.4.1i Subject: Re: is 5.x still too unstable? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 15:55:57 -0000 I would say yes, wait. I'm waiting till 5.3 or so, after 5-STABLE has been created and bugs have been worked out, this is extremely important for production servers. -B On Wed, Sep 10, 2003 at 04:52:34PM -0400, Tim Middleton wrote: > > I am hoping to move some of the servers in our ISP to FreeBSD. I have been > rather hoping 5.2 would be reliable enough, so that we can move to it and > enjoy all the -CURRENT goodness. > > The test server locked up yesterday, during some heavy port building, after > running for weeks with no problem. (-; I've not gone to investigate the > cause yet. But it has me nervous. It's been difficult to get FreeBSD accepted > at all here, so I'm wanting it to make a good impression. > > I have run 5 at home since 5.0-Release (currently 20030821 snapshot); and > while there have been problems now and again with a few builds, once these > have been solved my system here has been really very stable, which gave me > hope it would be also OK for work... > > So what is the general opinion of those here? Should i play it safe and go > back to 4.x until 5.x becomes officially "stable". Or do people think that > for most general purpose stuff 5.x should be generally stable "enough"? > "Enough" is a bit of a difficult word to define... of course one wants rock > solid for a server... but one may be able to tolerate some sorts of problems > as long as they can be sorted out quickly, and things are moving towards > ultimate stability in the near future. These aren't huge servers (no > multi-processor)... but moderately busy. Running the usual sorts of things... > apache, postfix, python, zope, nfs, etc. > > I realise my post may be a little premature when I haven't even checked out > what seems to have taken the test box down yet; but it's been on my mind to > solicit opinions here before this happened, so... any thoughts or experiences > running 5x on ISP servers to share out there? Are some snapshots known to be > better than others? Any tips/tweaks on making 5.x just a little more > stable---even at the cost of performance---than a default install (like > disabling acpi, as the first thing). > > -- > Tim Middleton | Cain Gang Ltd | A man is rich in proportion to the number of > x@veX.net | www.Vex.Net | things which he can afford to let alone. HDT > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Sep 11 11:21:48 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F263716A4BF for ; Thu, 11 Sep 2003 11:21:48 -0700 (PDT) Received: from ns1.unixmexico.net (ns1.unixmexico.net [69.10.138.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id E662D43FFB for ; Thu, 11 Sep 2003 11:21:47 -0700 (PDT) (envelope-from nbari@unixmexico.com) Received: (qmail 2049 invoked by uid 85); 11 Sep 2003 18:26:12 -0000 Received: from nbari@unixmexico.com by ns1.unixmexico.net by uid 82 with qmail-scanner-1.16 (hbedv: 6.20.0.1/6.20.0.36. Clear:. Processed in 0.316355 secs); 11 Sep 2003 18:26:12 -0000 Received: from ns1.unixmexico.net (HELO mail.unixmexico.com) ([69.10.138.161]) (envelope-sender ) by ns1.unixmexico.net (qmail-ldap-1.03) with SMTP for ; 11 Sep 2003 18:26:11 -0000 Received: from 148.243.211.1 (SquirrelMail authenticated user nbari@unixmexico.com) by mail.unixmexico.com with HTTP; Thu, 11 Sep 2003 13:26:11 -0500 (CDT) Message-ID: <63396.148.243.211.1.1063304771.squirrel@mail.unixmexico.com> Date: Thu, 11 Sep 2003 13:26:11 -0500 (CDT) From: nbari@unixmexico.com To: freebsd-isp@freebsd.org User-Agent: SquirrelMail/1.4.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal Subject: only one user logged per session/time X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 18:21:49 -0000 Hello, I have a server with ssh access to the users, but how can I allow only one user to be logged at a time. I dont want to allow a user to login multiple times, I just want the user to login onece and if he try to open a second coneection, refuse the user until the session is over or the user is allready loged. thanks in advance. From owner-freebsd-isp@FreeBSD.ORG Thu Sep 11 11:34:16 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D764516A4BF for ; Thu, 11 Sep 2003 11:34:16 -0700 (PDT) Received: from mail.yazzy.org (yazzy.org [217.8.140.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id D262243FE5 for ; Thu, 11 Sep 2003 11:34:15 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by mail.yazzy.org (Postfix) with ESMTP id DCE0739814 for ; Thu, 11 Sep 2003 20:34:09 +0200 (CEST) Received: from mail.yazzy.org ([127.0.0.1]) by localhost (urukhai.yazzy.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 36070-05 for ; Thu, 11 Sep 2003 20:34:09 +0200 (CEST) Received: from h3llr41z3r (yazzy [192.168.98.11]) by mail.yazzy.org (Postfix) with SMTP id 313043980F for ; Thu, 11 Sep 2003 20:34:07 +0200 (CEST) Date: Thu, 11 Sep 2003 20:13:39 +0200 From: Martin Jessa To: freebsd-isp@freebsd.org Message-Id: <20030911201339.24a5f27b.freebsd@yazzy.org> In-Reply-To: <63396.148.243.211.1.1063304771.squirrel@mail.unixmexico.com> References: <63396.148.243.211.1.1063304771.squirrel@mail.unixmexico.com> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.0claws (GTK+ 1.2.10; i686-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: only one user logged per session/time X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 18:34:17 -0000 Are you concerned how much cpu and ram each ssh session spawns? If you do that, make sure users cannot compile screen in their home dirs. Otherwise I think it's pointless. On Thu, 11 Sep 2003 13:26:11 -0500 (CDT) nbari@unixmexico.com wrote: > Hello, I have a server with ssh access to the users, but how can I allow > only one user to be logged at a time. > > I dont want to allow a user to login multiple times, I just want the user > to login onece and if he try to open a second coneection, refuse the user > until the session is over or the user is allready loged. > > > thanks in advance. > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Sep 11 12:52:44 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDB8316A4BF for ; Thu, 11 Sep 2003 12:52:44 -0700 (PDT) Received: from web20708.mail.yahoo.com (web20708.mail.yahoo.com [216.136.226.181]) by mx1.FreeBSD.org (Postfix) with SMTP id 1CE7D43FFD for ; Thu, 11 Sep 2003 12:52:44 -0700 (PDT) (envelope-from lannygodsey@yahoo.com) Message-ID: <20030911195243.18692.qmail@web20708.mail.yahoo.com> Received: from [63.168.117.22] by web20708.mail.yahoo.com via HTTP; Thu, 11 Sep 2003 12:52:43 PDT Date: Thu, 11 Sep 2003 12:52:43 -0700 (PDT) From: Lanny Godsey To: freebsd-isp@freebsd.org In-Reply-To: <63396.148.243.211.1.1063304771.squirrel@mail.unixmexico.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: only one user logged per session/time X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: lannygodsey@yahoo.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2003 19:52:44 -0000 (my first reply was direct and not to list, someone else may use this also) This isn't exactly what you want, but you may want to look at /etc/login.conf and limit the # of processes, memory, and files a user may have open. add the following to /etc/login.conf, then run cap_mkdb /etc/login.conf onelogin:\ :tc=default:\ :shell=/usr/local/bin/onelogin: place the following into /usr/local/bin/onelogin ------------------------------------------------------ #!/bin/sh # set the limit here. CNT=1 MYUID=`id -u` DEVS=`find /dev -user $MYUID | wc -l` if [ $DEVS -gt $CNT ]; then echo Sorry, this system has limited you to only $CNT simultanious connections. exit fi # read users shell from passwd (this won't work with nis) MYSHELL=`grep ^$USER: /etc/passwd | cut -d : -f 7` # some /bin/sh variants may not allow to write to $SHELL SHELL=$MYSHELL # set the shell you want here exec $MYSHELL ----------------------------------------------------------------- pw usermod james -L onelogin now james should be limited to 1 login. you can also change CNT=2 to limit to 2 etc... I just wrote this when I got your email so be sure to test first, if you have any questions let me know. --- nbari@unixmexico.com wrote: > Hello, I have a server with ssh access to the users, but how can I > allow > only one user to be logged at a time. > > I dont want to allow a user to login multiple times, I just want the > user > to login onece and if he try to open a second coneection, refuse the > user > until the session is over or the user is allready loged. > > > thanks in advance. From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 00:08:38 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8EEEA16A4BF for ; Fri, 12 Sep 2003 00:08:38 -0700 (PDT) Received: from flash.mipk-kspu.kharkov.ua (flash.mipk-kspu.kharkov.ua [194.44.157.113]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42A1C43FF2 for ; Fri, 12 Sep 2003 00:08:27 -0700 (PDT) (envelope-from artem@mipk.kharkiv.edu) Received: from www.mipk.kharkiv.edu (flash.mipk-kspu.kharkov.ua [194.44.157.113])h8C76DH4042154 for ; Fri, 12 Sep 2003 10:06:19 +0300 (EEST) (envelope-from artem@mipk.kharkiv.edu) Received: from 192.168.9.37 (SquirrelMail authenticated user artem) by www.mipk.kharkiv.edu with HTTP; Fri, 12 Sep 2003 10:06:19 +0300 (EEST) Message-ID: <1174.192.168.9.37.1063350380.squirrel@www.mipk.kharkiv.edu> In-Reply-To: <20030911195243.18692.qmail@web20708.mail.yahoo.com> References: <63396.148.243.211.1.1063304771.squirrel@mail.unixmexico.com> <20030911195243.18692.qmail@web20708.mail.yahoo.com> Date: Fri, 12 Sep 2003 10:06:19 +0300 (EEST) From: "Artyom V. Viklenko" To: freebsd-isp@freebsd.org User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=koi8-r X-Priority: 3 Importance: Normal Subject: Re: only one user logged per session/time X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 07:08:38 -0000 Something similar can be placed into system-wide profiles such as /etc/profile or /etc/csh.login. So, there will be no need to read passwd file and NIS-aware systems will work fine. And it will be transparent in terms of creating new users - no need separate login class. Also, there is no problem with rewritting environment variables (which some times can be set "readonly" due to security considerations). Lanny Godsey wrote: > > This isn't exactly what you want, but you may want to look at > /etc/login.conf and limit the # of processes, memory, and files a user > may have open. > > add the following to /etc/login.conf, then run cap_mkdb /etc/login.conf > > onelogin:\ > :tc=default:\ > :shell=/usr/local/bin/onelogin: > > > place the following into /usr/local/bin/onelogin > ------------------------------------------------------ > #!/bin/sh > # set the limit here. > CNT=1 > MYUID=`id -u` > DEVS=`find /dev -user $MYUID | wc -l` > if [ $DEVS -gt $CNT ]; then > echo Sorry, this system has limited you to only $CNT simultanious > connections. > exit > fi > # read users shell from passwd (this won't work with nis) > MYSHELL=`grep ^$USER: /etc/passwd | cut -d : -f 7` > # some /bin/sh variants may not allow to write to $SHELL > SHELL=$MYSHELL > # set the shell you want here > exec $MYSHELL > > ----------------------------------------------------------------- > -- Sincerely yours, Artyom V. Viklenko. ====================================================== System Administrator artem@mipk.kharkiv.edu ------------------------------------------------------ IIAT NTU "KhPI" 21, Frunze Str., Kharkov Ukraine 61002 Phone: +380 (572) 400026 Fax: +380 (572) 474062 ====================================================== From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 01:47:00 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51D2716A4BF for ; Fri, 12 Sep 2003 01:47:00 -0700 (PDT) Received: from marklar.blazingdot.com (marklar.blazingdot.com [207.154.84.83]) by mx1.FreeBSD.org (Postfix) with SMTP id BDD0B43FA3 for ; Fri, 12 Sep 2003 01:46:59 -0700 (PDT) (envelope-from marcus@blazingdot.com) Received: (qmail 54951 invoked by uid 503); 12 Sep 2003 08:46:59 -0000 Date: Fri, 12 Sep 2003 01:46:59 -0700 From: Marcus Reid To: James Godwin Message-ID: <20030912084659.GA53607@blazingdot.com> References: <1062767877.8cbd42c952096@mail.encontacto.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Coffee-Level: nearly-fatal User-Agent: Mutt/1.5.4i cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 08:47:00 -0000 On Mon, Sep 08, 2003 at 05:15:21PM +0200, James Godwin wrote: > Hi, > > There has been no need for Anti Virus on our mail servers as most of our > clients are Mac users and our windows clients have anti virus installed on > their machines. > > Keeping windows virus updated updated is a mission so I was wondering what > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? > > Any ideas would be much appreciated. To answer your question, I would check out Sophos antivirus running under sophie. I have found it to be ~10x faster than f-prot (standalone, not the daemonized scanner which may be faster) in an email content filter. To try and convert you to postfix: I've spent a lot of time with qmail/qmail-scanner, sendmail/mailscanner, and postfix/amavisd-new. Of these, here are my personal findings: qmail: Excellent, flexible, reliable system. Best if all you want is a mechanism for transferring rfc2822 messages over SMTP. However, once you want fancy functionality like TLS and smtp-auth and spam/virus filtering and other spam tactics, qmail starts looking a little stiff. I was a qmail buff for years and still use it for machines that just need plain-jane MTAs. sendmail: Ugh. Sheer pain. A misbehaving beast that should be put onto a rocket and launched into the sun. postfix: Excellent, powerful MTA. I've found it to perform gracefully under pressure, very efficient, good architecture, good ability to clean up when spammers make a mess of you, good content filtering, and a big bag of tricks for taming email in a world full of resource stealing spammers. My current choice for machines that have to handle a lot of email and do things with it. My only complaint is that I like qmail's configuration better. But postfix config was influenced by Sendmail (see above.) so I forgive it. Oh, and the postfix-users mailing list has almost as much traffic as freebsd-questions, with Weitese himself joining in almost every meaningful discussion. Ok, I'll stop now. Marcus From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 02:03:14 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0FC7016A4BF for ; Fri, 12 Sep 2003 02:03:14 -0700 (PDT) Received: from smtp.volant.org (gate.volant.org [207.111.218.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id E75C643F3F for ; Fri, 12 Sep 2003 02:03:12 -0700 (PDT) (envelope-from patl+freebsd@volant.org) Received: from 64-144-229-193.client.dsl.net ([64.144.229.193] helo=[192.168.0.13]) by smtp.volant.org with asmtp (TLSv1:AES256-SHA:256) (Exim 4.22) id 19xjpe-000KsU-0c; Fri, 12 Sep 2003 02:03:10 -0700 Date: Fri, 12 Sep 2003 02:03:07 -0700 From: Pat Lashley To: Marcus Reid , James Godwin Message-ID: <3374345408.1063357387@mccaffrey.phoenix.volant.org> In-Reply-To: <20030912084659.GA53607@blazingdot.com> References: <1062767877.8cbd42c952096@mail.encontacto.net> <20030912084659.GA53607@blazingdot.com> X-Mailer: Mulberry/3.1.0b6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Scan-Signature: 0db5de692798f57a946dd77142aa123974f89bbf X-Spam-Score: 1.9 (+) X-Spam-Score-Int: 19 X-Spam-Report: 1.9/5.0 This mail has matched the spam-filter tests listed below. See http://spamassassin.org/tag/ for details about the specific tests reported. In general, the higher the number of total points, the more likely that it actually is spam. (The 'required' number of points listed below is the arbitrary number above which the message is normally considered spam.) Content analysis details: (1.90 points total, 5 required)header IN_REP_TO (-0.5 points) Has a In-Reply-To header quoted email textrelays.osirusoft.com [RBL check: found 193.229.144.64.relays.osirusoft.com.] REPLY_WITH_QUOTES (-0.5 points) Reply with quoted text AWL (3.3 points) AWL: Auto-whitelist adjustment cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 09:03:14 -0000 --On Friday, September 12, 2003 01:46:59 -0700 Marcus Reid wrote: > On Mon, Sep 08, 2003 at 05:15:21PM +0200, James Godwin wrote: >> Hi, >> >> There has been no need for Anti Virus on our mail servers as most of our >> clients are Mac users and our windows clients have anti virus installed >> on their machines. I've got a mostly FreeBSD/Solaris/MacOS X/Linux shop; and found it was worth putting in virus checking just so we wouldn't have to wade through the piles of sobig.f crap in our mailboxes. > I've spent a lot of time with qmail/qmail-scanner, sendmail/mailscanner, > and postfix/amavisd-new. Of these, here are my personal findings: > > qmail: ... > > sendmail: ... > > postfix: ... This list really can't be considered to be anywhere near complete without including Exim. Particularly the latest versions with the exiscan-acl patches. Those not only allow you to integrate virus scanning and anti- spam features into a powerful, flexible ACL; those ACLs let you reject the offending message while the SMTP connection is still open. (So no undeliverable bounce messages clogging up your outgoing queues.) (The FreeBSD mail/exim port automatically includes the exiscan-acl patches.) Exim is easy to configure, -very- flexible, and capable of handling fairly large traffic levels if required. I can also heartily recommend clamav as a virus scanner. (Also installable via a port. As is SpamAssassin.) -Pat From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 03:12:41 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4983716A4BF for ; Fri, 12 Sep 2003 03:12:41 -0700 (PDT) Received: from yazzy.wrs.no (mail.wrs.no [213.236.173.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CECB4400E for ; Fri, 12 Sep 2003 03:12:39 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from h311r4iz3r.wrs (localhost [127.0.0.1]) by yazzy.wrs.no (Postfix) with SMTP id DABA540B1 for ; Fri, 12 Sep 2003 12:12:35 +0200 (CEST) Date: Fri, 12 Sep 2003 12:12:35 +0200 From: Martin Jessa To: freebsd-isp Message-Id: <20030912121235.7defa99d.freebsd@yazzy.org> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Mac-address based auth with Radius for wlans X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 10:12:41 -0000 Hi Guys. I have Wireless Acess Points which are able to talk to Raius servers. I was wondering if it was possible to somehow combine Mac-address authentication with SQL stored user data, i.e username@domain.com with some pass will get his MAC-address stored in a database when he authenticates and then he gets an IP handed out by the Radius server. Is there any tool that can do that ? Thanks in advance, YazzY From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 06:55:58 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8794816A4BF for ; Fri, 12 Sep 2003 06:55:58 -0700 (PDT) Received: from mordrede.visionsix.com (mordrede.visionsix.com [65.202.119.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A46A43F75 for ; Fri, 12 Sep 2003 06:55:54 -0700 (PDT) (envelope-from lists@visionsix.com) Received: from vsis169 (unverified [65.202.119.169]) by mordrede.visionsix.com (Vircom SMTPRS 2.1.258) with SMTP id ; Fri, 12 Sep 2003 08:55:52 -0500 Message-ID: <00d301c37935$88ac0bb0$df0a0a0a@vsis169> From: "Lewis Watson" To: "Pat Lashley" , References: <1062767877.8cbd42c952096@mail.encontacto.net> <20030912084659.GA53607@blazingdot.com> <3374345408.1063357387@mccaffrey.phoenix.volant.org> Date: Fri, 12 Sep 2003 08:55:32 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 13:55:58 -0000 > This list really can't be considered to be anywhere near complete without > including Exim. > > Exim is easy to configure, -very- flexible, and capable of handling > fairly large traffic levels if required. I was hoping someone would bring up Exim. I currently have most of our services (WWW, MySQL, DNS, RADIUS etc etc running on FreeBSD servers. The one big exception is our mail server and the plans are to move it to FreeBSD sometime during the next several months. Based on the little bit of preliminary research I have done Exim seems to keep coming back to be the front running contender for our MTA. If you have any good basic tutuorial sites for Exim and needed counterparts for virus scanning and spam filtering with it please post them. Thank you for your time. Lewis From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 07:03:15 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB7EE16A4BF for ; Fri, 12 Sep 2003 07:03:15 -0700 (PDT) Received: from omoikane.mb.skyweb.ca (209-5-243-50.mb.skyweb.ca [209.5.243.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF10943F3F for ; Fri, 12 Sep 2003 07:03:14 -0700 (PDT) (envelope-from mark@omoikane.mb.skyweb.ca) Received: from omoikane.mb.skyweb.ca (localhost [127.0.0.1]) by omoikane.mb.skyweb.ca (8.12.9/8.12.9) with ESMTP id h8CE3CSo001413; Fri, 12 Sep 2003 09:03:12 -0500 (CDT) (envelope-from mark@omoikane.mb.skyweb.ca) Received: (from mark@localhost) by omoikane.mb.skyweb.ca (8.12.9/8.12.9/Submit) id h8CE3CVL001412; Fri, 12 Sep 2003 09:03:12 -0500 (CDT) Date: Fri, 12 Sep 2003 09:03:12 -0500 From: Mark Johnston To: Martin Jessa Message-ID: <20030912140312.GC1191@omoikane.mb.skyweb.ca> Mail-Followup-To: Martin Jessa , freebsd-isp References: <20030912121235.7defa99d.freebsd@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030912121235.7defa99d.freebsd@yazzy.org> User-Agent: Mutt/1.4.1i cc: freebsd-isp Subject: Re: Mac-address based auth with Radius for wlans X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 14:03:16 -0000 Martin Jessa wrote: > I was wondering if it was possible to somehow combine Mac-address > authentication with SQL stored user data, i.e username@domain.com > with some pass will get his MAC-address stored in a database when he > authenticates and then he gets an IP handed out by the Radius server. > Is there any tool that can do that ? If you're willing to do a bit of setup work, I'd try OpenRADIUS (http://www.openradius.net). It's more of a RADIUS framework than a server, in that you create a "behaviour" file, which is basically a script that it runs in order to respond to requests. You can specify an external program to mung the packet at any point, and it handles things like forking, multiple instances, resource management, etc. I've implemented such esoteric things as 3G MILENAGE authentication in it with little trouble. I'm confident that if it can be done with RADIUS, it can be done in OpenRADIUS. :) I haven't run the server under load, but during testing it felt very solid; still, YMMV. I don't think it's available in ports, but it built cleanly on 4.x last I tried. Mark From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 07:36:28 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 597B416A4BF for ; Fri, 12 Sep 2003 07:36:28 -0700 (PDT) Received: from accounts.amigo.net (pop.amigo.net [209.94.64.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D4B543FF3 for ; Fri, 12 Sep 2003 07:36:27 -0700 (PDT) (envelope-from randys@amigo.net) Received: from stalker.amigo.net ([209.94.67.250]) by accounts.amigo.net with esmtp; Fri, 12 Sep 2003 08:36:25 -0600 Date: Fri, 12 Sep 2003 08:36:25 -0600 (MDT) From: Randy Smith X-X-Sender: randy@stalker.amigo.net To: Martin Jessa In-Reply-To: <20030912121235.7defa99d.freebsd@yazzy.org> Message-ID: <20030912083201.P580@stalker.amigo.net> References: <20030912121235.7defa99d.freebsd@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-isp Subject: Re: Mac-address based auth with Radius for wlans X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 14:36:28 -0000 On Fri, 12 Sep 2003, Martin Jessa wrote: > Date: Fri, 12 Sep 2003 12:12:35 +0200 > From: Martin Jessa > To: freebsd-isp > Subject: Mac-address based auth with Radius for wlans > > Hi Guys. > > I have Wireless Acess Points which are able to talk to Raius servers. > I was wondering if it was possible to somehow combine Mac-address authentication with SQL stored user data, i.e username@domain.com with some pass will get his MAC-address stored in a database when he authenticates and then he gets an IP handed out by the Radius server. > Is there any tool that can do that ? Most of the OSS radius servers that I have seen allow you to run an app when the user attempts to authenticate. (I have only done this with cistron, though I know gnu-radius and freeradius both support it.) You can use that app to add the MAC to the DB. The "fun" part is getting the MAC from the user. If you can do that, then you're good to go. > > Thanks in advance, > YazzY -- Randy Smith Amigo.Net Systems Administrator 1-719-589-6100 x 4185 http://www.amigo.net/ From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:31:23 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8687016A4BF for ; Fri, 12 Sep 2003 08:31:23 -0700 (PDT) Received: from stella.pyramus.com (ns2.pyramus.com [67.92.212.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C44E443FF3 for ; Fri, 12 Sep 2003 08:31:22 -0700 (PDT) (envelope-from blake@pyramus.com) Received: from pyramus.com (dark-star.pyramus.com [10.10.1.7]) by stella.pyramus.com (8.11.6/8.12.3) with ESMTP id h8CFWKr05486 for ; Fri, 12 Sep 2003 08:32:20 -0700 (PDT) (envelope-from blake@pyramus.com) Message-ID: <3F61E6D6.8020800@pyramus.com> Date: Fri, 12 Sep 2003 08:31:34 -0700 From: Blake Swensen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030210 X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD ISP List Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:31:23 -0000 Many of you are in the same boat, where customers fall behind and collections letters still do not seem to grab their attention. Short of changing passwords, does anyone have a best practices method of temporarily preventing access to email boxes temporarily. In most of these cases, once the customer has paid, I would like to turn back on the email boxes. Thanks -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The Internet Rescue Company - http://www.pyramus.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Blake R. Swensen Pyramus Online, Inc. President 2080 SE Oak Grove Blvd. Suite 11 Milwaukie, Oregon 97267 800-327-5101 vox:503-353-0455 fax:503-353-0453 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "We measure success by the success of our clients" From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:33:09 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04A4716A4BF for ; Fri, 12 Sep 2003 08:33:09 -0700 (PDT) Received: from lakemtao04.cox.net (lakemtao04.cox.net [68.1.17.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id CB65443FBD for ; Fri, 12 Sep 2003 08:33:07 -0700 (PDT) (envelope-from srenna@vdbmusic.com) Received: from mars ([68.98.165.70]) by lakemtao04.cox.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20030912153307.TKVU29227.lakemtao04.cox.net@mars>; Fri, 12 Sep 2003 11:33:07 -0400 From: "Scott Renna" To: "'Blake Swensen'" , "'FreeBSD ISP List'" Date: Fri, 12 Sep 2003 11:33:08 -0400 Message-ID: <000101c37943$2b4b9810$0201a8c0@mars> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 In-Reply-To: <3F61E6D6.8020800@pyramus.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:33:09 -0000 I always like to just edit /etc/password. Go to the password field and try something like inputting **NOLOGIN** at the start of the field. -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Blake Swensen Sent: Friday, September 12, 2003 11:32 AM To: FreeBSD ISP List Subject: Best practices for disabling email accounts Many of you are in the same boat, where customers fall behind and collections letters still do not seem to grab their attention. Short of changing passwords, does anyone have a best practices method of temporarily preventing access to email boxes temporarily. In most of these cases, once the customer has paid, I would like to turn back on the email boxes. Thanks -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The Internet Rescue Company - http://www.pyramus.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Blake R. Swensen Pyramus Online, Inc. President 2080 SE Oak Grove Blvd. Suite 11 Milwaukie, Oregon 97267 800-327-5101 vox:503-353-0455 fax:503-353-0453 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "We measure success by the success of our clients" _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:34:10 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8E20116A4C0 for ; Fri, 12 Sep 2003 08:34:10 -0700 (PDT) Received: from gisp.dk (62.79.61.146.adsl.aboes.tiscali.dk [62.79.61.146]) by mx1.FreeBSD.org (Postfix) with SMTP id 8EE1243FE0 for ; Fri, 12 Sep 2003 08:34:07 -0700 (PDT) (envelope-from birkmose@cs.auc.dk) Received: (qmail 76961 invoked by uid 85); 12 Sep 2003 15:46:14 -0000 Received: from birkmose@cs.auc.dk by server.gisp.dk by uid 82 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.53. Clear:. Processed in 0.226168 secs); 12 Sep 2003 15:46:14 -0000 Received: from unknown (HELO mrwinslows) (192.168.1.3) by 192.168.1.2 with SMTP; 12 Sep 2003 15:46:13 -0000 Message-ID: <000d01c37940$ed542b50$0301a8c0@mrwinslows> From: "Michael Sig Birkmose" To: Date: Fri, 12 Sep 2003 17:17:05 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:34:10 -0000 Hi, I don't know if this is a good place to ask this question or if I should do it at an qmail site... Anyhow we are setting up an server (running FreeBSD of course) with qmail as MTA. We are interested in adding signatures to all our outgoing emails. Is this possible to do on a SMTP level with qmail? The tricky part is that it would be very nice if signatures also gets added to html mails... Cheers, -- Michael Birkmose From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:36:11 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 65D1016A4BF for ; Fri, 12 Sep 2003 08:36:11 -0700 (PDT) Received: from sl.pt (mail.sl.pt [212.55.140.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E98B43FBF for ; Fri, 12 Sep 2003 08:36:09 -0700 (PDT) (envelope-from japc@co.sapo.pt) Received: (qmail 30609 invoked by uid 0); 12 Sep 2003 15:36:07 -0000 Received: from unknown (HELO morgoth.sl.pt) ([172.28.229.134]) (envelope-sender ) by mail.sl.pt (qmail-ldap-1.03) with SMTP for ; 12 Sep 2003 15:36:07 -0000 Received: (qmail 19645 invoked by uid 500); 12 Sep 2003 15:28:20 -0000 Date: Fri, 12 Sep 2003 16:28:20 +0100 From: Jose Celestino To: Michael Sig Birkmose Message-ID: <20030912152820.GI6850@co.sapo.pt> Mail-Followup-To: Michael Sig Birkmose , freebsd-isp@freebsd.org References: <000d01c37940$ed542b50$0301a8c0@mrwinslows> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000d01c37940$ed542b50$0301a8c0@mrwinslows> X-URL: http://xpto.org/~japc X-System: Linux morgoth.sl.pt 2.4.22 X-By: japc@morgoth.sl.pt X-GPG-key-ID: 0x07B1363B X-GPG-key-Fingerprint: D3F3 B47B F20C 3B1E 488C B949 1B8B 8141 07B1 363B User-Agent: Mutt/1.5.3i cc: freebsd-isp@freebsd.org Subject: Re: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:36:11 -0000 Words by Michael Sig Birkmose [Fri, Sep 12, 2003 at 05:17:05PM +0200]: > Hi, > > I don't know if this is a good place to ask this question or if I should do > it at an qmail site... > This is definitely *not* a good place to ask this question. :) -- Jose Celestino | http://xpto.org/~japc/files/japc-pgpkey.asc ---------------------------------------------------------------- "Lately, the only thing keeping me from becoming a serial killer is my distaste for manual labor." -- Dilbert From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:40:26 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C79616A4C1 for ; Fri, 12 Sep 2003 08:40:26 -0700 (PDT) Received: from ns2.gigguardian.com (ns2.gigguardian.com [216.52.21.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0214D43FA3 for ; Fri, 12 Sep 2003 08:40:25 -0700 (PDT) (envelope-from vhm3@gigguardian.com) Received: from gigguardian.com (www@localhost.gigguardian.com [127.0.0.1]) by ns2.gigguardian.com (8.12.8/8.12.6) with SMTP id h8CFob4n075091; Fri, 12 Sep 2003 08:50:37 -0700 (PDT) (envelope-from vhm3@gigguardian.com) Received: from vven-216.sjc.ca.bbnow.net ([24.219.11.216]) (SquirrelMail authenticated user vhm3) by webmail.gigguardian.com with HTTP; Fri, 12 Sep 2003 08:50:37 -0700 (PDT) Message-ID: <18326.24.219.11.216.1063381837.squirrel@webmail.gigguardian.com> Date: Fri, 12 Sep 2003 08:50:37 -0700 (PDT) From: "Chip McClure" To: In-Reply-To: <3F61E6D6.8020800@pyramus.com> References: <3F61E6D6.8020800@pyramus.com> X-Priority: 3 Importance: Normal X-Mailer: SquirrelMail (version 1.2.8) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit cc: freebsd-isp@freebsd.org Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:40:26 -0000 Blake Swensen said: Typically, what I do, is to edit the account name (login), of the user, or users. I add in "*DISABLED*" to the beginning of the users name, makes it a little easier to find when enabling, or deleting, the account. Password fields are not messed with, so I don't have to go back & look up the account. The only downfall here, is that by changing the users name, all email for that individual gets bounced. Quick solution there, is to add in an entry to the /etc/mail/virtuserstable to fix that. Chip ----- Chip McClure Sr. Unix Administrator GigGuardian, Inc. http://www.gigguardian.com/ ----- > Many of you are in the same boat, where customers fall behind and > collections letters still do not seem to grab their attention. > > Short of changing passwords, does anyone have a best practices method of > temporarily preventing access to email boxes temporarily. In most of > these cases, once the customer has paid, I would like to turn back on > the email boxes. > > Thanks > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > The Internet Rescue Company - http://www.pyramus.com > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Blake R. Swensen Pyramus Online, Inc. > President 2080 SE Oak Grove Blvd. Suite 11 > Milwaukie, Oregon 97267 > 800-327-5101 > vox:503-353-0455 > fax:503-353-0453 > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "We measure success by the success of our clients" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 08:45:59 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D1A516A4BF for ; Fri, 12 Sep 2003 08:45:59 -0700 (PDT) Received: from beaver.ncia.net (beaver.ncia.net [69.24.0.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 797C543FDF for ; Fri, 12 Sep 2003 08:45:58 -0700 (PDT) (envelope-from rj@ncia.net) Received: from ncia.net (lithium.rjt.org [192.168.1.41]) (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by beaver.ncia.net (Postfix) with ESMTP id 12E0667C for ; Fri, 12 Sep 2003 11:45:56 -0400 (EDT) Date: Fri, 12 Sep 2003 11:45:54 -0400 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v552) From: Ryan J.Taylor To: freebsd-isp@freebsd.org Content-Transfer-Encoding: 7bit In-Reply-To: <3F61E6D6.8020800@pyramus.com> Message-Id: <31BA8C7B-E538-11D7-ABC3-00306583DA7C@ncia.net> X-Mailer: Apple Mail (2.552) Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 15:45:59 -0000 On Friday, September 12, 2003, at 11:31 AM, Blake Swensen wrote: > Many of you are in the same boat, where customers fall behind and > collections letters still do not seem to grab their attention. > > Short of changing passwords, does anyone have a best practices method > of temporarily preventing access to email boxes temporarily. In most > of these cases, once the customer has paid, I would like to turn back > on the email boxes. You could run "pw lock username" on the account and then add something like: username@pyramus.com 550 Account locked to your /etc/mail/access (if you're running Sendmail). When it's time to unlock the account just do a "pw unlock username" and then remove the entry from your Sendmail access file. *Don't forget to rebuild the access file hash for Sendmail.* > Thanks > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > The Internet Rescue Company - http://www.pyramus.com > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Blake R. Swensen Pyramus Online, Inc. > President 2080 SE Oak Grove Blvd. Suite 11 > Milwaukie, Oregon 97267 > 800-327-5101 > vox:503-353-0455 > fax:503-353-0453 > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "We measure success by the success of our clients" Regards, RJ From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 09:58:30 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E103A16A4BF for ; Fri, 12 Sep 2003 09:58:30 -0700 (PDT) Received: from exuma.irbs.com (exuma.irbs.com [216.86.160.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4DA7443FF5 for ; Fri, 12 Sep 2003 09:58:30 -0700 (PDT) (envelope-from jc@irbs.com) Received: by exuma.irbs.com (Postfix, from userid 2500) id 50AF017409; Fri, 12 Sep 2003 12:58:29 -0400 (EDT) Date: Fri, 12 Sep 2003 12:58:29 -0400 From: John Capo To: freebsd-isp@FreeBSD.ORG Message-ID: <20030912165829.GA10072@exuma.irbs.com> References: <3F61E6D6.8020800@pyramus.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3F61E6D6.8020800@pyramus.com> User-Agent: Mutt/1.4.1i Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: jc@irbs.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 16:58:31 -0000 Quoting Blake Swensen (blake@pyramus.com): > Many of you are in the same boat, where customers fall behind and > collections letters still do not seem to grab their attention. > > Short of changing passwords, does anyone have a best practices method of > temporarily preventing access to email boxes temporarily. In most of > these cases, once the customer has paid, I would like to turn back on > the email boxes. > Reject incoming email but allow access to the mailbox so that your customer can retrieve mail you have already accepted. Rejecting further email notifies the senders that the email was not delivered and they can contact your customer by other means. A recent court case ruled in favor of a plaintiff that claimed they were denied access to important email and lost a large contract because email was accepted but not delivered to the plaintiff. I think it was a Canadian case but with the legal climate in most countries today why take a chance. IANAL, but I do host mail for a number of legal firms. -- John Capo Tuffmail.com From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 10:14:49 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EAFDC16A4BF for ; Fri, 12 Sep 2003 10:14:49 -0700 (PDT) Received: from gray.impulse.net (gray.impulse.net [207.154.64.174]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C72243FA3 for ; Fri, 12 Sep 2003 10:14:49 -0700 (PDT) (envelope-from secabeen@pobox.com) Received: by gray.impulse.net (Postfix, from userid 1000) id 885663D7; Fri, 12 Sep 2003 10:14:48 -0700 (PDT) To: Marcus Reid References: <1062767877.8cbd42c952096@mail.encontacto.net> <20030912084659.GA53607@blazingdot.com> From: Ted Cabeen Date: Fri, 12 Sep 2003 10:14:48 -0700 In-Reply-To: <20030912084659.GA53607@blazingdot.com> (Marcus Reid's message of "Fri, 12 Sep 2003 01:46:59 -0700") Message-ID: <87pti6exo7.fsf@gray.impulse.net> User-Agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 17:14:50 -0000 Marcus Reid writes: > On Mon, Sep 08, 2003 at 05:15:21PM +0200, James Godwin wrote: >> Hi, >> >> There has been no need for Anti Virus on our mail servers as most of our >> clients are Mac users and our windows clients have anti virus installed on >> their machines. >> >> Keeping windows virus updated updated is a mission so I was wondering what >> the ideal Anti Virus app I should use for our Sendmail and Qmail servers? >> >> Any ideas would be much appreciated. > > To answer your question, I would check out Sophos antivirus running under > sophie. I have found it to be ~10x faster than f-prot (standalone, not the > daemonized scanner which may be faster) in an email content filter. The downside to Sophos is that it costs an arm and a leg, especially for mail server use. F-Prot used to charge on a per-server basis, although I've heard some mention that they may have changed their pricing for mail servers. Is f-prot really that slow? Back when we were running the command-line scanner version, it seemed blisteringly fast. I often had difficulty even finding it in the process table with mails coming in at a rate of 1 or 2 per second. We've since switched to the daemonized scanner, which is quite fast, especially with amavisd-new which knows how to interact with the scanner directly, saving at least one fork(). Even still, SpamAssassin processing is a least an order of magnitude slower than any virus scanning, so it isn't a huge deal either way. -- Ted Cabeen http://www.pobox.com/~secabeen ted@impulse.net Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeen@pobox.com "I have taken all knowledge to be my province." -F. Bacon secabeen@cabeen.org "Human kind cannot bear very much reality."-T.S.Eliot cabeen@netcom.com From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 12:30:35 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1FA1E16A4BF for ; Fri, 12 Sep 2003 12:30:35 -0700 (PDT) Received: from smtp.volant.org (gate.volant.org [207.111.218.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5484643FD7 for ; Fri, 12 Sep 2003 12:30:33 -0700 (PDT) (envelope-from patl@volant.org) Received: from 64-144-229-193.client.dsl.net ([64.144.229.193] helo=[192.168.0.13]) by smtp.volant.org with asmtp (TLSv1:AES256-SHA:256) (Exim 4.22) id 19xtcg-0000AU-UC; Fri, 12 Sep 2003 12:30:27 -0700 Date: Fri, 12 Sep 2003 12:30:25 -0700 From: Pat Lashley To: Lewis Watson , freebsd-isp@FreeBSD.ORG Message-ID: <3822605408.1063395025@mccaffrey.phoenix.volant.org> In-Reply-To: <00d301c37935$88ac0bb0$df0a0a0a@vsis169> References: <1062767877.8cbd42c952096@mail.encontacto.net> <20030912084659.GA53607@blazingdot.com> <3374345408.1063357387@mccaffrey.phoenix.volant.org> <00d301c37935$88ac0bb0$df0a0a0a@vsis169> X-Mailer: Mulberry/3.1.0b6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Scan-Signature: e2167ef4035fd4262338940e85c0d6348c22d726 X-Spam-Score: -0.8 (/) X-Spam-Score-Int: -8 X-Spam-Report: -0.8/5.0 This mail has matched the spam-filter tests listed below. See http://spamassassin.org/tag/ for details about the specific tests reported. In general, the higher the number of total points, the more likely that it actually is spam. (The 'required' number of points listed below is the arbitrary number above which the message is normally considered spam.) Content analysis details: (-0.80 points total, 5 required)header IN_REP_TO (-0.5 points) Has a In-Reply-To header quoted email textrelays.osirusoft.com [RBL check: found 193.229.144.64.relays.osirusoft.com.] REPLY_WITH_QUOTES (-0.5 points) Reply with quoted text AWL (0.6 points) AWL: Auto-whitelist adjustment Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 19:30:35 -0000 --On Friday, September 12, 2003 08:55:32 -0500 Lewis Watson wrote: > If you have any good basic tutuorial sites for Exim and needed > counterparts for virus scanning and spam filtering with it please post > them. Thank you for your time. I strongly suggest that anyone contemplating using Exim start reading the exim-users mailing list. Examples and URL show up there fairly often. Details on subscribing, and a searchable archive, are available from the main Exim website: http://www.exim.org/ -Pat From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 14:43:56 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C293316A4BF for ; Fri, 12 Sep 2003 14:43:56 -0700 (PDT) Received: from spork.pantherdragon.org (spork.pantherdragon.org [206.29.168.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0679243FF5 for ; Fri, 12 Sep 2003 14:43:56 -0700 (PDT) (envelope-from dmp@bitfreak.org) Received: from speck.techno.pagans (12-206-23-247.client.attbi.com [12.206.23.247]) by spork.pantherdragon.org (Postfix) with ESMTP id 819362A41F; Fri, 12 Sep 2003 14:43:52 -0700 (PDT) Received: from speck.techno.pagans (localhost.techno.pagans [127.0.0.1]) by speck.techno.pagans (Postfix) with SMTP id 23D53C0EE; Fri, 12 Sep 2003 14:43:40 -0700 (PDT) Date: Fri, 12 Sep 2003 14:43:39 -0700 From: Darren Pilgrim To: jc@irbs.com Message-Id: <20030912144339.7fba0ad7.dmp@bitfreak.org> In-Reply-To: <20030912165829.GA10072@exuma.irbs.com> References: <3F61E6D6.8020800@pyramus.com> <20030912165829.GA10072@exuma.irbs.com> X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-isp@FreeBSD.ORG Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 21:43:56 -0000 On 2003.09.12 12:58:29 -0400, John Capo wrote: > Quoting Blake Swensen (blake@pyramus.com): > > Many of you are in the same boat, where customers fall behind and > > collections letters still do not seem to grab their attention. > > > > Short of changing passwords, does anyone have a best practices > > method of temporarily preventing access to email boxes temporarily. > > In most of these cases, once the customer has paid, I would like to > > turn back on the email boxes. > > > > Reject incoming email but allow access to the mailbox so that your > customer can retrieve mail you have already accepted. Rejecting > further email notifies the senders that the email was not delivered > and they can contact your customer by other means. You have to notify the customer that the account contents will be forfeit if the account goes long enough without payment. Such notice is usually part of the service contract so that you don't have to deal with contacting a scarce customer later on and you have an official document that gets you out of lawsuits. This is common practice with self-storage lockers, leased mailboxes, etc. There's even a similar clause for most apartments. From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 17:03:18 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EBAC116A4BF for ; Fri, 12 Sep 2003 17:03:18 -0700 (PDT) Received: from Hot.Net.au (216.93.176.26 [216.93.176.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5264A43F85 for ; Fri, 12 Sep 2003 17:03:13 -0700 (PDT) (envelope-from keith@apcs.com.au) Received: (from root@localhost) by Hot.Net.au (8.12.6/8.12.6) id h8D03DYs051968; Sat, 13 Sep 2003 10:03:13 +1000 (EST) (envelope-from keith@apcs.com.au) Received: from localhost (localhost [127.0.0.1]) by Hot.Net.au (8.12.6/8.12.6) with ESMTP id h8D03CXn051938; Sat, 13 Sep 2003 10:03:12 +1000 (EST) (envelope-from keith@apcs.com.au) Date: Sat, 13 Sep 2003 10:03:12 +1000 (EST) From: Keith Anderson X-X-Sender: keith@green.hot.net.au To: John Capo In-Reply-To: <20030912165829.GA10072@exuma.irbs.com> Message-ID: <20030913095930.R37416-100000@green.hot.net.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-scanner: scanned by Inflex 1.0.12.3 - (http://pldaniels.com/inflex/) cc: freebsd-isp@freebsd.org Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Sep 2003 00:03:19 -0000 Hi All, I use popd with Radius aso if the account is paid up the user can collect email. The customer will be very keen to pay so they can collect the email. I do not block incoming email at all. after 60 Days the account/email is deleted as per our contract with the customer. Keith Anderson Ezyisp Accounting On Fri, 12 Sep 2003, John Capo wrote: > Quoting Blake Swensen (blake@pyramus.com): > > Many of you are in the same boat, where customers fall behind and > > collections letters still do not seem to grab their attention. > > > > Short of changing passwords, does anyone have a best practices method of > > temporarily preventing access to email boxes temporarily. In most of > > these cases, once the customer has paid, I would like to turn back on > > the email boxes. > > > > Reject incoming email but allow access to the mailbox so that your > customer can retrieve mail you have already accepted. Rejecting > further email notifies the senders that the email was not delivered > and they can contact your customer by other means. > > A recent court case ruled in favor of a plaintiff that claimed they > were denied access to important email and lost a large contract > because email was accepted but not delivered to the plaintiff. I > think it was a Canadian case but with the legal climate in most > countries today why take a chance. > > IANAL, but I do host mail for a number of legal firms. > > -- > John Capo > Tuffmail.com > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 20:58:00 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A43B116A4BF for ; Fri, 12 Sep 2003 20:58:00 -0700 (PDT) Received: from caelis.infopac.ru (caelis.infopac.ru [217.77.96.155]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BA7343FEA for ; Fri, 12 Sep 2003 20:57:59 -0700 (PDT) (envelope-from vap@infopac.ru) Received: from infopac.ru (localhost [127.0.0.1]) by caelis.infopac.ru (8.12.9/8.12.9) with ESMTP id h8D3xeZE030188; Sat, 13 Sep 2003 08:59:41 +0500 (SAMST) (envelope-from vap@infopac.ru) Message-ID: <3F62962C.3060507@infopac.ru> Date: Sat, 13 Sep 2003 08:59:40 +0500 From: "Vladimir A. Petrov" Organization: Infopac JSC User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030908 X-Accept-Language: ru, en MIME-Version: 1.0 To: Blake Swensen References: <3F61E6D6.8020800@pyramus.com> In-Reply-To: <3F61E6D6.8020800@pyramus.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: FreeBSD ISP List Subject: Re: Best practices for disabling email accounts X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Sep 2003 03:58:00 -0000 Hello! Blake Swensen wrote: > Short of changing passwords, does anyone have a best practices method of > temporarily preventing access to email boxes temporarily. In most of chmod u-r /var/mail/USER_MAIL_BOX -- Vladimir A. Petrov (aka vap) http://vap.org.ru. ____________________________________________________________________________ ^]:wq ...sed libera nos a malo. From owner-freebsd-isp@FreeBSD.ORG Fri Sep 12 23:11:42 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 221D016A4BF for ; Fri, 12 Sep 2003 23:11:42 -0700 (PDT) Received: from floyd.gnulife.org (floyd.gnulife.org [199.86.41.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4ADBE43FFD for ; Fri, 12 Sep 2003 23:11:41 -0700 (PDT) (envelope-from jamie@gnulife.org) Received: by floyd.gnulife.org (Postfix, from userid 1000) id 3FDFD4333B; Wed, 10 Sep 2003 14:33:47 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by floyd.gnulife.org (Postfix) with ESMTP id 3A07643331; Wed, 10 Sep 2003 14:33:47 -0500 (CDT) Date: Wed, 10 Sep 2003 14:33:47 -0500 (CDT) From: Jamie To: Lisa Usher In-Reply-To: <004101c377b4$f568f1a0$0b0110ac@lisaione> Message-ID: <20030910143133.O90162-100000@floyd.gnulife.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: Anti Virus for mail server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Sep 2003 06:11:42 -0000 I would try checking out Clam Antivirus. It's GPL'd, and you can find more info about it here: http://clamav.elektrapro.com/ This is something we will be putting onto our machines soon. - Jamie On Wed, 10 Sep 2003, Lisa Usher wrote: > Hi James, > > We have been using RAV antivirus for Sendmail Milter. However, RAV was > recently sold to Microsoft and well... the rest is history. Their Main > distributor here is offering other alternatives to RAV (ie; F-Prot fo > Sendmail Milter). We like F-Prot and will probably switch to it once our RAV > license has expired. you can check out all the Anti-virus solutions at: > http://www.raeinternet.com > > ----- Original Message ----- > From: "James Godwin" > To: > Sent: Monday, September 08, 2003 11:15 AM > Subject: Anti Virus for mail server > > > > Hi, > > > > There has been no need for Anti Virus on our mail servers as most of our > > clients are Mac users and our windows clients have anti virus installed on > > their machines. > > > > Keeping windows virus updated updated is a mission so I was wondering what > > the ideal Anti Virus app I should use for our Sendmail and Qmail servers? > > > > Any ideas would be much appreciated. > > > > Kind regards, > > > > James > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > "A friend is someone who lets you have total freedom to be yourself." From owner-freebsd-isp@FreeBSD.ORG Sat Sep 13 15:11:41 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55C4416A4BF for ; Sat, 13 Sep 2003 15:11:41 -0700 (PDT) Received: from lapdance.yazzy.org (yazzy.org [217.8.140.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1814D43FDD for ; Sat, 13 Sep 2003 15:11:40 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.org (Postfix) with SMTP id 269B04174 for ; Sat, 13 Sep 2003 23:56:29 +0200 (CEST) Date: Sat, 13 Sep 2003 23:56:29 +0200 From: Martin Jessa To: freebsd-isp Message-Id: <20030913235629.23e873b6.freebsd@yazzy.org> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: User and bw Statistics. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Sep 2003 22:11:41 -0000 Hi guys. I have set up a system based on FreeBSD router running poptop for vpn which authorizes my users against radius server with SQL backend. Everything works great except statistics. The problem is I cannot see any of the users who are loged in nor how much bandtwith they use. I use dialup_admin to add new users to the database. Unfortunatelly there is no info/docs regarding the part I have problems with. Do any of you guys managed to set it up on FreeBSD ? From owner-freebsd-isp@FreeBSD.ORG Sat Sep 13 15:22:43 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFE0816A4BF for ; Sat, 13 Sep 2003 15:22:43 -0700 (PDT) Received: from lapdance.yazzy.org (yazzy.org [217.8.140.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BB2F43F93 for ; Sat, 13 Sep 2003 15:22:43 -0700 (PDT) (envelope-from freebsd@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.org (Postfix) with SMTP id 90655418E; Sun, 14 Sep 2003 00:07:32 +0200 (CEST) Date: Sun, 14 Sep 2003 00:07:32 +0200 From: Martin Jessa To: freebsd-isp@freebsd.org, nathan@vidican.com Message-Id: <20030914000732.4f01d15d.freebsd@yazzy.org> In-Reply-To: <20030909221635.M54304@vidican.com> References: <20030909121457.672d3b41.freebsd@yazzy.org> <20030909221635.M54304@vidican.com> Organization: WRS ASA X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Radius and MAC Address Access Control X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Sep 2003 22:22:43 -0000 Hi Nathan, guys. I have a setup like that today except I use pptp vpn tunnels for my users. The vpn daemon (poptop) talks to freeradius server which against gets user info from MySQL database. I use dialup_admin to be able to easly add new users. Everything works great except for one thing. The users (companies) are unable to create their own VPN tunnels (i.e IPsec) to other places. It's impossible to tunnel IPsec inside of pptp vpn tunnels. So maybe running plain PPPoE could solve that problem. Then I could use WPA for traffic encryption. Does that sound logical? Nathan. Do you do controll the bandtwith of your users too ? I need some kind of system that will make it possible to give different bandwith to different users. I though I could set up DUMMYNET with bw restrictions for different subnets with a subnet mask like /16 or similar. Then give static IP's to my users depending on what bw they are allowed to use. But this approach does not seem to be very flexible. Is there a way to make radius do bandwith restrictions or run commands against an external application? Thanks YazzY On Tue, 9 Sep 2003 22:20:41 +0000 "Nathan Vidican" wrote: > Might I suggest you look into just using PPPoE for wireless applications? You > can first off make use of WEP to secure the traffic to some extent, then run > PPPoE (which can authenticate through radius) to have your clients login and > what-not. This way you can control not only access to the network but also > access to which IP address(es). > We have a similar setup here, where we use private IP's from tower to > tower and route traffic back to home base, where clients login with PPPoE to > get an external IP address and it works very well thus far. > > Just my 2 cents, if you still want to block/control by mac address why not > just use a switch which has radius support; eg: Cisco 2924XL. > > -- > Nathan Vidican > nathan@vidican.com > Innovative Product Sales > http://www.InnovativeProductSales.com/ > > On Tue, 9 Sep 2003 12:14:57 +0200, Martin Jessa wrote > > Hi Guys. > > > > I am setting up system for a Wireless ISP trying to figure out how > > to enable MAC Address Access Control with a radius server. I need to > > find out how it can be done and what Radius server supports tricks > > like that. Any ideas? > > > > Thanks in advace. > > YazzY > > _______________________________________________ > > freebsd-small@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-small > > To unsubscribe, send any mail to "freebsd-small-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"