DOCSLIB.ORG

Keep Smiling, Waste Spammers' Time Peter N

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Keep Smiling, Waste Spammers' Time Peter N How-Tos How-Tos Fight SPAM Fight SPAM Keep smiling, waste spammers' time Peter N. M. Hansteen When you are in the business of building the networks people need and the services they need to run on them, you may also be running a mail service. If you do, you will sooner or later need to deal with spam. This article is about how to waste spammers' time and have a good time while doing it. ssembling the parts: To take part of the fun somewhere in the default path of your incoming SMTP traffic. and useful things in this article, you need a A gateway with PF is usually an excellent choice, but if it suits system with PF, the OpenBSD packet filter. your needs better, it is quite feasible to do the filtering needed If you are reading this magazine you are for this article on the same host your SMTP server runs. Alikely to be running all important things on a BSD already, and all the fully open source BSDs by now include PF, Enter spamd developed by OpenBSD but also ported to the other OpenBSD's spamd, the spam deferral daemon (not to be BSDs. On OpenBSD, it is the packet filter, and if you are confused with the program with the same name from the running FreeBSD, NetBSD or DragonFlyBSD it is likely SpamAssassin content filtering system), first appeared in to be within easy reach, either as a loadable kernel module OpenBSD 3.3. The original spamd was a tarpitter with or as a kernel compile-time option. a very simple mission in life. Its spamd-setup program Getting started with PF is surprisingly easy. The official would take a list of known bad IP addresses, that is, the IP documentation such as the PF FAQ is very comprehensive, addresses of machines known to have sent spam recently, but you may be up and running faster if you buy The Book and load it into a table. The main spamd program would of PF [1] or do what about 30,000 others have done before then have any smtp traffic from hosts in that table redirected you: Download or browse the free forerunner from http: to it, and spamd would answer those connections s-l-o-w-l- //home.nuug.no/~peter/pf/. Or do both, if you like. y, by default one byte per second. Network design issues A minimal PF config A PF setup can be, and to my mind should be, quite As man spamd will tell you, the bare minimum to get unobtrusive. For the activities in this article it does not spamd running in a useful mode on systems with PF matter much where you run your PF filtering, as long as it is version 4.1 or later is: 2 BSD 1/2008 www.bsgmag.org 3 How-Tos How-Tos Fight SPAM Fight SPAM table <spamd-white> persist For each new trick a spam producer Spammers do not retry. So if we set up our no rdr inet proto tcp from chooses to implement, the content filtering system to say essentially My admin told me not <spamd-white> to any port smtp becomes incrementally more complex and to talk to strangers – we should be getting rid rdr pass inet proto tcp from any to computationally expensive. of anything the sending end does not consider any port smtp -> 127.0.0.1 port spamd In sharp contrast to the content filtering, important enough to retry delivering. The which is based on message content, greylisting practical implementation is to record for each This means, essentially, that any smtp traffic is based on studying spam senders' behavior incoming delivery attempt at least: from hosts that are not already in the table on the network level. The 2003 paper [3] spamd-white will be redirected to localhost, by Evan Harris noted that the vast majority 1) Sender's IP address port spamd, where you have set up the of spam appeared to be sent by software 2) The From: address spam deferral daemon spamd to listen for specifically developed to send spam messages, 3) The To: address connections. Enabling spamd, on the other and those systems typically operated in a fire 4) Time of first delivery attempt matching hand, is as easy as adding spamd_flags="" and forget mode, only trying to deliver each 1) through 3) to your /etc/rc.conf.local if you run message once. The delivery software on real 5) Time delivery of retry will be allowed OpenBSD or /etc/rc.conf if you run mail servers, however, are proper SMTP 6) Time to live for the current entry FreeBSD [2], and starting it with: implementations, and since the relevant RFCs state that you MUST retry delivery in At the first attempt, the delivery is rejected $ sudo /usr/libexec/spamd case you encounter some classes of delivery with temporary error code, typically errors, in almost all cases real mail servers 451 temporary local problem, try again or if you are on FreeBSD, will retry after a reasonable amount of time. later, and the data above is recorded. Any $ sudo /usr/local/libexec/spamd It is also worth noting that if you add the -d for Debug flag to your spamd flags, spamd will generate slightly more log information, of the type shown in the log excerpts later in this article. While earlier versions of spamd required a slightly different set of redirection rules and ran in blacklists-only mode by default, spamd from OpenBSD 4.1 onwards runs in greylisting mode by default. Let's have a look at what greylisting means and how it differs from other spam detection techniques before we exlore the finer points of spamd configuration. Content versus behavior: Greylisting When the email spam deluge started Figure 1. Number of hosts in the uatraps list happening during the late 1990s and early 2000s, observers were quick to note that the messages in at least some cases could be fairly easily classified by looking for certain keywords, and the bulk of the rest fit well in familiar patterns. Various kinds of content filtering have stayed popular and are the mainstays of almost all proprietary and open source antispam products. Over the years the products have develped from fairly crude substring match mechanisms into multi-level rule based systems that incorporate a number of sophisticated statistical methods. Generally the products are extensively customizeable and some even claim the ability to learn based on the users' preferences. Those sophisticated and even beautiful algorithms do have a downside, however: Figure 2. SMTP connections to smamd by connetion length 2 BSD 1/2008 www.bsgmag.org 3 How-Tos How-Tos Fight SPAM Fight SPAM subsequent delivery attempts matching occasionally encounter some sites that do not probably seen spam messages offering lists of fields 1) through 3) that happen before the play well with greylisting, see the references millions of verified email addresses available. time specified in field 5) are essentially for tips on how to deal with those. However, verification goes only so far. You ignored, treated to the same temporary error. can get a reasonable idea of the quality of that When a delivery matching fields 1) through Do we need blacklists? verification if you take some time to actually 3) is attempted after the specified time, the With greylisting taking care of most of the browse mail server logs for failed deliveries to IP address (or in some implementations, spam, is there still a place for blacklists? It's a addresses in your domain. In most cases you the whole subnet) is whitelisted, meaning fair question. The answer depends in a large part will find a number of attempts at delivering to that any subsequent deliveries from that on how the blacklists you are considering are addresses that either have never existed or at IP address will be passed on to the mail constructed and how much you trust the people least have no valid reason to receive mail. service. who generate them and the methods they use. The OpenBSD spamd developers saw this The first release of OpenBSD's spamd The theory behind all good blacklists is too. They also realized that what addresses are to support greylisting was OpenBSD 3.5. that once an IP address has been confirmed deliverable or not in your own domain is spamd's greylisting implementation operates as a source of spam, it is unlikely that there something you have complete control over, only on individual IP addresses, and by will be any valid mail send from that IP and they formulated the following rule to default sets the minimum time before a address in the foreseeable future. guide a new feature to be added to spamd: delivery attempt passes to 25 minutes, With a bit of luck, by the time the spam the time to live for a greylist entry to 4 sender gets around to trying to deliver spam "if we have one or more addresses that we hours, while a whitelisted entry stays in the to addresses in your domain, the spam sender are quite sure will never receive valid email, whitelist for 36 days after the delivery of will already be on the blacklist and will in we can safely assume that any mail the last message from that IP address. With turn treated to the s-l-o-w SMTP dialogue. sent to those addresses is spam" a properly configured setup, machines that Knowing how a host makes it into a receive mail from your outgoing mail servers blacklist is important, but a clear policy for that feature was dubbed greytrapping, and will automatically be whitelisted, too.
Load more

Recommended publications
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
    [Show full text]
  • Clé USB Bootable Openbsd Clé USB Bootable Openbsd
    2018/05/25 10:12 1/11 Clé USB bootable OpenBSD Clé USB bootable OpenBSD Je vais indiquer ici comment créer une clé USB bootable avec OpenBSD. Intérêt ? Quel est l'intérêt de la chose ? Et bien il est multiple : Avoir un UNIX sous la main, c'est le bien Avoir un système de secours sur clé USB, c'est le pied Booter sur un système super-sécurisé, ça le fé ! C'est fun C'est la frime Les différents usages : obtenir un dmesg super détaillé pour identifier du matériel récupérer un système endommagé Avoir un anti-virus non compromis installer OpenBSD sur une nouvelle machine (oui, en plus d'être bootable, l'installation est possible !) faire de la maintenance Bref, ça le fait bien. Installation C'est l'enfance de l'art : booter sur un CD OpenBSD (i386 pour une plus grande compatibilité, mais ça marche pareil avec un amd64…), une clé USB déjà préparée, une disquette, en réseau… et lancez l'installation ! Repérez bien le device qui correspond à votre clé USB (sd0 ou sd1 probablement) et installez le système dessus. Le plus simple ? Une seule partition 'a', pas de swap, créer un utilisateur autre que root, n'installez pas compXX.tgz, ni gameXX.tgz (pour gagner quelques Mo…). Et surtout, utilisez les DUID pour identifier les disques au montage ! Exemple <mavie> J'ai reçu une clé USB Duracell de 4Go avec le programme de fidélité Orange Davantage Internet. Cool. Je m'en va installer le bousin là-dessus. Bon, le formatage prend des plombes, l'installation complète met deux heures pour aboutir, le Chez moi..
    [Show full text]
  • Openbsd Spamd
    OpenBSD Spamd Nicolas Greneche MAPMO Projet SDS Mathrice Rouen 2008 Sommaire 1 Introduction 2 Architecture et Algorithmes 3 Composants 4 Lancement et Param`etres 5 Exploitation 2 / 15 ... mais aussi OpenSSH, OpenNTPD, OpenCVS, OpenBGPD et Packet Filter ! Introduction - OpenBSD Syst`emed'exploitation Orient´es´ecurit´e S´eparation syst`eme de base / ports Support des mod`elesMAC et DAC Audit strict de s´ecurit´edu syst`emede base OpenBSD c'est Spamd ... 3 / 15 Introduction - OpenBSD Syst`emed'exploitation Orient´es´ecurit´e S´eparation syst`eme de base / ports Support des mod`elesMAC et DAC Audit strict de s´ecurit´edu syst`emede base OpenBSD c'est Spamd ... ... mais aussi OpenSSH, OpenNTPD, OpenCVS, OpenBGPD et Packet Filter ! 3 / 15 Introduction - Packet Filter Macros de remplacement (attribut unique ou liste) Redirections (NAT / RDR / BiNAT) R`egles Tables (rapidit´edes lookups / dynamiques) Ancres (r`eglesdynamiques) QoS authpf CARP & PFSync Port \expiretable" 4 / 15 ! Rien `afaire, c'est dans le syst`emede base Configuration de spamd Dans /etc/pf.conf : table <spamd-white> persist no rdr inet proto tcp from <spamd-white> to any port smtp rdr pass inet proto tcp from any to any port smtp ! 127.0.0.1 port spamd Dans /etc/rc.conf.local : spamd flags=““ Merci de votre attention, des questions ? Introduction - (et fin ?) Installation de spamd 5 / 15 Dans /etc/pf.conf : table <spamd-white> persist no rdr inet proto tcp from <spamd-white> to any port smtp rdr pass inet proto tcp from any to any port smtp ! 127.0.0.1 port spamd Dans /etc/rc.conf.local
    [Show full text]
  • Opensmtpd: We Deliver
    OpenSMTPD: we deliver Giovanni Bechis <[email protected]> LinuxCon Europe 2015 About Me I sys admin and developer @SNB I OpenBSD developer I Open Source developer in several other projects OpenSMTPD story I first import in late 2008 I default smtp server in OpenBSD since March 2014 I current version is 5.7.3 released October 5, 2015 I portable version is available for *BSD, Linux and MacOSX why OpenSMTPD ? I in OpenBSD we needed a new smtp server to replace sendmail(8) I Postfix has not a "good" licence (from an OpenBSD pov) I OpenSMTPD is designed with security in mind I pf.conf(5) like configuration file OpenSMTPD: security in mind I multiple processes I privilege revocation I chroot I strlcpy(3), reallocarray(3), arc4random(3), imsg, ... I no auth on unsecure connections I crypt(3) as password hashing function OpenSMTPD: features I smtp protocol as defined in RFC 5321 I backup mx support I mbox and maildir support I authentication inbound and outbound with multiple backends I masquerade support I mailwrapper(8) for sendmail(8) I filters I compressed or crypted mail queue OpenSMTPD: extras I in base src code lives the main smtp server implementation I in extra src code lives all extra features: I table(5) support for different databases I different queue backends I different schedulers I filters OpenSMTPD: basic configuration listen on lo0 table aliases db:/etc/mail/aliases.db # accept from any for domain "example.org" alias <aliases> deliver to mbox accept for local alias <aliases> deliver to mbox accept from local for any relay OpenSMTPD:
    [Show full text]
  • Firewalling with Openbsd's PF Packet Filter
    Firewalling with OpenBSD’s PF packet filter Peter N. M. Hansteen [email protected] Copyright © 2005 - 2012 Peter N. M. Hansteen This document is © Copyright 2005 - 2012, Peter N. M. Hansteen. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The document is a ’work in progress’, based on a manuscript prepared for a lecture at the BLUG (see http://www.blug.linux.no/) meeting of January 27th, 2005. Along the way it has spawned several conference tutorials as well as The Book of PF (http://nostarch.com/pf2.htm) (second edition, No Starch Press November 2010), which expands on all topics mentioned in this document presents several topics that are only hinted at here.
    [Show full text]
  • The Book of PF Is the PETER N.M
    With a foreword by BUILDBUILD THETHE BOB BECK, NETWORKNETWORK YOUYOU Director of NEEDNEED WITHWITH PFPF the OpenBSD Foundation THETHE BOOKBOOK THE BOOK OF PF OF THE BOOK THE BOOK OF PF OF THE BOOK OpenBSD’s stateful packet filter, PF, offers an amazing • Use PF to create a wireless access point, and lock it OFOF PFPF feature set and support across the major BSD platforms. down tight with authpf and special access restrictions A NO-NONSENSE GUIDE TO THE Like most firewall software though, unlocking PF’s full • Maximize availability by using redirection rules for potential takes a good teacher. OPENBSD FIREWALL load balancing and CARP for failover Peter N.M. Hansteen’s PF website and conference • Use tables for proactive defense against would-be tutorials have helped thousands of users build the attackers and spammers networks they need using PF. The Book of PF is the PETER N.M. HANSTEEN product of Hansteen’s knowledge and experience, • Set up queues and traffic shaping with ALTQ, so your teaching good practices as well as bare facts and network stays responsive software options. Throughout the book, Hansteen • Master your logs with monitoring and visualization, emphasizes the importance of staying in control by because you can never be too paranoid having a written network specification, using macros to make rule sets more readable, and performing rigid The Book of PF is written for BSD enthusiasts and network testing when loading in new rules. admins at any level of expertise. With more and more services placing high demands on bandwidth and Today’s system administrators face increasing challenges increasing hostility coming from the Internet at large, you in the quest for network quality, and The Book of PF can can never be too skilled with PF.
    [Show full text]
  • Zettabyte File System
    ZFS Zettabyte File System Powered by: www.netbsd.ir www.usenix.ir ZFS Futures – Zpool – Snapshot – Zil – Compression – Deduplication – Copy-On-Write – L2ARC – Adaptive Replacement Cache (ARC) – Transaction Group (TXG) – vdev Types – Dataset – Clone – Checksum – Dataset Quota – RAID-Z ZFS Limits Max. volume size : 256 zebibytes (2^78 bytes) Max. file size : 16 exbibytes (2^64 bytes) Max. number of files : Per directory: 2^48 Per file system : unlimited ZFS Zpool ZFS Zil ZFS Compression ● LZ4 ● LZJB ● GZIP ● ZLE ZFS Copy-On-Write ZFS Deduplication ZFS ARC/L2ARC ZFS Dataset ZFS Clone ZFS RAID ZFS Checksum ZFS FreeNAS/NAS4Free Powered by : www.netbsd.ir www.usenix.ir OpenBSD Theo de Raadt October 1995 OpenBSD Pay attention to security problems and fix them before anyone else does (Try to be the #1 most secure operating system.) Provide the best development platform possible Integrate good code from any source with acceptable licenses Greater integration of cryptographic software. Track and implement standards (ANSI, POSIX, parts of X/Open, etc.) Work towards a very machine independent source tree Be as politics-free as possible; solutions should be decided on the basis of technical merit. Focus on being developer-oriented in all senses, including holding developer-only events called hackathons Do not let serious problems sit unsolved. Make a CDROM-based release approximately every six months. OpenBSD "Secure by Default" To ensure that novice users of OpenBSD do not need to become security experts overnight (a viewpoint which other vendors seem to have), we ship the operating system in a Secure by Default mode. All non-essential services are disabled.
    [Show full text]
  • The Silent Network: Denying the Spam and Malware Chatter
    The silent network Denying the spam and malware chatter using free tools Peter N. M. Hansteen [email protected] According to statements by a certain proprietary software marketer, the spam and malware problem should have been solved by now. That company isn’t even close, but in the free software world we are getting there fast and having fun at the same time. This paper offers an overview of principles and tools with real life examples and data, and covers the almost-parallel evolution of malware and spam and effective counter-measures. We present recent empirical data interspersed with examples of practical approaches to ensuring a productive, malware and spam free environment for your colleagues and yourself, using free tools. The evolution of content scanning is described and contrasted with other methods based on miscreants’ (and their robot helpers’) behavior, concluding with a discussing of recent advances in greylisting and greytrapping with an emphasis on those methods’ relatively modest resource demands. Copyright © 2006-2007 by Peter N. M. Hansteen This document is Copyright © 2006-2007 Peter N. M. Hansteen. All rights reserved. Paper presented at the BSDCan conference in Ottawa, Ontario, Canada on May 18, 2007. Table of Contents Malware, virus, spam - some definitions ..........................................................................1 A history of malware .............................................................................................................2 The first virus: the Elk Cloner .........................................................................................2
    [Show full text]
  • The Journal of AUUG Inc. Volume 24 ¯ Number 2 June 2003
    The Journal of AUUG Inc. Volume 24 ¯ Number 2 June 2003 Features: Microsoftens 10 OpenBSD 3.3 Released 11 Linux System’ Administrator’s Security Guide (Part 1) 15 The Roadman for FreBSD 5-stable 20 Mail and Dynamic IP 24 Intrusion Detection System (Part 1) 25 FreeBSD 5.1 Release Process 40 SCO-vs.-IBM: the Open Source Initiative Position Paper on the Complaint 41 AUUG 2003 Systems Administration Symposium Photo Gallery 57 NetBSD 1.6.1 CD 58 News: Public Notices 4 AUUG: Corporate Members 9 AUUG Conference 2003 Invitation 59 AUUG Membership Renewal 61 AUUG: Chapter Meetings and Contact Details 63 Regulars: President’s Column 3 My Home Network 4 ISSN 1035-7521 Print post approved by Australia Post - PP2391500002 AUUG Membership and General Correspondence The AUUG Secretary PO Box 7071 Edi oria Baulkham Hills BC NSW 2153 Con Zymaris auu.qn@auu,q.or,q.au Telephone: 02 8824 9511 or 1800 625 655 (Toll-Free) I imagine I’m not alone in expressing fond memories Facsimile: 02 8824 9522 Email: [email protected] of both Carl Sagan and Stephen Jay Gould. Both of these gentleman were not only practicing scientists AUUG Management Committee but also exemplary communicators of science and of Email: [email protected] the technical, complex and beautiful cosmos that we inhabit. President Greg Lehey PO Box 460 Through his combination of vision and chutzpah, Echunga, SA, 5153 Sagan caused us to pause for a moment and consider Bus. Tel (08) 8388 8286, Mobile 0418 838 708, Fax (08) 8388 8725 the majesty of star-stuff, of galaxies and of the human <[email protected]> discourse which ensued over millennia in trying to Immediate Past President reveal their secrets.
    [Show full text]
  • Hosting BSD L Cloud Computing L Open BSD, Netbsd and Freebsd As File Sharing Servers - Part2
    Editor in Chief: Olga Kartseva Dear Readers! [email protected] Contributing: BSD is already becoming international magazine. People Jan Stedehouder, Rob Somerville, Marko Milenovic, Petr all over the world have an access to our magazine and Topiarz, Paul McMath, Eric Vintimilla, Matthias Pfeifer, Theodore Tereshchenko, Mikel King, Machtelt Garrels, Jesse Smith download it. We are happy that our work is so appreciated and BSD magazine popularity is growing!. Special thanks to: Marko Milenovic, Worth Bishop and Mike Bybee Art Director: First of all I wanted to thank you for you letters of Agnieszka Marchocka support, they mean really a lot to us and help constantly DTP: to improve! All our authors worked hard to make their Ireneusz Pogroszewski articles interesting and useful. I really hope you will like this issue as much as the previous. Senior Consultant/Publisher: Paweł Marciniak [email protected] This month topic is “BSD as a desktop”. Why this National Sales Manager: Ewa Łozowicka topic? [email protected] We thought that some of you still might have doubts Marketing Director: Ewa Łozowicka on choosing OS, so this issue surely will help you to [email protected] learn more about BSD as a desktop and help to make a decision. Executive Ad Consultant: Karolina Lesińska [email protected] But those of you who already use BSD should not Advertising Sales: close the magazine after reading my previous statement, Olga Kartseva because you could loose a lot. =) [email protected] Publisher : Software Press Sp. z o.o. SK Please feel free to contact us, we are open to critics, ul.
    [Show full text]
  • Openbsd Frequently Asked Questions
    OpenBSD Frequently Asked Questions Language: en [teams] de fr nl pl pt Documentation and Frequently Other Documents Asked Questions Upgrade Guide Following -current Commonly Encountered Issues Recent updates Port Testing Guide Using AnonCVS Stable This FAQ is supplemental documentation to the man pages, available both in the installed Using CVSup system and online. The FAQ covers the active release of OpenBSD, currently v3.8. There Manual pages are likely features and changes to features in the development version (-current) of Bug Reporting OpenBSD that are not covered in this FAQ. Mail lists PF User's Guide The FAQ in PDF and plain text form is available in the pub/OpenBSD/doc directory OpenSSH FAQ from the FTP mirrors, along with other documents. PDF files OpenBSD FAQ PF User's Guide 1 - Introduction to OpenBSD Text files ● 1.1 - What is OpenBSD? ● OpenBSD FAQ 1.2 - On what systems does OpenBSD run? ● PF User's Guide 1.3 - Is OpenBSD really free? ● 1.4 - Why might I want to use OpenBSD? ● 1.5 - How can I help support OpenBSD? Back to OpenBSD ● 1.6 - Who maintains OpenBSD? ● 1.7 - When is the next release of OpenBSD? ● 1.8 - What is included with OpenBSD? ● 1.9 - What is new in OpenBSD 3.8? ● 1.10 - Can I use OpenBSD as a desktop system? ● 1.11 - Why is/isn't ProductX included? 2 - Other OpenBSD Information Resources ● 2.1 - Web Pages ● 2.2 - Mailing Lists ● 2.3 - Manual Pages ● 2.4 - Reporting Bugs 3 - Obtaining OpenBSD ● 3.1 - Buying an OpenBSD CD set ● 3.2 - Buying OpenBSD T-Shirts ● 3.3 - Does OpenBSD provide an ISO image for download? http://www.openbsd.org/faq/index.html (1 of 7) [19/04/2006 23:03:44] OpenBSD Frequently Asked Questions ● 3.4 - Downloading via FTP, HTTP or AFS ● 3.5 - Obtaining Current Source Code 4 - OpenBSD 3.8 Installation Guide ● 4.1 - Overview of the OpenBSD installation procedure.
    [Show full text]
  • Opensmtpd for the Real World Mail Server Tutorial
    OpenSMTPD for the Real World Mail Server Tutorial Aaron Poffenberger 2016-06-09 Thu Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 1 / 38 Outline 1 Introduction 2 Tutorial Goals and Prerequisites 3 OpenSMTPD 4 PF 5 BGP-Spamd 6 Amavisd Overview 7 ClamAV 8 Dovecot 9 SpamAssassin 10 Conclusion 11 Resources Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 2 / 38 Introduction – Background Software developer Software Development 30+ years Experience 17+ years professionally PentaSafe Technologies Security software developer NetIQ Design and implement TheAnimenetwork.com secure APIs BRS Labs Consulting Giant Gray IT Background InfoSec Boeing Software vulnerability ISP (dial-up land) assessment Consulting Auditing DevOps CISSP 2005+ US Army Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 3 / 38 Introduction – Other OpenBSD user Amateur radio enthusiast Electronics hobbyist Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 4 / 38 OpenBSD FreeBSD NetBSD DragonFly BSD HardenedBSD MidnightBSD Debian GNU/kFreeBSD UbuntuBSD Windows with Bash shell Who runs: Anyone want to admit to: Introduction – You Enough about me, let’s talk about you. Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 5 / 38 Debian GNU/kFreeBSD UbuntuBSD Windows with Bash shell OpenBSD FreeBSD NetBSD DragonFly BSD HardenedBSD MidnightBSD Anyone want to admit to: Introduction – You Enough about me, let’s talk about you. Who runs: Aaron Poffenberger OpenSMTPD for the Real World Mail Server Tutorial2016-06-09 Thu 5 / 38 Debian GNU/kFreeBSD UbuntuBSD Windows with Bash shell FreeBSD NetBSD DragonFly BSD HardenedBSD MidnightBSD Anyone want to admit to: Introduction – You Enough about me, let’s talk about you.
    [Show full text]