[ntp:hackers] Some NTP services to be terminated orrelocated at UDel

David L. Mills mills at udel.edu
Wed Aug 20 10:32:14 PDT 2003


Dean,

Thanks for the report. The current sources are
postfix-20010228-p108.tar.gz, if that is helpful. All the UDel mail
servers run this; if it is not current, we will upgrade the instant.

Dave

"Dean K. Gibson" wrote:
> 
> Note that postfix versions earlier than 1.1.13 have (unless patched) a DOS vulnerability recently announced.
> 
> -- Dean
> 
> Brad Knowles wrote on 2003-08-20 08:21:
> >At 2:53 AM +0000 2003/08/20, David L. Mills wrote:
> >
> >>  3. I am extremely irritated at the mail condition on maccarony. I have
> >>  insisted, read that required, that incoming mail behave as incoming mail
> >>  on UDel machines. Harlan and Brad have sandbagged that to the max and I
> >>  won't stand for that.
> >
> >We have not sandbagged.  We have asked that we hear what the official UDel EECIS mail policy is, directly from the people who set that policy.  That is all we have ever asked to do, since this topic first came up.
> >
> >I am perfectly happy to implement whatever UDel EECIS policy may exist.  But I want to hear what that policy is from the people who set that policy, before I go blindly trying to do something.  I prefer not to use the "Ready, Fire, Aim" method, or to blindfold the people with the weapons, as opposed to the person to be executed.
> >
> >We have pointed out that simply using the previous postfix configuration file or the previous binary will not work, because there are pre-compiled defaults included with the binary, and using a binary with a mis-matching configuration file is likely to result in behaviour that is undesirable.
> >
> >Furthermore, using both the previous configuration file and binary will not work, because that won't reflect the new mailman-based mailing list structure, etc....
> >
> >I'm looking at the machine right now, and I'm having trouble finding a functional postfix configuration other than the one we're currently using.  There is a /usr/local/postfix, but it is using the very ancient postfix-20010228-pl08, and the main.cf and master.cf configuration files don't seem to have been changed since May 17 and Apr 27 2001, respectively.
> >
> >Moreover, there is no inclusion of SpamAssassin or Anomy in these configuration files, or any of the other things that I know are standard on UDel mail servers, because I've gotten messages from them (such as whimsy and mail.eecis.udel.edu) with headers that prove what they're running.
> >
> >There is no other postfix installation anywhere on the machine that I can find.
> >
> >>I have set a deadline of Wednesday for conforming to the UDel model, but from mail received today, it hasn't happened.
> >
> >I could implement the postfix configuration I found, but if I did that basically all e-mail on the system would go away.  If we're going to do that, we might as well just shut down e-mail completely, until such time as we can get a configuration running that meets with the approval of EECIS.
> >
> >>It would be much better if Brad or Harlan could do this, since that would be minimal impact on NTP mail.
> >
> >Harlan is not available for the next several days, something which I believe that he previously mentioned to you in private.
> >
> >Basically, when it comes to the mail system on maccarony, I'm it for the moment.  That is, unless you're willing to wait for Harlan to become available again, or you want to bring in someone else.
> >
> >>However, if that hasn't happend by Wednesday afternoon, I will ask the department staff to reconfigure the mail as per UDel practice.
> >
> >Given the state of what I've been able to find, I believe that we are going to need the involvement of EECIS, no matter what.
> >
> >If they can give me the policy, I can construct a suitable configuration.  Alternatively, if they can give me up-to-date configurations (including binaries), I can put those into the appropriate place.
> >
> >--
> >Brad Knowles, <brad.knowles at skynet.be>
> >
> >"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
> >     -Benjamin Franklin, Historical Review of Pennsylvania.
> >
> >GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
> >!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
> >tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
> >_______________________________________________
> >hackers mailing list
> >hackers at ntp.org
> >http://mailman.ntp.org/mailman/listinfo/hackers



More information about the hackers mailing list