Search Results

Search found 2676 results on 108 pages for 'spam blocking'.

Page 84/108 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

• File transfer problems through VPN when Cisco IPS is enabled

  - by Richard West

  We have a Cisco ASA 5510 firewall with the IPS module installed. We have a customer that we must connect to via VPN to their network to exchange files via FTP. We use the Cisco VPN client (version 5.0.01.0600) on our local workstations, which are behind the firewall and subject to the IPS. The VPN client is successful in connecting to the remote site. However when we start the FTP file transfer we are able to upload only 150K to 200K of data, then everything stops. A minute later the VPN session is dropped. I think I have isolated this to an IPS issue by temporarily disabling the Service Policy on the ASA for the IPS with the following command: access-list IPS line 1 extended permit ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 inactive After this command was issued I then established the VPN to the remote site and was successful in transferring the entire file. While still connected to the VPN and FTP session I issued the command to enable the IPS: access-list IPS line 1 extended permit ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 The file transfer was tried again and was once again successful so I closed the FTP session and reopened it, while keeping the same VPN session open. This file transfer was also successful. This told me that nothing with the FTP programs was being filtered or causing the problem. Furthermore, we use FTP to exchange files with many sites everyday without issue. I then disconnected the original VPN session, which was established when the access-list was inactive, and reconnected the VPN session, now with the access-list active. After starting the FTP transfer the file stopped after 150K. To me this seems like the IPS is blocking, or somehow interfering with the initial VPN setup to the remote site. This only started happening last week after the latest IPS signature updates were applied (sig version 407.0). Our previous sig version was 95 days old becuase the system was not auto updating itself. Any ideas on what could be causing this problem?

  Read the article

• DrayTek 2820 configuration using public IP addresses

  - by Kev

  I have a /29 range of public IP addresses assigned to me by my ISP. I'm trying to configure a SIP VOIP handset to register with my VOIP provider who recommend using public IP addresses rather than NAT. I have a DrayTek 2820 router flashed with the latest firmware and have configured my router as per DrayTek's FAQ at: How do I use a public subnet on the LAN (non-NAT operation ) ? My IP range is: xx.xx.94.16 -> xx.xx.94.23 This gives a usable range of: xx.xx.94.17 -> xx.xx.94.22 My router's public IP address is: xx.xx.94.17, the SIP VOIP handset is allocated xx.xx.94.18. I have a second internet connection and via that I can ping the handset. However for some reason I can't seem to get it to register with the provider. I tried adding a new Firewall filter to pass through from WAN to LAN: Source: ANY, Destination: xx.xx.94.18, UDP - Ports 1024 -> 65535 Out of interest I also tried opening port 80 to see if I could browse to the phone's admin web interface but no joy. I know that my ISP aren't blocking inbound service ports because I NAT Port Forwarded port 80 to one of my internal web servers and it rendered a test page I had set up. All the NAT settings are reset to factory defaults, i.e. there are no Port Redirection, DMZ Host, Open Ports or Address Mappings configured. The handset I'm using is a GrandStream GXP-2000. Is there anything else I should be doing?

  Read the article

• Exim log and send all mail for a given domain through another server

  - by Josh

  I administer a handful of shared web hosting servers. Recently, Yahoo has been deprioritizing/greylising all email sent from these servers. I am getting the dereaded 421 4.7.0 [TS02] Messages from my.ip.address temporarily deferred message from Yahoo and their postmaster has been unresponsive. I am unable to find any way to set up a feedback loop like AOL has for my IP address -- I did find a way to set up a feedback loop for a given domain, but we host hundreds of domains, and don't have the time to set up that many feedback loops. So what I'd like to do is twofold: Configure Exim to send all email destined to an @yahoo.com address to a relay, a new server which has an IP that yahoo is not blocking. Configure Exim (or maybe the relay) to log all emails sent to @yahoo.com, so I can review them and, in case one of my uses is violating ToS and sending SPAM to yahoo users, take the appropriate action. How could I accomplish these? Or, does anyone have any other advice for how to get mail to flow through Yahoo and ensure that any email generating complaints is brought to my attention? (For what it's worth, these servers are not listed on any major blacklists)

  Read the article

• Zimbra MTA settings

  - by user192702

  Hi have some questions for Zimbra v8.0.6GA. Under Configure - MTA - Network, I'm seeing a few settings and am not very clear what to do with them. Web mail MTA Host name Is this for delivering local mail only (ie not for external mails)? According to this link, it says the following. That's a mouthful but what is "composed messages"? Is this for a multi server deployment where the Postfix server for Zimbra isn't installed on the same box that as the rest of the servers? Webmail MTA is used by the Zimbra server for composed messages and must be the location of the Postfix server in the Zimbra MTA. Relay MTA for external delivery My understanding after reading the doc is that if my ISP doesn't force me to relay outgoing mails through them, and I have enabled DNS lookup, I can leave this blank? Inbound SMTP host name Sorry I know this is explained as "If your MX records point to a spam-relay or any other external non-Zimbra server, enter the name of that server in the Inbound SMTP host name field." but I'm not following. Can someone provide an example? MTA Trusted Networks The admin doc says "To set up MTA trusted networks on a per server basis, make sure that MTA trusted networks have been set up as global settings and then go the Configure Servers MTA page and in the MTA Trusted Networks field enter the trusted network addresses for the server." However I see out of the box it has default networks setup for the server whereas on a global level it's blank. Does this mean there is a bug with the install software and I have to copy the setting from the server to the global setting?

  Read the article

• Unable to connect to APNS with java-apns

  - by Mac

  I've got a Java program running on a firewalled server that is intended to send push notifications to my iPhone app by using java-apns. Problem is, whenever I try to send a notification the library fails to connect to the APNS server. From the stack trace, it seems that when creating the required SSL connection, the connection is being refused at some point (a java.net.ConnectException with a detail message of "connection refused" is being thrown when the library calls SSLSocketFactory's createSocket method). It would not surprise me at all if the firewall is blocking the connection, but unfortunately as I do not manage the server I am unable to verify that that is indeed the case. The fact that the program works fine from my (non-firewalled) desktop seems to support the theory. My question is, does anyone know of any method by which I can find the root cause of the problem, and/or can anyone tell me what I should tell the server admin to change to get things to work (if it is indeed the firewall that's the problem)? For reference, the server is a Linux box and I'm using version 0.1.2 of java-apns.

  Read the article

• SCVMM 2008 R2 problems migrating VM from VS2005 to Hyper-V host

  - by Scott Ivey

  I have System Center Virtual Machine Manager 2008 R2 installed, and have a Hyper-V R2 host and a Virtual Server 2005 host. I'm trying to migrate my machines from the VS2005 host to the Hyper-V host, and keep getting the following error... VMM is unable to complete the requested file transfer. The connection to the HTTP server myserver.mydomain.local could not be established. (Unknown error (0x80072efd)) Recommended Action Ensure that the HTTP service and/or the agent on the machine myserver.mydomain.local are installed and running and that a firewall is not blocking HTTPS traffic. (Note - migrations between Hyper-V hosts managed by the VMM server work fine - my problem is just going from VS2005-Hyper-V hosts) I have no firewalls turned on on either of the servers, and no firewalls in the middle. I've looked all over for answers to this problem, and am getting nowhere. All the articles I find when searching are talking about either V2V or P2V - and i'm just trying to do a straight migrate VM. I've tried rebooting the boxes, changing the BITS SSL port number, restarting services, triple-checking firewalls, etc. Does anyone have any good suggestions as to how I can resolve this problem?

  Read the article

• Nginx + uWSGI on a fresh Ubuntu install - bind error port 80

  - by knuckfubuck

  I know this is a common problem usually having to do with apache or another service already running on port 80 and I have done a lot of searching and running netstat and still have not figured out why I am getting this error. I rebuilt my slice, did a fresh install of Ubuntu 10.04 and setup nginx + uwsgi. It worked and I was able to see my Django site. I then installed Postgres8.4 and the rest of the stack needed for Geodjango from this link. After that was done I tried to restart nginx and I get this error: sudo /etc/init.d/nginx start Starting nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok configuration file /usr/local/nginx/conf/nginx.conf test is successful [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: still could not bind() I have nginx set to listen 80. Here's an output from netstat -l --numeric-ports | grep 80: tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN Output from sudo lsof +M -i4: nginx 2330 root 8u IPv4 3195 0t0 TCP *:www (LISTEN) nginx 2331 www-data 8u IPv4 3195 0t0 TCP *:www (LISTEN) uwsgi 2335 s 4u IPv4 3259 0t0 TCP localhost:8000 (LISTEN) uwsgi 2352 s 4u IPv4 3259 0t0 TCP localhost:8000 (LISTEN) uwsgi 2353 s 4u IPv4 3259 0t0 TCP localhost:8000 (LISTEN) uwsgi 2354 s 4u IPv4 3259 0t0 TCP localhost:8000 (LISTEN) uwsgi 2355 s 4u IPv4 3259 0t0 TCP localhost:8000 (LISTEN) Anyone have any other ideas how I can figure out what is blocking port 80? edit Paste of my /etc/init.d/nginx script here: http://dpaste.com/hold/400937/

  Read the article

• IIS URL Rewrite HTTP to HTTPS with Port

  - by Andy Arismendi

  My website has two bindings: 1000 and 1443 (port 80/443 are in use by another website on the same IIS instance). Port 1000 is HTTP, port 1443 is HTTPS. What I want to do is redirect any incoming request using "htt p://server:1000" to "htt ps://server:1443". I'm playing around with IIS 7 rewrite module 2.0 but I'm banging my head against the wall. Any insight is appreciated! BTW the rewrite configuration below works great with a site that has an HTTP binding on port 80 and HTTPS binding on port 443, but it doesn't work with my ports. P.S. My URLs intentionally have spaces because the 'spam prevention mechanism' kicked in. For some reason google login doesn't work anymore so I had to create an OpenID account (No Script could be the culprit). I'm not sure how to get XML to display nicely so I added spaces after the opening brackets. < ?xml version="1.0" encoding="utf-8"? < configuration < system.webServer < rewrite < rules < rule name="HTTP to HTTPS redirect" stopProcessing="true" < match url="(.*)" / < conditions trackAllCaptures="true" < add input="{HTTPS}" pattern="off" / < /conditions < action type="Redirect" redirectType="Found" url="htt ps: // {HTTP_HOST}/{R:1}" / < /rule < /rules < /rewrite < /system.webServer < /configuration

  Read the article

• SQL Server 2008: Can't connect to remote server via management studio but can telnet in fine

  - by WarpKid

  Hi, I am in the process of trying to configure SQL Server 2008 to accept remote connections. I have been through all the documentation I can find and yet when I attempt to connect through management studio I get an error stating that the server could not be found. Interestingly I can connect through telnet to the remote server via the port that sql server is listening on. In the SQL Server logs I can see the connection attempt. So SQL Server is up and running and listening on the correct port - no firewall blocking it. It would appear that by default SQL Server is listening on port 50314 by default but management studio attempts to connect on port 1433.Weird. Server Management Studio = no dice. Anyone got any ideas? Server is set to allow remote connections - TCP IP is enabled, firewall is off. Thanks UPDATE FOR TO CLEAR THINGS UP A BIT We are seeing the connection attempt when we telnet in on port 50314 in the sql server logs. When we login through management studio we see it attempting connection on port 1433. There is no sign of this connection attempt in the logs.

  Read the article

• SpamAssassin 2010 Bug still active on my mailserver despite the offending rule being fixed - where t

  - by Ibrahim

  The SpamAssassin 2010 bug was supposed to be fixed not long after the bug became widely known, and indeed the offending rule in my /usr/share/spamassassin/72_active.cf has been updated. However, incoming messages are still being tagged by this eg: X-Spam-Status: No, score=3.188 tagged_above=-999 required=6.31 tests=[BAYES_50=0.001, FH_DATE_PAST_20XX=3.188, SPF_PASS=-0.001] Here is the relevant rule: ##{ FH_DATE_PAST_20XX header FH_DATE_PAST_20XX Date =~ /20[2-9][0-9]/ [if-unset: 2006] describe FH_DATE_PAST_20XX The date is grossly in the future. ##} FH_DATE_PAST_20XX I'm on spamassassin/3.2.5-2+lenny1.1~volatile1 on Debian Lenny, completely up to date. Any pointers on where to look to figure out what's going on? I don't know anything about SpamAssassin; someone else usually manages this but I'm free right now and am trying to figure out what the problem is because it's been annoying us for a while and we only just realized this bug was still affecting us. Update: I've lowered the score for the FH_DATE_PAST20XX rule to 0.1, both in /etc/spamassassin/local.cf and /usr/share/spamassassin/50_scores.cf and it's still giving 3.188 points for this rule. Any idea what's going on? This really has me stumped. Update 2: It seems that after restarting amavisd, it's been fixed. What's the difference between amavisd and spamd? It seems like both should not be running, or something.

  Read the article

• SpamAssassin 2010 Bug still active on my mailserver despite the offending rule being fixed - where t

  - by Ibrahim

  The SpamAssassin 2010 bug was supposed to be fixed not long after the bug became widely known, and indeed the offending rule in my /usr/share/spamassassin/72_active.cf has been updated. However, incoming messages are still being tagged by this eg: X-Spam-Status: No, score=3.188 tagged_above=-999 required=6.31 tests=[BAYES_50=0.001, FH_DATE_PAST_20XX=3.188, SPF_PASS=-0.001] Here is the relevant rule: ##{ FH_DATE_PAST_20XX header FH_DATE_PAST_20XX Date =~ /20[2-9][0-9]/ [if-unset: 2006] describe FH_DATE_PAST_20XX The date is grossly in the future. ##} FH_DATE_PAST_20XX I'm on spamassassin/3.2.5-2+lenny1.1~volatile1 on Debian Lenny, completely up to date. Any pointers on where to look to figure out what's going on? I don't know anything about SpamAssassin; someone else usually manages this but I'm free right now and am trying to figure out what the problem is because it's been annoying us for a while and we only just realized this bug was still affecting us. Update: I've lowered the score for the FH_DATE_PAST20XX rule to 0.1, both in /etc/spamassassin/local.cf and /usr/share/spamassassin/50_scores.cf and it's still giving 3.188 points for this rule. Any idea what's going on? This really has me stumped. Update 2: It seems that after restarting amavisd, it's been fixed. What's the difference between amavisd and spamd? It seems like both should not be running, or something.

  Read the article

• Best Firewall product for hosting/housing environment?

  - by Raffael Luthiger

  I am searching for a firewall product (appliance or software) for an hosting/housing environment. The biggest problem is that the rules get very complex as more customers are behind the firewall. Some have only one server, others have a whole subnet. Some need NAT, some a VPN endpoint. Some customers want to only allow port http, others ssh as well. So the device needs to be able to support VLANs and it should be possible to group the rules per customer. Speed is another important point. And being able to manage redundant devices easily. I am searching for something that doesn't have all the extras like spam filter etc. I was searching a lot on the net but either they had all those extras as well (and with is an overloaded configuration interface) or they missed some of the features I need (e.g. VLAN). The VPN endpoint is not the an important criteria. We were thinking about a separate machine for it.

  Read the article

• Cygwin, ssh, and git on Windows Server 2008

  - by Paul

  Hi everyone. I'm trying to setup a git repository on an existing Windows 2008 (R2) server. I have successfully installed Cygwin & added git and ssh to the packages, and everything works perfectly (thanks to Mark for his article on it). I can ssh to localhost on the server, and I can do git operations locally on the server. When I try to do either from the client, however, I get the "port 22, Bad file number" error. Detailed SSH output is limited to this: OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 debug1: Connecting to {myserver} [{myserver}] port 22. debug1: connect to address {myserver} port 22: Attempt to connect timed out without establishing a connection ssh: connect to host {myserver} port 22: Bad file number Google tells me that this means I'm being blocked, usually, by a firewall. So, double-checked the firewall settings on the server, rule is there allowing port 22 traffic. I even tried turning off the firewall briefly, no change in behavior. I can ssh just fine from that client to other servers. The hosting company swears that there's no other firewalls blocking that server on port 22 (or any other port, they claim, but I find that hard to believe). I have another trouble ticket into them, just in case the first support person was full of it, but meanwhile I wanted to see if anyone could think of anything else it can be. Thanks, Paul

  Read the article

• What is the advantage of not running as root? [closed]

  - by Shmuel Brill

  Possible Duplicate: What's wrong with always being root? All modern brands of Linux highly discourage (or disable) one from running as root instead of a normal user. I do not understand why. As a "normal" user, one could Download a rouge program from the internet. Run it (After all, one isn't root, what can it do). It installs itself in .bashrc or .xinitrc It writes a rouge "sudo" and "su" and adds . to the path Not noticing that . is in path, one runs sudo. The rouge program now has root password and can do anything it wants in the system. Even if 3-6 doesn't happen, the program could still Be part of a botnet. Read all files in the home directory and send them back (mine for SS#, Credit Card numbers, bank account numbers, etc). Send spam. Run a backdoor server to allow an attacker a chance to connect to the machine to determine vulnerabilities. It seems that the whole "permissions" thing (root/non-root) is just to prevent amateur crackers from getting into the system, so the question is: Is there a point in avoiding running as root, and is there a way to protect oneself if one wants to run unsafe code?

  Read the article

• Setting up a PC for the Kids

  - by Martin Clarke

  I recently finished building a new PC from scratch; and then I decided to treat myself to a new widescreen monitor. I'm left with a bit of a conundrum with what to do with my old box. I'm considering a few options such as a file server, putting Linux on it, putting it elsewhere in the house or giving it to a member of the family and so on. But to be honest, I don't really think it would get much use. I've started thinking about putting together something for my kids. The oldest is coming up on 4 in a couple of months and he's used my PC and Macbook (supervised!) before for playing jigzaw puzzles, babysmash and so forth. He's also uses the computer at his nursery (Kindergarden for North Americans!). So, its got me thinking about setting something up for him (bonus for his brother who is 2). I was wondering what others had done when trying to put together something for their kids? Some points for consideration: Operating System? Software? Anti-virus Internet (probably blocking?) Hardware (I've seen some keyboards designed with kids in mind)

  Read the article

• iTunes Home Sharing only works one way between 2 WinXP PC's on the same LAN

  - by scunliffe

  Both PC's have the latest iTunes installed. PC (A) can "see" that there is a shared library "B library" but attempts to connect to it return this error message: The shared library "{Username}'s Library" is not responding (-3259) Check that any firewall software running on either the shared computer or this computer has been set to allow communication on port 3689. however the reverse works fine. e.g. PC (B) can "see" shared library "A library" and can access all content. Notes: Both PC's have Home Sharing enabled (turned off/on several times to verify). Both PC's have Windows Firewall turned on, but in the exceptions tab, iTunes is allowed, and Port 3689 is also added as a firewall exception (just in case) Both iTunes accounts have been "authorized" on both PC's Both PC's connect via LAN via D-Link DIR-615 router. In the advanced application rules, iTunes has also been added to allow traffic on port 3689 un-hindered. Is there any other magical setting/configuration option that I should be aware of and set in order to get this to work? I could care less about sharing apps etc. I just want the music sharing to work. Update: Solved! It turns out on PC (B) there were multiple accounts set up. 1 of the accounts had the checkbox checked under the windows firewall "On" option which states "No exceptions" thus even though it was added to the exception list on the main user account, this other account was blocking access.

  Read the article

• Integration of SharePoint 2010 with TFS2010

  - by Kabir Rao

  We have performed following steps as of now- Install TFS2010 10.0.30319.1 (RTM) on Windows Server 2008 R2 Enterprise(app tier) SQL 2008 SP1 with Cumulative update 2 on Windows Server 2008 R2 Enterprise(data tier) Reporting Service is installed on app tier. After this installation worked fine we installed SharePoint 2010 on app tier. After installation we followed http://blogs.msdn.com/b/team_foundation/archive/2010/03/06/configuring-sharepoint-server-2010-beta-for-dashboard-compatibility-with-tfs-2010-beta2-rc.aspx for configuration. We are not able to perform the last step described in the link as following error occured- TF249063: The following Web service is not available: http://apptier:31254/_vti_bin/TeamFoundationIntegrationService.asmx. This Web service is used for the Team Foundation Server Extensions for SharePoint Products. The underlying error is: The remote server returned an error: (404) Not Found.. Verify that the following URL points to a valid SharePoint Web application and that the application is available: http://apptier:31254. If the URL is correct and the Web application is operating normally, verify that a firewall is not blocking access to the Web application. We have also noticed that Document Folder in Team project also have red x. Please help. Thanks upfront.

  Read the article

• How to make DD-WRT router's (configured like a repeater) devices be accessible on LAN? (i.e. integrate DHCP for both routers)

  - by Annonomus Penguin

  I have a D-Link DIR-600-A1 router running DD-WRT (using the 601's firmware: except for the model number, they are near identical). It has an Atheros chip, so there is no "repeater" option. You can bypass this by setting the main radio as a client to the main router, and adding a virtual radio configured as an AP. You can then set up the credentials for connecting to the main router and allowing devices to connect to the repeater/router. I have a few devices on my network: Ethernet computers Server with Samba running WiFi devices connected to the main router I then wanted to add a repeater. I have a couple of other things on the repeater: WiFi Computer Other WiFi devices. Anyway, I wanted to connect my WiFi computer to the share on my server via Samba. However, for some reason, my router treats the main router as WAN, not another device. I've tried disabling the SPI firewall: However, that doesn't work. I've tried pinging my WiFi computer from my server. However, I can ping my server from my WiFi computer. AFAIK, they are on the same subset, just using different IPs: the main one uses 192.168.0.x and the repeater uses 192.168.1.x (starting at 100 for some reason). It seems as I need to configure my router(s) to work together for DHCP. I noticed there was a "DHCP forwarder" option, but I have no idea what that would do. A quick note: for some reason (that's beyond me) my ISP disabled the capability to bridge a WiFi to ethernet connection with the router they provide (something about PPPoE or similar...). The service rep I talked to when I was having issues after I changed ISPs said that, but they couldn't explain exactly what they were "blocking." How can I get DD-WRT to not treat the client connection as WAN and the router to recognize the devices connected to the repeater?

  Read the article

• WHS - Windows Update Failure

  - by Kyle B.

  Clicking "Update Now..." inside my EX470 control panel for Windows Update produces the following error message: "Windows Home Server updates installation can not complete. Please try again later. If the problem persists, please restart the server." I have rebooted the server numerous times, and I have also used remote desktop to connect to the machine to perform the update this way, however the browser is unable to pull up http://windowsupdate.microsoft.com. This is very strange behavior because I am able to access all other sites (gmail.com, serverfault.com, etc). Would it be possible for someone to explain to me how I can check to see what is blocking the connection of this device, which apparently has a valid internet connection, to the Microsoft Windows Update site? note #1 Using the shortcut: %SystemRoot%\system32\wupdmgr.exe does not work either. It says "Connecting to 65.55.200.155..." but nothing ever happens. This is strange because all other sites seem fine. Also, I can connect to windowsupdate.microsoft.com on my local desktop so I know this is running as well

  Read the article

• Identifying mail account used in CRAM-MD5 transaction

  - by ManiacZX

  I suppose this is one of those where the tool for identifying the problem is also the tool used for taking advantage of it. I have a mail server that I am seeing emails that spam is being sent through it. It is not an open relay, the messages in question are being sent by someone authenticating to the smtp with CRAM-MD5. However, the logs only capture the actual data passed, which has been hashed so I cannot see what user account is being used. My suspicion is a simple username/password combo or a user account's password has otherwise been compromised, but I cannot do much about it without knowing what user it is. Of course I can block the IP that is doing it, but that doesn't fix the real problem. I have both the CRAM-MD5 Base64 challenge string and the hashed client auth string containing the username, password and challenge string. I am looking for a way to either reverse this (which I haven't been able to find any information on) or otherwise I suppose I need a dictionary attack tool designed for CRAM-MD5 to run through two lists, one for username and one for password and the constant of the challenge string until it finds a matching result of the authentication string I have logged. Any information on reversing using the data I have logged, a tool to identify it or any alternative methods you have used for this situation would be greatly appreciated.

  Read the article

• Amazon AWS Ec2 instance, Elastic IP, Domain name from external domainseller, and Google Apps for Email

  - by Sid

  We are hosting our site on an Ec2 instance. Our Elastic IP is w.x.y.z and Public DNS is: ec2-w-x-y-z.compute-1.amazonaws.com. We've bought a domain name domainname.com from a lesser known domain-name-seller. We added an A-record pointing domainname.com to w.x.y.z. Will this work or do we need a CNAME record to point to the same too? We wanted to use Google apps for emailing so adjusted the TXT/MX records according to the Google Apps instructions to be able to send/recv email using @domainname.com email addresses. Have we got it right, more important, we came across queries relating to email sent from ec2-w-x-y-z.compute-1.amazonaws.com (our users can send email from their onsite accounts) going to spam (rDNS not pointing to domainname.com but to ec2-w-x-y-z.compute-1.amazonaws.com). How can we fix this? We came across SPF records, do they provide a complete solution? We aren't sure as to how to use them. Can you help pls? Thank you, Sid

  Read the article

• do not require smtp authentication for a specific domain using hMail server

  - by toryan

  One of my clients has a needlessly complex e-mail setup for a couple of domains, which is causing problems when they try to send e-mail between them. They have a couple of domains where mail follows a slightly weird path: Users connect to an Exchange server to send e-mail The exchange server relays the message to an ISP-owned SMTP server as a smart host The ISPs server delivers the mail to the mail exchanger specified in DNS The mail exchanger is another server that runs hMailServer The Exchange server connects to the hMail server via POP3 and retrieves the messages. The problem arises when they send mail between addresses in the same domain, or two addresses that are present on the hMail server. hMail requires SMTP authentication when sending from local to local addresses, so the messages don't arrive. Removing SMTP authentication isn't really an option, as the server has been the target of spam being sent from spoofed local addresses. SMTP authentication prevents this. It is possible to add the ISP's mail server as an IP range with specific rules, but this seems inelegant. Bearing in mind I only have access to the hMail server and not the Exchange server, is there a better way of going about this?

  Read the article

• Odd IIS FTP Failure

  - by Monkey Boson

  We're running a script on our production box that zips up our database and FTPs it to a backup box every night. Our production box is running Redhat Enterprise 5. Our backup box is running Windows XP Pro / IIS 5.1. Both machines are on the same VLAN (not sure if this is imporatant). The backup file usually clocks in at around 3GB. Every now and again (~5% of the time), the backup script fails. The shell script on the "client side" - which looks at return codes - never identifies any problem since ftp always returns 0. On the "server side", IIS writes out a log that looks like this: #Software: Microsoft Internet Information Services 5.1 #Version: 1.0 #Date: 2009-08-08 07:04:25 #Fields: time c-ip cs-method cs-uri-stem sc-status sc-win32-status 07:04:25 192.168.111.235 [15]USER backup 331 0 07:04:25 192.168.111.235 [15]PASS - 230 0 07:05:54 192.168.111.235 [15]created backup_20090808.zip 426 10035 07:06:16 192.168.111.235 [15]QUIT - 426 0 Now, I know that 426 means "Connection closed, transfer aborted", which is sort-of a catch-all for "IIS was not happy". The real puzzler is the wincode: 10035 (WSAEWOULDBLOCK -- Resource temporarily unavailable). My understanding is that this code is normal when using non-blocking socket calls - which would almost certainly be used by any FTP Server implementation. My first guess that it might be a timeout issue doesn't make sense, since we're only talking about a few minutes here and the timeout was left at the default 900 s. Does anybody have any ideas about what is causing this problem, and how it may be fixed? Thanks!

  Read the article

• Could this server log mean my server is being used as a proxy?

  - by So Over It

  I came across the following entry in my access.log: 58.218.199.147 - - [05/Jun/2012:12:56:04 +1000] "GET http://proxyproxys.com/ HTTP/1.1" 200 183 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" Normally when I see a full URL entry in my access.log I assume it is log spam with people trying to get me to access their site. These entries are normally followed with a 404 response. The above entry is followed with a 200 'success' response! Doing some searching it would seem that this can occur when someone is trying to use your server as a proxy. This disturbed me more - especially because the URL in question has the word proxy in it. Going to the site 'proxyproxys.com' (using hidemyass.com to protect my own identity), the site returns what appears to be some sort of 'proxy judge' ---------------------------------------- HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_LANGUAGE=en-US,en;q=0.8 HTTP_USER_AGENT=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.53 Safari/536.5 HTTP_CONNECTION=close REMOTE_PORT=56355 REMOTE_HOST=74.63.112.142 REMOTE_ADDR=74.63.112.142 ---------------------------------------- CS_ProxyJudge Result=HIGH_ANONYMITY ---------------------------------------- Question: 1) does the 200 success mean that someone has been able to successfully use my server as a proxy? 2) are there other means of confirming if my server is being used as a proxy 3) can you refer me to documentation to help 'close up' my security gap if there is one. Thanks.

  Read the article

• System Idle Process network traffic?-Updated

  - by Moab

  I was using NetBalancer and noticed network traffic on an unidentified service, but when I highlight it and then go to the lower center pane and click the parent process it says it is the System Idle process, it is showing incoming and outgoing traffic in the upper pane, anyone know why this Windows System Idle Process is talking on the network? Windows 7 HP 64bit . . . Edit, after blocking the traffic for that unidentified Service I checked my event viewer (Windows LogsSystem) and found 3 new events that were never recorded before and matched the time I blocked the traffic. So is this part of the Windows local DNS cache? Event ID 1014 DNS Client Events Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded. dns.msftncsi.com Name resolution for the name wpad.home timed out after none of the configured DNS servers responded. wpad Name resolution for the name mscrl.microsoft.com timed out after none of the configured DNS servers responded. mscrl.microsoft.com . Then My Web Browser refused to work, I re-enabled the traffic and all returned to normal. .

  Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >