Sudden Increase In Failusre Due To Pre-Greeting Traffic

I have been running the same sendmail config (FreeBSD 4.11-stable,
sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
a spike in failures due to pre-greeting traffic.  Many of these are
from "legitimate" domains like earthlink and verizon mail server.
Is there something new afoot that might explain this?


-- 
----------------------------------------------------------------------------
Tim Daneliuk     tundra@tundraware.com
PGP Key:         http://www.tundraware.com/PGP/
0
tundra (295)
2/24/2007 7:50:50 AM
comp.mail.sendmail 13477 articles. 2 followers. jfretby (35) is leader. Post Follow

8 Replies
429 Views

Similar Articles

[PageSpeed] 7
Tim Daneliuk <tundra@tundraware.com> writes:

> I have been running the same sendmail config (FreeBSD 4.11-stable,
> sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
> a spike in failures due to pre-greeting traffic.  Many of these are
> from "legitimate" domains like earthlink and verizon mail server.
> Is there something new afoot that might explain this?

0) Have you tried to correlate greeting reject with CBL.abuseat.org
listings? [ when rejected and 2 hours later to give more time for listing]

1) Could you post 5-6 (fresh) names *you* consider to be legitimate?

Would be explanations worth to be checked first:
* new malvare/viral spamvare
* new release of some more popular MTA

-- 
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
http://anfi.homeunix.net/sendmail/ [orkut,linkedin,xing]
0
anfi2 (1425)
2/24/2007 9:08:35 AM
Tim Daneliuk wrote:
> I have been running the same sendmail config (FreeBSD 4.11-stable,
> sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
> a spike in failures due to pre-greeting traffic.  Many of these are
> from "legitimate" domains like earthlink and verizon mail server.
> Is there something new afoot that might explain this?
> 
> 

I have been gathering information that suggests some of the big houses 
are not playing well with greet-pause or greylisting. So far it's just a 
suggestion, not conclusive, but the evidence is growing.

dp
0
dennispe (388)
2/24/2007 7:25:48 PM
Andrzej Adam Filip wrote:
> Tim Daneliuk <tundra@tundraware.com> writes:
> 
>> I have been running the same sendmail config (FreeBSD 4.11-stable,
>> sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
>> a spike in failures due to pre-greeting traffic.  Many of these are
>> from "legitimate" domains like earthlink and verizon mail server.
>> Is there something new afoot that might explain this?
> 
> 0) Have you tried to correlate greeting reject with CBL.abuseat.org
> listings? [ when rejected and 2 hours later to give more time for listing]

I am not aware of this site.  I will investigate.
> 
> 1) Could you post 5-6 (fresh) names *you* consider to be legitimate?

Here are a few (of many):

Feb 24 00:05:45 eskimo sm-mta-in[16656]: l1O64grE016656: rejecting commands from iris.acsalaska.net [209.112.173.229] due to pre-greeting traffic
Feb 24 00:07:00 eskimo sm-mta-in[16664]: l1O65vYc016664: rejecting commands from mxpool19.ebay.com [66.135.197.25] due to pre-greeting traffic
Feb 24 02:29:41 eskimo sm-mta-in[998]: l1O8Sc2S000998: rejecting commands from outbound-sin.frontbridge.com [207.46.51.80] due to pre-greeting traffic
Feb 24 05:45:46 eskimo sm-mta-in[5454]: l1OBihpc005454: rejecting commands from mail2.fsys.co.uk [193.82.139.31] due to pre-greeting traffic

Of course, there are many more that are obviously compromised machines sitting at the
end of DSL and cable modem links and greet_pause is doing its job as expected there.

Here's one I turned greet_pause off for and now I get:

Feb 24 13:20:20 eskimo sm-mta-in[12972]: l1OJJGR7012972: sv18pub.verizon.net [206.46.252.154] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA



> Would be explanations worth to be checked first:
> * new malvare/viral spamvare
> * new release of some more popular MTA
> 


-- 
----------------------------------------------------------------------------
Tim Daneliuk     tundra@tundraware.com
PGP Key:         http://www.tundraware.com/PGP/
0
tundra (295)
2/24/2007 7:26:22 PM
In article <64g6b4-0nc.ln1@eskimo.tundraware.com>,
 Tim Daneliuk <tundra@tundraware.com> wrote:

> Andrzej Adam Filip wrote:
> > Tim Daneliuk <tundra@tundraware.com> writes:
> > 
> >> I have been running the same sendmail config (FreeBSD 4.11-stable,
> >> sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
> >> a spike in failures due to pre-greeting traffic.  Many of these are
> >> from "legitimate" domains like earthlink and verizon mail server.
> >> Is there something new afoot that might explain this?
> > 
> > 0) Have you tried to correlate greeting reject with CBL.abuseat.org
> > listings? [ when rejected and 2 hours later to give more time for listing]
> 
> I am not aware of this site.  I will investigate.
> > 
> > 1) Could you post 5-6 (fresh) names *you* consider to be legitimate?
> 
> Here are a few (of many):
> 
> Feb 24 00:05:45 eskimo sm-mta-in[16656]: l1O64grE016656: rejecting commands 
> from iris.acsalaska.net [209.112.173.229] due to pre-greeting traffic
> Feb 24 00:07:00 eskimo sm-mta-in[16664]: l1O65vYc016664: rejecting commands 
> from mxpool19.ebay.com [66.135.197.25] due to pre-greeting traffic
> Feb 24 02:29:41 eskimo sm-mta-in[998]: l1O8Sc2S000998: rejecting commands 
> from outbound-sin.frontbridge.com [207.46.51.80] due to pre-greeting traffic
> Feb 24 05:45:46 eskimo sm-mta-in[5454]: l1OBihpc005454: rejecting commands 
> from mail2.fsys.co.uk [193.82.139.31] due to pre-greeting traffic
> 
> Of course, there are many more that are obviously compromised machines 
> sitting at the
> end of DSL and cable modem links and greet_pause is doing its job as expected 
> there.
> 
> Here's one I turned greet_pause off for and now I get:
> 
> Feb 24 13:20:20 eskimo sm-mta-in[12972]: l1OJJGR7012972: sv18pub.verizon.net 
> [206.46.252.154] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

That's one of the machines that does dictionary attacks for the benefit 
of Verizon's spam detection systems, offloading their costs to every 
domain owner who ever has an address forged into mail sent to VZ users. 
Drop packets from the /24 and you'll be better off. (you won't be able 
to mail VZ addresses either, but you might find that less of a problem 
than it sounds.)


More to your point: the GreetPause detection logs sessions that are 
closed by the client before the greeting identically to fast talkers. A 
lot of sites running qmail and derivatives seem to like very short 
banner timeouts, and so will show up as fast-talkers. If your system 
overloaded and bannering slow because of load issues, you will see a lot 
of legit sites logged. Shaw and MessageLabs are other examples.

-- 
Now where did I hide that website...
0
bill123 (477)
2/25/2007 12:57:42 AM
Bill Cole wrote:
> In article <64g6b4-0nc.ln1@eskimo.tundraware.com>,
>  Tim Daneliuk <tundra@tundraware.com> wrote:
> 
>> Andrzej Adam Filip wrote:
>>> Tim Daneliuk <tundra@tundraware.com> writes:
>>>
>>>> I have been running the same sendmail config (FreeBSD 4.11-stable,
>>>> sendmail 8.13.8) for many months with no problem.  I am suddenly seeing
>>>> a spike in failures due to pre-greeting traffic.  Many of these are
>>>> from "legitimate" domains like earthlink and verizon mail server.
>>>> Is there something new afoot that might explain this?
>>> 0) Have you tried to correlate greeting reject with CBL.abuseat.org
>>> listings? [ when rejected and 2 hours later to give more time for listing]
>> I am not aware of this site.  I will investigate.
>>> 1) Could you post 5-6 (fresh) names *you* consider to be legitimate?
>> Here are a few (of many):
>>
>> Feb 24 00:05:45 eskimo sm-mta-in[16656]: l1O64grE016656: rejecting commands 
>> from iris.acsalaska.net [209.112.173.229] due to pre-greeting traffic
>> Feb 24 00:07:00 eskimo sm-mta-in[16664]: l1O65vYc016664: rejecting commands 
>> from mxpool19.ebay.com [66.135.197.25] due to pre-greeting traffic
>> Feb 24 02:29:41 eskimo sm-mta-in[998]: l1O8Sc2S000998: rejecting commands 
>> from outbound-sin.frontbridge.com [207.46.51.80] due to pre-greeting traffic
>> Feb 24 05:45:46 eskimo sm-mta-in[5454]: l1OBihpc005454: rejecting commands 
>> from mail2.fsys.co.uk [193.82.139.31] due to pre-greeting traffic
>>
>> Of course, there are many more that are obviously compromised machines 
>> sitting at the
>> end of DSL and cable modem links and greet_pause is doing its job as expected 
>> there.
>>
>> Here's one I turned greet_pause off for and now I get:
>>
>> Feb 24 13:20:20 eskimo sm-mta-in[12972]: l1OJJGR7012972: sv18pub.verizon.net 
>> [206.46.252.154] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
> 
> That's one of the machines that does dictionary attacks for the benefit 
> of Verizon's spam detection systems, offloading their costs to every 
> domain owner who ever has an address forged into mail sent to VZ users. 
> Drop packets from the /24 and you'll be better off. (you won't be able 
> to mail VZ addresses either, but you might find that less of a problem 
> than it sounds.)
> 
> 
> More to your point: the GreetPause detection logs sessions that are 
> closed by the client before the greeting identically to fast talkers. A 
> lot of sites running qmail and derivatives seem to like very short 
> banner timeouts, and so will show up as fast-talkers. If your system 
> overloaded and bannering slow because of load issues, you will see a lot 
> of legit sites logged. Shaw and MessageLabs are other examples.
> 

Thanks for the insight.  I may have to disable greet_pause and depend on higher
level services for spam supression.  As much as I would like to clobber all
non-conforming external sites, users of this system expect connectivity before
spam supression (and of course, complain about the spam they do get)...

-- 
----------------------------------------------------------------------------
Tim Daneliuk     tundra@tundraware.com
PGP Key:         http://www.tundraware.com/PGP/
0
tundra (295)
2/25/2007 7:11:16 AM
In article <sdp7b4-6vq.ln1@eskimo.tundraware.com>,
 Tim Daneliuk <tundra@tundraware.com> wrote:

> Bill Cole wrote:
[...]
> > More to your point: the GreetPause detection logs sessions that are 
> > closed by the client before the greeting identically to fast talkers. A 
> > lot of sites running qmail and derivatives seem to like very short 
> > banner timeouts, and so will show up as fast-talkers. If your system 
> > overloaded and bannering slow because of load issues, you will see a lot 
> > of legit sites logged. Shaw and MessageLabs are other examples.
> > 
> 
> Thanks for the insight.  I may have to disable greet_pause and depend on 
> higher
> level services for spam supression.  As much as I would like to clobber all
> non-conforming external sites, users of this system expect connectivity 
> before
> spam supression (and of course, complain about the spam they do get)...

Disabling GreetPause altogether is not necessary or even terribly 
useful. You can tune behavior per-site in the access map if you like, 
but in the final analysis you won't get much behavioral change from 
legit senders by disabling the GreetPause unless you have it set to 
something absurdly high (e.g. I have seen sites set it to 30 seconds, 
which is a recipe for disaster.)

-- 
Now where did I hide that website...
0
bill123 (477)
2/25/2007 5:25:06 PM
Bill Cole wrote:
> In article <sdp7b4-6vq.ln1@eskimo.tundraware.com>,
>  Tim Daneliuk <tundra@tundraware.com> wrote:
> 
>> Bill Cole wrote:
> [...]
>>> More to your point: the GreetPause detection logs sessions that are 
>>> closed by the client before the greeting identically to fast talkers. A 
>>> lot of sites running qmail and derivatives seem to like very short 
>>> banner timeouts, and so will show up as fast-talkers. If your system 
>>> overloaded and bannering slow because of load issues, you will see a lot 
>>> of legit sites logged. Shaw and MessageLabs are other examples.
>>>
>> Thanks for the insight.  I may have to disable greet_pause and depend on 
>> higher
>> level services for spam supression.  As much as I would like to clobber all
>> non-conforming external sites, users of this system expect connectivity 
>> before
>> spam supression (and of course, complain about the spam they do get)...
> 
> Disabling GreetPause altogether is not necessary or even terribly 
> useful. You can tune behavior per-site in the access map if you like, 
> but in the final analysis you won't get much behavioral change from 
> legit senders by disabling the GreetPause unless you have it set to 
> something absurdly high (e.g. I have seen sites set it to 30 seconds, 
> which is a recipe for disaster.)
> 

Maybe I don't understand the feature well then.  My understanding is that
if GreetPause is enabled and triggered by a particular site, that mail
transaction is discarded.  If I disable it (on a per-site or global basis)
then sites "behaving badly" will at least be able to attempt the mail
delivery.  I have already done this on a per-site basis for the ones I know
about, but as the number of MTAs doing this rises it becomes impossible to
administer it manually.  At some point, it's just easier to let 'em all
babble away and use some higher-level service like SpamAssassin to clobber
the bad guys.  If GreetPause were only being triggered by badly configured
or compromised machines this would be a non-issue, but the fact that
legitimate mail hosts are doing this makes it kind of a pain.

-- 
----------------------------------------------------------------------------
Tim Daneliuk     tundra@tundraware.com
PGP Key:         http://www.tundraware.com/PGP/
0
tundra (295)
2/25/2007 6:13:23 PM
In article <b709b4-fs51.ln1@eskimo.tundraware.com>,
 Tim Daneliuk <tundra@tundraware.com> wrote:

> Bill Cole wrote:
> > In article <sdp7b4-6vq.ln1@eskimo.tundraware.com>,
> >  Tim Daneliuk <tundra@tundraware.com> wrote:
> > 
> >> Bill Cole wrote:
> > [...]
> >>> More to your point: the GreetPause detection logs sessions that are 
> >>> closed by the client before the greeting identically to fast talkers. A 
> >>> lot of sites running qmail and derivatives seem to like very short 
> >>> banner timeouts, and so will show up as fast-talkers. If your system 
> >>> overloaded and bannering slow because of load issues, you will see a lot 
> >>> of legit sites logged. Shaw and MessageLabs are other examples.
> >>>
> >> Thanks for the insight.  I may have to disable greet_pause and depend on 
> >> higher
> >> level services for spam supression.  As much as I would like to clobber all
> >> non-conforming external sites, users of this system expect connectivity 
> >> before
> >> spam supression (and of course, complain about the spam they do get)...
> > 
> > Disabling GreetPause altogether is not necessary or even terribly 
> > useful. You can tune behavior per-site in the access map if you like, 
> > but in the final analysis you won't get much behavioral change from 
> > legit senders by disabling the GreetPause unless you have it set to 
> > something absurdly high (e.g. I have seen sites set it to 30 seconds, 
> > which is a recipe for disaster.)
> > 
> 
> Maybe I don't understand the feature well then.  My understanding is that
> if GreetPause is enabled and triggered by a particular site, that mail
> transaction is discarded.  

Yes, but the sites that you see logged as triggering it may only be 
doing so by saying "QUIT" or even just sending a TCP close packet 
because you are too slow in responding. As you noted, disabling it for 
one host got you this:

>> Feb 24 13:20:20 eskimo sm-mta-in[12972]: l1OJJGR7012972: 
sv18pub.verizon.net 
>> [206.46.252.154] did not issue MAIL/EXPN/VRFY/ETRN during connection 
to MTA

That means they dropped the connection without doing anything. 
Legitimate MTA's don't actually try to push the SMTP session before the 
banner, but they do sometimes display impatience and simply go away. 
Slow response from sendmail is not only the result of the GreetPause 
feature, and it should take other factors to make make response so slow 
as to have a large number of sites time out. 

> If I disable it (on a per-site or global basis)
> then sites "behaving badly" will at least be able to attempt the mail
> delivery.  I have already done this on a per-site basis for the ones I know
> about, but as the number of MTAs doing this rises it becomes impossible to
> administer it manually. 

For those that continue to do as the cited Verizon host did, you are not 
going to be getting any improvement from selective or total removal of 
GreetPause. 

I've been through this process and found that the hosts that triggered a 
5-second GreetPause showed no improvement or only  marginal improvement 
when exempted. I only got significant improvement from eliminating other 
things that caused Sendmail to respond slowly (notably the DelayLA 
setting, but also eliminating other loads on the host.) 

> At some point, it's just easier to let 'em all
> babble away and use some higher-level service like SpamAssassin to clobber
> the bad guys.  

That very much depends on your available CPU and memory. SA is much more 
demanding than 

> If GreetPause were only being triggered by badly configured
> or compromised machines this would be a non-issue, but the fact that
> legitimate mail hosts are doing this makes it kind of a pain.

They *are* badly configured, unless you've made a huge mistake with 
GreetPause or other Sendmail load tuning that is causing very long 
delays. RFC821 and RFC2821 specify minimum timeouts, and as far as I've 
been able to see, the legit sites that have problems are all more 
impatient than the standard says they should be. 

How tolerable degraded service with misconfigured but generally 
legitimate sites is in your particular circumstance is something only 
you can decide, but dropping the greeting pause is not likely to affect 
the degradation in any major way.

-- 
Now where did I hide that website...
0
bill123 (477)
2/25/2007 7:41:39 PM
Reply:
Similar Artilces:

Xebec 'Trustor' 30MB Drive
I have a couple of Xebec Trustor drives, these are pre-Sider manufactured, though actually the date codes on them overlap that of what I have in the Sider collection too. The one in question, after fixing the controller card issue I found, I am able to still only access the drive and get an immediate I/O error. Patching DOS 3.3 and going in from the outside produces the same result on any of the (estimated) volumes within the drive. The Trustor is very similar to the Sider except that the Sider is a more completed product for the simpler end-user, where as the Trustor required some knowledg...

Materiazed View Sorting cost increasing
Sorting is taking time in Materialized view. You can see below, here sorting is taking time. Is there any way I can stop sorting or make it fast. SQL> CREATE MATERIALIZED VIEW "MCC_CATALOG_2"."REL_SYS_NAME_IPPSYSNAM" 2 BUILD IMMEDIATE 3 REFRESH FORCE with rowid 4 ENABLE QUERY REWRITE 5 AS 6 SELECT IPP_SYSTEM_NAME FROM MCC_CATALOG_2.RELEASE_SYSTEM_NAME where IPP_SYSTEM_NAME is not null; Materialized view created. Elapsed: 00:00:10.09 SQL> explain plan for 2 select distinct IPP_SYSTEM_NAME FROM MCC_CATALOG_2.RELEASE_SYSTEM_NAME; Explained. Elapse...

my junit test fails due to "took longer than 10.0 seconds and therefore failed"
Hi, I have a junit test which runs 60 years data (the testing purpose is to make sure the program can handle long period computation). But recently, this test occasionally fails. (We develop on linux). When the machine is busy, this test fails, with the error message: "The run for xxxx took longer than 10.0 seconds and therefore failed". This problem happens from running in Eclipse or on terminal using ant. Can you help me on that? Thank you very much. On 4/8/2010 11:03 AM, www wrote: > Hi, > > I have a junit test which runs 60 years data (the test...

All of a sudden I cannot send some email using Gmail's SMTP server
Apple Mail with Google Apps (different from Gmail) IMAP on a mid-2007 24" iMac running 10.5.5. Suddenly I cannot send certain email. It's random as to which. No discernable pattern. I've tried restoring Mail's settings and folders from a TM backup a few days ago when things were working. No good. Is there ANY way to contact Google? I can't find a way. TIA, Jamie Kahn Genet -- If you're not part of the solution, you're part of the precipitate. Jamie Kahn Genet <jamiekg@wizardling.geek.nz> wrote: > Apple Mail with Google Apps (different from Gmail) I...

ftp client suddenly dont work..
Must have been an upgrade somewhere..both machines Debian lenny/etch no longer ftp out correctly without having to be put into passive mode. Now I have changed routers but surely a NAT router understands active FTP? Or if not, surely the old ones didn't either? Yes, I can type pftp or ftp -p instead, but is there a way to make ftp client passive by DEFAULT The Natural Philosopher : > Must have been an upgrade somewhere..both machines Debian lenny/etch no > longer ftp out correctly without having to be put into passive mode. > > Now I have changed routers but surely a NAT...

Cisco 1600 Traffic Throughput
Hi We have a CISCO 1600 router connected to a 64Kbps kilosteram line. it is running IOS 12.0 (6) What I want to find out is how much traffic goes through the router to the WAN interface for a set period of time Can any one tell me if this can be done? Thanks In article <fmsae0d0q8jaielqglpk3rp0t8e7dhk2lh@4ax.com>, rc <rawnakc@> wrote: :We have a CISCO 1600 router connected to a 64Kbps kilosteram line. it :is running IOS 12.0 (6) :What I want to find out is how much traffic goes through the router to :the WAN interface for a set period of time :Can any one tell me if...

The monitor will go blank all of a sudden
Hello, I have a Philips monitor and a windowsxp system. The monitor from time to time will go blank all of a sudden while I'm in the middle of doing something. Nothing can be done to get the display back. However, if I leave it this way for an indefinite while, the screen may resume normal display again. There's nothing I can do myself to gain the display back apart from rebooting. So what's wrong with my pc? What can I do? Herbert As a long shot, try turn off any power saving features in the operating system and the bios. Otherwise I would assume that the monitor or gra...

Exit from macro do loop due to errors in proc nlmixed
Hi, I am doing a simulation with a macro do-loop and proc nlmixed within the loop. When an error like floting point overflow occurred in proc nlmixed, SAS exited from the macro do-loop. Is there anyway to let it to go to the next circle rather than to abort? Many thanks Jason ...

Increase stack size in eclipse cdt
Hi, I am starting to use eclipse cdt and compile an old application without problems. But can not run it, because I need to increase the stack size. In linux I do it through the operating system through ulimit -s unlimited but now I am working on windows with cygwin, and I dont see any similar thing in windows xp or cygwin. So it is possible to use some compilation option in cygwin so the generated executable has bigger stack or another way so i solve my problem ? Thanks in advance Horacius ReX <horacius.rex@gmail.com> writes: > I am starting to use eclipse cdt and compile an ol...

[rfc-dist] RFC 5392 on OSPF Extensions in Support of Inter-Autonomous System (AS) MPLS and GMPLS Traffic Engineering
A new Request for Comments is now available in online RFC libraries. RFC 5392 Title: OSPF Extensions in Support of Inter-Autonomous System (AS) MPLS and GMPLS Traffic Engineering Author: M. Chen, R. Zhang, X. Duan Status: Standards Track Date: January 2009 Mailbox: mach@huawei.com, zhangrenhai@huawei.com, duanxiaodong@chinamobile.com Pages: 17 Characters: 38690 Updates/Obsoletes/SeeAl...

And suddenly, on the floor...
I was working in a perfect shit hole in Canning Town last week, demolishing a set of garages. This area is part of a regeneration project which has been emptied of tenants and left to gangs of feral youths who roam around looking for innocents to beat up. For anyone from the uk who has been following the story in the papers this week of the father who was shot 4 times by a revolting little thug and died in front of his wife and son in a pool of blood, well, it's just around the corner from there. Anyway (there's a point to all this you'll be disappointed to know), I&#...

[ANN] OSXnews Beta 1 pre 25
As school nears an end, the development speeds up :) Notes: resolved some issues with the line wrapping after a few bug reports also fixed the threading to improve it even more. It is almost perfect at this point. Changes: there was a problem with line wapping. It was grabling some repiled text. This issue has now been resolved. I have used it for a few days now without any problems. I think the line wrapping matter has been settled :) OSXnews is a free Cocoa NNTP newsreader for OSX. you can get source and binaries at: http://osxnews.sf.net -Anu -- =============== Anurodh Pokharel anuro...

Increase atm output queue on Cisco 837
Hello, I search how to increase the size of the ATM output queue (0/40 by default) on a cisco 837. Thanks for your reply ! ...

Mail filtering rules have suddenly stopped working
I have rules to filter all messages to the "saved mail" folder when closing pegasus, but they have suddenly stopped working. I had this same problem about three years ago and someone here was able to tell me how to fix this. Trouble is, I have forgotten what the fix was and now cannot find the reply. Can anyone hepl? Thanks, -- Muskrat. gyueiw502#sneakemailmoc. To reply by e-mail:- Replace:- "#" with "@" and "moc." with ".com". ...

Sudden Serious Malfunction
This happened today, using Pegasus mail 4.41 under Windows 93SE. I was doing other things while Pegasus downloaded my mail in the background. When all the mail was downloaded, I went back to Pegasus by clicking on it in the Windows taskbar, and it wouldn't open. I finally did control-alt-delete and Windows showed that it was "not responding." So I clicked on "End task" and closed it. When I reopened it, I found that I had, as the first message in my New Mail box, a message of about 900M with gibberish characters as Sender and Subject, checked as having been...

Why suddenly this warning?
Dear all, I have written a small macro (SAS 8.2) to find out common variables between 2 SAS Data Sets. The macro in the past also did his job! But I am suddenly getting this warning: WARNING: Apparent symbolic reference COMMON not resolved. What is suddenly wrong with the syntax? %macro same_var(d1= ,d2=); proc sql noprint; select trimn (x.name) into:common separated by ' ' from sashelp.vcolumn x, sashelp.vcolumn y where x.libname = upcase ('work') and y.libname = upcase ('work') ...

Increasing black level on IP5000 and other pixmas?
What would be the best way to increase the amount of black ink used from the black cartridge of an IP5000 to increase the overall contrast of a print? The 100g/m paper I'm using has trouble reproducing deep enough blacks, so I would like to increase the amount of black ink used. Yeah, I know someone is going to reply with 'buy better paper' to this question, but to be honest I'm not looking for a huge black increase and I'd rather not buy much more expensive paper because I have quite a few pictures to print out. TIA "Hg" <hg@gh.hg> wrote in...

Taskbar disappears all of a sudden.
Hi, Anyone noticed that taskbar in KDE 3.4 will disappear all of a sudden? I'm pretty sure that I didnt click on anything in particular. It can happen anytime: For eg: Surfing the net with firefox; Reading a PDF file; typing a doc in Kword, etc etc The taskbar can just suddenly vanish. Anyone encounter the same problem? I'm on Slackware 10.2 w/ KDE 3.4. Regards, Steven. On 12/17/05 16:01, stevong wrote: > Anyone noticed that taskbar in KDE 3.4 will disappear all of a sudden? > I'm pretty sure that I didnt click on anything in particular. > > It can happen anyt...

Greeting Cards Earn Part time....
Hey guyz " This one is quite Cool "..!!! Cool Amazging toolbar for your browser....Send cool Greeting cards...,smiley center...n much more n All Free!!! Amazed hmmmn ...??? Atleast try it...!!!! N see the change in your Web browsing !!! Free Greeting cards! - http://surl.in/HLFCI268591UXYDPMK-google Play Online Games...Very Easy to Play....Win Amazing prizes...daily prizes...ipods, digicam etc!!! Play n Win....All Free.....Grab dem early.... Play Free Games! Win Cool Prizes! - http://surl.in/HLARI268591UXYDPMK-google Your apna forum...much like orkut but better then that...Join n...

How to increase logging level of Milter
With the help of some code posted here, I modified the sample milter (included in the distribution) to reject messages that contain cettain types of attachments. The milter works. It bounces messages that contain the banned attachemnts with my defined error message. The log file looks like this: Oct 1 08:24:46 questnet sendmail[15933]: h91CNgqM015933: Milter: data, reject=554 5.7.0 We are not accepting emails with attachments of this type I am currently using delay_checks, so if my access database or any of the RBL's that I am using reject a message, the log file shows the sender an...

for generation of random numbers in increasing order
i am working on a code to create a wsn network. in this code, rand('state',0) l=1000; x=(rand('state',0)*l); rand('state',0) generates this output, 0.0579 0.3529 0.8132 0.0099 0.1389 0.2028 0.1987 0.6038 0.2722 0.1988 but (rand('state',0)*l) produces the following output, 838.1184 19.6395 681.2772 379.4810 831.7960 502.8129 709.4714 428.8924 304.6174 189.6537 this is not ordinary multiplication of rand('state',0) and l, does anypone knows what happens here? actually for my program, i want the generat...

Increase upload speed?
Is there a setting in Eudora to help increase the upload speed? My internet upload speed is over 12 Mbps, yet there seems to be a bottleneck when uploading files with Eudora. Thanks! On Tue, 14 Oct 2014 16:13:15 -0500, Barney <Leica@Leica.com> wrote: >Is there a setting in Eudora to help increase the upload speed? > > >My internet upload speed is over 12 Mbps, yet there seems to be a >bottleneck when uploading files with Eudora. I doubt it's Eudora, it's likely your mail server. Does the same bottleneck exist with other mail clients?...

[News] Survey Finds Increasing GNU/Linux User in the Enterprise
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vista Adoption going no-where, IT considering Linux and Mac instead ,----[ Quote ] | KACE, a systems management appliance company, announced that their recent | survey of IT administrators showed that 60 percent of them have no plans to | deploy Vista. That’s almost 10% more turning their backs on Vista then in | KACE’s last survey in November 2007 . According to the company press | release, “42 percent of them said they would consider deployment of | alternative operating systems, such as Mac OS and Linux, in order to avoid a | migration t...

DOD battles increasingly virulent cyberattacks
http://www.fcw.com/article97281-01-08-07-Print DOD battles increasingly virulent cyberattacks DOD attempts to fight spear phishing scams BY Bob Brewin and Josh Rogin Published on Jan. 8, 2007 Related Links DOD battles spear phishing DOD bars use of HTML e-mail, Outlook Web access Find more related news in the technology section. ----------------------------------------------------------------------- - FCW.com job search Hot Topics Find events presentations, source documents and other online resources on the Defense Hot Topic page. Vendor Solutions Find white papers, vendor present...

slow TCP connections due to very different speed of segments?
Hello group/list, I've checked the FAQ but I couldn't find any reference to this issue. Our campus LAN is mostly Gigabit Ethernet fiber and 100 Mb/s UTP distribution, but we still have some distribution done to remote parts of the campus done over LRE (long range Ethernet), which is much like a "local DSL". It's supposed to give 10Mb/s under the best conditions AFAIK. People from these remote locations complain that traffic to servers on the core network is very slow. I've ruled out problems at client or server side. I've tested file transfers acros...