Berkeley CSUA MOTD:Entry 25982
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/25 [General] UID:1000 Activity:popular
5/25    

2002/9/23-24 [Computer/SW/Mail] UID:25982 Activity:moderate
9/22    Will CSUA provide pop3/spop3 access soon?
        \_ The CSUA does provide spop3 access.
        \_ no. fuck off.
           \_ go fuck yourself you dip shit!!
              \_ someone get this freshman a beer.  this fool needs to chill.
        \_ my question is... why do you want pop3 anyway? pine/mutt/elms are
           so much better
           \_ archiving
        \_ Why would you use the csua for your email anyway?
           \_ it's my last berkeley connection, and was until now
              something permanent.
           \_ for the same reason you do, dumbshit
              \_ child, I don't.  using me as an example is not enhancing
                 your case at all.  want to be like me?  run your own server
                 and domain at home.
                 \_ damn you're cool! why are you even bothering
                    with this lowly csua?
                    \_ no im not cool.  im doing what everyone with any sense
                       is already doing: taking control of my online world. i
                       come here so i can hang out with k-kewl people like you.
        \_ dude, csua does support pop3 access... only from localhost...
           just use ssh to tunnel in. I've
           been using this for almost 2 years.
           \_ damn it!  now they'll all start asking how to set up tunnels and
              "how to tunnel pop ssh?"   what were you thinking?
        \_ POP is not going to work from a non local machine,
           but POP over SSL works.  What mail client are you using?
           Windows clients like Eudora and Outlook and Outlook Express
           and Mozilla Mail all support POP over SSL, you just have to
           click on the right button.
           \_ thanks! finally got it. I am using outlook...
        \_ I never did get an answer to my SMTP question from last week.
           Is it possible to send mail from a non-local host to a non-local
           host without going through an ssh tunnel? --different guy
           \_ The answer was "no".  Go look up "open relay" on google.
              \_ I know what an open relay is.  That's why I expected some
                 way to authenticate myself so the server can verify that
                 I have an account.  Oh wait, but smtp doesn't do
                 authentication, despite the fact that my mail client has a
                 checkbox for it.  Whee.
                 \_ Some mail servers support SMTP AUTH.  RFC 2554,
                    http://www.sendmail.org/~ca/email/auth.html  -John
                 \_ So you seriously expect the csua to do smtp auth of some
                    sort so you can relay via soda?  I don't see a big need
                    and wouldn't ask the VP to spend their time on it.
                    \_ not really.  I was just looking to see if it was
                       possible so I know if I'm configuring my mail client
                       incorrectly.  these are the types of responses I was
                       looking for, not the as "you don't need to authenticate
                       to SMTP, you retard" responses I was getting before.
                    \_ why would the CSUA not want to do SMTP AUTH?  -tom
                        \_ Because it'll require effort on someone's part for
                           minimal gain.
                           \_ You have a superfluous prepositional phrase in
                              that sentence.  -tom
                              \_ Uh huh.  So what?  You had a point?
                              \_ is there really one "tom", or is it a
                                 group of people having a contest to see
                                 how fucking annoying they can be?
                                 \_ I've been watching.  There's just one.
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/05/25 [General] UID:1000 Activity:popular
5/25    

You may also be interested in these entries...
2013/4/9-5/18 [Computer/SW/Mail, Academia/Berkeley/CSUA] UID:54647 Activity:nil
4/8     What's a good free e-mail provider? I don't want to use Gmail,
        Yahoo, Outlook, or any of those sites with features I never use that
        track my personal info and keep changing their interface. I want just
        simple e-mail without privacy issues or all the baggage these large,
        for-profit companies are adding. I might even be willing to pay.
        Recommendations?
	...
2012/10/15-12/4 [Computer/SW/Mail] UID:54501 Activity:nil
10/15   What's the soda email client these days?
        \_ Don't know.  /usr/bin/mail hasn't been working for a while.
        \_ forward to Gmail.
        \_ mutt works for me
	...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...
2011/11/14-30 [Computer/SW/Security] UID:54228 Activity:nil
11/14   Social Engineering call centers:
        http://www.itbusiness.ca/it/client/en/home/News.asp?id=64887
	...
2011/2/14-4/20 [Computer/SW/Unix] UID:54039 Activity:nil
2/14    You sure soda isn't running windows in disguise?  It would explain the
        uptimes.
        \_ hardly, My winbox stays up longer.
        \_ Nobody cares about uptime anymore brother, that's what web2.0 has
           taught us.  Everything is "stateless".
           \_ You;d think gamers would care more about uptime.
	...
2011/4/6-20 [Computer/SW/Mail, Computer/SW/Unix, Industry/Startup] UID:54078 Activity:nil
4/6     My company is evaluating version control systems. Our two candidates
        are Perforce and Subversion. Anyone worked with both and have good
        arguments one way or the other? (These are the only two options we
        have.) We're most interested in client performance, ease of use, and
        reasonable branching.
        \_ I'll be 'that guy'. If perforce and subversion are optins, why isn't
	...
2011/2/6-19 [Computer/Networking] UID:54028 Activity:nil
2/5     hmm.
$netstat -at | grep LISTEN
tcp        0      0 *:43300                 *:*                     LISTEN
        \_ this is an sshd
tcp        0      0 *:49416                 *:*                     LISTEN
tcp        0      0 *:36201                 *:*                     LISTEN
	...
Cache (5105 bytes)
www.sendmail.org/~ca/email/auth.html
Terminology SASL defines two terms which are important in this context: authorization identifier and authentication identifer. That is, the authentication credentials of the client contain the authentication identifier. This can be used for a proxy server to act as (proxy for) another user. Read the 16 docs which come with it (as well as README and INSTALL). Make sure the libraries are installed in a location which 18 sendmail uses on your system by default. BTW: sendmail requires 22 sasldb to be owned by root or the trusted user and not be readable by anyone else since the file contains sensitive data (shared secrets). If there is a conflict with other applications that need to read it too, you can 23 try a trick. You maybe need to set: APPENDDEF(confLIBDIRS', -L/PATH/TO/SASL/lib') APPENDDEF(confINCDIRS', -I/PATH/TO/SASL/include') (obviously you have to replace /PATH/TO/SASL/ with the path on your system) if you haven't installed sasl in a location where the Build tool looks for include and library files. However, this may cause problems during runtime, since the sasl library is dynamically loaded, and most OS don't load libraries from "unknown" locations, esp. If this doesn't reveal any problems, increase the LogLevel to 13 and try again. Examples of problems in the 30 logfile: * SASL error: listmech=0, num=0 or AUTH warning: no mechanisms This means the SASL library didn't find any mechanisms. Are any libraries installed in /usr/lib/sasl (or wherever you told SASL to be installed)? You can also set the environment variable SASL_PATH, see the Cyrus SASL docs. If it doesn't, then your configuration is wrong (check your parameters for configure (SASL) and all the paths). This can be done by looking at its content (using strings or od -c) and checking that the names of those mechanisms appear in the file. Possible solutions are: don't use sendmail -bs but talk directly to the MTA, or if you really need this feature, make sasldb group readable for smmsp (if you use it) and set the appropriate DontBlameSendmail option GroupReadableSASLDBFile. DefaultAuthInfo (confDEF_AUTH_INFO) specifies a file in which the authorization identity, the authentication identity, the secret, and the realm to be used for authentication are stored. This file must be in a safe directory and unreadable by everyone except root (or TrustedUser). It is used when 40 sendmail acts as a client to authenticate itself to a server. This may reveal the secret if the other side offers a plaintext authentication mechanism. Make sure the secret is not a real password used for an account somewhere. See cf/README for details, look in the section SMTP AUTHENTICATION. If you really want to use DefaultAuthInfo (it is deprecated) then you have to remove the ruleset. DaemonPortOptions (DAEMON_OPTIONS has now suboptions (called modifiers), one of which is a'. This tells the daemon to require authentication for all connections to it. The ruleset trust_auth is used to decide whether the client's authentication identifier ( 46 authid) is trusted to act as (proxy for) the requested authorization identity ( 47 userid). The provided rules allow 48 authid to act for 49 userid if both are identical and they disallow it if the authentication failed. The ruleset Local_trust_auth can be used to provide further tests. As usual, it can either return the error mailer ($# error) to disallow proxying or $# OK to allow proxying. Requiring SMTP AUTH for all mails is in general a bad idea, because then you cannot receive mails from other users (since the cannot authenticate). So you must do this only on a server that is solely intended for your own users to send mail, not for a publically advertised (via MX records) server. Now that 57 sendmail provides SMTP AUTHentication, you probably want a MUA that uses it. Many MUAs on Unix call 59 sendmail directly, so for roaming users it is sufficient if their 60 sendmail can 61 authenticate itself against the mailserver. PLAIN SASL mechanism Clear-text passwords are simple, interoperate with almost all existing operating system authentication databases, and are useful for a smooth transition to a more secure password-based authentication mechanism. The drawback is that they are unacceptable for use over an unencrypted network connection. If you use it anyway, and you use Netscape as MUA, then in some cases you may want to turn it off; More Possible Problems 70 Realms can cause some problems because they are not standardized for all mechanisms. This is fixed in Mercury/32 according to 72 Pegasus tech support. Security Layer 73 SASL means Simple Authentication and Security Layer. This is a problem with Cyrus SASL which doesn't obey the maximum security settings of 78 sendmail. Other WWW Pages about SMTP AUTH Some people complained that my explanations are too hard to understand for beginners. Otherwise use a search engine to find more explanations or let me know how to enhance this WWW page. He and Larry Greenfield also provided valuable feedback during further development and integrated our patches or implemented features we requested.