headers
Darrell May | 17 Jun 2002 21:39

Re: [e-smith-devinfo] Mail sort


Gordon Rowell <gordonr <at> e-smith.com> said:

> As will creating a group and forwarding the mail to that group, or
> just mailing to the group.

Yes, forwarding to a group will permit forwarding to internal users but it
does not permit forwarding to external addresses or a combination of
internal/external.

Procmail still offers more options, even if the goal is to forward one
account to two internal users.  In addition procmail can forward to a
combination of internal/external addresses.

If the user installs our user-manager contrib:

http://myezserver.com/downloads/mitel/contrib/user-manager/

this is easy to implement by either creating multiple recipes or setting
procmail for the user to 'geek' mode and editing .procmailrc manually.

Regards,

--
Darrell May
DMC Netsourced.com
http://netsourced.com
http://myEZserver.com

--
(Continue reading)

Permalink | Reply | 501 comments |
headers
Gordon Rowell | 17 Jun 2002 21:45

Re: [e-smith-devinfo] Mail sort

On Mon, Jun 17, 2002 at 07:39:22PM -0000, Darrell May <dmay <at> netsourced.com> wrote:
> 
> Gordon Rowell <gordonr <at> e-smith.com> said:
> 
> > As will creating a group and forwarding the mail to that group, or
> > just mailing to the group.
> 
> Yes, forwarding to a group will permit forwarding to internal users but it
> does not permit forwarding to external addresses or a combination of
> internal/external.
> [...]

Not attempting to split hairs, but you can do this by creating an
account which forwards offsite. The account is locked so does not
have other rights, but it does use a name from your namespace and 
is all possible from the existing interface.

I agree, the procmail add-on is nice, and has extra features, but 
the original question can be answered with standard features.

Gordon
--
  Gordon Rowell                        gordonr <at> e-smith.com
  Director, Engineering
  Network Server Solutions Group       http://www.e-smith.com
  Mitel Networks Corporation           http://www.mitel.com

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
(Continue reading)

Permalink | Reply | 501 comments |
headers
jose velez | 18 Jun 2002 02:49

Direcway


Last week a few people were interested in Direcway.  A company with the name of
Helius sells a Linux Router for $ 1995.00 with USB and ethernet port.  It has
DHCP, Mail and many other features (no file and Print).  I think it is very
high.  It is based on Caldera.

--
Ing. Jose M. Velez
Velez Computer System
1353 Estrella St.
San Juan, Puerto Rico 00907

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Permalink | Reply | 0 comments |
headers
admin | 18 Jun 2002 11:40

devinfo on GMane

Hello

I recently discovered the mail to news gateway GMane.  I allowed myself to ask
for the creation of a group for the mailing list e-smith-devinfo.  The advantage
compared to "The Mail Archive" is the possibility of posting on the newsgroup
with reference on the ml.  This group is called gmane.network.e-smith.devel on
the server news://news.gmane.org (no log/pass).

More infos here:  http://gmane.org

Is there any problem with this and about publishing this group on other private
newsgroup servers ?

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Permalink | Reply | 2 comments |
headers
Vineet Mehta | 18 Jun 2002 14:16
Picon
Favicon

e-smith 5.0 source?

Where can i find source rpm's of e-smith SME 5.0?

________________________________________________________________________
Want to sell your car? advertise on Yahoo Autos Classifieds. It's Free!!
       visit http://in.autos.yahoo.com

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Permalink | Reply | 1 comment |
headers
Ari Novikoff | 18 Jun 2002 15:29

Apache vulnerability

June 17, 2002 
Flaw Found in Apache HTTP Server
By  Dennis Fisher 

A buffer overrun vulnerability in the Apache HTTP server included with many 
popular Web servers enables an attacker to execute code on vulnerable 
machines. 

The flaw lies in the way that the server handles data transmissions of unknown 
size. Typically, these transmissions are broken into "chunks" for easier 
handling. But Apache's HTTP server misinterprets the size of the chunks, which 
leads to an overrun of the heap memory, according to an advisory published 
Monday by Internet Security Systems Inc.'s X-Force research team. 

The vulnerability can be exploited remotely by way of a carefully crafted 
invalid request to the server, and the flawed functionality is enabled by 
default. Exploiting the flaw could either lead to a denial of service on the 
machine or the execution of malicious code. 

The Apache Software Foundation's Apache Server Project, which maintains the 
open-source HTTP server, also issued a bulletin warning that all versions of 
Apache 1.3 are vulnerable, as are copies of version 2 up to 2.0.39. 

However, versions 2.0 and later are not vulnerable to the remote execution of 
code, Apache's advisory said. 

Apache is by far the most widely deployed Web server on the Internet, running 
on more than 50 percent of machines surveyed by Netcraft Ltd. Its HTTP server 
is included in products such as Oracle Corp.'s 9i Application Server and IBM 
Corp.'s WebSphere.
(Continue reading)

Permalink | Reply | 3 comments |
headers
Paul Barnett | 18 Jun 2002 16:08

Re: Apache vulnerability

> A buffer overrun vulnerability in the Apache HTTP server included
> with many popular Web servers enables an attacker to execute
> code on vulnerable machines.

This is over-simplified....  Someone didn't read the bulletin carefully.

    http://httpd.apache.org/info/security_bulletin_20020617.txt

The potential for executing arbitrary code is limited to 64-bit Unix and
Windows platforms:

"In Apache 1.3 the issue causes a stack overflow.  Due to the nature of the
overflow on 32-bit Unix platforms this will cause a segmentation violation
and the child will terminate.  However on 64-bit platforms the overflow can
be controlled and so for platforms that store return addresses on the stack
it is likely that it is further exploitable. This could allow arbitrary code
to be run on the server as the user the Apache children are set to run as.
We have been made aware that Apache 1.3 on Windows is exploitable in this
way."

Due to the time it takes to replace the terminated process (which varies
according to platform), it's still possible to mount a denial-of-service
attack on all other versions.

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
(Continue reading)

Permalink | Reply | 0 comments |
headers
Charlie Brady | 18 Jun 2002 17:22

Re: Apache vulnerability


On Tue, 18 Jun 2002, Ari Novikoff wrote:

> Just a heads-up for you if you weren't already aware...

Ari, you might notice at the base of every message on this list this line:

> Please mail security <at> e-smith.com (only) to discuss security issues

--
Charlie Brady                         charlieb <at> e-smith.com
Lead Product Developer
Network Server Solutions Group        http://www.e-smith.com/
Mitel Networks Corporation            http://www.mitel.com/
Phone: +1 (613) 592 5660 or 592 2122  Fax: +1 (613) 592 1175

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Permalink | Reply | 1 comment |
headers
Gordon Rowell | 18 Jun 2002 17:37

Re: Apache vulnerability

On Tue, Jun 18, 2002 at 11:22:41AM -0400, Charlie Brady <charlieb <at> e-smith.com> wrote:
> 
> On Tue, 18 Jun 2002, Ari Novikoff wrote:
> 
> > Just a heads-up for you if you weren't already aware...
> 
> Ari, you might notice at the base of every message on this list this line:
> 
> > Please mail security <at> e-smith.com (only) to discuss security issues

And further to this, we were already aware of the issue before it was 
posted to devinfo and are evaluating its impact, as we do with all
security advisories.

Gordon
--
 Gordon Rowell                         gordonr <at> e-smith.com
 Director, Engineering
 Network Server Solutions Group        http://www.e-smith.com/
 Mitel Networks Corporation            http://www.mitel.com/

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
(Continue reading)

Permalink | Reply | 0 comments |
headers
Gordon Rowell | 18 Jun 2002 17:44

Re: e-smith 5.0 source?

On Tue, Jun 18, 2002 at 01:16:47PM +0100, Vineet Mehta <vineet_mehta2001 <at> yahoo.co.in> wrote:
> Where can i find source rpm's of e-smith SME 5.0?

SME 5.0 is now quite old, and you would be better basing any new work
on 5.5beta9 or even 5.1.2. The SRPMS for both of these releases are on
ftp.e-smith.org and our mirror sites.

Gordon
--
 Gordon Rowell                         gordonr <at> e-smith.com
 Director, Engineering
 Network Server Solutions Group        http://www.e-smith.com/
 Mitel Networks Corporation            http://www.mitel.com/

--
Please report bugs to bugs <at> e-smith.com
Please mail security <at> e-smith.com (only) to discuss security issues
Support for registered customers and partners to support <at> e-smith.com
To unsubscribe, e-mail: devinfo-unsubscribe <at> lists.e-smith.org
For additional commands, e-mail: devinfo-help <at> lists.e-smith.org
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Permalink | Reply | 0 comments |

Gmane