Hi,
I've got a strange kind of problem on Debian testing with
Mozilla and printing (cups).
I often want to print somewhat longer documents, but without
wasting too much dead trees. Therefore I print into a file,
do a psnup -2 to get two pages per sheet of paper, and print
the resulting postscript document.
When using Mozilla this way, the original postscript document
is fine, but the result of the psnup -2 is unusable, as the
fonts remain at the original size, i.e. the lower and right
parts of the pages get lost - no proper resizing of the page,
all in all. I verified this both with gv and gs (which
sometimes show slightly different results depending on the
postscript document, especially with graphics).
This same problem does not appear with postscript documents
generated from OpenOffice for instance.
Does anyone have an idea on how to go about fixing that
particular problem? I'm not overly experienced with printing,
so...
Greets & TIA, Eric
Hi,
the next LinuxDays preparation meeting is this friday afternoon
at 14:30 at the CRP. I won't be able to be there, so in case
someone can replace me...
The subject of the meeting will be the courses' subjects, with
a little agenda (description of the contents), and proposed
speakers.
There will also be propositions for the frame program (art, music,
robotics, ...).
So, we need to decide very quickly now what LiLux will propose for
courses, and write up at least the agendas (a few lines describing
the contents), and write up the names of people who can present
these courses.
Note for those who didn't see this before (I guess I wrote that
only to the admin list until now): the next LinuxDays will be
divided in two parts - 1) a business track at SI Expo, which
will consist in a series of presentations by some companies
and 2) two days of courses plus "villages" about different
themes, consisting of stands with computers where people can
come ask questions and try stuff out (i.e. no more expo and
presentations like the previous years) - this will be end of
january 2005.
So for LiLux:
The idea will be to have a "basic" course for beginners (really
basic, don't go into installation or CLI confusion, just using
an already installed system) - this we have partly prepared
with the basic course from the LinuxDays 2003 and the LinuxFest
2004.
Then, we should split up the "advanced" course from last year
into several shorter courses regarding different services.
This shouldn't be too hard I guess - any takers?
If we have the energy and manpower, we could also propose new
stuff - any proposals, people willing to do such stuff?
I think it is important to be realistic in our propositions,
or else we'll be really stretched in getting things done. We
can do quite some stuff, especially if more people are willing
to help out. Please join the effort! If we start now, we can
get some nice courses done - if we start late, it will get
painful. Preparing courses does take time to do properly.
Greetings & thanks in advance, Eric
I am checking the excellent news site www.theregister.co.uk almost every
day. Today I saw this interesting news article:
http://www.theregister.co.uk/2004/07/05/sender_authentication
Now, what a coincidence! This article matches our recent discussion!
The funny thing: It's probably coming sooner that even I expected in my
wildest dreams ;-) Microsoft will also play an important role.
Here is an extract of the article
<extract>
Sender ID is expected to be relatively simple to deploy, requiring
little ongoing maintenance. In essence, all you need to do is publish
the IP addresses of approved outgoing email MTAs in your domain name
records. When your users send email, the recipient can make sure the
mail is coming from authorized IP addresses by checking the DNS for the
domain in the "From:" field.
</extract>
Greetings, Patrick Kaell
Hi All,
I am looking for a complete CD/DVD set to install a Debian Sarge on a PC
currently without Linux.
Is a Sarge CD/DVD sufficient, or does this only permit to upgrade a
Woody installation?
Has anybody got these CDs/DVD so that I could copy them?
Regards,
-PU
Yes, I was a bit emotional in the last posts, and I wasn't always fair
resp. did not accept some facts to prove my point. Now I see that I
agree with Eric concerning important technical points, even if we have
different philosophical views.
Some may think that the subject may now be OT. Ok, these people can skip
this mail if they want. I believe that we are all concerned by mail
problems and that the last posts may also have put some facts in a new
light, so it may be worth to keep some key elements of it.
I agree that we should give up some freedom to get a bit more security.
There are already infected PC's (modificated Netsky worms) who are
sending "propaganda from the political right wing" to anybody using my
E-Mail address as sender. I know this because I get sometimes "mail
delivery errors". This is not nice, and I am ready to rethink and
reconfigure my system to make life harder for these abuses. But I must
get informed by the provider to prepare myself in advance.
I did not mention it anymore in the last post, but blocking port 25 was
not a problem for me at all (as I wrote the 28 May in this list). My
girlfriend couldn't send any mail as long as I was not there (because I
could't prepare myself in advance) but after I had identified the
problem I simply used the alternative port 587 (RFC conformant) to send
mail. I was glad that my mail provider Puretec supported this.
So blocking port 25 was not the problem. But you need a mail provider
who supports this alternative port.
Eric, I know I was a bit unfair by saying that nobody uses the ISP
provider's relay to send mail. There are many, I know. But there also
people who send mail through their mail provider's SMTP server, which is
perfectly legitimate.
Blocking port 25 and relaying customer's mails through the ISP
provider's server also makes sense at the moment. The ISP can filter the
mails for worms (which might otherwise not be possible) and can not only
log the connections but also the mail headers of all outbound mail
(although some packet filters might also be able to do this (to look
inside IP packets)). And you are right: There is currently no worm which
would send through the ISP relay. I can't you show one, because I know
of none. But as you said yourself: The internet today is not the
internet of 10 years ago. You will see that the internet of tomorrow
will not be the internet of today. In other words: The ISP mail relay
solution you are using is only a temporal solution. As soon as this
technique will be in widespread use (which will be the case if ISPs
block port 25 and only allow access to their own mail relay), the worms
(and the spammers who exploit remote controlled infected systems) *will*
abuse it (we both agree that this will be trivial).
The SMTP protocol dates back to 1983 and is not suitable anymore for
today's internet. But I dislike temporal solutions that have been
invented by several ISPs. I want a definitive solution that has been
developed by the internet community. Actually this already exists: SMTP
over SSL. It has already been implemented my all major mail clients
(including Mozilla, Eudora and even Outlook). Now is the time for the
ISPs to implement this community developed standard. And you do not need
port 25 anymore, as SSL uses port 443!
I wonder if PT actually guarantees you the "relay service", or if they
were just to lazy to configure their SMTP server otherwise (as I know PT
I suspect that the latter might be true).
Also remember that any PT customer is able to send mails using your ETH
address though the PT relay. Thus even by examining the mail header, I
can not verify that this mail is really coming from you (if you do not
signature your mail)! As long as your mail has not been relayed by ETH's
mail servers the authenticity of your mail is questionable. Ok, I know
that it is possible to fake the headers by spoofing ETH's IP addresses,
but this is outside the possibilities of infected PCs and spammers.
We need SMTP authentification over SSL, there is no way around this. The
other solutions are temporal at best.
Prepare that PT will block all non @pt.lu mails sometime in the future.
Hope that they will warn you on time!
Greeting, Patrick Kaell
Here an explanation for those who have no clue about SMTP:
Mail Client ------> My Mail Provider ------> Recipient's Mail Provider
SMTP SMTP
The "Mail Client" usually uses a dial up IP address. This is often an IP
address which is on a Black List. Therefore the "Recipient's Mail
Provider" would not accept it directly. The "Mail Client" therefore
sends the mail to the "My Mail Provider". This host can authentificate
the mail: the mail must be from the domain the "My Mail Provider"
administrates and the E-Mail address must exist. A spammer cannot use
"My Mail Provider" as an open relay because he has not a valid account
on this server. The "My Mail Provider" sends the mail to "Recipient's
Mail Provider". The "Recipient's Mail Provider" accepts the mail because
the "My Mail Provider" has a fixed IP address and this IP address is not
an a Black List.
For those who still do not understand why it is not a good idea for
Coditel to relay their customer's non xyz(a)coditel.lu addresses, here's
the explanation:
Unlike "My Mail Provider" Coditels relay could not ensure that I did not
fake my From field. Infact I could even use a non existent address (as
long the domain exists in the DNS). Coditel would essentially be an open
relay reserved for their own customers. The From field could be anything
a worm would find in a address database, Coditel's mail server could not
filter it.
Everybody understands?
I mean if you understand the SMTP protocol and the fact I do not want to
change my own E-Mail address everytime I change a dialup service, than
you will see that I use my dialup access in a *sensible* way.
And yes: The engineless car is waiting for you ;-))))))
Patrick Kaell
Fedora C1: MSI Mega 180 based PVR using MythTV (following Jarod's
Guide)(will change to Debian testing soon)
Debian testing: Asus L8400k personal Laptop
Debian testing: Testing PC
muLinux: Texting PC
greetings
Jang Lemmer
At Thursday, 01 July 2004, Thierry Coutelier <Thierry.Coutelier@linux.
lu> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Patrick Useldinger wrote:
>| I am not sure I should really do this, there's been too much arguing
>| already. But, looking at this from a different point of view, I am
>| curious to know who uses *which* distro for *what* purpose.
>|
>| So would you care, if you wish to participate, to send _one line per
>| distro you use_ to this mailing list, in the form:
>|
>| distro 1: purpose 1
>| distro 2: purpose 2
>| [...]
>|
>
>Fedora C1: desktop at work -> we wanted to stay on the RedHat line
>Suse9.1: desktop on my PC and laptop -> useful for giving courses
>Debian sarge: test PC
>RedHat 7.2: Production servers at work (should go to Fedora C2 when I
>finally get
>time to repackage our software)
>Fedora C1 (upgraded from RH9): Lilux server -> I's working.
>
>| Disto in the sense of Unix/Linux flavour.
>|
>|
>| _______________________________________________
>| Lilux-help mailing list
>| Lilux-help(a)lilux.lu
>| http://lilux.lu/mailman/listinfo/lilux-help
>
>- --
>Thierry Coutelier Président LiLux asbl
>7, Rue Jacques Sturm L-2556 Luxembourg
>Office:+352 710725 608 Home:+352 406776
>http://www.linux.lu/
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.3 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFA47wlPOfrcNNQX7oRAtnLAKCJoPsJVUCo1XHQunflK7clD4+gcwCdFSxz
>IYvbQKKFJcYpAjO+vgDAsgA=
>=gFS4
>-----END PGP SIGNATURE-----
>_______________________________________________
>Lilux-help mailing list
>Lilux-help(a)lilux.lu
>http://lilux.lu/mailman/listinfo/lilux-help
>
----------------------------------------------------------
There are only 10 types of people in the world:
Those who understand binary and those who don't.
----------------------------------------------------------
===================================================================
EASY and FREE access to your email anywhere: http://www.web.lu/web2mail/
===================================================================
