INFO-VAX Tue, 27 Feb 2007 Volume 2007 : Issue 116 Contents: Blue Screen of Death on VMS Re: Blue Screen of Death on VMS Re: create directory Re: create directory Re: create directory Re: DECforms DECWidnows: default session to old desktop ? Re: Intel Moves Towards Itanium and Xeon Convergence Re: Intel Moves Towards Itanium and Xeon Convergence MI5 Persecution: Stand up for Free Speech 14/8/95 (374) Re: Migrating C application from VMS to LINUX Re: Migrating C application from VMS to LINUX Re: OT: Quebec Health Care Virus Re: OT: Quebec Health Care Virus Re: Quebec Health Care Virus Questions about DoSD (Dump of System Disk) Re: Questions about DoSD (Dump of System Disk) Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Re: Satellite nodes and pagefiles Re: Satellite nodes and pagefiles Re: SpamAssassin Re: SpamAssassin Re: SYS$TIMEZONE_RULE problems Re: SYS$TIMEZONE_RULE problems ---------------------------------------------------------------------- Date: Tue, 27 Feb 2007 11:43:14 -0500 From: JF Mezei Subject: Blue Screen of Death on VMS Message-ID: <5601f$45e45fab$cef8887a$9893@TEKSAVVY.COM> I ran an RMS utility from Hein. It crashed DECWindows. (that will teach me to run code from the SYSTEM account :-) Since restarting decwindows isn't simple (the simple way causes the mouse to be inactive), I pressed and then typed in CONT which should have gotten me to the "real" console, but somehow the things got messed up and I ended up in prison (AlphaBios from which there is no exit). The later told me my NVRAM was bad and that it was overwriting it. Pretty scary. So , power the machine down and back up again. The NVRAM file was still there. But VMS prompted me for the time (for the first time I might add, when this system was delivered from Island, it had the correct time in it). Whoever chose the default colour "blue" for the background of the console on a ATI Radeon 7500 should be punished by being offered a job at Microsoft. ------------------------------ Date: Tue, 27 Feb 2007 12:57:08 -0500 From: Stephen Hoffman Subject: Re: Blue Screen of Death on VMS Message-ID: In no particular order... It would appear that the system nvram battery -- the Dallas watch chip, or whatever this particular Alpha box uses for its storage -- is failing. I'd expect to need to swap it. There are related discussions in the OpenVMS FAQ, and here in the newsgroup. There are discussions in the FAQ around getting out of AlphaBIOS/ARC and into SRM, as well. The system time and the setting for AlphaBIOS/ARC or SRM are both stored here, and -- unfortunately -- a weak nvram tends to forget the time and tends to return the console code for AlphaBIOS/ARC rather than a code for "weak or cleared or failed nvram". The watch chip batteries seem to be good for about ten years, IIRC. It's possible that something stomped on the values, but I'd tend to assume not... This looks more like a low-level failure in whatever that tool Hein gave you, or something buggy in the underlying OpenVMS system, or in the underlying hardware. I'd guess that rather more than DECwindows tipped over here. The SRM command CONTINUE continues from a halt. Not all Alpha systems can continue from such a halt -- some have to be rebooted. CONTINUE does not get you to the console, the CTRL/P or BREAK should do that. CONTINUE might well be used to trigger a system bugcheck dump upon a kernel-mode halt, this assuming the system is set to restart on halt -- this is how you can get from a halt instruction to the code that generates a system crashdump. I would recommend that you connect and configure the serial console on this particular Alpha system. A DECserver works wonders as a remote console though an OS X serial connection or VT terminal works nicely too, particularly given apparently stellar local abilities to find and to exercise various latent bugs in DECwindows and in OpenVMS itself. If you need to restart DECwindows as often as seems necessary (and assuming the system is ECO'd to current), this is the easiest approach to that end. Certain graphics controller failure modes can lead to a Yellow Screen Of Death. I hit that case with an AlphaStation 255/300 many years ago. Swapped the controller, and both the YSOD and the failure went away. The blue color is the default for every graphics controller operating in its VGA console mode I've ever seen; in the low-res and deliberately-simple interface mode used by most any system firmware. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Tue, 27 Feb 2007 07:13:36 -0500 From: bradhamilton Subject: Re: create directory Message-ID: <45E42070.9060201@comcast.net> Bob Jones wrote: > I am a beginner in VMS, coming from UNIX. Trying to create a new directory > under the current directory, but forgot to use the '.'. > > create /directory [newdir] > > Now I cannot find where this dir is created. Please help! directory :[newdir] It has been created on the "top" level of the disk that you "were", at the time the command was issued. Now your job will be to find out which disk that was. If you have only one disk, your task is easy; if not, your task is as hard as the number of disks on your system. Welcome to VMS; this is perhaps the biggest differentiator between VMS and UNIces. ------------------------------ Date: 27 Feb 2007 07:06:06 -0600 From: briggs@encompasserve.org Subject: Re: create directory Message-ID: In article <45E42070.9060201@comcast.net>, bradhamilton writes: > Bob Jones wrote: >> I am a beginner in VMS, coming from UNIX. Trying to create a new directory >> under the current directory, but forgot to use the '.'. >> >> create /directory [newdir] >> >> Now I cannot find where this dir is created. Please help! > > directory :[newdir] That will display the directory contents rather than the directory file. > It has been created on the "top" level of the disk that you "were", at > the time the command was issued. > > Now your job will be to find out which disk that was. If you have only > one disk, your task is easy; if not, your task is as hard as the number > of disks on your system. And as easy as going to where he was when he created the directory and doing: $ DIR [000000]NEWDIR.DIR ------------------------------ Date: Tue, 27 Feb 2007 18:16:55 GMT From: Tad Winters Subject: Re: create directory Message-ID: "Bob Jones" wrote in news:BWMEh.2237$jx3.800@newssvr25.news.prodigy.net: > I am a beginner in VMS, coming from UNIX. Trying to create a new > directory under the current directory, but forgot to use the '.'. > > create /directory [newdir] > > Now I cannot find where this dir is created. Please help! > > I will not automatically assume SYS$DISK was referring to the MFD. It may have been that your default was USERS:[BJONES] at the time you issued the command. In that case, you should be able to: $ set protection=w:rwed [000000]newdir.dir $ delete [000000]newdir.dir; and the directory will be gone. USERS could easily be a rooted logical whose equivalence is something like: DISK$DATA:[USERS.] (in the system logical name table and the concealed attribute.) ------------------------------ Date: Tue, 27 Feb 2007 07:35:51 -0600 From: pechter@pechter.dyndns.org (William Pechter) Subject: Re: DECforms Message-ID: <8KGdnTyZLfcqrnnYnZ2dnUVZ_rCsnZ2d@comcast.com> In article <1172538959.462805.240960@k78g2000cwa.googlegroups.com>, wrote: >On Feb 3, 4:13 am, "Richard Maher" >wrote: > >The last book(s) covering OpenVMS in this series will not be using any >MS products. I am dumping all MS products from my own site, and will >not be working with them at client sites in the future. My current >focus is using SuSE Linux as the "front end" or "terminal" for OpenVMS >applications. I regret that SuSE inked a deal with MS, but nothing I >can do about it. Novell had a better DOS with DR-DOS and they let it >die to improve relations with MS and now we have bloated buggy GUI- >DOS. I also regret IBM having let OS/2 die on the vine. Once they >got to Warp 5 and had almost all of the MS code ripped out, it became >a very stable and capable OS. > Did IBM ever get to "OS/2 version 5" or was the last thing out a 4.5 varient. I have Warp4 and have seen add-on service pack type stuff and references to a TCP/IP upgrade to the version of the later Warp Server version... OS/2 is a nice OS -- too bad they didn't have the comittment to it to go all the way. SuSE Linux is ok... I've been running that, Mandrake, Suse, RedHat, CentOS, and Ubuntu/Kubuntu. My view is Kubuntu may be the best desktop platform right now. With VMware Server on top to let me run those Windows apps in a Windows Sandbox... Not too bad. >Since SuSE 10.2 Linux on 64-bit AMD machines is the best I've found, >that is what I will focus on. I've even made the jump to StarOffice/ >OpenOffice from WordPerfect since they informed me they had no >intentions of ever releasing another Linux version of their product. Too bad. I've got their earlier version and the WPOffice 2000 product. (The later was a big mistake). It was so tied to their Wine and certain versions of libraries... Once you went past RH6.2... ugh. With Corel Linux it was kind of fun. > >I'm currently in talks with one vendor about using their product as >the front end, which is why there may be two books. No, I won't name >the vendor at this point. By the end of this week I should know if >there will be one or two books left covering OpenVMS in this series. >The Logic book in this series should be heading to the printer in a >month or two, but it isn't VMS specific. Trying to keep the size and >cost down so it will be affordable for colleges to use. It's pretty >obvious no college teaches logic these days. > Too bad the FrameMaker product for Linux was never released. I did all my best courseware in it. > >Roland > Bill -- -- "When I think back on all the crap I learned in Vax school It's a wonder I fixed anything at all." (to the tune of Kodachrome) pechter-at-ureach.com ------------------------------ Date: Tue, 27 Feb 2007 11:57:56 -0500 From: JF Mezei Subject: DECWidnows: default session to old desktop ? Message-ID: Now, some time ago, I had edited the sys$manager: DECW$PRIVATE_APPS_SETUP.COM to add a $ decw$start_new_desktop == "false" Thinking the login screen would now defult to the traditional desktop instead of CDE (but still giving me the 3 choises (CDE, Failsafe, traditional) Alas, this gave the old VAX login screens without any option to go to CDE or failsafe. So the question: Is there some magical incantation one can make to cause the current default login screen to have the traditional desktop checked as default in the OPTIONS menu instead of the new desktop ? (but still giving option to go CDE of Failsafe) ------------------------------ Date: 27 Feb 2007 03:21:13 -0800 From: "Bob Gezelter" Subject: Re: Intel Moves Towards Itanium and Xeon Convergence Message-ID: <1172575273.364575.183420@p10g2000cwp.googlegroups.com> On Feb 27, 6:06 am, "n.ri...@sympatico.ca" wrote: > Intel Moves Towards Itanium and Xeon Convergence > > http://www.dailytech.com/article.aspx?newsid=6236 > > Is this how OpenVMS gets on x86-64 ??? (don't raise the bridge, lower > the river) > > Neil Rieck > Kitchener/Waterloo/Cambridge, > Ontario, Canada.http://www3.sympatico.ca/n.rieck/links/cool_openvms.htmlhttp://www3.sympatico.ca/n.rieck/links/openvms_demos.html Neil, Having heard at least some Intel presentations on the subject, and reading the article, I hope that your comment was in jest. The common elements that are being spoken of are issues along the lines of on-chip foundation elements (e.g. cache designs), and interconnects (e.g. connections to the supporting circuitry). With the tremendous costs inherent in chip-design, there is a strong impetus towards common elements.This does not imply common instruction sets. - Bob Gezelter, http://www.rlgsc.com ------------------------------ Date: Tue, 27 Feb 2007 14:34:15 +0100 From: Paul Sture Subject: Re: Intel Moves Towards Itanium and Xeon Convergence Message-ID: In article <1172574387.636800.153990@p10g2000cwp.googlegroups.com>, "n.rieck@sympatico.ca" wrote: > Intel Moves Towards Itanium and Xeon Convergence > > http://www.dailytech.com/article.aspx?newsid=6236 > > Is this how OpenVMS gets on x86-64 ??? (don't raise the bridge, lower > the river) > The last paragraph of the above article says: 'Those expecting Intel to produce a hybrid x86-64 and IA64 compatible processor will be disappointed, as Intel does not intend to take Itanium and Xeon convergence that far. ³I don't see it getting that far, but I am driving these things to be as common as possible,² said Gelsinger.' -- Paul Sture ------------------------------ Date: Tue, 27 Feb 2007 16:42:43 +0000 (UTC) From: MI5Victim@mi5.gov.uk Subject: MI5 Persecution: Stand up for Free Speech 14/8/95 (374) Message-ID: From: rji@cheetah.inmos.co.uk (Richard Ingram) Newsgroups: uk.misc Date: Mon Aug 14 10:08:32 1995 Some cencorship loving bore wrote : > In article gevans@mvagusta.uk.tele.nokia.fi (Gareth Evans) writes: > > His sysadmin is also next to useless, and has not replied to my request or > even acknowledged it. Maybe this person *is* a sysadmin? > > He's not. It seems the public access site he uses has got no proper > management over its users. Here's a copy of a reply I got from a > complaint I made. [After returning every one of Corley's postings to [snip a large pile of winging complaining drivel] Geez what a bunch of tossers you all are - you don't like someones postings so you try and get him evicted from the net, why not just use a kill file - you DONT have to read his posts/threads now do you ? Why is it the net is getting populated by the biggest bunch of self absorbed little Hitlers ? You don't like someones posts so you bloody complain or mail bomb them - grow up you bunch of fucking sad gits ! Richard. 374 ------------------------------ Date: 27 Feb 2007 01:45:36 -0800 From: "klaus1" Subject: Re: Migrating C application from VMS to LINUX Message-ID: <1172569536.326783.226640@k78g2000cwa.googlegroups.com> I use the following VMS header files, hopefully, that I can transfer to Linux environment: descrip.h libdtdef.h sjcedef.h stsdef.h prcdef.h psldef.h prvdef.h lnmdef.h jpidef.h lib$routines.h starlet.h unixio.h smg$lib/sql.h smg$lib/column.h smg$lib/winst.h smg$lib/elstjr.h smg$lib/gblsec.h smg$lib/vmslib.h I think I have to rewrite the whole application from the scratch. Is there a chance to change the header files against Linux header files? Thanks, Klaus ------------------------------ Date: 27 Feb 2007 06:44:01 -0800 From: "klaus1" Subject: Re: Migrating C application from VMS to LINUX Message-ID: <1172587441.386609.251040@j27g2000cwj.googlegroups.com> On 27 Feb., 13:35, Joseph Huber wrote: > klaus1 wrote: > > I use the following VMS header files, hopefully, that I can transfer > > to Linux environment: > > > descrip.h > > libdtdef.h > > sjcedef.h > > stsdef.h > > prcdef.h > > psldef.h > > prvdef.h > > lnmdef.h > > jpidef.h > > lib$routines.h > > starlet.h > > unixio.h > > smg$lib/sql.h > > smg$lib/column.h > > smg$lib/winst.h > > smg$lib/elstjr.h > > smg$lib/gblsec.h > > smg$lib/vmslib.h > > > I think I have to rewrite the whole application from the scratch. Is > > there a chance to change the header files against Linux header files? > > Thanks, > > Klaus > > Except for descrip.h, which could be used for routines passing arguments > by descriptor, > there is little sense to just transfer the header files: the basic > things are the VMS interfaces/libraries they describe. > Unless You write a Unix interface for all the library routines used > (system services and run-time library), You have to implement/rewrite > the functionality using the Unix interfaces. > (There are companies having migration tools/libraries: look into the VMS > FAQ for pointers). > > The above smg$lib seems to be a local library, they are not VMS standard. > Do You have a logical smg$lib, giving a hint to the software location ? can you give me the names of the equal libraries to the VMS libraries I wrote above? thanks, Klaus ------------------------------ Date: Mon, 26 Feb 2007 23:10:36 -0800 From: glen herrmannsfeldt Subject: Re: OT: Quebec Health Care Virus Message-ID: Richard B. gilbert wrote: > glen herrmannsfeldt wrote: (snip) >> There is a historical reason >> that GENERATE is used for copying data, but I don't remember what it is. > My memory grows DIMM but ISTR that IEBGENER's primary function was to > generate test data. (It has been fifteen or twenty years since I last > used it!) I think so, but IEBDG (Data Generate) is the one that is really supposed to do that. http://publib.boulder.ibm.com/infocenter/zoslnctr/v1r7/index.jsp?topic=/com.ibm.zsysprog.doc/zsysprog_66.html IBM's description of IEBGENER says: "The IEBGENER utility copies one sequential data set to another. (Remember that a member of a partitioned data set can be used as a sequential data set.) It can also do some filtering of the data, change LRECL and BLKSIZE, generate records, and several other functions. However, the most common use is to simply copy data sets. A typical job could be the following:" -- glen ------------------------------ Date: 27 Feb 2007 10:14:58 -0800 From: "Doug Phillips" Subject: Re: OT: Quebec Health Care Virus Message-ID: <1172600098.330706.235150@j27g2000cwj.googlegroups.com> On Feb 26, 9:43 pm, b...@instantwhip.com wrote: > On Feb 26, 2:02 pm, "Doug Phillips" wrote: > > > > > > 3 ILLEGALS ... are driving hospitals and other doctors out of > > > business > > > with a requirement they be treated without paying ... > > > > add those three up and there is your problem ... > > > Now you sound like someone who has no knowledge of the situation, but > > are just parroting some talking heads. > > really ... just ask all the people flocking to Las Vegas and Phoenix > why > they are and also the businesses and they will tell you Ok. Ahhem; Dear People flocking to Las Vegas and Phoenix. Why are you and also the businesses? Please tell me. Thank you. Doug Phillips ------------------------------ Date: Tue, 27 Feb 2007 07:46:18 GMT From: "Michael D. Ober" Subject: Re: Quebec Health Care Virus Message-ID: Kerry, I agree with you on the need for more long term rational approaches to decision making. The problem is that it's a rare politician who looks past the next election and a rare CEO/CIO's who looks past the next quarter or two's earning reports. Given the short time frame these decision makers work with, Windows/Linux makes more rational sense to them, even when over the lifetime of the systems they're making decisions for, something along the lines of VMS or even IBM's MVS would be a far better choice, despite the higher up-front costs. Mike. "Main, Kerry" wrote in message news:FA60F2C4B72A584DBFC6091F6A2B8684020D47AB@tayexc19.americas.cpqcorp.net... > -----Original Message----- > From: Michael D. Ober [mailto:"obermd."@.alum.mit.edu.nospam] > Sent: February 21, 2007 3:43 PM > To: Info-VAX@Mvb.Saic.Com > Subject: Re: Quebec Health Care Virus > > This is more an indictment of the Quebec health care system > priorities than > it is of Windows. When Win95 and 98 were new, viruii were > rare. The fact > that these versions of Windows are still in use even after their > shortcomings became painfully obvious to the rest of the > world is a problem > within the health care system. Yes, you can easily say that > VMS wouldn't > have been impacted, but the upfront cost of custom > programming to get VMS to > do what can be frequently purchased on the open market can be > a major factor > in not using VMS. Yes, there may be higher continuing costs running > Windows, but if the upfront cost is too high, it doesn't make > any difference > simply because the initial purchase won't be made. > > In addition, almost any decent virus scanner could have > stopped this thing > in its tracks, so there is the additional issue of network security > management not being done. > > As usual, problems like this aren't technical - they're > human, or in the > case of government health care, political. > > Mike Ober. > Mike - I have no idea of what the issues are with this specific case, but in general, when you base a mission critical infrastructure on a platform that has 5-20 serious security patches per month released, it is highly unlikely that any amount of processes are going to be able to prevent an incident from happening at some point in the future. Keep in mind that virus scanners do not look for open security holes that are widely published on various hacker networks that exist across the Internet. Also, keep in mind that most security analysts will state that something like 50-60% of all security incidents are due to internal issues. So, while no platform, including OpenVMS, can ever state they are 100% secure, the bottom line is that some platforms are more secure by design and do not have a culture established where its Customers have become so complacent that they put up with dealing with 5-20 security patches per month. At some point, one needs to examine OS religion and put some reality back into the system. Case in point: http://www.openvms.org/stories.php?story=07/02/16/3329759 Regards Kerry Main Senior Consultant HP Services Canada Voice: 613-592-4660 Fax: 613-591-4477 kerryDOTmainAThpDOTcom (remove the DOT's and AT) OpenVMS - the secure, multi-site OS that just works. ------------------------------ Date: Tue, 27 Feb 2007 15:44:33 +0100 From: "Rudolf Wingert" Subject: Questions about DoSD (Dump of System Disk) Message-ID: <000401c75a7d$cb5eada0$994614ac@domina.fom> Hello, I would like to install the Dump of System Disk at all satellites within = our cluster. What happens if the local DoSD device is unavailable? Is it possible to define the system disk as alternate DoSD device? If yes, how = do you specify them under console mode (SET DUMP_DEV dump_dev,?...?)? TIA and best regards R. Wingert ------------------------------ Date: Tue, 27 Feb 2007 17:31:48 +0100 From: Joseph Huber Subject: Re: Questions about DoSD (Dump of System Disk) Message-ID: Rudolf Wingert wrote: > Hello, > I would like to install the Dump of System Disk at all satellites within our > cluster. What happens if the local DoSD device is unavailable? Is it > possible to define the system disk as alternate DoSD device? If yes, how do > you specify them under console mode (SET DUMP_DEV dump_dev,?...?)? > TIA and best regards R. Wingert > DUMP_DEV can be a list of devices, as well as the DUMPFILE_DEVICE in modparams.dat, specify localdisk:,systemdisk: For details see the system manager manual, e.g. http://h71000.www7.hp.com/doc/82FINAL/aa-pv5nj-tk/aa-pv5nj-tk.html Chapter "Writing the System Dump File to an Alternate Disk" ------------------------------ Date: 26 Feb 2007 23:32:22 -0800 From: fkburrie@gmail.com Subject: Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Message-ID: <1172561542.813594.55820@p10g2000cwp.googlegroups.com> On 26 feb, 17:18, "Volker Halle" wrote: > What's the value in R0 ? > > Volker. Volker, Value of R0: 00000000.00000001 The last message prompted is "LATACP initialised". Normally the system is almost booted when that message appears. I am not aware of any changes to the system parameters. Thanks, Frank ------------------------------ Date: 27 Feb 2007 06:00:24 -0800 From: fkburrie@gmail.com Subject: Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Message-ID: <1172584820.415385.11450@s48g2000cws.googlegroups.com> On 27 feb, 08:32, fkbur...@gmail.com wrote: > On 26 feb, 17:18, "Volker Halle" wrote: > > > What's the value in R0 ? > > > Volker. > > Volker, > > Value of R0: 00000000.00000001 > > The last message prompted is "LATACP initialised". Normally the system > is almost booted when that message appears. I am not aware of any > changes to the system parameters. > > Thanks, > > Frank We found different settings for PIOPAGES on different nodes, some 410 and some 975. Set them all to 975 and we will wait. Thanks. ------------------------------ Date: Tue, 27 Feb 2007 12:16:13 -0500 From: Stephen Hoffman Subject: Re: RMSBUG ASBALLFAIL in proces STARTUP (7.3.1.) Message-ID: FWIW -- and irrespective to the PIOPAGES setting change -- I'd try to bootstrap the box -- however that could be managed -- with default parameter settings, from another node that can boot and that shares the same system disk, or otherwise -- and see if I could load the RMS V6 ECO kit, and the other mandatory kits. Yes, this is a generic shot-gun answer, but it's been my experience that loading current ECOs can fix a whole lot of weirdness. I'd also look at the available physical memory on these AlphaStation 255/300 boxes. Memory for boxes this old can sometimes be a cheap fix for various ills. Though it won't speed that EV45 processor. system with insufficient physical memory can uncloak all manner of evil. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: 27 Feb 2007 01:08:22 -0800 From: joseph.huber@web.de Subject: Re: Satellite nodes and pagefiles Message-ID: <1172567301.967056.216550@q2g2000cwa.googlegroups.com> On Feb 26, 8:20 pm, JF Mezei wrote: > I will be adding the big pagefile within systartup_vms after > I have mounted all the drives but before starting any products. No, You should enter the necessary commands (mount and sysgen install) in SYS$SPECIFIC:[SYSEXE]SATELLITE_PAGE.COM, it is executed earlier in startup. Usually cluster_config creates this file, if You answer the question if the satellite uses a local disk for paging. ------------------------------ Date: Tue, 27 Feb 2007 15:43:13 +0100 From: Joseph Huber Subject: Re: Satellite nodes and pagefiles Message-ID: JF Mezei wrote: > joseph.huber@web.de wrote: > >> No, You should enter the necessary commands (mount and sysgen >> install) >> in SYS$SPECIFIC:[SYSEXE]SATELLITE_PAGE.COM, it is executed earlier in >> startup. >> Usually cluster_config creates this file, if You answer the question >> if the >> satellite uses a local disk for paging. > > > > Yeah, BUT ! > > I'd *like* to maintain a single cluster-wide disk mounting procedure. > Also, I want to structure as follows: > > > [NODE1] [NODE2] > | | > [DISK1] [DISK2] > [SYS0][SYS1] [SYS0][SYS1] > > DISK2 will be an image backup of disk1. (not a shadow copy, I want it to > act as a backup so if I screw up, the other disk is intact). > > Normally, NODE2 boots as satellite as [SYS1] from NODE1. NODE1 boots > locally as [SYS0] > > But I also want NODE2 to be able to boot locally from SYS1, and NODE1 to > be a satellite of NODE2 as [SYS0]. > > And I want to use a sysgen USERDx parameter to indicate to my DCL > special cases where I do not wish to install a local pagefile (for when > I do backups so that the target disk can be reinitialised). In which > case, I might need a remote pagefile. (hence my question for the > smallest size) > > > > By having a small page file on the system disk, it will allow all > processes created by the time systartup_vms is invoke to be mapped to a > pagefile and I can then have more freedom to create the big pagefile to > be used by processes such as x windows and mozilla that require hundreds > of megabytes each. Yes I understand, but all this can be done much earlier, namely in satellite_page.com, so that systartup_vms can use already the page file(s). And if You decide not to install the big local pagefile, and the small one does not exist, use SYSGEN to create one. Pagefiles should have identical sizes I once learned (maybe this is no longer important ?), therefore I like to get rid of the small one on the MSCP served system disk. ------------------------------ Date: Tue, 27 Feb 2007 14:09:36 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: SpamAssassin Message-ID: In article , helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: >In article , david20@alpha2.mdx.ac.uk >writes: > >> In article , helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: >> >Does anyone here have experience with SpamAssassin? Do you recommend >> >it? > >> Since noone else has responded I'll have a go. >> Basically the answer is there is no such threshold. >> No content scanning anti-spam product is 100% accurate. The best will only >> claim 98% accuracy. Which at first sight sounds a lot but really means it gets >> it wrong for 2 out of every 100 mail messages. Those mistakes will either be >> false positives (mail which is mistakenly considered to be spam but isn't) or >> false negatives (mail which is spam but is missed). The threshold just changes >> the ratio of false positives to false negatives. The only way you can guarantee >> that all legitimate mail gets through is to set the threshold to a ridiculously >> high level in which case all mail (including spam) will get through. > >Yes, in theory. In my case, in practice, the provider flags it as spam >for a score of 5 or higher. Looking at well over 1000 messages, NO >legitimate email was flagged as spam. Of the stuff not flagged as spam, >about 2/3 is. About 60--70% of the total gets flagged as spam. So, for >100 messages a day, I could get rid of 65 or so quickly. Of the >remaining 35, I have to fish out a dozen legitimate ones. So it does >save time with no appreciable risk. > Not quite sure I understand the above is that 65 spam messages marked as spam 35 messages not marked as spam of those 12 messages not marked as spam are legitimate mail 23 messages not marked as spam are really spam ie you have a 23% false negative rate using spamassassin with a threshold of 5 but a zero false positive rate. That sounds like a pretty appalling rate of mistakes - either 5 is a particularly high score to set as a threshold for spamassassin so that most mail will get through or I'd suspect that the provider isn't keeping the spamassassin rules uptodate so that the spammers are getting their mail through. If it is the latter then things will become interesting when the provider next updates the rules since for a brief period therafter the situation may be totally reversed with few false negatives and a number of false positives. >My provider would send a message to the (alleged) sender if a message is >not relayed to me because it is suspected of being spam. Thus, a >legitimate sender could find out that this was a problem. (I'm not sure >this is a good idea. What I observe myself is that a spammer sends >email to a non-existent address somewhere else with my address (or a >non-existent address in my domain) as the forged sender. > The spam >scanner at the other end sends me (or, if the user doesn't exist, my >Postmaster, who is me wearing another hat) a message that there was a >problem. Maybe, however, the spammer really wanted to spam my addresses >and is using the spam filter at the other site as a spam relay. (Fine >point: for non-existent users, the Postmaster only gets the mail if they >are also syntactially invalid VMS usernames, since I drop all the rest >during the SMTP dialog, since this is by far the most spam I get >(dictionary attack). > Yes this is backscatter and if your provider is accepting mail for your systems and then running spamassassin on it before sending a bounce then they are part of the spam problem not the solution. It is not acceptable nowadays to send a bounce to the supposed sending address after you have discovered a mail message is spam or contains a virus. Some systems can run an anti-spam product during the SMTP dialogue and can reject the mail at the end of the DATA part which is acceptable. There are now some DNSBLs which list sites which produce backscatter eg Spamcop. I personally think that is going too far since there are still some circumstances (account going overquota where the account is not on the receiving mailserver itself etc) which most mail systems cannot cope with other than by producing a bounce. >> >The main advantage for me is: if I choose to drop the spam, then I don't >> >have to have an ALPHA always have the cluster alias, but a VAX (with >> >TCPIP 5.3) would be OK. (A lot of spam is email to non-existent users. >> >These generate bounces which, because the sender is often faked, bounce >> >back. With 5.4, I can reject email to non-existent usernames (at least >> >if they are valid VMS usernames, which most of them are), but that runs >> >only on ALPHA.) >> >> Unless your Dynamic-DNS provider has a list of all your valid email addresses >> then no anti-spam product it runs can determine that a message is for a >> non-existent account on your systems. > >True, but since no legitimate mail is sent to non-existent users, it >could be flagged as spam based on other grounds. > True but then you have potentially changed an SMTP dialogue rejection of an invalid address (assuming the connection is to your ALPHA) into a backscatter bounce message from your provider complaining about spam. If these are hobbyist VMS systems I'd get PMAS and PMDF. I was going to say that if they were commercial systems then I'd pay for and install MX which runs on Alphas and VAX and would reject mail for non-existent addresses. The price for which was not too excessive. Unfortunately I just had a look at http://www.madgoat.com/mx.html and it appears that no new orders are being taken (though existing customers will continue to be supported). The freeware version MX4.2 is still available and I would hope that would support rejecting mail for non-existent users but can't be sure. If this change in the status of MX is permanent then it is bad news since it leaves nothing filling the small business gap for a real mailserver. Larger enterprises can afford the price of PMDF, hobbyists can get PMDF free. But smaller commercial businesses are left just with the mailservers which come with the IP stacks. David Webb Security team leader CCSS Middlesex University ------------------------------ Date: Tue, 27 Feb 2007 18:28:45 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: SpamAssassin Message-ID: In article , david20@alpha2.mdx.ac.uk writes: > Not quite sure I understand the above > is that > > 65 spam messages marked as spam > 35 messages not marked as spam > of those > 12 messages not marked as spam are legitimate mail > 23 messages not marked as spam are really spam Yes. > ie you have a 23% false negative rate using spamassassin with a threshold of 5 > but a zero false positive rate. Yes. > That sounds like a pretty appalling rate of mistakes - either 5 is a > particularly high score to set as a threshold for spamassassin so that most > mail will get through or I'd suspect that the provider isn't keeping the > spamassassin rules uptodate so that the spammers are getting their mail > through. If it is the latter then things will become interesting when the > provider next updates the rules since for a brief period therafter the > situation may be totally reversed with few false negatives and a number of > false positives. I'll have to investigate how often the rules are updated. Personally, as long as the total amount tagges as spam is appreciable, I would rather have a few false negatives as long as I have no false positives. > >My provider would send a message to the (alleged) sender if a message is > >not relayed to me because it is suspected of being spam. Thus, a > >legitimate sender could find out that this was a problem. (I'm not sure > >this is a good idea. What I observe myself is that a spammer sends > >email to a non-existent address somewhere else with my address (or a > >non-existent address in my domain) as the forged sender. > > The spam > >scanner at the other end sends me (or, if the user doesn't exist, my > >Postmaster, who is me wearing another hat) a message that there was a > >problem. Maybe, however, the spammer really wanted to spam my addresses > >and is using the spam filter at the other site as a spam relay. (Fine > >point: for non-existent users, the Postmaster only gets the mail if they > >are also syntactially invalid VMS usernames, since I drop all the rest > >during the SMTP dialog, since this is by far the most spam I get > >(dictionary attack). > > Yes this is backscatter and if your provider is accepting mail for your > systems and then running spamassassin on it before sending a bounce then > they are part of the spam problem not the solution. It is not acceptable > nowadays to send a bounce to the supposed sending address after you have > discovered a mail message is spam or contains a virus. Viruses he drops completely. For spam he sends a bounce, after the message has been scanned---IF I request that this be done if the threshold is exceeded. If not, the mail is tagged as spam but delivered to me. I think the key word is "discovered". I suppose there is a small probability that an email is mistakenly tagged as spam and thus not delivered (if that is what I request). I don't see the logic in distinguishing between spam and viruses, though. (Viruses might be more certain in their identification, but if the motivation is to inform the sender that he is doing something wrong, then why not inform him that he is sending a virus? Of course, most senders of spam are forged, and on VMS I don't care about viruses anyway, but that is neither here nor there.) Opinions differ. I haven't been able to find a list of generally accepted (by the white hats) guidelines for spam handling. If you know of any, point me to them. If not, then even if I agree with you, the provider can just quote another opinion. Note: at the moment, everything still comes through to me; it is just tagged as spam. I don't generate bounces except when I can't avoid it. (I reject stuff to non-existent users, but that fails for syntactically invalid VMS usernames, which generates a bounce, most of which bounce back to me. There are only a few of these a day, though; there are several hundred attempted sends to nonexistent (but syntactically valid) usernames. > Some systems can > run an anti-spam product during the SMTP dialogue and can reject the > mail at the end of the DATA part which is acceptable. From the point of view of preventing backscatter, that's better. However, the legitimate mistake is not corrected here, either. > There are now some > DNSBLs which list sites which produce backscatter eg Spamcop. I > personally think that is going too far since there are still some > circumstances (account going overquota where the account is not on the > receiving mailserver itself etc) which most mail systems cannot cope > with other than by producing a bounce. One shouldn't confuse legitimate bounces with backscatter. Presumably, if my provider gets into a DNSBL due to backscatter he will change his policies, since he charges for customers (like me) to send through a "good" server. (Technically, I can do anything locally, but I have a dynamic IP address and many folks now just reject all of those.) > >> Unless your Dynamic-DNS provider has a list of all your valid email addresses > >> then no anti-spam product it runs can determine that a message is for a > >> non-existent account on your systems. > > > >True, but since no legitimate mail is sent to non-existent users, it > >could be flagged as spam based on other grounds. > > > True but then you have potentially changed an SMTP dialogue rejection of an > invalid address (assuming the connection is to your ALPHA) into a backscatter > bounce message from your provider complaining about spam. As long as it is spam, that's not a problem. Question: are the bounces really a problem? If the (forged) sender does not exist, they will bounce back. Presumably to an account at the provider which accepts everything, since otherwise (assuming the original spam is retained in the body of the message, and assuming that the threshold is always exceeded) a vicious circle is generated with messages bouncing back and forth. If the (forged) sender exists, then either he wants to stop spam to himself or not. If not, no problem. If so, then the bounce will be filtered. Not ideal, but is there really a situation where people genuinely concerned about spam will be annoyed by backscatter? ------------------------------ Date: 27 Feb 2007 07:08:53 -0800 From: "Bobby" Subject: Re: SYS$TIMEZONE_RULE problems Message-ID: <1172588930.954534.284590@h3g2000cwc.googlegroups.com> > I just tried this out, and it seems to work great. The settings survived > two reboots. > > Zane Great. I'm still curious as to why this is needed though... you would think that it would "just work" following the documented configuration procedure. Bobby ------------------------------ Date: Tue, 27 Feb 2007 12:09:52 -0500 From: Stephen Hoffman Subject: Re: SYS$TIMEZONE_RULE problems Message-ID: Bobby wrote: >> I just tried this out, and it seems to work great. The settings survived >> two reboots. >> >> Zane > > Great. I'm still curious as to why this is needed though... you would > think that it would "just work" following the documented configuration > procedure. FWIW, it looks like what were probably some overlapping edits -- the addition of DECdtss DTSS into base OpenVMS at V7.3, and the addition of the "don't start DECdtss DTSS logical name" NET$DISABLE_DTSS -- might have collided, and created a corner case in the startup. If you've a service contract (and assuming somebody from HP doesn't spot this thread here and log a report on your behalf), ring up HP services and ask for the official statement. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ End of INFO-VAX 2007.116 ************************