OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
Reduce gray-listing pain by seeding white-list with SPF records.
Contributed by pitrh on Fri May 10 05:03:12 2013 (GMT)
from the my admin told me not to talk to strangers dept.

Longtime Undeadly contributor sean writes in with tips and tools for improving your spamd(8) experience:

I have been using gray-listing to thwart spamming for what feels like a very long time. I started using it around the release of OpenBSD 3.5. It was an amazing change from a constant storm of spam and just enabling it got rid of 80% of the spam almost immediately. That amazing improvement didn't come without a cost. Some mail services and servers don't work so well with it. Especially large mailing systems that pass around messages and don't necessarily guarantee the next delivery attempt will come from the same IP or network. Microsoft Exchange was also known to be 'usually' configured in such a way to not work with gray-listing as well.

[ 9 comments 631d20:35 ago ] (flat) (expanded)

You've Installed It. Now What? -stable packages!
Contributed by pitrh on Tue May 7 21:57:09 2013 (GMT)
from the even-puffier-packages dept.

Jasper Lievisse Adriaanse writes in about his (and M:tier's) -stable packaging work:


A short while ago an article was published on here on Undeadly, which explained how to use the ports and packages framework. While it was a good read, it focused on -current.

This article will show how to keep your -stable system up to date, without building anything yourself!

Up to date packages....on -stable?

OpenBSD is continuously working on providing snapshots for all architectures and to provide the packages that go with it.

[ 42 comments 126d6:33 ago ] (flat) (expanded)

Introducing ports-readmes mirror and ports search
Contributed by pitrh on Sun Jun 2 18:13:24 2013 (GMT)
from the In Soviet Russia, system packages you! dept.

Constantine A. Murenin writes in about his new ports database site,

Taking on espie's dated call on doing something cool with databases/sqlports port, and with his own initial work through databases/ports-readmes port, I've decided to fork ports-readmes, and create some very simple web-site to mirror the content generated.

Introducing .

The web-site is completely static, and all the pages get regenerated daily by downloading a fresh copy of the sqlports package from the snapshots, and running the forked ports-readmes.

[ 32 comments 179d5:23 ago ] (flat) (expanded)

OpenBSD 5.3 Released!
Contributed by pitrh on Wed May 1 17:14:18 2013 (GMT)
from the do-androids-dream-of-electric-pufferfish dept.

May 1st 2013, Calgary, AB, CA and elsewhere:

The OpenBSD project today formally released OpenBSD 5.3, the project's 34th release on the steady six monthly release cycle.

Notable news in the present release include the a production ready release of OpenSMTPD, a much-renovated dhclient(8), a slew of new drivers for various hardware, OpenSSH release 6.2 as well as numerous improvements in all parts of the system. The OpenBSD 5.3 release page has more information, with further details given at the changelog page.

The new release is available as an inexpensive CD set and as a free download from mirror sites in several countries worldwide.

[ 10 comments 488d23m ago ] (flat) (expanded)

You've Installed It. Now What? Packages!
Contributed by pitrh on Mon Apr 22 14:27:16 2013 (GMT)
from the good things come in small packages dept.

Once you've installed your OpenBSD system, packages are there to make your life easier. A works for me/life is good guide for your weekend reading.

Installing OpenBSD is easy, and takes you maybe 20 minutes. Most articles and guides you find out there will urge you to take a look at the files in /etc/ and explore the man pages to make the system do what you want. With a modern BSD, the base system is full featured enough that you can in fact get a lot done right away just by editing the relevant files and perhaps starting or restarting one or more services. If all you want to do is set up something like a gateway for your network with basic-to-advanced packet filtering, everything you need is already there in the basic install.

Then again, all the world is not a firewall, and it is likely you will want to use, for example, a web browser other than the venerable lynx or editing tools that are not vi or mg. That's where packages and package systems come in. I'll skip a little ahead of myself and make a confession: The machine I'm writing this piece on reports that it has some 381 packages installed.

[ 3 comments 1366d2:12 ago ] (flat) (expanded)

OpenBSD Foundation benefit Auction / Absolute OpenBSD 2nd Ed.
Contributed by pitrh on Wed Apr 17 11:36:38 2013 (GMT)
from the do-I-hear-one-billion-dollars dept.

Author Michael Lucas has kindly donated a signed copy of the very first production copy of Absolute OpenBSD, 2nd Edition to an auction benefitting the OpenBSD Foundation:

OpenBSD Foundation benefit Auction:

A special auction has been arranged with Michael Lucas and No Starch Press to raise funds for the OpenBSD Foundation. See the link above.

This will be an auction of the guaranteed first copy off the press of Michael Lucas's Absolute OpenBSD, 2nd edition, which is due before the end of this month. This copy will be personally signed by the author, and accompanied with a certificate of authenticity. A DRM free digital version will also be made available to the winner.

The auction is handled by Computer Shop of Calgary. 100% of the proceeds will be donated to the OpenBSD Foundation.

Auction says Credit Cards or PayPal is accepted, but I am sure we could arrange alternate methods. Hey, the OpenBSD crowd is clever enough to each have a stash of BitCoins, no? Cost you nothing, right? Just a tiny handful would do wonders!

Enjoy the fun!

Austin Hook

OpenBSD project leader Theo de Raadt added:

I would like to thank Michael for coming up with this idea.

For those who missed the fine print, this will go to the OpenBSD Foundation. The donations the Foundation receives go exclusively towards funding OpenBSD project costs.

This will join donations that fund approximately 90% of our hackathon costs (where much of our development happens), and around 90% of our network costs.

The other people who donate don't get an item like this (unless they are bidding against you and win).

This is the perfect chance to grab a unique piece of OpenBSD history, and support the project while you're at it.

Update: The auction is over, and has raised $1,145.00 US for the OpenBSD Foundation! Congratulations to the winning bidder, and another round of thanks to Michael Lucas for making this happen.

[ 28 comments 74d1:37 ago ] (flat) (expanded)

BXR.SU, OpenGrok service for BSDs in publicly private (IPv6-only) beta
Contributed by pitrh on Thu Apr 4 05:20:02 2013 (GMT)
from the all-cross-indexed dept.

Constantine A. Murenin writes in about his new BSD source code search engine:

Publicly private beta? Instead of devising a new scheme on handing out invitations for a new and improved OpenGrok for the BSDs, why not require IPv6 for the beta?

Welcome BXR.SU Super User's BSD Cross Reference, which is launched 2013-04-01 as an IPv6-only OpenGrok service for FreeBSD, OpenBSD, NetBSD and DragonFly BSD.

[ 3 comments 270d23:35 ago ] (flat) (expanded)

LOLCODE Scripting Added to OpenBSD Kernel
Contributed by tbert on Mon Apr 1 10:27:31 2013 (GMT)
from the in-ur-base-scripting-yr-kernel dept.

Given the need for constant feature implementation, and the difficulty normal users have altering their running kernels, the OpenBSD project, after nearly a year of testing and rejecting candidates, is proud to announce the selection of LOLCODE as the in-kernel scripting language.

Example code implementing a basic firewall function is found below:


BTW Filter packets based on source address


    IZ IPHDR->srcip ""?
            BTW Have matched a blacklisted address; drop packet
            BTW Just pass the packet


One of the factors driving the adoption of LOLCODE was the unparalleled ability for writing interpreters for other languages, meaning that your options for kernel hacking are virtually limitless.

LOLCODE scripts are loaded/unloaded through the new lolctl(8) command, which accesses the new lol(4) device.

This should be currently available in snapshots; as always, widespread testing is key to a quality release!

[ 19 comments 103d4:14 ago ] (flat) (expanded)

KMS for Intel GPUs has landed in -current
Contributed by phessler on Wed Mar 20 09:58:40 2013 (GMT)
from the kernel-mood-settings dept.

Jonathan Gray (jsg@) just committed KMS support for inteldrm(4):

Significantly increase the wordlist for ddb hangman, and update our device independent DRM code and the Intel DRM code to be mostly in sync with Linux 3.8.3. Among other things this brings support for kernel modesetting and enables use of the rings on gen6+ Intel hardware. Based on some earlier work from matthieu@ with some hints from FreeBSD and with lots of help from kettenis@ (including a beautiful accelerated wscons framebuffer console!) Thanks to M:Tier and the OpenBSD Foundation for sponsoring this work.

[ 340 comments 30d2:31 ago ] (flat) (expanded)

Support OpenBSD!

Donate to OpenBSD

Buy OpenBSD products


We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Older Stuff
Tuesday, March 19
08:51 OpenSMTPD 5.3 released (336)
08:45 AsiaBSDCon 2013 wrap-up (0)
Sunday, March 17
20:27 OpenBSD 5.3 Pre-Orders Have Started (0)
Tuesday, February 26
09:40 Donation Request: New xserve G4 for ports builds (4)
Thursday, February 21
08:14 BSDCan 2013 Program Announced (0)
Friday, February 08
20:28 Love the new dhclient changes - and so I was inspired... (48)
Tuesday, February 05
20:22 AsiaBSDCon 2013: Strong set of OpenBSD talks (0)
08:44 n2k13 update: Paul Irofti Talks Loongson and ACPI (2)
Monday, February 04
10:37 Absolute OpenBSD, 2nd Edition is available for pre-order (12)

Older Stuff...
Yesterday's Edition...

OpenBSD Errata

OpenBSD Resources

Users wishing RSS/RDF summary files of OpenBSD Journal, can retrieve: [xml]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. Some icons from used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]