On 05.06.2017 20:38, Samuel Sieb wrote: I'm using inside my network a .local domain which is defined in a ZONE on my DNS - so no problem ...

On 06/05/2017 01:25 PM, Samuel Sieb wrote: Sounds likely. In this case, you probably want to *remove* nss-mdns, and if that doesn't solve the problem, maybe also remove "mdns4_minimal [NOTFOUND=return]" from /etc/nsswitch.conf's "hosts:" line.

On 06/07/2017 12:05 PM, Walter H. wrote: I don't really know what that means.

On 06/07/2017 10:53 PM, Walter H. wrote: Not on my system. The only thing that appears to depend on nss-mdns is wine, here. In any case, if that solution isn't workable for you, you can remove "mdns4_minimal [NOTFOUND=return]" from /etc/nsswitch.conf, and you should be able to look up .local hosts using DNS.

Gordon Messmer wrote: Tom Horsley: The converse, here. I've never had to mess around removing mdns from nsswitch.conf. And I don't recall having to do anything *like* that since I stopped using Samba years ago (removing lmhosts from the name resolution equation). I run a local DNS server, that's integrated with my DHCP server (in that new hosts assigned an IP by the DHCP server get their data incorporated into the DNS server, so all clients on my LAN use my DNS server for *all* name resolution, local and WWW). I don't make use of the hosts file. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 (always current details of the computer that I'm writing this email on) Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. Lucky for you I typed this, you'd never be able to read my handwriting.

Tim: Walter H.: I have a real domain name, which resolves to my externally hosted mail and website. Internally, I have a LAN sub-domain, of it, that my DNS and DHCP servers work with. e.g. www.example.com vs lan.example.com So, internally, you get local FQDNs like laserprinter.lan.example.com. Externally, you get the usual website domain names www.example.com, or just example.com. And mail is simple username(a)example.com. My DNS server will directly answer LAN queries, for the lan subdomain, but refer the main domain name to the internet like any other query. That kept things running pain-free, until mDNS reared it's ugly head on me when I tried to add a Canon Pixma printer to my LAN. The printer only wanted to use the zeroconf/bonjour scheme, ignoring my DNS and DHCP. It took me a while to figure out that it doesn't query normal DNS servers on port 53, at all. I can understand manufacturers adding zeroconf/bonjour functions to equipment, but I can't comprehend them taking away normal networking. Many years ago, while playing with servers on my LAN, before setting up DNS and DHCP servers, I discovered an annoying issue with just using hostnames (in the hosts file), various servers insisted on having domain names with at least one dot in them. At that stage, I took my lead from the hosts file, did a bit of ferreting around to see what purpose it had, and I went with using .localdomain as my TLD. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 (always current details of the computer that I'm writing this email on) Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. Hooray! I finally finished typing this email.

On 12.06.2017 16:35, Tim wrote: just for this, there exists an I-D, which will become an RFC, and there .home.arpa is reserved as sepcial use-domain https://datatracker.ietf.org/doc/draft-ietf-homenet-dot/

On 06/05/2017 09:13 PM, Walter H. wrote: It is not! Try reading this: https://en.wikipedia.org/wiki/.local Microsoft at one point suggested using it, but they have since recanted. According to https://tools.ietf.org/html/rfc6762 .local is reserved for MDNS use and is not supposed to be DNS resolvable.

On 06/05/2017 10:19 PM, Walter H. wrote: .lan meets your requirements and I have seen that used. Or you could make up something random. Since it's just your private network, if the one you choose gets used later, you will have to change it again, but you'll have lots of warning. I don't understand what you're saying here.

On 06/05/2017 11:27 PM, Walter H. wrote: That should all work. The problem you are having is that you are using .local in your DNS.

On 06/06/2017 11:22 AM, Walter H. wrote: Either you've been lucky or those other systems don't support MDNS yet.

On 06/06/2017 12:49 PM, Walter H. wrote: nslookup only does direct DNS, it doesn't use the system resolver. There are no guarantees, but at this point .lan is not likely to have any future purpose. Or if you use something unique like .waldi, you are really safe. I suspect that the expectation was that everyone would just have their own domain. But the system is flexible enough that you can make up your own as long as you keep it private. You could even use someone else's domain as long as you won't ever want to communicate with them. :-)

On Tue, 6 Jun 2017 12:59:07 -0700 Samuel Sieb <samuel(a)sieb.net&gt; wrote: Empty mail again. What is going on?

On 06/07/2017 01:05 AM, Tim wrote: I've always done that and almost did that again right here. :-) It's easier to just put a newline in instead of also deleting the extra ">" from the previous line. Most email clients have no trouble, but I have noticed that gmail and outlook sometimes mess up with it. I will try to leave a blank line in between quotes from now on.

On 06/07/17 04:49, Bob Marcan wrote: Well, it seems you are using Claws Mail 3.14.1 to access your mail. Maybe you should use the Web interface of gmail to see if there is a difference. You seem to be the only one with the issue so I would expect the problem to be on your end. :-) -- Fedora Users List - The place to go to speculate endlessly

On 06/07/17 22:07, stan wrote: Well, except that the "empty" messages from Samuel Sieb are tagged as... Content-Type: text/plain; charset="utf-8"; format="flowed" Content-Transfer-Encoding: base64 So, I don't think the issue is related to html -- Fedora Users List - The place to go to speculate endlessly

On 07.06.2017 17:40, stan wrote: this is because, my Thunderbird generates both variants, the text/plain and the text/html ... (don't ask me why)

On 06/08/17 00:25, Walter H. wrote: Well, according to the other MIME headers in the message appearing on the list it is not ending up with both variants. I see... Content-Type: multipart/mixed; boundary="===============4901101950197799775==" This is a cryptographically signed message in MIME format. The next part... Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms050801080503060907090608" This is a cryptographically signed message in MIME format. Followed by.... Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable The next being... Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature And lastly.... Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline No, HTML.... FWIW, to ensure HTML is not sent to a mailing list I go to "Perferences--->Compositiong" on the General Tab I select "Send Options" and define a "Plain Text Domain". -- Fedora Users List - The place to go to speculate endlessly

On 06/08/17 14:23, Walter H. wrote: So, how is it broken? I mean other than now forcing me to remember to hit "Reply List". :-) Unless you're saying you know you are sending the body in both HTML and Plain-Text and that mailman is stripping out the HTML and only passing the Plain-Text? In that case I'd say it was a feature, not a bug. :-) :-) -- Fedora Users List - The place to go to speculate endlessly

On 06/08/17 20:07, Walter H. wrote: I don't recall putting out any headers that showed your message containing HTML. Now, looking back in the list I do see messages with HTML formatting. In those cases, as per the RFC's, they do have an initial header of Content-Type: multipart/mixed; boundary="===============6657248435458859845== But then you have Content-Type: multipart/alternative; boundary="f403045c3978a173c20550995890" With the alternative forms of the same content bounded by what is specified in the "boundary" I do see what you mean about S/MIME. I've not used that in quite some time so I'd have to look to see how/why it gets broken. I've used PGP/MIME on this list before, and I will sign this message, and it didn't get broken. Guess I'll have to get a free S/MIME cert for testing at some point. :-) :-) -- Fedora Users List - The place to go to speculate endlessly

On 06/09/17 02:39, Walter H. wrote: I think I see what is happening, at least for S/MIME. Mailman is placing a footer at the end of the message to remind folks how to unsubscribe. This mean it must reformat the MIME headers and this seems to break SMIME. I don't recall it breaking PGP/MIME. Guess I will have to subscribe with another account and sign various replies just to see what goes on with both methods. -- Fedora Users List - The place to go to speculate endlessly

On 06/09/17 05:47, Dave Stevens wrote: Probably, eventually. After I study the differences between the headers of an S/MIME message to the list compared with the headers of a PGP/MIME message (which I have verified does survive) and determine if it is a case of real breakage or a case of Thunderbird not doing the right thing. So, I need to know more about S/MIME, PGP/MIME, the abilities of Thunderbird, and then the mechanics of mailman before I can somewhat intelligently talk about it. :-) (FWIW, this message is signed with S/MIME from within Thunderbird) and the message you replied to was signed with PGP/MIME. -- Fedora Users List - The place to go to speculate endlessly

On 06/09/17 06:12, Dave Stevens wrote: OK... So, if you're seeing the S/MIME signed message in "claws on mint" and I'm not seeing it on T-Bird and neither is Walter (who is also using T-Bird) then it pretty much narrows it down to a User-Agent issue. So, thanks much for letting me know and making things easier to nail down. -- Fedora Users List - The place to go to speculate endlessly

Allegedly, on or about 09 June 2017, Ed Greshko sent: That one came through, okay. Having a look at the source of the message, the list added it's signature as another section to the mail. The different parts of the mail have individualised headers that tell each section apart, as well as which parts are associated with each other. And, by the converse, the boundary marker provides a division that is to be regarded separately. The signed portion of the message, is just that: It's a *portion* of the message that's signed. It has to work that way, as the headers will change in transit. And, as we see on lists, footers can be added. So a signed message doesn't authenticate the entire posting, just some portion of it. Unfortunately, the mail client doesn't indicate which parts are verified by the signature. Nor does mine indicate that only some portion of the message is verified. It's probably possible to forward someone's signed message, add stuff below the signed content, and fool people. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 (always current details of the computer that I'm writing this email on) Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. I'd just like to say that vinyl record crackles and pops are far less annoying than digigigigital mu-u-u-u-usic hiccicicicups and yooo-----------------u tu-----be ....... pauses.

On 06.06.2017 20:15, Samuel Sieb wrote: no. it startet with this Fedora box, or to say it differently I'm told that this is the cause for the phonomens listed in OP ... with all other Linux/Windows VMs I don't have these phonomens renaming an AD domain?

On 06/06/2017 04:56 AM, Walter H. wrote: "you can use whatever you want" "You *may* avoid" have a different meaning. Otherwise, just pick some random short selection of characters. It's really not that complicated.

On 06/06/2017 12:41 PM, Walter H. wrote: I'm not kidding. Why is it a problem? Exactly. If you prefer that, then even better.

On 06/06/2017 01:47 PM, Bob Marcan wrote: I don't know why you think it's empty, unless your email reader is doing something strange. Here's the mailing list archive page: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.o...

On 06/07/2017 09:18 AM, Walter H. wrote: That looks like a good solution.

On 06/07/2017 09:18 AM, Walter H. wrote: I don't see any reason that you couldn't use that. My only concern is that recursive/caching nameservers would 1) have to be configured not to "phone home" to the root-servers for .home or 2) resolvers of the future would have to be smart enough to not do that either.

On 06/07/2017 10:17 AM, Mike Wright wrote: The point is that you would have your own name server that is authoritative for that domain. Then it won't try recursively resolving it.

On 06/07/2017 11:29 AM, Mike Wright wrote: I'm not sure what you're trying to say here, this is the standard setup. The DNS server on the internal network is authoritative for a certain set of domains. Anything other than that is automatically resolved recursively. Why would it be any different for the .home domain?

On Wed, 2017-06-07 at 20:59 +0200, Walter H. wrote: This is another situation where having a registered domain name becomes handy. If you ever want to use it publicly (e.g. you want to access something on your LAN remotely), you don't have to change all those kind of things, again. You're already set up.

On 06.06.2017 22:01, Joe Zeff wrote: your idea is good, but I'm not sure, if this TLD becomes public in near future, and then I've a problem again ...

Allegedly, on or about 07 June 2017, Walter H. sent: Well, the only foolproof solution for you is going to be: Register a domain name, so that you own it. You only have to register it, there doesn't have to have some DNS server out there on the internet with your IPs in it, serving them to all and sundry. You can run your own DNS server, on your LAN, to resolve your own addresses. If you find you're stuck with a registrar that insists you set up public DNS records, then set up a record with one address in it, that you're not going to use, unrelated to your LAN. When I had a play with NoIP, years ago, I left a record with 127.0.0.1 in it. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 (always current details of the computer that I'm writing this email on) Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. George Orwell's '1984' was supposed to be a warning against tyranny, not a set of instructions for supposedly democratic governments.

On 06/05/2017 11:31 PM, Gordon Messmer wrote: Swell. Happen to know of a registrar that will let me register a domain that has no public facing DNS server? (At pretty much zero cost, of course) -- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it.

On 06.06.2017 16:43, Matthew Miller wrote: mine told me, that 2 DNS server are needed ..., and nobody is held to delegate subdomains to private IP (RFC1918) DNS servers

On Tue, Jun 6, 2017 at 1:32 PM, stan <stanl-fedorauser(a)vfemail.net&gt; wrote: TLD -- Top Level Domain

On Tue, June 6, 2017 06:31, Gordon Messmer wrote: can someone bring this to a standard https://www.ietf.org/staging/draft-hoehlhubmer-private-tlds-00.txt

On 06/05/2017 11:13 PM, Walter H. wrote: I'm not familiar with the use or misuse of .local, but I am having a problem that might be related. I have a surveilance camera, which I am trying to make work-- a Pyle PIPCAM5. My Linux is PCLinuxOS, but that probably is not germane. Two days ago I investigated the camera, which is (at the moment) connected to the lan by cat5 cable. Using nmap and one other program I got the responses that the camera's name is Android.local and I found the ip address and the MAC address (which was supposed to be on the bottom of the camera but wasn't). On that day, I could ping the camera by its ip or by its name, and the ping would work. I also found that it was made by Murata. Now the problem: yesterday and today it is inaccessible by any means--ping by ip or name, or by nmap. I have tried connecting and disconnecting the lan cable, the power cable, and rebooted the router, but nothing works. And since I can't access it, if the name is a problem, there is no way to get to it and change the name, even if I knew how! (Oh, I also tried to access it wirelessly, but that doesn't work either.) What does TLD mean, anyway? --doug

Allegedly, on or about 05 June 2017, Walter H. sent: If somewhere on your LAN are things using ZeroConf, Bonjour, or other similar autonomous psuedo-DNS software (client or server), then using .local for your own DNS records will probably cause problems. Those things (ZeroConf et al), expect to have control of it all by themselves, and get their knickers in a twist if you get involved. And, not only that, they do their name resolutions using a different system, on a different port number. So, printer software, for example, trying to work out where laserjet.local can be found, is unlikely to consult your regular DNS server on port 53. And the converse is true, as I found out, with my printer that wanted to self-configure using the .local scheme, and only the .local scheme. I have a fully working traditional DNS, but no multicast DNS (ZeroConf, Bonjour, etc). The printer got nowhere with it's self-misconfiguration routines. If you had a purely old-school DNS setup, you can almost get away with using any name that isn't in use by anything else (my problem with an annoying Pixma printer proved that, even then, it's a problem, as you add new hardware). In the past, there was a list of suggested top-level domains, for LANs, that included .local. But, since then, at least one of those autonomous systems began using .local for themselves. There is one virtually guaranteed way to manage your own DNS without any conflicts, and that's to register a domain name. It's yours, you can do what you like with it, and other people are prevented from making public use of it (something that would cause you problems). You don't even have to use it with a website, or other public service. But if you do use it on the WWW, then you can make a subdomain for your LAN, to separate the two without managerial headaches. If you don't want to go down that route, then choose one of the other (current) recommendations. And be prepare to keep an eye out for changes to that list of recommendations. Supposedly, these auto-config DNS-like systems should make things simpler for you. You'd simply call your computer a name, put a name into your printer, likewise with your router (though many devices come preconfigured with their own names), and the auto-config networking will handle all the behind-the-scenes name resolution without you having to do a thing. Mind you, it's like that plug-and-play debacle, where you have to trust everything on your LAN, and anything plugged in is implicitly allowed to do whatever it wants to. That might be okay for basic home LANs, but not so for offices where random dopey employees may plug in random un-authorised devices. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 (always current details of the computer that I'm writing this email on) Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. I reserve the right to be as hypocritical as the next person.