[00:00:32] *** Schockwelle has quit IRC
[00:05:11] *** olinuXP is now known as olinux
[00:07:25] <djs_2_6> Hey all.  For hosting multiple mail domains on one server with one ip address, for my mx record, do I point them all at one mail server, or does each domain have it's own mx record pointing to it's own mail server, and then that stuff is configured on the mail server?
[00:12:20] *** TTIelu has quit IRC
[00:17:43] <Signum> djs_2_6: you have one MX record for each domain which points at your mail server.
[00:18:02] <Signum> djs_2_6: postfix just deals with incoming SMTP sessions via IP and doesn't care about DNS resolutions at that stage
[00:23:09] *** choongii has joined #postfix
[00:24:31] <Blackvel> what is that thing with postgrey if I use in smtpd_recipient_access check_policy_service? Do I explicitly have to put "check_recipient_access <whitelistfile>" before that line?
[00:25:34] <djs_2_6> Signum - so, for mydomain1.com, have 0 mx mail.mydomain1.com, and for mydomain2.org, have 0 mx mail.mydomain2.org?
[00:26:51] *** _matt has quit IRC
[00:27:00] *** rcsu has quit IRC
[00:27:51] *** olinuXP has joined #postfix
[00:28:32] <Signum> djs_2_6: I'd chose a non-zero priority. No idea if 0 is allowed. But otherwise it's irrelevant whether you create a mail.$DOMAIN.org host entry for each domain or just use mail.djs-mailservice.com for all domains
[00:30:25] *** _matt has joined #postfix
[00:30:37] <djs_2_6> Oh, I see.  As long as they all point to the same server, that is all that matters, right?
[00:31:31] <Signum> Correct.
[00:31:58] <Signum> Postfix just sees an incoming TCP connection on port 25. It can't tell how you got there. It might even have been a "telnet 20.30.40.50 25"
[00:35:21] <djs_2_6> Ok.  Now beyond setting up the domain, mailbox, etc., in mysql database for new domain, how do I tell postfix et al about the new domain?
[00:35:45] <Signum> That
[00:35:46] <Signum> That
[00:35:50] <Signum> crap keyboard!
[00:36:20] <Signum> That's a very generic question. You probably use virtual domains. So you need to add the new domain to the virtual_mailbox_domains list/mapping.
[00:36:32] <Signum> If that mapping points to a database you need to add an entry there.
[00:38:32] <djs_2_6> I do use virtual domains, and I added all of the entries for the new domain in the database already.  So, that is it?
[00:39:26] <Signum> And you need to create the mailbox mappings in virtual_mailbox_maps of course.
[00:41:19] <djs_2_6> Ok, this is all done.
[00:41:24] *** master_o1_master has joined #postfix
[00:41:51] <djs_2_6> Got postfixadmin working, so all of this gets done, and I have checked it's results, too.
[00:41:52] *** olinux has quit IRC
[00:43:15] <djs_2_6> I was thinking I had to do something to the mail server settings for domain.  Guess I was wrong.
[00:50:36] <djs_2_6> Well, looks like the physical mailbox is not getting set up.  Who would do that, postfix or courier?
[00:52:10] *** master_of_master has quit IRC
[01:04:36] <Signum> Postfix. And it does that automatically once the first mail is received.
[01:07:24] *** olinuXP has quit IRC
[01:10:12] *** Fullmoon has quit IRC
[01:12:24] <jduggan_> (assuming it has permissions to create it)
[01:20:11] *** RubenGA has quit IRC
[01:23:51] *** cilly has quit IRC
[01:24:22] *** cilly has joined #postfix
[01:27:28] *** frennkie has joined #postfix
[01:40:13] *** pirho has quit IRC
[01:47:23] *** Blackvel has quit IRC
[01:49:41] *** cilly has quit IRC
[01:53:58] *** choongii has quit IRC
[01:56:17] *** war has quit IRC
[01:57:20] *** frennkie has quit IRC
[02:06:25] *** renkho has quit IRC
[02:06:40] *** renkho has joined #postfix
[02:11:40] *** zap-clone has joined #postfix
[02:12:29] *** jduggan_ has quit IRC
[02:15:06] *** renkho has quit IRC
[02:15:33] *** renkho has joined #postfix
[02:24:22] <js_> which filesystem is best suited for mail spooling?
[02:24:28] *** Mazon is now known as mazon
[02:29:48] *** zap-clone has quit IRC
[02:40:31] *** hemry has quit IRC
[02:43:37] *** renkho has quit IRC
[02:56:26] *** megaTherion has quit IRC
[02:57:00] *** megaTherion has joined #postfix
[02:57:01] *** blinx has quit IRC
[03:01:03] *** blinx has joined #postfix
[03:02:22] *** nox has quit IRC
[03:02:33] *** nox has joined #postfix
[03:06:38] *** Tachy_ has joined #postfix
[03:18:46] *** Tachy has quit IRC
[03:32:12] *** chatran has joined #postfix
[03:36:25] *** babo has quit IRC
[03:41:52] <js_> hm, does vpopmail work well with postfix?
[03:48:17] *** olinux has joined #postfix
[04:20:36] *** dj-fu has joined #postfix
[04:28:02] *** TheOutlander has quit IRC
[04:28:53] *** Motoko-chan has joined #postfix
[04:30:43] *** pickcoder has quit IRC
[04:41:50] *** caravena has joined #postfix
[04:43:03] *** master_of_all has joined #postfix
[04:48:32] *** olinux has quit IRC
[04:53:12] <djs_2_6> Well, I apparently have some emails stuck in one of my queues.  How can I view them, then get rid of them?
[04:53:47] <shasta> man postsuper
[04:57:40] <djs_2_6> Beautiful.  Thank you shasta.
[04:58:08] *** master_o1_all has quit IRC
[05:02:22] *** dj-fu has quit IRC
[05:03:01] *** Gokee2 has joined #postfix
[05:07:27] *** TheOutlander has joined #postfix
[05:07:55] *** cpm has quit IRC
[05:10:03] *** olinux has joined #postfix
[05:19:34] *** olinux has quit IRC
[05:23:28] *** netcrash has joined #postfix
[05:32:31] *** netcrash has quit IRC
[05:35:13] *** honkzilla has quit IRC
[05:38:55] *** olinux has joined #postfix
[05:42:38] *** Mavvie has joined #postfix
[05:45:37] *** merlin2049er has joined #postfix
[05:47:25] *** olinux has quit IRC
[05:54:23] *** yves__ has joined #postfix
[05:54:32] *** yves__ is now known as nictuku
[05:55:46] *** magyar has quit IRC
[05:56:08] *** chatran has quit IRC
[05:57:36] *** olinux has joined #postfix
[05:58:52] *** puff has quit IRC
[06:00:46] *** dj-fu has joined #postfix
[06:04:55] *** kokoko1 has quit IRC
[06:14:36] *** djs_2_6 has quit IRC
[06:37:29] *** Terminator has joined #postfix
[06:39:25] *** Terminator has quit IRC
[06:40:17] *** Terminator has joined #postfix
[07:19:10] *** Postfix-ing has joined #postfix
[07:19:29] <Postfix-ing> HI all
[07:19:35] <Postfix-ing> I how are you doing ?
[07:19:57] <Postfix-ing> I have a big trouble with setting security
[07:20:12] <Postfix-ing> can anyone help me ?
[07:20:50] -Postfix-ing- Please
[07:25:53] <Gokee2> :)
[07:26:25] <Postfix-ing> no time to smile :)
[07:26:32] <Gokee2> No, at least you would not want my help.
[07:26:39] <Postfix-ing> :)
[07:26:50] <Gokee2> I am not at all good at security
[07:27:14] <Postfix-ing> I think I have smoe problem in relaying
[07:27:30] <Postfix-ing> because it's based on postfix+courier-imap + mysql
[07:27:47] <Postfix-ing> and my mails are recognized as spam :(
[07:33:24] *** Postfix-ing has quit IRC
[07:37:19] *** olinuXP has joined #postfix
[07:42:08] <Fullmetal-Mavez> !seen smesjz
[07:42:09] <knoba> Fullmetal-Mavez: smesjz was last seen in #postfix 11 hours, 14 minutes, and 47 seconds ago saying: <smesjz> sometimes you can manage it yourself using Plesk or another tool
[07:42:13] <Fullmetal-Mavez> ARGHHHH
[07:42:19] <Fullmetal-Mavez> fucking missed him
[07:43:40] *** BlackCat has joined #postfix
[07:43:43] <BlackCat> hello
[07:43:46] *** olinux_ has joined #postfix
[07:43:50] <BlackCat> got postfix question
[07:44:01] <BlackCat> im upping postfix with dovecot sasl
[07:44:11] <BlackCat> Error: Error in configuration file /usr/local/etc/dovecot.conf line 1057: Authentication process already exists with the same name
[07:44:26] <BlackCat> got the following when starting dovecot
[07:44:35] *** GMFlash has quit IRC
[07:44:40] *** GMFlash has joined #postfix
[07:44:52] <BlackCat> what is the problem there ? // Dont know postfix well :(
[07:46:35] <haroldp> it sounds like you have an error on line 1057 of dovecot.conf :)
[07:49:11] <BlackCat> yep :)
[07:49:26] <BlackCat> i can make it on third line if needed
[07:50:38] <BlackCat> noone here ?
[07:52:09] *** af_ has joined #postfix
[07:52:43] <BlackCat> can somone help
[07:54:36] *** Frits has joined #postfix
[07:55:14] *** olinux has quit IRC
[07:55:19] *** olinuXP has quit IRC
[08:10:42] *** holst has joined #postfix
[08:11:01] <holst> I was planing on implementing an "opt in" mailserver; by modifying the graylisting code
[08:11:17] <holst> however, i see that the greylisting actually is so efficient
[08:11:30] <holst> it rendered any "patching" unnessicary =D
[08:11:55] <holst> so, highly recommended folks =D (together with the spamcop et al checking)
[08:15:23] *** Frits has left #postfix
[08:21:25] *** dj-fu has quit IRC
[08:21:52] *** __LINENO__ has joined #postfix
[08:22:18] <__LINENO__> hi there
[08:23:12] *** __LINENO__ has left #postfix
[08:33:22] *** _matt has quit IRC
[08:40:18] *** f3ew_ has quit IRC
[08:46:07] *** raina has quit IRC
[08:52:02] *** f3ew has joined #postfix
[08:54:16] *** raina has joined #postfix
[08:56:34] *** _matt has joined #postfix
[08:58:56] *** Terminator has quit IRC
[08:59:00] *** TheOutlander has joined #postfix
[09:12:56] *** UQlev has joined #postfix
[09:44:17] *** UQlev has left #postfix
[09:45:42] *** mazon is now known as Mazon
[09:48:37] *** sepski has quit IRC
[09:50:00] *** Motoko-chan has quit IRC
[09:56:36] *** hark has joined #postfix
[10:02:44] *** Zeit|awy has joined #postfix
[10:06:39] *** nitrobit has quit IRC
[10:08:04] *** nitrobit has joined #postfix
[10:08:20] *** Zeit|idle has quit IRC
[10:33:44] *** war has joined #postfix
[10:40:20] *** af_ has quit IRC
[10:43:39] *** bkw has joined #postfix
[10:46:37] *** choongii has joined #postfix
[10:47:01] *** zap-clone has joined #postfix
[10:48:20] *** rootsvr has joined #postfix
[11:00:46] *** dj-fu has joined #postfix
[11:15:09] *** af_ has joined #postfix
[11:20:49] <Zborg> matin !
[11:20:55] <Zborg> oops, sorry
[11:25:21] *** Blackvel has joined #postfix
[11:27:14] <Blackvel> hi all. looks like I don't understand how to use reject_rbl_client, reject_rhsbl_client and reject_rhsbl_sender. under what sections I use them? In reject_rbl_client dnsbl.sorbs.net,
[11:28:24] <Blackvel> The entry in smtpd_client_restrictions seems not do do its job. should it only be used in recipient? I get the following msg trying to send me an email:
[11:29:05] <Blackvel> 554 5.7.1 Service unavailable; Client host [...] blocked using sb.dsbl.org. Your mail has been rejected because the server you are sending to is misconfigured and using dsbl.org incorrectly
[11:29:50] <Signum> Blackvel: what does "postconf smtpd_client_restrictions" print?
[11:29:54] <Blackvel> oh
[11:30:26] <Blackvel> i have two entries. list.dsbl.org and sb.dsbl.org
[11:31:21] <Blackvel> much :)
[11:31:28] *** stony has joined #postfix
[11:33:15] <Blackvel> http://rafb.net/p/eg3pGN14.html
[11:33:48] <Blackvel> i am too new to all this stuff. do I have to use those reject_rbl_client under each section? client, recipient, sender, etc.?
[11:34:09] <Blackvel> I found a html example which seems to does this
[11:36:01] *** redondos has quit IRC
[11:39:11] <Signum> I haven't heard of sb.dsbl.org. Is it an IP based RBL?
[11:39:25] <Signum> Generally I'd suggest you read http://www.postfix.org/postconf.5.html#smtpd_client_restrictions
[11:40:11] *** redondos has joined #postfix
[11:40:35] <Blackvel> oh i found a mailing list. ordb.org seems not to exist anymore
[11:41:08] <Blackvel> looks like anti-spam example only puts reject_rbl_client into recipient and sender restrictions
[11:41:17] <Signum> http://www.postfix.org/uce.html is also nice
[11:41:30] <Blackvel> yeah i know
[11:41:36] <Blackvel> read over it multiple times
[11:41:41] <Signum> It's really important that you read and understand the terms of each RBL. sorbs for example is very dangerous while many others are useless
[11:41:49] <Blackvel> but sometimes I just don't completely understand :)
[11:42:13] <Blackvel> you are right. looks like I have to check every rbl website before going "live"
[11:42:24] <Blackvel> to make sure I run into no trouble
[11:43:09] *** dj-fu has quit IRC
[11:43:32] <Blackvel> hmm. dunno where i got this sb.dsbl.org from. probably it was in the vserver linux image
[11:43:41] <Signum> Maybe. i can't find any reference to it
[11:43:44] <Blackvel> list.dsbl.org should be enough
[11:44:05] <Blackvel> maybe the company have an error into or use outdated infos
[11:44:24] <Signum> I run... bl.spamcop.net dynablock.njabl.org sbl-xbl.spamhaus.org list.dsbl.org
[11:46:56] <Blackvel> ahh found new info. its not good to use xbl.spamhaus.org and cbl.abuseat.org together and xbl contains cbl
[11:48:56] <Signum> sbl-xbl is a good combination IMHO
[11:51:38] <Blackvel> oh. blackwholes.us lists every ip, not only of spammers
[11:51:56] <Blackvel> as you mentioned. its good to read before :)
[11:53:42] *** dj-fu has joined #postfix
[11:54:27] <Blackvel> do you only use it in smtpd_recipient_restrictions?
[11:55:58] <Signum> Over the years I have added several checks to _helo_, _client_, _sender_ and _recipient_restrictions
[11:56:30] <Signum> Yes, it's boring but important to know the RBLs. I ignored that advice first and then lost mails for one night. Guess how happy the users were.:(
[11:57:17] <Blackvel> hehe
[11:57:34] <Blackvel> well its my own server for my own business
[11:58:01] <Blackvel> so if one really complains its either me myself or my companies I work with :)
[11:58:13] <Blackvel> i like this postfix reject_unknown_hostname
[11:58:17] <Blackvel> stops lots of spammers
[11:58:37] <Blackvel> but.... same are false negatives because of incorrect e-mail server setup
[11:58:40] <Blackvel> but I can live with
[11:59:03] <Blackvel> I am so happy to have upgraded to postfix 2.3 :) going to use spf, greylist and adress verification too
[11:59:21] <Blackvel> is this spf stuff really widley used by isps?
[12:00:06] <nightswim> only by hotmail
[12:00:21] <nightswim> and due to that, most people just use the "I dont care" configuration for spf
[12:03:45] <Blackvel> hmm well. probably i would want to have this: if not present, dont care, if present and wrong - reject
[12:03:54] *** pirho has joined #postfix
[12:07:17] <nightswim> probably you want to "dont care"
[12:07:24] <nightswim> saves time
[12:11:18] <Blackvel> :)
[12:11:45] <Blackvel> but why is such a new technology (which probably makes really sense) not used? :)
[12:11:57] <nightswim> spammers fill in their spf nicely, people that have issues with hotmail just do a +all (the dont care option)
[12:12:05] <nightswim> because it doesnt make sense
[12:12:09] <nightswim> and it's broken by design
[12:12:11] <Blackvel> isn't that the whole everyone is searching for?
[12:12:15] <Blackvel> ah
[12:14:28] *** xpoint has joined #postfix
[12:42:32] *** af_ has quit IRC
[12:52:28] *** frennkie has joined #postfix
[13:30:57] *** hemry has joined #postfix
[13:31:38] *** cilly has joined #postfix
[13:36:19] *** OmiKoRn has joined #postfix
[13:46:54] *** pirho has quit IRC
[13:48:48] *** pirho has joined #postfix
[13:50:14] <Blackvel> what is this: <bounce-336433 at host dot domain.de>?
[13:50:26] <Blackvel> what is this bounce?
[13:50:53] *** dj-fu has quit IRC
[13:58:17] *** holst has left #postfix
[14:01:33] *** rootsvr has quit IRC
[14:03:55] *** _ac3_ has joined #postfix
[14:16:04] *** aphexer has joined #postfix
[14:16:30] <aphexer> During smtp session a mail comes in in utf8 format. It's stored however in non-utf8 format. Anybody can help me fix that? (or at least explain why that is done so?)
[14:16:37] *** af_ has joined #postfix
[14:36:49] *** Schockwelle has joined #postfix
[14:47:45] *** jduggan_ has joined #postfix
[14:50:19] *** Zeit|awy has quit IRC
[14:56:09] *** djs_2_6 has joined #postfix
[14:57:10] *** alex_ has joined #postfix
[14:58:22] *** aphexer has quit IRC
[14:58:27] *** alex_ is now known as aphexer
[15:22:14] *** dec_ has joined #postfix
[15:23:41] *** hemry has quit IRC
[15:24:01] *** ribasushi has joined #postfix
[15:24:07] <ribasushi> hi
[15:24:38] <djs_2_6> Morning
[15:25:00] <ribasushi> back in the day when I used exim I remember it was able to reply with a 5xx message when a message was undeliverable _without_ queueing it up
[15:25:18] <ribasushi> so basically a user knew immediately the mail can not be sent
[15:25:23] <ribasushi> is it possible with postfix?
[15:25:58] <sysmonk> ribasushi: www.postfix.org/postconf.5.html
[15:26:04] <sysmonk> and search for _reject_code
[15:26:19] <sysmonk> different reject codes for different stuff
[15:27:51] <ribasushi> sysmonk: yes but all these checks are running after a delivery runs, not at the time when the mail is accepted
[15:27:55] <ribasushi> or am I mistaken?
[15:28:10] <sysmonk> no, you are mistaken
[15:28:23] <sysmonk> these checks are done when the mail is accepted
[15:28:27] <sysmonk> if the mail is accepted, no checks are done
[15:28:49] <sysmonk> i mean you have smtpd_recipient_restrictions, and you have checks out there
[15:29:00] <sysmonk> it goes through all the checks, and if everything is ok, it queues the mail
[15:29:10] <sysmonk> after that, no checks are done by the postfix itself
[15:29:22] <ribasushi> a-ha
[15:29:36] <ribasushi> I guess some of the dafaults being 4xx throws me off
[15:29:41] <ribasushi> *defaults
[15:30:13] <sysmonk> yup, some defaults are 4xx
[15:30:44] <sysmonk> you can see the default by running postconf
[15:30:56] <sysmonk> postconf | grep _reject_code
[15:32:50] *** hemry has joined #postfix
[15:35:28] *** dec has quit IRC
[15:46:40] <sysmonk> hemry: haja
[15:48:00] <Mez> hey can anyone help me, it seems I cant get courier and saslauthd to talk
[15:48:25] *** caravena has quit IRC
[15:48:27] <sysmonk> Mez: and this is directly connected to postfix?
[15:48:50] <Mez> sysmonk, apologies, postfix and saslauthd to talk *
[15:49:11] <sysmonk> Mez: cyrus-saslauthd ?
[15:50:22] <Mez> sysmonk, I believe so
[15:50:39] <Mez> This is the Cyrus SASL ...
[15:52:06] <Mez> Apr 15 13:51:55 torpor postfix/smtpd[11087]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
[15:54:32] *** pirho_ has joined #postfix
[15:54:46] <ribasushi> sysmonk: what is the rationale for settings like unknown_address_reject_code to default to a soft error?
[15:55:04] <ribasushi> if a domain is unknown - it will likely be unknown in two hours as well...
[15:55:05] <Blackvel> hmmm. I would have interests to test this reject_unverified_recipient and reject_unverified_sender options
[15:55:32] <Blackvel> do I have to start the verify deamon somehow? Can I see any output in the logfile for the verification?
[15:55:57] <Blackvel> basically, I want to test from <xyaz123 at domain dot de> addresses
[15:56:16] <Blackvel> and reject if the from address is not correct (like xyaz123 is no valid account)
[15:56:27] <Blackvel> i guess that is the reject_unverified_sender option
[15:57:09] <Mez> sysmonk, any idea?
[15:57:18] * sysmonk was out for a smoke
[15:57:19] <ribasushi> Blackvel: read this http://www.postfix.org/ADDRESS_VERIFICATION_README.html
[15:57:28] <sysmonk> Mez: permissions to use cyrus salsauthd socket
[15:57:37] <sysmonk> it's a very common problem
[15:57:58] <Mez> sysmonk, so I should chown the mux to the postfix user?
[15:58:53] <sysmonk> Mez: i'm not using saslauthd, but you can google about it
[15:59:05] <sysmonk> it depends on if you use it from a chroot or not
[15:59:14] <sysmonk> but yes, you should chown the socket/path to the socket
[15:59:25] <Blackvel> ribasushi: well, I did :)
[15:59:47] <Blackvel> but probably I understand about 30% of it. either lack of english or in common. haha
[15:59:57] <sysmonk> ribasushi: so that a misconfiguration could be found
[16:00:06] <Mez> sysmonk, grr... see, I've copied my old config from when it worked ... but ti doesnt work anymore
[16:00:34] <sysmonk> ribasushi: if the domain's mx isn't pointing to the your server - nobody should send the mail to you, but if it does - then there must be a reason why you don't have it in your postfix
[16:00:41] *** pirho has quit IRC
[16:01:01] <sysmonk> Mez: then chown the socket, /var/run/saslauthd or somewhere
[16:01:32] <ribasushi> Blackvel: just look at how smtpd_recipient_restrictions is implemented here http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
[16:01:47] <Mez> sysmonk, to what though ?
[16:01:58] <ribasushi> Blackvel: if you don't understand it (although it is pretty straight forward) experiment with different lines and see what happens
[16:02:27] <sysmonk> Mez: google is your friend? sorry but i can't answer your question directly because i don't have any configuration using saslauthd
[16:03:29] <sysmonk> Mez: or just ask other guys, or on cyrus channel
[16:03:42] <ribasushi> sysmonk: I was referring more to it in terms of reject_unknown_recipient_domain, where a non resolvable domain will result in 4xx error with the default settings, which is somewhat counter intuitive
[16:03:56] <Blackvel> i used both lines (one in recipient, one in sender) and have a database activated
[16:03:58] <ribasushi> sysmonk: so is there a caveat in turning it into a 5xx error?
[16:04:25] <ribasushi> Blackvel: then send some test emails and look in the logs
[16:04:32] <Blackvel> probably I am confused because expect to see something in logs
[16:05:12] <ribasushi> Blackvel: you will, but you need to do some testing with wrong addresses
[16:05:25] <sysmonk> ribasushi: i think so, i.e. a DNS problem
[16:05:34] <sysmonk> if your DNS is down, you'd reject the mail
[16:06:05] <sysmonk> otherwise (with the default setting ) you'd just say "hey, i don't know this domain, try later!'
[16:07:47] <ribasushi> sysmonk: true, but then it becomes even more confusing. The documentation states that if there is a DNS error the return code is still 4xx, so in the case of a functioning DNS we can either have an NXDOMAIN answer or we will get the necessary info to resolve it
[16:08:19] <ribasushi> sysmonk: so why explicitly specify reject_unknown_recipient_domain as rcpt restriction since if it is true the mail can not be sent anyway
[16:08:28] <ribasushi> (I mean if it is true that the domain does not exist)
[16:09:04] <sysmonk> ribasushi: hm, i'm not a guru, but you could ask on postfix@
[16:09:09] <sysmonk> postfix-users@
[16:09:19] <ribasushi> I guess I will
[16:09:24] <ribasushi> does my question make sense though?
[16:10:21] <sysmonk> If i understand it correctly, you ask: Why the default for reject_unknown_recipient_domain is 4xx, and not 5xx. If the domain does not exist, by should it bother to resend the mail?
[16:10:52] <ribasushi> sysmonk: not exactly - what good does reject_unknown_recipient_domain do if the reject code is 4xx
[16:11:04] <ribasushi> either with it or without it mail will be retried until expiration time
[16:11:59] *** OmiKoRn has quit IRC
[16:13:20] <sysmonk> ribasushi: um, just a thought, you register your domain, it shows up in the dns'es and the mail is comming in
[16:13:27] <sysmonk> but your dns caches it as a NXDOMAIN
[16:13:53] <sysmonk> in this case a 4xx will retry later, and the mail will be delivered
[16:14:12] <sysmonk> but it's just a thought, i don't know the real reason of using 4xx out here
[16:14:18] <ribasushi> absolutely I agree
[16:14:31] <sysmonk> you should ask wietse ( the creator of postfix ) on the postfix-users if you want the real answer
[16:14:40] <ribasushi> I guess I will ask on the lsit
[16:14:40] <ribasushi> thanks
[16:14:55] <sysmonk> no problem
[16:28:36] *** dec_ is now known as dec
[16:28:49] *** UQlev has joined #postfix
[16:33:15] *** Schockwelle has quit IRC
[16:37:38] *** eltech has joined #postfix
[16:49:16] <Blackvel> Apr 15 16:17:00 vs3711 spamc[10861]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#3 of 3): Connection refused
[16:49:49] <Blackvel> is there a dedicated spam daemon or gets spamassassin started automatically by postfix?
[16:51:00] *** eltech has quit IRC
[16:54:40] *** ceL_ has joined #postfix
[16:56:41] *** frennkie has quit IRC
[17:01:24] <rob0> NXDOMAIN is not a DNS error, it is a positive answer that there is no such RR. So I think that would get a 5xx.
[17:02:57] <ribasushi> rob0: the problem is that it returns the value of unknown_address_reject_code no matter the reason for the reject
[17:03:00] <rob0> Blackvel: Postfix will not start any third-party software.
[17:04:15] <Blackvel> and master.cf has nothing to do with it too? so its only a misconfiguration of the spamd daemon?
[17:04:26] <Blackvel> hmm interested
[17:04:34] <Blackvel> interesting
[17:04:36] <ribasushi> rob0: here is the restated question http://archives.neohapsis.com/archives/postfix/2007-04/0750.html, I got an answer but it makes no sense :(
[17:04:49] <rob0> oh, if you put it in master.cf maybe
[17:04:57] <Blackvel> address verifcation has to happen before greylisting as only 450 gets send back
[17:05:07] <Blackvel> i am "trying" the vice versa
[17:05:24] <Blackvel> and after the 450 the adress verification takes place
[17:05:26] <Blackvel> :)
[17:05:31] <Blackvel> makes no sense
[17:05:33] <Blackvel> how come
[17:06:23] <Blackvel> doesn't a return code 450 stop checking to go ahead in rules?
[17:06:27] <Blackvel> stops
[17:13:12] <rob0> I think a 4xx result will still continue through restrictions looking for a 5xx. Not sure what wins in case of multiple 4xx's.
[17:14:08] <Blackvel> i found something
[17:14:19] <Blackvel> hmm ...no  I didn't
[17:14:22] <Blackvel> :)
[17:14:57] <Blackvel> I thought it could be of warn_if_reject
[17:15:10] <Blackvel> but that only applies to the #2 adress verification rule
[17:15:19] <Blackvel> #1 rule greylisting does not warn
[17:16:14] *** hemry has quit IRC
[17:16:30] *** hemry has joined #postfix
[17:26:13] *** foo has joined #postfix
[17:26:53] <foo> Hm, is there anyway to test to see if my mail server is "legit" ? I checked the logs and saw this: "said: 550-5.7.1 {mx096} Sorry, your helo has been denied. 550 5.7.1 ( http://portal.gmx.net/serverrules ) (in reply to RCPT TO command))" ... not too sure why. Server sends out mail to a lot of other people. hmph
[17:31:58] *** Deep6 has joined #postfix
[17:32:01] *** af_ has quit IRC
[17:39:00] <Blackvel> more and more I understand less :)
[17:43:32] *** lkthomas-home has joined #postfix
[17:43:33] <lkthomas-home> hey guys
[17:43:34] *** UQlev has left #postfix
[17:44:00] <lkthomas-home> if a mail which send from other server to my server, and the status=undeliverable, what would postfix do ?
[17:44:12] <lkthomas-home> reject it directly or put that into mailq ?
[17:47:15] <js_> is "virtual_mailbox_limit_maps" part of the standard postfix distribution?
[17:47:26] <lkthomas-home> nope
[17:47:34] <lkthomas-home> if you define as default config, no
[17:48:11] <js_> how can i enable it?
[17:48:23] <lkthomas-home> well, it's not so simple to tell you on irc
[17:48:27] <lkthomas-home> google it
[17:48:38] <js_> yeah, i am
[17:48:53] <js_> basically i want to know if i can use it with the debian package or if i need to compile something on my own
[17:50:04] <higuita> js_: postconf virtual_mailbox_limit_maps or postconf |grep virtual_mailbox_limit_maps to check if your postfix binary have this option enabled
[17:50:54] <js_> "postconf: warning: virtual_mailbox_limit_maps: unknown parameter" :(
[17:52:07] <js_> strangely enough there are howtos using debian etch and the parameter
[17:54:54] <ribasushi> what is the priority of the routing specified in transport_maps? can I specify only $mydestination domains in the maps, or technically anything can go there (including $relay_domains)?
[18:00:04] *** MrRagga has joined #postfix
[18:02:53] <rob0> foo, http://portal.gmx.net/serverrules
[18:03:11] <lkthomas-home> LOL
[18:03:23] <lkthomas-home> tunning postfix is a blackart :)
[18:03:51] <js_> hmm
[18:03:58] <rob0> ribasushi: Any domains, in fact transport_maps are generally the only way your machine would know how to deliver to relay_domains, where you're the MX but not final destination.
[18:04:32] <js_> the quota i set for postfix, is that the size a mailbox can be at max or something? i mean if i have an imap that fetches the mails and stores them locally, it will have its own quota, right?
[18:04:38] <lkthomas-home> any of you use address_verify_map ?
[18:04:45] <ribasushi> rob0: I see, excellent example
[18:06:09] <ribasushi> rob0: I am looking at options to exclude certain local admin addresses from lmtp delivery, in case dbmail dies
[18:06:28] *** aphexer has quit IRC
[18:06:55] <lkthomas-home> I think verify map will takes up a lot of space
[18:06:55] <ribasushi> rob0: I think I am settling with fallback_relay being pointed to lmtp, and using transport_maps to route mail for local users that need to end up in dbmail
[18:06:58] <js_> do i need to define mydestination if i use virtual_mailbox_domains?
[18:07:01] *** eltech has joined #postfix
[18:07:06] <ribasushi> rob0: does this sound about right?
[18:07:54] <ribasushi> rob0: s/fallback_relay/fallback_transport/ sorry
[18:09:17] <rob0> Might work, yes; I've never messed with fallback_transport though.
[18:10:05] <lkthomas-home> rob0: any answer to my question ?
[18:10:39] <Blackvel> WOW! I got it
[18:10:46] <Blackvel> no I understand everything HAH!
[18:14:47] <lkthomas-home> is it possible to limit some specific user of send out rate limit ?
[18:15:38] *** blokkie has joined #postfix
[18:15:54] <blokkie> hi , how can I prevent system users like apache from sending mail outside ?
[18:16:28] *** amrit|zzz is now known as amrit
[18:17:17] <lkthomas-home> blokkie: interesting question
[18:17:29] <rob0> lkthomas-home: policyd (Cami's) can do that
[18:17:45] <blokkie> I have added apache to restricted_senders
[18:17:49] <blokkie> like :
[18:17:54] <blokkie> apache                  allowed_only
[18:18:03] <rob0> !authorized_submit_users
[18:18:04] <knoba> rob0: Error: "authorized_submit_users" is not a valid command.
[18:18:05] <lkthomas-home> rob0: which question are you responsing ?
[18:18:11] <blokkie> that one is redirected to my user and procmail redirects it to /dev/null
[18:18:16] <lkthomas-home> responding
[18:18:30] <rob0> 16:14 < lkthomas-home> is it possible to limit some specific user of send out rate limit ?
[18:18:39] <rob0> blokkie: authorized_submit_users
[18:18:51] <lkthomas-home> hmm, isn't policyd is doing receiving rate limit ?
[18:19:04] <rob0> I don't use it.
[18:20:03] <blokkie> how do you do it then ?
[18:20:18] <blokkie> coz I have a site which abuses the apache user of sending out spam
[18:22:38] <rob0> blokkie: sounds like a compromise! Pull the plug and fix it? Anyway, see postconf.5.html#authorized_submit_users
[18:24:14] *** xpoint has quit IRC
[18:24:39] *** bkw has quit IRC
[18:29:03] <lkthomas-home> woo
[18:29:08] <lkthomas-home> policyd seems rocks
[18:29:46] *** bytejumper has joined #postfix
[18:29:51] <bytejumper> Hi all
[18:30:34] <bytejumper> I have some trouble with my postfix installation postfix/trivial-rewrite[30702]: warning: connect to mysql server 127.0.0.1: Client does not support authentication protocol requested by server; consider upgrading MySQL client
[18:30:44] <bytejumper> any ideas ?
[18:31:07] <lkthomas-home> bytejumper: are you using debian ?
[18:31:10] <bytejumper> yes
[18:31:21] <lkthomas-home> check debian mysql readme file
[18:31:30] <lkthomas-home> something have been change
[18:31:38] <bytejumper> i have instaled mysql from source
[18:31:39] <lkthomas-home> also, google "old_password mysql debian"
[18:31:45] <lkthomas-home> same shit
[18:31:48] <bytejumper> thanks
[18:31:51] <lkthomas-home> welcome
[18:31:53] <Deep6> so does local just strip off the user portion of user@domain and look for a user with that id and deliver it according to the mailbox format?
[18:32:17] <lkthomas-home> I config the best recipient postfix server
[18:32:30] <lkthomas-home> and now I need to deal with spamming which is come from our own server
[18:32:31] <Deep6> lkthomas-home sorry?
[18:32:44] <lkthomas-home> sender got no limitation at all, damn
[18:32:54] <lkthomas-home> only recipient section does
[18:33:09] <lkthomas-home> some user using our email server to spam
[18:33:10] <lkthomas-home> LOL
[18:33:34] <Deep6> f3ew you around?
[18:34:03] *** Bronsky has quit IRC
[18:47:29] *** Joe__ has joined #postfix
[18:47:47] *** Joe__ has quit IRC
[18:51:40] *** xpoint has joined #postfix
[18:55:10] *** Bronsky has joined #postfix
[19:00:46] *** jpoon has quit IRC
[19:01:14] *** frennkie has joined #postfix
[19:02:53] *** hemry has quit IRC
[19:06:42] *** lkthomas-home has quit IRC
[19:08:51] *** blinx has left #postfix
[19:11:53] *** hemry has joined #postfix
[19:11:54] *** amrit has quit IRC
[19:14:48] *** Deep6 has quit IRC
[19:15:45] *** Bronsky has quit IRC
[19:15:57] *** Bronsky has joined #postfix
[19:17:01] *** hark has quit IRC
[19:21:35] *** caravena has joined #postfix
[19:27:09] <bytejumper> I have installed a mailserver with this howto : http://workaround.org/articles/ispmail-sarge/ and I can't read mails trouh pop3, the server respond -ERR login failed
[19:27:24] <bytejumper> does anybody know why ?
[19:29:25] <xpoint> yes err login failed
[19:29:46] <bytejumper> xpoint, ok, but my login and passoword are correct
[19:29:56] <xpoint> ok
[19:30:03] <bytejumper> I mean I have set it up like in this tutorial
[19:30:09] <xpoint> unix or virtual ?
[19:30:15] <bytejumper> virtual
[19:30:40] <xpoint> clear password in sql or ?
[19:30:50] <bytejumper> clear password
[19:31:03] *** amrit has joined #postfix
[19:31:24] <xpoint> this might be the problem, you setup might use crypted
[19:31:29] <bytejumper> INSERT INTO `users` (`email`,`password`) VALUES ('user at virtual dot test','secret');
[19:31:48] <bytejumper> can You please axplain how I should do that ?
[19:31:54] <bytejumper> explain
[19:32:17] <xpoint> not much secret here, if one get the mysql table in a accident, he knows all passwords
[19:32:31] <bytejumper> there is nothing mentioned that this setup uses crypted passwords
[19:32:54] <xpoint> what guide have you used ?
[19:33:14] <bytejumper> http://workaround.org/articles/ispmail-sarge/
[19:33:26] <bytejumper> I have done all exactly like it is written here
[19:33:59] <bytejumper> When I connect locally with netcat to port 110 then the login fails
[19:34:45] *** pickcoder has joined #postfix
[19:36:25] <xpoint> mech_list: plain login cram-md5 digest-md5
[19:37:08] <xpoint> this line need to be without *md5
[19:37:24] <bytejumper> so without cram-md5 and digest-md5 ?
[19:37:33] <xpoint> yes
[19:37:41] <bytejumper> ok, I will try it, thanks
[19:37:54] <xpoint> silly brokken guides
[19:38:22] <xpoint> its still safe if you use ssl/tls when authing
[19:39:49] <bytejumper> the same error
[19:40:22] *** eltech has quit IRC
[19:40:32] <bytejumper> Trying 127.0.0.1...
[19:40:33] <bytejumper> Connected to localhost.
[19:40:35] <bytejumper> Escape character is '^]'.
[19:40:36] <bytejumper> +OK Hello there.
[19:40:38] <bytejumper> USER user at virtual dot test
[19:40:39] <bytejumper> +OK Password required.
[19:40:40] <bytejumper> PASS secret
[19:40:52] *** eltech has joined #postfix
[19:41:01] <bytejumper> any other ideas ?
[19:41:03] <jduggan> check your logs
[19:41:06] <jduggan> auth.log for example
[19:41:13] <jduggan> or syslog
[19:41:19] <jduggan> depending what/where ur logging
[19:42:08] <bytejumper> this logs showin nothing related
[19:42:17] <bytejumper> my system is debian sarge
[19:43:18] *** eltech has quit IRC
[19:43:20] <xpoint> bytejumper, put -v on the smtpd listner in master.cf, and stop postfix and start it again now you should see more debug :)
[19:43:23] *** pirho_ has quit IRC
[19:44:02] <xpoint> bytejumper, after the last smtpd -v
[19:44:19] <xpoint> there might be more then one smtpd
[19:44:29] <xpoint> pr inet interface
[19:44:38] *** GMFlash has quit IRC
[19:44:47] <xpoint> default is just one
[19:44:48] *** GMFlash has joined #postfix
[19:44:55] <rob0> How is a verbose smtpd going to help with a Courier problem?
[19:45:18] *** pirho has joined #postfix
[19:45:23] <xpoint> if its smtp auth fails no ?
[19:45:58] <rob0> He's doing POP3.
[19:46:17] <foo> rob0: Hehe, yup :) Been there, just don't know what I'm missing
[19:46:32] <xpoint> if courier fails why should smtp auth work then ?
[19:46:46] <bytejumper> How I can se more verbose output of the courier auth daemon ?
[19:47:33] <xpoint> bytejumper, /etc/courier-authlib/ edit som debug lines in one of the files there
[19:47:59] <rob0> foo, they said they rejected your helo.
[19:48:10] <foo> rob0: Why would they reject my helo? How mean
[19:48:17] <rob0> does $myhostname resolve to your IP?
[19:48:33] <bytejumper> I dont have a /etc/courier-authlib directory
[19:48:40] <bytejumper> only /etc/courier
[19:48:48] *** nclx has joined #postfix
[19:48:51] <bytejumper> rob0 yes
[19:49:22] * xpoint is sorry for using gentoo :-)
[19:49:44] <rob0> bytejumper: ?
[19:50:02] <bytejumper> rob0 You have asked about my $hostname
[19:50:23] <rob0> no I didn't
[19:50:49] <foo> rob0: AHA!
[19:50:55] <foo> rob0: Nope :) I'm assuming that's the problem
[19:51:26] <nclx> I have a friend who runs postfix but has a dynamic IP.  Sometimes his outbound mails get blocked because they are coming from a dynamic IP and people are filtering those via RBL's.  He is not a spammer just doesn't have static, and he is not an open relay.  I want to allow his postfix to relay through mine (on a static IP).  Asside from setting up the certificates so the mail will be transmistted between the two servers via TLS, what file do I
[19:51:26] <nclx> need to add his domains to on my side to allow him to relay through me, only sending his server will still be recieving mails for his domains.
[19:52:24] *** eltech has joined #postfix
[19:52:25] <rob0> nclx: how "dynamic" is it? My home "dynamic" IP never changes. If his is like mine, just add his IP address to $mynetworks.
[19:53:00] *** frennkie has quit IRC
[19:53:07] <nclx> it changes more often then that, he's not dialup but still it does change
[19:54:17] <rob0> See the TLS_README about the ways to authenticate via client certs.
[19:54:23] <nclx> I know I can allow him to send by my rule of: smtpd_recipient_restrictions = permit_sasl_authenticated
[19:54:35] <nclx> but I don't know where to list his sending domains
[19:54:52] <nclx> I do have TLS/SASL working on my side
[19:55:20] <rob0> If you have SASL AUTH working, okay, just set him up with credentials and see SASL_README.html#client_sasl for his side.
[19:55:51] <rob0> I would go for the TLS client cert, however.
[19:56:12] <nclx> yes I can definately do that to automate the transmissions between the servers
[19:56:43] *** Blackvel has quit IRC
[19:56:48] <nclx> but do I put his domains in my /etc/postfix/virtual or main.cf relay_domains or thats what I'm not sure of
[19:57:32] <rob0> I thought he was going to receive his own mail?
[19:57:43] <nclx> he is, he just needs to send via me
[19:59:27] *** Mez has quit IRC
[20:01:22] *** pirho has quit IRC
[20:01:32] *** Mez has joined #postfix
[20:01:58] *** Mez has quit IRC
[20:05:21] *** Mez has joined #postfix
[20:13:54] <xpoint> nclx, no that is not a good way to solve your friends problem, his postfix and yours need to make a auth connection either with tls or smtp auth as postfix client, both is not hard to make right
[20:14:32] <xpoint> nclx, first step is to make tls work on smtp
[20:15:22] <xpoint> he have to do this not you :-)
[20:15:43] <nclx> ok I have TLS/SASL working on my end.
[20:16:12] <xpoint> yes good, he should enable smtp sasl in his end
[20:17:06] <nclx> okay gotcha.  One more question, is it possible to configure his postfix in a way that if it tries to relay a message through me and my mail server is down, then it will just go ahead and send it directly to the recipient itself?
[20:17:11] <xpoint> tls key exchange is enough here to make sure its him
[20:18:04] <xpoint> nope this will only work if he have more then you as smtp auth or tls authed servers
[20:18:22] <xpoint> he have to wait :-)
[20:18:42] *** djs_2_6 has quit IRC
[20:18:54] <nclx> gotcha, that is acceptable as I'm rarely down anyways
[20:19:28] <xpoint> nclx, he shald only use relayhost, no failback of anykind
[20:21:32] *** foo has left #postfix
[20:22:01] *** magyar has joined #postfix
[20:22:15] *** v-king has joined #postfix
[20:23:58] *** caravena has quit IRC
[20:24:21] *** pirho has joined #postfix
[20:32:53] *** sepski has joined #postfix
[20:33:27] *** blokkie has quit IRC
[20:39:22] *** elux has joined #postfix
[20:39:23] <elux> hi
[20:39:30] <elux> how can i delete everything from my queue?
[20:39:39] <elux> some things just wont deliever (cannot locate mailbox)
[20:39:40] <elux> so id like to remove these
[20:40:32] <higuita> if all , postsuper -d ALL (or all, i can remember if its case sensitive)
[20:40:57] <elux> thanks
[20:41:49] <elux> another question, where can i get help with maildroprc scripts?
[20:42:03] <elux> for every email that i deliever, id like to make a local copy in a backup maildir
[20:42:07] <higuita> if just some packages: mailq|grep "[0-9A-F]" |grep "some from email, size or other" |xargs -i postsuper -d {}
[20:42:09] <elux> for archiving purposes
[20:42:32] <higuita> i dont know maildroprc
[20:42:47] *** v-king has left #postfix
[20:42:57] <elux> what do you use for mail delievery?
[20:43:10] <higuita> but i use procmail for that (its user based, not global)
[20:43:21] <elux> i c
[20:43:44] <higuita> i use local accounts, not virtual also, procmail dont work in virtual
[20:44:22] <elux> thx
[20:46:11] *** sepski has quit IRC
[20:46:32] <nclx> I need to setup spam filtering.  In the past I have used OpenBSD's spamd, and also postgrey.  I'm in a situation now where some of the end domains don't want me to use those, rather just content based filtering where they make the last call.  What is more recommended here spamassassin or dspam?
[20:47:36] <rob0> That's a shame, because content-based approaches don't work as well as:
[20:47:40] <rob0> !cheatsheet
[20:47:41] <knoba> rob0: 'cheatsheet' : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[20:49:09] <rob0> I haven't tweaked any of my settings in a long time now, but spam is at an all-time low for me. I think it's Spamhaus Zen and the new PBL that did it.
[20:49:35] <elux> on fbsd, i noticed /usr/libexec/sendmail is a suid executable.  however im not even using sendmail .. can i remove the suid flag?
[20:49:36] <rob0> (my last tweak was to change sbl-xbl to zen)
[20:49:49] *** ribasushi has quit IRC
[20:49:56] <elux> i hate that sendmail comes installed by default
[20:50:21] <nclx> well I can still make an argument for greylisting..... I'm just dealing with paranoid people that believe they are going to lose all of their valid messages
[20:51:32] <rob0> Greylisting is as likely to lose "mail" as good RBLs are.
[20:52:15] <rob0> elux: Postfix's sendmail(8) should not be SUID.
[20:52:29] <rob0> I mean sendmail(1) :)
[20:52:42] *** bytejumper has quit IRC
[20:52:58] <nclx> wow I had not heard of pbl.spamhaus.org that sounds cool from the info on their site.  i'm going to add that
[20:53:11] <rob0> Zen includes all 3.
[20:54:13] <elux> how can i tell if this is postfix's sendmail or something else?
[20:54:20] <elux> also.. postdrop and postqueue are suid
[20:54:30] <rob0> postconf sendmail_path
[20:54:49] <elux> ok.. that file isnt suid
[20:55:55] <elux> when installing maildrop, should i use the --enable-maildrop-uid or ..-gid?
[20:56:13] <elux> i cant see why they have that as a configuration, can you set those after the install?
[20:57:04] *** kdean06 has joined #postfix
[20:58:14] *** rob0 has quit IRC
[20:58:38] *** nictuku has quit IRC
[20:59:25] <kdean06> I'm running a Postfix server on Debian Etch. It's been running fine for a while. I setup a SpamAssassin filter the other day, and somehow this killed my ability to authenticate vis SMTP to send from Thunderbird/Outlook... Can somene help me diagnose the issue?
[21:00:10] <pickcoder> kdean06: did you install amavisd-new too?
[21:00:17] <kdean06> LOL
[21:00:33] <kdean06> I hate amavis with a passion, but it's not "new"
[21:00:50] <kdean06> I mean, to my server.
[21:01:38] *** awcr has joined #postfix
[21:01:51] *** rob0 has joined #postfix
[21:04:33] *** af_ has joined #postfix
[21:04:58] *** [dmp] has joined #postfix
[21:05:02] <awcr> someone knows how to setup a postfix high availability+redundant cluster?
[21:06:27] <awcr> or a way to have high availability
[21:08:26] <awcr> unix advance
[21:08:43] <kdean06> Even using my old configs, my ability to authenticate is still shot.
[21:10:02] <pickcoder> awcr: you can assign multiple MX records to a domain
[21:10:13] <pickcoder> MySQL supports replication
[21:10:26] <pickcoder> consider virtuals in MySQL
[21:10:40] <pickcoder> postfix does not natively handle replication
[21:11:14] <pickcoder> !replication
[21:11:15] <knoba> pickcoder: Error: "replication" is not a valid command.
[21:11:24] <pickcoder> !redundancy
[21:11:24] <knoba> pickcoder: Error: "redundancy" is not a valid command.
[21:12:25] *** elux has quit IRC
[21:12:40] <awcr> and redundancy? what do u think with linuxvirtualserver
[21:13:09] <pickcoder> awcr: you don't need a special redundancy solution if you have more than one machine using replicated MySQL mailboxes/users/etc
[21:13:22] <pickcoder> the multiple MX records will be used by the smtp client
[21:14:13] <awcr> and setup a Mysql cluster? can be a solution
[21:14:50] *** [dmp] has quit IRC
[21:14:52] <awcr> postfix + mysql mailboxes + mysql 5 cluster can be a redundant solution
[21:15:03] <pickcoder> if you want true redundancy, the machines should be available from different ISPs
[21:15:12] <pickcoder> incase a route goes down
[21:16:13] <pickcoder> I'm sure there are postfix consultants in here that would be happy to help with such a setup, for a fee
[21:16:41] <sysmonk> um
[21:16:42] <sysmonk> a free
[21:16:43] <sysmonk> where where
[21:16:50] <sysmonk> s/free/fee
[21:16:51] <pickcoder> heh
[21:16:51] <sysmonk> :)
[21:17:00] * sysmonk searches for a question
[21:17:10] <awcr> hehehe :D
[21:17:23] <sysmonk> ahhh, postfix redundancy
[21:17:30] * sysmonk would offer you postfix+mysql+cyrus
[21:17:39] <sysmonk> few servers needed, ofcorse
[21:17:44] <awcr> yes
[21:17:57] <awcr> the fact is I have a multiple MX records
[21:18:14] <sysmonk> that doesn't matter, that doesn't do redundancy
[21:18:16] <awcr> but need to setup a Linuxvirtualserver+ postfix high availabitity and load balanced
[21:18:24] <awcr> but as I see
[21:18:25] <sysmonk> mhm
[21:18:30] <sysmonk> awcr: what's the fee?
[21:18:30] <sysmonk> ;)
[21:18:37] <awcr> Mysql Mailboxes+postfix+LVS
[21:18:41] <awcr> $?
[21:19:01] <pickcoder> sysmonk: if the first MX record doesn't respond, should the smtp client try #2?
[21:19:16] <sysmonk> pickcoder: yes, it should
[21:19:31] <pickcoder> that's availability.. the MySQL cluster can provide redundancy
[21:19:37] <awcr> yes
[21:19:43] <sysmonk> pickcoder: and how aobut mail storage?
[21:19:43] <sysmonk> ;)
[21:19:44] <awcr> but as a combination provide both
[21:19:59] <pickcoder> sysmonk: MySQL?
[21:20:01] <sysmonk> they should put the mail to ONE place
[21:20:04] <awcr> are the mail stored in mysql db?
[21:20:10] <sysmonk> pickcoder: urg, storaging mails in mysql ? that's awful
[21:20:13] <sysmonk> unless you have 2 mailboxes
[21:20:14] <sysmonk> ;)
[21:20:14] <pickcoder> yes it is
[21:20:17] *** choongii has quit IRC
[21:20:22] <sysmonk> (i think you're pointing to dbmail)
[21:20:34] <pickcoder> sysmonk: dbmail wasn't questioned.. postfix was
[21:20:36] <pickcoder> <g>
[21:20:56] <pickcoder> anyway.. I have to sort out this sasl problem
[21:21:00] <sysmonk> pickcoder: yes, but you said about storing the mailboxes IN mysql
[21:21:13] <sysmonk> not the aliases and stuff, but the mails itself
[21:21:21] <pickcoder> sysmonk: yes.. that's an option..  maybe a bloated one, but it will work
[21:21:25] <sysmonk> and, as far as i know, it's only possible with dbmail
[21:21:26] <pickcoder> :)
[21:21:29] <awcr> the fact is a centralized storage for /var/mail and virtual mailboxes
[21:21:32] <sysmonk> postfix doesn't support direct storing in mysql
[21:21:39] <pickcoder> sysmonk: procmail can
[21:21:41] <sysmonk> it does need a wrapper ( like dbmail )
[21:21:45] <sysmonk> yes
[21:21:52] <sysmonk> pickcoder: and how about pop3 client for that ? :)
[21:21:58] <sysmonk> pop3 client = pop3 daemon
[21:21:59] <pickcoder> dovecot can't do mysql?
[21:22:07] <sysmonk> pickcoder: reading from it ?
[21:22:10] <pickcoder> yes
[21:22:10] <sysmonk> of mails ?
[21:22:18] <sysmonk> not authenticating
[21:22:25] <sysmonk> it sure can authenticate from mysql
[21:22:35] <sysmonk> but reading the MAILBOX from mysql .. ? didn't know that
[21:22:45] <sysmonk> bless me with a link to that :)
[21:23:00] <sysmonk> anyway, storing BIG mailboxes in mysql - this needs not a postfix guru, but a mysql guru also
[21:23:25] <sysmonk> awcr: or storing mailboxes on different servers ( cyrus murder )
[21:23:29] <pickcoder> sysmonk: you don't need to access it directly
[21:23:30] <sysmonk> with replication
[21:23:40] <awcr> yes
[21:23:51] <sysmonk> awcr: so what's the fee ?:)
[21:23:51] <awcr> the fact is need a web farm of http, postfix,mysql
[21:25:12] <awcr> http no big deal, dns also and mysql. the problem is postfix
[21:25:22] <awcr> but postfix+dbmail can be a solutions what do u think?
[21:25:43] <sysmonk> i do have one server with postfix+dbmail, but err... i wouldn't do another
[21:25:48] <pickcoder> hrm.. I guess you can't do it directly from dovecot
[21:25:50] <pickcoder> oh well
[21:25:51] <sysmonk> ~50k mailboxes out there
[21:25:54] <sysmonk> but it does suck
[21:25:59] <sysmonk> (btw, backend is postgresql)
[21:26:03] <awcr> i have mailbox of 10Mb?
[21:26:13] *** MrRagga has quit IRC
[21:26:31] <sysmonk> awcr: errr, you want replication and failover of a 10 mb mailbox?!!?1
[21:26:39] <awcr> no no no
[21:26:48] <awcr> customers have mailboxes from 10mb to 50mb
[21:26:55] <awcr> 500 mailboxes
[21:27:09] *** Zeit|idle has joined #postfix
[21:27:23] <sysmonk> ah
[21:27:25] <sysmonk> that's not much
[21:28:00] <awcr> the fact is the importance of the data :S
[21:28:12] <awcr> on mistake and dead bussiness
[21:28:29] <sysmonk> awcr: so, are you paying something or not?
[21:28:36] <awcr> need high availability so love dbmail option or something like that, NAS?
[21:28:39] <sysmonk> (if not - i'm going to watch a movie :P )
[21:29:00] <sysmonk> it's sunday evening, 10:29 pm
[21:29:15] <awcr> yes paying
[21:29:30] <awcr> how much is your fee?
[21:29:50] <sysmonk> awcr: pm ?
[21:30:05] <awcr> sysmonk:
[21:30:16] <awcr> sysmonk: how much you charge for that service?
[21:30:17] <sysmonk> pm - in private message
[21:34:24] <sysmonk> awcr: do you see a private message?
[21:40:10] *** aw_cr has joined #postfix
[21:42:19] <aw_cr> sysmonk:freelance
[21:43:00] <sysmonk> aw_cr: pm me ?
[21:44:15] <aw_cr> sysmonk:yes
[21:44:46] <sysmonk> aw_cr: do you have skype/icq/msn/yahoo? because i can see that you have problems with your irc client
[21:45:54] <aw_cr> alejandrowa at hotmail dot com
[21:46:02] *** hemry has quit IRC
[21:46:23] *** hemry has joined #postfix
[21:46:24] <sysmonk> it's msn as i undersand
[21:46:27] <sysmonk> right?
[21:47:05] <aw_cr> y
[21:47:12] <aw_cr> es
[21:47:42] <sysmonk> ok, be there in a moment
[21:49:53] *** aw_cr has quit IRC
[21:55:58] *** awcr has quit IRC
[22:02:48] *** merlin2049er has joined #postfix
[22:13:22] *** devdas has joined #postfix
[22:17:32] *** yves__ has joined #postfix
[22:17:51] *** yves__ is now known as nictuku
[22:18:35] *** doomas has joined #postfix
[22:28:28] *** merlin2049er has quit IRC
[22:30:42] *** pickcoder has quit IRC
[22:31:52] *** doomas_ has quit IRC
[22:35:13] *** af_ has quit IRC
[22:42:41] *** dniel has joined #postfix
[22:42:42] *** ribasushi has joined #postfix
[22:43:38] *** daqqa1 has quit IRC
[22:44:35] *** dniel has left #postfix
[22:46:44] *** zapata has quit IRC
[22:50:58] *** stony has quit IRC
[22:58:39] *** brancaleone has joined #postfix
[23:01:44] *** ruben has joined #Postfix
[23:02:03] <ruben> Hi, what is the way to use 'relayhost' only for a specific domain like hotmail?
[23:02:29] <nictuku> transport_map
[23:02:37] <ruben> If I use relayhost = ispsmtp all mail is relayed? how to do it only for a specific host?
[23:02:40] <ruben> thanks
[23:02:42] <ruben> uhmm
[23:02:46] *** kdean06 has left #postfix
[23:03:55] *** rcsu has joined #postfix
[23:03:58] <ruben> nictuku: hey nictuku thanks alot! :)
[23:04:11] <nictuku> :-) you're welcome
[23:06:30] <devdas> hey nictuku
[23:06:31] <devdas> LTNS
[23:07:04] <nictuku> hi devdas =]
[23:07:46] <nictuku> where's your site that it isn't in the topic?
[23:08:11] <nictuku> I mean, it is
[23:08:12] <nictuku> nixcartel.org/~devdas/postfix.html
[23:11:08] <nictuku> I'll be working at home, so I'll basically live here from now on
[23:11:11] <devdas> well?
[23:11:14] <devdas> oooh, nice
[23:11:16] <devdas> New job?
[23:11:25] <nictuku> yep @ rimuhosting.com
[23:12:03] <devdas> nice
[23:12:06] <devdas> I moved to Directi
[23:12:11] <devdas> directi.com
[23:13:10] <nictuku> great
[23:13:57] <nictuku> "The Directi Group has been profitable from its inception. All assets of the group are organically funded without any external debt or borrowing."   - impressive, true or else
[23:15:49] *** nclx has quit IRC
[23:16:54] <nictuku> working for a hosting company is nice indeed - it's like paid IRC support :-)
[23:17:01] *** VSpike has quit IRC
[23:18:11] <devdas> yup
[23:18:22] * devdas isn't in support though
[23:18:25] <devdas> <=== Architect
[23:18:54] *** Taube is now known as taube
[23:19:06] <rcsu> hmm, devdas is doubled ?
[23:19:26] <nictuku> currently I'm a "network manager" @ mds.gov.br, but got tired
[23:21:44] <devdas> devdas at home, f3ew at work
[23:21:53] <rcsu> ah
[23:23:20] <nictuku> devdas, but you're an MTA architect then?
[23:23:27] <nictuku> or systems arhitect
[23:23:29] <nictuku> or else
[23:23:33] <devdas> nictuku: all sorts of stuff
[23:23:36] <devdas> system
[23:24:16] <devdas> I have gotten a basic mail setup up, next thing is to get a proper configuration management system in place
[23:24:17] <nictuku> so, like a "chief architect"  -> the guy to blame if anyone has an idea that goes bad?
[23:24:26] <devdas> One level below
[23:24:33] <devdas> (Well, there isn't anyone above)
[23:24:43] <devdas> and at the moment, my job is to clean up the mess
[23:25:24] <nictuku> are you or the company into ITIL?
[23:25:36] <rcsu> devdas: what is your thinking of the config mgmt, what doy wanna archive
[23:25:55] <devdas> nictuku: not yet
[23:26:07] <nictuku> devdas, me likes it
[23:26:07] <devdas> I am not sure ITIL will have the benefits it claims
[23:26:25] <devdas> rcsu: a consistent platform and management system
[23:26:30] <devdas> no more adhoc management
[23:26:41] <devdas> See http://www.infrastructures.org/ to start off with
[23:26:57] <nictuku> you don't just go ahead and use ITIL. you have to figure out what your IT needs, and see if ITIL suggestions apply, and use ITIL names for marketing purposes
[23:27:20] <devdas> at this point, I need people more than processes
[23:27:34] <devdas> and I refuse to put processes before people
[23:27:44] <rcsu> ppl are part of the process
[23:27:50] <devdas> No "process" is going to solve the problems I deal with
[23:27:55] <devdas> no
[23:28:09] <nictuku> people != process, not included in
[23:28:12] <devdas> no process can replace good people
[23:28:22] <rcsu> yep
[23:28:29] * devdas smacks rcsu with The Mythical Man Month and Peopleware
[23:28:31] <nictuku> how big is the team currently?
[23:28:44] <devdas> 15 people, but that includes all the support folks
[23:28:45] <rcsu> but you have to do it like this: ppl are irrelevant
[23:28:53] <devdas> nonononononononononono
[23:29:28] <devdas> See, if the human is irrlelvant, I will just automate the process and get rid of the human
[23:29:42] <rcsu> every man/girl can be repaced by another one
[23:29:45] <devdas> irrelevant
[23:30:04] <devdas> nah, by another equivalently good person
[23:30:30] <rcsu> i aggree, but the skills must be defined
[23:30:32] <devdas> My team isn't irreplacable, but they aren't going to be easy to replace
[23:30:35] <nictuku> I have a very nice staff @ mds.gov.br. both technically and pleasant nice guys. but the organization is a mess, so we needed a lot of process improvements there. like using change management to avoid downtime etc
[23:30:47] <devdas> nictuku: exactly
[23:31:08] <devdas> I have a few good people, but they are spending too much time firefighting
[23:31:19] *** TeraHertz has joined #postfix
[23:31:31] <nictuku> but I grew tired of waiting 24 months to get a new dozen servers - governement buying process is *VERY* slow
[23:31:39] * rcsu is the only firefighter
[23:31:40] <devdas> rcsu: I need people who can administer systems as well as program
[23:31:51] <rcsu> yep
[23:32:04] <rcsu> that need knowledge of those ppl
[23:32:21] <rcsu> and trusting of each other
[23:32:37] * devdas considers looking at the folks at Google
[23:32:51] <nictuku> I was interviewed by google btw
[23:32:59] <nictuku> like 4 or 5 phases
[23:33:35] <nictuku> but couldn't make it
[23:33:36] <rcsu> sorry, wathcing tv now
[23:34:20] *** lysander_ has joined #postfix
[23:34:21] * devdas turned GOOG down
[23:34:52] <nictuku> devdas, did you come to sign the NDA?
[23:35:26] <nictuku> *get
[23:35:42] <devdas> no
[23:35:56] * devdas turned them down way before that
[23:36:08] * nictuku wonders why
[23:36:13] <nictuku> should be a sexy place to work at
[23:36:18] <devdas> they didn't offer me a good enough position :)
[23:38:01] <nictuku> :-) really
[23:38:58] *** cilly has quit IRC
[23:42:08] *** cilly has joined #postfix
[23:42:39] * devdas -> bed
[23:42:42] *** devdas has left #postfix
[23:48:57] *** pirho has quit IRC
[23:49:57] *** lysander has quit IRC
[23:58:16] *** Fr0zen_ has left #postfix





top