[00:04:13] *** Spec[x] has quit IRC
[00:05:13] *** x-spec-t has quit IRC
[00:06:23] *** olinux has joined #postfix
[00:06:47] <bdilley> anyone know what i wouldn't be able to connect to courier-imap via remote machines... but i can from localhost?
[00:06:55] *** bdilley has quit IRC
[00:06:57] *** bdilley has joined #postfix
[00:07:08] <bdilley> anyone know what i wouldn't be able to connect to courier-imap via remote machines... but i can from localhost?
[00:07:11] <bdilley> sorry for the spam
[00:07:23] <shasta> a) courier might be listening only on loopback interface
[00:07:30] <bdilley> for whatever reason, i can connecto courier-imap from localhost... but not remotely
[00:07:33] <shasta> b) you firewall might be rejecting connections
[00:07:44] <bdilley> tcp6       0      0 *:imap2                 *:*                     LISTEN
[00:07:51] <bdilley> no firewall
[00:08:04] <wad> bdilley: Try telnetting into it from somewhere outside.
[00:08:10] <bdilley> that's what i'm doing
[00:08:21] <shasta> bdilley: what's your IP?
[00:08:30] <bdilley> penguinpimps.com
[00:08:36] <wad> And you get nothing? Then either the box isn't listening, or the network isn't allowing that port of traffic through.
[00:08:40] <wad> netstat -tapn
[00:08:42] <bdilley> (resolves correctly)
[00:08:55] <wad> that shows what services are listening on what ports, for what interfaces.
[00:09:03] <shasta> bdilley: tcpdump -vvv -X -s 0 -n host 213.184.21.226
[00:09:05] <wad> Make sure your service is listening on the right interface.
[00:09:09] <bdilley> tcp6       0      0 :::143                  :::*                    LISTEN     6468/couriertcpd
[00:09:38] <shasta> bdilley: tell me when you run that tcpdump
[00:09:41] <shasta> i'll try to connect
[00:09:42] <bdilley> on the machine itself, if i telnet to the domain name or outside facing ip address it works... also when telneting to localhost.
[00:09:44] <wad> I tried getting courier to work. Spent a day. Dratted thing never worked right. Swtiched to dovecot, and was up and running in 15 minutes. ;)
[00:10:01] <bdilley> shasta... it's running
[00:10:04] <bdilley> heh
[00:10:05] <bdilley> wait
[00:10:07] <bdilley> no tcpdump
[00:10:08] <bdilley> apt-get
[00:10:13] <wad> debian rocks
[00:10:27] <shasta> don't start that flamewar, please ;)
[00:10:35] <bdilley> haha
[00:10:40] *** Spec has joined #postfix
[00:10:42] <bdilley> ok, tcpdump up
[00:10:51] <shasta> $ telnet 65.111.175.199 143
[00:10:51] <shasta> Trying 65.111.175.199...
[00:10:58] <wad> flamewar? I thought everyone already knew that debian was the best distro??
[00:11:01] <bdilley> correct ip... and i see some stuff
[00:11:08] <bdilley> i don't know how to read tcdump's output though
[00:11:09] <shasta> bdilley: pastebin it
[00:11:23] <shasta> [i killed telnet now]
[00:11:57] <bdilley> lol, pastebin's mysql server is dead
[00:11:59] *** kokoko1 has left #postfix
[00:12:25] <bdilley> http://paste.ubuntu-nl.org/16318/
[00:12:55] <shasta> ok, my server sends SYN to your imap
[00:13:02] <shasta> but your imap doesn't respond at all
[00:13:10] <shasta> (it should respond with syn+ack)
[00:13:15] <bdilley> right
[00:13:19] <bdilley> it works from localhost though
[00:13:51] <shasta> "no firewall" <- are you *really* sure? :)
[00:13:59] <shasta> iptables -L -n -v
[00:14:15] <shasta> (pastebin it too)
[00:14:50] <bdilley> hehe, yeah... but how http://paste.ubuntu-nl.org/16319/
[00:14:50] <bdilley> http://paste.ubuntu-nl.org/16319/
[00:15:04] <shasta> hehe
[00:15:07] <shasta> that was easy :)
[00:15:12] <bdilley> hehe, yeah
[00:15:12] <shasta> Chain INPUT (policy DROP 10353 packets, 899K bytes)
[00:15:13] <bdilley> so um
[00:15:18] <bdilley> wtf
[00:15:20] <bdilley> that's weird
[00:15:28] <shasta> you've got default INPUT policy set to DROP
[00:15:29] <bdilley> this is a colo server, i told them i didn't want a firewall
[00:15:42] <bdilley> maybe it was from when i upgraded from kernel 2.4 to 2.6
[00:15:51] <bdilley> that's a SCARRY upgrade when doing it remotely btw ;)
[00:15:53] <shasta> nah, kernel by default doesn't setup any firewall
[00:15:57] <bdilley> weird
[00:16:03] <bdilley> well, you can telnet on port 25
[00:16:15] <bdilley> so if the default INPUT policy is to DROP...
[00:16:23] <shasta> i can, because you specifically told I'm allowed to
[00:16:34] <shasta> 215 11108 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25
[00:16:36] <bdilley> huh?
[00:16:51] <bdilley> i didn't configure this.. and i've never used iptables so i'm lost with this stuff
[00:16:52] <shasta> default policy means "if something doesn't match any rule, use default policy"
[00:17:01] <bdilley> how do i disable iptables all together
[00:17:05] <bdilley> right
[00:17:19] *** Atomy has joined #postfix
[00:17:59] <Atomy> hi, i'm searching a good tut for installing postfix/courier-*/spamass/postgrey/amavis/maildrop with virtual accounts anyone knows a good one?
[00:18:31] <shasta> bdilley, that's kinda distro-specific (to turn firewalling off permanently) and I don't know debian enough
[00:18:46] <bdilley> cool, thanks
[00:18:47] <shasta> OTOH, i think firewalling is a good thing
[00:19:05] <bdilley> yeah, i agree
[00:19:15] <bdilley> but until i get everything else setup... it'd be nice
[00:19:51] <shasta> if I were you, I'd search for the script where firewalling is enabled and added explicit rule for IMAP
[00:20:46] <bdilley> cool, i got it
[00:21:42] <bdilley> it's in /etc/iptables.up.rules
[00:22:01] <shasta> there you go
[00:22:09] <shasta> remember to keep a backup copy
[00:22:12] <shasta> "just in case" :)
[00:22:22] <bdilley> right?
[00:22:39] <shasta> IMAP is TCP-based
[00:22:58] *** rootsvr has quit IRC
[00:23:42] <shasta> (you might want to add 993 too if you plan to run imap4 over ssl)
[00:23:43] <bdilley> oh, yes
[00:24:24] <bdilley> what's -m ?
[00:24:46] <shasta> man iptables :-)
[00:24:50] *** rcsu has quit IRC
[00:26:13] <bdilley> sweet
[00:26:14] <bdilley> works
[00:26:16] <bdilley> thanks shasta
[00:26:19] <shasta> yw
[00:29:12] *** sepski has quit IRC
[00:29:34] <xpoint> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5426
[00:30:56] *** Mazon is now known as mazon
[00:32:10] *** Sp4rKy has left #postfix
[00:34:14] <wad> I'm using maildir on my postfix box. Works great. I was messing with procmail, and created a new user. But this user's email is going into /var/mail/newusername instead. What's the magic to make a user's emails go to their maildir, like it's supposed to?
[00:39:27] *** choongii has joined #postfix
[00:39:45] *** bdilley has quit IRC
[00:40:09] *** m1lkc0w has joined #postfix
[00:41:26] *** master_o1_master has joined #postfix
[00:41:53] *** stony has quit IRC
[00:44:24] <m1lkc0w> I have the smtpd_recipient_restrictions as posted to http://pastebin.ca/447282 .
[00:45:22] *** tminos has quit IRC
[00:45:30] <m1lkc0w> I would like to exclude certain recipients and/or certain senders from the RBL lists.
[00:46:14] <m1lkc0w> Are the check_sender_access and check_recipient_access immediately before the reject_rbl_client the right way to do this?
[00:51:19] *** feross has joined #postfix
[00:53:54] *** master_of_master has quit IRC
[00:57:50] *** Taube is now known as taube
[01:05:04] *** pirho has quit IRC
[01:06:18] *** wad has quit IRC
[01:07:06] *** pirho has joined #postfix
[01:14:18] *** xpoint has quit IRC
[01:15:09] <voidy> hey guys, does anyone know why this code [http://rafb.net/p/YSEhWx18.html] would work on FC6, but not on RedHat?
[01:15:23] *** choongii has quit IRC
[01:15:25] <voidy> It works on my server, and i copied it over to the redhat one, and now it's dying with this error
[01:16:06] <voidy> Apr 19 00:13:17 localhost postfix/pipe[23883]: CFFBF2EEAF: to=<fhtest at thegardenpartnership dot co>, relay=maildrop, delay=0, status=deferred (temporary failure. Command output: .mailfilter(7): Syntax error after if )
[01:16:27] <voidy> uhm, i was just about to rename the email address then, and i pressed enter by accident oops
[01:16:40] <voidy> took the m off .com though..
[01:18:05] <voidy> it's redhat enterprise 4
[01:18:32] <voidy> i was only testing it on my work server, i don't want it on that one, even though it works fine hehe
[01:27:32] *** crc has quit IRC
[01:27:50] *** klauwhamer has joined #postfix
[01:36:39] *** m1lkc0w has quit IRC
[01:42:37] *** Ryushin has quit IRC
[01:44:58] <voidy> it's ok.  i fixed it
[01:58:45] *** ezrataylor has joined #postfix
[02:01:47] *** kreg has quit IRC
[02:03:59] *** caravena has joined #postfix
[02:04:41] *** rmayorga has quit IRC
[02:06:06] *** war has quit IRC
[02:06:23] *** VSpike has joined #postfix
[02:07:02] *** eltech has quit IRC
[02:08:48] <VSpike> On my system, the postfix process is running as user postfix, group postfix... does it ever change user, e.g. to deliver mail locally?
[02:09:28] <VSpike> I'm trying to configure dspam and want to know what permissions the local lmtp socket needs
[02:11:24] <rob0> Actually master(8), the controlling daemon, runs as root, and thus can change UID for local(8) delivery. But lmtp(8) delivery can be done without changing user; that would be done as postfix user.
[02:12:13] *** hparker has quit IRC
[02:12:14] <VSpike> rob0: ah OK .. thanks
[02:12:25] <VSpike> the line in the master.cf file is:
[02:12:30] <VSpike> smtp      inet  n       -       -       -       -       smtpd
[02:12:30] <VSpike>    -o content_filter=lmtp:unix:/tmp/dspam.sock
[02:12:50] <VSpike> Will I have a problem with chroot with that?
[02:13:41] <rob0> that's smtpd(8), your SMTP listener, and yes, to use the content_filter socket you would need that socket in the chroot.
[02:14:21] <VSpike> Can I just turn off the chroot?
[02:14:31] <rob0> sure, column 5
[02:15:02] <VSpike> Cool. I guess it's reasonably safe to do so?  This is my personal machine, not some public server or anything
[02:15:41] <rob0> I never bother with chroot. No known Postfix exploits to be concerned about.
[02:16:05] <VSpike> By default it looks like most things are chroot
[02:16:16] <VSpike> on this system i mean
[02:17:01] <VSpike> By the way, is there any way to force postfix to attempt to deliver queued messages?
[02:17:22] <rob0> "postfix flush" is what I do.
[02:17:51] <VSpike> Thanks
[02:17:52] <VSpike> Damn
[02:17:58] <VSpike> That's annoying...
[02:18:00] <VSpike> Apr 19 01:17:50 localhost postfix/lmtp[17354]: 4C1A975410B: to=<johncc@localhost>, relay=none, delay=1176, delays=1176/0.04/0/0, dsn=4.4.1, status=deferred (connect to liberator[/tmp/dspam.sock]: No such file or directory)
[02:18:39] <VSpike> It's definitely there though
[02:21:01] <Zelest> with what permissions?
[02:22:33] <VSpike> srwxrwxrwx 1 root postfix 0 2007-04-19 01:22 /tmp/dspam.sock
[02:23:53] *** hparker has joined #postfix
[02:26:38] <VSpike> aha.. it works.
[02:26:57] <VSpike> I needed to restart postfix to make it get rid of the chroot.  A force-reload was not enough
[02:31:14] *** voidy has quit IRC
[02:32:11] *** pirho has quit IRC
[02:32:29] *** Fullmoon has quit IRC
[02:40:39] <VSpike> Does postfix do regular expression matching in aliases?
[02:42:01] <dj-fu> for virtual alias?
[02:42:25] <VSpike> Not sure
[02:43:44] <VSpike> I'm trying to follow the instructions in http://dspam.nuclearelephant.com/text/README-3.6.7.txt
[02:43:54] <VSpike> Search for text "Kind-of-simple"
[02:44:13] <VSpike> It's about creating addresses to forward things that dspam tags incorrectly
[02:45:11] *** olinux has quit IRC
[02:46:22] <VSpike> I'm guessing you'd want to create an alias that would send mail to "spam-.*@localhost" to "|/usr/local/bin/dspam"
[02:46:40] <VSpike> And the same for "nospam-.*@localhost"
[02:46:46] <dj-fu> we use a custom perl script to take care of it,
[02:46:51] <dj-fu> based on smtpprox
[02:47:03] <dj-fu> which isn't very good and I'm looking at phasing it out
[02:47:48] <VSpike> To be honest, I only have one user, so I could even follow the so called "Old Way aka The Hard Way", and create two aliases for each user... i.e. me
[02:51:04] <VSpike> How would I follow the option of creating a subdomain catchall, like:        @relearn.domain.tld	"|/usr/local/bin/dspam"
[02:51:25] <VSpike> I can't see how to do that either
[02:51:33] *** rmayorga has joined #postfix
[02:59:00] <dj-fu> welll basically dude
[02:59:07] <dj-fu> first you have to define /usr/local/bin/dspam in your master.cf
[02:59:12] <dj-fu> as an pipe
[02:59:22] <dj-fu> and then setup some transports for @relear.domain.tld
[03:02:03] <VSpike> OK, I think I get it but will have to hit the postfix docs a bit to get it right.  A job for the morning, I think.  2am here now :)
[03:02:32] *** magyar has joined #postfix
[03:02:56] <VSpike> dj-fu: Thanks a lot for the help.
[03:06:17] *** Tachy_ has joined #postfix
[03:13:54] *** AJ_Z0 has quit IRC
[03:14:16] *** AJ_Z0 has joined #postfix
[03:19:59] *** Tachy has quit IRC
[03:20:43] *** ezrataylor has quit IRC
[03:36:04] *** Zeit|awy has joined #postfix
[03:41:55] *** Zeit|idle has quit IRC
[03:44:27] *** Fremd has quit IRC
[03:45:46] *** amrit|wrk is now known as amrit|afk
[03:52:29] *** RFC_1149 has joined #postfix
[03:53:02] <RFC_1149> Hi all
[03:53:59] <RFC_1149> I am seeing hostname postfix/qmgr[7703]: 66C13D1C1B9: to=<me at my dot dom.ain>, relay=none, delay=29671, delays=29671/0.01/0/0, dsn=4.3.0, status=deferred (mail transport unavailable) in my logs, and mail won't come through
[03:54:10] <RFC_1149> I've broken something in my config files, but dont know what
[03:54:13] <RFC_1149> Any help appreciated
[03:54:30] *** TheOutlander has joined #postfix
[04:01:47] *** GMFlash has quit IRC
[04:01:52] *** GMFlash has joined #postfix
[04:02:41] <rob0> RFC 1149 was superceded; no wonder it's not working!
[04:02:55] <rob0> !debug
[04:02:56] <knoba> rob0: 'debug' : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.com/ or http://rafb.net/paste/ .
[04:02:59] <rob0> !basic
[04:03:00] <knoba> rob0: 'basic' : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[04:03:50] <rob0> Your pigeons were frightened away by Cat5, I bet.
[04:03:59] <hparker> lol
[04:07:20] *** bronson_ has quit IRC
[04:08:57] *** master_of_all has joined #postfix
[04:10:39] *** rmayorga has quit IRC
[04:17:20] *** doomas_ has joined #postfix
[04:17:29] *** master_o1_all has quit IRC
[04:17:34] *** nictuku has joined #postfix
[04:19:58] *** jpon has quit IRC
[04:21:12] *** TheOutlander has quit IRC
[04:25:15] *** f3ew_ has joined #postfix
[04:25:19] *** RockHound_ has joined #postfix
[04:26:33] *** RockHound has quit IRC
[04:26:33] *** f3ew has quit IRC
[04:30:43] *** doomas has quit IRC
[04:43:01] *** macsim has quit IRC
[04:43:40] *** macsim has joined #postfix
[04:52:44] *** amrit|afk is now known as amrit
[04:55:58] *** madclicker has quit IRC
[04:58:16] <RFC_1149> rob0, lol!
[04:58:26] *** RFC_1149 has left #postfix
[05:06:07] *** eppohcs has joined #postfix
[05:10:26] *** madclicker has joined #postfix
[05:15:03] *** jpon has joined #postfix
[05:19:42] *** rmayorga has joined #postfix
[05:23:51] *** dj-fu has quit IRC
[05:23:56] *** Atomy has quit IRC
[05:28:16] *** Edgeman has joined #postfix
[05:49:46] *** AJ_Z0 has quit IRC
[05:49:54] *** ek has joined #Postfix
[05:50:10] *** AJ_Z0 has joined #postfix
[05:57:56] *** hparker has quit IRC
[06:03:47] *** magyar has quit IRC
[06:07:10] *** cilly has quit IRC
[06:07:39] *** cilly has joined #postfix
[06:20:04] *** caravena has quit IRC
[06:25:22] *** Mez has joined #postfix
[06:27:40] *** lkthomas has joined #postfix
[06:27:41] <lkthomas> hey guys
[06:28:04] <lkthomas> is it possible to ban some brute force attack spammer ?
[06:37:59] <sep> lkthomas, from the same ip allways? iptables ? :D or access map ?
[06:38:14] <lkthomas> is it have any auto solution ?
[06:39:03] <sep> http://policyd.sourceforge.net/ ip based throtteling ?
[06:39:26] <sep> just make sure it realy is brute force spam,. and not simply backscatter
[06:42:06] <lkthomas> my server always response that unknown user
[06:43:25] *** nictuku has quit IRC
[06:45:40] <lkthomas> relay=virtual, delay=0, status=undeliverable (unknown user:  <-- which line use to check the user list ?
[06:46:58] *** feross has quit IRC
[06:51:04] <lkthomas> sep, any idea ?
[06:52:03] <sep> lkthomas, i don't understand your question ? what line are you talking about ?
[06:52:59] *** rcsu has joined #postfix
[06:53:03] <lkthomas> nevermind
[06:53:22] *** f3ew_ is now known as f3ew
[06:56:50] <lkthomas> guys, what is pop-before-smtp use for ?
[06:57:31] <ek> lkthomas: As opposed to smtp authentication.
[06:57:45] <lkthomas> hmm ?
[06:57:54] <lkthomas> if I am using sasl, do I need to use it then
[06:58:03] <ek> If someone authenticates via pop3 the server will house the IP address in a database or something similar and allow that IP to replay mail for a specified period of time.
[06:58:07] <ek> No.
[06:58:21] <ek> s/replay/relay/g
[06:58:35] <ek> If you have smtp authentication working, you don't need pop before smtp.
[06:58:36] <lkthomas> so I could choose between sasl OR pop-before-smtp
[06:58:42] <lkthomas> ok, coll
[06:58:43] <lkthomas> cool
[06:58:45] <ek> Yep.
[06:59:15] <lkthomas> you got to impress postfix performance
[06:59:33] <lkthomas> 3300spam per mins and postfix still could stand still
[06:59:38] <ek> Neither will really boost performance.
[06:59:52] <ek> lkthomas: Sure. Postfix is awesome.
[06:59:56] <lkthomas> yeah
[07:00:11] <ek> Actually, Postfix will never struggle to accept and deliver the mail.
[07:00:25] <lkthomas> haha
[07:00:28] <lkthomas> really ?
[07:00:36] <ek> On a 233mHz machine with 32M SDRAM you could have 500000 users...
[07:00:38] <lkthomas> usually postfix crash is due to 3rd party problem
[07:00:45] <ek> Exactly.
[07:00:53] <lkthomas> WHAT ?!
[07:00:56] <lkthomas> you are not serious don't you
[07:00:58] <ek> Outside applications are what will choke. Scanners especially.
[07:01:05] <ek> I'm extremely serious.
[07:01:10] <ek> All it does is look where to put it.
[07:01:15] <lkthomas> hmm
[07:01:22] <ek> Postfix is only a delivery agent essentially.
[07:01:47] <lkthomas> but the my postfix is using sql to manage
[07:01:56] <lkthomas> that takes a bit cpu power to process
[07:02:07] <ek> Sure.
[07:02:16] <ek> But, it's not Postfix's fault.
[07:02:21] <lkthomas> heh
[07:02:34] <sep> and you probably run the sql server. and the imap and pop3 servers on the same machine
[07:02:49] <lkthomas> I was worry that sql will pull the postfix down a lot, but seems not the case
[07:02:51] <lkthomas> yeah
[07:02:56] <lkthomas> everything on one box
[07:03:44] <lkthomas> do you have mailgraph for us to take a look ? :)
[07:04:08] <ek> lkthomas: I run the delivery agent, scanners on one, the IMAP/POP3 on another and the outgoing SMTP on another.
[07:04:15] <lkthomas> haha
[07:04:22] <lkthomas> scanner is not on same box
[07:04:29] <ek> lkthomas: The only mailgraph I have set up is for a back up server. But, it still houses information.
[07:04:36] <ek> Yours isn't?
[07:04:39] <lkthomas> we build another dedicate machine for scanner
[07:04:45] <lkthomas> nope
[07:04:45] <ek> Ah.
[07:04:48] <ek> Fair enough.
[07:05:04] <ek> That's the best way to do it for moderate amounts of mail.
[07:05:26] <lkthomas> http://mx.powernethk.com/cgi-bin/mailgraph.cgi
[07:06:16] <lkthomas> only 261 clients in this box
[07:06:39] <lkthomas> but so many mails daily
[07:06:45] <ek> Apparently.
[07:06:48] <lkthomas> 2K sent
[07:06:51] <ek> How are there so many outgoing messages?
[07:06:54] <lkthomas> 3K received
[07:06:58] <ek> You don't house spammers, do you? :P
[07:07:08] <lkthomas> http://mx.powernethk.com/cgi-bin/mailgraph.cgi <--- it shows the sent and received rate
[07:07:09] *** Motoko-chan has joined #postfix
[07:07:10] <lkthomas> nope
[07:07:20] <lkthomas> isn't this crazy ?
[07:07:29] <lkthomas> mac sent 352msgs/min
[07:07:31] <lkthomas> max*
[07:07:51] <lkthomas> max for the year, 532msgs/min
[07:08:34] <lkthomas> is that possible to monitor each user usage ?
[07:08:55] <lkthomas> we are not sure if any of our client is spamming or what
[07:22:48] <ek> Well, I suppose so.
[07:22:53] <ek> You could use Maia Mailguard.
[07:23:20] <ek> Welp. It's my birthday and I'm off to the pub.
[07:23:22] <ek> See you all later!
[07:23:50] <lkthomas> see you
[07:23:53] <lkthomas> happy birthday :)
[07:24:14] *** Fullmetal-Mavez has joined #postfix
[07:51:29] *** zapalotta has quit IRC
[07:51:39] *** zapalotta has joined #postfix
[08:26:05] *** af_ has joined #postfix
[08:31:29] *** UQlev has joined #postfix
[08:34:23] *** matt_ has joined #postfix
[08:37:27] *** pmjdebruijn has joined #postfix
[08:39:57] *** keanne has quit IRC
[08:52:05] *** rootsvr has joined #postfix
[08:56:05] *** Blackvel has joined #postfix
[08:59:05] <Blackvel> hi all. I seem to have problems to find the hostname for an IP address with postfix 2.3.8-2-b1 (debian stable)
[08:59:47] <Blackvel> it gives me this error: http://rafb.net/p/oU13CW39.html (I have reject_unknown_client enabled for client_restrictions)
[09:00:13] <Blackvel> it looks like that this ip address can be mapped to moutng.kundenserver.de when I do a nslookup
[09:00:27] <Blackvel> but why isn't postfix to map the hostname to the IP?
[09:01:57] <Blackvel> able to map...
[09:02:21] <Blackvel> I really don't want to disable reject_unknown_client because it blocks so many spammers
[09:02:38] <Blackvel> but I don't want to reject normal email servers ;)
[09:04:06] *** prebur has quit IRC
[09:07:36] <sysmonk> hm, strange, maybe you have old dns cached wich doesn't have it
[09:09:15] *** prebur has joined #postfix
[09:09:30] <Blackvel> I mean for sure what happens to query moutng.kundenserver.de is: a list of IPs is displayed
[09:10:05] <Blackvel> I can't imagine that postfix has a real problem with that. isn't it just doing this nslookup for the connecting IP address?
[09:11:44] <sysmonk> it shouldn't have
[09:11:53] <sysmonk> gmail has the same thing with it's MX'es
[09:11:59] <sysmonk> a lot of mx'es wich have a lot of IP's
[09:12:21] *** genkiwa has quit IRC
[09:13:32] <Blackvel> must be some issue with dns server then
[09:13:53] <sysmonk> Blackvel: could be
[09:13:56] <Blackvel> can I change the dns server on a linux vserver?
[09:14:07] <sysmonk> yes, you can. /etc/resolv.conf
[09:15:51] <Blackvel> ah cool
[09:16:46] <sysmonk> but be careful :) a wrong entrie may cause a lot of problems
[09:17:36] <Blackvel> hmm
[09:17:49] <Blackvel> my webhosting provider in Frankfurt seem to use a dns provider
[09:17:59] <Blackvel> which is in the same street in Frankfurt
[09:18:06] <Blackvel> so they use their own dns server
[09:18:30] <Blackvel> is it no problem to change to any public dns server like arcor?
[09:18:40] <Blackvel> wouldn't that cause them extra traffic?
[09:18:55] <sysmonk> it would ( cause extra traffic )
[09:19:25] <Blackvel> is it much? :)
[09:19:34] <Blackvel> i do own 25gig traffic on my vserver
[09:20:39] *** Motoko-chan has quit IRC
[09:20:49] <sysmonk> Blackvel: don't know how much it is
[09:21:29] <sysmonk> Blackvel: it may be that the dns'es were changed, and your providers dns server had cached old entries
[09:21:46] <sysmonk> if it won't work tomorrow, than consider looking for a bug
[09:22:08] <Blackvel> looks like it does not happen only once for moutng.kundenserver.de
[09:22:18] <Blackvel> same happend on 11th of april
[09:28:58] <Blackvel> oooooh
[09:29:00] <Blackvel> I have an idea
[09:29:01] <Blackvel> :)
[09:29:24] <Blackvel> sometimes it maps the ip to the hostname, sometimes not
[09:29:52] <Blackvel> maybe the dns server is not always able to return the correct hostname for the reverse lookup
[09:29:59] *** prebur has quit IRC
[09:30:06] <Blackvel> I guess the simplest solution is to change the return code back to 450 (instead of 550)
[09:30:34] <Blackvel> so a normal email server just retries after 450 after a while
[09:31:36] <Blackvel> not sure what my provider tells me if I do every simple dns lookup on a different internet server
[09:36:49] *** prebur has joined #postfix
[09:38:37] *** cutmasta has joined #postfix
[09:40:53] *** amrit is now known as amrit|zzz
[09:45:57] <Blackvel> sysmonk: here is the solution. you where 180% right
[09:46:04] <Blackvel> its a temporary dns server problem
[09:46:26] <Blackvel> it rejected 3 ip's which postfix accepted before or laters
[09:46:45] <Blackvel> I am changing back to 450 which should fix this then
[09:48:42] *** rootsvr has quit IRC
[09:50:53] *** Supaplex_ has joined #postfix
[09:51:06] *** RockHound_ has quit IRC
[09:52:15] *** Supaplex has quit IRC
[09:53:00] *** Supaplex_ is now known as Supaplex
[09:58:42] *** rootsvr has joined #postfix
[09:59:48] *** frennkie has joined #postfix
[10:00:20] *** milligan has joined #postfix
[10:01:27] <milligan> I'm trying to set up postfix with a virtual setup. I've added the virtual_* setting to main.cf, but Im getting this error: "fatal: open database /etc/mail/aliases.db: No such file or directory". Doesn't that mean it's not checking the database, but looking for a local db file ?
[10:01:49] *** war has joined #postfix
[10:04:47] *** [miles] has joined #postfix
[10:05:21] *** rootsvr has quit IRC
[10:07:57] *** bostik has joined #postfix
[10:09:24] *** mazon is now known as Mazon
[10:10:08] <[miles]> morning #postfix
[10:10:40] <[miles]> guys, can I make postfix relay mail entering to a remote server on a domain basis or only on user@domain basis?
[10:12:35] <milligan> I s'pose you could make a catchall alias, and have it forward the email to an email on another server ?
[10:12:45] <lawnchair> [miles], i think you wanna look into transport
[10:12:57] <lawnchair> http://www.postfix.org/transport.5.html
[10:13:02] <[miles]> hi lawnchair
[10:13:07] <[miles]> ok I 'll look
[10:14:59] <lawnchair> milligan, postmap /etc/mail/aliases
[10:17:07] <milligan> lawnchair, do I have to do that when Im trying to run a virtual setup ?
[10:17:53] <lawnchair> well i guess one really doenst have to do w/ the other but it seems as if your main.cf has a reference to something like alias_maps = hash:/etc/mail/aliases
[10:17:58] <lawnchair> so you can get rido f that...
[10:23:01] <milligan> all my alias_maps are commented out :-\
[10:23:14] *** klauwhamer has quit IRC
[10:23:33] *** klauwhamer has joined #postfix
[10:23:39] <milligan> I have a virtual_alias_maps, which tells postfix to lookup in a mysql db, but it doesn't seem to be using it .
[10:26:33] *** dj-fu has joined #postfix
[10:27:57] <VSpike> evening dj-fu
[10:32:04] *** dec_ has joined #postfix
[10:32:05] <milligan> lawnchair, any suggestions? :-\
[10:32:49] <lawnchair> wtf milligan
[10:32:52] <lawnchair> i just told you the answer
[10:32:54] <lawnchair> pay attention man
[10:33:15] <lawnchair> oh the mysql thing?
[10:33:16] <lawnchair> i dont know...
[10:33:37] <lawnchair> are your mysql virutal configs correct?
[10:33:46] <lawnchair> gotta go bye
[10:35:10] <[miles]> I put a header_check regex to strip out information from headers, but I only want it applied to emails being sent from the server, not that enter. I noticed it's also removing the info from both... any way of fixing this please?
[10:36:18] *** RockHound has joined #postfix
[10:37:44] <milligan> lawnchair, I am paying attention .. but your answer wasn't for a mysql based virtual system.
[10:38:54] <[miles]> milligan: I don't use MySQL with Postfix, I use OpenLDAP. ... but what is your problem, maybe I can help
[10:40:43] <milligan> [miles], would be awesome. Here's the situation:
[10:41:13] <[miles]> I can't promise I'll have the answer, but if I notice something I'll say
[10:41:18] <milligan> I've installed postfix, with mysql support. In main.cf Ive set up virtual_* settings, and I've used postfixadmin to create mailaccounts.
[10:41:32] <milligan> I start postfix,and everything is ok.
[10:41:49] <milligan> I start a tail of /var/log/messages, and I get the following error when I telnet to port 25:
[10:41:57] <milligan> fatal: open database /etc/mail/aliases.db: No such file or directory
[10:42:18] <milligan> I was of the impression that aliases.db isn't needed when you're running a virtual, mysql based system ?
[10:42:43] <[miles]> mmm ok... let me just look at the docs
[10:43:08] <[miles]> http://www.postfix.org/MYSQL_README.html
[10:43:11] <[miles]> I assume you started there?
[10:43:26] <milligan> Nope .. Been following antoher howto :p
[10:43:36] <[miles]> don't
[10:43:40] <[miles]> start with postfix's docs
[10:43:43] <[miles]> the doc's are vast
[10:43:52] <[miles]> put your trust in them
[10:43:57] <[miles]> not just any old how to
[10:44:33] <[miles]> alias_maps = mysql:/etc/mysql-aliases.cf
[10:44:49] *** taube is now known as Taube
[10:44:54] <milligan> yep, I read that ... but in main.cf, I found this:
[10:44:56] <[miles]> ok, so for example... you have to use the "mysql" prefix, and refing to the conf file
[10:45:19] <[miles]> just as I do virtual_mailbox_domains = ldap:/etc/postfix/virtual/domains.ldap
[10:45:22] *** dec has quit IRC
[10:45:31] <milligan> # The default setting assumes that you use the default Postfix local# delivery agent for local delivery. You need to update the# local_recipient_maps setting if:
[10:45:51] *** siddharta has left #postfix
[10:45:51] <milligan> You define $mydestination domain recipients in files other than#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.#   For example, you define $mydestination domain recipients in#   the $virtual_mailbox_maps files.
[10:46:15] <milligan> and at the end of my config, I have:
[10:46:25] <milligan> virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
[10:46:28] <milligan> And some others.
[10:46:37] <[miles]> ok
[10:46:56] <milligan> I have the virtual_mailbox_domains as you do aswell, only with a mysql prefix
[10:47:08] <[miles]> nod
[10:47:36] <milligan> However, the docs you linked me to, say that I should remove the "virtual_" part of my link ...
[10:47:48] <[miles]> well, from what I see there in http://www.postfix.org/mysql_table.5.html
[10:47:52] <[miles]> it's straight forward enough
[10:48:20] *** CodeX has joined #postfix
[10:48:59] <[miles]> seems to follow the same logistic as the LDAP lookups
[10:49:55] <frennkie> Hi guys, my Problem: I use postfix for a few domians on my server. For Virus + Spam detection I use amavis (which calls spamassassin). When I send a mail from my eMail Client (Thunderbird via SSL) this mail gets marked as spam by my server because "mail send _directly from dynamic IP". How can I turn of the scanning of mails comming from authenticated senders? (sry if this turns out not to be a postfix question, but i don't know where to
[10:51:26] <[miles]> milligan: sorry I have to run and take a cofee ... feel free to private message me
[10:51:43] <milligan> [miles], I removed the virtual part, and it seems to be working ...
[10:51:47] <milligan> ..just not delivering :P
[10:51:59] <milligan> enjoy your coffee
[10:52:04] <[miles]> vale, gracias
[10:52:05] <milligan> Ill test till you return :)
[10:53:26] *** lkthomas has quit IRC
[10:55:04] *** af_ has quit IRC
[11:01:04] <milligan> [miles], let me know when you're back.
[11:01:25] *** i-Connect has joined #postfix
[11:01:27] *** i-Connect has left #postfix
[11:03:01] *** choongii has joined #postfix
[11:06:42] *** Zeit|awy is now known as Zeit|idle
[11:08:07] *** Ciaran_H has joined #postfix
[11:08:14] <Ciaran_H> Hey there.
[11:09:39] <Ciaran_H> I've got a quick question. Is it possible for postfix to act as the authorative mail server for a domain for every email address at a particular domain *except* for certain addresses, which it would try to deliver unchanged to another mail server? I'm not talking about regular mail forwarding here.
[11:11:05] <Ciaran_H> Basically, I have some mailing lists on one server at the moment but I'd really like to move my mail to another server of my own. However, I don't want to move the mailing lists, so I'd like mail sent to those mailing lists to be treated as if my server wasn't the intended destination, but for all other mail to be trated as if it *was*.
[11:11:10] <Ciaran_H> ^treated
[11:11:11] <Ciaran_H> Is that possible?
[11:18:31] *** Turt|e has joined #postfix
[11:19:23] *** Supaplex is now known as FElSTY
[11:20:13] *** FElSTY is now known as Supaplex
[11:20:43] <[miles]> milligan: hi, back... query me when you want... I don't have the time to keep flicking back to #postfix trying to catch up with any of your messages.. better in a query
[11:21:28] <Ciaran_H> I mean, I suppose that if nothing else I can set up a Perl script called from procmail that does it but if Postfix can do it then that would probably me more efficient.
[11:24:15] <Blackvel> what tools do you use to analyse the mail.log file? e.g creating a report per day for rejected mails on web? awstats?
[11:28:51] <VSpike> my system doesn't seem to have a /etc/postfix/transport ... does postfix require one or can it get by on defaults?
[11:33:25] *** matt_ has quit IRC
[11:45:23] <Roobarb> VSpike: transport_maps is for when you want to route mail in a way that is not provided through DNS...
[11:48:14] <Roobarb> Ciantic: http://www.postfix.org/postconf.5.html#relay_recipient_maps
[11:48:26] <VSpike> Thanks Roobarb
[11:48:52] *** SilenceGold has quit IRC
[11:49:35] <Roobarb> Ciantic: although I use virtual_alias_maps for this, because I list my domain in virtual_alias_domains
[11:51:04] <Roobarb> Ciaran_H: those 2 messages were for you (damn tab-completion)
[11:59:26] <milligan> Roobarb, do you have any suggestions to why my server is bouncing emails, saying "no such user X", when Im trying to send to X at domain dot com, and X at domain dot com is in my mysql database? (Im guessing that it's checking for just X, and not the whole email, and Im wondering why it does that)
[12:00:20] <Roobarb> milligan: I have no experiance with using a database to store address lookups
[12:00:53] <Roobarb> milligan: however, my first suggestion would be to try the query directly
[12:07:08] <milligan> The query is being executed, it seems. But not with the right argument.
[12:11:17] <milligan> It's as if postfix strips @domain.tld from the username. Is there a setting that does that ?
[12:12:50] *** lysander has quit IRC
[12:13:17] *** lysander has joined #postfix
[12:14:12] *** CodeX has quit IRC
[12:15:26] *** eltech has joined #postfix
[12:37:05] *** zapalotta has quit IRC
[12:37:40] *** zapalotta has joined #postfix
[12:39:00] *** [miles] has quit IRC
[12:42:29] <Ciantic> Roobarb, what? I put mydomain, myhost to my main.cf and it was fixed, but I also use virtual mail system, should I change those?
[12:43:12] *** UQlev has quit IRC
[12:45:12] <Roobarb> Ciantic: miss-directed messages.
[12:45:48] <Ciaran_H> Ciantic: He had meant to address them to me. :)
[12:47:23] <Ciaran_H> Roobarb: Thanks for the suggestions. I must admit to not knowing much about relaying in Postfix, and I use virtual domains anyway. The way I'm going right now is just to use virtual domains to map some addresses to one UNIX account and a catch-all to deliver the rest to another UNIX account. Then I'd use procmail to relay the ones in the forwarding one.
[12:47:31] *** [miles] has joined #postfix
[12:47:32] <Ciaran_H> Unless there's a simpler way?
[12:47:55] <Ciaran_H> i should have mentioned that I'm already using virtual domains, sorry.
[12:48:02] <Roobarb> use the @domain.com catchall to forward to an address instead of an account?
[12:48:36] <Ciaran_H> Roobarb: No, because I want the RCPT TO address on the forward to be the same as that coming in.
[12:48:42] <Ciaran_H> As if my server wasn't the final destination.
[12:49:00] <Roobarb> it will be
[12:49:16] <Ciaran_H> Maybe I'm misunderstanding you then.
[12:49:28] <Ciaran_H> What do you mean by "forward to an address"?
[12:50:49] <Ciaran_H> Oh, also.
[12:51:24] <Ciaran_H> I should have said that I don't want the catchall to forward. I want the catchall to be the final destination. I just want some addresses not to be the final destination.
[12:51:59] <Ciaran_H> And I want the RCPT TO to be the same. (note: Not the "To" header, I understand that'd remain the same anyway; I mean the envelope address)
[12:53:45] <Roobarb> http://apache.pastebin.ca/447877
[12:53:48] <Roobarb> something like that
[12:54:33] <Roobarb> list-address1 at example dot com and list-address2 at example dot com are local accounts. everything else is forwarded to an address at another server.
[12:57:04] <Ciaran_H> I understand that, but won't that mean that blah at example dot com would: a) Be accepted by the server, b) Connect to the MX host for anotherserver.example.com, then c) Use "default at anotherserver dot example.com" as the RCPT TO address? I don't see how it could work otherwise.
[12:58:00] <Ciaran_H> I understand that the "To" header will remain as "blah at example dot com" - that's not what I'm talking about.
[12:58:12] <VSpike> I've created an alias in my /etc/aliases file: spam-johncc: "|/usr/bin/dspam --user johncc --class=spam --source=error"
[12:59:01] <VSpike> I get this log error: Apr 19 11:56:09 localhost postfix/local[24576]: D25F47544B1: to=<spam-johncc@localhost>, relay=local, delay=0.18, delays=0.13/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: local: fatal: execvp /usr/bin/dspam: Permission denied )
[12:59:35] *** cpm has joined #postfix
[12:59:58] <VSpike> Can anyone tell me why the delivery process can't execute that?
[12:59:59] *** nescius has quit IRC
[13:00:12] <Ciaran_H> VSpike: chmod g+x /usr/bin/dspam?
[13:00:24] <Ciaran_H> And g+r too, if that doesn't work.
[13:01:01] <Roobarb> Ciaran_H: I'm not sure what you really want then.
[13:01:31] <Ciaran_H> Roobarb: Okay, sorry if I haven't been clear. Let me explain...
[13:02:38] <Ciaran_H> Roobarb: I currently have a mail server for my domain, example.com, at a particular hosting site. This hosting site has been my home for mail for a long time now, and I've set up several Mailman mailing lists and such on it.
[13:02:54] *** CodeX has joined #postfix
[13:03:10] <VSpike> Ciaran_H: I though the lower-case "s" means that it has setgid + execute?
[13:04:00] <Ciaran_H> Roobarb: I want to move the MX host to become mymail.example.com, which is a different server. However, I want mails to the mailing list to keep going to the old server. Thus, mailinglist at example dot com should be accepted by my new MX host, but then delivered to the *same* address on the old server, so that it can handle everything.
[13:04:28] <Ciaran_H> Roobarb: Every other email address on example.com should be stored on the new server as a catchall.
[13:05:05] <Ciaran_H> VSpike: As far as I know it's just setgid. It's a different octal digit.
[13:05:16] <Ciaran_H> VSpike: Try it and see. ;)
[13:05:17] *** nescius has joined #postfix
[13:06:08] *** Blackvel has quit IRC
[13:08:10] <Ciaran_H> Roobarb: Does that make sense?
[13:08:15] <Roobarb> yes
[13:08:27] *** jpon has quit IRC
[13:08:59] <Roobarb> why do you think my initial suggestion won't work?
[13:09:22] <VSpike> Will local change user id at all?  Still doesn't work
[13:09:23] <Ciaran_H> Roobarb: The one at http://apache.pastebin.ca/447877 , or another one?
[13:09:37] <Roobarb> Ciaran_H: the paste one.
[13:09:58] <Roobarb> Ciaran_H: I should point out that that configuration would be on the current server
[13:11:51] <Ciaran_H> Roobarb: Because the configuration would end up being something like http://apache.pastebin.ca/447894 . I imagine Postfix would get confused by the first line in /etc/postfix/virtual.
[13:12:03] <Ciaran_H> Since it'd apparently be delivering to the same address.
[13:12:10] <Roobarb> no
[13:12:37] <Roobarb> you'd set mydestination = $myhostname
[13:13:00] <Roobarb> because you shouldn't set mydestination to a virtual_alias_domains domain
[13:13:12] <Roobarb> all that does is force stuff to be delivered locally
[13:13:18] <Ciantic> Ciaran_H, :D I had exact same problem ~1 day ago, I thought he answered to that
[13:13:56] <Ciantic> but still, if I use virtual domains/mail should I set somesort of list of mydomain,myhost variables to somewhere?
[13:14:07] <Ciaran_H> Roobarb: So that first line would do a normal DNS lookup and then deliver to the correct server if it's not in mydestination?
[13:14:35] <Ciaran_H> I'll give it a go.
[13:14:40] <Roobarb> oh wait
[13:14:45] <Roobarb> I see what you've done
[13:15:27] <Roobarb> anything in the virtual_alias_maps file that DOESNT have a domain is deliverd to $myhostname.
[13:15:55] <Roobarb> line 7 will cause a mail loop
[13:16:13] <Ciaran_H> Right, I forgot to include a "example.com    blah" line, sorry. ;p
[13:16:43] <Ciaran_H> I meant this: http://apache.pastebin.ca/447900
[13:17:13] <Roobarb> LHS and RHS can't be the same
[13:17:23] <Ciaran_H> Okay, that's what I thought in the first place.
[13:17:25] <Ciaran_H> Okay.
[13:17:29] <Roobarb> however
[13:18:11] <Roobarb> you could set the RHS to be mailinglist@mailinglisthost and have a transport entry for mailinglisthost smtp:[finalhostname]
[13:18:25] <Ciaran_H> Ah ha.
[13:18:36] <Ciaran_H> Okay, how do I do that? I have no clue about transports.
[13:18:52] <Roobarb> transport_maps = hash:/etc/postfix/transport
[13:19:10] <Roobarb> then stick this into it:
[13:19:17] <Roobarb> mailinglisthost smtp:[finalhostname]
[13:20:08] <Ciaran_H> Like this? http://apache.pastebin.ca/447903
[13:20:12] <Roobarb> I might have to set this up in VMWare after lunch since I'm not entirely sure if what I'm suggesting is kosher
[13:20:34] <Roobarb> actualyl I think you need to have a dotted RHS
[13:20:54] <Roobarb> and you're missing the point
[13:20:56] <Ciaran_H> Oh. I was hoping I wouldn't, since I don't want to taint anything, heh.
[13:21:00] <Ciaran_H> Hmm?
[13:21:05] <Ciaran_H> *listens*
[13:21:49] <Roobarb> is "example.com" a iffernet IP from the MX for example.com ?
[13:21:53] <Roobarb> *different
[13:22:23] <Ciaran_H> In this case, no.
[13:22:36] <Roobarb> then you'll cause a mail loop
[13:22:43] <Ciaran_H> Oh wait.
[13:22:46] <Ciaran_H> I mean, yes.
[13:22:49] <Ciaran_H> My mistake.
[13:22:49] <Roobarb> the second server has to be called something different
[13:22:52] <Ciaran_H> I know.
[13:23:01] <Ciaran_H> I was wrong, I got confused
[13:23:20] <Roobarb> http://apache.pastebin.ca/447909
[13:23:21] <Ciaran_H> "example.com" is the old MX server for "example.com". "mail.example.com" is the new one.
[13:24:00] <Ciaran_H> But to be safe, I'll use the IP address anyway.
[13:24:09] <Ciaran_H> Nothing can go wrong then. ;p
[13:24:36] <Roobarb> ok, I'm going to lunch. when I get back I'll emulate this, mainly because I have to do this for our internal mail at some point and I've been putting off testing this for some time
[13:24:47] <Ciaran_H> Nah, don't emulate it, I'm testing it out myself.
[13:24:52] <Ciaran_H> I'll tell you whether it works or not. ;p
[13:24:55] <Roobarb> heh
[13:25:18] <Roobarb> it'll do something, whether thats what you want is different :)
[13:25:20] <Ciaran_H> Thanks for all your help.
[13:25:21] <Roobarb> bbl
[13:25:29] <Ciaran_H> See ya. :)
[13:42:44] <Ciaran_H> Roobarb: Okay, I set it up. It works perfectly, except that the name used in /etc/postfix/virtual is the name that gets sent in the RCPT TO. In this case, it's trying to address mail to <mailinglist@example> instead of <mailinglist at example dot com> and the other "example.com" server is rejecting it.
[13:47:17] *** LinBoy has joined #postfix
[13:50:09] *** xpoint has joined #postfix
[13:50:09] *** eppohcs has quit IRC
[13:51:28] <Ciaran_H> Roobarb: When you get back, take a look at http://apache.pastebin.ca/447936 - it shows the equivalent of my config files and what happens.
[13:56:50] *** prologic has joined #postfix
[13:57:01] <prologic> higuita, I'm having a lot of problems with my mail server recently
[13:57:04] <prologic> keep getting:
[13:57:05] <prologic> Apr 19 21:53:59 cancer postfix/smtpd[25828]: timeout after DATA from mailsecure2
[13:57:15] <prologic> can anyone give me any hints as to how to solve this ?
[13:59:15] *** frealek has joined #postfix
[13:59:20] <frealek> hi
[14:02:57] <cpm> prologic, do you see this on all emails? or just the ones from griffith.edu.au ?
[14:05:00] <prologic> I get it on a lot of originating servers
[14:05:03] <prologic> not just griffith
[14:05:08] <prologic> just beenr eading up on it
[14:05:14] <prologic> seems it could be an MTU path discovery problem
[14:05:15] <cpm> mtu perhaps
[14:05:19] <cpm> :)
[14:05:20] <prologic> *nods*
[14:05:23] <prologic> solutions ?
[14:05:30] <cpm> drop your mtu down
[14:05:33] <prologic> I obviously can't do anything about routers in-between or routers that aren't my own
[14:05:38] <cpm> 1401 or something
[14:05:43] <cpm> on the nic on the mail server
[14:05:47] *** magyar has joined #postfix
[14:05:51] <prologic>            mtu: 1480
[14:05:52] <prologic>            mru: 1500
[14:05:55] <prologic> to even smaller than that ?
[14:06:09] <cpm> 1401
[14:06:16] <prologic> the nic on my mail server or on my router's pppoe connection ?
[14:06:16] *** rmayorga has quit IRC
[14:06:29] <cpm> just out of curiosity, what kind of connection do you have?
[14:06:38] <prologic> PPPoE
[14:06:48] <cpm> via what?
[14:06:49] <prologic> my servers are wired into a MikroTik RouterOS box
[14:06:55] <cpm> oh dear lord
[14:07:14] <prologic> I'd only need to drop the MTU on my router a bit I think
[14:07:15] <cpm> so, there isn't any real way to tell what your actual mtu capacity is.
[14:07:20] <prologic> commonly 1412 is used
[14:07:43] <prologic> mtu capacity ? never knew you could emasure it :)
[14:07:46] <cpm> well, at any rate, that's the place to look for the problem
[14:07:51] <prologic> it's currently 1480
[14:08:09] <cpm> sure, you keep increasing the packet size, until you start getting fragmented packets
[14:08:14] <prologic> brb :)
[14:08:59] <cpm> there is a reason mikrotik stuff costs a whole lot less than cisco gear
[14:09:03] <prologic> ping
[14:09:36] <prologic> MikroTik is great :)
[14:09:47] <cpm> at any rate, the fix, if there is one, is to decrease the mtu until you don't get this error any more
[14:09:52] <cpm> Yeah yeah, it's wonderful
[14:10:11] <prologic> :)
[14:10:17] <prologic> I personally love them as routers
[14:10:25] <prologic> yeah I'll try 1412
[14:10:32] <prologic> this is what's commonly recommend by rp-pppoe
[14:11:10] <prologic> could you send a test mail ?
[14:11:19] <prologic> prologic at shortcircuit dot net dot au
[14:11:36] <cpm> You are sitting here, having mtu issues with smtp, one of the most basic protocols known to the internet, old as dirt, and at the same time, defending cheap routers?
[14:12:31] <prologic> yup :)
[14:12:59] <prologic> wow
[14:13:02] <prologic> I'm still getting timeouts
[14:13:03] <prologic> crazy shit
[14:16:01] *** SilenceGold has joined #postfix
[14:16:24] *** macsim has quit IRC
[14:22:14] *** prologic has left #postfix
[14:23:45] *** il_padrino has joined #postfix
[14:24:01] <il_padrino> hello
[14:24:16] <il_padrino> i have some problems with postfix :(
[14:24:22] <il_padrino> any one can help me ?
[14:26:01] <zapalotta> if you tell your problem, maybe :)
[14:26:03] *** frealek has quit IRC
[14:29:04] <il_padrino> when i send an email with mutt the from is stefano at chuncho dot cl
[14:29:19] <il_padrino> but i have the subdomain in this machine stefano.chuncho.cl
[14:29:45] <il_padrino> if i send the email with squirrelmail the from is correct ( stefano at stefano dot chuncho.cl )
[14:29:50] <il_padrino> this is my first problem
[14:30:05] <il_padrino> and the second is that squirrelmail can't read my email
[14:30:20] <il_padrino> i put on /etc/postfix/main.cf
[14:30:46] <il_padrino> home_mailbox = Maildir/
[14:30:46] <il_padrino> mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir
[14:31:04] <VSpike> I thought the from was generated by the mail client?
[14:31:23] <VSpike> You sure it's not just a client issue?
[14:32:53] <cpm> sounds like squirrelmail isn't configured, at all.
[14:33:03] <cpm> what imap server are you using?
[14:33:08] <il_padrino> cyrus
[14:33:21] <cpm> is squirrelmail configured for cyrus?
[14:33:50] <Ciaran_H> Roobarb: Just so you know, I'm going to go the procmail route, it's simpler, it seems. :D
[14:33:51] <f3ew> cyrus does not use Maildir
[14:34:35] <il_padrino> mm
[14:34:42] * cpm thought maildir was a courier/dovecot thing
[14:35:39] *** kwah has joined #postfix
[14:35:57] *** Diamond has joined #postfix
[14:36:00] <Diamond> Hi
[14:36:02] <Diamond> :)
[14:37:05] <kwah> Hi, just checking out whether this channel is about postfix.
[14:37:14] *** UQlev has joined #postfix
[14:37:38] <kwah> bb
[14:37:41] *** kwah has left #postfix
[14:40:10] <Diamond> does anyone knows how to use only ssl for postfix
[14:40:26] <Diamond> my port (25) is blocked by isp :(
[14:41:08] <UQlev> Diamond, blocked for in/out?
[14:42:13] <Diamond> yes
[14:42:17] <Diamond> can't use it
[14:42:27] *** HKhan has quit IRC
[14:42:54] <UQlev> then this connection is useless for mail-server untill you agree with your ISP
[14:43:03] <sw> Diamond:  your server would have to connect to port 25 on the remote server
[14:43:41] *** macsim has joined #postfix
[14:43:54] <Diamond> i hearth that it is possible to mail only with ssl thats true
[14:43:54] <Diamond> ?
[14:44:30] <sw> you can offer TLS only to remote server, but you would not be able to send to server not offering TLS
[14:44:51] *** LinBoy has quit IRC
[14:45:35] *** rcsu has quit IRC
[14:45:42] <sw> but as UQlev said, it's just useless, there's no work-around
[14:45:51] *** rcsu has joined #postfix
[14:46:40] *** HKhan has joined #postfix
[14:48:17] <CodeX> Virtual Users With Postfix, PostfixAdmin, Courier << authentication error >>
[14:49:47] <Diamond> sw : so its possible but the other mail server must support ssl to send to you ?
[14:50:14] *** HKhan has quit IRC
[14:50:39] <CodeX> can somebody help me fix that ?
[14:50:49] <cpm> you still have to connect to port 25 to determine the ssl connection
[14:50:50] <UQlev> Diamond, another MTA should know that yours one is listening on the nonstandard port
[14:51:09] <cpm> Diamond, outbound, the key is smart host relay
[14:51:18] <cpm> there is no inbound work around
[14:51:21] <UQlev> Diamond, MX record can't advise it
[14:56:42] *** UQlev has left #postfix
[15:02:20] *** HKhan has joined #postfix
[15:02:40] *** af_ has joined #postfix
[15:05:33] <Diamond> well ok
[15:05:48] <Diamond> so what do you guys advise ?
[15:06:15] <Diamond> should i take another mta or just take another isp ?
[15:06:52] *** Zeit|idle has quit IRC
[15:07:12] <f3ew> or a better class of service
[15:08:29] <Diamond> ?
[15:13:46] *** m1lkc0w has joined #postfix
[15:14:27] <VSpike> I'm trying to get my retraining alias for dspam working, and having a bit of a 'mare.  http://pastebin.ca/448065
[15:15:03] <VSpike> I'm forwarding spam to spam-johncc@localhost
[15:15:57] *** _matt has quit IRC
[15:16:01] *** ^Timo^ has joined #postfix
[15:16:16] <VSpike> There is an alias there... spam-johncc: "|/usr/bin/dspam --user johncc@localhost --class=spam --source=error"
[15:17:09] <VSpike> Seem to be two things.. I still haven't got the permissions quite right, but also it seems to be trying to deliver to spam-johncc@localost as well as piping it to dspam
[15:17:18] *** caravena has joined #postfix
[15:19:13] *** meandtheshell has quit IRC
[15:21:42] <VSpike> I'm really confused... seem to have been working on this for days and so close but not quite there... any help appreciated
[15:22:40] <cpm> Diamond, if you are going to be running servers, you need a business class service.
[15:25:17] *** meandtheshell has joined #postfix
[15:25:43] *** Spec has quit IRC
[15:26:05] *** Spec has joined #postfix
[15:29:02] <m1lkc0w> I have a "check_sender_access" statement before any "reject_rbl_client" in smtpd_recipient_restrictions. Am I right that I can exclude senders from the rbl-checks by just adding "domainname OK"  to the access table?
[15:29:09] *** Diamond has quit IRC
[15:29:27] <Roobarb> m1lkc0w: sounds like it
[15:30:27] <m1lkc0w> Roobarb: Thanks. I guess the same hold true for recipient checks when I add them to a check_recipient_access table, correct?
[15:33:09] <m1lkc0w> I still see gray-listed senders in the log for (gray-listing is last check in smtpd_recipient_restrictions, before the final "permit"), even though the senders are explicitely whitelisted viacheck_sender_access before....
[15:33:39] *** CodeX has quit IRC
[15:33:46] *** csm-laptop has joined #postfix
[15:35:24] <[miles]> afternoon all
[15:35:27] *** xpoint has quit IRC
[15:35:42] <[miles]> guys I'm having a problem loosing the from header when passing an incoming mail to spamassassin
[15:35:59] <[miles]> I keep getting spf: cannot get Envelope-From, cannot use SPF
[15:36:11] <[miles]> in spamassassin... so I assume for some reason postfix is not passing it
[15:36:44] *** timotheus has joined #postfix
[15:37:47] <timotheus> is it possible to have postfix select the SMTP relayhost based on the From: field rather than To: ?
[15:38:16] <timotheus> (/etc/postfix/transport does based on recipient -- not the To field, but generally the same)
[15:38:53] <Roobarb> timotheus: sounds pointless
[15:41:17] <timotheus> Roobarb: not if you consider domain key authentication, and have multiple personal email accounts
[15:41:59] *** _matt has joined #postfix
[15:42:21] <timotheus> (SPF, domain keys, etc ...)
[15:43:04] *** ninan has joined #postfix
[15:43:39] *** _matt has quit IRC
[15:44:48] <ninan> hi. i ran fetchmail as user fetchmail. mails it fetches are tried to deliver to this user instead what i specified as local user.
[15:45:05] <Roobarb> timotheus: you probably want sender_dependent_relayhost_maps then
[15:45:06] *** _matt has joined #postfix
[15:45:25] * timotheus digs out the docs...
[15:45:30] *** Mez has quit IRC
[15:45:35] <Roobarb> http://www.postfix.org/postconf.5.html#sender_dependent_relayhost_maps
[15:46:26] <timotheus> ninan: you can try having fetchmail bypass the MTA entirely ; fetchmail supports sending the mail to a processor such as procmail, maildrop, etc.
[15:46:47] <milligan> This isn't a postfix question, but a mailserver in general. Why would a server reject an email with a 550 when I telnet to it and try to directly insert a mail?
[15:46:58] *** dj-fu has quit IRC
[15:47:09] <Roobarb> milligan: depends what commands you throew at it
[15:47:12] <Roobarb> *threw
[15:47:20] <ninan> timotheus, sure but that means that i cannot have 1:1 account mapping with fetchmail without double configuration
[15:47:26] <milligan> Roobarb, mail from, rcpt to, data
[15:47:33] <milligan> Roobarb, and the EHLO ofc.
[15:47:38] *** tminos has joined #postfix
[15:47:40] <Roobarb> milligan: how did you announce yourself?
[15:48:07] <milligan> Roobarb, EHLO domain.tld
[15:48:08] <timotheus> ninan: sorry, don't know
[15:48:28] <Roobarb> milligan: is the histname you used the same as the one you telnetted from ?
[15:48:29] <ninan> timotheus, it write RCPT TO fetchmail@hostname
[15:48:46] <milligan> Roobarb, negative
[15:48:54] <cpm> milligan, usually it kicks back a reason with the 550
[15:48:58] <ninan> timotheus, saw it
[15:49:11] <ninan> first tried the right thing but postfix doesnt like it
[15:49:14] <milligan> cpm, "Administrative prohibition"
[15:49:21] <ninan> i am glad that wasn't the wrong channel :-)
[15:49:30] <cpm> sounds like it doesn't want to hear from you.
[15:49:57] <milligan> bleh
[15:50:00] <milligan> stupid server :P
[15:50:12] <Roobarb> milligan: the remote end may be implementing some restriction to verify the {E,H}ELO address is the same as you r source address
[15:50:28] <Roobarb> milligan: or you may simply be blacklisted
[15:51:40] <timotheus> ninan: I use direct 1:1 mapping to drop POP emails into MH mailboxes (this works with mbox and maildir too) by appending the fetchmail config line with:   mda "/usr/bin/procmail -a %T ~/.fetch_procmailrc"
[15:52:23] <timotheus> ninan: user 'foobar' there with password 'p' is 'boxname' here
[15:53:30] <timotheus> ninan: then the local username is used as the argument `%T' to procmail, and procmail knows exactly which box to deliver to, based on my procmail config
[15:53:46] <ninan> what is %T replaced with?
[15:53:50] <Ciaran_H> Roobarb: Ah cool, you're back. Just wanted to let you know that my procmail version of what I'm trying to do is working perfectly. :D Thanks for the advice though, it was awesomely helpful.
[15:53:59] <timotheus> ninan: `boxname'
[15:54:02] <Roobarb> Ciaran_H: :o)
[15:54:16] <ninan> i use cyrus
[15:54:38] * timotheus has to depart
[15:54:57] <timotheus> ninan: see http://tstotts.net/pubvc.co/email-config/ for ideas; might help, might not
[15:58:16] *** magyar has quit IRC
[15:58:25] *** Diamond has joined #postfix
[15:58:30] *** ^Timo^ has quit IRC
[15:58:37] <ninan> timotheus, got it to work
[15:58:49] <ninan> you had the right intention. i use the cyrdeliver mda
[15:58:56] <ninan> that works very well
[15:59:00] <ninan> thank you a lot
[15:59:03] * timotheus grins
[16:00:30] <cpm> milligan, I can see all kinds of reasons why you would get a 550
[16:00:42] <cpm> not the least of which is no ptr record for your ip address
[16:00:51] *** caravena_ has joined #postfix
[16:01:10] <milligan> yeah, I figured as much myself...
[16:01:16] <milligan> It was just a test anyway :P
[16:01:19] <milligan> Thanks for the info :)
[16:01:20] <cpm> k
[16:01:21] <cpm> sure
[16:02:02] *** GMFlash has quit IRC
[16:02:02] *** GMFlash has joined #postfix
[16:08:19] *** rmayorga has joined #postfix
[16:09:59] *** ninan has quit IRC
[16:10:06] *** ninan has joined #postfix
[16:16:04] *** ninan has quit IRC
[16:17:48] *** porkpie has joined #postfix
[16:18:13] <porkpie> hi guy's can anyone tell why I am getting this error fatal: open database /etc/postfix/ispcp/domains.db: Bad file descriptor
[16:19:22] <porkpie> I am setting up a virtualhosting control panel and getting this error when trying to start post fix
[16:20:02] *** Mazon is now known as mazon
[16:20:22] *** caravena has quit IRC
[16:20:48] <porkpie> actually here is the full error Apr 19 14:08:10 webzonepanel postfix/trivial-rewrite[5642]: fatal: open database /etc/postfix/ispcp/domains.db: Bad file descriptor
[16:21:20] <lunaphyte_> have you tried regenerating the file?
[16:21:40] <porkpie> lunaphyte:how can I do that
[16:21:50] <lunaphyte_> postmap
[16:21:55] <porkpie> OK
[16:26:01] *** exodos has joined #postfix
[16:28:11] <exodos> hi, I would like to accept mail on my backup MX only if the primary MX is down. How can I achive this?
[16:28:12] <porkpie> lunaphyte:what the command for creating the files from scratch
[16:29:36] <exodos> porkpie: ???? touch ???
[16:30:10] <Roobarb> exodos: thats what MX priorities are for, but you can't prevent someone manually choosung to send to the backup MX
[16:31:24] <porkpie> thanks
[16:31:27] *** sloof3 has left #postfix
[16:31:37] <porkpie> worked it out :)
[16:34:34] *** StarOfDeath has joined #postfix
[16:35:05] <StarOfDeath> Where can I learn about VDA
[16:36:16] <Roobarb> VDA being ?
[16:37:12] <StarOfDeath> VDA for postfix
[16:37:41] *** exodos has quit IRC
[16:37:54] <Roobarb> http://www.google.co.uk/search?q=postfix+VDA
[16:38:16] <porkpie> lunaphyte:any ideas on this one postfix/local[6155]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
[16:38:32] <lunaphyte_> silly defaults.
[16:38:43] <StarOfDeath> Thank you Rooberb
[16:39:24] <porkpie> lunaphyte:was that for me
[16:40:46] <lunaphyte_> yes
[16:44:01] <porkpie> lunaphyte:what do I need to do
[16:45:19] *** ^Timo^ has joined #postfix
[16:45:42] <porkpie> lunaphyte:any ideas on this  ... :S  http://pastebin.ca/448203
[16:45:53] <porkpie> strange problem
[16:46:07] <porkpie> no idea what is causing it either
[16:46:20] <porkpie> all the file are in the dir
[16:46:44] <lunaphyte_> porkpie: postconf | grep -i nis
[16:47:21] <porkpie> root@webzonepanel:/etc/ispcp# postconf | grep -i nis
[16:47:21] <porkpie> alias_maps = hash:/etc/aliases, nis:mail.aliases
[16:47:21] <porkpie> lmtp_sasl_mechanism_filter =
[16:47:21] <porkpie> smtp_sasl_mechanism_filter =
[16:47:21] <porkpie> root@webzonepanel:/etc/ispcp#
[16:47:47] <lunaphyte_> take that reference out.
[16:48:28] <porkpie> which the hash:/etc/aliases
[16:49:06] <lunaphyte_> c'mon...  you can figure it out.  :)
[16:49:17] <porkpie> ah
[16:49:20] <porkpie> the nis
[16:50:42] *** noetik has joined #postfix
[16:51:41] *** pmjdebruijn has quit IRC
[16:52:23] *** SID_seba_a_barna is now known as SID-a-vuelto
[16:53:37] <porkpie> lunaphyte_:silly question but I can find it
[16:54:00] <porkpie> lunaphyte_:is it in the master or main
[16:54:24] <lunaphyte_> porkpie: it's a default value, so isn't present in the config.  you have to add it, to override it.
[16:55:29] <porkpie> OK   but where  ... don't shout at me please  ...I am used to using courier not postfix :S
[16:55:43] *** Diamond has quit IRC
[16:55:48] <lunaphyte_> shout?
[16:55:51] *** Diamond has joined #postfix
[16:55:56] <lunaphyte_> main.cf
[16:56:29] <porkpie> lunaphyte_:thanks ....so I just add the nis:mail.aliases
[16:56:45] <m1lkc0w> Who's got some good arguments for server-side SPAM filtering as compared to client-side filtering? I have a) reject known SPAM already during the data-phase,  b) leverage global dictionaries for Bayesian filtering, c) global black-/whitelists and d) greylisting only works before the data-phase of SMTP
[16:56:58] <m1lkc0w> What did I miss?
[16:57:16] <lunaphyte_> porkpie: you want to add an nis reference?
[16:58:02] <lunaphyte_> how do you define known spam?  isn't that subjective?
[16:58:04] <porkpie> lunaphyte_:you will have to excuse me  ....I am a bit lost  .... on what the syntax is
[16:58:28] <lunaphyte_> porkpie: the syntax is exactly what you see in the output of postconf.
[16:58:53] <m1lkc0w> lunaphyte: Good point. I am referring to dnsbl.
[16:59:09] <porkpie> lunaphyte_:IC so just add alias_maps = hash:/etc/aliases, nis:mail.aliases
[16:59:13] <cpm> m1lkc0w, doing everything on the server keeps things consistant, keeps them logged (no more 'where did my mail go?') and allows the use of multiple email clients with consistent views
[16:59:28] <m1lkc0w> cpm: Excellent points
[16:59:51] <cpm> client side screws things up, allows folks to delete their mail and then yell at you about it.
[17:00:20] <lunaphyte_> yeah, at least if you do it on the server, when they yell at you, it really _will_ be your fault.  :)
[17:00:23] <cpm> client side also loads the heck out of the server, esp with body filters
[17:00:33] <cpm> lunaphyte_, perzactly
[17:00:47] <cpm> and you can point to the logs, and say "Nope, not me dude!"
[17:01:39] <m1lkc0w> Great. Thanks.
[17:01:45] <rob0> I daresay that the lack of good server-side antispam tactics, and the proliferation of client-side spam abatement, has been a major contributor to the spam problem.
[17:01:58] * cpm agrees with rob0
[17:02:04] <cpm> users are the problem
[17:02:06] <cpm> :)
[17:02:12] <rob0> haha yes
[17:02:17] <cpm> all this intarweb stuff works fine if no one uses it
[17:02:25] *** ruben has joined #postfix
[17:02:37] <lunaphyte_> porkpie: you might read http://www.postfix.org/postconf.5.html#alias_maps to understand better the parameter you are adjusting.
[17:02:49] <cpm> but yes, I do agree, clueful mail admins/postmasters are the best spam abatement tools
[17:02:57] <ruben> Hi, what is the way to say '250' ever when a user try to use rcpt to: use? to avoid bruteforcing :)
[17:03:20] <rob0> porkpie: or just forget the whole thing. :) It's only a warning, no harm is done by the default alias_maps setting.
[17:04:03] <cpm> ruben, care to clarify that question a bit?
[17:04:15] <porkpie> rob0:thanks but postfix will not start ..
[17:04:17] <ruben> yes, sorry my english
[17:04:25] <cpm> its okay
[17:04:30] <rob0> porkpie: something else is the problem
[17:04:36] <porkpie> http://pastebin.ca/448203
[17:04:52] <ruben> some bruteforcers try to extract the suser if exist using rcpt to: user at domain dot com, if the user exist, postfix return 250 ok
[17:04:56] <ruben> any idea how to change it?
[17:05:16] *** noetik has quit IRC
[17:05:26] <ruben> I want to return 250 all time, or another value
[17:05:33] <cpm> ruben, ummm, if the sender doesn't get a 250, the email conversation ends, meaning, your users don't get any mail
[17:05:48] <cpm> you don't want to return a 250, unless rcpt to: is valid
[17:05:53] <ruben> yes yes, the tool 'the bruteforce' only want to know a valid users
[17:05:54] <cpm> you want to reject
[17:05:57] <ruben> to bruteforce me
[17:06:04] <cpm> ahh
[17:06:11] <cpm> then you need a catch all
[17:06:25] <cpm> bad idea, it will turn you into a spam magnet
[17:06:26] <ruben> how can I use this? tell me tell me :)
[17:07:55] <ruben> cpm: so, If I send 'forever' 250, it is possible?
[17:08:00] *** cutmasta has quit IRC
[17:08:01] <ruben> so, it despite the attacker
[17:08:24] <porkpie> rob0:any ideas on why I am getting that error
[17:10:00] <lunaphyte_> porkpie: you've got some weird non postfix script doing things.  are you certain all of those files exist?
[17:10:11] *** mazon is now known as Mazon
[17:11:14] <porkpie> lunaphyte_:they are in the dir
[17:11:15] <cpm> ruben,
[17:11:15] <cpm> http://www.postfix.org/VIRTUAL_README.html
[17:11:15] <cpm> seach 'catch-all'
[17:11:36] <porkpie> lunaphyte_:root@webzonepanel:/etc/ispcp/postfix/ispcp# ls -l
[17:11:36] <porkpie> total 20
[17:12:17] *** ^Timo^ has quit IRC
[17:12:17] <porkpie> I wonder if postfix needs to own them
[17:12:56] <lunaphyte_> maybe your script is trying to create db files, or do other work in that directory, and cannot, due to permissions.
[17:15:48] <rob0> "Cannot stat", that looks weird. It's not a Postfix issue, maybe the filesystem?
[17:16:01] * cpm cannot stat rob0
[17:16:05] *** caravena__ has joined #postfix
[17:16:13] * rob0 agrees with lunaphyte_ : Some non-Postfix script
[17:16:18] <porkpie> just looking at the script
[17:16:55] <ruben> porkpie: to me?
[17:17:06] <ruben> ups sorrie
[17:17:11] <porkpie> ruben:sorry no
[17:22:03] *** darkphader has joined #postfix
[17:22:58] *** caravena__ has quit IRC
[17:28:06] <cpm> ruben, google postfix catch-all
[17:28:23] *** plee has joined #postfix
[17:29:56] * porkpie is going to kick the server down the street ... I can't find out what is causing this error
[17:31:46] <Roobarb> Wietse++.  Upgrade from 2.2.5 -> 2.4.0 with _no_ issues at all.
[17:32:06] <Roobarb> porkpie: are you chrooted?
[17:33:31] *** caravena_ has quit IRC
[17:35:22] <Ciaran_H> Hmm, question. Is it possible for a mail to only allow mail to a certain UNIX account if it was aliased, not if it was addressed directly?
[17:36:20] <Roobarb> smtpd_recipient_restrictions = check_recipient_access
[17:37:24] <Ciaran_H> Brilliant, that sounds like just what I want. Thanks. :D
[17:37:49] <Roobarb> Ciaran_H: the assumption is that ALL valid addresses are listed in that file
[17:38:59] <rob0> Ciaran_H: I would change the default setting of local_recipient_maps, probably "local_recipient_maps = $alias_maps".
[17:39:49] <Roobarb> or that
[17:39:53] *** bostik has quit IRC
[17:39:54] <Ciaran_H> Roobarb: Oh, is it? Meep.
[17:39:57] <Ciaran_H> Okay.
[17:40:14] <Roobarb> in this case, the end result is probably the same
[17:40:27] <Ciaran_H> Hmm.
[17:40:43] *** Frits has joined #postfix
[17:40:50] <Ciaran_H> Maybe I'm misunderstanding now.
[17:42:44] <Roobarb> Ciaran_H: however you phrase it, what you want to do is present postfix with a list of email addresses to accept mail for, and for it to reject anything else.
[17:42:51] <Ciaran_H> Roobarb: As you know, the way I solved the forwarding problem earlier was by aliasing the addresses I wanted to forward to a UNIX account, which then uses procmail to deliver the actual mail. What I want to stop is direct delivery to that UNIX account, so emails addressed to, say, forward at example dot com won't get delivered (assuming 'forward' is a valid account) but mails resolving to 'forward' do. Is that done with local_recipient_maps?
[17:42:58] <Ciaran_H> Okay.
[17:43:07] <Ciaran_H> In that case I may as well go with check_recipient_access.
[17:43:39] <Roobarb> rob0's method removed postfix's abulity to check /etc/passwd
[17:43:55] <Roobarb> if you can read that past my spelling
[17:44:06] <Ciaran_H> Heh.
[17:45:13] <Ciaran_H> This is for *all* recipients processed by Postfix, right?
[17:45:34] <Roobarb> yus
[17:46:01] <rob0> $local_recipient_maps only covers local(8) recipients, i.e., for domains listed in $mydestination.
[17:46:10] <Ciaran_H> Okay, so for the stuff that's already mapped, I'd need to do ' at domainone dot com   OK', ' at domaintwo dot com   OK', etc.
[17:46:13] <Ciaran_H> *nods*
[17:46:29] <Roobarb> yes, although I think you drop the @
[17:47:23] <Ciaran_H> Ah, right.
[17:47:26] <Ciaran_H> My mistake.
[17:48:29] <rob0> Note that wildcards in recipient maps do break recipient validation.
[17:49:10] <Ciaran_H> You mean mail will be accepted, but then bounced?
[17:49:16] <rob0> yes
[17:49:32] <rob0> unless you have a luser_relay (for local domains)
[17:49:32] <Roobarb> better to out-right reject at RCPT TO
[17:49:38] <Ciaran_H> But that's not the case with check_recipient_access in smtpd_recipient_restrictions, right?
[17:49:48] *** honkzilla has joined #postfix
[17:50:10] <rob0> check_recipient_access can indeed take the place of Postfix's recipient validation structures.
[17:50:13] *** UQlev has joined #postfix
[17:50:41] <rob0> As you can see, there are a lot of different ways to approach this issue.
[17:51:28] <Ciaran_H> Okay, so if I say 'subdomain.example.com OK' in the check_recipient_access file and then I address something to nonexistentuser at subdomain dot example.com , what would happen?
[17:51:38] *** Fullmoon has joined #postfix
[17:51:39] <Ciaran_H> Before, it would just reject it.
[17:51:46] <Ciaran_H> Would it accept then bounce in this case?
[17:52:18] <Ciaran_H> I should try it and see.
[17:52:23] <rob0> accept then bounce, unless there's something set up to accept that wildcard.
[17:52:47] *** SilenceGold has quit IRC
[17:53:14] <rob0> That could be luser_relay for local(8), or a wildcard in virtual_alias_maps for other classes.
[17:56:33] *** _matt has quit IRC
[17:57:13] *** honker has joined #postfix
[17:57:16] *** honker has quit IRC
[17:58:03] <Ciaran_H> rob0: Nope, I just tested it, it works fine without accepting.
[17:58:09] <Ciaran_H> It rejects properly.
[17:58:27] *** honkzilla has left #postfix
[17:58:35] <Ciaran_H> (using a wildcard in check_recipient_access)
[17:59:35] *** devdas has joined #postfix
[18:00:19] <Ciaran_H> Funnily enough, it doesn't do check_recipient_access if I connect locally or if I authenticate first, but that's not a problem.
[18:00:48] <devdas> hmmmm?
[18:01:03] <rob0> You have permit_mynetworks, permit_sasl_authenticated before the check_recipient_access lookup[s].
[18:01:06] <devdas> do you have a permit_mynetworks or permit_sasl_authenticated before the check_recipient_access?
[18:01:12] <rob0> :)
[18:01:16] <devdas> GMTA
[18:01:37] <Ciaran_H> Heh.
[18:01:54] <Ciaran_H> Yeah, I added check_recipient_access to the end.
[18:03:00] <Ciaran_H> Which also explains why it's rejecting properly, maybe - I have reject_unauth_destination before there too. Or does that do something else?
[18:03:30] <rob0> nope, you're right
[18:03:31] <devdas> that rejects mail sent to a domain you are not explicitly accepting mail for
[18:03:55] <rob0> Sounds like you accidentally stumbled on a perfect solution. ;)
[18:04:32] <Ciaran_H> Oh. But I am accepting mail for this domain, just not for this user as this domain.
[18:04:59] <VSpike> If I've created /etc/postfix/transport what do I need to do to create /etc/postfix/transport.db ?
[18:05:09] <lawnchair> postmap /etc/postfix/transport
[18:05:20] <devdas> reject_unauth_destination doesn't say accept, it just rejects mail for domains not listed
[18:05:33] <Ciaran_H> Right, but this domain *is* listed.
[18:06:48] <Ciaran_H> It's properly rejecting mail for users which I haven't explicitly listed, though, although rob0 said that check_recipient_access would stop that happening if I had a wildcard. (I'm assuming that a single domain is what's meant by 'a wildcard' in this case.)
[18:07:36] <Ciaran_H> Well, what the heck. I'm not complaining. It seems to do everything I need it to do properly.
[18:08:01] <m1lkc0w> I just have to convince some other people. /quit
[18:08:06] *** m1lkc0w has quit IRC
[18:08:57] <Ciaran_H> Thanks for all your help, guys. I love you.
[18:11:59] *** [miles] has quit IRC
[18:20:51] *** AJ_Z0 has quit IRC
[18:21:30] *** AJ_Z0 has joined #postfix
[18:24:32] *** MrRagga has joined #postfix
[18:35:21] *** Fullmoon has quit IRC
[18:35:48] *** hparker has joined #postfix
[18:37:41] *** timotheus has left #postfix
[18:39:27] *** SilenceGold has joined #postfix
[18:43:02] *** sepski has joined #postfix
[18:44:10] <VSpike> Apr 19 17:43:32 localhost postfix/trivial-rewrite[13340]: fatal: open database /etc/postfix/transport.db: No such file or directory
[18:44:50] <VSpike> doh
[18:45:23] *** hayabusa has joined #postfix
[18:45:51] <devdas> root?
[18:46:06] <hayabusa> hi
[18:46:20] <hayabusa> hi devdas
[18:46:50] <VSpike> file was called /etc/postfix/tranport.db
[18:47:09] <VSpike> oops
[18:50:06] *** AJ_Z0 has quit IRC
[18:55:09] *** hayabusa has left #postfix
[18:57:08] <porkpie> VSpike:does the file exist
[18:57:50] <porkpie> if no touch  /etc/postfix/transport.db
[18:57:59] *** Mavvie has quit IRC
[18:58:21] <porkpie> Then postmap /etc/postfix/tranport.db
[18:58:27] *** ^Timo^ has joined #postfix
[18:58:46] <porkpie> then mv /etc/postfix/tranport.db.db /etc/postfix/tranport.db
[19:07:10] *** Bronsky has quit IRC
[19:10:50] *** Diamond has quit IRC
[19:11:29] *** olinux has joined #postfix
[19:12:29] *** af_ has quit IRC
[19:14:13] *** Bronsky has joined #postfix
[19:16:50] *** Rattail has joined #postfix
[19:16:53] <Rattail> all
[19:16:56] <Rattail> hi
[19:19:44] *** greuceanu has quit IRC
[19:20:05] *** drraid has joined #postfix
[19:27:53] *** alexIdoia has joined #postfix
[19:28:08] *** greuceanu has joined #postfix
[19:29:02] <alexIdoia> sorry to ask here but every one is busy at #mailman, for some reasons mailman is not writing the archives since my last update the 11th of April, how can I know if they are been written and if yes where ?
[19:29:35] <devdas> uh oh
[19:29:38] * devdas has no clue
[19:32:45] <Rattail> I updated the clamav virus scanner on Friday, then on Saturday we had a power outage that kept my email server off 48 hours now my system is so slow. Clamav and Amavis look to be working but my mailq is about 480 behind
[19:32:48] <Rattail> any ideal
[19:33:49] <devdas> just wait
[19:34:21] <UQlev> Rattail
[19:34:27] <UQlev> Rattail: what OS?
[19:38:17] <devdas> UQlev: he's probably processing two messages at a time
[19:38:21] <devdas> and 480 mails is nothing
[19:39:23] *** bronson_ has joined #postfix
[19:41:58] *** Trollinator has joined #postfix
[19:43:24] *** Diamond has joined #postfix
[19:44:07] *** ThomasAH has joined #postfix
[19:48:20] <Trollinator> Hi. I want to set up an SMTP server, but i need it to integrate with our CRM.
[19:49:11] <Rattail> centOS
[19:49:38] <Trollinator> that is, when someone sends an email, i need to check whether the to: adress belongs to a customer and if that is the case, the email has to be fed into the CRM's database
[19:49:45] <Trollinator> is that possible with postfix?
[19:49:59] <cpm> yes
[19:50:31] <Trollinator> cpm: OK, can you give me a hint how to do it?
[19:50:43] <cpm> write a script
[19:51:11] *** csm-laptop has quit IRC
[19:51:12] <Trollinator> cpm: and how do i integrate that script with postfix?
[19:51:54] <rob0> SMTPD_POLICY_README.html probably.
[19:52:57] <Trollinator> fantastic, thanks.
[19:53:58] <cpm> http://www.postfix.org/SMTPD_POLICY_README.html
[19:54:04] * rob0 feeds cpm into Trollinator's CRM database
[19:54:11] <cpm> Aiiieee!
[19:54:35] <rob0> Major Kong, the CRM-114 is negative function!
[19:55:16] *** ^Timo^ has quit IRC
[19:55:55] <rob0> <== Kubrick fan
[19:55:56] <cpm> Major Kong, I know you're gonna think this a crazy but I just got a message from base over the CRM 114
[19:56:21] <rob0> It says, "Wing attack, Plan R."
[19:56:30] <cpm> Ah ha!
[19:56:35] <devdas> lol
[19:56:39] <cpm> Goldie, did you say Wing Attack, plan R?
[19:56:42] <devdas> all your base are belong to cpm?
[19:58:09] <cpm> Gentlemen, you can't fight in here. This is the War Room!
[19:58:44] * rob0 knew that one was coming :)
[20:01:27] * cpm blames rob0
[20:02:08] * rob0 blames Trollinator
[20:03:58] *** choongii has quit IRC
[20:04:11] *** choongii has joined #postfix
[20:10:45] *** Turt|e has quit IRC
[20:12:01] *** bfm|n3wbi3 has joined #postfix
[20:12:06] <bfm|n3wbi3> hi :)
[20:12:32] <bfm|n3wbi3> i got a problem with my postfix ;-)
[20:13:07] <bfm|n3wbi3> the directories for user at virtual dot test are created and i can login using imap
[20:13:07] *** ^Timo^ has joined #postfix
[20:13:50] <bfm|n3wbi3> but the real mail is either going to /var/mail, if the user exists or bounced, if he doesn't
[20:21:06] *** mouse- has joined #postfix
[20:21:51] *** greuceanu has quit IRC
[20:23:02] *** Trollinator has quit IRC
[20:23:15] *** Trollinator has joined #postfix
[20:25:08] *** Diamond has quit IRC
[20:26:47] *** hemry has joined #postfix
[20:28:16] *** Turt|e has joined #postfix
[20:32:36] *** bfm|n3wbi3 has left #postfix
[20:33:05] *** macsim has quit IRC
[20:33:30] *** macsim_ has joined #postfix
[20:35:40] *** devdas has left #postfix
[20:42:03] *** AJ_Z0 has joined #postfix
[20:45:05] *** Frits has quit IRC
[20:50:58] *** Zeit|idle has joined #postfix
[20:53:55] *** MrRagga has quit IRC
[20:54:20] *** UQlev has quit IRC
[20:59:34] *** wad has joined #postfix
[20:59:43] <wad>  Which is invoked first, /etc/procmailrc or /home/user/.procmailrc ?
[21:00:45] <Ciaran_H> wad: man procmail gives the answer. :) "If  no  rcfiles  and  no -p have been specified on the command line, procmail will, prior to reading $HOME/.procmailrc, interpret commands from /etc/procmailrc (if present).  Care must be taken when creating  /etc/procmailrc,  because,  if circumstances permit, it will be executed with root privileges (contrary to the $HOME/.procmailrc file of course)."
[21:01:06] <wad> ah!
[21:01:32] <wad> Thanks. I had looked at the man page, but it was long and intimidating.
[21:01:44] <Ciaran_H> No worries.
[21:01:59] <rob0> Consider using local(8)'s .forward and similar features, which might work as well as procmail for simpler filtering needs.
[21:02:10] <rob0> (man local)
[21:02:53] <rob0> <== still addicted to procmail, but trying to wean myself
[21:03:15] <Ciaran_H> Hmm, question. Is there a way to specify the interface that Postfix sends out on?
[21:03:50] <Ciaran_H> (actually, what I'd really like to do is specify a default sending interface for the whole system but I haven't found a way to do that.)
[21:04:00] <Ciaran_H> Yet.
[21:04:31] <Ciaran_H> Ah ha.
[21:04:36] <Ciaran_H> That'd be smtp_bind_address.
[21:08:06] <Ciaran_H> Or maybe not.
[21:09:10] *** xpoint has joined #postfix
[21:10:49] <wad> rob0, I was using that, but there's a problem with it.
[21:11:26] <wad> SpamAssassin marks incoming mail as spam. The .forward kicks in, and everyone who has external email accounts get their spams forwarded to them.
[21:11:40] <wad> My ISP turned off my outgoing email for 24 hours, due to exessive outgoing emails.
[21:12:07] <wad> So I'm using /etc/procmailrc to put people's spam into their local spam folder (use local delivery),
[21:12:10] <rob0> Ciaran_H: yes, smtp_bind_address, but you also need to have the OS routing tables properly set up to do what you need there.
[21:12:27] <wad> and then each user has their own .procmailrc to forward the remaining emails out of my server.
[21:12:31] <wad> I think it will work.
[21:12:51] *** frennkie has quit IRC
[21:18:13] <Ciaran_H> rob0: Routing tables aren't a problem. Basically, I'm on a box which has a few IPs on the public Internet, all bound to a single network card, so eth0 is the first IP, eth0:1 is the second, and eth0:2 is the third. Postfix binds to all of them for listening but for some reason, it wants to use eth0:2's IP to go out, as do other TCP programs on the same box.
[21:18:44] <Ciaran_H> Specifying "smtp_bind_address = <first IP>" in main.cf doesn't seem to work.
[21:34:34] *** AJ_Z0 has quit IRC
[21:34:55] *** AJ_Z0 has joined #postfix
[21:40:56] *** sean_micken has joined #postfix
[21:42:46] *** Blackmore has joined #postfix
[21:42:50] <Blackmore> Hi all.
[21:44:12] <Blackmore> yahoo is temporary rejecting mail from my server: Apr 19 20:21:52 pichove postfix/smtp[6425]: F36CE11409: host c.mx.mail.yahoo.com[68.142.237.182] refused to talk to me: 421 Message from (80.203.228.134) temporarily deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html      My question is: Will Postfix attempt to send the mail again and what main.conf parameters have to do with that?
[21:45:23] <cpm> yes
[21:45:55] <cpm> postfix, unless you've messed with it in ways most folks have no clue about, will attempt to deliver to a 4xx for 5 days
[21:46:32] *** cpm has quit IRC
[21:47:48] <sean_micken> minimal_backoff_time, maximal_backoff_time, and maximal_queue_lifetime i think are of interest, Blackmore.
[21:47:55] *** necrite has joined #postfix
[21:48:02] <Blackmore> thanks :)
[21:48:07] <necrite> hi all
[21:48:39] <necrite> any one knows why hotmail blocks one email server (not spammer server)
[21:48:46] <necrite> and if there is any solution?
[21:49:49] <sean_micken> is there any max message count parameter in postfix?  i know there is a max mailbox size in bytes, but is there any for the number of messages in the box?
[22:01:22] <sean_micken> because a user may get 100,000 small messages that don't max out his quota size in bytes, but having that much email is unacceptable.
[22:01:39] <sean_micken> qmail does this, but i don't see a thing for it in postfix...
[22:02:47] *** ThomasAH has left #postfix
[22:04:39] *** cfernandez has quit IRC
[22:11:45] *** Turt|e has quit IRC
[22:11:54] *** wad has quit IRC
[22:12:21] *** hparker has quit IRC
[22:13:33] *** ^Timo^ has quit IRC
[22:13:35] *** ^Timo^ has joined #postfix
[22:19:21] *** hparker has joined #postfix
[22:28:02] *** amrit|zzz is now known as amrit|wrk
[22:29:57] *** cilly has quit IRC
[22:34:54] *** jpablo has left #postfix
[22:36:04] *** hparker has quit IRC
[22:38:52] *** hparker has joined #postfix
[22:46:03] *** lunaphyte_ has quit IRC
[22:46:10] *** userlame-titan has joined #postfix
[22:47:52] <userlame-titan> just an offhand question - when a domain is listed in virtual_mailbox_domains, mail to those domains is checked agains virtual_alias_maps correct? (that seems to be what i'm seeing)
[22:48:20] *** cilly has joined #postfix
[22:56:39] *** meandtheshell has quit IRC
[23:01:56] *** AJ_Z0 has quit IRC
[23:02:23] *** AJ_Z0 has joined #postfix
[23:02:28] *** Mavvie has joined #postfix
[23:02:36] *** m1lkc0w has joined #postfix
[23:06:04] <m1lkc0w> What's the skinny on folder move hooks? E.g. to trigger external actions when messages get moved from one folder to another. There were some discussion about it some time ago to train SPAM filters.
[23:08:51] *** dj-fu has joined #postfix
[23:08:51] <m1lkc0w> Ouch. Wrong channel :-(
[23:13:45] <rob0> userlame-titan: ALL mail to anywhere is checked against virtual_alias_maps. But smtpd for virtual_mailbox_domains uses virtual_mailbox_maps for recipient validation, as does virtual(8) to find where/how to deliver.
[23:14:35] <userlame-titan> cool thanks rob0 :)
[23:21:09] *** StereoSkit has left #postfix
[23:22:22] *** war has quit IRC
[23:29:58] *** pirho has joined #postfix
[23:31:31] *** Trollinator has quit IRC
[23:39:37] *** Fullmetal-Mavez has quit IRC
[23:40:36] *** Fullmetal-Mavez has joined #postfix
[23:41:33] *** pdbogen has joined #postfix
[23:42:18] <pdbogen> I'm using procmail as my mailbox_command, which performs things like white/blacklisting and spamassassin. How can I set up a service to listen on, e.g., 127.0.0.1:10025 such that it will bypass the mailbox_command and deliver straight to Maildirs? (For mailman delivery)
[23:46:15] *** dj-fu has quit IRC
[23:46:25] *** dj-fu has joined #postfix
[23:47:17] <efaistos> hi
[23:47:40] <efaistos> I configured courier and postfix to use TLS and SASL
[23:47:58] <efaistos> and when i'm doing a telnet localhost 25 it's okay
[23:48:07] <efaistos> but from another host it doesnt connect
[23:48:26] <efaistos> so I can t connect to my smtp to send email ...
[23:48:32] <efaistos> do you have an idea ?
[23:49:00] <rob0> pdbogen: See amavisd-new and FILTER_README.html , the generally-preferred means of running SpamAssassin. See also:
[23:49:04] <rob0> !cheatsheet
[23:49:04] <knoba> rob0: 'cheatsheet' : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[23:49:54] <rob0> efaistos: see this:
[23:49:59] <rob0> !inet_interfaces
[23:50:00] <knoba> rob0: 'inet_interfaces' : a configuration parameter in the main.cf: The network interface addresses that this mail system receives mail on. By default, the software claims all active interfaces on the machine. The parameter also controls delivery of mail to user at [ip dot address]. If your server does not react to connection attempts on a certain interface you should check this setting.
[23:50:11] <rob0> also check your firewall
[23:50:43] <efaistos> rob0: i have all
[23:50:47] <rob0> Use netstat(8) to ensure that the master daemon is listening on 0.0.0.0:25 .
[23:50:51] <efaistos> and didnt configure the firewall yet
[23:51:25] <efaistos> rob0: yes i have it ...
[23:53:12] <efaistos> I tried again and it works
[23:53:37] <efaistos> but with Mail under OSX I cant use my smtp server to send email
[23:54:47] *** hemry has quit IRC
[23:54:58] *** AJ_Z0 has quit IRC
[23:55:18] *** AJ_Z0 has joined #postfix





top