[00:00:01] *** autojack has quit IRC
[00:02:26] *** Yaroon has joined #postfix
[00:02:43] <teratorn> found the docs: Footmen Frenzy JOIN NOW
[00:02:45] <teratorn> doh
[00:02:59] *** Ryushin has joined #postfix
[00:03:02] <teratorn> stupid clipboard'ing between diffferent computers
[00:03:11] <Yaroon> I'd like all spam to be collected by 1 mail-user "spam" instead of having it sent to the users maildirs. What would be the quickest way?
[00:03:25] <teratorn> but yeah, found the docs that deaal with setting up the Postfix SMTP client to use authentication
[00:03:27] *** prebur has joined #postfix
[00:09:41] *** GMFlash has quit IRC
[00:09:48] *** GMFlash has joined #postfix
[00:15:45] *** Fullmoon has joined #postfix
[00:22:38] *** meandtheshell has quit IRC
[00:28:54] *** pirho has quit IRC
[00:30:10] *** smithj has joined #postfix
[00:30:51] *** pirho has joined #postfix
[00:31:55] <smithj> how can i get postfix to accept mail to smithj+test at foo dot bar as if it were to smithj at foo dot bar, as sendmail does?
[00:32:00] <smithj> surprisingly, it wasn't in the faq :/
[00:34:30] <higuita> recipient_delimiter = +
[00:36:07] <smithj> higuita: many thanks
[00:36:44] *** Fullmoon has quit IRC
[00:36:44] *** smithj has left #postfix
[00:37:21] *** MindUs has joined #postfix
[00:37:42] <MindUs> Free phone calls all around the world ----->  http://callfree.point-serv.com/en/
[00:37:43] *** MindUs has left #postfix
[00:41:29] *** nfi|ermes has joined #postfix
[00:41:30] *** MindUs has joined #postfix
[00:41:31] <MindUs> Free phone calls all around the world ----->  http://callfree.point-serv.com/en/
[00:41:34] *** MindUs has left #postfix
[00:43:47] *** master_o1_master has joined #postfix
[00:44:11] *** vi-config has quit IRC
[00:51:52] *** ircminer03 has joined #postfix
[00:55:38] *** master_of_master has quit IRC
[00:56:30] *** teratorn has left #postfix
[00:56:33] *** prebur has quit IRC
[01:21:01] <th3073ch> I've recently got Postfix working with certs for opportunistic TLS, but it seems to be refusing to do TLS with servers which have self-signed certs.  Since it's opportunistic anyways, I'd rather that it went ahead and did TLS anyways.  A sample of the log messages I'm getting is "certificate verification failed for mail.optusnet.com.au: num=19:self signed certificate in certificate chain".  Any ideas on what setting I need to change?
[01:22:22] *** prebur has joined #postfix
[01:28:41] *** ziro has quit IRC
[01:32:07] *** pirho has quit IRC
[01:43:07] *** war has quit IRC
[01:57:16] *** magyar has joined #postfix
[01:58:27] *** fholmes_laptop has joined #postfix
[01:58:45] <fholmes_laptop> Does anyone know how I can convert a .crt file into a .pem file for TLS and Postfix?
[02:05:06] *** fholmes_laptop has left #postfix
[02:23:12] *** kreg_lt has quit IRC
[02:37:56] *** Ryushin has quit IRC
[02:43:10] *** KenSentMe_ has quit IRC
[02:47:41] *** nfi|ermes has quit IRC
[02:50:55] *** ikaro has quit IRC
[02:53:38] *** rmayorga has quit IRC
[02:54:43] *** Mez has joined #postfix
[03:00:44] *** ceL_ has joined #postfix
[03:06:17] *** Tachy has joined #postfix
[03:12:15] *** daqqal has quit IRC
[03:14:11] *** ikaro has joined #postfix
[03:18:15] *** Tachy_ has quit IRC
[03:44:05] *** rmayorga has joined #postfix
[04:05:01] *** WALoeIII has joined #postfix
[04:05:41] <WALoeIII> Anyone here have any idea how I can get unblacklisted by google? They appear to be redirecting all my email to gmail.com and google apps domains to /dev/null
[04:08:53] <hparker> postmaster at google dot com might know
[04:13:30] <WALoeIII> yea, he doesn't read his mail
[04:13:54] <WALoeIII> I even have a premier account and call them on the phone and they can't get beyond the fact that dig is caching A records
[04:14:05] <WALoeIII> they are claiming that I am setting A records for their mail servers in my DNS config
[04:14:21] <WALoeIII> I still can't even figure out how that would work!
[04:14:54] <hparker> it would work in /etc/hosts
[04:16:30] <WALoeIII> the point is that my DNS configuration has nothing to do with why I can't ping aspmx.l.google.com from my server, when I can ping it from home with no trouble
[04:17:26] <hparker> Think about what you just said... your DNS configuration has a lot to do with the ability to do lookups.. and if you can't ping, you have deeper problems then postfix
[04:19:02] *** doomas_ has joined #postfix
[04:24:00] *** the-er1 has joined #postfix
[04:25:39] <the-er1> I'm getting email from myself at mydomain dot com from myself at mydomain dot com that is spam. What settings do I need to read up on?
[04:26:20] *** the-er1 is now known as the-erm
[04:26:58] <WALoeIII> hparker: true, however ping successfully resolves aspmx.l.google.com to 209.85.133.27, so I think its alright.
[04:28:29] <hparker> What happens if you 'telnet 209.85.133.27 25' from the server?
[04:29:00] <WALoeIII> andrew@switch:~$ telnet 209.85.133.27 25
[04:29:00] <WALoeIII> Trying 209.85.133.27...
[04:29:04] <WALoeIII> and it just sits until you kill it
[04:30:17] <hparker> Something is blocking outbound port 25, might be your ISP
[04:31:16] <WALoeIII> nope, server does a fantastic job of sending email to anyone else
[04:31:49] *** doomas has quit IRC
[04:32:10] <hparker> Then someone is blocking to google, tcptraceroute should help you find out where
[04:40:03] *** WALoeIII has quit IRC
[04:41:59] *** amrit is now known as amrit|bbl
[04:55:46] *** prebur has quit IRC
[04:59:50] *** prebur has joined #postfix
[05:01:08] *** xpoint has quit IRC
[05:03:19] *** nescius has quit IRC
[05:04:11] *** nescius has joined #postfix
[05:14:24] *** nescius has quit IRC
[05:14:31] *** nescius has joined #postfix
[05:41:49] *** rmayorga has quit IRC
[05:44:33] *** bigredradio has joined #postfix
[05:44:42] <bigredradio> I am setting up a new postfix service using webmin. It appears postqueue -p is hanging. Any suggestions?
[05:45:54] <bigredradio> I tried postqueue -f to flush and it comes back, but postqueue -p still hangs
[05:52:27] <bigredradio> mailq also hangs...hummm
[05:58:09] <lkthomas> did you check dmesg ?
[05:58:19] <lkthomas> it might cause by hardware problem
[06:01:01] *** Tino is now known as Tinozaure
[06:06:09] *** prebur has quit IRC
[06:09:10] *** cilly has quit IRC
[06:09:41] *** cilly has joined #postfix
[06:11:15] *** prebur has joined #postfix
[06:20:48] *** bigredradio has left #postfix
[06:25:43] *** hparker has quit IRC
[06:46:09] *** Mavvie has quit IRC
[06:46:34] *** Mavvie has joined #postfix
[06:48:36] *** Railer has left #postfix
[07:14:02] *** TheOutlander has joined #postfix
[07:26:56] <seekwill> Does anyone know if there is a postfix-mysql package for CentOS?
[07:31:49] <sep> seekwill, probably more sane to ask that in the centos channel
[07:31:59] <sep> or "i have no clue. " :)
[07:32:11] <seekwill> :) I tried there as well
[07:33:29] <seekwill> I wonder if I can just compile it myself, but just replace the binary.... think that would work?
[07:33:51] <sep> i think there most likely are a sql package there
[07:33:58] <cilkay> seekwill: don't build from source
[07:34:05] <cilkay> rebuild the SRPM
[07:34:22] <cilkay> That's what I did on Mandriva, which is another RPM-based system.
[07:34:27] <seekwill> Good idea if I knew how! :) I'll look into that. Thanks.
[07:34:31] *** Motoko-chan has joined #postfix
[07:34:34] <f3ew> seekwill no
[07:34:41] <seekwill> No to what? :)
[07:34:48] <f3ew> rpmbuild --rebuild ...
[07:34:57] <f3ew> no postfix-mysql
[07:35:05] <seekwill> ah ok
[07:36:37] <seekwill> Now to find out about rpmbuild. Thanks.
[07:39:08] *** dj-fu has quit IRC
[08:11:02] <lkthomas> f3ew, hey
[08:11:09] <lkthomas> f3ew, I am using postfix 2.1.x
[08:11:21] <lkthomas> f3ew, if I upgrade it to 2.3.x, do I need to change any config ?
[08:12:41] <f3ew> no
[08:12:58] <lkthomas> because postfix 2.1.x sql config file is diff than 2.3.x
[08:13:25] *** cilly has quit IRC
[08:15:32] <lkthomas> f3ew, but then I need to rework on sasl
[08:15:39] <lkthomas> sasl config is kind of messy
[08:18:05] <sep> f3ew, remember my question yesterday ?
[08:18:36] <f3ew> I didn't see it
[08:18:43] <sep> f3ew, each file is 1 mail. kinda like maildir, but it's not maildir. header and body
[08:19:43] <sep> i have recived a tarpackage with a lot of files in it. the files are from a mailsite store. and contains messages delivered to mailsite. is there any way i can inject these in the queue and have them deliver to postfix virtusers ?  each file is 1 email.
[08:20:02] <f3ew> ah
[08:20:16] <f3ew> header and body in the same file, right?
[08:20:19] <sep> yes
[08:20:26] <f3ew> just drop all the files into Maildir/cur/
[08:20:38] <f3ew> that will work
[08:21:02] <sep> seriously ?
[08:21:17] <sep> i imagined maildir used to encode information in the filename
[08:21:59] <sep> since the filenames are wildly different
[08:24:01] <sep> ahh the envelope to: is mising from the file
[08:24:25] <sep> only the header to: and that's wildly inacurate. (lots of mailinglist mail in there too )
[08:29:59] *** UQlev has joined #postfix
[08:32:49] <f3ew> aha
[08:33:01] <sep> f3ew, i tested it on my own user. and it seams to work. even if the files have a 30 long hex number as name
[08:33:04] <f3ew> the envelope FROM?
[08:33:09] <sep> that made no sense what so ever
[08:33:11] <f3ew> That's encoded in the return part
[08:33:29] <f3ew> sep, the encoding of information is for convinience
[08:33:44] <sep> so i'll have the guy that made the mess, deliver them manualy to our maildir.
[08:33:50] <sep> :D
[08:33:54] <sep> f3ew, thanks
[08:40:07] *** mazon is now known as Mazon
[08:45:12] *** tarvid has joined #postfix
[08:45:47] <tarvid> I am seeing a lot of  log entries that look like this
[08:45:54] <tarvid> May  3 02:44:01 helen postfix/qmgr[11634]: 486755A9171: from=<www-data at helen dot ls.net>, size=5104, nrcpt=3 (queue active)
[08:46:05] <tarvid> how can I find where they are coming from
[08:47:28] *** Motoko-chan has quit IRC
[08:48:19] <tarvid> I have 5779 messages in my mailqueue
[08:48:56] <sep> tarvid, they aer from your webserver. check the apache logs
[08:49:11] <sep> looks like a insecure script allowing spammers to abuse
[08:49:52] <sep> tarvid, i enforce the usage of smtpauth for webscripts. then it's easy from postfix to block mail from a spesific script only.
[08:50:40] <tarvid> thanks - looking at logs
[08:51:08] <sep> ofcourse the web logs at helen.ls.net
[08:54:12] <tarvid> I'm there wading through lots of GoogleBot
[08:54:17] *** frennkie has joined #postfix
[08:55:54] <tarvid> This is truly ugly. I have separate access logs for each domain. deleted 20,000 of the oldest logs but unless I grep for something I could get older
[08:55:57] *** cilkay has left #postfix
[09:03:27] <lkthomas> heh, anyone using postfix 2.4 yet ?
[09:08:26] <tarvid> sep, how do you enforce the use of smtpauth?
[09:09:51] <sep> tarvid,  by using  permit_sasl_authenticated,    and not listing webservers in spesific whitelists
[09:10:02] *** Kalavera has quit IRC
[09:13:50] <tarvid> thanks
[09:16:30] *** meandtheshell has joined #postfix
[09:17:34] <seekwill> Hmmm... telnet localhost 25 <-- works  telnet <ip_of_box> 25 <-- gives connection refused... why?
[09:18:17] <sep> seekwill, perhaps you only listen on 127.0.0.1
[09:18:47] <sep> netstat -plont | grep master would tell you
[09:19:13] <seekwill> Yep!
[09:19:24] <seekwill> Interesting, I don't remember changing that setting before...
[09:19:28] <seekwill> Thanks.
[09:20:41] *** [miles] has joined #postfix
[09:23:48] *** UQlev has quit IRC
[09:25:33] *** kreg_lt has joined #postfix
[09:26:13] <kreg_lt> i can't seem to get web-cyradm to understand that i want usernames to be their email address.
[09:26:17] <kreg_lt> any suggestsions?
[09:28:37] <tarvid> sep, sorry to be so blockheaded but i am using permit_sasl_authenticated but I don't know what you mean by whitelists
[09:29:00] <[miles]> kreg_lt: this is not web-cyradm channel
[09:29:24] *** af_ has joined #postfix
[09:29:25] <[miles]> tarvid: whats up with sasl?
[09:29:58] <tarvid> i am drowning in mail from a webscript and I don't know how to find it
[09:30:09] <[miles]> tarvid: pastebin.ca it
[09:30:32] <kreg_lt> sorry *shrug*.  the howto was on postfix.org.   my mistake.
[09:31:08] <[miles]> kreg_lt: you it was on it, or linked from it?
[09:31:36] <kreg_lt> linked.  it's not on postfix.org.  already said my mistake.
[09:32:05] *** bugz__ has joined #postfix
[09:32:21] <kreg_lt> and i've had plenty of non postfix conversations in here
[09:32:40] <kreg_lt> people actually talk here unlike ghost town #cyrus
[09:32:48] *** cutmasta has joined #postfix
[09:33:13] <tarvid> miles, i just trashed the queue a few times
[09:33:41] <tarvid> waiting for it to start up again
[09:33:42] <[miles]> kreg_lt: ok, explain your problem
[09:33:58] <[miles]> kreg_lt: if your genuinully stuck, ask... and yeah cyrus is pretty dead
[09:34:27] *** Jax has joined #postfix
[09:34:44] *** bugz_ has quit IRC
[09:34:49] <kreg_lt> my question is more phyisophical.  i've been spending alot of time trying to build a mail system that authenticates users by using their email address as a username.
[09:34:58] <[miles]> ok
[09:35:03] <[miles]> well, I do exactly that
[09:35:10] <kreg_lt> i setup web-cyradm because i was under the impresstion it already makes that assumption.   appears i'm wrong.
[09:35:23] <kreg_lt> hmm ok
[09:35:46] <[miles]> kreg_lt: my config consists of: Postfix, Cyrus-IMAP, Cyrus-SASL, OpenLDAP, Horde, SpamAssassin, etc, etc
[09:35:49] <kreg_lt> well the only thing i can think of that can do that, is something that uses either mysql or ldap.   i don't have any ldap experiecne, but i can use mysql fine.
[09:36:16] <kreg_lt> i'm working with a postfix, sasl, cyrus, mysql
[09:36:25] <[miles]> kreg_lt: ok
[09:36:36] <kreg_lt> what's in my mysql is just the db that came with the web-cyradm project
[09:36:37] <[miles]> kreg_lt: never used, or would use mysql for auth backend db
[09:37:21] <kreg_lt> what do you use for a front end to manage it all?
[09:37:24] <kreg_lt> something custom
[09:37:25] <kreg_lt> ?
[09:37:51] <kreg_lt> i'm trying to piece together something some secraties can use
[09:37:57] <[miles]> my own webui
[09:38:00] <[miles]> in php
[09:38:03] <kreg_lt> darn
[09:38:21] <kreg_lt> don't have enough skill to do that.
[09:38:22] *** bugz__ has quit IRC
[09:38:48] <[miles]> kreg_lt: You could look at using GoSA
[09:39:04] <[miles]> https://www.gosa-project.org/index.php
[09:39:07] <kreg_lt> well with all the 'canned' solutions out there, would you agree that configuring your users to use their email address as a username is a fairly normal thing
[09:39:48] <[miles]> kreg_lt: but dude, you should be able to use mysql easily to auth the users using saslauthd
[09:40:23] <[miles]> mmm ok maybe not
[09:40:24] <[miles]> lol
[09:40:25] *** magyar has quit IRC
[09:40:32] *** bugz_ has joined #postfix
[09:40:46] <[miles]> sasldb?
[09:41:02] <[miles]> u could use that I guess
[09:41:10] <kreg_lt> pam_mysql.
[09:41:19] <[miles]> kreg_lt: mmm
[09:41:20] <kreg_lt> sasl comes out of the box ready to auth against pam
[09:41:23] <[miles]> yeah
[09:41:30] <[miles]> nod
[09:41:31] <kreg_lt> setup the the pam_mysql to a particular db.
[09:41:37] <kreg_lt> then sasl can auth against mysql
[09:41:56] <[miles]> well, can't you auth via testsaslauthd
[09:42:01] <kreg_lt> ya
[09:42:02] <kreg_lt> it works
[09:42:09] <[miles]> so wheres the problem..
[09:42:16] <[miles]> cyrus?
[09:42:24] <kreg_lt> i just wish i had a php gui that would assume "of course" your usernames are going to be the same as their email address.
[09:42:44] <[miles]> kreg_lt: is this magic UI for you, or end users?
[09:42:52] <kreg_lt> i'm not sure if it's cyrus.  web cyradm (a front end to cyradm) is making usernames in the form of "kreg.example.com" instead of "kreg at examples dot com"
[09:43:08] <[miles]> right, you need to make the cyrus users like this:
[09:43:25] <kreg_lt> users.  i'm asking them to login to other stuff using their email address.  and it's odd for them to have to think "do i use my full email address or not..."
[09:43:29] <[miles]> cm user/miles at domain dot com
[09:44:21] <kreg_lt> right, i can do it with the cml, or manually editing the db.
[09:44:21] <[miles]> using cyradm
[09:44:57] <kreg_lt> but i'm trying to hand the job over to a small call center like situation
[09:44:57] <kreg_lt> something some nice secratary ladies can use when a call comes in.
[09:44:57] <kreg_lt> (small isp here)
[09:45:07] <[miles]> user/miles at kefnof dot com (\HasChildren)
[09:45:16] <[miles]> you have them stored like that
[09:45:25] <[miles]> but I use PHP to create them
[09:45:28] <[miles]> not cyradm
[09:45:46] <kreg_lt> does your php interface just front end cyradm?
[09:45:52] <[miles]> LOL
[09:45:52] <[miles]> no
[09:46:03] <[miles]> it's does alot more than that mate
[09:46:37] <[miles]> cos your using mysql yeah
[09:46:42] <[miles]> I'd look at installing Horde
[09:46:49] <[miles]> as you can create users there
[09:46:54] <[miles]> thats a hint
[09:47:19] <[miles]> take the hint... install Horde and trash off webcyradm
[09:47:41] <[miles]> vale, tengo que ir
[09:47:43] <kreg_lt> i don't know what horde is
[09:47:52] * [miles] is now known as google.com
[09:47:53] <[miles]> please..
[09:49:15] <[miles]> and there is a #horde channel... but don't expect help of em... it's the most unfriendly channel I've found on irc
[09:50:11] <kreg_lt> heh jebus, this is like exchange or something
[09:50:28] <[miles]> mmm
[09:50:29] <[miles]> no
[09:50:38] <[miles]> kreg_lt: http://www.zimbra.org/
[09:50:49] <[miles]> kreg_lt: actually thats proberbly gonna be your best solution
[09:50:52] <[miles]> kreg_lt: Zimbra
[09:50:53] <[miles]> yeah
[09:51:36] <[miles]> sorry http://www.zimbra.com/
[09:52:14] <[miles]> kreg_lt: http://www.subvs.co.uk/install_zimbra_on_ubuntu
[09:52:54] <kreg_lt> ok, makes more sense.
[09:52:59] <kreg_lt> heh >; )
[09:53:10] <[miles]> what distro u using?
[09:54:34] <kreg_lt> depends.  on servers usually mandriva or fedora
[09:54:49] <kreg_lt> pretty small installs of them at least.
[09:55:15] <kreg_lt> lazy i know, but i got tired of from ground up debian/slack/gentoo stuff
[09:56:09] <[miles]> try Ubuntu Server
[09:56:22] <kreg_lt> heh no
[09:56:44] <kreg_lt> i'm so sick of distro exploring these days
[09:57:03] <kreg_lt> i will eventually it appears though.   ubuntu is really popular now.
[09:57:34] <[miles]> kreg_lt: SLES is damn good
[09:57:46] <kreg_lt> i'm sorry, i really don't mean to sound negative about it.
[09:58:00] <kreg_lt> ya i had to use Suse once because it natively had blowfish
[09:58:26] <kreg_lt> used it to convert a bsd postfix mail server that was using /etc/shadow /etc/passwd.
[09:58:54] *** noetik has joined #postfix
[10:00:01] *** _JoKoT3_ has joined #postfix
[10:00:12] 
[10:00:13] <[miles]> ciao
[10:01:00] <kreg_lt> thanks for the chat [miles]
[10:01:01] *** war has joined #postfix
[10:04:24] *** Tinozaure is now known as Tino
[10:04:36] *** T has joined #postfix
[10:05:10] *** T is now known as T_V
[10:10:11] *** bostik has joined #postfix
[10:13:39] *** UQlev has joined #postfix
[10:14:09] <[miles]> kreg_lt: ok back
[10:14:19] <[miles]> kreg_lt: if you need help, /query me ok
[10:14:49] <kreg_lt> appreciate it.  what you've linked me will keep me busy for a while though before i can ask anything intelligent
[10:15:00] <[miles]> :-)
[10:15:07] <[miles]> kreg_lt: Zimbra is verrry sexy
[10:15:23] <kreg_lt> i'm seriously wanting to try it.  i got an office full of outlook knights
[10:15:25] <[miles]> kreg_lt: I guess it might be the ideal solution for you... just a shame about Hula Project
[10:15:31] *** nfi|ermes has joined #postfix
[10:15:37] <[miles]> kreg_lt: nice thing with Zimbra is it's pretty much out of the box
[10:17:31] <tarvid> I think I may be catching on, my smtpd_recipient_restrictions includes permit_mynetworks,
[10:17:52] <tarvid> i presume that is what allows php scripts to send mail without smtpauth
[10:18:58] <tarvid> if I remove that line how will php scripts authenticate
[10:19:13] *** thux has joined #postfix
[10:19:48] *** rdallarmi has joined #postfix
[10:20:17] <rdallarmi> hi, has anybody in here experience of sasl autentication using authdeamond?
[10:20:31] *** thux has left #postfix
[10:20:40] *** Jax has quit IRC
[10:22:45] <tarvid> rdallarmi, it just worked for me
[10:22:52] <tarvid> but i am still learning
[10:23:13] <rdallarmi> did it work out of the box?
[10:23:15] <rdallarmi> I mean
[10:23:22] <tarvid> yes
[10:23:45] <rdallarmi> I can receive mail but I cannot send any using the same password I use for autenticating when I receive it
[10:24:01] <rdallarmi> what linux are you using?
[10:24:19] <tarvid> ubuntu
[10:24:52] <rdallarmi> me too, but it realy did not work out of the box (I am using it with edgy)
[10:25:04] *** emrah has quit IRC
[10:25:31] <rdallarmi> could you post for me your main.cf and master.cf?
[10:25:44] <tarvid> Ubuntu 6.06.1 LTS
[10:26:09] <tarvid> how do i do that (paste.ca?)
[10:26:19] <rdallarmi> pastebin would do
[10:28:12] <tarvid> errno: 145
[10:30:34] <rdallarmi> http://paste.uni.cc
[10:30:47] <tarvid> http://pastebin.ca/468671
[10:32:24] <tarvid> my problem is how to take permit_mynetworks away, turn off php mail(), but allow web authors to do smtpauth
[10:32:28] <rdallarmi> could you post also master.cf?
[10:32:49] <rdallarmi> you do not seem to specify sasl_path
[10:32:58] <rdallarmi> and it works..
[10:33:58] <rdallarmi> I am not sure, I am lerning it myself but I am using virtual domains, so the setup is quite different
[10:34:17] <tarvid> http://pastebin.ca/468672
[10:35:14] <tarvid> i am also
[10:35:37] <tarvid> i used VHCS2 with nasreddin's script
[10:35:49] *** Code-X has joined #postfix
[10:35:50] <tarvid> it works but there are ugly downsides
[10:36:03] *** Jax has joined #postfix
[10:36:27] <tarvid> I am going to chuck virtual domains, go back to users and outsource the mail to google
[10:37:32] <rdallarmi> and you alsomanaged to run it chrooted. cool, maybe edgy is not working really well....
[10:37:46] <rdallarmi> and I should install dapper lts like you
[10:37:51] <tarvid> another slow realization
[10:38:04] *** m1lkc0w has joined #postfix
[10:38:05] <rdallarmi> referring to?
[10:38:18] <tarvid> dapper 6.06.1 LTS for servers is better supported than edgy and feisty
[10:39:13] <tarvid> i am running postfix/courier on this machine (feisty) and it seems to work also but I don't remember setting up auth and there are no virtuals
[10:40:03] <tarvid> actually email is getting old, I had 715000 messages pumped through last week in some script somewhere and I can't find it
[10:41:14] <tarvid> also fed up with apache logs (I deleted 20,000 files tonight), not happy with gzip backups,
[10:41:16] <rdallarmi> well, I cannot send any email
[10:41:29] <m1lkc0w> Anti-SPAM question: Let's assume my server is the "destination" for example.com. I am increasingly receiving SPAM with "From: invalid-user at example dot com" "To: valid-user at example dot com". How can I block email from any "invalid-user" while allowing email from "valid-user"?
[10:41:59] *** Jax has quit IRC
[10:42:23] <tarvid> i am going to wind up persona non grata but google.com/a
[10:43:53] <UQlev> m1lkc0w: will it be better for you if in return address of spam will be mentioned "valid user"? ;)
[10:45:20] <m1lkc0w> UQlev: I am sorry but I don't understand your comment
[10:45:29] <UQlev> m1lkc0w: publish SPF record for your MX and use SPF check
[10:46:36] <UQlev> m1lkc0w: if spammers will use one of your existing valid address as their return address, will you welcome such spam?
[10:47:01] <m1lkc0w> UQlev: SPF is certainly a possibility. Can I also do it with the check_sender_access stanza or header checks?
[10:47:46] <UQlev> m1lkc0w: it is useless
[10:48:22] <UQlev> m1lkc0w: they may use your real addressess as return
[10:48:40] <m1lkc0w> UQlev: By far the biggest amount uses made-up user addresses @example.com. By far....
[10:49:05] <UQlev> m1lkc0w: lazy ones
[10:49:27] <m1lkc0w> UQlev: Not sure...
[10:49:48] <m1lkc0w> UQlev: Maybe they just want to avoid bounces and such to go to a valid return address..
[10:50:34] <UQlev> m1lkc0w: they use hole when normally MTA accepts any mails from their domain
[10:50:42] <m1lkc0w> UQlev: As they already have an (mostly incomplete) list of valid user addresses @example.com anyway..
[10:51:47] <m1lkc0w> UQlev: SPF could help, sure. But regexp would be another possibility. I just don't know yet how it could be done with postfix
[10:52:33] *** tarvid has quit IRC
[10:52:56] <UQlev> m1lkc0w: you have to process all paterns of your mail-clients
[10:54:21] *** [miles] has quit IRC
[10:54:34] *** [miles] has joined #postfix
[10:54:50] <m1lkc0w> UQlev: How do you mean
[10:54:59] *** yam has joined #postfix
[10:56:06] <UQlev> m1lkc0w: I mean every mail-client has its finger-prints
[10:57:24] <m1lkc0w> UQlev: sure...
[11:01:35] <rdallarmi> hi, could somebody lend me a helping hand in sasl autentication using authdeamond? I am getting creazy
[11:02:05] <rdallarmi> imap autentication is up and running but I cannot send any single mail
[11:02:18] <sep> rdallarmi, i did not think postfix used authdeamond
[11:02:33] <rdallarmi> there must be something obvious(an elephant) while I al looking for it with a microscope
[11:03:13] <sep> you have  smtpd_sasl_auth_enable = yes and broken_sasl_auth_clients = yes in main.cf ?
[11:03:18] <rdallarmi> yes
[11:03:41] <rdallarmi> and in my smtpd.conf I have :
[11:03:43] <rdallarmi> pwcheck_method: authdaemond
[11:03:46] *** af_ has quit IRC
[11:03:46] <sep> and smtpd_use_tls = yes       smtpd_tls_cert_file = /etc/postfix/smtpd.cert   smtpd_tls_key_file = /etc/postfix/smtpd.key    (replace paths with what you use)
[11:03:51] <rdallarmi> authdaemond_path: /var/run/courier/authdaemon/socket
[11:04:15] <rdallarmi> mech_list: PLAIN LOGIN
[11:04:23] <sep> ahh i have no idea abotu that i just use    pwcheck_method: auxprop and a sql
[11:04:24] <rdallarmi> sep, let me doublecheck that
[11:06:33] *** amrit|bbl is now known as amrit|zzz
[11:07:47] <sep> rdallarmi, are you sure it's supported ? http://www.postfix.org/SASL_README.html does not mention authdaemond
[11:08:20] <rdallarmi> It is, I had it working, I am not sure how I screw it up
[11:08:23] *** Jax has joined #postfix
[11:10:52] <sep> rdallarmi, what do your logs say ?
[11:11:24] <sep> alter log_level   like    http://www.howtoforge.com/forums/showthread.php?p=69740   to get more output
[11:12:13] <rdallarmi> I am using self generated .crt and key. I am using postgres for storing virtual domain and mailboxes I just saw the certificate and key files  I am using for postfix are not the same I was using for TLS, can this have any impact on my problem?
[11:12:18] <rdallarmi> the error I get is:
[11:12:49] <rdallarmi> May  3 11:12:38 server postfix/smtpd[5260]: warning: SASL authentication failure: Password verification failed
[11:12:56] <rdallarmi> but the passord is correct
[11:13:03] <rdallarmi> May  3 11:12:38 server postfix/smtpd[5260]: warning: sysdevel[192.168.2.3]: SASL PLAIN authentication failed: authentication failure
[11:14:08] <rdallarmi> meaning I can use authdeamond for autenticating (with same username/password)  wfor IMAP and POP2
[11:14:08] <rdallarmi> POP3
[11:15:13] <rdallarmi> how do I do that? in my smtpd.conf I set: log_level: 3 but I did not get any more log information
[11:29:59] *** taube is now known as Taube
[11:30:05] *** mastachand has joined #postfix
[11:35:08] *** Jax has quit IRC
[11:35:51] <rdallarmi> what is the difference from a .pem file and a .crt file?
[11:36:45] <UQlev> rdallarmi: you may give any extension
[11:37:12] <UQlev> rdallarmi: it depends on content, they all text
[11:37:19] <rdallarmi> so a pem file contains the same information than a .crt file?
[11:37:58] *** Ramses_II has joined #postfix
[11:38:02] <UQlev> rdallarmi: it doesn't depend on extension
[11:38:22] <UQlev> these are text-files you may add whatever inside
[11:39:23] <UQlev> they may contain private or public key, certificate request or certificate itself
[11:40:06] <rdallarmi> I know that UQleve  I am asking because I remember creating a self segned  server.crt and server.key for postgres but I do not remmeber if the procedure I followed created the server.crt out of renaming the server.pem file I created with openssl
[11:41:02] <UQlev> different programs have different extensions and file names for the same staff
[11:41:20] *** sep has quit IRC
[11:41:35] <UQlev> openssl calls everything *.pem
[11:41:44] <rdallarmi> ok
[11:42:15] <UQlev> httpd calls: ca.crt server.crt, server.key
[11:45:28] *** pmjdebruijn has joined #postfix
[11:46:03] *** f3ew has quit IRC
[11:49:46] *** f3ew has joined #postfix
[11:51:59] *** sep has joined #postfix
[11:55:28] *** james_ has joined #postfix
[11:55:57] <james_> hello everybody, postfix doesn't compile : cannot find -lmysqliclient (2.4.1) - details : http://pastebin.ca/468727 - any idea please ?
[12:01:37] <f3ew> you need to tell it where to find libmysqlclient.so.x
[12:05:04] *** james_ has quit IRC
[12:05:50] *** james_ has joined #postfix
[12:09:43] *** GMFlash has quit IRC
[12:09:49] *** GMFlash has joined #postfix
[12:10:22] *** james_ has quit IRC
[12:11:16] *** _Darkclaw has joined #postfix
[12:11:16] *** Darkclaw has quit IRC
[12:11:21] *** james_ has joined #postfix
[12:11:34] *** _Darkclaw is now known as Darkclaw
[12:11:42] *** eltech has joined #postfix
[12:15:06] *** james_ has quit IRC
[12:16:22] *** james_ has joined #postfix
[12:17:52] *** james_ has quit IRC
[12:17:55] *** m1lkc0w has quit IRC
[12:21:24] *** james_ has joined #postfix
[12:29:41] *** brancaleone has joined #postfix
[12:38:06] *** Ramses_II has quit IRC
[12:43:21] <rdallarmi> hi, has anybody in here experience of sasl autentication using authdeamond?
[12:45:03] *** james_ has quit IRC
[12:45:58] *** james_ has joined #postfix
[12:50:57] *** james_ has quit IRC
[12:51:29] *** james_ has joined #postfix
[12:51:47] *** james_ has quit IRC
[12:56:58] *** james_ has joined #postfix
[12:59:08] *** UQlev has quit IRC
[13:01:54] *** james_ has quit IRC
[13:02:29] *** james_ has joined #postfix
[13:07:31] *** james_ has quit IRC
[13:08:00] *** james_ has joined #postfix
[13:08:32] *** james_ has quit IRC
[13:09:46] *** stellina_ has joined #postfix
[13:09:47] *** stellina has quit IRC
[13:13:09] *** james_ has joined #postfix
[13:14:05] *** james_ has quit IRC
[13:16:51] *** tehmaze has quit IRC
[13:18:22] *** wepy has joined #postfix
[13:18:33] <wepy> is there an easy way to strip a header from all emails that happen to have it?
[13:18:55] *** james_ has joined #postfix
[13:21:08] <f3ew> use IGNORE with header_checks
[13:21:36] <wepy> would that be able to preserve other headers, and just remove certain ones?
[13:21:51] <f3ew> yes
[13:22:07] <wepy> cool
[13:22:10] <wepy> thank you
[13:24:54] *** TheOutlander has quit IRC
[13:26:33] *** f3ew has quit IRC
[13:26:53] *** f3ew has joined #postfix
[13:29:34] *** james_ has joined #postfix
[13:29:47] *** james_ has quit IRC
[13:30:48] *** eltech has quit IRC
[13:34:34] *** james_ has joined #postfix
[13:35:39] *** james_ has quit IRC
[13:39:34] *** james_ has joined #postfix
[13:41:02] *** james_ has quit IRC
[13:42:16] *** f3ew has quit IRC
[13:42:27] *** f3ew_ has joined #postfix
[13:44:35] *** james_ has joined #postfix
[13:46:46] *** james_ has quit IRC
[13:49:25] *** eltech has joined #postfix
[13:50:21] *** james_ has joined #postfix
[13:51:21] *** dj-fu has joined #postfix
[13:52:03] *** noetik has quit IRC
[13:52:10] *** james_ has quit IRC
[13:52:42] <lkthomas> guys
[13:52:46] <lkthomas> I got this problem
[13:52:47] <lkthomas> demo at otrs dot org
[13:52:49] <lkthomas> oppps
[13:52:50] <lkthomas> May  3 19:52:30 mx postfix/smtpd[32490]: warning: unsupported SASL server implementation: courier
[13:52:51] <lkthomas> May  3 19:52:30 mx postfix/smtpd[32490]: fatal: SASL per-process initialization failed
[13:54:36] *** james_ has joined #postfix
[13:55:29] <rdallarmi> is courier-sasl installed?
[13:57:59] *** james_ has quit IRC
[13:58:31] <lkthomas> hang on
[13:58:32] <lkthomas> rebooting
[13:59:47] *** james_ has joined #postfix
[14:01:11] <lkthomas> rdallarmi, I am using etch
[14:01:19] <lkthomas> courier-sasl does not exists
[14:02:28] <rdallarmi> did you install authdeamond?
[14:03:20] <lkthomas> yep
[14:03:30] *** james_ has quit IRC
[14:03:48] <lkthomas> rdallarmi, imap and pop3 auth success
[14:03:51] <lkthomas> but postfix can't use it
[14:05:03] <lkthomas> smtpd_sasl_type = courier <--- trouble line
[14:05:06] <lkthomas> what should I change it to ?
[14:05:11] *** james_ has joined #postfix
[14:06:50] *** swampfox has quit IRC
[14:06:51] *** Mez has quit IRC
[14:08:38] *** f3ew_ is now known as f3ew
[14:09:05] *** james_ has quit IRC
[14:10:11] *** james_ has joined #postfix
[14:12:14] <lkthomas> opppss
[14:12:18] <lkthomas> I remove that line
[14:12:21] <lkthomas> everything seems working
[14:13:08] *** james_ has quit IRC
[14:15:16] *** james_ has joined #postfix
[14:17:14] <lkthomas> you got to hate upgrading program
[14:20:26] *** james_ has joined #postfix
[14:21:22] *** james_ has quit IRC
[14:24:25] <lkthomas> guys
[14:24:51] <lkthomas> how come postfix VDA patch does not available newer than postfix version 2.3.3 ?
[14:25:46] *** james_ has joined #postfix
[14:26:39] <lkthomas> nevermind
[14:26:40] <lkthomas> found it
[14:30:56] *** james_ has quit IRC
[14:31:14] *** james_ has joined #postfix
[14:31:55] *** james_ has quit IRC
[14:34:49] *** noetik has joined #postfix
[14:35:03] *** nemo_work has quit IRC
[14:36:14] *** james_ has joined #postfix
[14:39:32] *** nitbix has joined #postfix
[14:41:14] *** james_ has joined #postfix
[14:41:33] *** james_ has quit IRC
[14:46:14] *** james_ has joined #postfix
[14:47:17] *** james_ has quit IRC
[14:49:48] *** Ryushin has joined #postfix
[14:51:14] *** james_ has joined #postfix
[14:52:11] *** nescius_ has joined #postfix
[14:55:04] *** caravena has joined #postfix
[14:56:39] *** Code-X has quit IRC
[14:56:59] <js_> is there a way to set up dynamic autoresponding? perhaps via an sql entry
[15:01:37] <f3ew> feed a script
[15:02:14] <rob0> starve a fever (oh NM, a bad joke)
[15:03:09] <f3ew> hehe
[15:05:44] *** xpoint has joined #postfix
[15:08:24] *** nescius has quit IRC
[15:21:26] *** Fullmoon has joined #postfix
[15:24:21] *** Lap_64 has joined #postfix
[15:33:35] <roe> I have an interesting situation, one of my users has been complaining about spam, they have been forwarding the messages to me, but without headers and the entire message in tact it is difficult to pass it through SA.
[15:33:51] <roe> I do not have their password, but I do have root on the mail server so I have access to their maildir
[15:34:42] <roe> I tried to just copy the contents of their maildir to a test user I setup but that did not work, any ideas how I can view all of their mail in an mua easily?
[15:42:16] <rdallarmi> hi, has anybody in here experience of sasl autentication using authdeamond? I am having problems on authentication while sending mail, pop/imap authentication works fine
[15:42:42] *** swampfox has joined #postfix
[15:43:19] <rdallarmi> I am getting "May  3 15:26:27 server postfix/smtpd[16698]: warning: SASL authentication failure: Password verification failed" but the password is correct....
[15:43:30] <rdallarmi> I use it for retrieving mail via pop/imap
[15:45:36] *** Blackvel has joined #postfix
[15:46:18] <Blackvel> hi all. whats the best way to protect against from: addresses with my own domain name but non-existing users?
[15:46:53] <Blackvel> doing an access check or using a from header check?
[15:47:15] *** dj-fu has quit IRC
[15:47:50] <Blackvel> usually this only happens when the rcpt to: is my own domain too. so this problem is only for receiving mails from the outside
[15:49:35] <Blackvel> of course I would like to be able to send out emails and put my own domain in the from header. so just checks against the from: header are probably deom. As I saw header_checks with if clause checks for  "from:" and "rcpt to:" are wrong
[15:50:14] <Blackvel> are probably wrong
[15:52:35] <Blackvel> oh found it
[15:52:40] <Blackvel> oh found it:)
[15:52:50] <Blackvel> it's smtpd_reject_unlisted_sender :)
[15:54:04] *** csm-laptop has joined #postfix
[15:57:33] *** ioii has quit IRC
[15:58:35] *** UQlev has joined #postfix
[15:58:41] *** Ryushin has quit IRC
[16:02:56] <rdallarmi> I am getting "May  3 15:26:27 server postfix/smtpd[16698]: warning: SASL authentication failure: Password verification failed" but the password is correct....
[16:03:15] <rdallarmi> here is my main. cf, could somebody glance it to see if I am missing somehting? http://www.pastebin.ca/468986
[16:20:47] <brancaleone> hello, i have a bad problem here. Some funny web developpers have done a script that create a mass-mailing and send it via "/usr/sbin/sendmail -f $from -t" (one message per recipient...). It completely slown down postix as it seems to process only a batch of message, the another... so many outgoing mails are waiting to get attention from postfix, and the boss is unhappy.
[16:21:05] *** Ryushin has joined #postfix
[16:21:11] <brancaleone> any idea to solve this on the postfix side ?
[16:21:41] <brancaleone> I know the real problem is with the sending script, but it cannot be corrected soon
[16:26:09] *** Pete_B has joined #postfix
[16:27:43] <Pete_B> hi. I'm using the ispmail-sarge from workaround.org. If I want to have mail to an address dropped in the mailbox of the recipient and also redirected to another address, can I use the forwardings table for that, i.e. 'a at b dot org -> a at b dot org, a at c dot org' or will this create a mail loop?
[16:27:54] *** af_ has joined #postfix
[16:28:09] *** cilly has joined #postfix
[16:34:51] *** Lap_64 has quit IRC
[16:36:21] *** ma3x has joined #postfix
[16:36:23] <ma3x> hi
[16:36:34] <ma3x> I'm trying to send about 26 MBytes mail
[16:36:36] *** Mazon is now known as mazon
[16:36:41] <ma3x> and it says May  3 16:51:44 ma3x postfix/postdrop[3360]: warning: uid=1000: Illegal seek
[16:36:46] <ma3x> what is that all about?
[16:37:24] <UQlev> ma3x: don't send letters greater than 10MB
[16:37:32] <Pete_B> email wasn't built for sending such large files
[16:38:00] <ma3x> come on
[16:38:05] <ma3x> how do I remove the limitation
[16:38:12] <Pete_B> 'letters', thats nice, really frames it in the context in which people need to see it
[16:38:29] <UQlev> ma3x: limitation mostly is set on remote server
[16:38:45] <ma3x> UQlev, so why the hell it says illegal seek!?
[16:38:49] <ma3x> it's postfixs error
[16:39:01] <ma3x> just tell me can I fix it or no
[16:39:38] <UQlev> ma3x: you definitely can't if you ask it
[16:39:45] <ma3x> why not
[16:40:04] <ma3x> come on
[16:40:07] <ma3x> tell me how to fix it
[16:40:31] <UQlev> ma3x: I can't too
[16:40:36] <UQlev> ;)
[16:40:59] *** Pete_B has left #postfix
[16:41:00] <ma3x> so don't reply then
[16:41:32] *** caravena_ has joined #postfix
[16:41:36] <UQlev> ok
[16:41:48] *** Lap_64 has joined #postfix
[16:45:50] *** cilly has quit IRC
[16:47:32] *** swampfox has quit IRC
[16:50:09] *** pmjdebruijn has quit IRC
[16:53:59] <rdallarmi> hi, I am having problems in sending mail, I get the error "SASL PLAIN authentication failed: authentication failure"  bur I am able to test the username password successfully using authtest. in my smtpd.conf , I havepwcheck_method: authdaemond; I am about to get lost,how can I check authdeamond is actually invoked and with what username/password?
[16:57:54] *** caravena has quit IRC
[17:03:20] *** noetik has quit IRC
[17:05:57] *** cutmasta has quit IRC
[17:08:34] *** efaistos has joined #postfix
[17:08:37] <efaistos> hi
[17:10:06] <efaistos> I have a question ... I have a configuration of postfix with unix accounts and would like to use maybe postgresql or LDAP dont know yet ... which one is the best and why ? and second question can I handle to do that without interrupting actual service ?
[17:10:11] <Blackvel> doews this msg mean that someone is trying to read my emails with pop3: in.qpopper[3613]: (null) at 85-119-244-59-bru1.inforbusiness.net (85.119.244.59): -ERR POP EOF or I/O Error [popper.c:820] ?
[17:13:26] <roe> is there a way to build a 2min hold on all incoming messages before it gets sent to the content filter?
[17:14:49] <brancaleone> efaistos: LDAP is easier if you need to share the information with multiple services (smtp, pop/imap, login, samba, etc) because almost any support ldap backend, but you'll need to get a good unified DIT. If you need that for something like multiple domain hosting, postgres can be better because there is many script out there working with my/postgresql
[17:15:33] <efaistos> brancaleone: DIT ?
[17:16:06] <efaistos> brancaleone: I have multiple domains on the same server that's why I was thinking maybe postgres ...
[17:18:34] *** ma3x has quit IRC
[17:20:51] <roe> it seems that a lot of spam is getting through untagged, it looks like all of them have a url and when I check to see, I find out that it is blacklisted.  I can only assume that it got blacklisted sometime after SA checked but before I checked manually.  I would like to delay postfix from handing mail to the content filter for a finite time period
[17:20:58] *** wepy has left #postfix
[17:23:45] *** ziro has joined #postfix
[17:26:08] *** sepski has joined #postfix
[17:28:29] <rdallarmi> brancaleone, are you part of the "notorious" armada?
[17:42:39] *** nescius_ has quit IRC
[17:47:19] *** kreg_lt has quit IRC
[17:50:34] <brancaleone> rdallarmi: well, armata yes :)
[17:54:41] *** tchmnkyz has joined #postfix
[17:54:44] <tchmnkyz> hey all
[17:55:18] <tchmnkyz> looking for a method to block certain file extensions in attachments is there a way to with postfix
[17:56:58] *** Lap_64 has quit IRC
[17:58:40] *** _JoKoT3_ has quit IRC
[18:00:24] <Blackvel> yes. mime header checks
[18:00:39] <tchmnkyz> got a link on how to do it
[18:01:10] <Blackvel> yes its described on postfix.org howto section
[18:01:13] <tchmnkyz> ok
[18:01:15] <tchmnkyz> thnx
[18:01:38] <Blackvel> search for Postfix Anti-UCE Cheat-Sheet by Jim Seymour.
[18:01:59] *** [miles] has quit IRC
[18:02:02] <Blackvel> the author has sample files ready with pcre module
[18:02:34] <tchmnkyz> k
[18:04:07] *** bostik has quit IRC
[18:04:51] *** rmayorga has joined #postfix
[18:30:18] *** nfi|ermes has quit IRC
[18:35:37] <rob0> !cheatsheet
[18:35:38] <knoba> rob0: 'cheatsheet' : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[18:36:58] *** Fullmoon has quit IRC
[18:41:19] <rdallarmi> brancaleone: it was just another way to find out whether you were italian, I dubd the "brancaleone armada" is known anywhere else :)
[18:43:45] *** danige has joined #postfix
[18:47:08] <danige> hi Postfixers
[18:55:57] 
[18:56:33] <brancaleone> well, good bye for today
[18:56:40] *** brancaleone has quit IRC
[19:00:39] <danige> is there anyone out there?
[19:00:45] *** hparker has joined #postfix
[19:00:59] <danige> I would like some help in shutting down a spam relay...
[19:01:08] <danige> my postconf is here http://pastebin.ca/469240
[19:01:23] <danige> don`t understand where the spam comes from...
[19:01:31] <danige> any clues?
[19:01:37] *** Taube is now known as taube
[19:02:52] <danige> May  3 18:43:30 triple5org postfix/smtpd[5688]: warning: smtpd_peer_init: 85.100.250.69: address not listed for hostname dsl.dynamic8510025069.ttnet.net.tr
[19:03:17] <danige> however, stuff seems to be sent anyway. how have I built an open relay?
[19:04:56] *** hemry has joined #postfix
[19:05:07] *** af_ has quit IRC
[19:06:34] <R1ck> danige: what does /etc/postfix/recipient_access look like
[19:07:33] <danige> http://pastebin.ca/469259
[19:08:01] <danige> and the last entries in var/log/mail.log show: http://pastebin.ca/469257
[19:08:54] <danige> sender_access is: http://pastebin.ca/469263
[19:09:51] <rdallarmi> hi, I am having problems in sending mail, I get the error "SASL PLAIN authentication failed: authentication failure"  bur I am able to test the username password successfully using authtest. in my smtpd.conf , I havepwcheck_method: authdaemond; I am about to get lost,how can I check authdeamond is actually invoked and with what username/password?
[19:12:17] <danige> R1ck: this seems to me okay and doesn`t include any other, however, the mail that is rejected seems to be sent from postmaster@[one of my domains as listed in sender_access]
[19:13:56] <R1ck> danige: is a website running on the same server?
[19:14:09] <R1ck> might be some abused mail form
[19:15:17] <R1ck> you should ask hanmail.net what blacklist has blocked your IP address
[19:15:26] <R1ck> could be they are blocking a whole range
[19:15:41] <R1ck> also, there are some sites where you can check whether your server is an open relay
[19:17:43] <enyc> R1ck: telnet from the server to "relay-test.mail-abuse.org"
[19:18:37] *** rdallarmi has quit IRC
[19:19:13] <R1ck> danige: what enyc said ;)
[19:19:35] *** cyber4len has joined #postfix
[19:19:42] <danige> Tested host banner: 220 triple5org.mentalitea.com ESMTP Postfix (Debian/GNU)
[19:19:43] <danige> System appeared to accept 1 relay attempts
[19:19:44] <danige> Connection closed by foreign host.
[19:20:24] <enyc> danige: note that some systems are not actually opern relays as they may not deliver some email attempts
[19:20:37] <cyber4len> hi. who knows how can i fix this error? ...... postfix/smtpd[18010]: NOQUEUE: reject: RCPT from unknown[10.0.0.1]: 553 5.7.1 <test at mail dot host>: Sender address rejected: not owned by user test at mail dot host; from=<test at mail dot host> to=<test at mail dot host> proto=ESMTP helo=<[localhost]>
[19:21:08] <enyc> danige: classic example: qmail-smtpd accepts email with % in it but bounces the email unless control/percenthack is enabled explicitly
[19:21:13] <danige> but from the Mail.log I seem to be listed with my IP on Spam blacklists
[19:21:46] <enyc> danige: okay... look at the relay-test output...
[19:21:53] <enyc> danige: what did it accept exactly?
[19:22:58] <danige> it seems to have acceptet quote test, the first one...
[19:23:14] <danige> s/acceptet/accepted
[19:23:47] <danige> as well as Test 4
[19:24:44] <enyc> danige: then there is a config problem ;-)
[19:25:05] <enyc> danige: err I cant see 88.198.0.131 on any blacklists.... is this the right address ?
[19:27:47] <danige> yes enyc
[19:29:02] <danige> I get the following emails to my postmaster... : http://pastebin.ca/469304
[19:30:09] *** devdas has joined #postfix
[19:33:04] *** amrit|zzz is now known as amrit|wrk
[19:33:43] * danige is going to leave it for tonight, gotta go to his work to  get some money...
[19:35:14] *** MrRagga has joined #postfix
[19:41:53] *** Mavvie has quit IRC
[19:45:32] <cyber4len> anybody there? :))
[19:46:02] *** hal1on has quit IRC
[19:49:38] *** mastachand has quit IRC
[19:50:33] *** Blackvel has quit IRC
[19:50:50] *** hal1on has joined #postfix
[19:52:00] *** RiEgEl has joined #postfix
[19:52:21] <RiEgEl> hi @ all
[19:53:53] <RiEgEl> i have a little problem with my postfix: my mail.info is full of theese three lines: http://rafb.net/p/YXIpcZ70.html what is wrong and what can I do to solve this problem?
[19:55:39] *** hal1on has joined #postfix
[20:06:49] *** justStormY has joined #postfix
[20:07:23] <justStormY> hello
[20:07:43] <justStormY> i hope anybody is here who can help me about tls
[20:07:56] <justStormY> i installed etch and postifx - version 2.3.8
[20:08:19] <justStormY> after i read that there are problems about TLS with this version
[20:08:26] <justStormY> i downgraded it to 2.37
[20:08:38] <justStormY> but it doesn't run at all
[20:08:50] <justStormY> here is a part of my config:
[20:09:15] <UQlev> RiEgEl: it seems missing alias for root
[20:09:23] <justStormY> smtp_use_tls = yes
[20:09:23] <justStormY> smtpd_tls_cert_file=/etc/postfix/smtpd.cert
[20:09:24] <justStormY> smtpd_tls_key_file=/etc/postfix/smtpd.key
[20:09:33] <justStormY> smtpd_tls_auth_only = yes
[20:09:33] <justStormY> smtdp_use_tls = yes
[20:09:33] <justStormY> smtpd_sasl_auth_enable = yes
[20:09:42] <justStormY> smtpd_sasl_security_options = noanonymous
[20:09:42] <justStormY> broken_sasl_auth_clients = yes
[20:09:42] <justStormY> smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
[20:09:43] <hparker> justStormY: pastebin please
[20:10:05] <justStormY> ou sry i thought for this short code it will be okay
[20:10:19] <hparker> 2 lines is short
[20:10:34] <justStormY> ;) okay
[20:10:37] <justStormY> one moment
[20:10:55] <RiEgEl> UQlev: may it is because of this line: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) btw: I use syscp
[20:12:56] *** hal1on has quit IRC
[20:14:30] <justStormY> mhh pastebin recjects by a msql error :/
[20:14:49] <RiEgEl> http://rafb.net/paste/
[20:15:45] <justStormY> ahh thx
[20:15:51] <justStormY> so here is the TLS Config
[20:15:52] <justStormY> http://rafb.net/p/ArFMa986.html
[20:15:58] <UQlev> RiEgEl: if your aliases in MySQL certainly it will prevent lookup
[20:17:12] <justStormY> so it would be really nice if somebody would help me
[20:17:32] <justStormY> i don't know what to do anymore that TLS on SMTP works
[20:18:35] <RiEgEl> UQlev: my virtual_alias_maps goes over mysql..
[20:19:58] *** hal1on has joined #postfix
[20:20:00] <RiEgEl> so what to do to establish mysql connection? i'm running debian sarge
[20:21:57] <cyber4len> not to use mysql socket, use tcp-socket
[20:24:11] <RiEgEl> so in my mysql_virtual_alias_maps mysql:... --> tcp: ??
[20:25:46] *** swampfox has joined #postfix
[20:25:47] <justStormY> mhh for my code nobody have any idea? http://rafb.net/p/ArFMa986.html - TLS doesn't start - Postfix vers. 2.3.7
[20:26:00] <UQlev> RiEgEl: I don't know your scheme of authentication. I used one via courier-imap>mysql
[20:26:14] <RiEgEl> courier works
[20:26:37] <RiEgEl> i use all configs from syscp
[20:27:41] *** ikaro has quit IRC
[20:30:12] <UQlev> RiEgEl: regret, I never tried syscp. I don't like web-interfaces for servers
[20:30:27] <RiEgEl> hmm..
[20:40:02] *** UQlev has quit IRC
[20:44:37] *** [dmp] has joined #postfix
[20:45:31] <justStormY> mhh okay now it works
[20:45:51] <justStormY> but how can i tell tls that i have encrypted passwords?
[20:47:30] *** eye69 has joined #postfix
[20:54:55] *** taube is now known as Taube
[21:05:31] *** MrRagga has quit IRC
[21:09:00] <justStormY> i have a user mysql-DB where the passwords are encrpytet - what i have to do, to set up a SMTP TLS Server which is compatible with this encrypted passwords?
[21:09:44] *** hparker has quit IRC
[21:12:30] *** ziro has quit IRC
[21:13:51] *** hparker has joined #postfix
[21:15:14] <justStormY> mhhh nobody in here can help?
[21:15:53] *** ikaro has joined #postfix
[21:16:59] *** Terminator has joined #postfix
[21:20:04] <roe> TLS just provides an encrypted path for authentication it does not do the authentication itself
[21:23:06] <justStormY> mh okay
[21:23:14] <justStormY> here are the errors of the log
[21:23:14] <justStormY> May 3 21:17:45 mein-edelbordell postfix/smtpd[23222]: sql_select option missing
[21:23:14] <justStormY> May 3 21:17:45 mein-edelbordell postfix/smtpd[23222]: auxpropfunc error no mechanism available
[21:23:14] <justStormY> May 3 21:17:45 mein-edelbordell postfix/smtpd[23222]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
[21:23:22] <justStormY> how does that mean?
[21:29:00] <cyber4len> no sql support in sasl
[21:32:07] <justStormY> mh should be fixed with auxprop_plugins: sql
[21:32:12] <justStormY> in smtpd.conf or?
[21:42:50] *** iEatBabies has joined #postfix
[21:43:03] <iEatBabies> where would we set reverse dns lookup for postfix?
[21:44:07] <Yaroon> Does anyone know what happens to mails when the maildirs have the wrong permissions?
[21:44:14] <Yaroon> Or ownership?
[21:44:15] <rob0> Eat babies? Hmmm. Anyway, what are you asking? The question makes no sense to me.
[21:44:36] <sepski> iEatBabies, in the in-addr.arps zone for your ip space.  if you are not responsible for your ip space revers dns, you ask your isp to set it for you
[21:44:54] <iEatBabies> well...we are running postfix with spamd. some e-mail is not being delivered and in the mail log its failing dns lookup
[21:44:57] <rob0> Yaroon: delivery would be deferred. They'd remain in the queue until successful delivery or $maximal_queue_lifetime.
[21:45:17] *** Bronsky has joined #postfix
[21:45:23] <Yaroon> rob0: OK. Thank you.
[21:45:41] <sepski> iEatBabies, is your server failing to resolve. or is other servers failing to resolv your server's ip ?
[21:45:57] <iEatBabies> our server is failing to resolve it looks like
[21:46:00] <Yaroon> maximal_queue_lifetime = 5d
[21:46:04] <Yaroon> 5d = 5 days?
[21:46:32] <iEatBabies> if i ping the domain i get "unknown host"
[21:46:50] <sepski> iEatBabies, postfix uses the nameservers configured on the host. so as long as your machine had good resolvers it should not be an issue. probably it failes to resolve the address becouse it does not exsist
[21:46:56] <sepski> iEatBabies, you checked them manualy ?
[21:47:03] <iEatBabies> what do you mean?
[21:47:28] <sepski> iEatBabies, what do you mean by, what do i mean ?
[21:47:35] <iEatBabies> i can visit the website, and i know its all legit...i could try a diferent name server
[21:47:49] <iEatBabies> "check them manualy"...thats what i asked what do you mean about
[21:48:02] <sepski> by using dig or host or nslookup
[21:48:19] <sepski> well posfix will never try to visit their website i home
[21:48:40] <sepski> it would be a lot more sane what you were after if you'd just post one of the errors you mentiond
[21:48:42] <iEatBabies> lol, i realize that...i was just stating that so you knew it existed
[21:48:44] <sepski> (damit)
[21:48:49] <iEatBabies> give me one second to try a new nameserver
[21:49:00] <sepski> you should have 2-3 nameserver tho
[21:49:21] <iEatBabies> yeah, im using a local and an isp's now.
[21:51:02] *** devdas has left #postfix
[21:56:25] <iEatBabies> found the problem, thanks for your help sepski! first time in this channel, glad to see there is great help.
[21:56:32] <iEatBabies> have a good day!
[21:56:37] *** iEatBabies has left #postfix
[22:00:20] *** yaaar has joined #postfix
[22:00:23] <yaaar> word
[22:00:24] *** cruxeternus has joined #postfix
[22:00:43] <yaaar> having a spot of trouble here...recently all my outgoing mail (except to locally-handled domains) started getting 554 relay access denied
[22:00:54] *** Zeit|awy has quit IRC
[22:02:38] <yaaar> logs don't seem to go into any more detail, and i don't think i've changed anything....anybody have advice on what i should be checking?
[22:04:10] <sepski> you'r restriction lines
[22:04:34] *** csm-laptop has quit IRC
[22:12:47] *** mazon is now known as Mazon
[22:13:35] <yaaar> sepski: mynetworks and such?
[22:15:25] <yaaar> ooooh, i think that might be it....my actual ips are in there, but 127.0.0.1 isn't...
[22:15:40] <sepski> your smtpd_*_restrictions lines
[22:17:27] <yaaar> i've got smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
[22:18:35] <yaaar> that's the only restrictions line i guess. but i'll bet this mynetworks line is the deal; the mail that's failing is being sent via webmail on the same box, so it's coming from 127.0.0.1
[22:19:05] <sepski> then you need to have 127.0.0.1 in mynetworks ofcourse
[22:30:59] *** justStormY has quit IRC
[22:33:57] <yaaar> yep, works great now
[22:34:10] <yaaar> awesome
[22:38:39] *** Terminator has quit IRC
[22:40:09] *** frennkie has quit IRC
[22:57:53] *** RiEgEl has quit IRC
[23:09:02] *** evilstrike has joined #postfix
[23:10:55] <evilstrike> hey, I would like to know what does a client mail server needs to have setup in its configuration for it not be blocked by a mail server that rejects unknown hostnames.  is it a settings in the postfix configurations? its being blocked cuz the IP isnt getting resovled right?
[23:12:21] <sepski> it needs a sane forward ip eg mail,domain.com points to an static ip.  then that static ip needs a sane revers dns to a hostname eg mail,domain.com
[23:12:34] <evilstrike> ohh thats in its dns records?
[23:12:42] <sepski> the revers does not need to be to the forward. but the hostname that the revers points to must be forwardable too
[23:12:46] <sepski> yes
[23:12:48] <evilstrike> ohh
[23:12:49] <evilstrike> thats why
[23:12:53] <evilstrike> cool thx
[23:12:59] <sepski> and the server must use a sane helo name
[23:13:07] <sepski> that is resolveable and correct
[23:13:19] <sepski> that would be mail.domain.com in this case
[23:13:34] <evilstrike> yeah ok it makes sence i thought it might of been a problem with dns configuration but I said maybe it was something to do with postfix
[23:13:49] <sepski> evilstrike, usualy everyone that dont have sane revers uses smarthosts
[23:14:00] <sepski> eg you send all mail to your isp's mailserver. and let them deliver
[23:15:14] <evilstrike> yeah its how it is execept the isp server im getting the mail from is getting rejected at my postfix filter that rejects unknown hostnames
[23:16:58] *** Ryushin has quit IRC
[23:17:06] *** nictuku_ has joined #postfix
[23:17:19] *** nictuku_ has left #postfix
[23:19:12] *** nictuku has joined #postfix
[23:25:38] <nictuku> hi
[23:26:22] *** hemry has quit IRC
[23:26:22] <evilstrike> sepski: What you were saying about the dns records is that there has to be a valid MX record in the dns server settings right?
[23:27:33] <sepski> evilstrike, the MX record only informs about what hostname is responsible for mail on this domain. eg mail.domain.com  , when you resove that hostname you get the ip address of your server. that ip should be revers resolveable.
[23:27:43] <sepski> to a hostname that's sane and legal
[23:27:48] <sepski> and exsisting :)
[23:28:24] <evilstrike> oh you mean it needs to be setup in the zone's?
[23:28:33] <evilstrike> setup the reverse zone?
[23:28:47] <sepski> ofcourse
[23:28:56] <evilstrike> ah
[23:29:02] <sepski> and it's your isp that configures the revers zone in most cases
[23:29:07] <evilstrike> i wonder why that would not of done that already
[23:29:45] <sepski> you can sometimes get revers zone delegation to your own nameservers if you buy a /24.or larger
[23:30:14] <sepski> you may rarely get delegation for less then /24
[23:30:22] <evilstrike> yeah but the thing is thats its not me that has the problem, its someone who is trying to send email to my domain
[23:30:38] <sepski> then they should use a smathost
[23:30:45] <sepski> or configure their reversdns
[23:30:50] <evilstrike> his domain points to a holder that just redirects all request to his domain back at some other server
[23:34:55] *** pirho has joined #postfix
[23:35:27] *** pirho has quit IRC
[23:36:26] *** pirho has joined #postfix
[23:38:31] *** cilly has joined #postfix
[23:42:15] *** cyber4len has quit IRC
[23:47:15] *** sepski has quit IRC
[23:48:56] *** nictuku has quit IRC
[23:55:45] *** yaaar has quit IRC
[23:57:51] *** dj-fu has joined #postfix
[23:58:31] *** Mavvie has joined #postfix





top