[00:01:16] <pbh> gpled: no, is not enabled by default... I'm getting a lot of errors now that I enabled smtpd_sasl_auth_enable = yes
[00:01:42] *** feross has quit IRC
[00:02:06] <pbh> gpled: where is this parameter suppose to point: smtpd_sasl_path ?
[00:03:30] <gpled> pbh: seems i remember their being a command that will show what "extras" you have in your postfix.   i dont remember how to do it.
[00:04:44] <pbh> pbh: anything else I could try to check the configuration?
[00:04:51] <pbh> gpled: anything else I could try to check the configuration?
[00:04:57] <gpled> http://www.howtoforge.com/perfect_setup_centos_4.4_p5
[00:05:08] <gpled> that guy looks like he did it
[00:07:35] <gpled> /usr/sbin/postconf|less  is a quick way to check some of the settings
[00:08:23] *** pbh has quit IRC
[00:08:30] *** hparker has quit IRC
[00:09:05] *** Zand3r has joined #postfix
[00:11:59] *** pbh has joined #postfix
[00:12:19] *** Kurtism has joined #postfix
[00:13:35] *** killown has joined #postfix
[00:15:59] *** Mazon is now known as mazon
[00:16:48] *** gpled has left #postfix
[00:17:29] *** hparker has joined #postfix
[00:17:34] *** pickcoder has joined #postfix
[00:18:09] <Zand3r> I just asked this in the Dovecot channel but it occures to me that Postfix might have a mechanism built in. I am using SASL for Authenticated SMTP and would like to count (and/or restrict) how many emails a particular user can send. Any suggestions?
[00:19:50] <ssquid> Zand3r: A good option would be to use a policy service
[00:20:36] <ssquid> Zand3r:  This one does the job pretty well: http://policyd.sourceforge.net/
[00:21:01] *** war has quit IRC
[00:21:29] <Zand3r> ssquid: Interesting - I'll check i tout thanks. I currently use policyd-weight, do you know if I can chain policy services?
[00:21:55] <ssquid> Zand3r: sure
[00:23:39] <Zand3r> ssquid: Thanks for the link - policyd specifically mentions throttling (volume per defined time unit) so looks promising.
[00:25:19] *** higuita has quit IRC
[00:28:28] *** higuita has joined #postfix
[00:29:58] *** conico has joined #postfix
[00:30:02] *** flami has joined #postfix
[00:38:13] *** kwilson has joined #postfix
[00:38:22] *** killown has quit IRC
[00:40:18] <kwilson> I have a postfix mail server with 3 virtual domains.  The server also has 3 IP addresses.  I'd like to configure it such that mail being sent through the server from one domain always uses the first IP, mail sent with an address of the second domain always uses the second IP, etc, etc
[00:40:25] <kwilson> is that possible?
[00:40:59] <Zand3r> policyd does not seem to be under active develpment - can anyone suggest if this is because it's considered stable, reliable and doesn;t need any work or should I beware and look for an alternative ?
[00:41:08] *** frennkie has joined #postfix
[00:41:16] *** FlashNet3 has quit IRC
[00:43:23] <hparker> kwilson: with 3 instances, yes
[00:43:58] *** frennkie has quit IRC
[00:44:24] <kwilson> hparker: do you mean I would just need 3 smtp lines in my master.cf file, each listening on a different port?
[00:45:09] <hparker> that might work, but you'll need 3 main.cf files I'm pretty sure
[00:45:24] <kwilson> hmm, I was hoping I wouldn't need to do all that
[00:45:34] *** killown has joined #postfix
[00:45:43] <kwilson> I considered doing an smtpd server on 3 different ports, but I have users who send from all 3 domains
[00:46:03] <kwilson> they'd have to switch their outgoing mail settings in their mail clients each time they wanted to send mail from a different domain
[00:46:38] <hparker> If not, you'll run the same on all 3 IPs, no way to bind mydestination and friends to an IP within the same main.cf
[00:46:56] <kwilson> I was hoping there was a way to get a single smtpd to route the outgoing mail through a different interface based on the sender domain
[00:47:11] <hparker> Actually sounds like more trouble then it's worth, unless the want different restrictions
[00:47:50] <hparker> Nothing requires the IP's DNS to match the domain in the email, or the HELO for that matter
[00:48:05] <kwilson> yeah, well, thanks for the help.  It probably is more trouble than it is worth
[00:48:36] <hparker> i've got 20+ domains on mine with no problems.. Probably people in here with more
[00:48:54] <hparker> I even get my mail through to hotmail, so... ;)
[00:49:10] <kwilson> my issue is more that some big e-mail providers, like gmail seem to put lots of my mail from a domain into junk folders
[00:49:33] <kwilson> if I have other domains running on the same IP, I'm afraid they'll get marked a junk too
[00:49:40] <hparker> Valid rDNS that doesn't look generic? does rDNS map back to the IP?
[00:49:58] <kwilson> yeah
[00:50:29] <hparker> Odd, i've not had any complaints about freemail providers
[00:50:59] <kwilson> I'm using domainkeys too, and gmail validates them
[00:51:18] <hparker> It's not running on the IP you're connected to IRC from, is it?
[00:51:24] <kwilson> no
[00:51:30] <hparker> k
[00:51:50] <hparker> Cuz that rDNS would get spanked by my header_checks ;)
[00:52:22] <kwilson> thanks for your help though
[00:52:36] <kwilson> I'll see what else I can figure out, and if nothing else I'll set up 3 instances
[00:52:39] <hparker> Might email postmaster at gmail dot com and ask why
[00:52:44] <mh_le> am I right in saying that this qurey should compare username and password from postfix..
[00:52:47] <mh_le>  SELECT username FROM accountuser WHERE username = '%u'  AND password = '%s'
[00:52:50] *** flami has quit IRC
[00:53:09] <kwilson> hparker: thanks, I'll try that
[00:53:25] <hparker> kwilson: I know hotmail has a page
[00:53:31] <hparker> postmaster.msn.com
[00:53:47] <kwilson> gmail had a page too, but it was more for bulk mailers
[00:54:06] <kwilson> I filled it out anyway, but all I got was an autoresponse
[00:54:17] <hparker> the one at msn is things to check
[00:54:24] <hparker> Might be worth looking at
[00:54:44] <kwilson> will do
[00:56:23] *** hoodow has joined #postfix
[00:58:21] <mh_le> anyone?
[01:00:47] *** jtole_ has joined #postfix
[01:01:02] <jtole_> hey guys, can anyone reccomend a good server side spam tool for me
[01:01:18] <jtole_> er, anti-spam to the mail server users
[01:01:32] <eat_life> spamassassin?
[01:01:49] <jtole_> ok
[01:02:03] <conico> block some countires that is the best
[01:02:17] <jtole_> I looked at it but there are a lot of tools out there as well I glanced at so I figured I would ask in here for a recomendation etc
[01:02:27] * hparker can't block countries, zen, header_checks, and spamassassin
[01:02:27] *** kwilson has quit IRC
[01:02:31] <eat_life> i wouldn't just start blocking countries for no reason
[01:02:46] <jtole_> yeah I wasn't going to @ countries
[01:02:49] *** pickcoder has quit IRC
[01:04:04] <eat_life> i use a spam block list too like hparker
[01:04:10] <eat_life> http://www.spamhaus.org/
[01:04:13] <eat_life> but i don't use zen
[01:04:30] <conico> my reason is there is no any transaction from some countries so i blocked them
[01:06:05] <eat_life> conico: whatever works for you, if you know your clients personally then that can work
[01:06:05] <mh_le> conico: what if some friendly nigerian wants to offer you money?
[01:06:06] <conico> yes that is true
[01:06:06] <eat_life> but if you don't know your clients personally, how can you just block off say russia, what if your client has family members in russia?
[01:06:08] <conico> i know my companies
[01:06:10] <eat_life> or whatever their business partner flew to russia on a business trip
[01:06:13] <eat_life> what if*
[01:06:20] <eat_life> and wants to email him
[01:06:52] <conico> i get thm out of the list
[01:07:18] <eat_life> i would be annoyed if i had to talk to you everytime to remove someone emailing off your list
[01:07:54] <eat_life> the thing is, your list is not good if you have a lot of false-positives
[01:08:00] <conico> well there is nearly no international transaction
[01:08:04] <conico> it works for me
[01:08:57] <conico> spamassassin had more false-positive by the way
[01:09:13] <eat_life> rules from 3rd party?
[01:09:18] <eat_life> old spamassassin ?
[01:09:25] <eat_life> sa has been top notch for me
[01:09:46] <hparker> Need to stay on top of bayes training, both spam and ham
[01:10:01] <conico> ye it was the old one
[01:10:04] <eat_life> even if you don't train it, i haven't had any false-positives
[01:10:20] <eat_life> unless you set the spam score to an extremely low value
[01:10:45] <hparker> I get a couple a month, nothing major... Added dnswl to help
[01:12:26] <eat_life> well, i just set the spam score a bit higher, and if 1 or 2 spam get through, it's much better than 1 or 2 false-positives being blocked
[01:12:37] *** Twister has quit IRC
[01:12:48] <eat_life> and just have the user throw the spam into their spam folder and let bayes training learn it
[01:13:11] <hparker> > 10 goes into quarantine, no biggie ;)
[01:13:29] <hparker> What i see is usually between 5 and 10, don't remember any > 10
[01:27:09] *** olinux has quit IRC
[01:28:30] *** SSL has quit IRC
[01:32:32] *** feross has joined #postfix
[01:42:23] *** roe_ has joined #postfix
[01:43:07] *** rootsvr has quit IRC
[01:43:14] *** puff has joined #postfix
[01:43:20] <pbh> hparker: do you know how to deal with this error: no authentication mechanism?
[01:43:22] <puff> Evening, is there a good channel for anti-spam discussions?
[01:43:32] <mh_le> am I right in saying that this qurey should compare username and password from postfix..
[01:43:37] <mh_le>  SELECT username FROM accountuser WHERE username = '%u'  AND password = '%s'
[01:43:43] <hparker> pbh: Look in smtpd.conf
[01:44:38] <pbh> hparker: ok, let me see
[01:47:44] <puff> Hm, need an invite to join #spam.  Anybody know somebody on that channel?
[01:48:58] *** roe_ has quit IRC
[01:49:31] <pbh> hparker: the smtpd.conf is correct, where do I check if postfix has the correct path?
[01:51:32] *** MacJobBz has joined #postfix
[01:52:48] <mh_le> puff: why whould you join that channel?
[01:53:38] <puff> mh_le: Well, hoping it's an _anti_ spam channel.
[01:53:46] <mh_le> ah-ha
[01:53:47] *** tibyke has joined #postfix
[01:54:20] <puff> I have a guy at some government office in California who emailed me to ask me about my feedback form;  apparently they're considering setting one up for his office and he's trying to figure out the spam risks involved in that (forum spam, I guess).
[01:59:47] *** GMFlash has quit IRC
[01:59:49] *** MacJobBz has quit IRC
[01:59:50] *** GMFlash has joined #postfix
[01:59:52] *** pbh has left #postfix
[02:01:30] *** qiyong has joined #postfix
[02:06:20] *** jMCg has quit IRC
[02:06:24] *** jMCg has joined #Postfix
[02:20:56] <Zand3r> puff: If the form/script allolws a spammer to force their own "to" address and email content through the server then it will effectively become a spam relay. I assume it is those sort of things he is concerned about.
[02:29:44] *** roe_ has joined #postfix
[02:50:42] *** roe_ has quit IRC
[02:52:36] *** xpoint has quit IRC
[02:57:53] *** feross has quit IRC
[03:07:42] *** Zand3r has quit IRC
[03:20:14] <jtole_> hey guys, can anyone tell me what the incomming and outgoing queue dir's of postfix would be
[03:20:20] <jtole_> or how I find them?
[03:22:07] <ssquid> jtole_: you can check that with 'postconf queue_directory'
[03:22:54] <jtole_> thanks
[03:25:34] <jtole_> hmmm, it only shows one directory, I am trying to setup mailscanner which wants a input queue and a output queue
[03:27:23] <ssquid> For mailscanner you should probably use the hold queue. There's a howto on that somewere
[03:28:31] <ssquid> basically you instruct postfix to 'hold' every every message by adding a header_checks such as /^Received: / HOLD
[03:32:07] *** rcsudo has joined #postfix
[03:34:32] *** rcsu has quit IRC
[03:41:59] *** magyar has joined #postfix
[03:42:27] <jtole_> um...
[03:42:44] <jtole_> any idea what the command is and where it goes or do you know where the how to is?
[03:49:36] <ssquid> try here: http://wiki.mailscanner.info
[03:49:55] <rob0> Dominian here has written a Mailscanner howto ...
[03:50:56] * hparker writes a rob0 howto ... Done!
[03:51:01] <rob0> http://wiki.slackadelic.com/doku.php/howto:mailserver
[03:51:35] <rob0> What would a rob0 HOWTO say? Drink a lot of beer and waste time on IRC?
[03:51:48] <jtole_> hey that sounds like my howto too
[03:52:18] <jtole_> although not usually both at the same time
[03:52:37] <jtole_> it's either I have been spending too much time on IRC... I need a beer
[03:52:55] <jtole_> or I have been drunk for far too many days in a row... I need a IRC
[03:53:05] * rob0 has beer
[03:53:26] <jtole_> I got a single ying lueng and a single corona in my fridge
[03:53:27] <rob0> jtole_ needs to read hparker's HOWTO
[03:53:31] <jtole_> lol
[03:54:01] <jtole_> wow...
[03:54:20] * hparker likes mixing bourbon and IRC... Do have to read the logs later though
[03:54:30] *** eltech has quit IRC
[03:54:43] <jtole_> my server went from 0 0 0 cpu usage, to now with pyzor, spam assassin, mail scanner and clam av to 1.9 1.4 0.6
[03:54:58] <jtole_> lol
[03:55:03] *** eltech has joined #postfix
[03:55:12] <jtole_> ah fuck, I have never been a bourbon fan
[03:55:18] <jtole_> I do like irish whiskey
[03:57:22] <jtole_> My first time ever getting drunk, I drank a mickey of bourbon in 10 minutes @ 14 years old (I am canadian so thats not as young as you southerners think) and saying "oh come on guys, that was easy" right before I, well I remember blacking out but appearently I puked on my girlfriend, tripped over a running fan, and I kinda being held up outside in the rain while my friends slapped me and told me not to fall asleep... oh and I told my
[03:57:22] <jtole_>  best friends mom that I was in love with her
[03:57:58] <jtole_> I do remember being slapped but that was about it
[03:58:25] <ssquid> eheheh
[03:59:06] <jtole_> well my logs look clean now that I have a plethora of "fuck you spammers" software installed
[03:59:24] <jtole_> all I see is where I was the spam bot yesterday from misunderstanding a config setting
[03:59:54] <jtole_> on the plus side I got 1.13 asian e-mail addresses from my logs today... that I don't know what to do with
[04:00:06] <jtole_> *1.13 million
[04:00:27] *** conico has quit IRC
[04:02:26] <hparker> Put them on a CD and sell it :P
[04:03:42] *** amrit|wrk is now known as amrit|afk
[04:09:18] <jtole_> who would I sell it to?
[04:09:24] <jtole_> and how much is it worth?
[04:10:39] <hparker> A spammer, who else? :P
[04:12:14] <jtole_> um... fair enough, I doubt I would want to sell shit to them but what is the list worth?
[04:12:38] <hparker> no idea, never needed one
[04:22:37] *** doomas has joined #postfix
[04:26:56] *** RA3OR has joined #postfix
[04:28:12] <Dominian> jtole_: that howto help you out?
[04:28:35] *** flart_ has joined #postfix
[04:28:42] *** qiyong has quit IRC
[04:28:42] *** killown has quit IRC
[04:28:44] *** meandtheshell has quit IRC
[04:28:44] *** Dalios`` has quit IRC
[04:28:44] *** zodel1 has quit IRC
[04:28:44] *** RA3OR[psy] has quit IRC
[04:28:45] *** Mavvie has quit IRC
[04:28:46] *** lunaphyte has quit IRC
[04:28:46] *** adaptr has quit IRC
[04:28:46] *** AJ_Z0 has quit IRC
[04:28:46] *** jduggan_ has quit IRC
[04:28:48] *** eat_life has quit IRC
[04:28:48] *** ioii has quit IRC
[04:28:48] *** mathez has quit IRC
[04:28:49] *** haroldp has quit IRC
[04:28:49] *** Ra1stlin has quit IRC
[04:28:49] *** chrisq has quit IRC
[04:28:49] *** flart has quit IRC
[04:28:50] *** megaTherion has quit IRC
[04:28:50] *** blinx has quit IRC
[04:28:50] *** deemon has quit IRC
[04:28:50] *** mjoseph has quit IRC
[04:28:51] *** Zerberus has quit IRC
[04:28:51] *** nxvl has quit IRC
[04:28:51] *** shasta has quit IRC
[04:28:51] *** lysander has quit IRC
[04:28:52] *** cfreak has quit IRC
[04:28:52] *** mb__ has quit IRC
[04:28:52] *** koollman has quit IRC
[04:28:53] *** deemon_ has joined #postfix
[04:29:07] *** adaptr has joined #postfix
[04:29:08] <jtole_> havn't gotten there yet but I am about to, I thought I was done before you posted it but now no mail is going through on my mail server
[04:30:14] *** lysander has joined #postfix
[04:30:27] <Dominian> k
[04:30:48] *** nxvl has joined #postfix
[04:30:50] *** AJ_Z0 has joined #postfix
[04:30:51] *** chrisq has joined #postfix
[04:31:32] *** jduggan_ has joined #postfix
[04:31:36] *** mb has joined #postfix
[04:31:39] *** mjoseph has joined #postfix
[04:31:44] *** koollman has joined #postfix
[04:32:12] *** Mavvie has joined #postfix
[04:32:35] *** shasta has joined #postfix
[04:34:30] *** Zerberus has joined #postfix
[04:36:40] *** AJ_Z0 has quit IRC
[04:36:54] *** qiyong has joined #postfix
[04:36:54] *** killown has joined #postfix
[04:36:54] *** meandtheshell has joined #postfix
[04:36:54] *** Dalios`` has joined #postfix
[04:36:54] *** RA3OR[psy] has joined #postfix
[04:36:54] *** lunaphyte has joined #postfix
[04:36:54] *** AJ_Z0 has joined #postfix
[04:36:54] *** eat_life has joined #postfix
[04:36:54] *** ioii has joined #postfix
[04:36:54] *** mathez has joined #postfix
[04:36:54] *** flart has joined #postfix
[04:36:54] *** blinx has joined #postfix
[04:36:54] *** megaTherion has joined #postfix
[04:36:54] *** mb__ has joined #postfix
[04:36:54] *** cfreak has joined #postfix
[04:36:54] *** haroldp has joined #postfix
[04:36:54] *** deemon has joined #postfix
[04:36:54] *** Ra1stlin has joined #postfix
[04:36:58] *** adf323 has quit IRC
[04:36:58] *** blinx has quit IRC
[04:36:58] *** _Ra1stlin has joined #postfix
[04:36:59] *** doomas_ has quit IRC
[04:36:59] *** _megaTherion has joined #postfix
[04:36:59] *** mathez has quit IRC
[04:37:02] *** mathez has joined #postfix
[04:37:04] *** deemon has quit IRC
[04:37:21] *** adf323 has joined #postfix
[04:37:32] *** RA3OR[psy] has quit IRC
[04:37:36] *** cfreak has quit IRC
[04:37:41] *** Ra1stlin has quit IRC
[04:37:50] *** cfreak has joined #postfix
[04:38:02] *** mb__ has quit IRC
[04:38:04] *** killown has quit IRC
[04:38:30] *** megaTherion has quit IRC
[04:38:35] *** _megaTherion is now known as megaTherion
[04:39:04] *** AJ__Z0 has joined #postfix
[04:39:47] *** scifiWEEEE has joined #postfix
[04:40:08] *** AJ_Z0 has quit IRC
[04:40:10] *** AJ__Z0 is now known as AJ_Z0
[04:40:21] *** blinx has joined #postfix
[04:43:31] *** eat_life has quit IRC
[04:44:48] *** keanne has joined #postfix
[04:44:50] *** flart has quit IRC
[04:45:51] *** lunaphyte has quit IRC
[04:46:18] *** lunaphyte has joined #postfix
[04:47:43] *** blinx has quit IRC
[04:47:43] *** scifiWEEEE has quit IRC
[04:47:43] *** cfreak has quit IRC
[04:47:43] *** mathez has quit IRC
[04:47:43] *** megaTherion has quit IRC
[04:47:44] *** _Ra1stlin has quit IRC
[04:47:44] *** haroldp has quit IRC
[04:47:44] *** ioii has quit IRC
[04:47:44] *** Dalios`` has quit IRC
[04:47:45] *** qiyong has quit IRC
[04:47:46] *** meandtheshell has quit IRC
[04:47:46] *** etaylor has quit IRC
[04:48:10] *** blinx has joined #postfix
[04:48:10] *** scifiWEEEE has joined #postfix
[04:48:10] *** cfreak has joined #postfix
[04:48:10] *** mathez has joined #postfix
[04:48:10] *** megaTherion has joined #postfix
[04:48:10] *** _Ra1stlin has joined #postfix
[04:48:10] *** qiyong has joined #postfix
[04:48:10] *** meandtheshell has joined #postfix
[04:48:10] *** Dalios`` has joined #postfix
[04:48:10] *** ioii has joined #postfix
[04:48:10] *** haroldp has joined #postfix
[04:48:13] *** adf323 has quit IRC
[04:48:38] *** adf323 has joined #postfix
[04:51:07] *** magyar has quit IRC
[04:51:15] *** killown has joined #postfix
[04:53:25] *** hoodow has left #postfix
[04:55:02] *** haroldp has quit IRC
[04:55:02] *** ioii has quit IRC
[04:55:02] *** Dalios`` has quit IRC
[04:55:03] *** _Ra1stlin has quit IRC
[04:55:03] *** mathez has quit IRC
[04:55:03] *** qiyong has quit IRC
[04:55:03] *** megaTherion has quit IRC
[04:55:03] *** scifiWEEEE has quit IRC
[04:55:05] *** meandtheshell has quit IRC
[04:55:05] *** cfreak has quit IRC
[04:55:05] *** blinx has quit IRC
[04:57:36] *** qiyong has joined #postfix
[04:57:38] *** haroldp has joined #postfix
[04:57:41] *** Dalios`` has joined #postfix
[04:57:44] *** ioii has joined #postfix
[04:58:31] *** meandtheshell has joined #postfix
[04:58:59] *** jtole_ is now known as jtole
[05:03:22] *** killown has quit IRC
[05:08:56] *** jtole has quit IRC
[05:11:24] *** killown has joined #postfix
[05:20:49] *** killown has quit IRC
[05:25:07] *** raqamy has quit IRC
[05:26:26] *** feross has joined #postfix
[05:31:35] *** rmayorga is now known as agroyamr
[05:37:31] *** amrit|afk is now known as amrit
[05:44:14] *** megaTherion has joined #postfix
[05:44:21] *** mathez has joined #postfix
[05:44:29] *** Ra1stlin has joined #postfix
[05:44:54] *** cfreak has joined #postfix
[05:46:48] *** killown has joined #postfix
[05:48:37] *** eat_life has joined #postfix
[05:49:42] *** agroyamr is now known as rmayorga
[05:53:57] *** Motoko-chan has joined #postfix
[05:54:09] *** jtole has joined #postfix
[05:55:03] <jtole> hey guys, postfix is still trying to send data from a couple days ago when a spammer sent lots of mail through it, is there anyway to stop it / clear it from sending all this mail that it has pending?
[05:55:23] <jtole> several restarts of the server and of the postfix daemon don't seem to be doing shit
[05:56:50] <Motoko-chan> use postsuper and delete by the message id
[05:57:14] <Motoko-chan> If there is a common thing from the message header, you can find some scripts to mass-delete
[05:57:51] <Motoko-chan> And it won't do shit because it is probably getting temporary failures, so it will be held in queue until it expires otherwise.
[05:59:35] <jtole> is there not a way to just wipe the queue clean ?
[06:00:21] <jtole> basically fucking everyone elses messages I am sure but I think I have millions as I gathered that many e-mail addresses from the mail logs and 9 out of 10 got failures from the other mail server
[06:00:29] <jtole> because too many were being sent at a time
[06:01:08] <jtole> at this point I don't care about lost mail but it would take days to clean this all up message id by id
[06:02:28] <Motoko-chan> Sure
[06:02:35] <Motoko-chan> postsuper -d ALL
[06:02:45] <Motoko-chan> Do remember that removes EVERYTHING
[06:02:59] <jtole> postsuper: Deleted: 39283 messages
[06:03:13] <jtole> oh that felt better then most orgasms
[06:03:24] <Motoko-chan> Make sure to implement some kind of recipient check or something.
[06:03:35] <jtole> at this point nah
[06:03:45] <Motoko-chan> And please go read on how e-mail works with queing.
[06:03:49] <jtole> I am just happy thats finally fucking over, lol
[06:03:57] <Motoko-chan> Postfix was being perfectly correct in keeping the messages.
[06:04:02] <jtole> I know it was
[06:04:24] <jtole> I didn't have a problem with postfix and I have a decent idea of how the queueing works
[06:04:27] <keanne> 39283 mails in queue.. that's a lot :D
[06:04:47] <jtole> I just wanted that to end, I had long since fixed the problem that let a spammer abuse us but I was still dealing with this crap
[06:04:52] <jtole> lol
[06:04:53] <jtole> I know
[06:04:56] <jtole> @ a lot
[06:04:59] <Motoko-chan> I've seen worse.
[06:05:10] * Motoko-chan manages a server with almost 1000 domains.
[06:05:21] <jtole> I'm sure, lots of people have probably had worse but again, this has been running for a couple days now
[06:05:29] <Motoko-chan> haha
[06:05:37] <Motoko-chan> Be very glad you aren't running qmail.
[06:05:42] <keanne> problem with huge queues is legit mails will be terribly delayed too
[06:05:45] <jtole> I had 1.13 million e-mail addresses in the logs, and that was before the /var partition ran out of memory
[06:05:46] <Motoko-chan> That requires special scripts to manage the queue.
[06:05:58] <jtole> I already know keanne
[06:06:05] <jtole> @ delays
[06:07:27] <jtole> oh that felt good to end
[06:07:53] <Motoko-chan> hehe
[06:07:58] <Motoko-chan> It always does.
[06:08:19] *** flart_ is now known as flart
[06:08:46] <f3ew> oops
[06:09:02] <jtole> nice, my 30 something smtp processes in ps aux disappeared
[06:09:16] <f3ew> hehe
[06:10:36] <keanne> i am playing with postfix's virtual domain setup and it's ldap support, very-very nice. postfix's ldap support is very mature, even has a "special" result attribute parameter, sweet!
[06:10:44] <jtole> now I am just waiting to see if legitimate mail goes through in a timely manner
[06:10:50] <Motoko-chan> Not it's, its.
[06:10:53] *** hachiya has joined #postfix
[06:11:01] <Motoko-chan> it's = it is
[06:13:18] <keanne> hahaha.. thanks.
[06:14:10] *** raqamy has joined #postfix
[06:14:16] <keanne> "it's" and "who's" are contractions.
[06:15:13] <Motoko-chan> Misuse of it's and its really annoys me.
[06:15:15] *** Tino is now known as Tinozaure
[06:22:18] <jtole> what does it mean if you connect to you smtp port and it doesn't seem to communicate at all with you, I used netstat and did a helo <ip address> and it didn't say anything
[06:22:49] <Motoko-chan> Maybe DNS issue?
[06:22:56] <Motoko-chan> Maybe postfix is being strange?
[06:22:59] <Motoko-chan> Check logs?
[06:23:33] <jtole> there is nothing in the logs
[06:24:10] <jtole> ... and I just did a host google from ssh and it came back fine
[06:24:21] <jtole> "host google.com"
[06:24:22] <f3ew> postconf inet_interfaces?
[06:24:26] <Motoko-chan> What about reverse?
[06:24:37] <jtole> all
[06:24:53] <jtole> reverse works
[06:25:27] <jtole> I had a lot of spam tools I installed earlier today and then I took them back off with ubuntu's package manager, is there something they could have modified?
[06:26:07] <jtole> spamd, pyzor mailscanner and clamav
[06:28:26] <jtole> found it
[06:29:35] <jtole> another mistake on my part... not sure how as I just deleted it but I had added 192.168.10.0/24 to mynetworks
[06:31:10] <jtole> er, I spent all that time setting up the anti spam shit and because I thought that was part of my problem as to why I am not getting e-mail I had to take it all down , between mynetworks and 30,000+ outbound e-mails it probably all worked
[06:49:06] *** f3ew has quit IRC
[06:54:21] *** rmayorga_ has joined #postfix
[06:59:00] *** rmayorga has quit IRC
[07:02:17] *** darkphader has joined #postfix
[07:05:00] *** RA3OR has quit IRC
[07:05:45] *** henno_ has joined #postfix
[07:09:40] *** darkphader has quit IRC
[07:13:01] *** aozturk has joined #postfix
[07:17:32] *** henno has quit IRC
[07:19:16] *** MicW has joined #postfix
[07:19:19] <MicW> hi
[07:21:19] <MicW> i'm (still) looking for an smtp proxy which can filter both, spamasassin and clamav
[07:39:43] *** rmayorga_ has quit IRC
[07:42:53] *** olinux has joined #postfix
[07:53:50] <SeJo> what do you mean can filter both?
[07:54:33] <Signum> MicW: you do know amavis?
[07:54:45] *** feross has quit IRC
[07:54:52] <MicW> yes, i have tried it. it's a terrible piece of software
[07:55:06] <MicW> but i found this: http://smtp-proxy.klolik.org/
[07:55:06] <Signum> MicW: avoid looking at the sources. then it does its work :)
[07:55:52] <MicW> no. it has a terrible config file (which is in fact a piece of code) and it has problems with it's folder permissions (at least the fc6 rpm version)
[07:56:15] <MicW> i'm not going to use _such_ software n the productive mailsystem ;)
[07:57:50] <MicW> currently i'm trying the smtp-gated. it supports clamav+spamassassin (using the socket deamons of both)
[08:00:50] *** jMCg has quit IRC
[08:09:04] *** f3ew has joined #postfix
[08:09:44] <qiyong> how much time to setup up a working mta, and imap, el al, one month?
[08:11:19] *** idleo has joined #postfix
[08:15:03] <MicW> qiyong: 3 days
[08:15:49] *** hparker has quit IRC
[08:16:13] <qiyong> MicW, with virtual user support?
[08:16:52] <qiyong> MicW, should I manually create db?  is their some standard and official script to create db?
[08:17:52] *** killown has quit IRC
[08:18:33] <qiyong> !PostGrey
[08:18:34] <knoba> qiyong: Error: "PostGrey" is not a valid command.
[08:18:44] <MicW> there are some good howtos
[08:19:10] <MicW> the database structure is completely free because you specify the queries to use
[08:19:37] *** SeJo has quit IRC
[08:20:09] <qiyong> MicW, so it is possible to re-use an old qmail vpopmail db structure?
[08:21:26] <MicW> i don't know this structure. but you need: a table from where you can select a domain
[08:21:31] <keanne> MicW, there are many production mail servers which uses amavisd ;-)
[08:21:34] <MicW> a table where you can select a password
[08:21:37] <MicW> and a username
[08:22:26] <MicW> keanne: there are hundreds of production servers out there which are hacked and send a lot of spam or tries to guess my ssh password :-)
[08:24:58] <keanne> qiyong, logical answer is "depends"
[08:25:25] <keanne> if your the one who will do the setup, then it's up to you.
[08:26:08] <qiyong> keanne, i am
[08:26:29] <keanne> MicW, what in amavisd that you are worried about being hacked?
[08:26:40] <keanne> qiyong, first time?
[08:26:54] <qiyong> keanne, kind of
[08:27:29] <MicW> keanne: i meant that "many production servers use..." means not that it's a good piece of software
[08:27:43] *** pmjdebruijn has joined #postfix
[08:27:52] <MicW> in this case it means that most howtos expect that you want to use amavis-new
[08:28:43] <MicW> but i think if there's a better solution and there would be an howto (which will be after i'm finished here and i tranlated everything to english), users would consider to use the better solution :)
[08:28:48] <keanne> qiyong, there are good documents out there, but if you can't find any, and if you are willing to wait, i am making a howto on postfix + dovecot + squid + jabber + ldap (for internal use only, for my co-worker, but i am willing to give it to you after i finished it.)
[08:29:34] <qiyong> keanne, can you give me the current draft?
[08:30:16] *** fujin has quit IRC
[08:30:48] <keanne> qiyong, the "draft" is only about installation of fedora-ds, dovecot and openfire on an centos box.
[08:31:29] <keanne> i am having a hard time making this since my intended audience has 0% knowledge about everything.
[08:31:55] <keanne> but this is corporate policy and i can't do anything about it
[08:32:04] <qiyong> keanne, do you use any web interface to manage the virtual user?
[08:32:20] <qiyong> keanne, postfixadmin not in any distro seems
[08:32:34] <keanne> qiyong, all accounts are in ldap
[08:32:39] <qiyong> keanne, i guess you are a senior sys admin
[08:33:29] <keanne> qiyong, and i used fedora-ds which both has java and http based interface.
[08:33:35] <qiyong> keanne, any web interface to manage ldap for virtual user management? so my co-worker can add and remove user account herself.
[08:34:14] <qiyong> keanne, what the benefit ldap is over mysql solution?
[08:34:26] <keanne> there is a web interface, fedora directory gateway, but i am using the java interface
[08:36:56] <keanne> good question.. it's a matter of choice really. but consider that a global addressbook is a plus when you do it in ldap, not mentioning squid, samba, dovecot and jabber do have ldap support for authentication and user information.
[08:37:43] <keanne> those are the reasons why we end up doing it that way
[08:38:17] <qiyong> so ldap can be a central play for user info, mysql can't
[08:38:42] <qiyong> and what does global addressbook refer?
[08:39:09] <keanne> i don't know, as long as other program you use has support for mysql, it's the same
[08:39:48] *** idleo has quit IRC
[08:39:53] <keanne> qiyong, majority of your email clients support ldap lookups for addressbook searches
[08:40:16] *** henno_ has quit IRC
[08:43:05] <qiyong> keanne, ldap can work without a db?
[08:43:53] <keanne> i dont know what you mean, but fedora-ds uses bdb
[08:43:54] *** mazon is now known as Mazon
[08:44:45] <qiyong> keanne, i mean install ldap, and i don't have to install mysql or other db to make ldap work
[08:46:14] <keanne> ah. in that case no.
[08:47:18] <qiyong> keanne, ldap just sit in front of db, right?
[08:49:07] <keanne> ldap is the protocol, correct
[09:00:46] *** olinux has quit IRC
[09:07:17] *** thojo has joined #postfix
[09:11:03] *** Lap_64 has joined #postfix
[09:12:25] *** [miles] has joined #postfix
[09:25:08] *** aozturk has quit IRC
[09:25:18] *** aozturk has joined #postfix
[09:31:02] *** Tinozaure is now known as Tino
[09:37:50] *** Bronsky has quit IRC
[09:44:25] *** higuita has quit IRC
[09:48:44] *** Yaroon has left #postfix
[09:53:26] *** aozturk has quit IRC
[09:56:22] *** meandtheshell has quit IRC
[10:01:32] *** war has joined #postfix
[10:02:49] *** Jax0r has joined #postfix
[10:03:29] *** aozturk has joined #postfix
[10:04:01] *** meandtheshell has joined #postfix
[10:04:49] *** Jax0r is now known as Jax
[10:07:58] *** war has quit IRC
[10:08:22] *** frennkie has joined #postfix
[10:15:06] *** Dalios``` has joined #postfix
[10:17:05] <Dalios```> Hi. I want to allow relaying without Auth from a specific IP address. I have added that IP to mynetworks, and my smtpd_recipient_restrictions is set to permit_mynetworks, permit_sasl_authenticated, reject. However, the relaying doent work from the specific host. What can be the problem?
[10:33:52] *** henno has joined #postfix
[10:39:06] *** Typo3 has joined #postfix
[10:39:09] <Roobarb-Work> Dalios``: what error do you get?
[10:39:14] <Signum> Dalios```: do you use other smtpd_client_restrictions perhaps?
[10:39:30] *** war has joined #postfix
[10:40:10] <Typo3> hi @ all. i have a problem with imap-login (postfix/courier/mysql). I post the errormessage from the logfile:
[10:40:21] <Dalios```> signum: 554 5.7.1 <alex at ff-dev dot com>: Recipient address rejected: Access denied
[10:40:39] <Typo3> "imaplogin: authentication error: No such file or directory"
[10:40:52] <Typo3> which file or directory is missing?
[10:41:39] <Dalios```> I do not use smtp_client_restrictions
[10:45:54] <Signum> Dalios```: can you quote the complete log message?
[10:46:37] *** Motoko-chan has quit IRC
[10:46:56] <Typo3> have anyone a idea where the solution find for my problem?
[10:53:23] *** Typo3 has quit IRC
[10:57:24] <Dalios```> Signum: I found the error. It was a typo in my network range in mynetworks. :(.
[10:57:31] <f3ew> oops
[10:57:56] <Dalios```> I should sleep at night as opposed to work, heh
[11:00:58] *** Jax has quit IRC
[11:01:53] *** Dalios``` has quit IRC
[11:02:40] *** fujin has joined #postfix
[11:05:05] *** deemon_ is now known as deemon
[11:11:29] *** Typo3 has joined #postfix
[11:29:46] *** qiyong has quit IRC
[11:35:49] *** qiyong has joined #postfix
[11:35:58] <qiyong> how to know what CA file postfix is using?
[11:37:41] *** stellina has joined #postfix
[11:38:10] *** stellina has quit IRC
[11:43:27] *** flart has quit IRC
[11:44:55] *** ratschnowski has joined #postfix
[11:46:30] <ratschnowski> hello, try to optimize spamfiltering and I am using also smtpd_sender_restrictions which is really good to block spam, which is often sent and not always recognized as spam
[11:46:56] <ratschnowski> so i wonder, if there is somewhere a blackist of domains, which are known as spamming domains, so that i can add them in my access tables
[11:47:06] <ratschnowski> for now i am adding the domains manually
[11:48:02] *** flart has joined #postfix
[11:50:22] *** Typo3 has quit IRC
[11:51:47] *** hoodow has joined #postfix
[11:54:20] *** amrit is now known as amrit|zzz
[12:01:45] *** xpoint has joined #postfix
[12:04:44] *** fujin has quit IRC
[12:06:55] *** f3ew has quit IRC
[12:07:20] *** Typo3 has joined #postfix
[12:07:57] *** higuita has joined #postfix
[12:08:14] 
[12:09:19] <keanne> check your MX record
[12:10:16] <Typo3> nothing changed there, but my log say: postfix/qmgr[2550]: 1777C8...: removed
[12:10:24] <Typo3> is this correct?
[12:10:46] <Typo3> BTW: i have SA and amavis running
[12:10:51] <Roobarb-Work> Typo3: maybe - paste a more complete log excerpt
[12:11:55] <Typo3> its difficult... can write something, because i work on ssh with putty on WIN. i think the number in [] relates to the message?
[12:12:11] <Roobarb-Work> no, thats the process ID
[12:12:21] <Roobarb-Work> the 1777C8 uis an identifier
[12:12:35] <Roobarb-Work> paste it to a  pastebin
[12:12:55] <Typo3> ah... yes... ok... there are 3 lines with this identifier...
[12:14:51] <Typo3> i try to copy...
[12:18:09] <Typo3> May 29 21:52:06 217-20-113-100 postfix/smtpd[21858]: connect from mail.gmx.net[213.165.64.20]
[12:18:31] <Typo3> May 29 21:52:06 217-20-113-100 postfix/pipe[21864]: 5C9C08B805B: to=<thomas.schulze at outraxx dot de>, relay=spamcheck, delay=0.06, delays=0.05/0.01/0/0, dsn=2.0.0, status=sent (delivered via spamcheck service)
[12:18:40] <Typo3> May 29 21:52:06 217-20-113-100 postfix/qmgr[21393]: 5C9C08B805B: removed
[12:19:00] <Roobarb-Work> Typo3: well, its being deliverd to whatever the "spamcheck service" is
[12:19:27] <Typo3> i think spamassassin...
[12:19:54] <Typo3> but it seems its been delivered VIA not TO
[12:22:20] <Roobarb-Work> I'll need to see the output of "postconf -n" now
[12:22:37] <Typo3> ok... please wait
[12:22:48] <Roobarb-Work> personally, I use:   content_filter = lmtp-filter:127.0.0.1:10025
[12:22:57] <keanne> sent where, i was expecting a mailbox or a maildir :)
[12:23:08] <Roobarb-Work> to forward mails to amavisd-new, listening on that port
[12:23:29] <Typo3> yes... by me too... listen on port 10025
[12:23:41] <Roobarb-Work> amavis then does spamassasin/anti-virus checks and hands it back to another smtpd service on port 10026
[12:24:25] <Typo3> it seems by me to port 10024... (netstat)
[12:24:57] <Roobarb-Work> either way, the first place to look is the logs for the "spamchecker service"
[12:25:31] <Typo3> which logs should this be?
[12:26:23] <Roobarb-Work> *shrug* its your service
[12:29:49] <Typo3> yes...
[12:30:35] <Roobarb-Work> /var/log/syslog is where I'd look, assuming your syslog configuration logs *.* to that file
[12:32:30] *** qiyong has quit IRC
[12:32:48] *** blackbox has quit IRC
[12:34:35] <Typo3> damn... ok, there is nothing about "spamchecker service". But: maybe you have an idea if you know following: if i send a mail via the form on my website, i receive it... all other dont. if i write per outlook to myself i also receive nothing...
[12:35:22] <Roobarb-Work> disable the content_filter and check again
[12:36:31] 
[12:37:28] <Typo3> ok...
[12:38:08] <Typo3> in main.cf there is one line "content_filter = amavis:[127.0.0.1]:10024
[12:38:31] <Roobarb-Work> correct - comment it out, then run "postfix reload"
[12:38:50] <ratschnowski> one question: how can i check the correct date of received mails, want to block spam which comes with a wrong date (like send 2020 or smth like that)
[12:39:19] <Roobarb-Work> ratschnowski: the "Date:" header is optional
[12:39:45] <ratschnowski> Roobarb-Work: that means?
[12:40:17] <Roobarb-Work> ratschnowski: ignore that, I'm rambling.    http://www.postfix.org/postconf.5.html#header_checks
[12:40:27] <Roobarb-Work> thats probably what you want to use
[12:40:30] <ratschnowski> ok, thx
[12:40:36] <Roobarb-Work> although I couldn't say now
[12:40:39] <Roobarb-Work> *how
[12:40:48] *** conico has joined #postfix
[12:42:13] <Typo3> ok... no changes. hm... spamd is also a content-filter?
[12:42:28] <Roobarb-Work> Typo3: what do your logs say now?
[12:42:41] <Typo3> the same as before...
[12:43:05] <Roobarb-Work>  status=sent (delivered via spamcheck service)
[12:43:06] <Roobarb-Work> ?
[12:43:10] <Typo3> but... its not in the mail.err or so... only in mail.info
[12:43:46] *** Zeit|awy has quit IRC
[12:44:14] <Typo3> ok... there is a line with: to=<email-add>, relay=spamcheck, delay.......
[12:45:23] *** Zeit|awy has joined #postfix
[12:46:22] *** Lap_64 has quit IRC
[12:46:35] 
[12:46:46] *** leOn has joined #postfix
[12:46:57] <leOn> hello
[12:47:11] *** Lap_64 has joined #postfix
[12:47:54] <leOn> can anyone tell me if there are any facilities in postfix to implement greeting delay or if there are 3rd party tools to provide it?
[12:52:33] *** f3ew has joined #postfix
[12:52:39] 
[12:59:55] <Typo3> @ Rooarb-Work: are you still here?
[13:01:46] *** brancaleone has joined #postfix
[13:02:24] *** thojo has quit IRC
[13:03:39] *** Zeit|awy has quit IRC
[13:04:20] *** keanne has quit IRC
[13:05:37] <Roobarb-Work> Typo3: it would appear you are relaying to another server
[13:05:57] <Roobarb-Work> Typo3: as suggested earlier, the output of "postconf -n" would be useful
[13:06:23] <Typo3> now it runs... the problem was a script named "pf-spamfilt". it was not correct...
[13:11:26] <Typo3> Thank you for your support, Rooarb-Work... now all works fine...
[13:12:04] *** Typo3 has quit IRC
[13:12:20] *** cpm has joined #postfix
[13:27:07] *** Zeit|idle has joined #postfix
[13:28:31] *** f3ew has quit IRC
[13:33:15] *** f3ew has joined #postfix
[13:46:44] <cpm> morn'n f3ew
[13:47:02] <MicW> ist there a good web-based admin frontend for postfix (i use mysql as backend)? i need to give customers access to their domains and give them a maximum quota which they can use for all theis domains
[13:51:05] <kokoko1> Hi guys
[13:51:10] <Signum> MicW: some people like "postfixadmin"
[13:51:44] <tibyke> there is a new fork of postfixadmin
[13:51:52] *** Jax has joined #postfix
[13:52:11] <MicW> that is the first hit at sourceforge. but there are dozends of admin guis
[13:52:25] *** bogomips has joined #postfix
[13:54:21] <bogomips> hi all, i have postfix 2.3.6 and i would use tls, i have read from documentation that i can use encrypt without use certificate. i have used smtpd_tls_cert_file = none but don't work...
[13:55:58] <f3ew> hey cpm
[13:57:10] <MicW> bogomips: i can't imagine that you can encrypt without the cert
[13:57:20] *** cpm has quit IRC
[13:57:36] <MicW> (i.e. you could encrypt bt the reciepient could not check the authentity of the server)
[13:57:47] <MicW> you can use a self-signed cert
[13:58:22] <kokoko1> I am getting this error in maillog ...
[13:58:25] <kokoko1> May 30 11:39:29 mayur postfix/smtpd[7952]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
[13:58:56] <bogomips> MicW, ah ok, i can use the same cert that i use for imap ?
[13:58:56] <kokoko1> evertyhign workign fine imean smtp-auth but this error.. any idea how to get rid of it.
[13:59:13] <kokoko1> do i need to created /etc/sasldb2 file to get rid of this error?
[13:59:35] <MicW> yes
[13:59:49] *** GMFlash has quit IRC
[13:59:53] <bogomips> kokoko1, use saslpasswd2
[13:59:56] *** GMFlash has joined #postfix
[14:00:00] <bogomips> to add user
[14:00:05] <MicW> yes <- to bogomips , not to kokoko1
[14:00:21] <kokoko1> MicW, thanks :)
[14:00:32] <bogomips> MicW, tnx
[14:00:48] <MicW> btw, is it possible to use a wildcard ssl certificate for my domain (*.mydomain) also for mail (mx.mydomain)?
[14:00:52] <kokoko1> bogomips, you mean i should create on dummy user
[14:00:59] <kokoko1> one*
[14:01:55] <bogomips> one user need ..
[14:18:32] <slaq> hmm..  i have a little problem, a local service can not send mail from 127.0.0.1 ... i get: warning: frobnitz.tst[127.0.0.1]: SASL LOGIN authentication failed: authentication failure
[14:18:51] <slaq> i added relayhost = 127.0.0.1 to main.cf but that didnt help...  can anyone help me out? :)
[14:25:36] <slaq> oh, figured it out n/m
[14:25:38] *** Mazon is now known as mazon
[14:27:24] *** Jax has quit IRC
[14:35:25] *** MicW has quit IRC
[14:35:38] *** jtole has quit IRC
[14:36:03] <ratschnowski> hello, i would like to use the ip-Spam Blacklist provided by: http://www.ix.de/nixspam/nixspam.blackmatches
[14:36:26] <ratschnowski> can i do that with reject_rbl_client ?
[14:37:06] <xpoint> yes
[14:37:11] <Signum> ratschnowski: use the actual RBL at ix.dnsbl.manitu.net
[14:37:48] <ratschnowski> via reject_rbl_client?
[14:37:58] <ratschnowski> is this list also updated frequently?
[14:38:29] <Signum> yes / ask the maintainers
[14:38:51] *** mazon is now known as Mazon
[14:51:01] *** Mazon is now known as mazon
[14:53:35] <puff>  /quit
[14:56:21] *** mazon is now known as Mazon
[15:00:26] *** cpm has joined #postfix
[15:04:53] *** brancaleone has quit IRC
[15:10:23] <cpm> I hate power outages
[15:13:29] <kokoko1> so i do
[15:13:54] *** brancaleone has joined #postfix
[15:15:06] *** Logikos has quit IRC
[15:16:18] *** ratschnowski has left #postfix
[15:16:52] *** puff has quit IRC
[15:20:19] *** raqamy has quit IRC
[15:30:32] *** meandtheshell has quit IRC
[15:36:51] *** meandtheshell has joined #postfix
[15:39:52] *** csm-laptop has joined #postfix
[15:49:32] *** raqamy has joined #postfix
[15:53:00] *** The_SNiFF has joined #postfix
[15:53:12] *** Mazon is now known as mazon
[15:53:26] <The_SNiFF> anyone knows of a way to replace headers? i've tried with header_check but the rexeps keeps failing
[15:55:53] *** mazon is now known as Mazon
[15:59:30] *** The_SNiFF has quit IRC
[16:00:49] *** eidolon has joined #postfix
[16:08:00] <eidolon> hi folks, after a recent upgrade to 'etch', my postfix + amavis + SA system is generating mail of the ilk "Considered UNSOLICITED BULK EMAIL, apparently from you" - is this amavis doing this?  there's no information in the mail as to what trapped it and what cause there was.
[16:09:05] <Roobarb-Work> eidolon: I'd compare your current amavisd.conf with the backup yuu made before the upgrade
[16:09:31] *** blinx has joined #postfix
[16:09:40] <eidolon> unfortunately, the debian upgrade process from sarge to etch compeltely revamped the amavisd configuration structure.  it's very difficult to compare them :(
[16:09:50] <eidolon> (but yes, i have a backup of the original config :)
[16:10:20] <Roobarb-Work> well, its almost certainly a configuration setting that has changed
[16:10:43] <eidolon> well, that is amavisd generating that?
[16:11:13] <Roobarb-Work> possibly related the the sa_ settings
[16:11:34] <Roobarb-Work> $final_spam_destiny may have changed too
[16:11:56] <eidolon> well that i definately knew happened.
[16:12:13] <eidolon> because i want all spam to be tagged and passed on to the client (so they can do their own filtering) - i had a problem making that workthough.
[16:13:10] <Roobarb-Work> personally, I D_DISCARD spam above a score of 7
[16:13:13] *** theblackbox has joined #postfix
[16:13:26] <Roobarb-Work> I've yet to have a complaint of missing email
[16:15:10] * eidolon checks the config.
[16:17:51] <eidolon> http://pastebin.stonekeep.com/501  <-- here's the relevant parts of amavisd.conf.  (actually /etc/amavis/conf.d/20-debian_defaults) - the problem is that i want the tag /spam info added to -all- messages, and it isn't.
[16:18:03] <eidolon> i thought the -9999 would do that.
[16:19:06] <Roobarb-Work> eidolon: set it to 0 and retry
[16:19:20] *** Mazon is now known as mazon
[16:19:24] <eidolon> really?
[16:19:29] <eidolon> that seems... counter-intuitive.  why?
[16:19:31] <Signum> eidolon: did you set the local_domains_acl (or whatever it's called) correctly?
[16:19:55] <Roobarb-Work> eidolon: because -9999 may be wrapping a counter (I'm guessing here)
[16:19:56] <Signum> eidolon: amavis will not add any headers if the destination domain is not listed there
[16:19:57] <eidolon> @local_domains_acl = ( ".$mydomain" ) ;
[16:20:04] <Signum> Roobarb-Work: nope... -9999 works :)
[16:20:05] <eidolon> ohh, i should add all the other domains i host eh?
[16:20:10] <Signum> eidolon: yep
[16:20:14] <eidolon> mm, good idea.
[16:20:37] <Roobarb-Work> Signum: fair enough :)   I'd live to see a message with a natural -9999 score though :o)
[16:21:03] <Signum> Roobarb-Work: there probably isn't any. even the GTUBE signature is only -1000 IIRC
[16:21:04] * eidolon what'st he syntax of that list?
[16:21:16] <eidolon> ( "foo" "bar" "baz" );   ?
[16:21:53] <Signum> eidolon: see /usr/share/doc/amavis/... It should be documented somewhere in there.
[16:21:55] <eidolon> (and, btw, thanks guiys for helping me with an amavis problem on #postfix.  previously that was frowned upon, but the amavis channels are invariably dead :)
[16:22:01] <Signum> eidolon: IIRC you can use regular expressions or lists
[16:22:10] <eidolon> well, seems to be a perl array....
[16:22:46] <eidolon> seems that postfix and amavis and SA are getting closer by the day :)
[16:23:38] <eidolon> hmmm.  well, thsi would be easier if my host were responding.  *wonders if someone kicked a power cord out*
[16:23:49] <Signum> eidolon: do you mean to say that postfix 3.0 will be written in perl? :)
[16:23:58] <eidolon> hey, i didn't go -that- far.
[16:24:44] <Signum> Wietse would probably roll-over in his grave.
[16:25:14] <eidolon> wait.  he's not dead, is he?
[16:25:29] <cpm> hope not
[16:26:01] <rob0> This would kill him.
[16:26:04] <Signum> surely
[16:26:31] <Roobarb-Work> if Wietse is dead, I hate to think who just mailed postfix-users... :o)
[16:26:46] <eidolon> ahh, machine is back.
[16:27:55] <xpoint> even worse who will update postfix in future ?
[16:28:22] <rob0> Viktor and/or Magnus would take over.
[16:28:50] <Signum> xpoint: it will be joined with the sendmail project and the main.cf will be generated by macro processors
[16:28:55] <rob0> haha
[16:29:17] <rob0> actually Sendmail X has a Postfix-like design.
[16:29:18] *** rmayorga has joined #postfix
[16:29:34] <xpoint> add more db backends to sendmail core, then postfix will die :-)
[16:29:37] *** higuita has quit IRC
[16:30:24] *** Qube has left #postfix
[16:30:37] <xpoint> Signum, i like the m4 script design from sendmail, could be added to postfix so this channel here is not needed anymore :-)
[16:31:41] <rob0> Twisted and sick.
[16:31:54] * eidolon twitches
[16:32:01] <eidolon> don't make me hurt ya'll.
[16:32:34] <Roobarb-Work> xpoint: #sendmail is thataway... -->
[16:32:52] <xpoint> hehe
[16:32:55] <eidolon> *grin*
[16:33:44] <eidolon> i had a friend who was a total sendmail geek right up until about a year ago - he was all "you can do anything with sendmail you can do with postfix!  don't need to replace it!" - then he started working with milter and multiple external conten filters and... somewhere along hte line, he lost his m4 sources.
[16:34:04] <eidolon> after he finished being curled up in a ball on the floor crying, he said "So, about postfix..."
[16:34:40] <rob0> Sounds like a candidate for the nearest laughing academy.
[16:35:05] <eidolon> "he got better."
[16:35:21] <eidolon> so, back to the original question - why is the tag_level set at -9999 not tagging all my mail?
[16:35:53] *** Dalios`` has left #postfix
[16:36:06] <eidolon> actually, i may be answering part of that.  because anything in the local domain doesn't get filtered.
[16:36:11] * eidolon sends mail from gmail.
[16:36:20] *** higuita has joined #postfix
[16:40:27] <eidolon> X-Spam-Status: No, score=-97.201 tagged_above=-9999 required=4.5
[16:40:28] <eidolon> hey look at that.
[16:40:29] <eidolon> kickin.
[16:42:40] <mindcooker> hello..I'm trying to configure postfix+mysql+postfixadmin
[16:43:16] <mindcooker> and I'm getting this error
[16:43:25] <mindcooker> http://rafb.net/p/eemiMJ37.html
[16:43:30] <mindcooker> any ideas?
[16:43:31] <mindcooker> :/
[16:44:27] *** pmjdebruijn has quit IRC
[16:46:10] <mindcooker> this start happening when I changed virtual_uid_maps and virtual_gid_maps from default postfix to another user/group that I've created
[16:49:21] <ph1zzle> morning ladies and gents, is there a way to keep a e-mail message on the server... wait, damn, this would be dovecot
[16:50:20] <cpm> or any other imap server
[16:50:37] <ph1zzle> I prefer pop3s
[16:51:20] *** etaylor has joined #postfix
[16:51:42] <cpm> why?
[16:53:07] * cpm no longer supports pop3
[16:55:01] *** stellina has joined #postfix
[16:55:18] <stellina> hi people, I need some help
[16:55:26] <stellina> I get often in my logs something like this:
[16:55:44] <stellina> Recipient address rejected: unverified address: Address verification in progress and the mail is rejected
[16:55:54] *** doomas has quit IRC
[16:56:46] <stellina> but the recipient is local and this should be happend. Could this be an issue with ldap? Postfix asks ldap to verify recipient if he's local
[16:56:56] <rob0> mindcooker, your transport_maps lookup fails, and ...
[16:57:00] <rob0> !loopback
[16:57:01] <knoba> rob0: 'loopback' : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains
[16:57:11] <eidolon> ph1zzle: you're describing imap.
[16:57:18] * eidolon keeps no mail locally.  everythingo n the server.
[16:58:41] <ph1zzle> eidolon, actually I wasn't but don't worry about it
[16:58:47] <mindcooker> rob0,  mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
[16:58:48] <eidolon> oohkee :)
[16:59:09] <mindcooker> that's what I have in my destination
[16:59:18] <rob0> mindcooker: ?? so?
[17:00:22] <stellina> any hint?
[17:00:30] <rob0> Ah, you picked up on an irrelevant part of !loopback.
[17:00:36] <mindcooker> this error only starts when I changed de default virtual_uid_maps
[17:01:29] <rob0> Line 3 and line 8 in your paste.
[17:01:55] <rob0> stellina: Don't use verify(8) if you don't understand it.
[17:02:44] <rob0> stellina: see ADDRESS_VERIFICATION_README.html and the big "WARNING" at the beginning.
[17:03:16] <stellina> rob0: I'll read it now. r u sure the error I see in my logs has to do with this?
[17:03:21] <mindcooker> rob0, can you be por precise?
[17:03:21] <mindcooker> :)
[17:05:24] *** masida has joined #postfix
[17:06:39] <mindcooker> "hat the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains"
[17:07:33] <rob0> 14:56 < rob0> mindcooker, your transport_maps lookup fails, and ...
[17:07:38] <rob0> 15:01 < rob0> Line 3 and line 8 in your paste.
[17:08:26] <mindcooker> user = postfix
[17:08:26] <mindcooker> password = postfix
[17:08:26] <mindcooker> dbname = postfix
[17:08:26] <mindcooker> table = domain
[17:08:26] <mindcooker> select_field = transport
[17:08:27] <mindcooker> where_field = domain
[17:08:28] <mindcooker> hosts = 10.0.0.55
[17:08:41] <mindcooker> that's what I have in transport_maps
[17:09:45] <mindcooker> what could be wrong?
[17:09:47] <mindcooker> :/
[17:12:34] <mindcooker> postfix should find the domain in transport_maps
[17:12:38] <rob0> Should I paste line 3 or line 8 back here?
[17:12:43] *** cpm has quit IRC
[17:12:54] *** kokoko1 has left #postfix
[17:13:10] <Dominian> all ofi t
[17:13:16] <mindcooker> rob0, sorry..I understand that mail loops back
[17:13:25] <mindcooker> but where do I change that?
[17:13:27] *** cpm has joined #postfix
[17:14:21] <rob0> mindcooker quite likely has more than one error. But the one most prominent in the paste is that the transport_maps lookup is ignored.
[17:14:43] <rob0> And I'm afk, cpm is in charge!
[17:15:25] <lunaphyte_> great.  there goes the neighborhood (tm).
[17:16:23] <rob0> um ... ok ... lunaphyte_ is now in charge :)
[17:17:56] <lunaphyte_> great.  there goes the town.  :)
[17:20:08] <lunaphyte_> mindcooker: are you trying to accept mail for antanhol.blogdns.org and cows-do-m000.gotdns.org?
[17:20:20] <mindcooker> yes..
[17:20:40] <Lap_64> lols
[17:23:54] <lunaphyte_> adding antanhol... to wherever you've already got cows-do...  would probably get you going in the right direction.
[17:25:16] <mindcooker> lunaphyte, just a second..
[17:27:58] * cpm s T1 is down, so he can't respond right now.
[17:29:04] * cpm stepped in cow do a time or two
[17:30:34] *** christian78 has joined #postfix
[17:36:50] *** aukjan has quit IRC
[17:37:01] *** aukjan|gone has joined #postfix
[17:37:58] <mindcooker> lunaphyte, ok..problem fixed
[17:38:38] <mindcooker> I was usig mail command to test
[17:38:39] *** eidolon has left #postfix
[17:39:44] <mindcooker> and user at machine dot domain was incorrectly appended
[17:40:49] *** flami has joined #postfix
[17:40:55] <mindcooker> now is delivering ok,  but dovecot tell me there's no new messages
[17:40:56] <mindcooker> :/
[17:41:27] <flami> hehe , just found a conic that i thought would fit here ^^ . http://www.cagle.com/news/hackers/hackers6/todays_cam-01.gif
[17:45:01] *** sepski has joined #postfix
[17:45:37] <lunaphyte_> mindcooker: my guess would be that postfix is not depositing mail in the location dovecot is expecting to find it.
[17:46:00] <mindcooker> yes..I'm trying to fix that
[17:46:01] <mindcooker> :)
[17:46:12] *** unclecameron has joined #postfix
[17:50:24] <stellina> how can I have postfix checks the database if the sender is a valid  user in case he's domain is a local domain?
[17:51:19] <Signum> stellina: smtpd_recipient_restrictions -> check_recipient_access
[17:51:27] <mindcooker> stellina, well..in my case all domains are considered virtual
[17:52:24] <mofino> f3ewer
[17:53:00] *** bostik has quit IRC
[17:53:45] <cpm> all of my domains are also virtual. There really is no point to having local anymore, esp on a mail server.
[17:54:00] <mofino> stellina: http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
[17:55:09] <stellina> thank you ppl
[17:55:32] *** mazon is now known as Mazon
[18:00:54] *** stellina has quit IRC
[18:04:27] *** [miles] has quit IRC
[18:04:27] *** killown has joined #postfix
[18:04:30] *** doomas has joined #postfix
[18:05:26] *** doomas has quit IRC
[18:06:09] *** cilly has joined #postfix
[18:07:09] *** doomas has joined #postfix
[18:11:30] <masida> hi all! if a lookup in the smtpd_client_restrictions returns OK, and a lookup in smtpd_recipient_restrictions returns REJECT, will the message be denied?
[18:11:51] <masida> in my setup this is not the case...
[18:13:54] *** cilly has quit IRC
[18:13:55] <cpm> masida, if a mail hits an 'accept' before it hits a 'reject' , ,
[18:13:58] <cpm> first match wins
[18:14:10] <cpm> dunno if this is germane or not.
[18:14:25] <cpm> I only use smtpd_client_restrictions, put everything under there.
[18:14:56] <mindcooker> anyone using roundcube?
[18:15:05] <masida> ok, i knew that was the case per restriction (for example smtpd_client_restrictions), but it seems to be the case for all restrictions combined
[18:15:41] <cpm> it is
[18:15:43] *** aukjan|gone has quit IRC
[18:15:52] *** aukjan|gone has joined #postfix
[18:16:08] <cpm> first match wins
[18:16:22] <masida> ok. thanks for the info!
[18:16:29] <cpm> mindcooker, someone probably does, yes. Was this a poll?
[18:16:42] <cpm> masida, yw
[18:17:10] <mofino> f3ew ...
[18:17:15] <mindcooker> sorry..cpm, just trying to ask a syntax configuration of roundcube
[18:17:38] <cpm> roundcube is a client isn't it? a webmail client?
[18:17:46] <mindcooker> yes it is
[18:17:47] <mofino> mindcooker, ask their mailing list
[18:17:50] <mofino> don't be lazy
[18:18:39] <mindcooker> wow..calm down..sorry again
[18:18:41] <cpm> did you have some postfix problem?
[18:19:39] *** flzz has left #postfix
[18:19:41] *** Lap_64 has quit IRC
[18:31:51] *** hachiya has quit IRC
[18:33:25] *** hoodow has left #postfix
[18:47:59] *** brancaleone has quit IRC
[18:48:37] *** cilly has joined #postfix
[18:53:56] *** KamQuat has joined #postfix
[18:55:39] *** KamQuat has quit IRC
[19:04:07] <frennkie> "cpm: first match wins" are you really sure with this? I think that I had an "OK" in the client restriction but the mail was later rejected because of the sender restrictions (-> I#m checking my logs)
[19:04:29] <mofino> haha calm down... "ok"
[19:04:39] <cpm> frennkie, pretty sure.
[19:04:53] <mofino> frennkie, it's in the docs.
[19:04:56] <frennkie> is this documented somewhere?
[19:05:01] * cpm chuckles
[19:05:06] <mofino> heh
[19:05:13] <mofino> don't skim it
[19:05:14] <mofino> read it
[19:05:15] <frennkie> ok.. sry.. didn't find it on first look.. got a hint for me plz?
[19:05:26] <mofino> you have your hints
[19:05:33] <mofino> you said them yourself
[19:07:19] *** aukjan211 has joined #postfix
[19:07:42] *** aukjan211 is now known as aukjan
[19:07:52] *** aukjan|gone has quit IRC
[19:11:16] *** hyper_ch has joined #postfix
[19:11:40] <hyper_ch> hiho, I needed to re-setup the server and copied old config files and stuff back... but postfix refuses to start
[19:11:51] <hyper_ch> how can I check at which point it fails?
[19:12:01] <Dominian> /var/log/maillog
[19:14:25] *** conico has quit IRC
[19:14:37] <hyper_ch> Dominian: here's some output:  http://phpfi.com/238181
[19:15:13] *** prebur has quit IRC
[19:15:28] <hyper_ch> installed now postfix-pcre
[19:16:31] <Dominian> well its obvious..
[19:16:37] <Dominian> this: /usr/lib/postfix/dict_pcre.so  can't be seen by postfix
[19:17:09] <hyper_ch> Dominian: this makes it fail?
[19:17:19] <Dominian> Well right after that error.. postfix dies
[19:17:23] <Dominian> so I would say: yes
[19:17:51] <hyper_ch> postfix   9276  0.0  0.2  6324 2512 ?        S    19:15   0:00 smtpd -n smtp -t inet -u -c -s 2
[19:17:57] <hyper_ch> stuff like that looks ok, irhgt?
[19:18:05] <mofino> who knows
[19:18:08] <mofino> does it work?
[19:18:11] *** prebur has joined #postfix
[19:18:31] <hyper_ch> mofino: how to test?
[19:18:51] <mofino> to test smtpd?
[19:18:54] <mofino> send mail through it
[19:20:06] <hyper_ch> ok, that works... now next issue... getting courier-imap to work again :)
[19:20:12] <hyper_ch> thx for the help :)
[19:22:15] <mofino> you should use dovecot
[19:22:22] <mofino> if possible.
[19:22:24] <hyper_ch> mofino: why dovecot?
[19:22:33] <mofino> courier is messy
[19:22:40] <hyper_ch> mofino: well, it's my server and it came with courier pre-isntalled and also confixx on it
[19:22:46] <mofino> ahh ok
[19:22:55] <hyper_ch> mofino: if you can help me with dovecot setting up there I'd be glad to do so :)
[19:23:01] <mofino> not a good idea
[19:23:07] <mofino> if you have a nice admin setup, keep it
[19:23:18] <hyper_ch> mofino: heavily modified you mean ;)
[19:23:18] <mofino> keep your job as easy as possible
[19:23:19] <cpm> courier is pretty messy, it's also pretty predictable, performs pretty well, and is broadly deployed. Not a bad choice.
[19:23:30] <mofino> no, it's not.
[19:23:34] <mofino> dovecot is just more modern
[19:23:35] <cpm> id
[19:23:36] <cpm> is
[19:23:45] <cpm> dovecot is more modern
[19:23:51] <mofino> doesn't follow any djbness
[19:23:53] <hyper_ch> I also heard that dovecot is simpler.. I just have no experience with it
[19:23:58] <mofino> or mr. samness
[19:24:12] <cpm> dunno about simpler. Simple isn't what is required for a good email system.
[19:24:33] <cpm> Simple is in no way superior when it comes to base services. Solid and reliable are what matter
[19:24:35] <hyper_ch> cpm: as far as I've heard courier has a lot of different config files while dovecot just has one
[19:24:49] <cpm> courier is more modular, yes.
[19:24:54] <hyper_ch> cpm: in this case you can call it simpler but it doesn't mean it's bad
[19:25:09] <cpm> simple doesn't even show up on my radar
[19:25:19] <cpm> it's not a criteria
[19:25:34] <mofino> i prefer consistant
[19:25:41] * cpm agrees with mofino
[19:25:42] <mofino> rather than simple
[19:26:04] <mofino> postfix is nice and consistant
[19:26:13] <mofino> qmail is ... man, i'm so tired of qmail
[19:26:46] <rob0> Problem with Courier is that it's supposed to be a whole suite like MSexChange. Postfix focussed on being MTA only.
[19:27:11] <rob0> MTA/MSA, but same sort of thing.
[19:27:32] <mofino> the whole courier thing bugs me
[19:27:39] * cpm wants rob0 to be his whole suite
[19:27:49] <frennkie> okay, maybe i got something wrong.. I have this setup: ich have a "smtpd_client_restrictions" where i do a "check_client_access" against a file; in that I have "/mail.trusted-domain.net/ OK" but when I now send a mail with a forged sender adress it will be rejected by my "smtpd_sender_restrictions" where I check the sender domain!
[19:27:50] <mofino> it's like an updated qmail "suite" but ... just as insane at times
[19:28:23] <rob0> Sam eventually grew out of the DJB influence.
[19:28:23] <cpm> except unlike qmail, it actually works well
[19:29:03] <rob0> Oh qmail works very well, within its limits! The limits are the problem.
[19:29:06] <flami> hehe took me a while to figure out what  MSexChange is ;) .... i just saw SexChange       .... oh boy :P  ... Im happy with courier , once setup fine and it runs and runs and runs ....
[19:29:27] <cpm> frennkie, paste the output of postconf smtpd_client_restrictions to a pastebin please, and let us have the url
[19:30:27] <cpm> rob0, and qmail doesn't have a license. Making it kinda a silly thing to deploy
[19:30:34] *** KhensU has quit IRC
[19:31:18] *** hparker has joined #postfix
[19:31:33] <cpm> sssh, it's hparker
[19:31:52] <hparker> Afternoon cpm, all
[19:31:59] <cpm> lo, how U?
[19:32:42] <hparker> Not 2 bad, U?
[19:32:57] <cpm> vile day, power outages, and such fun
[19:33:09] <cpm> I rlly hate this
[19:33:27] <mofino> rly
[19:36:24] *** dakoo has quit IRC
[19:36:30] <rob0> My car is a Norwegian Blue. E's stunned!
[19:36:54] <frennkie> cpm: http://pastebin.ca/523091
[19:38:39] <rob0> The thing about check_MUMBLE_access is to understand what MUMBLE means. What do you suppose it means when you do check_client_access ??
[19:39:22] <many> postfix checks right after the HELO stage.
[19:40:24] <many> maybe you should add that the other two MUMBLE are ``sender'' and ``receiver''
[19:41:06] <rob0> sender and recipient and helo and ... ??
[19:41:41] <frennkie> rob0: are you talking to me?
[19:42:05] <rob0> The point above is that check_client_access doesn't check mail addresses, only client IP and reverse DNS.
[19:42:20] <many> exactly.
[19:43:00] <many> the ones of the client that connects to your postfix, hence check_client_access
[19:43:06] *** leOn has quit IRC
[19:44:35] <frennkie> well thanks for that hint.. I'll think about it.. but I thought you send that if there is an OK no further checks will be made? (cpm: first match wins)
[19:44:56] <many> yes, but.
[19:44:59] <rob0> Furthermore, if one is going to use pcre or regexp, it's a good idea to understand regular expressions. A good expression would be properly anchored to the end or beginning, and wildcards would be escaped.
[19:45:19] <many> each of the four check_MUMBLE_access need to result in dunno or OK
[19:45:24] <rob0> What matches?
[19:46:16] <many> i think he's referring to the order of the checks in check_*_access
[19:47:21] <frennkie> my point is that a mail from e.g. mx0.gmx.de gets an okay on line 15, but can still be rejected later on (e.g. on line 34.) so the frist OK does not win
[19:48:01] <rob0> relays.ordb.org is closed, and zen.spamhaus.org is usually preferable to sbl-xbl.
[19:48:22] <many> frennkie: thats true, still check_client_access = permit will not automagically result in an open relay.
[19:49:09] <rob0> frennkie: That's right. There are different restriction stages. Each one is checked. See SMTPD_ACCESS_README.html for details.
[19:49:41] <frennkie> rob0: thanks for the info on the lists..
[19:49:47] <rob0> This is why it's common to recommend that beginners keep all restrictions in one stage: smtpd_recipient_restrictions.
[19:50:56] <rob0> The caveat to doing it that way is that you must be very careful with the use of "OK" results. You could enable relaying for those.
[19:51:19] <rob0> Changing "OK" to "permit_auth_destination" works well.
[19:53:27] <many> ow, nice to know that keyword, too
[19:56:43] *** Kurtism has quit IRC
[19:57:05] *** Kurtism has joined #postfix
[19:57:33] <frennkie> rob0: sry, changing which OK to "permit_auth_destination" ?
[20:10:46] *** stony has joined #postfix
[20:11:16] <stony> hi
[20:16:58] <hyper_ch> hmmm, anyone can help me with courier-imap?
[20:19:03] *** KhensU has joined #postfix
[20:19:20] <flami> maybe be more specific what the problems is , this improves the chances that someone actually can help
[20:22:59] <hyper_ch> flami: well, courier-imap doesn't run :) syslog has no entry as of why it fails...
[20:23:00] *** hagna has joined #postfix
[20:23:25] <hyper_ch> and since this ist postfix I thought I first ask :)
[20:23:26] <hagna> is there a way to have postfix encrypt all outbound email with gpg?
[20:24:40] <rob0> hagna: how would it be decrypted on the receiving side?
[20:25:29] <hagna> rob0: easily
[20:25:44] <hagna> with the server's public key
[20:26:01] <hagna> oops sender's public key
[20:26:50] <rob0> Sure, you could implement something like that with pipe(8) on each end. Or just enforce TLS, as is already implemented on many MTA's.
[20:27:35] <hagna> rob0: thanks
[20:28:06] <hyper_ch> flami: so you can help?
[20:28:17] <hagna> rob0: on the TLS side wouldn't mail still be sniffable if it's routed to an MTA that doesn't enforce TLS?
[20:28:37] <flami> wow i mean its like ... my car doesnt start , help ! I dont knwo where to start :P
[20:28:41] <flami> maybe reinstall it ?
[20:29:11] <hyper_ch> flami: did so twice
[20:29:24] <hyper_ch> flami: isn't courier-imapd supposed to run out of the box?
[20:29:30] <flami> yeah i did for me :P
[20:29:43] <flami> jsut a few configs where it finds the mail and done
[20:29:45] <rob0> If you force TLS to any particular site, and if that site doesn't support TLS, your server won't send.
[20:30:05] <flami> do you have courier auth deamon running ?
[20:30:57] <hyper_ch> flami: the problem is, it does sort of run as pop3 server... no imap folders available... nothing
[20:31:02] <hyper_ch> flami: however I did get some new mails
[20:31:30] *** masida has quit IRC
[20:31:58] <hagna> rob0: that's good
[20:32:14] <flami> huu
[20:32:36] <flami> I mean without any log entry its kinda hard to find out whats wrong :/
[20:32:42] <flami> maybe ldd courier imap
[20:32:47] <flami> and strace .
[20:33:13] <hyper_ch> flami: well, what logs would you look at?
[20:33:25] <hagna> rob0: so forcing TLS and using pipe to launch an external command for each email is all done in main.cf?
[20:33:30] <flami> mail logs and syslog
[20:33:46] <flami> but if it doesnt say anything i dont know :/
[20:34:01] <rob0> hagna: TLS_README.html
[20:34:24] *** conico has joined #postfix
[20:34:25] <rob0> and forget the pipe idea, you might say it's a "pipe dream."
[20:34:55] <hyper_ch> flami: how to locally test courier-imap?
[20:35:02] <hyper_ch> flami: telnet localhost 143 ?
[20:35:34] <hagna> rob0: I still like the pipe idea
[20:35:37] *** brancaleone has joined #postfix
[20:36:02] <flami> yeah
[20:36:11] <flami> im not a big imap guy though :P
[20:36:19] <flami> does it run then ?
[20:37:27] <hagna> rob0: it could work with more diverse email servers
[20:37:35] <hagna> err I mean MTAs
[20:37:38] <hyper_ch> flami: I do get some output
[20:38:02] <flami> oh then the sofware is actually running ^^ i thought it would crash on startup
[20:38:10] <hyper_ch> flami: http://phpfi.com/238201
[20:38:19] *** roe__ has joined #postfix
[20:38:27] <roe__> w
[20:38:45] <hyper_ch> flami: hmmm, but how to login now :) I google for that
[20:39:10] <roe__> can anyone confirm that blacklist rejects have been slowly decreasing over the last month or so?
[20:39:24] <flami> i have a book where it mighty say howto ;)
[20:39:53] <hyper_ch> flami: hmmm, that doesn't work  AB LOGIN "user" "passwd"
[20:39:56] *** blueyed_ has joined #postfix
[20:40:03] <hyper_ch> flami: neither with quotes and neither without them
[20:40:09] <blueyed_> Hi.
[20:41:02] <blueyed_> I've used FILTER in check_sender_access ("catch-all") to delegate to two amavisd-new instances, according to "authenticated" or not.
[20:41:19] <blueyed_> But that seems to work only with content_filter and not smtpd_proxy_filter..
[20:41:22] <blueyed_> Any idea?
[20:41:31] <flami> login name password
[20:41:32] <flami> no "
[20:41:44] <flami> select INBOX
[20:41:45] <flami> ....
[20:42:50] *** bogomips_ has joined #postfix
[20:43:29] <hyper_ch> flami: login NO Error in IMAP command received by server.
[20:44:32] <flami> buu it damn looks liek it works :P
[20:44:44] <flami> cant you get to your mailbox ??
[20:44:56] *** tuxcrafter has joined #postfix
[20:45:05] <tuxcrafter> hello everybody
[20:45:25] *** amrit|zzz is now known as amrit|wfh
[20:45:27] <hyper_ch> flami: yes, that's my problem
[20:45:29] <flami> blueyed if i remember right the smtp proxy happens right after the connection , so i think its not possible to split
[20:45:34] <flami> ahh
[20:45:58] <flami> then your config is wrong ;)
[20:46:10] <flami> maybe copy the config of the pop3
[20:46:12] <hyper_ch> flami: what config? ^^ I don't know where courier config is
[20:46:29] <flami> second :P
[20:46:49] <blueyed_> flami: yes, it's a Before-Queue Content Filter, but I cannot believe that it's not splittable somehow.
[20:46:50] <hyper_ch> flami: /etc/courier/imapd ?
[20:47:06] <flami> yeah
[20:47:09] <flami> exactly
[20:47:16] <flami> i forgot the name of the file though
[20:47:35] <flami> before queue means that all the smtp communication get send right to amavis
[20:47:42] <hyper_ch> flami: I guess it's MAILDIRPATH? It is set to Maildir
[20:47:52] <flami> :/
[20:47:54] <flami> yeah
[20:48:19] <hyper_ch> flami: is that what you have?
[20:48:39] <flami> blueyed_,  so all the stuff gets send to amavis even before the HELO
[20:48:53] <flami> hyper_ch,  sec i need to look what exactly i have ^^
[20:49:19] <blueyed_> flami: are you sure? " The before-filter Postfix SMTP server accepts connections from the Internet and does the usual relay access control, SASL authentication, TLS negotiation, RBL lookups, rejecting non-existent sender or recipient addresses, etc."
[20:49:45] <blueyed_> Therefor it seems that smtpd_proxy_filter could somehow get rewritten beforehand.
[20:49:53] *** blueyed_ is now known as blueyed
[20:50:01] <tuxcrafter> what kinds of techniques can/are used to prevent that people that send email to our mail servers that have lost power (down) are getting an unable to deliver message within 24h. And let the mail server have the behavior that when the server comes up again it will receive the mail that was send the last 24h )
[20:50:50] <blueyed> tuxcrafter: you would have to setup another mailserver and alter the DNS entries probably.
[20:51:23] *** bogomips has quit IRC
[20:51:26] <tuxcrafter> blueyed: so it is only possible with an email relayserver
[20:52:10] <tuxcrafter> blueyed: but i can't control those email relay server
[20:52:29] <tuxcrafter> can they ping a server every 15 min
[20:53:01] *** masida has joined #postfix
[20:53:12] <tuxcrafter> is is just a crazy idea to see the possibilites
[20:53:41] <blueyed> tuxcrafter: do you have a backup MX server setup?
[20:53:56] <flami> hyper_ch,  for meits in the authdeamonrc where i define what modules courier uses to find out where the maildirs are located
[20:53:57] <tuxcrafter> this way you can powerdown a mail server without loosing email when it is
[20:54:13] *** rmayorga has quit IRC
[20:54:13] <tuxcrafter> ah indeed i heard something about backup MX setups
[20:54:17] *** Kurtism has quit IRC
[20:54:23] <tuxcrafter> lets find some more info
[20:54:32] <hyper_ch> flami: what's authdeamonrc?
[20:54:37] *** Kurtism has joined #postfix
[20:54:50] <flami> hyper_ch,  look in the /etc/courier
[20:55:46] <hyper_ch> flami: authdaemon needs also to be started?
[20:56:08] <tuxcrafter> blueyed: http://www.akadia.com/services/postfix_mx_backup.html
[20:56:16] <tuxcrafter> that is indeed what i am looking for
[20:56:26] <hyper_ch> flami: authdaemon is running but I don't find aynthing specific in the config there
[20:57:16] <flami> ... well i ahve it running with mysql ,
[20:57:30] <hyper_ch> flami: I see... :( thx anyway for the help
[20:58:01] <flami> so i have a config file called authmysqlrc
[20:58:14] <flami> i guess you need to have a look at some other config
[20:58:55] <tuxcrafter> blueyed: is it possible to run two mx backup server on different locations to backup themselfs
[20:59:20] <blueyed> sure.
[20:59:38] <blueyed> You can just have multiple MX entries for your domains
[21:02:22] <flami> blueyed,  in the documentation it says : " The before-filter Postfix SMTP server connects to the content filter, delivers one message, and disconnects. " so i guess postfix finishes the smtp communication with the client and then sends the mail to amavis . I dont know how to split it at that point though :/
[21:02:52] *** olinux has joined #postfix
[21:04:09] <blueyed> flami: it would have to use another smtpd_proxy_filter setting, based on if access had not been permited before. Just like FILTER in the access table would overwrite the content_filter setting.
[21:07:53] *** simmerz has joined #postfix
[21:08:51] <simmerz> does anyone have a cyrus+postfix+mysql+web-cyradm setup? I'm having problems having upgraded my apache/php install to apache2/php5
[21:10:28] <flami> hum :/ now it would be nice to know why postfix ignores accesstables in the pre-filter smtp, maybe it just uses sender_access in the after-filter smtp
[21:11:11] *** estibi has joined #postfix
[21:13:55] *** estibi has left #postfix
[21:19:45] *** stony has quit IRC
[21:22:17] *** Bronsky has joined #postfix
[21:23:23] *** KhensU has quit IRC
[21:23:27] *** simmerz has left #postfix
[21:23:55] *** james has joined #postfix
[21:26:11] <james> hello everybody, i am unsure how to setup mynetwork, this is where a subnet which the server will onlylisten to ? Then, should it be set with a large subnet for users to be able to use their mail client from any ip ? thanks in advance for your help ...
[21:27:17] <flami> mynetwork can be 127.0.0.1 , if people use sasl auth send mails
[21:27:34] <james> flami: ok, thanks
[21:28:59] <flami> mynetworks is just a variable.
[21:29:53] <james> you maen that it's only purpose is to have it's value used when using $mynetworks in configuration options ?
[21:30:11] <flami> ye
[21:30:12] <james> s/maen/do you mean/
[21:30:19] <james> ok thanks again
[21:30:34] *** smesjz has joined #postfix
[21:31:30] *** StucKman has joined #postfix
[21:31:54] <StucKman> hi all. where should I configure relayhost auth info?
[21:36:12] *** rmayorga has joined #postfix
[21:36:23] <flami> StucKman,  maybe have a look at this http://www.postfix.org/SASL_README.html#client_sasl
[21:38:32] *** olinux has quit IRC
[21:40:04] *** frennkie has quit IRC
[21:47:48] *** cpm has quit IRC
[21:47:55] *** Kurtism has quit IRC
[21:48:15] *** Kurtism has joined #postfix
[21:48:57] <StucKman> flami: I meant, my postfix server must auth to the relayhost
[21:49:13] <flami> yeah thats it , postfix as a client
[21:49:30] *** tminos has quit IRC
[21:51:32] <blueyed> flami: I've send my question now to postfix-users - maybe there comes a solution up. Thanks for your help.
[21:52:36] *** g1ocke has joined #postfix
[21:52:46] <flami> youre welcome ^^
[21:55:00] <StucKman> flami: even if the auth method is plain login?
[21:55:07] <StucKman> I mean, I don't get sasl right yet
[21:55:57] <flami> well sasl thats what you use when you auth with another server :P . basically if you read this and do the few things it shouldauth itself with the other server
[21:57:36] <StucKman> heeh, and I'm supposed to give a talk about all this :)
[21:57:49] <flami> read that it sais To enable plaintext authentication specify, for example: .....
[21:57:52] <flami> wo
[21:57:53] <flami> :P
[21:58:09] <flami> ok well postfix can have some security options with sasl
[21:58:16] *** g1ocke has left #postfix
[21:58:34] <StucKman> what's exactly sasl?
[21:58:38] <flami> so if it says noplaintext ( or something like this better look upt h exact match ) you cant use plaintext as auth
[21:58:51] <StucKman> I thought it had something to do with ssl or similar
[21:58:56] <flami> sasl is the thing that makes authentication possible
[21:58:57] <flami> no
[21:59:09] *** etaylor has quit IRC
[21:59:09] <flami> telnet a mailserver
[21:59:34] <flami> sasl CAN be encrypted with ssl but doesnt ned to
[22:00:15] <StucKman> flami: I'm on telnet
[22:00:31] <flami> now type EHLO imsohawt.net
[22:00:34] <StucKman> I opened my relayhost's 25
[22:00:37] <flami> you should see somehitn like this
[22:00:52] <flami> 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
[22:00:59] <flami> with other things ^^
[22:01:07] <flami> this AUTH thats sasl
[22:01:08] <StucKman> 250-AUTH LOGIN
[22:01:32] <flami> this means your realy host only supports LOGIN as saslt auth method
[22:01:53] <tuxcrafter> Signum: are you there
[22:02:30] <StucKman> flami: I see
[22:02:39] <flami> LOGIN is still there because some clients ( *cough* M$ *cough* ) arent completely  RFC , PLAIN is basiaclly the same but the RFC name
[22:02:41] <StucKman> I should read more about this, maybe wikipedia
[22:02:58] <flami> well sasl aint the easiest thing ^^
[22:03:25] <smesjz> sasl is death simple with certain setups, like with Dovecot or so or Courier integration
[22:03:32] <smesjz> dead simple too
[22:03:35] <StucKman> flami: we all hate ms and rfc-non-compatible
[22:04:11] <flami> if you now want postfix to use LOGIN as a auth method you need to modify the line smtp_sasl_security_option , so itallows plaintext
[22:04:25] <StucKman> flami: read it, thanks
[22:04:46] <flami> yeah sasl is easy to setup :P but if you need to make  a speecha bout it might be trickier ;)
[22:05:20] <flami> you can also enforce TLS , so there 1st needs to be a TLS before postfix allows sasl auth
[22:05:28] <StucKman> smtp_sasl_type? cyrus?
[22:05:38] <flami> yeah cyrus is the most common
[22:05:41] * smesjz pokes tuxcrafter
[22:05:42] <StucKman> ok
[22:05:43] <flami> they invented it ;)
[22:05:45] <smesjz> and the most difficult ;)
[22:05:48] <tuxcrafter> he smesjz
[22:05:48] <StucKman> heeh
[22:06:01] <flami> not it aint difficult :P
[22:06:12] <tuxcrafter> i like dovecot sasl
[22:06:17] <tuxcrafter> works like a charm
[22:06:20] <flami> you dovecot people are just on a hype ^^
[22:06:27] <flami> my cyrus too :P
[22:06:47] <tuxcrafter> no problem is you want to use cyrus
[22:07:09] <tuxcrafter> i like to use as less programs as possible
[22:07:17] <flami> ill open the church of cyrus ^^
[22:07:28] <theblackbox> where does postfix get it's information to connect to the mysql.sock?
[22:08:33] <flami> theblackbox,  http://www.postfix.org/MYSQL_README.html
[22:08:51] <flami> postfix has a great documentation ^^
[22:09:14] <smesjz> but the website layout is really outdated imho
[22:10:13] *** christian78 has quit IRC
[22:10:43] <theblackbox> I understand the basics of postfix/mysql integration, but you haven't answered my question
[22:10:55] <StucKman> flami: it does, yes. I just need more time to read it
[22:11:42] <tuxcrafter> smesjz: Signum:  when i run my amavis daemon that scans my email it will go to smtp ->local:10025->back to smtp all these steps have receive parts that are logged in the mail header. I don't like this because it makes an unnecessary mess of the header. Is there a good way to clean up the header before it goes to the users mailbox
[22:12:21] <smesjz> theblackbox: it gets the mysql.sock location from the libmysqlclient**.so But if it doesn't work, try to make a mount --bind link
[22:12:46] *** hyper_ch has left #postfix
[22:12:47] <smesjz> theblackbox: like mount --bind /var/run/mysqld /var/spool/postfix/var/run/mysqld  . That does the trick for most people
[22:12:56] <theblackbox> riiiight, excellent
[22:13:07] <smesjz> and add smthing like that to the /etc/fstab
[22:13:30] <flami> oh i didnt really read what you wrote :P i just saw mysql
[22:13:30] *** funburn has quit IRC
[22:13:43] <theblackbox> lol, np ;)
[22:14:01] <smesjz> tuxcrafter: there is a setting that controls it I think. Not sure where to find it though
[22:14:22] <smesjz> You can make a header_checks that discards the inserted Received header
[22:14:36] <smesjz> never tried it myself though
[22:15:17] <tuxcrafter> isn't there a easy way to alter the smtp in master.cf to not change the headers
[22:15:28] <tuxcrafter> i think i really need a local smtp thing
[22:15:55] <tuxcrafter> that does not use the rulez for the external smtp options
[22:16:03] <tuxcrafter> lmtp
[22:16:12] <smesjz> dunno
[22:17:06] <StucKman> I'm reading^Wskimming the rfc-4422, but I can't see any example of login conversation beteween server and client
[22:17:06] <tuxcrafter> all my problems i have with postfix are because of the fact that postfix sees local mails as externals
[22:17:41] <tuxcrafter> and applies also the external rules that are not needed for local mail
[22:18:07] <tuxcrafter> hmm maybe i know a trick
[22:18:30] <flami> lllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll
[22:18:39] <flami> ahh crap something was on my keyboard
[22:18:42] <flami> sorry
[22:18:44] <many> ,)
[22:18:44] <StucKman> flami: nice
[22:19:48] *** stellina has joined #postfix
[22:20:00] *** dbau has joined #postfix
[22:20:27] <flami> stuckman ... well it always starts with EHLO (hostname) ... then the server answers with all the ESMTP machanisms available .
[22:20:56] <flami> which include AUTH LOGIN... and AUTH=LOGIN .... ( = for M$ again)
[22:21:15] <smesjz> tuxcrafter: use receive_override stuff
[22:21:25] <smesjz> that disables these checks
[22:21:34] <smesjz> s/these/certain/g
[22:21:54] *** fietronic has quit IRC
[22:21:58] *** fietronic has joined #postfix
[22:22:10] <flami> to auth with the server in plain you send AUTH PLAIN ( username + password encoded in base64 )
[22:22:19] <flami> and you are authed with the server
[22:23:13] <flami> then ther server answeres 235 Authentication successful
[22:23:34] <flami> after this you can do the normal SMTP stuff ( MAIL FROM .... )
[22:25:07] <mofino> Is it possible to have certain settings for certain IPs?
[22:25:14] <mofino> certain client IPs
[22:26:00] <StucKman> flami: tx
[22:26:14] *** puzzled has joined #postfix
[22:26:26] <puzzled> evening all
[22:26:32] <StucKman> flami: AUTH PLAIN (user + passwd ) <-- taht's the exact format?
[22:26:33] <flami> cram-md5 and other encrypted sasl methods arent that easy ^^
[22:26:46] <StucKman> flami: I know
[22:26:49] <flami> well user + password are encrypted in base64
[22:26:53] <puzzled> ah sasl stuff. just what I am getting myself into
[22:27:04] *** higuita has quit IRC
[22:27:50] <james> [postfix/qmgr] E447619EC9A6: from=<>, size=2713, nrcpt=1 (queue active); [postfix/bounce] ED16119EC9A4: sender non-delivery notification: E447619EC9A6 when trying to email me at gmail dot com from squirrelmail : means that postfix refused to forward the email ? can i know what configuration option made it to do it ? thanks in advance
[22:28:28] <flami> eg you can use  perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password");' to get it
[22:28:49] <StucKman> flami: ok
[22:28:58] *** christian78 has joined #postfix
[22:29:03] <StucKman> user\0user\0passwd, how interesting
[22:29:05] <smesjz> tuxcrafter: so is everything working now in your setup?
[22:29:33] <tuxcrafter> smesjz: i am still not happy but i am far pasted regular tutorials
[22:30:09] <smesjz> but only minor issues left, right? :)
[22:30:19] <flami> im not a god in encoding stuff in base64 ^^ but this should be it
[22:30:23] <tuxcrafter> smesjz: the big problems are in the details :-P
[22:30:25] *** tminos has joined #postfix
[22:31:29] *** pirho has joined #postfix
[22:31:31] <puzzled> StucKman: search the mailing list archives recently there was some discussion about base encoding passwords
[22:31:44] <smesjz> well, dont make a big problem out of small things ;)
[22:32:00] <tuxcrafter> smesjz: that is a other way of saying the same thing :-D
[22:32:11] <tuxcrafter> an
[22:32:29] <smesjz> uhm, is it?
[22:33:03] <james> oh, postfix politely told me cannot update mailbox /home/james/.maildir for user james. cannot open file: Is a directory
[22:33:33] <puzzled> james: iirc for maildir in your config you need to add a slash "/" behind the dir name
[22:33:34] <james> wasn't it supposed to be a directory ?
[22:33:43] <james> puzzled: ok thanks
[22:34:36] <james> puzzled: works :)
[22:34:50] <tuxcrafter> smesjz: do you know a way to let amavis deamon paste mail to the lmtp instead of smtp
[22:35:02] <tuxcrafter> s/paste/send/
[22:35:54] <puzzled> tuxcrafter: just replace smtp with lmtp in master.cf
[22:36:02] <tuxcrafter> puzzled: tried that
[22:36:28] <smesjz> tuxcrafter: i never used lmtp, only smtp. Not sure which protocols amavis supports though
[22:36:37] <smesjz> but read up and you'll know ;)
[22:36:38] <puzzled> afaik both
[22:36:48] <tuxcrafter> smtp-amavis unix -      -       y     -       2  lmtp
[22:36:49] <tuxcrafter> 127.0.0.1:10025 inet n  -       y     -       -  lmtp
[22:37:14] <smesjz> are you only caring about the header?
[22:37:34] <puzzled> tuxcrafter: here is what I have in master.cf http://pastebin.ca/523557
[22:37:37] *** killown has quit IRC
[22:38:10] <tuxcrafter> smesjz: if i can bypass the external security by using local mail local that would be great
[22:38:19] <tuxcrafter> smtp uses externel things
[22:38:42] <smesjz> isnt that what receive override is all about?
[22:38:50] <smesjz> like: -o receive_override_options=no_header_body_checks,no_address_mappings,no_unknown_recipient_checks
[22:39:06] <smesjz> i am not sure which 'external security' you're talking about
[22:39:11] *** rootsvr has joined #postfix
[22:39:28] <tuxcrafter> puzzled: and your return padd
[22:39:30] <tuxcrafter> pad
[22:39:49] <smesjz> s/pad/path/
[22:40:19] *** rcsudo has quit IRC
[22:40:58] <puzzled> tuxcrafter: http://pastebin.ca/523566
[22:41:18] *** rogue780|mythser has quit IRC
[22:41:23] <james> [postfix/qmgr] E32B719EC9AF: from=<>, size=2701, nrcpt=1 (queue active) : does that mean that postfix ignores the sender ?
[22:41:49] *** rogue780|mythser has joined #postfix
[22:41:50] *** brancaleone has quit IRC
[22:42:03] <smesjz> james: no, the sender uses that to indicated it's a bounce
[22:42:05] <puzzled> james: no, just that there is no from defined. you see that in spam but iirc also with bounces
[22:42:10] <smesjz> like: MAIL FROM: <>
[22:42:48] <smesjz> but it's evil to block it
[22:43:20] <james> this is logged when i try to send a mail from squirrelmail/mutt, do you think it's the reason why it gets rejected ?
[22:43:59] <smesjz> it should be in the logs
[22:44:16] *** csm-laptop has quit IRC
[22:44:28] <james> right, works with mutt but not with squirrelmail
[22:45:03] <smesjz> so, show us the logs young padawan ;)
[22:46:00] <ek> Squirrelmail is usually dumped using the web application's system username.
[22:46:15] <ek> IE: <www> or <apache>.
[22:46:23] <puzzled> yes that's what I thought too
[22:46:36] <james> kenobi : http://pastebin.ca/523579
[22:46:58] <smesjz> jamsepic ?
[22:47:00] <smesjz> jamespic?
[22:47:00] <ek> james: How are you using squirrelmail's setup to send?
[22:47:13] <james> smesjz: what ? do we know each other ?
[22:47:21] <smesjz> mind the type sherlock ;)
[22:47:26] <smesjz> typo
[22:47:34] <smesjz> *sigh*
[22:47:48] <puzzled> heheh
[22:47:55] <ek> Ah. That's just a bounce.
[22:47:58] <ek> ... james.
[22:48:03] <ek> Nothing to be worried about.
[22:48:29] <james> i am not worried, but the mai~ doesn't arrive and mailer-daemon doesn't reply anything
[22:48:29] <smesjz> ek: there should be more in logs on that bounce
[22:48:30] <ek> Just dumping it directly back to you. Because there is no official sender.
[22:48:41] <ek> Hrm.
[22:48:42] <james> ok, squirrelmai~ config
[22:48:52] <james> thank you jedis 8)
[22:49:02] <ek> If you're not getting the bounce back to you, that's a problem.
[22:49:35] <james> I have this problem ...
[22:49:38] *** smesjz has quit IRC
[22:49:45] *** christian78 has quit IRC
[22:49:57] *** killown has joined #postfix
[22:53:20] <puzzled> StucKman: here is a simple perl script to base encode username+password for sasl: http://pastebin.ca/523610
[22:57:35] *** rootsvr has quit IRC
[22:57:40] <Spec> if i want to send mail to "foo.domain.com", do I need an MX record in dns for 'foo.domain.com'?
[22:58:07] <sepski> Spec, if fall back to A record if there is no MX
[22:58:24] <Spec> so it should work if there's an A record and no MX record?
[22:58:41] <sepski> Spec, if the A points to the right ip yes
[22:59:04] <ek> Exactly.
[22:59:18] <ek> If foo.domain.com also resolves to domain.com, it will work.
[22:59:45] <ek> Well, as long as domain.com is running the SMTP you plan on connecting to.
[23:00:56] *** stellina has quit IRC
[23:02:03] *** chrisc}{i has joined #postfix
[23:02:08] <mh_le> is anyone here familiar with a way of getting postfix to do amtp auth agaist a mysql table?
[23:02:22] <mh_le> against even
[23:03:48] *** flami has quit IRC
[23:03:53] <Spec> i can ping the domain 'foo.domain.com', but when i send an e-mail to it i get in my logs: "name=foo.domain.com type=A: Host not found"
[23:05:48] *** unclecameron has quit IRC
[23:06:32] <james> <jamsepic at gmail dot com>: host gmail-smtp-in.l.google.com[209.85.135.27] said: 550 5.1.1 No such user w5si629749mue (in reply to RCPT TO command) : means that a configuration prevents it to transfer the mail right ?
[23:10:07] *** roe__ has quit IRC
[23:10:59] *** pbh has joined #postfix
[23:13:24] <pbh> need help with: "no SASL authentication mechanism". I have installed the cyrus libs, the smtpd.conf is set, and still the same message... :(
[23:14:20] <mofino> pbh, are you limiting yourself to plain and login for mechanisms?
[23:14:51] <pbh> no
[23:14:57] <james> pbh: make sure that you did the "postfix reload"
[23:15:20] <pbh> yes i did
[23:15:27] *** hkai1 has joined #postfix
[23:15:32] *** pirho has quit IRC
[23:15:33] <mofino> pbh, are you aware of the pitfalls with cram-md5?
[23:16:01] <pbh> not really..
[23:17:00] *** hkai1 has left #postfix
[23:17:17] <pbh> is that the reason for the no SASL message?
[23:18:23] <james> pbh: "Yet at the moment Cyrus-SASL lacks sufficient documentation and does not provide meaningful error messages.
[23:18:30] <james> from : http://postfix.state-of-mind.de/patrick.koetter/smtpauth/what_is_smtp_auth.html
[23:19:30] <pbh> thanks james... I'll save this on my bookmarks
[23:21:19] <pbh> what can I start checking to troubleshoot this: "no SASL auth mechanism" message?
[23:26:57] *** fujin has joined #postfix
[23:29:09] <Dominian> smtp-auth rocks
[23:29:26] *** StucKman has left #postfix
[23:31:55] *** ^majik^ has joined #postfix
[23:32:32] *** brancaleone has joined #postfix
[23:36:38] <tuxcrafter> puzzled: http://pastebin.ca/523717\
[23:37:00] <^majik^> got a question.. I'm setting up a secondary/backup mx using postfix and this box is also going to be sending e-mail *from* our local domains; my question is, for the local domains that this postfix server is only acting as the outgoing server (not also acting as a backup mx), do these domains need to be listed in relay_domains alongside the domains using it for a backup mx?
[23:37:06] <tuxcrafter> i am not able to remove the extra added recieved headers when using the amavis deamon
[23:37:24] <tuxcrafter> s/deamon/filter/
[23:38:05] *** pirho has joined #postfix
[23:38:20] <tuxcrafter> ^majik^: http://www.akadia.com/services/postfix_mx_backup.html
[23:38:20] <tuxcrafter> maybe this can help you
[23:40:32] <tuxcrafter> http://pastebin.ca/523717\ > I am not able to remove the extra added received headers when using the amavis filter, can somebody help me?
[23:41:06] <mh_le> is anyone here familiar with a way of getting postfix to do amtp auth agaist a mysql table?
[23:42:22] *** Kurtism has quit IRC
[23:42:27] *** Kurtism has joined #postfix
[23:47:00] <Supaplex> I somehow managed to do it. I don't recall how though. :)
[23:47:11] <mh_le> oh :(
[23:47:32] <Supaplex> I think it's sasl territorry
[23:49:05] <mh_le> yeah, it doesn't want to do what I tell it though
[23:49:16] <tuxcrafter> mh_le: the sasl dovecot sql implementation works great and is good documentated
[23:49:57] <mh_le> if it had support for virtual domains/users and had a webinterface I _might_ considder it
[23:51:03] *** conico has quit IRC
[23:52:29] <mh_le> tuxcrafter: but then, it woulden't really matter if I used dovecot since it's postfix I want to be able toauth agaist mysql... IIRC dovecot is a MDA
[23:53:15] <many> dovecot is a pop3/imap4 server
[23:53:20] <tuxcrafter> mh_le: then i dont know what you want to do exactly
[23:53:55] <tuxcrafter> yes i thought he wanted MUA client sasl auth with sql
[23:53:58] <mh_le> tuxcrafter: I want postfix to authticate users for outgoing mail against a mysql DB
[23:54:11] <mh_le> smtp auth
[23:54:16] <tuxcrafter> mh_le: ah ok
[23:54:22] <tuxcrafter> just mapping
[23:55:51] <tuxcrafter> postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination'
[23:55:54] <tuxcrafter> like that
[23:56:17] <tuxcrafter> permit_sasl_authenticated and reject_unauth_destination with now premit on the end
[23:56:27] <tuxcrafter> s/premit/permit/
[23:57:32] <tuxcrafter> hmm i believe this still goes trough dovecot -> postfix in my case i think not for sure sorry
[23:58:54] *** chrisc}{i has quit IRC





top