October 1, 2007 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
October 1, 2007 [00:00:20] *** magyar has joined #postfix[00:01:01] <pipatron> Hm[00:01:10] <pipatron> authorized_flush_users[00:01:28] <pipatron> When does it make sense to permit random people to flush the queue?[00:01:35] * hparker has had users he wanted to flush[00:01:36] *** Dewi has joined #postfix[00:02:02] <pipatron> Or maybe my question is: would anything very bad happen if I make it empty?[00:03:16] *** apeiron has quit IRC[00:03:19] *** apeiron has joined #postfix[00:03:36] *** duki has quit IRC[00:04:01] *** duki has joined #postfix[00:09:08] *** duki has quit IRC[00:09:30] *** duki has joined #postfix[00:09:41] *** nurettin has quit IRC[00:13:51] *** Dewio has quit IRC[00:15:02] *** pingouin has quit IRC[00:20:27] <null1> uhmm, where maildroprc gets the values passed by postfix like $DOMAIN, $USER, $MAILQUOTA?[00:20:31] <null1> or how?[00:23:49] *** duki has quit IRC[00:23:51] *** _matt is now known as matt_[00:24:11] *** duki has joined #postfix[00:25:42] *** thesaint4444 has joined #postfix[00:28:38] <thesaint4444> anybody out there?[00:29:53] <jelly-home> there's no one out there.[00:30:16] <rob0> nobody but us bots[00:30:22] <rob0> !rob0[00:30:23] <knoba> rob0: "rob0" : a bot that reacts to newly joined users with reciting the !basic factoid :)[00:32:24] *** duki has quit IRC[00:32:46] *** duki has joined #postfix[00:35:12] *** diveli has joined #postfix[00:37:49] *** duki has quit IRC[00:38:00] *** duki has joined #postfix[00:38:04] * pipatron subtly advertises some good italo disco: Ken Laszlo - Tonight[00:40:27] <hparker> duki: connection problems?[00:41:34] *** pingouin has joined #postfix[00:41:42] *** war has quit IRC[00:53:17] *** unixtippse has quit IRC[00:57:48] *** Dewio has joined #postfix[01:06:18] <pipatron> hm[01:06:20] <pipatron> "If you use the mail_spool_directory setting for maildir style delivery, then you must create the top-level maildir directory in advance."[01:06:37] <null1> what is the correct site to put quotawarnmsg using courier?[01:07:04] <pipatron> Those maildir directories, what user/group/permissions would be necessary?[01:10:17] *** Dewi has quit IRC[01:13:34] <null1> what is the way to check config file on postfix?[01:14:51] <rob0> For maildir and local(8), I think home_mailbox makes more sense.[01:15:48] <pipatron> Possibly[01:18:26] <null1> rob0: one question, if I don't use VDA patch, what is the way to get the limit per user using mysql? virtual_mailbox_limit = mysql:* ?[01:21:04] *** wwalker has joined #postfix[01:21:15] <wwalker> I have to setup outgoing mail from postfix to use port 587, SMTP Auth, PLAIN. anyone know the proper way to do that in Ubuntu? (I moved over from Fedora / sendmail where it's uncomment one line, I assume it's also easy in Ubuntu/postfix but I don't see it)[01:21:45] <wwalker> oh, and a "smarthost"[01:24:38] <wwalker> it seems I would set relayhost to my upstream MTA's hostname, but I don't see anywhere to setup outbound SMTP auth[01:26:44] *** smithj has left #postfix[01:31:37] *** Dewi has joined #postfix[01:33:01] <rob0> !sasl_readme[01:33:02] <knoba> rob0: "sasl_readme" : www.postfix.org/SASL_README.html[01:33:17] <rob0> wwalker: ^^ #client_auth anchor[01:34:51] <rob0> null1: Um, correct me if I'm wrong (I don't use any of this stuff), but I think if you don't use the virtual quota patch, you don't have virtual(8) quota features?[01:34:59] <null1> rob0: If I use maildrop to check quota, this line has sense? virtual_mailbox_limit = mysql:/filelimit (it returns the user quota limit), it works[01:35:36] <null1> rob0: yes, then I use maildrop to put quota, has sense? :)[01:35:53] <null1> I was remove VDA patch to do not have any externa patches[01:36:22] <rob0> I don't understand why you are asking me in particular.[01:36:45] <null1> sometimes ago you help me, I am think that you are an expert :)[01:41:18] <wwalker> rob0: I think I have it working now. How do I get postfix to retry sending things in the queue? apparently they've not sat long enough so it doesn't try to resend them when I restart postfix[01:41:42] <rob0> I know a few things, but I don't know about the stuff I've never used.[01:41:46] <pipatron> postqueue -f maybe[01:41:59] <rob0> (Especially stuff that involves patches.)[01:42:50] <wwalker> pipatron: thank you! my queue is empty and mail.log says sent :)[01:43:12] * pipatron is now a certified #postfix expert[01:43:12] <null1> rob0: well, in anyway thanks, but now my idea is to do not use patches :)[01:43:22] <wwalker> rob0: thanks for the SASL pointer[01:44:29] *** Dewio has quit IRC[01:50:50] *** flami has joined #postfix[01:55:15] *** Dewio has joined #postfix[01:56:32] <thesaint4444> hi guys can anybody help me with a postfix + courier imap + mysql server setup on unbuntu - its got me stumped ...[01:58:03] <thesaint4444> everything seems ok but I cant login via pop through my email client ...[02:00:48] <pipatron> Isn't that because you're using IMAP instead of POP?[02:01:42] <thesaint4444> pipatron - hi, no i think i am using pop....[02:02:03] <pipatron> Ok[02:02:10] <pipatron> just that you wrote 'courier imap'[02:02:55] <thesaint4444> pipatron - yes, it does both doesnt it?[02:03:37] <pipatron> imap is not pop, and the other way around[02:04:00] <pipatron> It's two different ways to fetch mail, often you have both, but I have no idea what courier does.[02:04:23] <flami> courier-imap == imap courier-pop == pop ....[02:04:36] <flami> 2 different packages[02:04:59] <thesaint4444> ok...[02:05:06] <rob0> Um, I think not. Courier-IMAP includes POP3.[02:05:13] <rob0> last I saw[02:05:41] <flami> well i start /etc/init.d/courier-pop .../courier-imap[02:05:49] <flami> so i think it was 2 different ones[02:05:56] <thesaint4444> yes, understand, i have got the basics going...[02:06:15] <pipatron> Check if 'netstat -nlt' lists anything on port 110[02:06:17] <flami> ( actually 4 , considereing pop-ssl and imap-ssl[02:06:58] <flami> http://workaround.org/articles/ispmail-etch/ look at this ... ( or was this one dovecot )[02:07:30] *** Dewi has quit IRC[02:07:44] <thesaint4444> yes... port 110 is there along with some others[02:07:57] <pipatron> Good, so you have a POP3 server :)[02:08:43] <thesaint4444> ports 143, 110 and 995[02:09:07] <thesaint4444> yes i think it is up but for some reason it wont authenticate against the mysql db[02:09:32] <thesaint4444> this is the first time i have done a mail server setup but i have a good idea what is going on now...[02:09:42] <flami> http://workaround.org/articles/ispmail-sarge .. this one has mysql and courier[02:09:43] * pipatron quickly lose interest after reading 'sql'[02:09:45] <thesaint4444> but i am stuck![02:09:48] <flami> maybe have a look at this[02:10:00] *** FalconKirtaran has joined #postfix[02:10:23] <flami> then also there are logs , i guess courier is complaining somewhere[02:10:29] <thesaint4444> the setup i have is from urbanpuddle.com[02:11:41] <thesaint4444> any ideas how I should try to fault find? - mainly get some variation of this message: 535 Error: authentication failed[02:11:57] <thesaint4444> if i try to connect by pop from command line..[02:12:39] <thesaint4444> i have followed the workaround page and gone through it all ....[02:15:00] <thesaint4444> any suggestions?[02:17:01] <FalconKirtaran> my mailserver will deliver mail to my main domain (iridiumlinux.org), and send mail across itself to my virtual domain (ryunobaka.com), but it will not deliver mail from an external source to the virtual domain. Any thoughts as to why?[02:17:14] <FalconKirtaran> it silently fails... no bounce message or log or anything.[02:18:27] <thesaint4444> falcon -sorry to hear about your mail woes! - i cant help just doing this for the first time...[02:19:25] <FalconKirtaran> thesaint4444, how are you doing your authentication?[02:19:36] <FalconKirtaran> is this pop-before-smtp?[02:20:26] <thesaint4444> falcon - pop via an email client to main host address on server[02:21:30] <FalconKirtaran> wouldn't that be an issue with your POP server, then, rather than postfix?[02:21:50] <thesaint4444> sasl?[02:22:10] <FalconKirtaran> probably not that, directly[02:22:18] <FalconKirtaran> something like dovecot[02:22:36] <thesaint4444> i am using courier pop[02:23:08] <thesaint4444> yes probably but it is all tied in together so i thought here would be a good place to start :-)[02:23:14] <FalconKirtaran> that's probably where the error is coming from, then[02:23:23] * FalconKirtaran nods[02:23:39] <thesaint4444> i think you are probably correct[02:23:48] <FalconKirtaran> usually, postfix (as an SMTP server) doesn't touch POP or IMAP authentication.[02:23:59] <FalconKirtaran> and I'm totally lost as to SASL.[02:23:59] <thesaint4444> yes....[02:24:00] *** Dewi has joined #postfix[02:24:20] <thesaint4444> so what is your setup?[02:24:24] <FalconKirtaran> me?[02:24:36] <FalconKirtaran> I use dovecot as an IMAP server, and postfix for SMTP[02:24:39] *** prebur45 has quit IRC[02:24:52] <FalconKirtaran> postfix delivers the mail to separate locations for system accounts and virtual inboxes[02:25:09] <FalconKirtaran> and then dovecot determines which one the mail is in and pulls it out of that.[02:25:41] <FalconKirtaran> the passwords come either from the database of virtual mailboxes or PAM.[02:25:48] <thesaint4444> falcon - how do you authenticate?[02:26:02] <thesaint4444> falcon - any other security?[02:26:25] <FalconKirtaran> dovecot looks for the password in PAM and if it can't find it, it looks in a mysql database. it accepts both SSL and plain connections.[02:26:52] <FalconKirtaran> I don't really do much more than that.[02:26:55] <thesaint4444> ok, is dovecot ok to configure?[02:27:01] <FalconKirtaran> trivial...[02:27:11] <thesaint4444> hmmm...[02:27:11] <FalconKirtaran> but if you're using courier, there must be some reason...[02:27:22] <FalconKirtaran> though, I have mailman working with dovecot as well.[02:27:28] * pipatron is definately going to use dovecot when he needs a mailserver[02:27:45] <thesaint4444> falcon - how about pop?[02:27:54] * FalconKirtaran doesn't use POP[02:28:08] <FalconKirtaran> but dovecot, courier, and a lot of other mailservers all support it[02:28:14] <FalconKirtaran> I just don't really like how it works.[02:28:26] <FalconKirtaran> but the authentication really shouldn't be all that different.[02:28:45] <FalconKirtaran> where are all your passwords stored?[02:28:54] <thesaint4444> falcon - yes i cant see where the problem is coming from... - mysql table[02:29:02] <FalconKirtaran> mysql...[02:29:12] <FalconKirtaran> so you're using SASL to query mysql for a password hash?[02:29:43] <FalconKirtaran> if you are, my first guess is that it is not able to SELECT from the table.[02:30:05] <thesaint4444> falcon - exactly..[02:30:10] <FalconKirtaran> (no socket, no server, no access...)[02:30:24] <FalconKirtaran> did you recently upgrade mysql from 4.x to 5.x?[02:31:02] <FalconKirtaran> better yet. at a command line, type 'mysql -p' and see if you can log in with root's mysql password.[02:31:04] <thesaint4444> umm... i looked at those config settings first and checked carefully - /var/log/mysql/mysql.log shows nothing[02:31:12] *** amrit is now known as amrit|bbl[02:31:16] <FalconKirtaran> it doesn't generally show password failures[02:31:25] <thesaint4444> i have done that already...[02:31:27] <FalconKirtaran> (why, I don't know, and I wish I knew how to get it to)[02:31:30] <FalconKirtaran> it works?[02:31:36] <thesaint4444> yes[02:31:51] <FalconKirtaran> hmm... did you try to use it to log in as the user that's looking for the password hashes?[02:31:52] <thesaint4444> i am familiar with mysql...[02:32:09] <FalconKirtaran> I'll just assume that part of it works.[02:32:09] <thesaint4444> 5 mins...[02:32:18] <thesaint4444> double check :-)[02:32:36] <FalconKirtaran> One thing I was dealing with earlier today was that dovecot was using the wrong hash to check the password...[02:32:52] <FalconKirtaran> postfix-admin uses MD5-CRYPT[02:33:07] <FalconKirtaran> (or cleartext, god forbid)[02:33:22] <thesaint4444> yeah no problems there...[02:33:43] <FalconKirtaran> did you try to run a query of some kind on it?[02:33:56] <thesaint4444> ok .. 2 mins..[02:34:29] *** duki has quit IRC[02:37:00] *** Dewio has quit IRC[02:37:39] *** wwalker has left #postfix[02:38:10] <thesaint4444> falcon - database is working ok...[02:38:40] <FalconKirtaran> that's good.[02:38:58] <FalconKirtaran> what does courier think the password hash mechanism is?[02:39:25] <thesaint4444> hmm.. looking[02:42:00] <thesaint4444> passwordcheck=saslauthd -from postfix/sasl/smptd.conf not sure if that is it....[02:42:07] *** flami has quit IRC[02:42:20] <FalconKirtaran> it looks like it just passes it to SASL[02:42:27] <FalconKirtaran> it'll probably say somewhere in smtpd.conf[02:42:59] <thesaint4444> mech list = plain login ?[02:43:18] <FalconKirtaran> not that... the password hash in use.[02:43:31] <thesaint4444> what am i looking for?[02:43:46] <FalconKirtaran> it probably says things like cram-md5, md5-crypt, sha1, and the like[02:43:55] *** pitakill has quit IRC[02:43:58] <thesaint4444> the acual password is in that file and it is not encrypted...[02:44:32] <thesaint4444> it connects to the database and gets the 'encrypted' password from the mysql table...[02:44:50] <thesaint4444> i thought that gets passed to postfix...[02:46:05] <FalconKirtaran> it shouldn't.[02:46:16] <magyar> hi, what could this be? "Can't send mail: sendmail process failed with error code 75"[02:46:19] <FalconKirtaran> courier should handle the authentication by itself.[02:46:29] <FalconKirtaran> magyar, any other errors?[02:46:51] <magyar> postdrop: warning: uid=106: Illegal seek[02:46:58] *** ki_ has joined #postfix[02:47:03] <FalconKirtaran> thesaint4444, the actual password is where?[02:47:29] <thesaint4444> the mysql root password and database name etc in smptpd.conf[02:47:41] <FalconKirtaran> magyar, hmm...[02:47:54] <FalconKirtaran> thesaint4444, oh, I mean the password for the user to log in.[02:48:07] <FalconKirtaran> somewhere it should specify how it is encoded[02:48:12] <magyar> FalconKirtaran: yeap, happens to me all the time[02:48:13] <thesaint4444> falcon - so it can connect to the database and do the look up - that is in the mysql table...[02:48:18] *** ki__ has joined #postfix[02:48:34] <FalconKirtaran> either in courier's config, or in the smtpd.conf file for sasl, it should say how.[02:48:39] <thesaint4444> falcon - any ideas where?[02:48:48] <FalconKirtaran> one of those two places, I'd hope[02:48:54] <FalconKirtaran> or somewhere else in SASL's config[02:49:01] <thesaint4444> not in smtpd.conf - i will look in courier conf...[02:50:29] *** pitakill has joined #postfix[02:53:31] <FalconKirtaran> magyar, does user 106 have permissions to write to the target maildir?[02:54:35] <magyar> send-mail: fatal: logcheck(106): queue file write error[02:55:06] <magyar> where is the queue file?[02:55:10] <FalconKirtaran> my guess is that it doesn't have permission to write to the mail queue.[02:55:18] <FalconKirtaran> /var/postfix, I think.[02:55:19] <magyar> all users should[02:55:36] <magyar> this is a system daemon[02:55:46] <magyar> system user[02:55:49] <FalconKirtaran> no, /var/spool/postfix[02:56:00] <thesaint4444> falcon - POP3AUTH="" - in courier/pop3d it is blank....[02:56:05] <FalconKirtaran> with a UID like 106, it better be.[02:56:15] <FalconKirtaran> thesaint4444, that's probably why.[02:56:24] <thesaint4444> what should it be?[02:56:27] <FalconKirtaran> it probably doesn't know where to look for the password hashes.[02:56:29] <FalconKirtaran> um...[02:56:36] <FalconKirtaran> you'd have to look in the courier docs.[02:57:03] <thesaint4444> falcon - hmm.. ok, will do - thanks for your help![02:57:04] <FalconKirtaran> magyar, it might be good to check[02:57:08] <FalconKirtaran> thesaint4444, anytime.[02:57:30] <thesaint4444> falcon - maybe i will switch over to dovecot - sounds better ...[02:57:44] <FalconKirtaran> thesaint4444, easier to configure, maybe.[02:57:49] *** Dewio has joined #postfix[02:57:55] <FalconKirtaran> I don't think it's quite as versatile, as I'm finding...[02:57:56] <thesaint4444> falcon - what do you do for spam control?[02:58:05] <FalconKirtaran> thesaint4444, I try and fail :P[02:58:10] <rob0> send-mail ?[02:58:28] <thesaint4444> falcon - lol[02:58:38] <FalconKirtaran> then again, I don't have a lot of spam to test it on[02:58:43] <thesaint4444> if only my penis was bigger![02:58:50] <FalconKirtaran> I'm trying to get spamassassin set up, though[02:58:50] <rob0> I wonder if that is even a Postfix log entry?[02:58:55] <thesaint4444> falcon - you are lucky...[02:59:01] <rob0> magyar: ^^[02:59:12] <FalconKirtaran> rob0, good point[02:59:22] <FalconKirtaran> it didn't look like it, did it.[03:00:29] <magyar> i am missing some files in /var/spool/postfix[03:00:33] <magyar> prng_exch[03:00:41] <rob0> yikes[03:00:42] <magyar> smtpd_scache.db[03:00:46] <magyar> smtp_scache.db[03:01:06] <rob0> Don't go messing around with low level stuff if you don't know what you're doing![03:02:14] <magyar> i didnt do jack, i rebooted the server[03:05:12] *** ki_ has quit IRC[03:06:55] *** Tachy_ has joined #postfix[03:11:07] *** Dewi has quit IRC[03:12:09] * FalconKirtaran swears horribly[03:12:19] <FalconKirtaran> stuipd upstream making me panic for nothing.[03:12:51] <FalconKirtaran> it couldn't send mail to my virtual domain because my virtual domain was not resolving because my DNS provider wasn't telling anyone where my nameserver was.[03:13:37] <FalconKirtaran> aand now my test emails start pouring in.[03:14:01] <FalconKirtaran> magyar, you might want to think about reinstalling postfix.[03:14:08] <FalconKirtaran> and checking your disk for bad blocks.[03:14:31] *** hparker has quit IRC[03:15:00] <magyar> did it, those files are still missing, but logcheck just mailed a report[03:15:03] <magyar> bahh[03:15:12] <FalconKirtaran> hmm?[03:15:13] <magyar> am switching to exchange 5.5[03:15:21] <FalconKirtaran> 0.o[03:15:23] <magyar> you wish[03:15:26] <magyar> eheeheh[03:15:30] <FalconKirtaran> why on earth would you use exchange 5.5?[03:15:43] <magyar> cause am old school[03:16:28] <FalconKirtaran> you know, I remember reading an article in pc world or something a while back, right around the GPLv3, about how stallman was apparently trying to destroy OSS...[03:16:38] <FalconKirtaran> I nearly burned the copy.[03:16:44] * FalconKirtaran sighs[03:17:12] <FalconKirtaran> you might try giving postfix write permissions on the directory where the queues reside.[03:17:45] <FalconKirtaran> it is also possible that something other than postfix is recieving your mail and trying to deliver it.[03:19:12] *** Tachy has quit IRC[03:20:26] *** Dewi has joined #postfix[03:20:33] <FalconKirtaran> ergh[03:20:42] <FalconKirtaran> now I'm being spammed with my own test messages -.-[03:20:53] <magyar> nahh, only postfix on 25, would be a disaster if some other would sit in 25[03:21:30] <FalconKirtaran> yeah... but since when was send-mail a postfix component?[03:22:04] <FalconKirtaran> maybe are you trying to send mail locally (eg. emailed log messages, or something)?[03:22:26] <rob0> There is "sendmail" but that's how it identifies itself, without the hyphen.[03:22:44] <FalconKirtaran> yeah.[03:22:51] <rob0> postfix/sendmail[$PID_NUMBER][03:23:00] <FalconKirtaran> is the log format?[03:23:23] <rob0> yes, except s/sendmail/name_of_postfix_process/[03:23:57] <rob0> so smtpd is postfix/smtpd[$PID][03:24:30] <FalconKirtaran> figures.[03:24:48] <FalconKirtaran> from this we can determine that the error is obviously not being generated by postfix[03:24:58] <FalconKirtaran> (or, in fact, any other SMTP daemon I know of)[03:25:26] *** githogori has joined #postfix[03:27:16] <magyar> Sep 30 20:04:42 secondary postfix/postdrop[31898]: warning: uid=106: Illegal seek[03:27:16] <magyar> Sep 30 20:04:42 secondary postfix/sendmail[31897]: fatal: logcheck(106): queue file write error[03:27:26] <magyar> fyi[03:28:35] <rob0> well indeed, those look like proper logs. But what did you do to break things?[03:29:26] <magyar> reboot the server, installed a security patch for linux-image-2.6.15[03:29:47] <rob0> SELinux?[03:29:52] <FalconKirtaran> it is nearly certain that it does not have permission to write to its own queue.[03:30:05] <magyar> rob0: nope[03:30:23] <rob0> what OS?[03:31:01] <magyar> etch, just few days ago released a kernel update, did it on few mailservers, this one got a hickup[03:31:27] <magyar> now seems to be okay, did a reinstall on postfix pkg[03:31:41] <FalconKirtaran> it works now?[03:31:52] <magyar> roger[03:31:58] <FalconKirtaran> that's good.[03:32:40] <magyar> but still, even after reinstall, missing the above mentioned files[03:33:06] <FalconKirtaran> if it works, maybe the version you installed doesn't need them.[03:33:07] *** Dewio has quit IRC[03:33:33] <magyar> same[03:33:50] <rob0> What ARE those files? And why do you think they're missing?[03:34:15] <rob0> oh, looks like it might have something to do with postdrop being SUID.[03:34:26] <rob0> IOW, a Debian bug.[03:34:39] *** marc7 has joined #postfix[03:34:52] * rob0 gripes again about the Debian Postfix maintainer[03:36:41] * FalconKirtaran doesn't mind the gentoo one[03:36:48] <FalconKirtaran> though I think he's behind in versions[03:42:45] <thesaint4444> falcon - thanks for your help, going to bed... will continue with this problem tomorrow![03:43:09] *** higuita has joined #postfix[03:50:03] <FalconKirtaran> thesaint4444, good luck![03:50:32] <thesaint4444> falcon - lol i will get there in the end - cheers![03:51:12] *** prebur45 has joined #postfix[04:17:36] *** Dewio has joined #postfix[04:24:33] *** Homer_J has joined #postfix[04:30:17] *** Dewi has quit IRC[04:33:49] *** Donnie|Darko has joined #postfix[04:38:05] *** djs_2_6 has quit IRC[04:41:21] *** Donnie|Darko has left #postfix[04:45:51] *** Dewio is now known as Dewi[04:47:05] *** null1 has quit IRC[04:50:45] *** apeiron has quit IRC[04:52:33] *** apeiron has joined #postfix[05:10:38] *** Lap_64 has quit IRC[05:27:46] *** ki__ has quit IRC[05:35:09] *** Dewio has joined #postfix[05:39:24] *** thumbs has quit IRC[05:41:01] *** pitakill has quit IRC[05:47:30] *** Dewi has quit IRC[05:58:10] *** Dewio is now known as Dewi[05:58:21] <jelly-home> magyar: I usually only see illegal seek on bad dvd media, ie. b0rked filesystems. anything funny in dmesg/kern.log around that time?[05:59:22] <jelly-home> magyar: I'd expect the filesystem containing /var/spool/postfix to turn readonly if that were the case tho[06:01:49] *** Tinozaure is now known as Tino[06:01:54] *** Tino is now known as Tinozaure[06:02:23] *** thumbs has joined #postfix[06:08:34] *** aliljet has joined #postfix[06:13:44] *** Tomek- has joined #postfix[06:14:48] *** Internat has quit IRC[06:15:00] *** Internat has joined #postfix[06:16:02] *** thumbs has quit IRC[06:20:58] <magyar> jelly-home: all looks good, no errors and filesystem is rw[06:29:58] *** Tomek has quit IRC[06:29:59] *** Tomek- is now known as Tomek[06:32:39] *** f3ew has joined #postfix[06:59:29] *** thumbs has joined #postfix[07:01:13] *** Mavvie has quit IRC[07:06:55] *** smithj has joined #postfix[07:07:19] *** FalconKirtaran has quit IRC[07:08:39] *** Mavvie has joined #postfix[07:11:14] <smithj> i'm trying to set up set up postfix as a backup mx, but when i go to test it, RCPT TO: user at host dot com gives me a 451 Server configuration error, but nothing more specific in the logs. how can i figure out *what* is misconfigured?[07:14:53] *** franck has joined #postfix[07:15:08] <franck> Hi all[07:15:17] *** Homer_J has quit IRC[07:15:31] *** Homer_J has joined #postfix[07:16:00] <franck> I was wondering if I could build a regexp for body_check that will reject when an html link does not match its description in html[07:16:17] <Dewi> match its description?[07:16:32] <franck> for instance <a href="http://link1/>http://link2/</a>[07:16:57] <franck> common case of phishing...[07:17:21] <Dewi> oh, that text data should be able to be other plain text though[07:17:22] <franck> but I'm not very good in regexp :([07:17:53] <franck> agreed, this is why it should reject only if the text part starts with http...[07:18:04] <Dewi> but I guess if both are URLs and they don't match... yes you should be able to mop up most cases with a regexp[07:18:09] <franck> which usually means someone is trying to mislead you[07:18:32] <smithj> thunderbird will mark such things for you, fwiw[07:18:33] <Dewi> as long as your regexp engine supports matching on a captured group. I'm not up to speed on exactly what engine postfix uses[07:19:05] <franck> smithj: really, did not see that?[07:19:17] <franck> but I'd like to reject the message all together...[07:19:23] <smithj> Dewi: [root@mail ~]# ldd `which postfix` | grep pcre libpcre.so.0 => /lib64/libpcre.so.0 (0x00002b148e9f0000)[07:19:37] <smithj> Dewi: i'd guess it uses pcre :)[07:19:58] <franck> same, and this one I think I can do it, if I have a link to a file which is a standard rejected attachment to...[07:20:26] <Dewi> hmm actually you'd need two matches[07:20:33] <Dewi> I think[07:20:38] <franck> common block is to block exe attachments, I should block links to exe too ;)[07:20:42] <smithj> given that perl is the godfather of all regex and pcre is perl-compatible regex, i'd guess it can do it[07:20:48] <Dewi> one to recognise the type of hyperlink with two URLs[07:20:53] <Dewi> and another to check they match[07:21:18] <Dewi> because one is a condition of matching, and the other a condition of non-matching, you can't check for both in one expression (that I can see)[07:21:45] <franck> this is a little bit too fancy for me...[07:22:11] <franck> I would have to seriously think about it.. and read regexp manuals[07:24:04] <Dewi> I'm not sure how you'd chain two matchers together; I think you need something like: if (/hyperlink_with_two_URLs/ && !/URLs match/)[07:24:16] <Dewi> argh, why do I keep saying matchers and matches when I mean patterns?[07:24:31] <Dewi> been doing regex in java too much[07:25:10] *** smithj has left #postfix[07:27:11] *** PhilKC has quit IRC[07:37:21] *** nurettin has joined #postfix[07:45:28] *** Lap_64 has joined #postfix[07:48:24] *** Mavvie has quit IRC[07:48:40] *** Mavvie has joined #postfix[07:57:54] *** Motoko-chan has joined #postfix[07:58:19] *** franck has left #postfix[08:05:53] *** ultraviolet has joined #postfix[08:07:53] *** nictuku has joined #postfix[08:08:45] *** ultravio1et has quit IRC[08:10:31] *** DarklyCute has joined #postfix[08:20:18] *** unixwheel has joined #postfix[08:26:12] *** die_z has joined #postfix[08:27:16] *** Motoko-chan has quit IRC[08:44:08] *** nurettin has quit IRC[08:48:18] *** majikman-home has joined #postfix[08:48:36] <majikman-home> anyone know why hotmail would block my mail messages once i change my subject to "Action Required"?[08:49:31] <majikman-home> actually, nvm, thats not whats cuasing it[08:49:42] <majikman-home> hotmail keeps blocking my emails for some reason but it gets through for gmail[08:49:45] <majikman-home> any idea why?[08:51:55] *** amrit|bbl is now known as amrit|zzz[08:53:49] <ek> majikman-home: I'd assume it has something to do with either not having a reverse DNS or being in a blacklist.[08:54:11] <ek> What does the mail.log file say about the issue?[08:54:56] <DarklyCute> I know why. Hotmail sucks.[08:54:59] <DarklyCute> Serious.[08:55:28] <DarklyCute> (I've seen success rates of about 50% at actually getting a message delivered, assuming the server accepts the message.[08:57:11] <majikman-home> ek, it doesn't say anything[08:57:17] <majikman-home> the log file says that the email was sent correctly[08:57:25] <majikman-home> i'm thinking it might have something to do with the reverse dns[08:57:33] <ek> Ah. Wait a tick...[08:57:40] <ek> So, Hotmail's mail server is accepting the mail?[08:57:45] <majikman-home> actually, nvm, some of the messages to get through though[08:57:54] <majikman-home> its not returning me any errors[08:58:02] <ek> Yeah. You're fine. Like DarklyCute said, Hotmail is a P.O.S.[08:58:09] <majikman-home> crap[08:58:15] <majikman-home> hotmail, msn, and aol are all blocking my emails[08:58:27] <ek> Returning them?[08:58:35] *** lailai_ is now known as lailai[08:58:41] <majikman-home> nope[08:58:43] <majikman-home> no errors[08:58:48] <majikman-home> postfix's log says 250[08:59:16] <ek> Then the mail servers aren't blocking the mails. They're just not delivering them the way you'd expect.\[08:59:16] <majikman-home> but if i change the subject to "Password for adamchou (auto-message)", it works[08:59:31] <ek> Check the spam folders and such.[08:59:38] <majikman-home> it doesn't even show up in the spam[09:00:16] <ek> Well, then something would be b0rky on their end. Not yours.[09:00:23] <DarklyCute> AOL never blocks a message they accept.[09:00:31] <ek> If the mail server accepts the mail, your side of the deal is finished.[09:00:40] <DarklyCute> If they won't take your mail, you get back a very detailed error message[09:00:46] <DarklyCute> One of the few things I like about AOL.[09:01:05] <majikman-home> well, i understand it might not be me... but i can't tell that to my clients[09:01:13] <majikman-home> so... if i can figure out some way to get this to work, that would be great[09:01:18] <ek> Has someone complained about it?[09:01:24] <DarklyCute> majikman-home, something in your subject is triggering a crappy Hotmail filter.[09:01:45] <DarklyCute> As for AOL, sign up for their feedback loop.[09:02:03] <DarklyCute> And check your server isn't on any blacklists.[09:02:40] <majikman-home> ok... i'll look into aol's feeedback loop[09:02:44] <DarklyCute> http://openrbl.org/ <-- Nice tool to check. Requires a real browser to work (No IE)[09:02:47] <majikman-home> but.... msn/hotmail doesn't have one does it?[09:02:56] <DarklyCute> No. Hotmail sucks.[09:03:01] <majikman-home> ok, lemme check the openbl[09:03:09] <DarklyCute> Like I said, I've seen 50% success on average when the server accepts.[09:03:25] <DarklyCute> Hotmail/MSN are one and the same.[09:04:55] <DarklyCute> MSN/Hotmail's delivery rule: if (rand(100) > 50) { deliver_mail(); }[09:05:34] *** GutterPunk has quit IRC[09:05:42] *** remi____ has joined #postfix[09:05:52] *** GutterPunk has joined #postfix[09:09:47] <dragonheart> s/50/98/ :-)[09:09:51] *** remi____ has left #postfix[09:11:20] <DarklyCute> dragonheart, that is for their actual acceptance of the message.[09:11:30] <DarklyCute> Although I've found Comcast's business hosting worse.[09:11:40] <DarklyCute> I actually had to show their techs it wasn't my problem.[09:12:25] *** smeevil has joined #postfix[09:16:52] *** rmayorga has quit IRC[09:18:40] *** nictuku has quit IRC[09:23:20] *** Mez has quit IRC[09:35:27] *** DarklyCute has quit IRC[09:35:58] <majikman-home> jesus hotmail is crap[09:36:36] *** |DeuS| has joined #postfix[09:52:38] *** internat2 has joined #postfix[09:56:10] *** internat3 has joined #postfix[09:57:16] *** diveli has quit IRC[10:01:17] *** war has joined #postfix[10:03:01] *** Internat has quit IRC[10:04:18] *** FalconKirtaran has joined #postfix[10:11:46] *** internat2 has quit IRC[10:15:47] *** cutmasta has joined #postfix[10:20:06] *** Dewio has joined #postfix[10:27:36] <pipatron> majikman-home: I'd like jesus hotmail plz msg me kthx[10:30:38] *** c4stro has joined #postfix[10:32:30] *** Dewi has quit IRC[10:34:37] *** aozturk has joined #postfix[10:39:03] *** pif has quit IRC[10:55:14] *** Dewio has quit IRC[11:12:03] *** duki has joined #postfix[11:14:25] *** aozturk has quit IRC[11:18:34] *** thesaint4444 has quit IRC[11:20:19] <Trengo> your mail is now blessed?[11:40:57] *** Alex_WinKiller has joined #postfix[11:41:41] <Alex_WinKiller> hi guys, what is diff. between mailbox_size_limit and virtual_mailbox_limit ?[11:44:12] <sysmonk> Alex_WinKiller: mailbox_size_limit limits the size of _any_ local mailbox[11:44:24] <sysmonk> and virtual_mailbox_limit limts the size of _individual_ virtual mailbox[11:44:53] <sysmonk> i.e. user1 has a limit of 10 megs, user2 - limit of 20 megs...[11:45:01] <Alex_WinKiller> ok[11:45:11] *** pirho has joined #postfix[11:45:22] <Alex_WinKiller> I got message_size_limit = 8120000[11:45:27] <Alex_WinKiller> so next row I put[11:45:58] <Alex_WinKiller> mailbox_size_limit = 104860000[11:46:04] <Alex_WinKiller> for 100 mb and it should work ?[11:46:12] <Alex_WinKiller> user can not cross it ?[11:47:24] *** Mez has joined #postfix[11:47:51] *** pirho has quit IRC[11:49:36] <Alex_WinKiller> what will happen when user rich 100 mb limit ? will not be able to recive mail ?[11:50:13] *** pirho has joined #postfix[11:50:55] *** Guest65381 has joined #postfix[11:51:33] *** Twinkletoes has joined #postfix[11:53:41] <memic> Alex_WinKiller he shouldnt, the sender will get an error like mailbox full[11:54:13] <Alex_WinKiller> ok, it is good )[11:54:16] <Alex_WinKiller> thnx[11:54:20] *** Alex_WinKiller has quit IRC[11:55:13] *** c4stro_ has joined #postfix[12:11:44] *** c4stro has quit IRC[12:20:05] *** etaylor has quit IRC[12:23:55] *** nurettin has joined #postfix[12:24:04] <nurettin> hello[12:24:24] <nurettin> i have got problem.[12:25:23] <nurettin> when i want to send from kidalabama at gmail dot com to my mail server nurettin at nurettinalp dot com cant get.[12:25:53] <nurettin> but i ca sending from sibel at nurettinalp dot com to nurettin at nurettinalp dot com[12:26:04] <nurettin> but i can sending from sibel at nurettinalp dot com to nurettin at nurettinalp dot com[12:26:53] <nurettin> result i cant get mail from outside[12:27:03] <nurettin> but i can get from inside.[12:30:58] *** kspath has quit IRC[12:47:27] *** cplx has joined #postfix[12:47:31] *** cplx_ has quit IRC[12:48:26] <Roobarb-Work> nurettin: what errors are you getting?[12:48:44] <Roobarb-Work> and is Postfix accepting connections from external addresses?[12:51:21] *** marc7 has quit IRC[12:56:10] <nurettin> Roobarb-Work: can you test this my mail server ip 81.213.247.155[12:58:04] <Roobarb-Work> I do not appear to be able to connect to that IP on port 25[12:58:21] *** memetic has quit IRC[12:59:11] <nurettin> Roobarb-Work: telnet localhost 110[13:00:43] *** memetic has joined #postfix[13:00:59] <nurettin> Roobarb-Work: which port using mails get from outside ?[13:01:08] <nurettin> Roobarb-Work: 25 or 110 ?[13:01:44] <Roobarb-Work> nurettin: "telnet localhost 110" would connect to *MY* POP3 server, not yours. Either way, POP3 is not sufficient for receiving SMTP email from external servers.[13:03:12] <nurettin> Roobarb-Work: how can i resolve this problem[13:03:17] <rob0> Nono. Localhost is MINE, and NOT yours. Patent pending.[13:03:47] <nurettin> Roobarb-Work: POP3 is not sufficient for receiving SMTP email from external servers.[13:04:44] <Roobarb-Work> nurettin: POP3 is a mechanism for accessing a mailbox on a server. NOT for processing mail *between* servers.[13:05:16] <nurettin> Roobarb-Work: okay i understand.[13:05:20] <Roobarb-Work> nurettin: Although your presence in a channel about the Postfix SMTP server would suggest that you are running Postfix, no?[13:05:39] <Roobarb-Work> (Postfix does not do anything with port 110 or the POP3 protocol).[13:06:01] <nurettin> Roobarb-Work: i am postfix mta[13:06:19] <nurettin> Roobarb-Work: and i am testing my port 25[13:06:40] <Roobarb-Work> nurettin: then Port 25 is not being forwarded through your router/firewall to your mail server[13:10:51] *** UQlev has joined #postfix[13:11:04] <nurettin> Roobarb-Work: but i am using dmz ...[13:11:32] <Roobarb-Work> nurettin: and...?[13:12:06] <nurettin> Roobarb-Work: all ports forwarded to my server[13:12:35] <Roobarb-Work> nurettin: evidently not if I cannot connect on port 25 to that IP Address[13:12:46] <nurettin> hımm[13:13:00] <nurettin> please wait i am control my router conf.[13:13:23] *** cplx has quit IRC[13:13:26] <Roobarb-Work> afk - lunch[13:14:04] <lordrich> 81.213.247.155 is a dynamic ip and your isp may be blocking incoming port 25 connections[13:14:24] <nurettin> Roobarb-Work: i am changed router conf.[13:14:57] <nurettin> Roobarb-Work: please re test[13:15:24] <dragonheart> fyi - i just patched a pop-before-smtp implementation that does validate the IP+user though a policy daemon - if your interested I'd love your feedback. https://sourceforge.net/tracker/index.php?func=detail&aid=1805564&group_id=5017&atid=305017[13:15:41] *** cplx has joined #postfix[13:16:15] *** memetic has quit IRC[13:16:23] *** memetic has joined #postfix[13:16:51] <nurettin> Roobarb-Work: i dont believe, my isp is dump.[13:17:04] *** marc7 has joined #postfix[13:22:04] <rob0> dragonheart: My feedback is that pop-before-smtp is an ugly kludge that deserves to die. All modern MUAs, even the MS crapware ones, support ESMTP AUTH, which works inband and can be secured.[13:23:34] <rob0> Maybe a bit farfetched, maybe not ... imagine a pop-before-smtp user at a public hotspot with a spammer sniffing the wireless. The sniffer also can relay, since both are NAT'ed through the same IP address.[13:24:22] <rob0> Ironically, *no* MUA truly supports pop-before-smtp.[13:24:23] *** cplx has quit IRC[13:24:42] *** cpm has joined #postfix[13:26:21] <nurettin> Roobarb-Work: ?[13:27:34] <pipatron> rob0: If one wants to feel secure, nothing is far fetched[13:27:34] *** Dewi has joined #postfix[13:27:53] <dragonheart> i acknowlege the flaws are still plentify. i largely did it to learn a bit of perl and a few other things and hopefully elimitated a few flaws for the persistant users. thanks for your feedback :-)[13:28:18] <dragonheart> I do appreciate it rob0[13:29:51] *** cplx has joined #postfix[13:34:16] *** Habbie has joined #postfix[13:34:25] <Habbie> can i tell postfix to round-robin between two content filters?[13:36:45] <sysmonk> um, no, unless on DNS level[13:37:25] <Habbie> hmm that might suffice, any way to do that in /etc/hosts ?[13:37:28] <sysmonk> or with a custom policy script[13:37:36] <rob0> Learning is good, and I'm sure some people will find it useful.[13:38:19] * cpm finds learning gives him headaches[13:38:29] <sysmonk> Habbie: don't think so[13:38:46] <sysmonk> cpm: yeah, big ones :([13:40:47] <duki> hello all[13:41:30] <pipatron> HELO[13:41:33] *** marc7 has quit IRC[13:41:38] <duki> I downloaded a file containing a list of many spam domains, how do I use it? (I am using mutt/spamassassin/procmail/postfix).[13:41:53] * rob0 finds cpm gives him headaches ;)[13:42:09] <Tjikkun> hey rob0, remember me?[13:42:21] <rob0> yes, fix the backscatter problem?[13:42:30] <Tjikkun> yes, thanks for all the help[13:42:39] <rob0> duki: where did you get this file?[13:42:48] <rob0> Tjikkun: yw[13:43:20] <Tjikkun> i now have one remaining problem, mail to root does not go anywhere it seems[13:43:37] <Roobarb-Work> Tjikkun: look in your alises file[13:43:44] <Tjikkun> it stays in the active queue[13:44:05] <Tjikkun> in the alias file it is set up to go to my email address[13:44:20] <Tjikkun> i did run newaliases[13:44:24] <Roobarb-Work> a) did you postalias that file, and b) is postfix set to look at it?[13:44:39] <pipatron> CP/M[13:44:40] <Habbie> sysmonk, indeed, /etc/hosts doesn't work[13:44:44] <rob0> This is virtual delivery, right?[13:45:00] <Tjikkun> yes and yes[13:45:02] <duki> rob0: just googling (from the net).[13:45:10] <rob0> The aliases(5) file is only used by local(8).[13:45:33] <Tjikkun> i think my problem is it isn't going to local[13:45:43] <duki> rob0: it contains 20048 domains (blacklisted)[13:46:01] <rob0> duki: is it trustworthy?[13:46:40] *** phnord has joined #postfix[13:46:56] <duki> rob0: from hera exactly: wget http://www.joewein.de/sw/blacklist/dom-bl.txt[13:47:06] <duki> rob0: I don't know :([13:47:13] <rob0> Ah, well that is what I was asking. Yes, Joe's list is good.[13:47:33] <duki> rob0: :)[13:48:17] <Tjikkun> i do have mydestination = $myhostname, localhost.$mydomain, localhost[13:48:24] <duki> rob0: what Can I do with it now?[13:48:43] <rob0> I have a cron job fetching that list and processing it into a dual-use check_client/sender_access map.[13:49:41] <f3ew> .[13:49:44] <phnord> Hi all, is it allowed to reject mail like "unkown_user@$mydomain" in envelope sender?[13:50:54] <duki> rob0: So it is not obvious to use it! I thought to something like passing it to postfix :([13:51:11] <duki> anyway thanks rob0 .[13:51:31] *** marc7 has joined #postfix[13:54:28] <rob0> Wow, I just checked, and my cron job still seems to be working ... unattended for at least a year, I bet.[13:54:29] *** PhilKC has joined #Postfix[13:56:18] <rob0> It doesn't catch much spam, though.[13:56:34] <rob0> (It = the Joewein list lookups)[13:59:25] <duki> So I don't really need it for now, isn't it? I let sa-learn do progressly the job.[14:01:35] <lordrich> duki: rbl lists and spamassassin together will catch far more spam than any list like this[14:01:48] <rob0> Well, I can't say that it wouldn't help you. My defenses are entirely pre-DATA, no content filtering. If you're accepting all the spew and passing to SA, it might help you.[14:01:49] *** cilly has joined #postfix[14:02:40] <duki> okay, tahnks rob0 lordrich .[14:03:07] <duki> Oops thanks ...[14:05:10] *** spiekey has joined #postfix[14:05:13] <spiekey> howdy![14:06:02] <spiekey> when i want to send a mail to web.de from my own mailserver, i get this: host mx-ha01.web.de[217.72.192.149] said: 550 Protocol violation (in reply to DATA command)[14:06:06] <spiekey> any idea why?[14:12:02] *** Habbie has left #postfix[14:12:28] <higuita> we can only tell with the sniffing of what both servers exchanged...[14:12:41] <higuita> probably you are sending something the other side dont like[14:13:00] <rob0> Interesting, but no, no idea. I did see that mx-ha01.web.de employs a long greet pause.[14:13:01] <higuita> try forcing helo /7bits emails for that server[14:13:21] <rob0> or put it in debug_peers_list[14:16:04] *** master_o1_master has joined #postfix[14:17:25] <jMCg> Is it possible to have content filter that redirects mails to a different address [like garbage at foobar dot tld] if they contain attatchments I don't like?[14:19:33] <phnord> jMCg: you may let the content_filter rewrite the header / subject and then create a lookup table for the reentry-point of the mail. just my 2 cents :>[14:20:18] <Tjikkun> hmm, can't seem to figure it out[14:20:23] <jMCg> phnord: I didn't get the last part: 'and then create a lookup table for the reentry-point of the mail.'[14:21:57] <phnord> jMCg: the content_filter does not want to store your mail, it re-injects it to another smtpd process you need to configure in your /etc/postfix/master.cf[14:23:37] <jMCg> So it would make sense to have a before queue filter, wich content_filter is not.[14:24:16] <Tjikkun> is there a way i can check what transport would be used for a given mail-address?[14:24:30] <Tjikkun> (in my case for root)[14:26:53] *** brancaleone has joined #postfix[14:28:08] *** master_of_master has quit IRC[14:31:46] *** ampex has quit IRC[14:33:50] *** brancaleone has quit IRC[14:34:47] *** brancaleone has joined #postfix[14:43:30] *** thesaint4444 has joined #postfix[14:45:03] *** Ryushin has joined #postfix[14:45:14] <thesaint4444> hi guys, anyone familiar with courier pop3?[14:48:01] <cpm> folks in #courier probably are[14:48:32] <cpm> is this a poll? Or were you having some issue?[14:49:04] <thesaint4444> cpm - courier channel is empty, I am having a problem :-)[14:49:32] <thesaint4444> thought someone here might have an idea....[14:49:35] <cpm> workaround.org/moin/GettingHelpOnIrc[14:50:11] <cpm> thesaint4444, nothing is more annoying to the folks who would probably like to help, than someone asking all around an issue, rather than just stating their case. Know what I mean?[14:51:48] <thesaint4444> couldn't agree more but this is postfix channel so i would say that is relevant in this case....[14:51:59] *** silas has joined #postfix[14:52:03] <silas> Hello all.[14:52:23] <thesaint4444> hi..[14:52:48] <thesaint4444> cpm - are you familiar with courier setup?[14:57:25] <Signum> thesaint4444: could you consider asking the actual question?[14:58:18] <Tjikkun> anyone any idea why my local mail stays in the active queue, seemingly forever?[14:58:26] <Tjikkun> local_transport = local:$myhostname[14:58:35] <Tjikkun> mydestination = $myhostname, localhost.$mydomain, localhost[14:58:44] <Tjikkun> any other settings i should look at?[14:59:07] <Tjikkun> myhostname is set correct[15:01:52] <pipatron> Tjikkun: Doesn't the logs say why it's not sent?[15:02:13] *** brancaleone has quit IRC[15:02:18] <nurettin> hello what is spf[15:02:20] <Tjikkun> pipatron: not that i can tell[15:02:54] <thesaint4444> signum - trying to set up mails server, unbutu, postfix, courier pop, mysql virtual domains. problem is can't connect to mail server via courier pop3, user name accepted but -ERR Login failed when entering passord, any ideas? thanks.[15:04:14] <sep> thesaint4444, perhaps the maildir dont exsist ? did the user recive any mails yet?[15:04:59] <Tjikkun> i jsut see entries like: Oct 1 15:01:03 hostname postfix/qmgr[18681]: E24422375D: from=<root at hostname dot domain.ext>, size=650, nrcpt=1 (queue active)[15:05:35] <thesaint4444> sep - maildir exists, i can send mail to virtual domains on server and they go into the users mailbox via telnet but i cant use courier pop to get them back ...[15:06:25] <thesaint4444> sep - postfix appears to be working correctly for sending....[15:06:38] <sep> thesaint4444, so you misconfigured courier somehow ?[15:06:54] <pipatron> can you use imap?[15:06:57] <phnord> Tjikkun: you want postfix to deliver mail to simple mailboxes?[15:07:19] *** hparker has joined #postfix[15:07:39] <Tjikkun> phnord: yes, or forward it to a different address[15:07:55] <thesaint4444> sep - it appears so but i cant for the life of me work out how... - logs dont so much apart from password not accepted.[15:08:32] <phnord> Tjikkun: then specify mailbox_dir parameter in main.cf[15:09:36] <phnord> Tjikkun: sry, the option is called home_mailbox[15:09:42] <rob0> Tjikkun: what does mailq(1) say about the deferrals?[15:11:08] <Signum> thesaint4444: did you set up the /etc/courier/authmysqlrc correctly?[15:11:12] <Tjikkun> ouch, sorry guys[15:11:35] <thesaint4444> Signum: as far as i am aware yes...[15:11:45] <Tjikkun> figured it out, i grepped error on the maillog[15:12:02] <Tjikkun> mailbox_size_limit is smaller than message_size_limit[15:12:19] <jMCg> Mmmmmmmmmaybe I could just do a GROSS HACK... -- have a content filter that rejects stuff I don't like with a specific error code and then have bounce send those to a specific address........[15:12:21] <thesaint4444> Signum: i have checked the all the config files carefully and they seem to be ok but this is my first mail server setup so it is tricky.[15:13:24] <thesaint4444> Signum: but the problem seems to come from courier authmysq[15:14:43] <pipatron> What about removing courier, install dovecot, and then /join #dovecot?[15:14:48] <Signum> thesaint4444: are you using the authdaemon?[15:16:56] <thesaint4444> Signum: yes I believe so....[15:20:52] <jMCg> http://www.postfix.org/header_checks.5.html <<< REDIRECt --- sounds quite reasonable to me.[15:21:17] <thesaint4444> Signum: yes that all seems to be set up correctly.[15:22:06] *** pirho has quit IRC[15:22:35] <Signum> thesaint4444: so the "authmodulelist" says "authdaemon"?[15:22:39] <thesaint4444> pipatron - would you recommend dovecot over courier?[15:22:46] <thesaint4444> Signum: yes[15:23:17] <Signum> thesaint4444: any log entries on "courier" in your /var/log/mail.log? (btw, I also recommend dovecot over courier)[15:23:36] <pipatron> thesaint4444: I have used neither, but I did some research recently and dovecot seemed very nice. Seemed like they were doing a mailserver "the right way"[15:23:51] *** pirho has joined #postfix[15:24:29] <pipatron> Too bad I couldn't find an MTA designed in the same way ;)[15:24:34] <thesaint4444> Signum: authdaemon: TEMPFAIL - no more modules will be tried[15:24:44] <f3ew> pipatron hmmm?[15:24:55] <f3ew> MTAs are a bit more complex than pop3/imap servers[15:25:03] <f3ew> Think of why sendmail.cf is Turing complete[15:25:14] * cpm chuckles[15:25:26] <pipatron> f3ew: That's no reason for for example postfix to have a "let's permit every feature by default" mindset[15:25:47] <f3ew> pipatron, perhaps you need smail?[15:26:02] <pipatron> Hm[15:26:20] <pipatron> I recall I checked that, but I can't remember why I decided that postfix was the best MTA around[15:26:29] <f3ew> Postfix makes simple things easy, and complex things Possible[15:26:48] *** smeevil has left #postfix[15:27:56] <Signum> thesaint4444: did you set the authmodulelist="authmysql" in the authdaemonrc?[15:29:21] *** etaylor has joined #postfix[15:34:26] <thesaint4444> Signum: yes...[15:34:48] <pipatron> Hm[15:35:46] <pipatron> Would setting 'inet_interfaces =' work? That is, if you don't want the postfix smtpd to bind to anything at all[15:36:37] <thesaint4444> pipatron: me ?[15:36:56] <pipatron> No, me. :)[15:37:40] <pipatron> Playing with postfix, trying to find a clean and nice way to stop the smtpd part completely[15:37:58] <f3ew> comment out smtpd in master.cf[15:38:14] <thesaint4444> pipatron: why do you want to do that?[15:38:33] <pipatron> f3ew: ah[15:38:59] <f3ew> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client[15:39:02] <f3ew> that too[15:39:13] <pipatron> thesaint4444: Maybe I just want to use postfix locally at the moment[15:39:20] *** syzygyBSD has joined #postfix[15:39:25] <pipatron> thesaint4444: Or use it to send mails to other systems on a lan[15:40:17] <thesaint4444> pipatron: umm..[15:40:27] <rob0> There are scores of reasons for a send-only MTA. In fact probably much of the mail you see goes through them.[15:40:46] <syzygyBSD> I have an order of operations issue. I would like to reject (550) invalid users before greylisting all email. I think this will cut down on some load on our server, but I don't really know.[15:40:55] <rob0> (and no, not meaning spammers)[15:41:07] <syzygyBSD> I can't get my smtp_recipient_restrictions correct though[15:41:21] <pipatron> No one has died from being anal about security. I could leave it open and block incoming mails.. I could block the port in the firewall.. but I rather not have the service running at all. :)[15:41:24] <syzygyBSD> rob0, like website signups![15:41:26] <rob0> syzygyBSD: reject_unlisted_recipient before the check_policy_service[15:41:39] <syzygyBSD> thanks, exactly what I needed[15:41:42] *** GoGi has joined #postfix[15:42:59] <syzygyBSD> I had reject_unauth_destination, not the right one :P[15:49:25] *** ming_zym has joined #postfix[15:56:21] *** csm-laptop has joined #postfix[16:02:55] *** UQlev has quit IRC[16:12:49] *** fiXXXerMet has joined #postfix[16:13:22] <fiXXXerMet> If my relay_recipient_maps are a hash file, does postfix need to reload every time the file is changed and then re-postmapped?[16:13:38] <f3ew> No[16:13:50] <fiXXXerMet> Very good - thanks[16:16:42] <phnord> Is it allowed to block mail with "unkown_user@$mydomain" in envelope sender?[16:17:05] <nurettin> hello when i want to send my mail server i am taking this message log http://pastebin.com/m3741c10d[16:22:47] <rob0> phnord: reject_unlisted_sender I think, but it gets complicated, because you have to limit that to your domain with check_recipient_access.[16:22:58] <rob0> !access[16:22:58] <knoba> rob0: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[16:23:06] <rob0> !restriction_classes[16:23:07] <knoba> rob0: Error: "restriction_classes" is not a valid command.[16:23:09] <rob0> !restriction_class[16:23:10] <knoba> rob0: "restriction_class" : http://www.postfix.org/RESTRICTION_CLASS_README.html[16:23:45] *** FalconKirtaran has quit IRC[16:24:46] <nurettin> q[16:24:48] <nurettin> quit[16:24:51] *** nurettin has quit IRC[16:25:13] <phnord> rob0: hmm... I just realised this with a lookup table after permit_mynetworks, to avoid spammer using my domain, but no valid user.[16:26:32] <phnord> rob0: assumed, that all known clients are listed in mynetworks[16:27:26] <rob0> oh yeah, put it after anything to allow relaying, that works too.[16:27:55] <rob0> It breaks some things, but perhaps those are things which are better off broken.[16:28:08] <rob0> (same-envelope forwarding)[16:28:54] *** marc7 has quit IRC[16:29:35] <phnord> rob0: why should relaying be allowed?[16:31:39] *** alduin has joined #postfix[16:32:21] *** githogori has quit IRC[16:32:40] <rob0> That question makes no sense to me. Do you or your users ever want to send mail?[16:36:55] *** rmayorga has joined #postfix[16:39:25] <phnord> rob0: I have a working postfix configuration which does not allow relaying. i've appended a check_sender_access table to smtpd_recipient_restrictions which looks up, if the sender domain is in $mydomain. if yes, the mail will be rejected. every known client in the local network (it is a small LAN) is in $mynetworks.[16:41:09] <rob0> If you use permit_mynetworks, you are probably indeed allowing those clients to relay. Am I missing something here?[16:41:54] * pipatron is actually getting postfix now, but still have a problem that he is going to bug someone with later tonight.[16:42:18] <phnord> rob0: Ok, the known clients are allowed to relay. sorry, my mistake :)[16:48:35] <phnord> i think i just use reject_unlisted_sender, gnarf[16:49:45] <fiXXXerMet> I'm reading this postfix book and it says that we shouldn't block mail from an empty envelope sender. How can I make sure that I'm not? List <> in my roleaccount_exceptions file?[16:50:42] *** lost_and_unfound has joined #postfix[16:54:59] <lost_and_unfound> greetings! I have successfully setup postfix/dovecot/mysql and postfix delivers to multiple domains, but, i am only allowed by postfix to send email FROM a single domain, if trying to use any one of the others i get a relay access denied, for me the wierd part is that to authenticate sending, i use dovecot/SASL to verify the email and password authenticity, any suggestions? i have a suspitions that it has somehting to do with $[16:55:00] <lost_and_unfound> mydomain or smptd_rescritctions. Thanks[16:56:44] <cpm> lost_and_unfound, what says the output of postconf relay_domains[16:56:45] <cpm> ?[16:57:32] *** pariviere has joined #postfix[16:58:09] *** kspath has joined #postfix[16:58:33] <lost_and_unfound> '554 5.7.1 <user at example dot com>: Relay access denied'[16:58:50] <lost_and_unfound> oops.. sorry[16:58:55] <lost_and_unfound> misread the question[16:59:44] <lost_and_unfound> cpm, relay_domains = $mydestination[17:00:17] <cpm> postconf mysdestination[17:01:15] <lost_and_unfound> mydestination = $myhostname, localhost.$mydomain, localhost, mydomain | i can deliver to another mailbox in the same domain[17:02:12] <lost_and_unfound> cpm actually any domain hosted on the server[17:02:35] *** cutmasta has quit IRC[17:03:43] <cpm> I don't see any mysql lookups in there[17:05:45] <lost_and_unfound> ah.. i see what you mean, missing the mysql:/scriptThatListsMyOtherDomains.cf ?[17:07:36] <cpm> yeah, not too sure how postfix would know to accept mail for relay from your domains that are held in mysql.[17:07:58] <pariviere> hi everyone. I would like to implement dynamic mail groups with LDAP Postfix backend[17:08:12] <pariviere> I mean, something like all at mydomain dot com which will query my LDAP directory with something like ldap://localhost/ou=users,dc=domain,dc=com?(objectClass=inetOrgPerson) with result_attribute=mail[17:08:31] <pariviere> How to proceed? I've started by creating one ldap_table config file by dynamic groups but it seems to be the wrong way. I don't find the way to integrate them with postfix[17:11:04] *** thelostbutler has joined #postfix[17:13:51] <jelly-home> how come virtual(8) doesn't SEE ALSO virtual(5)?[17:23:13] *** Lap_64 has quit IRC[17:34:47] *** alduin has left #postfix[17:36:03] *** phnord has left #postfix[17:36:20] *** cilly has quit IRC[17:36:25] <koollman> mm ... I am looking for a debian package that should be called 'postfix-cidr', but I can't find it (on etch). Anyone know where to search? (or if it does not exist...)[17:36:30] *** pickcoder has joined #postfix[17:36:59] *** roe has quit IRC[17:37:45] *** pego has joined #postfix[17:38:01] <pego> :q![17:38:11] <pego> oops :) hello :)[17:38:25] <lordrich> packages.debian.org doesn't know about postfix-cidr[17:38:34] <lordrich> that means it's not a Debian package[17:38:56] *** roe has joined #postfix[17:39:21] *** smesjz has joined #postfix[17:39:31] *** die_z has quit IRC[17:39:40] <lordrich> and since there's no Debian package for it, I'd assume it's supported in the main postfix package[17:49:25] *** lost_and_unfound has quit IRC[17:49:54] * smesjz slaps cpm with a hparker-love-doll[17:50:04] <cpm> ewwww![17:50:14] <hparker> yikes![17:50:18] * cpm wipes the love-doll drippings off his face[17:50:31] *** steevel__ is now known as steevel[17:50:42] * hparker takes his love doll back and puts it back in the closet[17:51:04] <smesjz> hi :)[17:51:27] <jelly-home> hparker: was that your doll, or a doll with your likeness?[17:51:56] <hparker> the former... the later would scare hell outta everyone[17:52:56] *** UQlev has joined #postfix[17:53:41] <jMCg> !/^content-(type|disposition):.*name[[:space:]]*=.*\.(jpg|jpeg|bmp|gif|tif|tiff|png|pdf)/ <-- will this match even if I don't have an attatchment?[17:53:42] <knoba> jMCg: Error: ":space:" is not a valid command.[17:53:55] <smesjz> use \s*[17:54:05] <smesjz> oh[17:54:25] *** ruben_ has joined #postfix[17:54:33] <smesjz> is that ! intended?[17:54:47] * jMCg stole quite directly from http://www.postfix.org/header_checks.5.html[17:54:53] <jMCg> smesjz: yes.[17:55:18] <smesjz> hmm[17:55:38] <smesjz> you cant use negative matches with the header checks afaik[17:56:19] <jMCg> http://www.postfix.org/header_checks.5.html TABLE FORMAT says I can.[17:56:50] <smesjz> oh[17:57:00] *** nurettin has joined #postfix[17:57:17] *** pego has quit IRC[17:57:18] <smesjz> :( my postfix skills vanished after i changed jobs :([17:57:40] * cpm changes smesjz[17:57:45] * hparker needs to change jobs.. Or at least get one[17:58:08] * cpm echo's hparker, except he has a job[17:58:21] <smesjz> well, i am doing payroll consultancy now...nice job but has nothing to do with Postfix[17:58:38] <hparker> consult my payroll, convince it to grow[17:59:08] <smesjz> :)[18:00:30] <smesjz> 'computer says no'[18:00:40] *** duki has quit IRC[18:00:50] *** duki has joined #postfix[18:00:55] <hparker> sounds 'bout right[18:01:09] <UQlev> smesjz: payroll software or legislation?[18:01:11] <smesjz> ah, never seen Little Brittain I assume?[18:01:14] <hparker> i just need to find a part time admin gig[18:01:22] <hparker> nope[18:01:35] <smesjz> UQlev: well, translating new legislation into working software..actually only the functional part of it[18:01:40] * cpm doesn't want to see 'little hparker'[18:01:45] <hparker> lol[18:03:33] <ruben_> one question, if I don't want to use VDA patch to use with mysql virtual users, I can use mysql_mailbox_limit = mysql:file where file uses something like selec quota from user? and then user MAILDROP quotas? I don't want to 'patch' postfix :)[18:03:37] <ruben_> it has sense?[18:03:57] <smesjz> maildrop can read quotas from the database[18:04:21] <smesjz> as a delivery agent it doesnt need mysql_mailbox_limit or so[18:04:38] <ruben_> smesjz: so mysql_mailbox_liit has no sense here?[18:04:49] <ruben_> mysql_mailbox_limit[18:04:57] <smesjz> ruben_: is it even a valid option with an unpatched Postfix?[18:05:15] <smesjz> i wrote a tutorial on maildrop quotas back in the days when cpm was still my homie[18:05:26] <smesjz> http://www.xs4all.nl/~jaspersl/quota/[18:05:39] *** majikman-home has quit IRC[18:05:40] <koollman> lordrich: postfix -m return cidr, but postmap fail when trying to generate a cidr table[18:05:43] *** uncoded has joined #postfix[18:05:50] <heidaro> Does smtpd_helo_required = yes and strict_rfc821_envelopes = yes help at all against spam?[18:06:09] <smesjz> ruben_: it's outdated but maildrop still supports quotas just fine[18:06:35] <smesjz> heidaro: a bit but you can tweak it to reject mailservers that HELO with your own hostname or IP[18:07:03] <ruben_> smesjz: lot of thanks, it is much better than patch postfix nope?, also, how maildrop executes select quota from table where user = 'blah' and active=1 ?[18:07:12] <smesjz> as an alternative to maildrop, look at dovecot 1.1 too..it's an excellent replacement for maildrop/courier-imap/courier-authlib combo[18:07:29] <uncoded> Hi All, Can I use regex in ldap_tables, in result_format ?[18:07:53] <smesjz> ruben_: dont patch Postfix...a quota aware delivery agent will work just fine[18:08:50] <smesjz> maildrop/deliver (dovecot) expect a database column that holds the user quota like 1000000S (specificies a 1MB quota) and it retrieves that using a single query it executes to find out where to deliver the mail to[18:09:28] <smesjz> anyway, time for groceries...be back in like 30 minutes[18:09:41] <smesjz> read up on my tutorial to find out how the quotas work with maildrop[18:09:46] <lordrich> koollman: what error message do you get?[18:10:35] <koollman> lordrich: 'postmap: fatal: dict_mkmap_func: unsupported dictionary type: cidr: Is the postfix-cidr package installed?' (the command was 'postmap cidr:helo_access_ip')[18:11:02] <ruben_> smesjz: yes, only one dude, why you use sudo? it is for do not run maildrop with root suid? also, looks cool the tuto![18:11:53] <smesjz> the sudo part is unrelated here :)[18:12:03] <nurettin> hello[18:12:10] <nurettin> smesjz: hello[18:12:20] <ruben_> smesjz: so maildrop lauch 'select quota etc' for me without using virtual_mailbox_limit = mysql:file, interesting :)[18:12:34] <nurettin> i have got problem[18:12:50] <nurettin> smesjz: my new problem[18:13:08] <nurettin> is i cant get mail[18:13:17] <nurettin> from outside[18:13:28] * pickcoder tries shaking off the sleepiness[18:13:54] <e_> good luck[18:13:59] * e_ tries that for 8+ hours now[18:14:18] *** pariviere has left #postfix[18:14:29] <lordrich> koollman: try leaving out the cidr: prefix when running postmap[18:14:48] <koollman> lordrich: then it generate a bdb database, with incorrect keys[18:14:56] <nurettin> smesjz: can you control my mail server port of 25 telnet 88.252.48.218 25[18:18:09] <lordrich> koollman: what options are you using for postmap?[18:18:13] <ruben_> smesjz: well, again, thank you! good bye :=)[18:18:19] *** ruben_ has quit IRC[18:30:42] *** rek2 has joined #postfix[18:30:54] <rek2> hi[18:31:02] <rek2> anyonw knows if I can redirect a domain to /dev/null on transport file?[18:31:20] <rek2> I am getting spam storm from a domain I don't use anymore for email[18:31:36] <rek2> I want to block that subdomain[18:31:42] <rek2> is limiting my smtp service[18:32:19] <pipatron> From a domain?[18:32:55] <rek2> to a domain[18:33:04] <rek2> any email comming to my subdomain to be block[18:33:12] <rek2> no matter from where[18:33:24] <rek2> I have for example mail2.domain.com[18:33:42] <rek2> but my real mx is another one but that one stills points to my mail server for some reason[18:33:48] <rek2> in the mean time I dissable the mx[18:33:54] *** fiXXXerMet has quit IRC[18:33:58] <rek2> I want to stop all the email comming to that subdomain[18:34:09] <rek2> to be discarded or redirected to null or something[18:35:11] <UQlev> rek2: do you use virtual domains?[18:35:41] <UQlev> rek2: why don't delete it from the list of your domains[18:36:42] <rob0> Indeed, just don't accept it.[18:38:16] * cpm isn't sure he can accept rob0[18:39:21] <rek2> UQ, I dont hace access to the domain server at the moment[18:39:27] <rek2> this is a spam server[18:39:28] *** rcsu has joined #postfix[18:39:29] <rek2> no virtual[18:39:33] <rek2> no local[18:39:51] <rek2> I use amavis sqlgray etc[18:39:55] <rek2> clamav[18:39:56] <rek2> ...[18:40:40] * UQlev wonders what is clamav for on a spam server[18:41:32] <jelly-home> I prefers ANTIspam servers[18:41:48] <pipatron> Maybe he's hosting a spamserver[18:41:50] *** ming_zym has left #postfix[18:41:57] <pipatron> To give us great deals on viagra[18:42:13] * UQlev have never seen yet someone admitting he is running spam server :))[18:42:24] <jelly-home> I thought that was offloaded to zombie nets nowadays[18:45:04] *** ming_zym has joined #postfix[18:45:34] <jelly-home> as for "why clamav on an antispam server": http://www.sanesecurity.com/clamav/[18:48:00] <jelly-home> Idea: some of new spam comes through your filters, but if scanned an hour later it gets detected. Wouldn't it be nice if there was a way to tell the mail store "No, wait, delete that junk I delivered to you." :-)[18:48:05] <rob0> No virtual, no local ... and apparently no clue![18:48:25] * cpm checks his rob0 clues[18:48:50] <rek2> an ANTI spam server[18:48:51] <rek2> lol[18:48:51] <rob0> Col. Mustard, with the lead pipe, in the ballroom![18:49:30] *** pingouin has quit IRC[18:49:31] <rek2> well anyways does anyone knows how to discard that email?[18:50:07] <rob0> Just. Don't. Accept. It.[18:50:30] <rek2> I am trying this is why I am asking[18:50:33] * cpm has always been a fan of the monkey wrench, dunno why[18:50:34] <rek2> I never blocked a domain[18:51:11] <rek2> can I forward email for that subdomain to /dev/null on the transport file?[18:51:16] <jelly-home> rek2: you accept _all_ the mail that comes in?[18:51:21] <rob0> Somehow, you (or someone else) told your Postfix to accept mail for certain domains. Amend that list.[18:51:53] <jelly-home> rek2: even mail for foo at not-your-domain dot com?[18:51:57] <rek2> I accept all email comming into smtp then it hitst sqlgray then amavisd[18:52:01] <rek2> noo..[18:52:07] <rek2> if is not for my domain it does not[18:52:13] <rek2> but this is a subdomain from my real domain[18:52:14] <rek2> so comes in[18:52:32] <rek2> and not deliver because they are no mailboxes for that subdomain[18:52:36] <rek2> mydomain.com[18:52:48] <rek2> this.mydomain.com <--- I need to block[18:52:49] <jelly-home> rek2: get rid of the .real-domain.com wildcard entry?[18:53:04] <rob0> OMG. What a horrible idea that is.[18:53:11] <rek2> then I wont get email for other subdomains I will need to add one by one to the main.cf[18:53:24] <rob0> furrfu![18:53:36] * rob0 needs air[18:53:37] <jelly-home> rek2: if you have to do that, your setup sucks[18:53:42] * pipatron needs zleeep[18:53:43] <rek2> I can dissable mx for that subdomain but in the mean time I am getting hit.[18:53:49] <rek2> I have not set it up sorry[18:53:51] <smesjz> lo pipatron[18:53:56] <rek2> I got it basically like that[18:53:58] <pipatron> yo[18:54:03] <rek2> now I have to deal with it.. :-/[18:54:20] *** |DeuS| has quit IRC[18:54:27] <jelly-home> rek2: virtual was created for a reason! :-)[18:55:13] <rek2> mydomain = hereIhavemydomain.com[18:55:20] <rek2> I do have virtuals[18:55:21] <uncoded> anyone here uses lookup tables in LDAP ?[18:55:30] <rek2> and I use them for redirections to the inside mail servers[18:55:51] <rek2> virtual_alias_maps = hash:/etc/postfix/virtual[18:56:13] <jelly-home> rek2: it's easy. enum all the sub.hereIhavemydomain.com in another virtual, and get rid of .hereIhavemydomain.com[18:56:14] <rek2> so you are suggesting to add the /dev/null under virtual_maps?[18:56:30] <rek2> ohh[18:56:37] *** hparker_lappie has joined #postfix[18:56:46] <rek2> mydomain = hereIhavemydomain.com[18:56:54] <rek2> I have it like that with no .here...[18:56:55] <smesjz> hparker_lappie_dance?[18:57:03] <rek2> no wildcard neither[18:57:21] <hparker_lappie> smesjz: hehe[18:57:32] <jelly-home> rek2: if that was the only place you had it, you wouldn't accept badsub.hereIhavemydomain.com[18:57:57] <jelly-home> (at least that's my understanding. I'm a newbie)[18:58:22] <rek2> look..[18:58:28] <rek2> let me get the piece in the log[18:59:12] *** hparker has quit IRC[18:59:27] <rek2> ct 1 12:51:23 hormel postfix/lmtp[3519]: 799EFDD090A: to=<rahman at mail2 dot mydomain.com>, relay=127.0.0.1[127.0.0.1], delay=1095, status=sent (250 2.6.0 Ok, id=02880-05-3, from MTA: 250 Ok: queued as 5E7B2DD08EB)[18:59:36] * cpm wants out of hparker's_lappie[18:59:42] <rek2> and is getting queue I will like to reject mail2.mydomain.com[18:59:43] *** hparker_lappie is now known as hparker[19:00:12] <hparker> I was too lazy to play with ghost[19:00:36] <cpm> I was getting creeped out.[19:01:14] *** Homer_J has quit IRC[19:01:23] <hparker> heh.. Don't worry.. I don't give out lap dances to just anyone[19:01:27] *** ming_zym has left #postfix[19:03:22] *** duki has quit IRC[19:03:38] *** WildPikachu has quit IRC[19:03:50] <pickcoder> rek2: and mail2.mydomain.com isn't anywhere in virtual_mailbox_domains?[19:05:03] * cpm shudders[19:05:25] <rek2> no[19:06:01] <rob0> Shuddering at the lap dance or the accept-anything Postfix?[19:06:48] <pickcoder> rek2: what's in mydestination?[19:06:48] <jelly-home> rek2: you need to find where did you set up to accept mail for .mydomain.com or mail2.mydomain.com, cause it IS somewhere[19:07:25] * jelly-home would just push @bad.mydomain.com REJECT in a virtual file and see what happens[19:07:44] <rek2> mydomain = hereIhavemydomain.com[19:07:48] <rek2> virtual_alias_maps = hash:/etc/postfix/virtual[19:08:13] <rek2> local_transport = error:local mail delivery is disabled[19:08:24] <rek2> mynetworks = all of those..[19:08:33] <rek2> content_filter = lmtp-amavis:[127.0.0.1]:10024[19:08:41] <rek2> transport_maps = hash:/etc/postfix/transport[19:08:48] <rek2> relay_domains = $transport_maps $mydomain[19:08:54] <jelly-home> eww.[19:08:58] <jelly-home> pastebin[19:09:05] <rek2> im pasting line by line[19:09:06] <pickcoder> rek2: putting in bogus content is going to make helping you nearly impossible[19:09:09] <rob0> it's in hash:/etc/postfix/transport[19:09:17] <pickcoder> rob0: probably[19:09:25] <pickcoder> or mydestination[19:09:44] <rek2> yes I use transport heavyly this is why I am asking in my original questions: " how do I block or sent to /dev/null a domain in transport.[19:09:50] <jelly-home> rek2: pastebin postconf -n[19:09:57] <pickcoder> rek2: transports with wildcards are dangerous[19:10:11] <rek2> I dont have any with wildcard[19:10:20] <pickcoder> I didn't say you did.. I'm making you aware of it.[19:10:22] <rob0> Just TAKE IT OUT of the transport table.[19:10:32] <rek2> mydomain smtp:[iphere][19:10:36] <rek2> is not there..[19:10:52] <rek2> I have two subdomains[19:11:02] <rek2> lan1 and mail2.lan.mydomain.com[19:11:09] <rek2> but none is mail2.mydomain.com[19:11:17] <pickcoder> rek2: if you don't paste REAL information, it will be impossible to spot the one typo that is causing the problem[19:11:30] <rek2> pickcoder were should I paste it?[19:11:34] <pickcoder> !pastebin[19:11:35] <knoba> pickcoder: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.[19:12:06] <pickcoder> postconf -n[19:12:14] <pickcoder> for starters[19:13:03] <rob0> maybe unset parent_domains_matches_subdomains[19:13:09] <rob0> !parent_domains_matches_subdomains[19:13:10] <knoba> rob0: Error: "parent_domains_matches_subdomains" is not a valid command.[19:13:13] *** silas has left #postfix[19:13:17] <rob0> !parent_domain_matches_subdomains[19:13:18] <knoba> rob0: "parent_domain_matches_subdomains" : a configuration parameter in the main.cf: What Postfix features use "domain.tld matches sub.domain.tld" style pattern matching instead of ".domain.tld matches any subdomain". This is planned backwards compatibility: eventually, all Postfix features are expected to require explicit ".domain.tld" style patterns when you really want to match subdomains.[19:14:47] <rek2> http://paste.debian.net/38536[19:15:05] <jelly-home> Hm. Looks like this text in virtual(5) is not completely correct: The virtual-alias.domain anything entry is required for a virtual alias domain. *Without this entry, mail is rejected with "relay access denied", or bounces with "mail loops back to myself"*.[19:15:46] * pickcoder gives up[19:15:48] <rob0> why is that wrong?[19:16:05] <jelly-home> RHEL4's postfix did let me deliver mails locally with no "mail loops back to myself". It's just that it wouldn't accept it from remote.[19:17:04] <rob0> ah, in other words, accepted under permit_mynetworks, then routed via virtual(5).[19:17:25] <jelly-home> sounds reasonable, yes[19:18:00] <rek2> jelly-home: rob0?[19:19:00] <jelly-home> I'm an open relay for localhost! Gosh![19:23:07] <pickcoder> that would be worrysome.. someone may telepathically connect to 127.0.0.1 and send spam out[19:23:26] <rek2> pickcode did you check the pastebin thing?[19:23:30] <rek2> I put all my main.cf on it[19:23:50] *** ki_ has joined #postfix[19:23:51] <jelly-home> pickcoder: I'll put smtp auth on it.[19:24:41] *** ki__ has joined #postfix[19:29:03] *** smesjz has quit IRC[19:29:50] *** smesjz has joined #postfix[19:32:14] <rek2> ls[19:37:19] <Alan_Hicks> Out of curiosity, I have some strange behavior from my postfix installation and google nor man has turned up any help.[19:37:37] *** GoGi has quit IRC[19:37:49] <Alan_Hicks> MX is barnowl.lizella.net and also does NAT for a small LAN. carrier.lizella.net has an address on that private LAN.[19:37:59] <Alan_Hicks> publically, *.lizella.net resolves to barnowl.[19:38:52] <Alan_Hicks> barnowl accepts mail for alan at foo dot bar, alan at barnowl dot foo.bar, etc, but email to alan at carrier dot foo.bar gets forwarded to carrier.lizella.net (e-mails munged for SPAM prevention of course)[19:39:38] <Alan_Hicks> I can't find anything out of the ordinary in postconf -n, so I was wondering if this is because barnowl sees a different IP for carrier than the original sender?[19:40:02] *** ki_ has quit IRC[19:41:22] *** amrit|zzz is now known as amrit|mtg[19:46:22] <rob0> hiya[19:47:08] <rob0> !parent_domain_matches_subdomains[19:47:09] <knoba> rob0: "parent_domain_matches_subdomains" : a configuration parameter in the main.cf: What Postfix features use "domain.tld matches sub.domain.tld" style pattern matching instead of ".domain.tld matches any subdomain". This is planned backwards compatibility: eventually, all Postfix features are expected to require explicit ".domain.tld" style patterns when you really want to match subdomains.[19:48:39] *** Twinkletoes has quit IRC[19:50:06] *** bkw has joined #postfix[19:50:12] *** bkw__ has joined #postfix[19:51:57] *** bkw has quit IRC[19:54:36] *** githogori has joined #postfix[19:58:13] <Alan_Hicks> Any ideas about my problem mentioned above?[19:59:28] <rob0> did that help?[20:02:40] <lordrich> Alan_Hicks: that sounds like correct behaviour, are you saying that the mail to carrier should remain on barnowl?[20:03:30] <Alan_Hicks> lordrich: yes, or rather, alan at carrier dot foo.bar should simply be rejected.[20:04:52] <lordrich> are there any mx records for carrier.foo.bar?[20:04:55] *** nurettin has quit IRC[20:05:03] <lordrich> and is this mail coming from internal or external?[20:05:31] <Alan_Hicks> negative, only MX is to barnowl, but barnowl and carrier have the same IP address to nodes outside my private LAN.[20:05:35] <Alan_Hicks> external.[20:05:56] <Alan_Hicks> IIUC, I should just remove relay_domains from parent_domain_matches_subdomains.[20:06:00] <lordrich> ok, external email shouldn't be relayed anywhere unless you've got an openrelay or you've configured relaying[20:06:16] <rob0> unset parent_domain_matches_subdomains[20:06:19] <Alan_Hicks> lordrich: Well, it won't relay to anywhere outside my LAN.[20:06:32] <rob0> postconf -e 'parent_domain_matches_subdomains ='[20:07:07] <lordrich> yeah - what rob0 said[20:08:18] <lordrich> although I'm still not convinced that Postfix would relay it unless relaying has explicitly been configured[20:08:40] <Alan_Hicks> http://pastebin.ca/721995[20:09:01] <Alan_Hicks> Perfect.[20:10:02] <Alan_Hicks> Relaying isn't allowed: http://pastebin.ca/721997[20:10:23] <Alan_Hicks> Except from internal hosts on that private LAN, and through TLS SASL authentication.[20:10:52] *** pickcoder has quit IRC[20:11:22] <lordrich> the "loops back to myself" isn't perfect, it should be rejecting it without attempting to deliver surely?[20:12:43] <roe> is there a reliable way to lookup originating country?[20:13:24] *** rek2 has quit IRC[20:13:39] <Alan_Hicks> lordrich: Well, that "loops back to self" was for the bounce message.[20:15:42] <Alan_Hicks> A better test: http://pastebin.ca/722007 everything works as it's supposed to.[20:16:25] <lordrich> ok, that looks better[20:16:45] *** dfdf has joined #postfix[20:17:04] <Alan_Hicks> Reason for all that crap the first time was I sent it from alan at foo dot bar, so naturally the bounce loops back to self.[20:17:15] <Alan_Hicks> rob0: thanks.[20:21:11] *** dfdf has quit IRC[20:23:13] *** duki has joined #postfix[20:23:22] *** cvcv has joined #postfix[20:24:57] *** UQlev has quit IRC[20:34:29] *** majikman has joined #postfix[20:34:44] <majikman> so whats the best way to be able to send mail and get into a hotmail inbox?[20:34:52] <majikman> ie: getting past their spam filters[20:35:09] <majikman> i get a 250 response from the hotmail servers but it never even makes it into my junkmail folder[20:37:58] <lordrich> check you're not blacklisted, send from a static ip address not on a consumer isp, make sure dns is configured correctly, consider spf[20:38:15] <majikman> i already checked everything except spf[20:38:32] <majikman> what does that acronym stand for?[20:38:44] <lordrich> !spf[20:38:44] <knoba> lordrich: "spf" : sender policy framework - an extension to SMTP that allows to identify and reject emails from spoofed/forged email senders[20:38:48] <majikman> sender policy frame work?[20:38:51] <rob0> That's a FAQ here, and I wonder why? We can tell you how to *possibly* maximize your chances, but only Hotmail knows why they discard real mail.[20:38:53] <majikman> ok, thanks[20:39:09] <lordrich> although I'm not sure Hotmail takes any notice of spf[20:39:20] <majikman> rob0, got a link to that faq?[20:39:25] <majikman> hotmail is retarded[20:39:47] <rob0> The bottom line is, don't expect Hotmail to handle mail responsibly.[20:40:06] <majikman> i can't tell that to my clients though[20:40:51] <rob0> "FAQ here" means "every day someone comes in here and wants us to adjust Hotmail's irresponsible spam filters".[20:41:02] <rob0> Why not?[20:42:01] <majikman> because my client will drop me and go with a competitor if i can't fulfill their needs[20:46:10] *** bkw__ has quit IRC[20:46:56] *** bkw has joined #postfix[20:54:24] *** bahadunn has joined #postfix[20:54:49] <bahadunn> I have saslauthd working with postfix but not over tls[20:55:06] <bahadunn> any ideas why it would work without tls but not work with tls?[20:55:31] *** thelostbutler has quit IRC[21:02:37] *** cilly has joined #postfix[21:05:25] *** growltiger has quit IRC[21:06:15] *** MrAlk3 has joined #postfix[21:06:36] *** MrAlk3 has left #postfix[21:08:16] *** carl- has joined #postfix[21:12:42] *** bitrot has joined #postfix[21:13:24] <uncoded> can I extract just one part of result in result_format at ldap tables?[21:14:22] *** brancaleone has joined #postfix[21:14:23] <uncoded> result is 'farm1.foo.bar', I need get just 'foo' in the result, it's possible?[21:15:10] *** keyhack has left #postfix[21:15:46] <uncoded> I'm trying use result_format=bar%[s-1].example, and I get a segmentation fault . :([21:18:27] *** j2^ has joined #postfix[21:18:35] <j2^> Goodevening![21:20:02] <j2^> If i would like to run a vhiosting solution using postfix. Can someone recommend a good combination och pop/imap-servers and web based admin tool? (Kicker is: Users need to be able to change their own passwords). Normally i would most likely have used XAM. But, i figured it's time top get to know Postfix[21:20:45] <smesjz> if you're on debian, the workaround.org tutorial is nice[21:20:58] <smesjz> i like dovecot a lot for imap/pop3[21:21:27] <evadave> It is virtual-mysql meets procmail like extensibility[21:21:29] <evadave> it rawks![21:21:39] <evadave> uh, qmail, rather.[21:22:28] <smesjz> i used to have courier-imap/pop3 with maildrop and horde/imp for webmail[21:24:06] *** slackjr has joined #postfix[21:27:33] *** Mez_ has joined #postfix[21:31:47] *** syzygyBSD has left #postfix[21:32:14] *** prebur45 has quit IRC[21:33:52] <j2^> smesjz: Yes, debian. However, i looked through that tutorial, and maybe i am missing something, but how can a user change their password?[21:33:59] *** cpm has quit IRC[21:34:43] <smesjz> uhm, they can install a plugin for squirrelmail?[21:34:46] <sysmonk> j2^: login details are in mysql[21:34:57] <sysmonk> so the change password thing will depend on your webmail[21:35:03] <smesjz> or write something yourself if you have an exotic scheme like SHA256[21:35:26] <sysmonk> smesjz: um, changing a few words in a already made script wouldn't hurt for sha256 :)[21:35:33] <j2^> sysmonk: Webmail will be Horde/IMP... Sooo, any password-plugin available for that setup?[21:35:41] <sysmonk> j2^: afaik - yes[21:36:49] <smesjz> yea, i hacked horde a few years ago so it could be used with virtual vacation autoresponder[21:36:55] <smesjz> it was nice[21:37:10] <smesjz> but horde/imp is a bitch to upgrade imho[21:37:53] <j2^> smesjz: Why? I havent had any upgrade issues when using CVS?[21:38:48] <smesjz> well, it broke my config sometimes[21:39:35] <j2^> smesjz: Never had any issues, just look in the admin panel for horde, and scan for the flagged configs.[21:40:14] <smesjz> i know...it's probably good for the patient admins ;)[21:40:52] <smesjz> but it took me quite some time to assemble a good config that was stripped of all junk my customers (schools etc) didn't need[21:41:29] <j2^> Yeah, it is a bit like the swiss army knife approach :)[21:43:15] <smesjz> too bad roundcube was too limited feature-wise to be a good alternative[21:43:52] <j2^> In all honesty, i kinda started with Horde/IMP maaaaaany years back.... and kinda stuck with it :)[21:45:26] <smesjz> i started with squirrel, didnt like the interface, used horde/imp for a while and got bored it..so i looked at roundcube and it didnt work. Then I graduated and got a real job ;)[21:46:43] <j2^> *lol* Sounds fanmiliar.[21:47:13] <j2^> But, you oknow, the workaround tutorial seem kinda good. But i still wonder why i cant find anything like XAMS but postfix based. '[21:47:55] <smesjz> yea, I even contributed some part of the workaround tutorial :) and made the author enthousiastic about Dovecot ;)[21:48:04] <smesjz> XAMS?[21:48:58] <j2^> xams.org, its a Exim+Courier+mySQL+WebInterface which is... DARN nice if i say so myself.[21:49:54] <bahadunn> this is so weird[21:49:56] <smesjz> well, whatever turns you on ;)[21:50:03] <bahadunn> sasl auth works fine without tls[21:50:15] <bahadunn> but with tls I get authentication failure[22:00:45] *** prebur45 has joined #postfix[22:05:41] *** Stuio has joined #postfix[22:05:43] <Stuio> Hello, what is the correct place to put 'quotawarnmsg' if the user overlaps mailquota size?[22:10:41] *** duki has quit IRC[22:11:39] <smesjz> Stuio: using maildrop?[22:12:21] <smesjz> i remember i fetched its location using 'strings /usr/bin/maildrop | grep 'quotawarnmsg'[22:14:05] <Stuio> ahh thanks, one moment smesjz[22:15:17] <Stuio> strings /opt/mail/maildrop/bin/maildrop | grep quotawarn[22:15:18] <Stuio> /opt/mail/maildrop-2.0.4/etc/quotawarnmsg[22:15:24] <Stuio> Yes, I use this place, but does not send nothing if I overlap the message, only an standar message like this[22:15:34] <Stuio> pyzor: check failed: internal error maildrop: maildir over quota.[22:16:00] *** hparker has quit IRC[22:16:19] <smesjz> how is maildrop invoked?[22:16:27] <smesjz> i wonder what pyzor is doing there[22:16:39] <Stuio> but looks like that it sends and ugly mail if the user overlap the quota[22:17:09] <Stuio> I use[22:17:10] <Stuio> flags=DRhu user=vmailbusiness:vmailbusiness argv=/opt/mail/maildrop/bin/maildrop -a -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}[22:17:12] <smesjz> nah, it can send a nice custom mail..i've seen that before & used it myself[22:17:40] <smesjz> ic, so it warns at 90%[22:17:54] <Stuio> also, under maildroprc it lauch spamassassin so for this reason 'pyzor' appears here[22:17:54] <smesjz> what's the -a flag doing there? it's been a while since I used maildrop[22:18:11] <Stuio> looks to force authlib auth[22:18:17] <Stuio> maybe has no nothing[22:18:42] <smesjz> so can the user vmailbusiness read the /opt/mail/maildrop-2.0.4/etc/quotawarnmsg file?[22:18:58] <smesjz> are you familiar with strace?[22:19:15] <smesjz> in the past, strace was the only way to debug maildrop..it's better now I think ;)[22:20:12] <smesjz> it's a good way to test if you give vmailbusiness a temporary shell so you can su - to it[22:20:54] <smesjz> and then run 'strace -o /tmp/dump /opt/mail/maildrop -a -d test at adress dot org -w 90'[22:21:05] <smesjz> and inspect /tmp/dump after you're done[22:21:31] <Stuio> thanks, with perms should to read it[22:21:45] *** rcsu has quit IRC[22:22:02] *** Mavvie has quit IRC[22:22:07] <smesjz> you need to check underlying directories too :)[22:22:08] *** Mavvie has joined #postfix[22:22:27] <smesjz> maybe my old quota tutorial is of any use here: http://www.xs4all.nl/~jaspersl/quota/[22:22:50] <smesjz> i wrote it somewhere in 2004...so it's old now ;)[22:23:49] <Stuio> well, thanks anyway[22:24:13] <smesjz> but with strace you should be able to pinpoint the problem[22:24:24] <smesjz> as it shows the operations of maildrop on a fairly low level[22:24:29] *** uncoded has quit IRC[22:24:39] <smesjz> better than the -V 10 debug switch of maildrop[22:25:53] <Stuio> the -w 90 it is correct?[22:27:20] *** duki has joined #postfix[22:28:23] <Stuio> smesjz: in anyway it send an email to overlapped quota (sorry english) I see this mail, where this email comes from?[22:28:26] <Stuio> I'm sorry to have to inform you that your message could not[22:28:27] <Stuio> For further assistance, please send mail to postmaster.[22:28:29] <Stuio> be delivered to one or more recipients. It's attached below.[22:28:55] <Stuio> maybe it is my 'quotamailwarn' edit by courier ;P[22:28:56] <smesjz> oh, that's the default Postfix mail[22:29:09] <Stuio> ahh, so the maildrop does not send nothing then[22:29:12] *** growltiger has joined #postfix[22:29:32] <smesjz> but maildrop should softbounce it (4xx) rather than 5xx for some time[22:33:20] <smesjz> anyway, i'm off to bed...good luck Stuio[22:33:23] *** smesjz has quit IRC[22:33:52] *** Grisha has left #postfix[22:40:24] <bahadunn> found the problem[22:40:32] <bahadunn> for anyone who wants to make a note of it[22:41:11] <bahadunn> if using alternate ports and sasl auth the daemons on the alterante port have to be chrooted with the normal daemon so they can find the saslauthd directory[22:41:24] *** hparker has joined #postfix[22:42:01] *** duki has quit IRC[22:42:11] *** duki has joined #postfix[22:43:05] *** sega01 has quit IRC[22:44:29] *** githogori has quit IRC[22:45:39] *** bahadunn has quit IRC[22:48:57] *** slackjr has quit IRC[22:53:14] *** etaylor has quit IRC[22:54:02] *** csm-laptop has quit IRC[23:11:23] *** carl- has quit IRC[23:17:37] *** GoGi has joined #postfix[23:17:48] *** sega01 has joined #postfix[23:19:41] *** HomerJ has joined #postfix[23:27:14] *** muh2000_ has quit IRC[23:51:13] *** HomerJ is now known as Homer_J|AFK[23:58:29] *** pirho has quit IRC