November 13, 2007 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
November 13, 2007 [00:00:19] <MysticOne-XMPP> the bar.net guy is on my server, sending via my postfix, and the message should be getting through just fine ... he's had it happen with a few different addresses[00:00:20] <hans_> well, if you have configured your postfix to send directly rather than through an smtp server, it will[00:00:21] <MysticOne-XMPP> all the same error[00:00:42] <MysticOne-XMPP> and I've never had any problems sending mail (I use the same server) for like two-three years now[00:03:20] *** steevel has quit IRC[00:04:04] <hans_> is foo.com your smtp relay?[00:04:42] <hans_> usually this message happens when authentication is required[00:07:58] <MysticOne-XMPP> no, foo.com is the domain of the destination[00:08:13] <MysticOne-XMPP> bar.net is one of the domains in my virtual domains[00:08:28] <MysticOne-XMPP> unless he's not using his authentication information like he's supposed to[00:08:35] <hans_> so, i presume, your email server is simply configured to send out emails, without relaying through an smtp server?[00:08:35] *** hemry has quit IRC[00:08:42] <MysticOne-XMPP> correct[00:08:42] *** hemry has joined #postfix[00:12:02] <hans_> unless I am mistaken, that is where the problem is originating. any one can correct me if i am wrong, but what is happening is that your email server[00:12:34] <hans_> is trying to directly relay the message to the recipient server, which has been configured not to allow that, without authentication[00:12:49] <hans_> to prevent spam, or whatnot[00:12:54] <hans_> i guess[00:14:48] <hans_> http://tigerprivacy.com/qna/relay-not-permitted.html[00:19:19] <hans_> this might help as well[00:19:20] <hans_> http://pobox.com/bounce-common.mhtml[00:20:56] *** robair has quit IRC[00:22:38] <MysticOne-XMPP> but to me, it looks like it's coming from my server ... not the remote one[00:23:04] <MysticOne-XMPP> I'm assuming that outlook is screwing up the actual message because the error he forwarded me doesn't look like anything my server sends, but it's identical for several different addresses to which he's tried to send messages[00:24:25] <MysticOne-XMPP> I think the problem is that he's not authenticating[00:29:56] <hans_> sorry, which was your server again? foo.com or bar.com?[00:33:14] <MysticOne-XMPP> well, in that example, bar.net is a virtual domain hosted by my server[00:33:40] <hans_> why is it going to to=<info at foo dot com.com> ?[00:33:47] <hans_> is that just a typo?[00:33:50] <MysticOne-XMPP> yes[00:33:51] <MysticOne-XMPP> :)[00:33:55] <MysticOne-XMPP> supposed to just be foo.com[00:34:25] <hans_> can you "telnet foo.com 25" ?[00:35:01] <hans_> from your email server?[00:35:14] <MysticOne-XMPP> yep[00:35:40] <hans_> can you try "HELO bar.net" ?[00:36:23] <MysticOne-XMPP> 250 Requested mail action okay, completed[00:36:29] <hans_> now try[00:36:39] <hans_> "MAIL FROM: booga at bar dot net"[00:37:04] <MysticOne-XMPP> 250 again[00:37:08] <hans_> (i'm using your pseudo names, of course ;) so you'll have to translate them)[00:37:33] <hans_> then do "RCPT TO: info at foo dot com"[00:37:48] *** sweed has quit IRC[00:38:16] <MysticOne-XMPP> 250 again[00:38:26] <MysticOne-XMPP> so it must be my server telling him he's an idiot for not authenticating[00:38:27] <MysticOne-XMPP> :)[00:38:43] <MysticOne-XMPP> and outlook/vista is just screwing up the messages (not surprisingly)[00:39:09] <hans_> (anything is possible, i would not put it past microsoft, to be honest)[00:39:25] <hans_> then try "DATA"[00:39:27] <MysticOne-XMPP> same here[00:39:52] <MysticOne-XMPP> 354 Ready[00:40:31] <hans_> then type in some message, like, "test message" (if you don't want a test message3 sent to this address, you would be best to cancel at this point_[00:40:47] <MysticOne-XMPP> yeah, I figured that :D[00:42:17] *** brancaleone has quit IRC[00:42:34] <MysticOne-XMPP> thanks very much :) this helps me a lot ... I know now to call him up and fuss at him for setting it up wrong[00:42:59] <hans_> no worries, i'm glad it helped somewhat[00:46:27] *** growltiger has quit IRC[00:51:54] *** war has quit IRC[01:10:58] *** Sieg has joined #postfix[01:12:26] *** Sieg_ has quit IRC[01:13:47] *** felix_da_catz has joined #postfix[01:21:18] *** theblackbox has quit IRC[01:21:56] *** captiancrash has joined #postfix[01:33:09] *** ming_zym has joined #postfix[01:48:25] *** pitakill has joined #postfix[01:51:04] *** tshine has quit IRC[01:59:06] *** ming_zym has left #postfix[01:59:55] *** ming_zym has joined #postfix[02:13:16] *** growltiger has joined #postfix[02:15:44] *** hparker has quit IRC[02:18:13] *** ming_zym has left #postfix[02:19:01] *** ming_zym has joined #postfix[02:19:08] *** githogori has quit IRC[02:19:45] *** ming_zym has quit IRC[02:24:59] *** ming_zym has joined #postfix[02:28:25] *** ack_syn has joined #postfix[02:39:07] *** ack_syn has quit IRC[02:43:43] *** Trengo has quit IRC[02:57:27] *** lunaphyte has joined #postfix[03:01:44] *** lunaphyte has quit IRC[03:05:17] *** Tachy_ has joined #postfix[03:08:48] *** Motoko-chan has joined #postfix[03:14:05] *** jsoftw has quit IRC[03:14:54] *** higuita has joined #postfix[03:19:25] *** Tachy has quit IRC[03:22:22] *** adaptr has quit IRC[03:23:43] *** Bejgli has quit IRC[03:31:52] *** psyllo has joined #postfix[03:32:43] *** magyar has quit IRC[03:32:55] *** magyar has joined #postfix[03:35:20] *** Bejgli has joined #postfix[03:40:24] *** amrit|wrk is now known as amrit|afk[03:42:51] *** pirho has quit IRC[03:51:17] *** simprix has joined #postfix[03:51:47] <simprix> How can I get rid of this error. warning: do not list domain jbandme.com in BOTH mydestination and virtual_alias_domains. Also this one. dict_nis_init: NIS domain name not set - NIS lookups disabled[03:57:07] *** Motoko-chan has quit IRC[03:58:07] <growltiger> it pretty much tells you what to do[03:59:03] *** pingouin has quit IRC[03:59:47] <simprix> I did that and then mail isn't being received[04:00:04] <simprix> I took it out of mydestination and no mail comes through[04:00:27] *** pingouin has joined #postfix[04:03:05] *** simprix has quit IRC[04:18:54] *** gcs has joined #postfix[04:20:50] <gcs> Hi. I have Postfix 2.1.5 on Debian with virtual domains and virtual users in MySQL.[04:21:01] <growltiger> sorry to hear that[04:21:11] <gcs> It is working good, but now I would like to add MailMan aliases to this.[04:22:50] <gcs> I have filled /etc/aliases and set alias_maps and alias_database to it. But Postfix does not use it, only virtual_alias_maps .[04:22:55] <gcs> What do I miss?[04:23:41] <growltiger> !postalias[04:23:42] <knoba> growltiger: Error: "postalias" is not a valid command.[04:23:52] <growltiger> !postmap[04:23:53] <knoba> growltiger: "postmap" : a command to 'compile' text files to hash databases. Example: a file transport will be converted to transport.db by running 'postmap transport'. Your main.cf will contain something like transport_maps = hash:/etc/postfix/transport (without the '.db')[04:25:03] <gcs> growtiger: Missed, but ofcourse I compiled my /etc/aliases to aliases.db .[04:25:42] <gcs> growtiger: I have reloaded Postfix after the configuration change. I will restart it completely and check again.[04:33:52] *** lunaphyte has joined #postfix[04:33:55] <gcs> growtiger: It's postalias actually and my Postfix does not use /etc/aliases.db :([04:35:39] <gcs> growtiger: Are you sure that aliases and virtual aliases work together?[04:36:01] <gcs> growtiger: Which one checked first if yes?[04:41:27] *** aent has quit IRC[04:42:29] *** githogori has joined #postfix[04:49:06] <growltiger> i'm pretty sure alias gets checked first[04:52:40] <gcs> growltiger: I'm not sure. Somehow all HOWTOs say register a separate domain (lists.host.tld) to handle normal aliases.[04:52:46] *** Motoko-chan has joined #postfix[04:53:29] <gcs> growltiger: Just tried again, Postfix says MailMan alias does not exist.[04:55:39] *** aent has joined #postfix[04:59:12] <gcs> Log still talks this: postfix/smtpd[32516]: NOQUEUE: reject: RCPT from unknown[my.ip.address]: 550 <mailman at host dot tld>: Recipient address rejected: User unknown in virtual mailbox table.[05:07:14] *** tris has quit IRC[05:11:12] *** MysticOne-XMPP has left #postfix[05:11:39] *** teddy_ has joined #postfix[05:15:54] *** seemant has joined #postfix[05:15:55] <seemant> hmm[05:16:10] <seemant> if anyone's awake, I'm having issues (all of a sudden) with postfix dropping my smtp connections[05:17:31] *** kreg_lt has joined #postfix[05:38:53] <f3ew> what's in the logs?[05:49:22] *** darkphader has quit IRC[05:50:49] *** christopher has quit IRC[06:01:09] *** Lap_64 has joined #postfix[06:03:08] *** Tinozaure is now known as _Tino[06:03:13] *** _Tino is now known as Tinozaure[06:15:30] *** alamar has quit IRC[06:26:43] *** Anz has joined #postfix[06:26:46] *** kk_CHN has joined #postfix[06:27:01] <Anz> Hey Everyone, I've got a quick question[06:27:20] <Anz> Currently I have a Postfix Gateway server, just rejecting mail[06:27:51] <Mavvie> that's not a question.[06:27:54] <Anz> my question is, is there anyway to instead reject that mail, still block it from the original recipient,and BCC it to a different account?[06:28:00] <Anz> was typing :p[06:28:07] *** alamar has joined #postfix[06:28:48] <Anz> bcc_always = doesn't seem to do the trick, it does it after the reject blocks[06:30:42] <Anz> I basicly want the define what the system does upon a rejected piece of mail[06:31:42] <f3ew> Anz rejected mail is never accepted[06:32:14] <f3ew> you can do what yuo want with a smtpd_proxy_filter and smtpd_end_of_data_restrictions rejection[06:33:06] <Anz> k, off to google[06:33:09] <Anz> Thanks ^_^[06:33:33] *** Anz has quit IRC[06:44:33] *** rokra has joined #postfix[07:04:36] *** pitakill has quit IRC[07:11:05] *** keanne has joined #postfix[07:24:16] *** sh0wt1me has joined #postfix[07:26:00] *** Lap_64 has quit IRC[07:37:29] *** gcs has quit IRC[07:43:27] *** tmjb has joined #postfix[07:51:58] *** Motoko-chan has quit IRC[08:04:47] *** marc7 has joined #postfix[08:12:32] *** die_z has joined #postfix[08:13:53] *** majikman has quit IRC[08:13:56] *** Zeit|awy has quit IRC[08:39:48] *** tmjb has quit IRC[08:56:30] *** ^Willie^Laptop has joined #postfix[09:01:55] *** dragonheart has quit IRC[09:02:52] *** dragonheart has joined #postfix[09:06:18] *** die_z has quit IRC[09:21:03] *** ming_zym has quit IRC[09:24:15] *** die_z has joined #postfix[09:24:37] *** Mr_Alex has joined #postfix[09:27:01] *** rokra has quit IRC[09:27:04] *** harobed has joined #postfix[09:28:41] *** cutmasta has joined #postfix[09:28:48] *** ming_zym has joined #postfix[09:34:34] <kimmey> is it any easy way to add mysqlsupport to postfix or do i need to start all over?[09:40:39] <f3ew> kimmey if you have compiled it in ...[09:42:37] <kimmey> no really fedora dosent by def so i have to do it now[09:43:39] *** githogori has quit IRC[09:44:56] *** meandtheshell has joined #postfix[09:46:45] *** amrit|afk is now known as amrit|zzz[09:48:47] <dragonheart> kimmey: is there a fedora package for mysql support to postfix?[09:51:18] <keanne> compiling postfix with mysql support is trivial, see http://www.postfix.org/MYSQL_README.html[09:51:34] <keanne> i bet you can follow it with no problem whatsoever[09:52:55] *** tris has joined #postfix[09:54:35] <milligan> I'm using imap to connect to my mailserver. When moving emails, and deleting them, they are simply outlined, but not removed. What's the cause of this ?[09:56:18] <whatever__> milligan, they are deleted but not purged[09:57:33] <milligan> whatever__, how can I purge them ?[09:58:23] *** flami has joined #postfix[09:58:34] *** duki has joined #postfix[09:58:38] <whatever__> milligan, it depends on the software you are using[10:01:07] <milligan> Yeah .. found it :)[10:01:10] <milligan> Thanks mate.[10:01:25] *** war has joined #postfix[10:07:55] *** Edward123 has joined #postfix[10:08:04] <keanne> they are only _marked_ for deletion. until you purge them, they wont be physically deleted from the imap server[10:10:10] <kimmey> dragonheart: yes i have found one i used with fc7 and that atleast worked.. http://www.campworld.net/thewiki/pmwiki.php/LinuxServersFC5/FC5VirtMailServer[10:13:19] <kimmey> but, its an old version so i wont use it :)[10:14:35] *** marc7 has quit IRC[10:25:38] *** Mr_Alex has quit IRC[10:31:36] *** tris has quit IRC[10:46:14] *** cutmasta has quit IRC[10:58:13] *** cutmasta has joined #postfix[11:04:14] *** aatmaa has joined #postfix[11:29:37] *** brancaleone has joined #postfix[11:39:51] <hans_> Anyone familiar with postfix enough to suggest a way to add hooks to Postfix to external daemons, to inform of when a message has reached the end of its queue and has been sent or whatnot?[11:40:19] <hans_> postqueue, postcat, and such just can't cut it, i'm afraid[11:40:58] <dragonheart> is there some web frount end around perhaps hans_[11:41:17] <milligan> hans_, you want to log when an email has been delivered, so to speak ?[11:43:54] <hans_> well, basically, we want to write something that can keep track of messages from the sending script[11:45:41] <hans_> for example, it would make it convenient to generate some statistics[11:45:46] <milligan> well, you could always make an app that tails /var/log/mail.log ... or you could use procmail, and have it run a script after delivering an email.[11:47:01] <hans_> could tail the log, but i just imagine that as being rather slow and difficult[11:47:40] <hans_> since your script can only guess that the email it just sent it the last message id, if you get what i mean[11:47:55] <hans_> procmail together with postfix? how is that possible?[11:48:30] <GNU\colossus> I don't know much about postfix, but what about having it log to a named pipe, and have another process read and evaluate that?[11:48:50] <hans_> i'd love to have that[11:48:53] <hans_> :)[11:49:22] <hans_> just dont know how to make it possible (even going so far as having downloaded postfix source to see if we can add such features)[11:49:45] *** aatmaa has quit IRC[11:49:53] <GNU\colossus> if I'm not completely wrong, it should suffice to delete the logfile, and replace it with a fifo[11:50:04] <GNU\colossus> then have another process open() that fifo[11:50:22] <GNU\colossus> and then your evaluation magic starts[11:50:34] <GNU\colossus> so you should not have to mess with postfix at all[11:51:52] <hans_> hm, i presume then, however, that you would then need that process to run at all times, and if its not, then anything gonig to that log is lost to the ether?[11:51:59] <hans_> good idea tho, it might just work ;)[11:52:20] <GNU\colossus> sysv named pipes do have a limit if data they can store[11:52:25] <GNU\colossus> but it's adjustable[11:52:34] <GNU\colossus> if your reader process fails, the data is not necessarily lost[11:52:45] <GNU\colossus> but yes, that process would have to run all the time, or rather often[11:53:04] <GNU\colossus> it would not cost any resources to speak of though[11:53:25] <GNU\colossus> (unless we're talking embedded here, which I do deem unlikely ;))[11:53:30] <hans_> well, i've never used pipes before, so this is all new to me :)[11:53:46] <GNU\colossus> pipes are just like regular files[11:54:01] <hans_> no no, vanilla flavour debian server[11:54:07] *** ming_zym has quit IRC[11:54:16] <GNU\colossus> there's one process feeding one end of the pipe with write() or any other (library) function that puts data into files[11:54:19] *** Twinkletoes has joined #postfix[11:54:21] <GNU\colossus> and one process reading the other end of it[11:54:28] *** Trengo has joined #postfix[11:55:07] <GNU\colossus> mkfifo mypipe; cat mypipe & echo "Hello pipe." > mypipe[11:55:14] <GNU\colossus> is a little demo of how it works[11:55:39] <hans_> so i'd want to just do[11:55:48] <hans_> mkfifo /var/log/mail.info[11:55:51] <hans_> for exampe[11:56:18] <hans_> and then have my script read mail.info[11:56:45] <GNU\colossus> yes, I think that's perfectly ok - but as I said, I don't know too much about postfix; maybe there are some more obscure details that would advise against such a practise[11:56:52] *** duki has quit IRC[11:56:57] <hans_> probably :)[11:57:02] *** duki has joined #postfix[11:57:02] <hans_> but i'll give it a go[11:57:07] *** duki has quit IRC[11:57:16] <GNU\colossus> make sure to test it on a non-prod system first ;)[11:57:18] *** duki has joined #postfix[11:57:25] *** tris has joined #postfix[11:57:28] <hans_> i've got a few dev servers i can break[11:57:35] <hans_> ;)[11:57:36] <GNU\colossus> hehe, have fun then[11:57:41] <hans_> thanks for the tip[11:58:02] <GNU\colossus> you're welcome, hope it helps you getting done what you need to get done :)[11:58:19] <hans_> still, would be nice if postfix had a more useful/informative queue tool than postqueue[11:58:31] *** duki has quit IRC[11:58:41] *** duki has joined #postfix[12:01:11] *** ramoni has joined #postfix[12:01:52] <sysmonk> hans_: like what? :)[12:03:37] *** duki has quit IRC[12:03:53] *** duki has joined #postfix[12:05:09] *** prebur has quit IRC[12:05:29] <hans_> sysmonk, for example, it would be nice if postqueue could reveal the message id[12:05:42] <sysmonk> oh[12:05:49] <hans_> that would be insanely useful as a way of being able to track emails in postfixs queue[12:06:02] <sysmonk> grep Message-id /var/spool/postfix/active/* :P[12:06:28] *** prebur has joined #postfix[12:07:12] <hans_> sysmonk, would work in principle, but is slow method and a bit dirty[12:07:12] <sysmonk> hans_: never quite needed that in postqueue output[12:07:54] <hans_> fair enough :)[12:10:26] *** duki has quit IRC[12:10:37] *** duki has joined #postfix[12:11:50] *** traxx has quit IRC[12:12:46] *** traxx has joined #postfix[12:15:43] *** duki has quit IRC[12:15:56] *** duki has joined #postfix[12:17:55] *** tris has quit IRC[12:22:52] *** aatmaa has joined #postfix[12:40:10] *** flami has quit IRC[12:51:06] *** duki has quit IRC[12:52:12] *** duki has joined #postfix[12:52:29] *** magnet_ has joined #postfix[12:52:32] <magnet_> hi[12:53:33] <magnet_> due to some config error, I delivered locally some mails, that should have been forwarded to anothers email. is there a way to resend those messages ?[12:56:31] *** eject_ck has joined #postfix[13:01:04] *** kk_CHN has quit IRC[13:03:05] *** Zeit|idle has joined #postfix[13:05:55] *** tris has joined #postfix[13:10:23] *** Zeit|idle is now known as Zeit|awy[13:14:18] *** bisoc has quit IRC[13:14:26] *** bisoc has joined #postfix[13:15:21] <magnet_> no one know how to do that ?[13:15:28] <magnet_> maybe playin with the queues ?[13:16:48] <hans_> magnet, i presume you mean, some emails are being held in a queue and you wish to rewrite which email address you want it to send to?[13:18:34] <magnet_> not exactly.[13:18:34] <rob0> No, magnet_ said they were already delivered. So it's not a Postfix issue at all. The question is how to use email in a generic sense.[13:18:48] <magnet_> those mails should have been forwarded.[13:18:53] <hans_> right[13:19:04] <magnet_> rob0: yea it's a human issue ( me ;) )[13:19:12] <hans_> you'll find those emails in /var/mail[13:19:25] <rob0> pipe the message to sendmail(1)[13:19:40] <magnet_> hans_: I found them, but how to ...[13:19:48] <magnet_> how to do what rob0 suggested ? :)[13:19:56] <rob0> but you'll have to supply the envelope, and you'll get new Received: headers.[13:20:44] <rob0> "man sendmail": sendmail [options] recipient < messagefile[13:21:02] *** havvg has joined #postfix[13:21:11] <magnet_> that sound like what I was looking for.[13:22:17] <magnet_> thanks rob0 && hans.[13:22:47] <hans_> thank rob0, he did most of the helping ;)[13:24:28] <magnet_> trying to help is nearly cool enough.[13:24:36] <magnet_> at least to deserve some thanks .[13:26:09] <hans_> hehe, thanks ^_^[13:29:14] *** prebur has quit IRC[13:37:42] *** duki has quit IRC[13:42:53] *** prebur has joined #postfix[13:44:14] *** lambda has joined #postfix[13:45:15] *** cpm has joined #postfix[13:49:21] <lambda> hello ; i own a mail account hosted by a big ISP in france (lambda at domain dot fr) ; however i am unable to understand how a spam originaly destined to d40p_test19 at yahoo dot com can be delivered in my inbox ![13:50:53] <lambda> how a RCPT TO: ... at yahoo dot com can be delivered to ... at club-internet dot fr ?[13:51:32] <f3ew> BCC?[13:52:50] <jduggan> forwarder?[13:53:09] <lambda> nothing appear in the mail source code[13:53:22] <lambda> I suspect some kind of black magic[13:54:44] <Signum> Kill me now, people... our Exchange admins (sitting 10m away from me) are setting up a Postfix gateway with two consultants instead of just asking me.[13:56:30] * Signum burns another banknote and wiggles it around[13:57:02] *** eject_ck has left #postfix[13:58:58] <jduggan> do they know you know postfix?[14:00:12] *** colo_mobile has joined #postfix[14:00:40] *** duki has joined #postfix[14:00:41] <Signum> Perhaps they forgot that I set up a gateway for them last year when they stupid servers got flooded by backscatter and stayed here at night.[14:00:44] <colo_mobile> what's the name of the variable defining what interval the mail queue is run/flushed in?[14:01:38] *** wdp has joined #postfix[14:02:46] <wdp> is it possible to forward incoming mails, not coming from host gw.example.tld, to gw.example.tld?[14:06:46] <f3ew> Yes[14:09:34] <wdp> how would i do so?[14:23:20] *** aozturk has joined #postfix[14:31:37] <jelly> lambda: how do you know it was RCPT TO: ... at yahoo dot com?[14:32:12] <lambda> i don't know[14:32:23] <lambda> it isnot RCPT TO:[14:32:30] <jelly> lambda: why do you think it was, then?[14:33:03] <jelly> what's in To: or Cc: headers, the DATA part of mail, basically doesn't matter[14:34:05] <jelly> sorry, the DATA part of smtp transaction, not mail. The whole mail message sent during DATA[14:35:51] *** Zelest has joined #postfix[14:36:37] *** Nockian has quit IRC[14:36:53] *** shwouchk has joined #postfix[14:37:03] <shwouchk> hi[14:37:05] <lambda> jelly, To: d40p_test19 at yahoo dot com[14:37:29] *** UQlev has joined #postfix[14:37:34] <lambda> so how can it be deliver to lambda at club-internet dot fr[14:37:36] <jelly> lambda: yeah. There can be anything in To:, From: or any other header.[14:37:55] <jelly> lambda: mail server doesn't look there[14:38:08] <shwouchk> I'm having a problem - if I set up an alias chain in postfix, mail gets rejected - but if I set up a single alias for an address, mail gets through... what could cause that?[14:38:22] <lambda> jelly, where does it look ?[14:39:35] *** hparker has joined #postfix[14:39:47] <jelly> lambda: it looks at RCPT TO: <email at example dot com>, during the smtp session. If your provider uses qmail or postfix, the address in RCPT TO, also called envelope-from, will be stored in the (top-most) Delivered-To header.[14:40:36] <rob0> envelope-to ?[14:40:43] <rob0> envelope-rcpt ?[14:41:09] <rob0> envelope-from would be MAIL FROM:<foo@bar>[14:42:43] <aatmaa> envelope-from= sourse address .... envelope-to: destination address ... if yes then its the same as To: from: .. right ?[14:43:02] <lambda> MAIL FROM: RCPT TO: and DATA ? so another extra To: Bcc: Cc: are added by rewriting rules ?[14:43:50] <jelly> oops[14:44:23] <jelly> rob0: In my defense, I haven't had coffee today, yet.[14:44:34] <lambda> can you point me to a topic for understanding this please ?[14:44:49] <jelly> (nevermind it's 2:44PM here ;-)[14:45:00] <rob0> jelly: !! Get on the ball.[14:45:36] <rob0> It's 07:45 here, and I've almost finished a whole pot.[14:47:06] <jelly> lambda: here's a sample SMTP session: http://www.afp548.com/Articles/tongues/smtp.html[14:47:34] <rob0> RFC 821 :)[14:48:17] <jelly> lambda: basically, a smtp server only gets the recipient from the RCPT TO command. It doesn't care about what's written in the message.[14:48:19] <hparker> Now there's something that will need coffee... To remain awake while reading[14:48:37] *** spiekey has joined #postfix[14:48:38] <spiekey> hi[14:48:53] <spiekey> any idea how i can move a domain/mailserver smoothly?[14:48:58] <spiekey> has anyone experience with this?[14:49:28] <spiekey> i want to move from a 3rd party provider to our server.[14:49:47] <sysmonk> spiekey: that's a bit worse[14:50:01] <sysmonk> if you'd want to move from one of your servers to other - it'd be better[14:50:10] <spiekey> i know ;[14:50:23] <spiekey> i thought of setting the TTL/Refresh rate of the domain down.[14:50:27] *** psyllo has quit IRC[14:50:28] <jelly> lambda: that's why you can receive messages addressed "To: trash at yahoo dot com". It doesn't get looked at.[14:50:29] <sep> spiekey, allways wise[14:50:33] <sysmonk> spiekey: yup[14:50:42] <spiekey> do i need to set both down?[14:50:43] <sysmonk> lower the ttl[14:50:49] <sep> spiekey, config new server and test it :)[14:51:29] <spiekey> i dont have a domain to test it right now :-([14:52:36] <lambda> jelly, thx , is there a way to review old smtp session for previous spam ?[14:53:17] <sysmonk> spiekey: a subdomain would work too[14:54:30] <spiekey> what does the refresh rate do then?[14:55:07] <rob0> What is a "refresh rate"? Are we talking about X11?[14:55:17] <jelly> lambda: look at the logs, and at Delivered-To (that's where RCPT TO is logged) and Received headers in the mail.[14:55:42] *** rootsvr has joined #postfix[14:56:03] *** captiancrash is now known as jonmoore[14:56:25] * jelly tries to remember the actual question he came in here for[14:56:52] <spiekey> rob0: http://pastebin.ca/772011[14:58:43] <lambda> last question : is there special precaution to deal with postfix and sympa.pl ?[14:58:49] *** psyllo has joined #postfix[15:03:11] *** die_z has quit IRC[15:03:35] *** die_z has joined #postfix[15:04:35] * lambda found a french-translated version of RFC821 \o/[15:04:57] <rob0> Oh, in the SOA. That means the time that a slave will consider the zone valid without contact with the master.[15:05:30] <rob0> It doesn't mean much if using notify, and the slaves keep in contact with the master.[15:05:35] *** rootsvr has quit IRC[15:05:37] *** GutterPunk has quit IRC[15:08:55] *** UQlev has quit IRC[15:13:24] *** jonmoore is now known as captiancrash[15:18:31] <spiekey> rob0: sorry, i did not understand your 2nd line :-([15:19:18] <spiekey> i never came across "notify" i think[15:22:15] *** nfi|ermes has joined #postfix[15:22:30] * cpm enslaves rob0[15:23:01] <nfi|ermes> hi all[15:24:41] <magnet_> hi[15:24:48] <nfi|ermes> which could be the reason that cause postfix to not accept connetions form other hosts ?[15:24:57] <nfi|ermes> rhel 4, selinux disabled[15:25:19] <nfi|ermes> iptables accept everything[15:25:24] *** af_ has joined #postfix[15:25:43] <magnet_> do you listen on the right network interface ?[15:25:51] <nfi|ermes> i have on ly one[15:25:54] <magnet_> what does tell netstat -na |grep LISTEN[15:26:19] <nfi|ermes> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN[15:26:40] <nfi|ermes> here's the problem , right ?[15:26:41] <magnet_> it's the only with port 25 ? if so you're not listening on network[15:26:50] <rob0> !inet_interfaces[15:26:51] <knoba> rob0: "inet_interfaces" : a configuration parameter in the main.cf: The network interface addresses that this mail system receives mail on. By default, the software claims all active interfaces on the machine. The parameter also controls delivery of mail to user at [ip dot address]. If your server does not react to connection attempts on a certain interface you should check this setting.[15:26:52] <magnet_> yea, easy to fix.[15:26:53] <nfi|ermes> i grepped with 25[15:26:58] *** felix_da_catz has quit IRC[15:27:36] <nfi|ermes> omg: localhost for default[15:27:37] <nfi|ermes> never met[15:27:52] <nfi|ermes> it s usually set to all for default[15:27:56] <shwouchk> I'm having a problem - if I set up an alias chain in postfix, mail gets rejected - but if I set up a single alias for an address, mail gets through... what could cause that?[15:27:58] <magnet_> better for default, listening on network would be dangerous.[15:28:17] <nfi|ermes> for a email server ?[15:28:25] <rob0> Not default. Linux distributors set that non-default value for inet_interfaces as a safeguard against people who didn't RTFM from running a live MTA.[15:28:33] <nfi|ermes> what s usefull for an email server with no network ? .D[15:28:49] <rob0> It works for cron output, for example.[15:28:57] <magnet_> nfi|ermes: for a postfix installation, any kind, if it's a default conf.[15:29:02] *** captiancrash has quit IRC[15:29:35] <magnet_> nfi|ermes: no so usefull on a production server, but the admin is supposed to check/modify default configuration.[15:29:36] <nfi|ermes> i built many versions of postfix from souces and i always found all interfaces opened[15:29:49] <nfi|ermes> i m doing it magnet_[15:30:10] <nfi|ermes> however, thanks for suggest[15:30:17] <magnet_> np.[15:30:42] <rob0> If you build from source, you will not have inet_interfaces set.[15:31:24] <AL13N_work> i have a mutually recursive group in ldap, and postmap tells me: "Recursion limit exceeded for special attribute" . the thing is, that i actually want this, but maybe that it would silently ignore the warning and proceed with the mail and all current found emails. i was looking if there was a main.cf paramater that would accomplish this, but alas, i didn't find it[15:31:27] <hparker> You won't have rob0 set either[15:32:46] *** Ottsen2802 has joined #postfix[15:32:50] <Ottsen2802> hi all[15:34:25] *** jellis has joined #postfix[15:35:24] *** af_ has quit IRC[15:36:03][15:37:34] <rob0> Email addresses are required to be in 7-bit ASCII.[15:39:24] <Ottsen2802> hmm sorry, but i dont have much skill in postfix, how could i resolve that ?[15:41:28] *** Internat3 has quit IRC[15:41:40] *** Internat has joined #postfix[15:45:56] *** felix_da_catz has joined #postfix[15:50:23] *** die_z has quit IRC[15:52:14] *** ming_zym has joined #postfix[15:53:27] *** higuita has quit IRC[15:54:05] *** higuita has joined #postfix[16:03:29] *** gpled has joined #postfix[16:04:51] *** rootsvr has joined #postfix[16:06:08] <gpled> has anyone made their own Postfix SMTP Access Policy Delegation? http://www.postfix.org/SMTPD_POLICY_README.html[16:09:17] *** UQlev has joined #postfix[16:10:03] <sysmonk> we have one for distributing load between antispam servers[16:13:20] <gpled> sysmonk: did you do it in anything other then perl?[16:13:25] *** duki has quit IRC[16:13:33] *** maj has joined #postfix[16:13:36] *** duki has joined #postfix[16:14:19] <maj> how do i set up postfix to do reversedns checking, or any other options that should cut down on spam a bit?[16:14:30] <R1ck> read the documentation[16:15:02] *** phnord has joined #postfix[16:15:35] <rob0> !cheatsheet[16:15:35] <knoba> rob0: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.[16:15:59] *** brancaleone has quit IRC[16:16:25] <maj> i do run dspam, but not everybody trains it either[16:16:45] <R1ck> ugh, dspam[16:17:07] <maj> thx knoba[16:17:17] <maj> R1ck?[16:17:39] <gpled> rob0: thats cool. how can we find out what knoba knows?[16:17:41] <R1ck> i used it once in production.. highly unstable, highly unreliable piece of crap[16:18:17] <R1ck> amavisd-new with spamassassin gives you the same amount of protection with less hassle and is much more stable[16:18:21] <maj> well you should use it one more then.... make sure you read the documentation on it too :) it'll help you get it more stable[16:18:48] <sysmonk> gpled: you can do it in any language, but we did it in perl as we do any other stuff :)[16:19:08] <maj> heh, sa....[16:19:21] <gpled> sysmonk: i dont understand how the values are passed to the calling program[16:19:28] *** brancaleone has joined #postfix[16:19:39] <gpled> i see: $key = lc $attr{"client_address"}."/".$attr{"sender"}."/".$attr{"recipient"};[16:20:00] <gpled> are they passed like command line arguments?[16:20:05] <gpled> im not a perl guy[16:20:47] <gpled> maybe a simple bash example with those attributes would help me[16:21:40] *** Ottsen2802 has quit IRC[16:23:04] *** javiers has joined #postfix[16:25:51] <[diecast]> 10.1.10.100/myemail/theiremail - dunno if it gets whole address with @domain or not based on that.[16:26:20] <Trengo> gpled something fills in the %attr hash[16:26:32] <ramoni> gpled: postfix calls the policy server and sends to it some information described in the documentation. Postfix ends its data with two blank lines. Then, the policy server should return an action.[16:26:35] <Trengo> i dont know what :)[16:26:57] <javiers> I'm having a weird issue with postfix + spamc (from spamassassin). I've set up a content filter in master.cf to call spamc with the -u param, passing the recipient address with ${recipient} , but postfix replaces ${recipient} with two addresses instead of just one![16:27:39] <gpled> javiers: you using amavisd-new?[16:28:59] <javiers> No, gpled, I'm using spamc directly[16:29:14] <javiers> (I have a complex setup and don't want to use amavisd)[16:29:25] <gpled> javiers: k, just wanted to make sure. can you pastebin your filter script?[16:29:54] <javiers> ok[16:30:35] <gpled> throw you master.cf out there too[16:30:39] <javiers> http://pastebin.com/m14e09922[16:32:56] *** alamar has quit IRC[16:33:46] *** _MarkH_ has quit IRC[16:37:18] *** PY1NB has joined #postfix[16:37:21] *** PY1NB has left #postfix[16:37:22] *** PY1NB has joined #postfix[16:37:44] <PY1NB> hello[16:37:51] <PY1NB> where do I set maximum attach size?[16:38:42] <javiers> The weird part, gpled, is that postfix usually expands ${recipient} ok, but in some cases (1/100) it fails![16:39:20] <gpled> im looking at http://www.debuntu.org/postfix-and-pamassassin-how-to-filter-spam-p2[16:39:40] <gpled> spamassassin unix - n n - - pipe[16:39:40] <gpled> user=spamd argv=/usr/bin/spamc -f -e[16:39:40] <gpled> /usr/sbin/sendmail -oi -f ${sender} ${recipient}[16:39:47] *** Kurtism has joined #postfix[16:40:36] <gpled> you have:[16:40:37] <gpled> spamassassin unix - n n - - pipe[16:40:38] <gpled> user=nobody argv=/usr/bin/spamc -u ${recipient} -e /usr/sbin/sendmail -oi -f ${sender}[16:41:02] *** karsten has quit IRC[16:41:03] *** karsten has joined #postfix[16:42:27] <gpled> it has been a long time sense i have messed with a filter file from scratch. i think your trouble is in the master.cf section we are looking at[16:42:42] <gpled> brb[16:44:22] *** growltiger_ has joined #postfix[16:44:25] <AL13N_work> i have a mutually recursive group in ldap, and postmap tells me: "Recursion limit exceeded for special attribute" . the thing is, that i actually want this, but maybe that it would silently ignore the warning and proceed with the mail and all current found emails. i was looking if there was a main.cf paramater that would accomplish this, but alas, i didn't find it[16:45:11] <javiers> For short: can someone help me to determine why postfix is expanding ${recipient} to two addresses instead of one?[16:45:56] *** PY1NB has left #postfix[16:45:59] *** colo_notebook has joined #postfix[16:47:03] <AL13N_work> xxxx_recipient_limit[16:47:19] <AL13N_work> look at docs[16:47:33] <rob0> probably "man pipe"[16:47:37] <javiers> Ho, AL13N_work, I don't want to put a limit to the recipients[16:48:01] <AL13N_work> javiers: transport settings[16:48:15] <AL13N_work> that way, you get 2 calls with one recipient[16:48:22] <AL13N_work> instead of 1 call with 2 recipients[16:49:11] <javiers> you mean 'xxx_destination_recipient_limit = 1' with 'xxx' being my transport name?[16:50:34] <AL13N_work> something like taht[16:50:39] <AL13N_work> look at the docs[16:52:25] <javiers> I'm a little confused AL13N_work[16:52:47] <javiers> http://pastebin.com/m14e09922[16:52:48] *** colo_mobile has quit IRC[16:52:54] <javiers> this is my master.cf file[16:53:08] <AL13N_work> http://www.postfix.org/postconf.5.html and find in that document[16:53:21] <javiers> I have to add an entry in main.cf as spamassassin_destination_recipient_limit ?[16:54:15] <AL13N_work> something like that, otherwise do "man pipe" and see who to supply options with taht[16:55:05] <AL13N_work> javiers: i bet "man pipe" has all the info you need[16:56:21] <javiers> thanks, AL13N_work[16:57:06] <AL13N_work> javiers: thank rob0[16:57:54] *** mark-use has joined #postfix[16:59:27] <javiers> Sure! thanks rob0 ;)[16:59:44] *** growltiger has quit IRC[17:03:32] *** Twinkletoes has quit IRC[17:03:56] <rob0> AL13N_work: Lacking context, I don't understand the question. What lookup is this LDAP one?[17:05:06] <AL13N_work> alias_maps = ldap:/etc/postfix/ldap/alias_recipients[17:05:34] <AL13N_work> rob0: it has a special_result_attribute = seeAlso[17:06:17] <AL13N_work> the point is, that if you query someone, who has 'seeAlso: cn=helpdesk,dc=....'[17:06:37] <AL13N_work> and that helpdesk has also seeAlso in it for the original lookup item[17:06:45] <AL13N_work> it is mutually recursive[17:07:13] <AL13N_work> and after recursion_limit is reached, postfix gives warning[17:07:40] <AL13N_work> what i would like is that it gives the warning, but continues in the lookup, instead of rejecting this person[17:07:59] <AL13N_work> and delivering the mail to the unique list of resulted recipients fetched so far[17:08:26] <AL13N_work> this is because i need to give access to other people control over my openLDAP for their own domain[17:08:49] <AL13N_work> that way, i have sort of a fallback when people do stuff wrong[17:08:53] <AL13N_work> which they will[17:09:27] <AL13N_work> rob0: do you understand now?[17:10:54] *** ming_zym has quit IRC[17:13:44] *** wdp has quit IRC[17:15:17] <gpled> AL13N_work: is the ldap server an active directory/exchange ?[17:15:43] <AL13N_work> openldap[17:15:51] <gpled> woops, just read that, sorry[17:15:57] <AL13N_work> np[17:16:01] *** pitakill has joined #postfix[17:16:08] <AL13N_work> but i don't think it matters[17:16:43] <AL13N_work> i'm not sure, but i think it's postfix not checking the uniqueness or recursiveness of the request[17:16:44] *** ^Willie^Laptop has quit IRC[17:17:13] <javiers> Thank you guys for your help! see you![17:17:29] <gpled> can you do an ldap lookup, and drop the results to a text file, then have postfix check the file? you could cron the ldap[17:18:11] <gpled> thats how i do it. that way if exchange goes down, i dont care. and dont reject mail[17:18:36] *** pitakill has quit IRC[17:20:08] *** javiers has quit IRC[17:20:41] *** pitakill has joined #postfix[17:22:39] *** gpled has left #postfix[17:22:48] <AL13N_work> ?[17:24:08] <AL13N_work> that doesn't really help me, allthough it might be usefull[17:24:21] <AL13N_work> rob0: you still there?[17:27:20] *** kreg_lt has quit IRC[17:29:19] *** alamar has joined #postfix[17:30:11] *** cutmasta has quit IRC[17:30:27] *** pitakill has quit IRC[17:45:12] <hans_> hi again ppl. was wondering, just how bad is it to manually go into /var/spool and delete/modify (etc...) messages manually[17:45:41] <hans_> is it completely fine if you do it when the postfix daemon has been stopped?[17:48:37] <maj> is there any way to tell what switches postfix was compliled with? I am trying to figure out of it has PCRE support[17:55:10] <rob0> maj, postconf -m[17:55:21] <rob0> AL13N_work: back now, but no, I don't know[17:56:20] <maj> dam, no pcre support ;([17:56:23] *** prebur has quit IRC[17:56:27] <colo_notebook> I'd never have thought I'd say this abot anything related to email somehow - but postfix actually rocks.[17:56:45] <maj> rob0, thx[17:57:44] <Edward123> postfix is great[17:57:55] <hans_> ya,, it is truly awesome[17:58:18] *** j_s has joined #postfix[18:00:54] <maj> anybody know of pcre expressions are simliar to regexp?[18:02:45] <colo_notebook> maj: pcre = perl compatible regular expressions[18:03:00] <colo_notebook> pretty much the most advanced regex you'll find[18:03:02] <rob0> PCRE is documented. So's regexp.[18:04:29] <maj> well, from the looks of it, the patter matching i am looking at is similar in both[18:04:42] <maj> i'll see in about a min :P[18:06:59] *** mark-use has quit IRC[18:10:19] *** prebur has joined #postfix[18:13:00] *** colo_notebook has quit IRC[18:14:49] *** githogori has joined #postfix[18:17:38] *** sh0wt1me has quit IRC[18:17:50] *** sh0wt1me has joined #postfix[18:19:14] *** linkslice has joined #postfix[18:19:44] <linkslice> when using dkim in wildcard mode does the remote server do the lookup for the connecting host? or the senders domain?[18:22:50] *** Severed_Head_Of_ has joined #postfix[18:23:05] *** growltiger_ has quit IRC[18:23:40] *** adaptr has joined #postfix[18:25:18] *** rootsvr has quit IRC[18:30:13] *** rootsvr has joined #postfix[18:30:40] *** rootsvr has quit IRC[18:31:57] *** harobed has quit IRC[18:35:34] *** phnord has quit IRC[18:36:24] *** hemry has joined #postfix[18:38:22] *** higuita has quit IRC[18:40:19] *** havvg has quit IRC[18:47:33] *** higuita has joined #postfix[18:59:14] *** jra has joined #postfix[19:03:33] *** duki has quit IRC[19:04:32] *** duki has joined #postfix[19:05:54] *** brancaleone has quit IRC[19:06:26] *** etaylor has joined #postfix[19:20:35] *** theblackbox has joined #postfix[19:27:42] *** growltiger_ has joined #postfix[19:44:06] *** TechnoKid has joined #postfix[19:45:17] <TechnoKid> Hello. Does anyhow has an idea how the concept behind those commercial email tracking services work and how can I implement it using Postfix?[19:45:26] *** duki has quit IRC[19:45:51] <adaptr> which services would those be?[19:46:04] *** duki has joined #postfix[19:46:57] * cpm tracks adaptr[19:47:14] *** zamba has joined #postfix[19:47:33] * adaptr tracks cmp's mails to his thai girlfreind wot he bought online by hacking his ebay account[19:47:44] *** Severed_Head_Of_ has quit IRC[19:47:47] *** aozturk has quit IRC[19:48:02] <zamba> my primary mx just went down and probably will be for at least 5 or 6 days.. i now need to bring up a secondary mx to help queue up mail in the meantime.. how can i do this quick and easy with postfix?[19:49:05] *** prebur has quit IRC[19:49:40] <UQlev> zamba: on which server is your queue?[19:49:43] <adaptr> copy the config, but don't let it deliver - set the original domain as a relay_domain[19:50:01] <adaptr> then add the MX, might even give it a higher priority because you know the primary is down[19:50:31] <zamba> UQlev: the word "queue" was badly chosen[19:50:39] <zamba> UQlev: this is incoming email[19:50:46] <UQlev> ok[19:50:49] <zamba> UQlev: so i need to relay email for a certain number of domains[19:50:51] <adaptr> zamba yes, and it should be put i na hold queue[19:51:03] <zamba> adaptr: yeah, and delivered to the primary mx once it is up again[19:51:06] <adaptr> you also need to consider increasing the queue lifetime, as postfix's default is 5 days[19:51:15] <adaptr> zamba that will happen automatically[19:51:22] <adaptr> that's the whole function of a backup mx[19:51:31] <zamba> ok, how can i then set this up?[19:51:38] <adaptr> set the relay transport for your domains to the original box[19:51:45] <zamba> i seem to recall doing this a couple of years ago and that it was very simple[19:51:47] <adaptr> add all your domains to relay_domains[19:51:54] <adaptr> do NOT add them to mydestination[19:52:10] <zamba> and then increase the queue lifetime?[19:52:18] <adaptr> and increase your queue lifetime to say 7 days, until you know for sure the primary is back up[19:52:34] <adaptr> all mail to those domains will queue until the relay host is up[19:52:52] <adaptr> that's it, really - since you're not delivering anything it is indeed quite easy[19:53:27] <zamba> so, to summarize:[19:53:35] <zamba> relay_hosts = domain1, domain2, domain3[19:53:36] * UQlev wonders how much crap will collect this backup MX for 5-6 days if survive[19:53:37] <rob0> !standard[19:53:38] <knoba> rob0: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html[19:53:45] <rob0> relay_hosts ??[19:53:55] <adaptr> yeah, don't know what happened there[19:54:04] <adaptr> minor brainfart :)[19:54:07] <zamba> UQlev: quite a lot of spam, i'd guess :p[19:54:19] <adaptr> zamba not if you set up zen for that server[19:54:24] <adaptr> not a lot of spam at all[19:54:26] <zamba> adaptr: what's zen?[19:54:29] <adaptr> wow[19:54:41] <adaptr> zen.spamhaus.org - go there NOW[19:54:42] <zamba> what if i just set up greylisting on it as well?[19:54:46] <adaptr> useless[19:55:04] <adaptr> zen catches over 80% of all known spam *addresses* , which is way more effective[19:55:16] <adaptr> s/addresses/source hosts/[19:55:22] <zamba> ok[19:55:49] <adaptr> just adding ONE single reject_RBL_client for zen will cut your traffic by 50% or more[19:55:57] <adaptr> I'll guarantee it[19:56:05] <zamba> ok, nice[19:56:10] <zamba> but again, to summarize :)[19:56:15] * rob0 would guess more than 50%, probably at least 75%[19:56:18] <adaptr> are you reading the lik yet ?[19:56:23] <zamba> relay_hosts = domain1, domain2, domain3 and so on, right?[19:56:28] <adaptr> rob0 depends on how stupid his users are, I guess :)[19:56:34] <zamba> http://zen.spamhaus.org/ <- can't open?[19:56:39] <adaptr> zamba no, that's not what I said, there is no such option[19:56:53] <zamba> relay_domains, even[19:56:55] <zamba> my bad[19:56:58] <adaptr> no, actually, not even[19:57:19] <rob0> !zen[19:57:19] <knoba> rob0: "zen" : http://www.spamhaus.org/zen/ : A composite of all Spamhaus DNSBLs: SBL, XBL and PBL[19:57:30] <adaptr> yeah, I keep forgetting that :)[19:57:39] <hparker> mmmm.. the art of zen...[19:57:46] <zamba> what about false positives?[19:57:58] <rob0> FUD.[19:58:26] <adaptr> lots and lots of fud[19:58:29] <adaptr> with suds[19:58:30] <rob0> The very few there are, the sender knows right away. It's far safer than content filtering.[19:58:35] <zamba> okei, nice[19:58:48] <rob0> !cheatsheet[19:58:49] <zamba> but what else than relay_domains do i need?[19:58:49] <knoba> rob0: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.[19:59:06] <rob0> (I also recommend the HELO checks in !cheatsheet)[19:59:47] <rob0> HELO localhost and HELO your.ip.add.ress will take out a big chunk of spambots.[20:00:06] <adaptr> zamba you need to queue the mail, so add your domains to relay_domains, remove them from mydestinations, and set a relay transport for the domains to the original box (which is now DOWN)[20:00:15] <adaptr> I have already told you this, so what is the problem ?[20:00:22] <zamba> how do i set a relay transport?[20:00:30] <adaptr> since the box will never *deliver* mail, you don't have to worry about anything else[20:00:33] <adaptr> sigh...[20:00:41] <adaptr> !transport_maps[20:00:42] <knoba> adaptr: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[20:00:53] <adaptr> it accepts domain wildcards[20:00:57] <adaptr> so use them[20:01:49] <zamba> this is next hop, so setting up as only a primary mail host, using * should work?[20:01:57] <zamba> * smtp:<primary mx>?[20:02:26] <zamba> the box will still deliver for the domains in mydestination, right?[20:03:00] <adaptr> yes, but you said your primary MX is down, so where would it deliver *to* ?[20:03:17] <adaptr> the box should never deliver, that's the whole point[20:03:23] <adaptr> it should *queue*[20:03:49] <rob0> !maximal_queue_lifetime[20:03:50] <knoba> rob0: "maximal_queue_lifetime" : a configuration parameter in the main.cf: The maximal time a message is queued before it is sent back as undeliverable, the default value is 5 days.[20:04:03] <rob0> You might want to set that higher than 5d.[20:04:08] * cpm wonders what the maximal rob0 lifetime is[20:04:22] <rob0> Already past that. I'm on borrowed time.[20:04:32] <cpm> postrob0 | grep maximal returns null[20:05:10] * cpm makes a note never to deliver to adaptr[20:05:11] *** marc7 has joined #postfix[20:05:11] <zamba> adaptr: and how do i accomplish that?[20:05:23] <zamba> rob0: thanks[20:05:28] <adaptr> zamba I am not going to tell you this a third time[20:05:30] <zamba> have set that to one week[20:05:37] *** hing has joined #postfix[20:05:51] <zamba> yeah, i set this to the ip of the primary mx (original box)[20:05:54] *** higuita has quit IRC[20:06:05] <adaptr> "this" being - what ?[20:06:26] <zamba> in /etc/postfix/transport: * smtp:<ip>[20:06:40] <zamba> and then transport_maps = hash:/etc/postfix/transport in main.cf[20:06:54] <adaptr> no, enter your exact domains - unless nobody will try to use the box to send mail in the week it will be up[20:07:13] <adaptr> but then you won't have any mail sending capabilities either, which would be... well, I wouldn't[20:07:34] <TechnoKid> adaptr: www.campaignmonitor.com[20:07:43] <adaptr> TechnoKid what ?[20:07:45] <TechnoKid> adaptr: sorry for the delay. i was searching for the site[20:07:46] <zamba> hm, but i've done this before, and i don't believe i had to specify the domain to back up for more than one place - in relay_domains?[20:07:53] <adaptr> ah[20:07:55] <TechnoKid> adaptr: This is the service that performs the tracking[20:08:04] <adaptr> never heard of it, or the concept[20:08:19] <adaptr> zamba A. you don't "back up" anything - you queue mail[20:08:34] <adaptr> and B. they do different things, for different reasons[20:11:43] <zamba> i really think all i need to do is specify relay_domains = ?[20:11:45] <zamba> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup[20:12:16] <zamba> i mean, the secondary mx should use mx records to try and deliver mail to the primary mx now and then[20:12:27] <TechnoKid> adaptr: Hmmm i guess they include a image with a unique link[20:12:45] <zamba> so relay_domains and maximum_queue_lifetime is all i need?[20:13:12] <adaptr> zamba that is true, if you want to keep looping back to the secondary... you'll need a more precise setup to avoid name issues[20:13:40] <adaptr> unless the names are already sorted out - most distros are pretty stupid when it comes to domain settings[20:13:46] <adaptr> IME, anyway[20:15:49] <zamba> IME means? :)[20:16:30] *** TechnoKid has left #postfix[20:16:47] *** Nockian has joined #postfix[20:17:53] <adaptr> In My Experience[20:18:24] <zamba> ok[20:18:34] <zamba> i just tried this now, and the email is now in the queue[20:18:44] <zamba> syslog says deferred and "no route to host" for the email[20:19:03] <zamba> and postqueue -p shows the email[20:19:03] <adaptr> excellent - solved :)[20:19:14] <zamba> is it really or are you just pulling my leg? :)[20:19:24] <zamba> digging my grave for me, and so on? :)[20:19:34] *** amrit|zzz is now known as amrit|wrk[20:19:46] <adaptr> why would I do that ? you just said it is workig - how the frack would I know otherwise ?[20:19:53] <adaptr> I know nothing but what you tell me[20:20:00] <zamba> can i use the transport_retry_time to increase time between each delivery attempt?[20:20:07] <adaptr> I swear, this channel gets weirder by the day[20:20:22] <adaptr> read. the. manual. for a change :)[20:20:47] <zamba> that's what i'm doing.. problem with postfix is that there are so many similar options that mean nearly the same[20:20:51] <zamba> problem for me, that is[20:21:23] *** jra has quit IRC[20:21:45] <adaptr> ...all of which are exhaustively described in the manual[20:22:25] <zamba> ok, it can't be that option, since it hasn't tried again[20:22:31] <zamba> yet[20:22:39] <zamba> since the default is 60s[20:22:50] *** madclicker has quit IRC[20:24:42] *** lambda has quit IRC[20:25:14] <adaptr> transport-retry only makes sense if there are specific transports for a given destination -which you did not set, as you were stubborn :)[20:25:22] <adaptr> you're looking for the backoff time[20:25:41] <zamba> ah, ok, thanks :)[20:26:10] <adaptr> !minimal_backoff_time[20:26:11] <knoba> adaptr: "minimal_backoff_time" : a configuration parameter in the main.cf: The minimal time between attempts to deliver a deferred message. This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, destination status cache.[20:26:15] <zamba> i guess i should increase both of them a bit[20:26:17] <adaptr> and[20:26:20] <adaptr> !maximal_backoff_time[20:26:21] <knoba> adaptr: "maximal_backoff_time" : a configuration parameter in the main.cf: The maximal time between attempts to deliver a deferred message.[20:26:23] <zamba> maximal_backoff_time[20:26:24] <zamba> yeah[20:26:50] <zamba> just set it very high and then just process the queue once i know for a fact that the primary host is up.. is that a way to do it?[20:27:05] *** havvg has joined #postfix[20:28:35] <adaptr> sure[20:28:55] <adaptr> except that i's the minimal time you want to increase, as it keeps increasing that until it reaches the maximum[20:29:10] <adaptr> so just increasing the maximum achieves exactly nothing[20:29:24] <zamba> yeah, sure, that's what i mean[20:29:28] <adaptr> set minimum to 5d and maximum to 7d[20:29:39] <adaptr> or 1 day, even - they'll only be requeued a maximum of 6 times then[20:30:07] <adaptr> 3 times, even - if the minimum is indeed doubled, as it is for TCP backoff[20:30:19] <adaptr> perhaps rob0 knows that[20:30:29] <zamba> i set them to 5d and 7d, respectively[20:30:33] *** emo_ninja has quit IRC[20:30:38] <adaptr> that's probably too high[20:30:44] <zamba> oh?[20:30:57] <adaptr> the retry starts at minimal, and increases until it reaches maximal, where it stays[20:31:18] <zamba> ok, i set both to 1d?[20:31:19] <adaptr> the combination of these should exceed your queue lifetime slightly to avoid unnecessary requeueing[20:31:34] <zamba> ah, ok[20:31:39] <adaptr> I would set minimal to 1 day, as you know it won't be up that soon, and set maximal to an hour more[20:31:56] <adaptr> they will be requeued one day and one hour every time, up to when the host will be back up[20:32:00] <zamba> 1d and 25h then[20:32:09] <adaptr> set the maximal too high and they will stay in the queue after it is up :)[20:32:18] <zamba> will that do?[20:32:27] <adaptr> you could of course run postsuper -flush, but that would immediately send out EVERY SINGEL MESSAGE[20:32:34] <adaptr> which is probably a bad idea...[20:32:37] <zamba> yeah[20:32:42] <adaptr> yes, 24h and 25h could work[20:32:50] <zamba> the final piece of the puzzle is now spamhaus[20:32:52] <adaptr> even 12h and 18 h[20:32:55] <adaptr> not at all[20:33:15] <zamba> i can add this to smtpd_recipient_restrictions?[20:33:16] <adaptr> !smtpd_recipient_restrictions[20:33:16] <knoba> adaptr: "smtpd_recipient_restrictions" : a configuration parameter in the main.cf: The access restrictions that the Postfix SMTP server applies in the context of the SMTP RCPT TO command. See smtpd(5) for an overview of access restriction features. Default is to relay only for source IP addresses in your $mynetwork and to domains set in $relay_domains.[20:33:19] <zamba> hehe[20:33:20] <adaptr> you *should*, yes[20:33:55] <adaptr> the order for you is accept_mynetworks, reject_rbl_client zen.spamhaus.org, reject_unauth_destination[20:34:08] <adaptr> also add some HELo checks, but they can go in the helo restrictions, of course[20:34:21] <adaptr> although I just tend to lump everythign in recipient_[20:34:26] <adaptr> it logs more :)[20:34:31] <zamba> smtpd_recipient_restrictions = permit_mynetworks, reject_rbl_client zen.spamhaus.org, reject_unauth_destination[20:34:41] <zamba> permit == accept, i guess?[20:34:43] <adaptr> yers[20:34:44] <adaptr> sorry[20:35:06] <adaptr> also, you can of course reverse the last two, since everything except your relay domais will be unauth[20:35:12] <adaptr> *should* reverse them, rather[20:35:13] <zamba> yeah[20:35:16] *** aljaber has joined #postfix[20:35:24] <zamba> yeah[20:35:33] <zamba> avoid uneccessary lookups to spamhaus[20:35:34] <adaptr> but that's all you need, I assume you also have checks on the primary MX, so everything that comes in will be checked again there[20:35:43] <adaptr> against all your normal rules[20:35:57] <adaptr> spamass, greylist, etc[20:36:11] <adaptr> but the delays wil be horrific i nmost cases, so don't expect any thanks![20:36:30] * adaptr could not work without mail for 5 days - might as well stay home[20:36:35] <zamba> hehe[20:37:05] <zamba> ok, now updating the dns[20:44:48] *** duki has quit IRC[20:48:37] *** Kurtism has quit IRC[20:48:52] *** Internat has quit IRC[20:48:55] *** Internat has joined #postfix[20:48:59] *** growltiger_ has quit IRC[20:49:20] *** growltiger_ has joined #postfix[20:50:20] *** duki has joined #postfix[20:53:18] *** pitakill has joined #postfix[20:55:20] *** ldrada has quit IRC[20:57:41] *** marc7 has quit IRC[20:58:03] *** growltiger_ has quit IRC[20:58:22] *** growltiger_ has joined #postfix[21:03:15] <zamba> adaptr: i should just ignore those "RBL lookup error: Host or domain name not found."-errors when trying to look up ips?[21:03:27] *** ramoni has quit IRC[21:04:17] <zamba> and what happens to email already "sent"? mtas will do a mx check for every attempted delivery?[21:06:57] *** lennard has quit IRC[21:11:09] *** duki has quit IRC[21:15:53] <adaptr> zamba you should refuse IP-only HELOs regardless[21:15:55] <adaptr> I do[21:16:06] <adaptr> what do you mean by "sent" ?[21:16:30] <adaptr> and postfix caches MX responses - let's assume other MTAs do as well[21:16:38] <zamba> for how long?[21:16:42] <adaptr> configurable[21:16:47] <zamba> hm, damn[21:16:51] <adaptr> an hour or so would be pretty standard[21:16:57] <zamba> ah, ok.. no worries then[21:17:03] <adaptr> who cares ? you're listed as a true MX for the domains, right ?[21:17:17] <adaptr> so they should send everything to you[21:17:20] <zamba> i wasn't using a secondary mx until half an hour ago[21:17:26] <zamba> i just added it to the zone[21:17:29] <zamba> zones*[21:18:08] <adaptr> if you added it then it may take up to an hour or so to get the message through to all clients, ye s- but consider that it has been down for a day already, so the repsonse they have cached is that there are no mxes - THEY have queued all mail[21:18:24] <adaptr> and wil lsend as soon as their next queue retry comes around[21:18:29] <zamba> yeah[21:18:37] <adaptr> it's all a great big black box that works quite well[21:18:44] *** duki has joined #postfix[21:18:48] <adaptr> has worked for the past 30 years or so[21:22:38] *** capt-rogers has joined #postfix[21:26:20] <capt-rogers> I have been led down the garden path a few times by Postfix setups that support Virtual Domains and spam protection. I have yet to find an install setup, that at some point starts to get vague or gets into all sorts of ugly klugy fixes and hacks. I have used qmailrocks in the past...And it does work every time..I would like to find the equivalent postfixrocks.....I dont want to use qmail....but i really need a MTA that supports virtual domains and[21:26:21] <capt-rogers> has spam protection..and a setup script that does not get hacky/ or kludgy...any postfix urls you can refer me to ? TIA![21:27:05] <jellis> anyone around that archives their e-mail with postfix? I know the always_bcc will do it, and you can use fetchmail to retrieve it...but are you using a third party app to store/search it in a db?[21:27:30] *** brancaleone has joined #postfix[21:29:03] <jellis> capt-rogers: http://www.howtoforge.com/linux_postfix_virtual_hosting , that may put you on the right track.[21:29:40] <adaptr> jellis a fairly clever setup would be to define a virtual domain for it, and specify dbmail as the storage...[21:29:58] <adaptr> but that doesn't work well if you have multiple domains coming in[21:30:53] <adaptr> say virtual_mailbox_domains = backup.local, and always_bcc = bla at backup dot local, then point that at dbmail[21:33:04] <capt-rogers> i am going to keep hammering away at postfix and virtual email domains and accounts until i get it right...then spamassasin, razr, bayseian etc....over and over again...until it is second nature..then maybe i'll write an article :)[21:33:10] *** aent has quit IRC[21:36:14] <adaptr> better get it to become first nature, first[21:36:21] <adaptr> leave seocnd nature for later[21:40:04] *** jssa has joined #postfix[21:40:20] *** havvg_ has joined #postfix[21:40:54] <jssa> Hi guys. Is there a way for allow smtp authenticated users to bypass content filtering rules?[21:41:14] <jssa> (just tell me where to read)[21:41:52] *** UQlev has quit IRC[21:42:02] <adaptr> rearrange the order of your restrictions[21:42:17] <adaptr> the normal way is to put sasl_authenticated just after permit_mynetworks[21:42:25] <adaptr> and before any checks[21:42:50] <jssa> but i've set up content filters in my master.cf transports[21:44:04] <rob0> The easiest thing is to have users use a separate submission listener.[21:44:10] <adaptr> true[21:44:41] <jssa> but I only recognize my users based on sasl authentication, not source ip address :([21:44:44] <rob0> May require more interaction with users than is desired. :)[21:44:45] *** havvg__ has joined #postfix[21:45:24] <rob0> I'm talking about either destination IP address or port.[21:46:06] *** growltiger_ has quit IRC[21:46:11] <cpm> submission is the correct way[21:46:24] * cpm won't submit to rob0[21:46:38] <rob0> Submit![21:46:51] * cpm won't![21:47:11] <rob0> Mid-November, and I just turned on the a/c![21:47:16] <rob0> hot here[21:48:09] <cpm> Cardinal fang! get the comfy chair![21:48:16] <cpm> Yeah, hot here as well.[21:48:29] <cpm> And I was walking around in snow on sun[21:48:30] <rob0> Hey ... I didn't expect the Spanish Inquisition![21:48:41] <cpm> No one expects, , , etc[21:50:35] <jssa> How can I specify a different content_filter for sasl_authenticated users?[21:51:29] <rob0> Hmmm, there's no check_sasl_access feature.[21:52:48] *** cpm has quit IRC[21:52:58] <rob0> maybe a policy daemon could do that[21:53:16] <rob0> but, you'd probably have to write it yourself.[21:53:19] *** atilaX has joined #postfix[21:53:40] *** pitakill has quit IRC[21:55:15] *** havvg has quit IRC[21:59:03] *** havvg_ has quit IRC[22:18:42] *** capt-rogers has quit IRC[22:25:44] <jssa> Actually, all I want to do is bypass content filtering for internally generated messages.[22:26:49] <jssa> I guess I can do it using check_sender_access[22:26:56] <jssa> What do you think, rob0 ?[22:27:09] <adaptr> define "internally generated"[22:27:24] <adaptr> the only things postfix itself generates are DSNs[22:27:28] <jssa> messages sent my users[22:27:30] <adaptr> which are not usually checked[22:27:44] <adaptr> which would be either mynetworks or sasl authenticated[22:27:53] <adaptr> so start your content filtering AFTER those[22:27:54] <jssa> messanges sent BY my users[22:28:08] <jssa> yes, adaptr[22:28:14] <adaptr> that's actually the normal way to do it anyway[22:28:16] <jssa> but I don't know how to do that[22:28:21] <adaptr> so I'm surprised you don't have it now[22:28:34] <adaptr> by.. not defining content filters on transports ?[22:28:42] <jssa> I mean, I've set up a couple of chained filters in master.cf[22:28:51] <adaptr> do it in an access map, or in main.cf[22:29:06] <adaptr> why ?[22:29:20] <jssa> I've set up a general filter in the smtp transport[22:29:24] <jssa> is that wrong?[22:29:40] <adaptr> it prevents you from doing what you want to do[22:29:49] <jssa> Yes, now I see it[22:29:50] *** havvg__ has quit IRC[22:29:51] <adaptr> you have two options, already laid out[22:30:02] <adaptr> 1. move submission to another transport/service[22:30:05] <jssa> but I'm a little confused, where i sould put it?[22:30:08] <adaptr> 2. move the content filters[22:30:21] <adaptr> an access map is quite common[22:30:24] <jssa> where do I move it?[22:30:29] <adaptr> sigh[22:30:42] <adaptr> do you think asking the same question three times will make an answer forthcoming ?[22:30:43] <jssa> content_filter in main.cf??[22:30:48] <adaptr> for instance, yes[22:31:06] <adaptr> !check_sender_access[22:31:06] <knoba> adaptr: Error: "check_sender_access" is not a valid command.[22:31:09] <adaptr> damn[22:31:30] <adaptr> anyway, put that after your users, then make a map with a content filter (or multiple filters) for it[22:31:41] <adaptr> !sender_access_maps[22:31:42] <knoba> adaptr: Error: "sender_access_maps" is not a valid command.[22:31:45] <adaptr> again ?[22:31:52] <adaptr> sheesh, I 've had it with all thses options[22:32:27] <rob0> I wouldn't trust check_sender_access for this. I'd do check_recipient_access, where recipient domain is NOT one of mine.[22:32:38] <adaptr> ah, yes[22:32:59] <adaptr> envelope to will already have been checked[22:33:16] <rob0> Then mail from myuser1 to myuser2 would be scanned, but mail from myusers to outside would not.[22:33:37] <adaptr> hmm I'd prefer the reverse[22:33:44] <adaptr> if I don't trust my users anyway[22:34:01] <jssa> please, can you put that on a pastebin?[22:34:09] <rob0> right, your users are as likely as any other windows users to get a virus.[22:34:15] <adaptr> what, the past 30 minutes ?[22:34:27] <adaptr> rob0 so sending that out to the world is okay ? :P[22:34:29] <jssa> :P[22:34:38] <adaptr> I would sooner trust my users than non-users, relatively speaking[22:34:54] <jssa> I still don't catch where to put my content filter :([22:35:08] <adaptr> because my users might get bitten by outside viruses, which is much more likely than user-to-user viruses inside my own domain[22:35:44] <adaptr> jssa that's because you haven;t started reading the appropriate documentation yet[22:35:44] <rob0> Best practice for ISP mail these days is indeed to do a virus scan on submission mail.[22:35:53] <rob0> You think we're arguing, but actually we're agreeing. :)[22:36:08] <adaptr> yes, just not sure about the best method[22:36:14] <adaptr> let me check what I have :)[22:36:19] <jssa> ok[22:37:31] <rob0> I think amavisd-new can turn off SpamAssassin for submission. Not sure how.[22:37:54] <Dominian> tehre is a way[22:37:59] <SilenceGold> amavisd.conf[22:38:00] <Dominian> don't remember how, but there is a way[22:38:33] <jssa> I don't want to use amavisd[22:38:36] <adaptr> rob0 I have a content-filter "transport" in main.cf - do you know when that is called ?[22:38:45] <adaptr> jssa any reason >? it works fine[22:39:22] <jssa> hum... I have my server working fine now (despite of the problem i'm scanning ALL my messages)[22:39:42] <jssa> and don't want one more layer/package ;)[22:40:13] *** hing has quit IRC[22:41:07] *** hing has joined #postfix[22:46:28] <adaptr> I might be scanning everything now, I dunno - who cares ? :)[22:46:37] *** growltiger has joined #postfix[22:47:05] <jssa> I don't want to tag as SPAM the mails sent by my users :([22:47:22] *** atilaX has quit IRC[22:47:33] <adaptr> and when they are, in fact, spam ?[22:47:55] *** pirho has joined #postfix[22:48:18] <jssa> that's good, but if the spam filter is wrong... my users won't be happy ;)[22:49:45] * rob0 just invented a new Ethernet wiring standard: B865T. :)[22:50:35] <rob0> Ethernet for dyslexics[22:50:47] <rob0> Dyslexnet[22:50:49] <adaptr> jssa I have a content_filter in main.cf, which specifies an external transport that mail is submitted to after it is placed in the queue[22:50:58] <adaptr> my own mail is never checked[22:51:27] *** captiancrash has joined #postfix[22:51:30] *** jellis has quit IRC[22:51:42] <jssa> are you sure, adaptr?[22:51:47] <jssa> I'll try[22:51:49] <jssa> let me see...[22:52:32] <adaptr> yes,I am very sure - my content filter is only accessed after ALL recipient_checks are done - or, rather, after the message has passed my recipient_restrictions[22:53:09] <adaptr> so if you have RBL, policyd and HELo checks in your recipient_restrictions, any mail that is passed on account of any of those rules is never checked for spam or viruses[22:53:24] <adaptr> until after it's in the queue, anyway[22:53:47] <adaptr> I'm still not entirely sure on the exact sequence, but rob0 will be sure to correct me somewhere down the line....[22:54:06] <adaptr> I can't explain it any better - it Works For Me (tm)[22:55:45] *** meandtheshell has quit IRC[22:55:46] *** diveli has joined #postfix[22:56:45] <adaptr> postfix's power and flexibility comes - once again- a ta price :)[22:59:58] *** oates has joined #postfix[23:02:19] <jssa> I don't agree with you, adaptr[23:02:30] <jssa> if I set a content_filter[23:02:34] <adaptr> on which of my many points ?[23:02:53] <jssa> after recipient_restriction, the mail is queued[23:03:00] <jssa> and then content_filter'ed[23:03:21] <jssa> so, the content_filter applies to all the messages :([23:03:35] <adaptr> well, my own (in-domain, in-mynetworks) don't get filtered[23:03:42] <adaptr> and I do have that[23:03:52] <jssa> (I agree, of course, on the power and flexibility of postfix ;) )[23:04:01] <adaptr> ah, I was beginning to worry[23:04:10] <linkslice> anyone in here know much about dkim?[23:04:10] <jssa> hehehe :)[23:04:19] <jssa> is rob0 there?[23:05:15] <adaptr> usually ...[23:06:20] <jssa> hi will decide if it Works for me (tm) or if it Works for you (tm) ;)[23:07:36] <adaptr> I already know half the answer to that :)[23:08:45] <jssa> Me too ;)[23:10:38] <adaptr> okay, I just checked all my headers, and you're right - I scan all messages that reach the queue :)[23:10:45] <adaptr> but it's just me, so it's no biggie[23:10:59] <adaptr> I just don't log amavis in the mail log, that's why I thought it didn't get there...[23:11:19] <jssa> :)[23:11:52] <adaptr> but seriously, unless your outgoing is way more than your incoming, why not just scan everything ? you can't get any safer....[23:11:53] <jssa> I guess I can do some trick with check_sender_access[23:12:24] <jssa> I want to scan all for viruses, but I don't want my users messages to be tagged as spam[23:12:45] <adaptr> as rob0 already indicated, you can tell SA not to scan locally-generated mail[23:12:52] <adaptr> even when it's running inside amavis[23:13:16] <jssa> it is possible?[23:13:24] <adaptr> apparently, yes[23:13:38] <jssa> but how will SA know what's "locally generated mail"?[23:14:04] <adaptr> [22:34:45] <rob0> I think amavisd-new can turn off SpamAssassin for submission. Not sure how.[23:14:20] <adaptr> you'd have to use a submission smtpd, to separate it[23:14:23] <adaptr> presumily[23:14:58] <jssa> I'll try with check_sender_access[23:15:08] <jssa> wish me luck ;)[23:15:24] <adaptr> luck[23:16:39] *** hemry has quit IRC[23:20:17] *** oates is now known as oates|zzzZ[23:26:10] *** ploploop has joined #postfix[23:27:37] *** ploploop has quit IRC[23:43:17] *** brancaleone has quit IRC[23:44:57] *** j_s has quit IRC[23:48:49] *** maj has quit IRC[23:50:47] *** etaylor has quit IRC[23:54:48] *** gpled has joined #postfix[23:56:51] <gpled> Nov 4 16:49:25 mta-01 postfix/smtpd[2821]: 986AB73B06:[23:56:59] <gpled> Nov 5 00:49:25 mta-01 postfix/cleanup[2816]: 986AB73B06:[23:57:10] <gpled> Nov 4 16:49:25 mta-01 postfix/qmgr[2807]: 986AB73B06:[23:57:23] <gpled> what would cause that Nov 5 ?[23:58:02] <gpled> this is from maillog[23:58:51] <zamba> how can i display details about emails in the mail queue?[23:58:56] <rob0> $TZ and chroot[23:59:07] <zamba> like their contents[23:59:22] <rob0> zamba, man postcat