May 6, 2008 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 6, 2008 [00:00:28] *** fury_ has quit IRC[00:06:25] *** brancaleone has quit IRC[00:11:48] *** googlah has quit IRC[00:11:51] *** pitakill has joined #postfix[00:12:58] *** n8rrv has joined #postfix[00:18:41] *** diveli has joined #postfix[00:22:19] *** tyrok has joined #postfix[00:22:46] <tyrok> Hi! I've got Postfix installed and set up to funnel messages through Maildrop, which checks with SpamAssassin and is supposed to deliver to a .Spam Maildir folder if it's tagged as spam. Problem is, while SpamAssassin is tagging the messages correctly, only some accounts are sorting properly. Any ideas?[00:26:05] *** hever has quit IRC[00:26:29] <Xzisted> is there a way that i can allow any mail from a specific server to bypass all the sanity checks that postfix performs on the mail to make sure it is authentic and allow that server to send mail through[00:27:22] <tyrok> Xzisted: Probably.[00:27:30] <tyrok> Xzisted: :)[00:28:08] <Xzisted> tyrok: heh...any ideas. syslog mail from one of my servers is getting rejected due to Sender address rejected: unverified address:[00:28:25] <Xzisted> that server thats sending the mail.....isnt running an actual mail server[00:28:38] <Xzisted> so postfix cant verify his status[00:28:58] <tyrok> Xzisted: Nope - don't really know. I'd have to go hunt around in the manual for a while. Just thought I'd answer your question the way you asked it. :)[00:29:27] <rob0> and just for that ...[00:29:39] <rob0> tyrok: My idea is that you did something wrong. :)[00:29:53] <tyrok> rob0: Touche![00:31:05] <tyrok> Xzisted: Only thing I can think of is that there's got to be: (a) someone who's had that problem before and (b) some configuration directive for it.[00:31:21] <tyrok> rob0: At least I know someone read my question. :)[00:32:12] <rob0> Well, about that, simply don't do sender address verification unless you understand what you're doing, and even then ... don't, it is often abusive.[00:39:40] *** miip has quit IRC[00:43:12] <Xzisted> rob0: well...i turned sender address verification off....its working now. im just concerned about letting mail through from senders who cant be recognized[00:43:37] <Xzisted> rob0: my server still passes all the www.abuse.net relay checks.[00:47:41] *** smultron has joined #postfix[00:47:59] *** Zblakany_ has joined #postfix[00:48:24] *** Zblakany_ has quit IRC[00:48:35] * vice-versa translates[00:48:38] <vice-versa> "my server still passes all the blatantly obvious relay checks."[00:48:39] *** Zblakany_ has joined #postfix[00:49:41] *** depquid has left #postfix[00:50:29] *** Zblakany has quit IRC[00:50:38] *** Zblakany_ is now known as Zblakany[00:51:04] <smultron> I'm trying to setup a BCC for a specific user using recipient_bcc_maps, but it doesn't seem to be working. i did the following:[00:51:05] <smultron> In /etc/postfix/main.cf added recipient_bcc_maps = hash:/etc/postfix/recipient_bcc[00:51:05] <smultron> then i made the 'recipient_bcc" file and ran postmap on it[00:51:05] <smultron> then i did a postfix reload[00:51:28] <smultron> but it doesn't seem to be BCCing, still.[00:51:34] *** felix_da_catz has quit IRC[00:57:16] <smultron> should it be under the local_recipient_maps?[01:03:11] <smultron> nevermind, my server only has 1.7.4... that seems to be the problem :([01:05:07] *** quieteyes has quit IRC[01:05:49] *** action09 has quit IRC[01:12:46] <rob0> 1.7.4 of what?[01:13:46] <cpm> rob0-1.7.4[01:14:25] <rob0> oh yikes, that's a lousy version[01:14:58] <smultron> Mac OS X Server has it :/[01:15:00] <rob0> upgrade to at least 1.7.9, or leave the 1.x series and get 3.1[01:16:11] <smultron> postfix is at version 3.1?[01:16:27] <rob0> 23:13 < cpm> rob0-1.7.4[01:16:36] <rob0> 23:12 < rob0> 1.7.4 of what?[01:16:42] <smultron> postfix[01:16:52] <rob0> there never was a Postfix 1.7.4.[01:16:59] <smultron> oh[01:17:05] <smultron> i'm mistaken then[01:17:16] * cpm upgrades to rob0-3.x[01:17:45] <rob0> rob0up[01:17:54] <cpm> dang,[01:18:01] * cpm types man rob0up[01:18:15] <smultron> how do i find the version number of my postfix that's running?[01:18:24] <vice-versa> postconf -h mail_version[01:18:25] <rob0> "postconf mail_version"[01:18:40] <rob0> or vice-versa[01:18:44] <vice-versa> :)[01:18:51] <smultron> wow, i was way off[01:18:56] <smultron> 2.4.3[01:19:23] <smultron> well... now i'm back to my original question of why the recipient_bcc_map doesn't work[01:19:39] <rob0> pastebin all relevant information[01:20:20] <rob0> the line from the /etc/postfix/recipient_bcc file, the log lines showing mail to that recipient[01:20:42] <smultron> k[01:29:31] <smultron> i think this is it[01:29:32] <smultron> http://pastebin.com/db6aa6a[01:30:44] <rob0> that's amavis, not Postfix[01:31:46] <smultron> oh, right. one sec[01:33:23] <rob0> also, munging is not a good idea[01:33:47] <smultron> what's that?[01:34:01] *** atilaX has quit IRC[01:34:43] <vice-versa> obfuscating details[01:36:41] <smultron> oh.[01:37:28] *** Siegfried has quit IRC[01:39:19] *** atilaX has joined #postfix[01:40:03] *** martianixor has joined #postfix[01:40:07] *** atilaX has quit IRC[01:40:30] *** martianixor has quit IRC[01:44:02] <smultron> i can't find any postfix messages about my email. only amavis[01:44:52] *** Zblakany has quit IRC[01:46:03] *** Fallenou has quit IRC[01:47:04] *** mirrorcolor has quit IRC[01:48:16] <smultron> it seems to be right info, though[01:53:59] *** n8rrv has quit IRC[01:57:40] *** war9407 has quit IRC[02:03:27] *** tyrok_ has joined #postfix[02:09:29] *** pitakill has quit IRC[02:10:24] <vice-versa> !tell smultron logs[02:10:42] <smultron> i got a little further[02:11:30] <smultron> it works fine on local addresses[02:11:43] <smultron> just not remote hosts[02:14:08] *** tyrok__ has joined #postfix[02:16:01] <rob0> Regardless, you have to have logs, or you'll be unable to solve any other problem as it comes up. Restart syslogd?[02:19:08] *** DukGalNa1u has joined #postfix[02:19:32] *** DukGalNamu has quit IRC[02:21:32] *** tyrok has quit IRC[02:28:59] <smultron> i'm not seeing anything[02:29:27] <smultron> grep -rn gmail /var/log only shows the amavis message i had before[02:31:24] *** tyrok_ has quit IRC[02:31:25] <INternat> so i have a question, apart from a ditributed file system, or something simular, in the event of a server crash, whats the best way to prevent mail loss? Obviously i have nightly backups and probably 12hrly as well, but thats still potentially 12hrs worht of email lost..[02:31:34] <vice-versa> smultron: then do as rob0 suggested, restart you syslog daemon[02:32:22] <mwalling> INternat: always_bcc offsite?[02:33:04] <INternat> mwalling: hi hi :P i dont have an offsite[02:33:23] <INternat> well not one that i could easily setup this with[02:33:49] <mwalling> !setup[02:33:50] <knoba> mwalling: Error: "setup" is not a valid command.[02:33:51] *** ming_zym has joined #postfix[02:34:00] <INternat> dont make me slap you :P[02:34:02] <mwalling> !learn setup as setup is not a verb[02:37:41] <smultron> good call vice-versa & rob0. there's some sort of syslogd error[02:38:13] <mwalling> !always_bcc[02:38:14] <knoba> mwalling: "always_bcc" : a configuration parameter in the main.cf: Optional address that receives a "blind carbon copy" of each message that is received by the Postfix mail system.[02:43:40] *** tyrok__ has quit IRC[02:44:15] *** magyar has joined #postfix[02:46:39] *** namit has quit IRC[03:10:42] *** Tachy_ has joined #postfix[03:11:16] *** pirho has quit IRC[03:11:46] *** stefan__ has quit IRC[03:11:48] *** pitakill has joined #postfix[03:11:49] *** stefan__ has joined #postfix[03:13:20] *** namit has joined #postfix[03:13:31] *** namit has quit IRC[03:25:16] *** Tachy has quit IRC[03:32:42] *** stefan__ has quit IRC[03:32:58] *** stefan__ has joined #postfix[03:36:43] *** magyar has quit IRC[03:38:43] *** githogori has quit IRC[03:38:55] *** magyar has joined #postfix[03:42:00] *** magyar has quit IRC[03:49:55] *** madrescher has quit IRC[03:53:40] *** magyar has joined #postfix[04:14:34] *** stefan__ has quit IRC[04:14:54] *** stefan__ has joined #postfix[04:18:16] *** amrit|wrk is now known as amrit|afk[04:36:33] *** xpoint has quit IRC[04:37:57] *** Siegfried has joined #postfix[04:48:39] *** Zeit|awy_ has joined #postfix[04:56:10] *** Zeit|awy has quit IRC[04:59:26] *** stefan__ has quit IRC[04:59:39] *** stefan__ has joined #postfix[05:00:59] *** githogori_ has joined #postfix[05:14:04] *** anuron has quit IRC[05:14:08] *** anuron has joined #postfix[05:21:07] *** felix_da_catz has joined #postfix[05:21:44] *** bhagat has joined #postfix[05:23:35] *** albanach has quit IRC[05:26:03] <Bogaurd_> In the case of a server which has 2 IP addresses, one being the normal link & one being a backup link, what's the best way of setting things up so the server can still provide a valid HELO string?[05:35:46] *** mirrorcolor has joined #postfix[05:36:49] *** ming_zym has quit IRC[05:40:52] *** ming_zym has joined #postfix[05:52:28] *** knoedel_ has quit IRC[06:02:12] *** Motoko-chan has joined #postfix[06:04:10] *** felix_da_catz has quit IRC[06:09:50] *** saurabhb has joined #postfix[06:09:51] *** pitakill has quit IRC[06:39:36] <mjoseph> so[06:39:41] <mjoseph> according to http://www.postfix.org/ADDRESS_CLASS_README.html[06:40:20] <mjoseph> the virtual alias domain class has no default class[06:40:25] <mjoseph> and therefore no transport[06:41:05] <mjoseph> but what if a message is accepted as permitted by the virtual alias domains[06:41:12] <mjoseph> but doesn't get aliased to anything?[06:42:26] <rob0> if there is no listing in virtual_alias_maps ...[06:42:31] <rob0> !unknown_virtual[06:42:32] <knoba> rob0: "unknown_virtual" : \"User unknown in virtual $X table\" means that the recipient domain was found in $virtual_$X_domains but the username@domain was not found in $virtual_$X_maps. ("$X" can be either alias or mailbox .)[06:42:49] <mjoseph> hmm[06:43:02] <mjoseph> so both smtpd(8) and trivial-rewrite[06:43:20] <mjoseph> (first stage, in cleanup(8)) consult virtual_alias_maps?[06:43:40] <mjoseph> smtpd() to confirm existence of the key[06:43:54] <mjoseph> err[06:44:03] <mjoseph> sorry, virtual_alias_mapping is done within cleanup(8[06:44:06] <mjoseph> ) itself[06:44:27] <mjoseph> so smtpd checks for existence of the key, to allow acceptence or not, and then cleanup does the rewrite?[06:44:32] <mjoseph> (on the envelope)[06:50:41] *** UQlev has joined #postfix[07:00:28] *** PhilKC has quit IRC[07:10:12] *** stefan__ has quit IRC[07:10:32] *** muecke77 has joined #Postfix[07:24:05] *** muecke78 has joined #Postfix[07:24:22] *** muecke77 has quit IRC[07:36:03] *** shinao1 has joined #postfix[07:45:16] *** Zblakany has joined #postfix[07:50:38] *** muecke78 has quit IRC[07:53:13] *** UQlev has quit IRC[08:00:34] *** serving has joined #postfix[08:00:40] <serving> hi all[08:02:41] <serving> gld deamon can not be run at start up. I put it in rc.local but I got USAGE: gld (start|..) ..if I run rc.local manully it start fine.[08:02:50] <serving> any ideas gurus? :)[08:03:05] *** stefan-f has joined #postfix[08:05:45] <serving> oh ..it is a centos system[08:08:07] *** RT^ has quit IRC[08:11:02] *** kk_CHN has joined #postfix[08:12:03] *** m0f0x has quit IRC[08:15:05] *** hparker has quit IRC[08:21:57] *** serving has quit IRC[08:22:00] <f3ew> what did you put in rc.local?[08:26:57] *** Filbert has quit IRC[08:27:22] *** stefan-f has quit IRC[08:28:54] *** syneus has joined #postfix[08:28:59] *** madrescher has joined #postfix[08:30:21] *** stony_ has joined #postfix[08:33:10] *** Motoko-chan has quit IRC[08:33:34] *** Filbert has joined #postfix[08:42:02] *** stony_ is now known as sotn[08:42:57] *** stony__ has quit IRC[08:45:53] *** sotn is now known as stony[08:46:16] <stony> hi guys[08:46:31] <stony> i'm missing the correct word for routing based on the senders address[08:46:35] <stony> source based routing ?[08:47:30] *** pa has joined #postfix[08:48:57] <f3ew> stony yes[08:49:14] <stony> it's sender_based_routing :) i found it :)[08:49:17] <stony> thx :)[08:51:22] <stony> or rather sender_dependent_relayhost_maps[08:57:10] *** smultron has left #postfix[09:17:21] *** Ramses_II has quit IRC[09:18:00] *** ming_zym has quit IRC[09:18:03] *** harobed has joined #postfix[09:22:21] *** ming_zym has joined #postfix[09:26:14] <lkthomas> guys, for maildrop, can I use two xfilter in the same time ?[09:26:48] <INternat> ok i run postfix on my server, i have an aliase in /etc/aliases that makes mail for root go to a different server (admin+servername at domain dot com)[09:27:34] <INternat> when i goto send mail to root it errors saying that its bouced cause it looped back to itself[09:27:50] <INternat> it seems to be appending the hostname listed in/etc/hostname and defined in myhostname to the message[09:28:00] <INternat> even though ive said its not the MUA's job to do that[09:36:37] *** xeb has joined #postfix[09:37:25] <xeb> Hello! please tell how to disable hostname verification ?[09:37:43] *** diveli has quit IRC[09:42:26] *** stefan-f has joined #postfix[09:46:23] *** Fallenou has joined #postfix[09:51:42] <xeb> :([09:54:44] *** mark-use has quit IRC[09:59:09] *** war9407 has joined #postfix[09:59:52] *** Sypher has joined #postfix[10:01:30] *** rootsvr has joined #postfix[10:02:39] <Sypher> hello guys, a question here. i have a server that sends mail from a forum in a site hosted in the same server ... whta are the steps i should take to ensure that the mail gets delivered and not get into the spam folder?[10:03:12] <Sypher> Excluding eventual content filtering that is out of my control zone ... what should i take a look at?[10:04:04] <dragonheart> depends on where the spam filtering is. normally there is some IP based whitelist you chould use[10:04:30] <Sypher> dragonheart, wait. i think i did not explain correctly.[10:04:54] <Sypher> as of now, my forum sends authorization emails to check the "trueness" of the mail for new users. but those located at yahoo, hotmail, etcetera are getting it into the spam folder.[10:05:08] <Sypher> Im not in any RBL blocklists, so i guess im making some mistakes in the configuration of my postfix.[10:05:22] <dragonheart> have you got a reverse DNS setup?[10:05:31] <Sypher> hmmm no.[10:05:33] <Sypher> :D[10:05:40] <dragonheart> bingo[10:05:43] <Sypher> googling ;)[10:05:51] <Sypher> also ... "myhostname" directive.[10:06:01] <Sypher> should be fully qualified right? but the webserver i use is multi-host.[10:06:29] <dragonheart> just pick a name that exists in DNS - preferably one you control[10:06:35] <Sypher> if someone sends mail from a website that is "site2.com" and myhostname is "site1.com" ... will there be a problem? or will the receipient even see, in the headers, site1.com ?[10:06:56] <Sypher> dragonheart, what do you mean wiht that last one sorry ? :o[10:07:10] <sysmonk> yes, the recipient will see that it was sent through site1.com[10:07:12] <sysmonk> but that's not a problem[10:07:35] *** amrit|afk is now known as amrit|zzz[10:08:12] <Sypher> sysmonk, can i avoid that?[10:08:20] <sysmonk> why do you want to do that?[10:08:33] <Sypher> because "site2.com" dosnt really like "site1.com".[10:08:35] <sysmonk> and no, you can't, unless you want to give each client a seperate IP address[10:08:43] <sysmonk> Sypher: those are your clients, right?[10:08:51] <Sypher> yep; more or less[10:08:58] <sysmonk> you have a company, right?[10:09:01] <Sypher> no[10:09:07] <Sypher> its just testing, but i want to know.[10:09:10] <sysmonk> then, who do they pay for the services ?[10:09:15] <Sypher> nobody.[10:09:25] <sysmonk> so why do you really care about them ? :P[10:09:25] <Sypher> i have a VPS, 2 ip addresses[10:09:28] <sysmonk> if they don't pay :P[10:09:30] <Sypher> haha[10:09:36] <Sypher> well, i care about my own knowledge[10:09:51] <Sypher> isnt there any way to have a "virtual" myhostname ?[10:10:02] <sysmonk> Sypher: you could give a generic host name, i.e. a host which isn't site1.com nor site2.com[10:10:03] <Sypher> like, having one for each of the virtualhost configurations in apache (or scripting it? )[10:10:10] <sysmonk> but yoursite.com ( sypher.com!!! :P )[10:10:33] <sysmonk> Sypher: no, there isn't, when you connect to the server the server greets you[10:10:37] <Sypher> ok, so there is no chance that i can have mail delivered from "site2.com" have a myhostname of site2.com and thesame for site1.com ?[10:10:44] <sysmonk> it does it FIRST, not after you say where you want to send the email[10:11:16] <sysmonk> so it doesn't know which hostname it should give (cause server doesn't know which client connected, was it site1.com or site2.com)[10:11:35] <Sypher> im talking from the inside to the outside[10:11:42] <sysmonk> doesn't matter[10:11:45] <Sypher> ah its the same thing[10:11:46] <Sypher> yeah. i got it now[10:11:55] <Sypher> allright, very clear, thanks[10:12:05] <Sypher> i'll just put up a "grey" name.[10:12:17] <sysmonk> yup, but make sure it exists in the dns and points to your server[10:12:26] <Sypher> yes, i will. thanks[10:12:29] <sysmonk> otherwise you'll have problems with some strict servers[10:12:34] <Sypher> now on to rdns, got a lot to read ugh ... :([10:12:55] <sysmonk> and, it would be best that your rdns would match your $myhostname[10:13:00] *** xeb has left #postfix[10:13:21] <sysmonk> it doesn't have to, but some servers do look at this too ;/[10:13:24] <Sypher> sysmonk, that will not cause trouble when the "from" email would be from @site1.com instead of @rdns.com ?[10:13:32] <sysmonk> nope[10:13:35] <Sypher> ok thanks[10:14:09] *** Knoedel2 has joined #postfix[10:14:59] *** michauk0 has joined #postfix[10:24:06] *** Zeit|awy_ has quit IRC[10:25:18] *** madrescher has quit IRC[10:29:57] *** Zblakany has quit IRC[10:37:13] *** harobed has quit IRC[10:38:29] *** harobed has joined #postfix[10:39:40] *** harobed has quit IRC[10:41:08] *** harobed has joined #postfix[10:46:26] *** ming_zym has quit IRC[10:47:03] *** RT^ has joined #postfix[10:47:18] *** PhilKC has joined #Postfix[10:50:26] *** havvg has joined #postfix[10:56:27] *** relnod has joined #postfix[10:56:53] <relnod> i m getting this msg not clear what exacly it means statistics: max connection rate 1/60s for IP[10:58:07] <relnod> does that mean how many times that ip was connected @ once[10:58:14] <relnod> hellooo[10:58:34] *** relnod has left #postfix[11:05:12] *** suuuper has joined #postfix[11:07:47] *** Zeit|awy has joined #postfix[11:12:14] *** CrazyFoam has quit IRC[11:12:52] *** lkthomas has quit IRC[11:13:35] *** af_ has joined #postfix[11:22:01] *** shinao1 has quit IRC[11:22:19] *** the_sniff has joined #postfix[11:22:56] <the_sniff> can i limit emails getting a connection error from the server they're sent to except for the refused error?[11:23:05] *** Fallenou has quit IRC[11:24:05] *** Fallenou has joined #postfix[11:29:56] *** tm-30740 has joined #postfix[11:39:09] *** tm-30740-exa has quit IRC[11:39:18] *** HSorgYves has joined #postfix[11:39:25] <HSorgYves> morning[11:40:13] <HSorgYves> does someone know what the postfix/mailman configuration option mailman_destination_recipient_limit does?[11:41:03] <dragonheart> passes 1 email at a time to mailman in my nieve inteperation[11:41:51] <the_sniff> hmm can i limit emails getting a connection error from the server they're sent to except for the refused error?[11:42:16] <HSorgYves> dragonheart: ok, so it is definitely needed?[11:42:42] <dragonheart> yes it is. I did forget it one and had a log full of fix it messages[11:47:09] <HSorgYves> ok, thx[11:49:18] *** HSorgYves has quit IRC[11:54:13] *** lkthomas has joined #postfix[11:54:14] <lkthomas> hey guys[11:54:30] <lkthomas> I have try my best to point maildroprc to the right maildir[11:54:35] <lkthomas> but seems wouldn't work[11:54:46] <lkthomas> anyone know how to deal with Maildir scripting ?[11:55:40] <_ruben> Maildir scripting?[11:56:00] <lkthomas> sorry, maildrop[11:56:09] <lkthomas> I got this: temporary failure. Command output: /usr/bin/maildrop: Unable to create a dot-lock at /var/vmail///cur/3052.0.mail.)[11:56:38] <lkthomas> DEFAULT="/var/vmail/$1/$2/cur/." <--- this is in maildroprc[11:56:42] <lkthomas> and it does not seems working[11:57:16] <_ruben> ah, dunno, not using maildrop myself[11:57:31] <lkthomas> anyone else ?[12:12:08] *** lkthomas_ has joined #postfix[12:13:19] *** hever has joined #postfix[12:16:12] <lkthomas_> does anyone did maildroprc scripting ?[12:18:48] *** decker has joined #postfix[12:19:14] *** rootsvr has quit IRC[12:21:09] *** lkthomas has quit IRC[12:22:20] *** Roobarb has quit IRC[12:23:36] *** af_ has quit IRC[12:23:58] <decker> so I tried to follow the tls readme on postfix.org, but I get this error: cannot load Certificate Authority data[12:24:04] <decker> anyone know why that might be?[12:24:21] <decker> oh, it's smtpd that's saying that[12:26:23] <sysmonk> there should be more info in the log[12:26:48] <sysmonk> (info supplied from openssl)[12:27:23] <sysmonk> (hint: try to grep TLS in your logs)[12:28:07] <decker> don't see anything. nothing in maillog, messages, secure...[12:28:16] <decker> maybe I need to up logging[12:28:37] <sysmonk> nope, should be fine with default logging[12:28:42] *** the_sniff has quit IRC[12:28:47] <sysmonk> decker: maybe your syslog logs it to some other file[12:28:55] <sysmonk> what's your distro?[12:29:11] <decker> redhat[12:29:31] <sysmonk> try grep -i TLS /var/log/mail*[12:31:14] *** ming_zym has joined #postfix[12:31:58] <decker> nope, nothing. that's the only error I get. cannot load CA data[12:32:27] <sysmonk> try adding a -v to smtpd in your master.cf[12:32:34] <decker> k[12:32:49] *** mirrorcolor has quit IRC[12:34:06] <decker> ha, yikes. this file is scary[12:34:21] <sysmonk> heh :)[12:34:45] <sysmonk> you have to change a line like this "smtps inet n - n - - smtpd" to this "smtps inet n - n - - smtpd -v"[12:34:56] <sysmonk> (add the -v in the end of the line, after smtpd)[12:40:32] <decker> nah, I got it. dunno if that helped much though. check my log:[12:40:35] <decker> http://rafb.net/p/S42bno10.html[12:41:48] <decker> hmm, or maybe that's my whole problem? the readme mentioned nothing about master.cf, but I see that smtps is commented out.[12:42:09] <sysmonk> you wouldn't get the CA error then[12:42:33] <sysmonk> that is, tls can be available on any port, not only smtps[12:42:39] <decker> right[12:42:48] <sysmonk> so on some port somebody (you?) tried to use TLS, and it didn't work[12:42:55] <sysmonk> but postfix should log the openssl error too[12:43:17] <sysmonk> try checking your syslog configuration, maybe it logs .warn or .debug to some other file[12:43:40] <decker> nah, mail.* goes to /var/log/maillog. already checked that[12:43:43] <sysmonk> (might be i.e. /var/log/debug or whatever, it's really distro dependant)[12:43:52] <sysmonk> decker: that doesn't mean all mail goes there[12:44:02] <decker> it doesn't?[12:44:21] <sysmonk> some rule might override that[12:45:30] <decker> well, the only other place would be messages, but there's nothing in there[12:45:47] <sysmonk> just for the gods sake, try grep TLS /var/log/*[12:46:33] <decker> maillog is the only thing with tls in it[12:47:33] <sysmonk> pastebin it[12:47:39] <sysmonk> (the grep output)[12:47:45] <decker> k[12:49:22] <decker> http://rafb.net/p/WbtQ9b74.html[12:49:33] <decker> the /var/lib/postfix stuff I already took care of though[12:56:06] <decker> hmm, running system-switch-mail didn't seem to make any difference either. ha, not even sure what that does to be honest...[12:57:43] <decker> hmm, guess it mucks with /etc/alternatives apparently[13:02:01] <lkthomas_> hmm[13:02:09] <lkthomas_> my maildroprc often having trouble to complete process[13:02:12] <lkthomas_> how could I do debugging ?[13:09:12] *** madrescher has joined #postfix[13:09:19] <decker> sysmonk: I'm an idiot. I had the wrong CA file in place. or a file that wasn't my CA file I guess I should say.[13:09:42] <decker> thanks for trying to help out though anyway[13:12:34] <sysmonk> decker: it should log the message anyway[13:12:54] <sysmonk> so anyway you have another problem[13:13:06] <sysmonk> and without proper logging configured, you won't be able to solve other problems[13:13:15] <sysmonk> (if there will be any :P )[13:23:48] <decker> well, I mean, it did kinda, did it not? couldn't load the CA file. which makes sense, it wasn't a valid CA file[13:24:58] *** INternat has quit IRC[13:25:51] *** is_null has joined #postfix[13:26:41] *** is_null has left #postfix[13:30:58] <decker> I suppose I'm missing a part of the big picture here still. tls works, great. but users being users, I'd imagine not all of them will enable it. but I really don't want plain text user/passwords flying across the wire. so what should I do? change the "may" use tls to something else?[13:32:11] <decker> hmm, probably not, because wouldn't that screw any regular mail servers just sending mail?[13:35:33] <decker> I guess make people go with the smtps port is the answer to that, huh?[13:35:51] <rio> decker: no you can allow authed recipients from other smtp servers[13:36:15] <rio> but unauthed recipients just if sasl_auth (tls) is successful[13:36:39] <decker> but is every other server out there going to support tls?[13:36:47] <rio> why should it?[13:37:13] <rio> other mail agents talk to you with plain smtp[13:37:48] *** js_ has quit IRC[13:39:21] <decker> ok, right. but I'm saying I want to limit relaying to users that have authenticated, right? but I only want them to authenticate if it's encrytped, right? so say I were to force that on port 25, wouldn't that screw any regular mail servers contacting me?[13:41:26] *** Ramattack has joined #postfix[13:41:29] <Ramattack> Hi![13:41:43] <Ramattack> does anyone use mailgraph here? or what do you adive for mail graphing?[13:41:54] <Ramattack> for stats with virus and spam I mean...[13:42:23] <Ramattack> my amavis is quarintining and scanning the mail nice but in weekly stats don't see any virus or spam[13:46:05] *** Roobarb has joined #postfix[13:50:12] *** shinao1 has joined #postfix[13:50:19] *** Mavvie has quit IRC[13:53:03] *** Knoedel2 has quit IRC[14:00:05] *** bhagat has quit IRC[14:01:18] *** kk_CHN has quit IRC[14:02:53] *** Ramattack has quit IRC[14:05:01] <decker> hmm, I threw this in master.cf: smtps inet n - n - - smtpd -o smtpd_enforce_tls=yes[14:05:17] <decker> but it still lets me authenticate without tls. what's up with that?[14:06:33] *** rootsvr has joined #postfix[14:07:24] *** Mavvie has joined #postfix[14:08:20] <dragonheart> decker: smtps is normally -o smtpd_tls_wrappermode=yes[14:08:45] <decker> hmm, guess I'm mistaken anyhow. I was kinda assuming it had my password saved, but it never prompts me for a password even[14:09:14] <decker> dragonheart: that would force tls?[14:09:56] *** INternat has joined #postfix[14:11:34] <rio> i think you want something like[14:11:36] <rio> permit_sasl_authenticated[14:11:37] <rio> permit_auth_destination[14:11:37] <rio> reject[14:11:47] <dragonheart> mine is smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sender_restrictions=permit_out,reject with permit_out defined as permit_mynetworks permit_tls_clientcerts reject_non_fqdn_sender reject_authenticated_sender_login_mismatch permit_sasl_authenticated[14:11:52] <rio> in your client and recipient destrictions[14:12:29] <dragonheart> quite right rio - i did sender but either way works[14:13:12] *** mozillamonks has joined #postfix[14:13:17] <rio> so you can only send to authed destinations, like the one you use for your mailboxes without tls[14:13:28] <rio> but to send to example.com you would need sasl auth[14:13:36] <rio> otherwise the mail is rejected[14:19:48] *** jellis-real has joined #postfix[14:20:45] <decker> ha, this gets more and more complicated. apparently I need a saslauthd server[14:21:35] <rio> you can use other auth methods too[14:21:51] <rio> can't do postfix tls with username/password on its own?[14:22:18] <decker> probably. but don't look at me[14:22:23] <rio> i am using dovecot for auth, so its sasl for me[14:22:48] <rio> decker: youll need to read in the postfix manpages ;)[14:22:52] <decker> sasl sounds good to me though because then users won't need to muck with any settings when I make the switch from sendmail[14:23:35] <mozillamonks> I need help configuring virtual domains, I'm getting a "user unknown in virtual alias table" error. Full logs & config: http://pastebin.ca/1009264 Any help would be appreciated! :)[14:24:06] *** wdp has joined #postfix[14:24:21] *** dida has joined #postfix[14:25:48] *** ming_zym has quit IRC[14:29:45] *** michauk0 has left #postfix[14:33:02] *** Tex-Twil has joined #postfix[14:35:58] *** michauk0 has joined #postfix[14:42:12] *** wdp has left #postfix[14:46:23] *** rhineheart_m has joined #postfix[14:49:43] <dida> hi all[14:50:43] <dida> i got relay access denied[14:50:48] <mwalling> !debug[14:50:49] <knoba> mwalling: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .[14:51:05] *** decker has quit IRC[14:56:12] *** muecke77 has joined #Postfix[14:57:23] *** keffer has joined #postfix[14:59:14] *** ramoni has joined #postfix[15:03:30] *** nphase_ has joined #postfix[15:04:21] *** syneus has quit IRC[15:08:02] *** felix_da_catz has joined #postfix[15:10:00] *** TheBonsai has joined #postfix[15:10:33] <TheBonsai> hiah. how to enable SASL to do PLAIN auth (smtp side) agains a MD5 hash (database side)?[15:11:02] <Dominian> !sasl[15:11:03] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[15:12:24] <TheBonsai> it already kinda works, with cleartext passwords stored in a sql db[15:12:36] *** Tex-Twil has quit IRC[15:13:27] <rio> but then this is not a postfix question[15:13:58] * mozillamonks wonders if anyone has any ideas with his question: http://pastebin.ca/1009264 : "user unknown in virtual alias table"[15:15:29] <rio> mozillamonks: where do you list sales at podhurl dot co.uk?[15:16:28] <TheBonsai> rio: right[15:16:50] <rio> mozillamonks: i think your /etc/postfix/virtual is not what it should be[15:16:55] *** nphase_ has quit IRC[15:17:11] <mozillamonks> rio: I thought if podhurl.co.uk was listed in virtual, then it would take * at podhurl dot co.uk and chack for local users matching *[15:17:22] <mozillamonks> At least, that's what I thought from reading the documentation[15:18:14] <rio> mozillamonks: the virtual alias map works like "foo at example dot com bar at example dot org"[15:19:11] <mozillamonks> OK, so there is no way to make all addresses at a domain try to map to local users in aliases?[15:19:37] <rio> Optional lookup tables that alias specific mail addresses or domains to[15:19:38] <rio> other local or remote address.[15:19:55] <rio> thats what the manual says to virtual_alias_maps[15:21:38] <mozillamonks> ok, so[15:21:44] *** Draecos has joined #postfix[15:21:48] <mozillamonks> should I add podhurl.co.uk as a hostname then?[15:22:23] <rio> im pretty sure there is a way to this virtual[15:22:30] <rio> but i don't know how right now[15:22:34] <mozillamonks> :([15:22:46] <rio> just read the manual carefully and youll find out ;)[15:23:30] *** hparker has joined #postfix[15:37:19] *** hf|work has joined #postfix[15:37:30] <hf|work> hiho[15:37:44] <felix_da_catz> I am getting the following messages when I restart postfix. There are about 6 of them, but here is a sample:[15:37:47] <felix_da_catz> warning: /var/spool/postfix/lib/libnss_compat-2.3.6.so and /lib/libnss_compat-2.3.6.so differ[15:39:08] <hf|work> how does postfix generate its message id names? I read this is a date based number + the hostname set in main.cf[15:40:07] <hf|work> users which authenticate via sasl get a complete other MID, mainly the domain part of their email address instead the hostname[15:40:18] <hf|work> can I influence that somewhere?[15:42:06] *** muecke77 has quit IRC[15:43:44] <felix_da_catz> In the source code probably.[15:47:44] *** generic has joined #postfix[15:47:58] *** dwhite has joined #postfix[15:49:00] *** Ramattack has joined #postfix[15:49:49] <Ramattack> Hi!!![15:50:06] <Ramattack> I'm driving quite crazy with mailgraph stats...[15:51:34] <generic> hi all[15:51:53] <generic> postfix/smtp[10527]: CE78731DA83: to=<root at misac-10 dot example.comk>, relay=192.168.10.45[192.168.10.45], delay=1, status=bounced (host 192.168.10.45[192.168.10.45] said: 554 5.4.0 Error: too many hops (in reply to end of DATA command))[15:52:02] <generic> what this error mean[15:52:09] <Ramattack> could you know something of it? when are updated the weekly and monthly stats exactly? I enter a testing mail with viruses or spam... and it's cached by amavis but mailgraph doesn't say to much about it...[15:52:42] *** dida has quit IRC[15:54:17] *** rootsvr has quit IRC[16:04:22] *** keffer has quit IRC[16:04:57] <Ramattack> generic if mail is not in queue that you have a mail loop probably... suppose...[16:05:08] <generic> exactly[16:05:21] <generic> but am unable to understand why[16:07:16] <generic> doed /etc/aliases to do with[16:10:46] <generic> Ramattack[16:10:47] <generic> ?[16:10:53] <Ramattack> yep[16:11:19] <Ramattack> perhaps because root points there to one user[16:11:26] <Ramattack> and that user points to root[16:11:36] <Ramattack> check you're /etc/aliases[16:12:21] <generic> can i paster here[16:13:12] <generic> here[16:13:13] <generic> http://pastebin.com/m1db33aa8[16:13:17] <generic> Ramattack[16:13:22] <Ramattack> one moment[16:15:23] <generic> ok[16:15:37] *** Draecos has quit IRC[16:15:43] <Ramattack> are you using relay transport or smtp?[16:16:33] <generic> well this server relay to main fw[16:16:41] <generic> this server is smtp[16:16:52] <generic> for outside emails it relays to my fw[16:17:07] <Ramattack> then you could have an issue there...[16:17:18] <Ramattack> that something is looped there ...[16:17:21] <generic> well i dun think so[16:17:21] <Ramattack> in you're relay[16:17:33] <Ramattack> check it... perhaps...[16:18:01] <generic> how i check that[16:18:03] <generic> any idea[16:20:47] <Ramattack> mmmm I have not too much time sorry mate but... (I entered for a mailgraph doubt) I'd start by checking transports if there in you're mailbox server and later the gateway transports[16:20:49] *** michauk0 has left #postfix[16:20:54] <Ramattack> sorry generic no time...[16:25:13] *** syneus has joined #postfix[16:32:33] *** mrglinux has joined #postfix[16:33:59] *** DeeJayTwo has quit IRC[16:35:09] <mrglinux> hi i want to install mailman on virtual directory but my config means ( main.cf ) is " myhostname =debian mydomain =mrg-host.net" but my virtual domain is mrglinux.org what shall i do? i must change mrg-host.net to mrglinux.org or add new another options?[16:35:17] *** albanach has joined #postfix[16:35:40] <mrglinux> virtual directory ** virtual domain[16:38:35] *** albanach_ has joined #postfix[16:38:37] <hparker> I use mydomain=lists.example.com for all of my lists, never got them working in sql... May look back into it on my next upgrade... i only host a few lists so it's not bad[16:39:43] <mrglinux> hparker you say this for my problem? or u have another problem ?[16:40:01] <hparker> mrglinux: For your problem[16:41:19] <mrglinux> hparker you say doesn't work or work?[16:41:20] *** ming_zym has joined #postfix[16:41:53] <hparker> I never got it working, but was also in a hurry due to the old server having hardware problems[16:42:35] <hparker> So I used mydomain and made the lists local rather then virtual[16:42:59] <hparker> err... mydestination[16:43:08] * hparker needs to find more coffee[16:44:04] <mrglinux> hparker :-D[16:45:10] <rhineheart_m> I tried to use mysql-database to handle my users....but I failed during the configuration so I want to restore the old config. Now, my problem is.. how could do it? My postfix receive mails anymore.. it says vitual users don't exist in the table..[16:48:18] <rhineheart_m> I tried to check it in the /etc/postfix/virtual file but I noticed that all the users do exist there.. Currently.. if I will be sending emails from yahoomail.. my postfix will respond with this error: User unknown in virtual alias table.[16:52:31] *** hf|work has left #postfix[16:53:05] <rhineheart_m> If I will be sending mails to local users it won't even arrive. Even sending it to self (same emails; sender and recipient) no delivery..[16:55:30] *** albanach has quit IRC[16:55:41] *** j_s has joined #postfix[16:58:37] *** madrescher has quit IRC[16:59:57] *** michauk0 has joined #postfix[17:01:44] <rhineheart_m> It consumed my time looking for the solution.. I've been trying google... but of no avail. Can't find a working solution. :([17:02:23] <rob0> !unknown_virtual[17:02:23] <knoba> rob0: "unknown_virtual" : \"User unknown in virtual $X table\" means that the recipient domain was found in $virtual_$X_domains but the username@domain was not found in $virtual_$X_maps. ("$X" can be either alias or mailbox .)[17:02:36] <hparker> restore your config backups?[17:09:33] *** shinao1_ has joined #postfix[17:09:42] *** Siegfried has quit IRC[17:09:44] *** rootsvr has joined #postfix[17:16:40] *** saurabhb has quit IRC[17:16:40] *** syneus has quit IRC[17:19:44] <michauk0> I have a question about relaying :[17:19:47] <michauk0> My SMTP accepts e-mails sent to @mycorp.com[17:19:56] <michauk0> I'm trying to make him relay e-mails received for something at sub dot mycorp.com which is a standalone server for some specific purposes[17:20:08] <michauk0> Right now, I added sub.mycorp.com to mydestination. Seems to be working : I can send an e-mail locally (from my smtp server) to someone at sub dot mycorp.com[17:20:19] <michauk0> BUT : if I try to send an email from my laptop to someone at sub dot mycorp.com, the SMTP server rejects and says : Recipient address rejected: User unknown in local recipient table[17:20:28] <michauk0> Note that someone at mycorp dot com doesn't exists. I just want my SMTP to relay it.[17:20:44] <michauk0> I tried to add someone at sub dot mycorp.com to /etc/postfix/access (and postmap the file) and I have smtpd_client_restrictions = hash:/etc/postfix/access[17:20:49] <michauk0> It didn't help[17:20:56] <michauk0> I can't find the correct parameter in main.cf to make my server understand I just want him to relay :([17:21:00] <michauk0> any idea ?[17:21:01] <michauk0> please :)[17:21:17] <Dominian> !relay[17:21:17] <knoba> Dominian: Error: "relay" is not a valid command.[17:21:19] <Dominian> fsck[17:21:22] * Dominian goes back to work[17:22:08] <mjoseph> !relay_domains[17:22:09] <knoba> mjoseph: "relay_domains" : a configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter.[17:22:48] <michauk0> mmm, why didn' I see this one... :/[17:22:49] <michauk0> I'll try[17:23:31] <michauk0> can you restrict the list of accepted user names ? (as users are defined elsewhere, on the sub SMTP)[17:24:40] <mrglinux> hparker i initiation mailman..but and Subscribe user and get email ..in email that i received said mail to webgroup at lists dot mrglinux.org but when i send a mail .. i get delivery failed ... i want to aks .. i create a email adress like webgroup at lists dot mrglinux.org in webhost panel or mailman create it itself ?[17:24:45] *** DeeJayTwo has joined #postfix[17:25:25] <hparker> mrglinux: Never used a panel and don't use mailman's web interface[17:25:26] *** adamb has joined #postfix[17:26:46] <mrglinux> okkey[17:26:52] *** CrazyFoam has joined #postfix[17:29:23] <michauk0> mjoseph: I tried relay_domains = $mydestination as my subdomain is in it. reloaded postfix, same problem[17:31:10] <michauk0> which is the default setting[17:31:11] <michauk0> ...[17:31:34] *** oxtail has joined #postfix[17:33:21] <mjoseph> no[17:33:24] <mjoseph> that's not the right config[17:33:40] *** rhineheart_m has quit IRC[17:33:41] <mjoseph> !mydestinations[17:33:42] <knoba> mjoseph: Error: "mydestinations" is not a valid command.[17:33:43] <mjoseph> !mydestination[17:33:44] <knoba> mjoseph: "mydestination" : a configuration parameter in the main.cf: The list of domains that Postfix delivers via the $local_transport mail delivery transport. By default, mail is given to the Postfix local(8) delivery agent that looks up all recipients in /etc/passwd and /etc/aliases, or their equivalents.[17:34:09] <michauk0> mmmm I think I start to understand[17:34:10] <mjoseph> if you just want to relay, then set: mydestination =[17:34:26] <michauk0> if my subdomain is in mydestination, then the users have to exist locally ?[17:34:44] <mjoseph> yes[17:34:56] <michauk0> no no, my main server must deliver mail locally[17:35:22] <michauk0> I want to add a behaviour, which is : if sent to subdom....com then relay to another SMTP[17:36:05] <michauk0> strange that locally, the e-mail could be relayed at the beginning :/[17:36:07] <michauk0> I'm trying[17:36:10] <rob0> !address_classes[17:36:10] <michauk0> thank you[17:36:11] <knoba> rob0: "address_classes" : http://www.postfix.org/ADDRESS_CLASS_README.html describes how Postfix deals with different classes of addresses: local, relay, virtual alias, virtual mailbox, and Internet.[17:36:38] <michauk0> !relayhost[17:36:38] <knoba> michauk0: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination.[17:37:55] <michauk0> my SMTP has a relayhost in DMZ (to be able to get outside). I suppose relay_domains and relayhost are really different "things"[17:39:10] <michauk0> yes :)[17:39:32] <michauk0> everything is OK, thanks for the tips (and hopefully, I still can send/receive e-mails in the real world ;)[17:40:21] *** Zblakany has joined #postfix[17:46:41] *** oxtail has quit IRC[17:48:45] <adamb> by default is postfix setup so it will send mail no matter what, if its from a domain in, my destination?[17:49:10] *** korozion has joined #postfix[17:50:30] <adamb> I just set this postmail mail server as my smtp, and it sent mail to my gmail without problems, it was "from" a domain in mydestination..[17:50:36] <adamb> that should be normal right?[17:52:57] *** mrglinux has quit IRC[17:58:57] *** AcTiVaTe has joined #postfix[18:00:52] <rob0> michauk0: indeed, the word "relay" has 2 different meanings in Postfix.[18:02:28] <rob0> "relayhost" and "relaying [for your users]" applies to "Internet class" domains, outbound mail.[18:03:02] <rob0> relay_* settings are for "relay class" domains, where you are the MX but not the final destination for the mail.[18:03:51] <korozion> I have a question, and I'm not sure how to word it, so I'll just try and describe my situation ....[18:04:48] <korozion> I have two servers, each a mirror of itself. They use drbd and heartbeat (outside the scope of this question). They share an IP, meaning when the primary is up it has xx.xx.96.96, when the secondary is up, it has xx.xx.96.96.[18:05:18] <korozion> (continuing)[18:06:50] <korozion> this issue here is (of course) that I need to reverse 96 to mail.mydomain.com. That can't happen (for other reasons). What I'd like to do, is to be able to send mail on each servers real IP xx.xx.96.97 and xx.xx.96.98. One is called freedom, and one called liberty. However when I send, clients are confused as they expect mail.mydomain.com, not liberty or freedom[18:07:32] <korozion> (these aren't american flag-waving domains, they were synonymous of independence (mail and dns serving independence :) )[18:08:06] *** pa has quit IRC[18:08:32] <korozion> anyway, if that makes any sense to anyone, I'd love some help[18:11:08] <adamb> can someone help me understand what determines if I can relay mail through my server or not.. i can as of now send mail, with my user/pass[18:11:34] <adamb> is it only letting me send because I authenticate? I thought I needed pop-before-smtp for that.[18:14:52] <korozion> hrm, I think I solved my problem by removing the MX record for mail.mydomain.com, and adding ones for freedom.mydomain.com and libery.mydomain.com. However since the A record for mail. still exists, it receives mail just fine. Does that make sense?[18:15:17] *** suuuper has quit IRC[18:15:23] *** havvg has quit IRC[18:16:36] *** Sypher has quit IRC[18:17:19] <rob0> korozion: I think so :)[18:17:46] <korozion> :)[18:18:31] <rob0> As long as the HELO matches rDNS, and you don't have any other dns issues, you should be ok.[18:18:55] <korozion> excellent, thanks[18:19:05] <rob0> so inbound is always on .96, but outbound can vary between .97 and .98[18:19:20] <korozion> yep, exactly[18:19:32] <korozion> (as .96 reverses to ns1.mydomain.com)[18:19:55] <korozion> but postfix will listen on .96 for incoming[18:20:08] <rob0> reverse only really matters on the outgoing IP[18:20:26] <korozion> I'm thinking in the near future I'll move the DNS server away from drbd and make a new drbd IP for just the mail and hosting servers[18:20:28] <korozion> true[18:20:30] <korozion> and thanks[18:21:04] <korozion> dnsstuff.com seems to agree with us :)[18:21:23] *** af_ has joined #postfix[18:22:26] <rob0> Offer void where taxed or prohibited by law, or if you're emailing reckless and irresponsible providers <cough>hotmail</cough>.[18:22:44] <korozion> :D[18:29:45] *** githogori_ has quit IRC[18:37:41] *** shinao1 has quit IRC[18:38:09] <korozion> thanks again \o[18:38:12] *** korozion has left #postfix[18:39:14] *** albanach_ is now known as albanach[18:40:48] *** Siegfried has joined #postfix[18:45:43] *** rootsvr has quit IRC[18:47:52] *** Ramattack has quit IRC[18:55:41] *** Malte_ has joined #postfix[18:55:57] *** Malte_ is now known as UnitedColors[18:56:23] *** memetic has quit IRC[18:56:29] *** memetic has joined #postfix[18:59:57] *** harobed has quit IRC[19:04:03] *** UnitedColors has quit IRC[19:07:50] *** deemon has quit IRC[19:16:08] *** stefan-f has quit IRC[19:20:52] *** mark-use has joined #postfix[19:21:19] *** muecke77 has joined #Postfix[19:23:41] *** ming_zym has quit IRC[19:25:47] *** keffer has joined #postfix[19:26:44] *** havvg has joined #postfix[19:26:44] *** af_ has quit IRC[19:27:30] *** ming_zym has joined #postfix[19:33:24] *** suuuper has joined #postfix[19:34:41] *** p-- has joined #postfix[19:37:10] <p--> is it possible to setup postfix to process the mailqueue without requiring it to be running an smtpd server? ie, with it disabled I cant use something like "echo 'foo' | mail -s 'blah' user at foo dot com".. it's just queued until I 'postfix start', then it's delivered.. Can I just remove the smtpd in master.cf?[19:39:17] <Dominian> no[19:39:30] <Dominian> that defeats the purpose of an MTA[19:40:31] <p--> I understand what you're saying[19:40:46] <Dominian> There's no way to proess the postfix queue files outside of letting postfix do it that I know of.[19:43:44] <p--> well, removing smtpd in master.cf works fine[19:45:36] <p--> basically I just want to handle email sent via CLI, or cronjobs, but I don't want something listening on port 25.. I mean, I have it firewalled off, and the footprint is probably so small it doesn't really matter performance wise. This is a database server so I am trying to keep the processes minimal[19:46:20] <Dominian> ahhhhh[19:46:21] <Dominian> I see[19:46:26] <Dominian> Yeah smtpd being shut off might be ok[19:46:47] <p--> so far it seems fine..[19:46:53] <p--> I'll keep it like this for now[19:46:58] * Dominian nods[19:47:21] <p--> thx for the help[19:47:30] <Dominian> np[19:50:21] *** muecke77 has left #Postfix[19:51:56] *** p-- has left #postfix[19:53:34] *** thumbs has quit IRC[19:53:39] *** Sieg has quit IRC[19:57:14] *** israel has quit IRC[20:00:06] *** Sieg has joined #postfix[20:00:30] *** thumbs has joined #postfix[20:00:35] *** shinao1_ has quit IRC[20:03:55] *** xpoint has joined #postfix[20:07:53] *** ming_zym has quit IRC[20:13:56] *** empiric has joined #postfix[20:20:05] *** sweeed__ has joined #postfix[20:26:10] *** sweeed__ has quit IRC[20:28:49] *** Thalia18_sj_gf_j has joined #postfix[20:32:47] *** carl- has joined #postfix[20:34:58] <LMJ> Hi[20:35:43] <LMJ> Where i could look for help regarding dovecot + fetchmail + procmail + postfix ( I think I will off-topic here :-/)[20:36:06] <sysmonk> why not on #dovecot? :P[20:36:50] <LMJ> let's try, I hope they are n00b tolerant ;)[20:36:56] <sysmonk> dovecot = dovecot, fetchmail = connects to dovecot, procmail = delivers to dovecot, postfix - uh, delivers to procmail :)[20:37:08] <sysmonk> unless you really have a postfix problem[20:38:34] <LMJ> well, sound like postfix works : telnet port 25, regular email commands, the mail is delivered on the local mailbox (mbox in ~user/mail/INBOX)[20:38:56] <LMJ> if the user is local, else, it forward to my ISP smtp[20:39:01] <LMJ> exactly what I wanted[20:39:11] <LMJ> at least, on the postfix side ;)[20:43:44] *** action09 has joined #postfix[20:55:46] *** dazjorz has quit IRC[20:55:49] *** dazjorz has joined #postfix[21:03:49] *** shinao1 has joined #postfix[21:17:39] *** amrit|zzz is now known as amrit|wrk[21:27:50] *** Mavvie has quit IRC[21:29:03] *** [diablo] has joined #postfix[21:29:07] *** havvg has quit IRC[21:31:11] *** hemry has joined #postfix[21:35:50] *** shinao1 has quit IRC[21:48:11] *** stefan-f has joined #postfix[21:51:12] *** deemon has joined #postfix[21:54:57] *** pirho has joined #postfix[22:08:34] *** githogori_ has joined #postfix[22:08:48] *** oxtail has joined #postfix[22:10:06] *** Fallenou has quit IRC[22:11:32] *** leOn has joined #postfix[22:11:43] *** leOn has left #postfix[22:12:33] <tauren> In the jimsun howto, is there a reason that reject_invalid_hostname, reject_non_fqdn_hostname, etc come before permit_mynetworks and permit_sasl_authenticated? http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt[22:13:16] <tauren> i have a client using MS Outlook who is getting a "helo command rejected need fully qualified hostname" error.[22:13:30] <Dominian> !sasl[22:13:31] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[22:13:53] <tauren> should i just put permit_sasl first?[22:13:59] <adaptr> tauren: yes, Outhouse is retarded.. fact of life[22:14:19] <tauren> Outhouse?[22:14:34] *** muecke77 has joined #Postfix[22:16:56] *** mozillamonks has quit IRC[22:20:49] *** pitakill has joined #postfix[22:21:16] *** madrescher has joined #postfix[22:42:55] *** carl- has quit IRC[22:47:04] *** j_s has quit IRC[22:49:17] *** tyrok has joined #postfix[22:50:37] <tyrok> Hi! I'm getting a warning in the logs on one particular account - "warning: [IP address]: hostname [hostname] verification failed: Name or service not known". I've never seen this before today. What does it mean, and where can I look to fix it?[22:52:11] <rob0> It's a reverse DNS failure for that IP address. If you don't control that IP address, you cannot fix it.[22:53:37] <tyrok> rob0: How do I turn off reverse DNS verification in Postfix, and is that advisable?[22:53:58] <adaptr> it's not "verification", and you can't turn it off[22:54:35] <adaptr> you connect from IP, postfix looks up IP for HELO name, if they don't match - sorry[22:54:43] <tyrok> ...so is it that their IP has reverse DNS set up improperly, or is it the e-mail server's reverse DNS entry?[22:54:49] <adaptr> you should not have this problem with a genuine MX - ever[22:55:00] <adaptr> it is not a reverse anything[22:55:08] <tyrok> Ah.[22:55:09] <rob0> oh I suppose you could chroot into a place with a bad/crippled nameserver, but then every address would have that warning, and it would break a lot of things.[22:55:09] <adaptr> it's a forward lookup on the EHLO hostname[22:56:29] <tyrok> adaptr: OK, I think I understand now.[22:56:47] <adaptr> you do ? wow, that's above par[22:59:35] *** rudebwoy has left #postfix[23:01:57] <tyrok> adaptr: If that's above par, I'd better recheck. :) What you're saying is that the hostname they're giving the server and their IP don't match, correct?[23:02:20] *** ramoni has quit IRC[23:02:32] <tyrok> adaptr: Which means either they're giving me the wrong hostname or their DNS is set up improperly?[23:02:37] <adaptr> ty7"they"[23:02:50] *** oxtail has quit IRC[23:02:56] <adaptr> tyrok: "they" are not doing anything - they simply provide a bogus HELO[23:03:12] <adaptr> and you can either allow that or not - I specifically forbid it, and so shoul you[23:03:19] <adaptr> no proper MX behaves this way[23:04:10] <tyrok> adaptr: OK. Makes sense.[23:04:43] <adaptr> you can finetune most parameters this way, in case you have stuff like OUthouse clients on your network - they tend to screw you over.. ehm screw it up :)[23:05:12] <adaptr> per RFC, the client is required to provide a valid hostname (i.e. resolvable through DNS) as its HELO[23:07:10] <adaptr> but it's not strictly enforced by many MTAs[23:07:30] <tyrok> adaptr: I talked to the people who are trying to send not too long ago, and I know they're trying to use Outlook. So is it safe to assume then that Outlook's "Server Identity" settings are screwed up on that computer?[23:08:04] <adaptr> it's safe to assume outlook is screwed up, period[23:08:14] <tyrok> adaptr: Well, that's a given. :)[23:08:15] <adaptr> add it to your mynetworks or let them connect with SASL[23:08:24] <adaptr> problem ... circumvented[23:08:47] <tyrok> adaptr: Hmmm, that gets me thinking...They're supposed to be configured to be allowed by SASL...[23:09:00] <tyrok> adaptr: I'd better go check that...[23:13:37] <tyrok> adaptr: Nope, they are allowed...I'm on the phone with them now...[23:16:21] *** knoba has quit IRC[23:16:31] *** knoba has joined #postfix[23:16:39] *** knoba has quit IRC[23:16:50] *** knoba has joined #postfix[23:18:41] *** danbeck has joined #postfix[23:21:07] *** jellis-real has quit IRC[23:25:05] *** Draecos has joined #postfix[23:26:52] *** hemry has quit IRC[23:32:15] *** Draecos has quit IRC[23:33:45] *** oxtail has joined #postfix[23:37:06] *** Hans-Martin has joined #postfix[23:37:21] *** jbt has joined #postfix[23:38:21] <jbt> why I got this "Rejected bounce by verification" error, anything I can do on my side for this?[23:39:04] <Hans-Martin> hi folks, here's a postgrey question but it's related to postfix, too: Is there a way to automatically whitelist clients for postgrey when postfix sends mail to them?[23:39:36] <Hans-Martin> The idea is that when one of our users sends mail to someone whose mail server is not yet whitelisted and expects a quick answer, this mechanism would enable that (had this case just today)[23:40:18] <rob0> Well, Hans, the trouble with that is that a inbound MX is not always the same as the outbound MSA.[23:41:22] <rob0> With larger sites, that's usually the case.[23:41:27] <Hans-Martin> I know, it would help in just a few cases, not all of them...[23:41:41] <tyrok> adaptr: Just got off the phone with them. They are definitely listed in SASL, can properly authenticate with the password they have for receiving (same as sending), I put their address in mynetworks, and I'm still getting the problem.[23:42:13] <tyrok> adaptr: Although now it seems to be intermittent. They were able to send two e-mails, then got blocked.[23:42:31] <Hans-Martin> I would probably even whitelist the /24 after sending a mail to a host in that network area...[23:42:34] <tyrok> adaptr: Where else can I look?[23:45:09] <tyrok> jdt: Don't know what's going on with your system, but your question has been read. :)[23:45:20] <tyrok> jbt: Sorry, got your nick wrong.[23:46:23] <Hans-Martin> jbt: your mailserver is probably refusing mails from the empty sender address <>[23:47:02] <Hans-Martin> jbt: that would be a bad idea - it does not stop much spam, just some backscatter, but it breaks the whole delivery status mechanism[23:48:38] <jbt> Hans-Martin, well not really, it just bounce bad for a single sender[23:48:46] <jbt> back *rather[23:50:09] <Hans-Martin> jbt: then I probably don't understand how your problem is structured. I'm trying to guess what you were doing:[23:50:28] <Hans-Martin> 1. you sent a mail to some user whose mailserver uses exim[23:50:55] <Hans-Martin> 2. exim does a callout verification to see whether the purported sender address (your address) exists[23:51:37] <Hans-Martin> 3. your server somehow rejects the callout (which should consists of MAIL FROM and RCPT TO only, no DATA)[23:51:54] <Hans-Martin> 4. exim thinks your address is bad, and rejects the mail from you[23:52:18] <Hans-Martin> (I'm guessing exim because the error "5.1.0 Rejected by bounce verification" is generated by exim[23:53:11] *** empiric has quit IRC[23:56:21] *** danbeck has quit IRC[23:56:32] <jbt> Hans-Martin, sorry I had a postfix server and somebody send an email to one of my user, but then he the sender got and NDR about above error[23:57:48] *** Motoko-chan has joined #postfix[23:58:16] <Hans-Martin> ok, so to analyze it one would need to know which servers were involved and which one generated the error. AFAIK postfix does not generate "Rejected by bounce verification"[23:58:56] <Hans-Martin> but this goes probably beyond what is possible on IRC as it would involve looking at headers and mentioning specific host names and user names...[23:58:57] *** action09 has quit IRC[23:59:01] *** tauren has left #postfix