May 7, 2008 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 7, 2008 [00:01:43] <jbt> Hans-Martin, can I pm you?[00:02:50] *** muecke77 has left #Postfix[00:03:08] <Hans-Martin> in theory, yes, but as it's 12AM here, I'm just about to go to bed, so at the moment no :-)[00:03:18] <Hans-Martin> bye folks...[00:03:29] *** Hans-Martin has left #postfix[00:13:54] *** majikman has quit IRC[00:17:00] *** diveli has joined #postfix[00:20:36] *** googlah has joined #postfix[00:21:01] *** dwhite has quit IRC[00:21:32] *** majikman has joined #postfix[00:27:45] *** felix_da_catz has quit IRC[00:30:03] *** Mez has quit IRC[00:41:17] *** war9407 has quit IRC[00:53:03] *** DukGalNamu has joined #postfix[00:53:04] *** DukGalNa1u has quit IRC[01:10:57] *** Flimzy has quit IRC[01:13:06] *** Fallenou has joined #postfix[01:13:11] *** Zblakany has quit IRC[01:15:20] *** Fallenou has quit IRC[01:20:55] *** [diablo] has quit IRC[01:22:42] *** Motoko-chan has quit IRC[01:25:37] *** hacim has joined #postfix[01:25:54] <hacim> i have this problem where postfix doesn't seem to be sending the mail to maildrop properly.[01:26:13] <hacim> if I run the maildrop command in the shell that postfix runs (by piping a message) it works fine[01:26:30] <hacim> and I increased the verbosity of the pipe command in master.cf and the logs dont show me anything useful[01:27:25] <hacim> the postfix log says:[01:27:26] <hacim> status=sent (delivered via maildrop service)[01:27:34] <hacim> but... nothing[01:33:31] *** lysander_ has joined #postfix[01:35:28] *** Mavvie has joined #postfix[01:35:49] *** oxtail has quit IRC[01:36:50] *** lysander_ has quit IRC[01:37:17] *** lysander_ has joined #postfix[01:50:47] *** Flimzy has joined #postfix[01:52:33] *** DukGalNamu has quit IRC[01:52:44] *** DukGalNamu has joined #postfix[01:58:13] *** lysander has quit IRC[02:10:56] *** jjshoe has left #postfix[02:13:29] *** hobbzilla has joined #postfix[02:13:37] <hobbzilla> what is the default retry time for postfix?[02:13:50] <hobbzilla> retry delay.. or what have you.[02:16:01] <jbt> 0[02:18:19] <rob0> man qmgr[02:18:47] *** rpetre has joined #postfix[02:18:58] <rpetre> hello[02:19:45] *** PhilKC has quit IRC[02:22:08] <rpetre> I'm currently trying to setup a VERP-like mechanism and I need to pass some subparts of the destination address to a script, pcre seemed to do it for me, but neither local nor virtual allow parameter substitution in pcre and regexp maps, any idea how this cand be worked around (or disabled)?[02:22:10] *** Siegfried has quit IRC[02:32:35] *** madrescher has quit IRC[02:34:54] *** pirho has quit IRC[02:40:30] *** ming_zym has joined #postfix[02:42:03] *** adamb has quit IRC[02:42:03] *** DukGalNamu has quit IRC[02:42:12] *** DukGalNamu has joined #postfix[02:43:32] *** hever has quit IRC[02:47:02] *** felix_da_catz has joined #postfix[02:50:28] *** jbt has quit IRC[02:52:30] *** blizzow has quit IRC[02:58:36] *** diveli has quit IRC[03:04:57] *** diabel- has quit IRC[03:05:53] *** hobbzilla has left #postfix[03:10:30] *** Tachy has joined #postfix[03:19:39] *** hacim has left #postfix[03:22:48] *** felix_da_catz has quit IRC[03:23:27] *** Tachy_ has quit IRC[03:25:53] *** mirrorcolor has joined #postfix[03:31:30] *** Mavvie_ has joined #postfix[03:38:03] *** hparker has quit IRC[03:39:39] *** stefan__ has joined #postfix[03:45:25] *** Mavvie has quit IRC[03:46:28] *** magyar has quit IRC[03:48:30] *** felix_da_catz has joined #postfix[03:50:36] *** amrit|wrk is now known as amrit|afk[03:57:29] *** stefan-f has quit IRC[04:04:18] *** stefan__ has quit IRC[04:04:28] *** stefan__ has joined #postfix[04:06:28] *** AcTiVaTe has quit IRC[04:17:38] *** adaptr has quit IRC[04:17:52] *** TheBonsai has quit IRC[04:21:10] *** TheBonsai has joined #postfix[04:23:27] *** magyar has joined #postfix[04:27:25] *** jvictor has joined #postfix[04:29:36] *** githogori_ has quit IRC[04:31:39] *** AcTiVaTe has joined #postfix[04:33:12] *** felix_da_catz has quit IRC[04:37:12] *** crumberly has joined #postfix[04:39:59] *** jvictor has left #postfix[04:41:13] *** stefan__ has quit IRC[04:41:31] *** stefan__ has joined #postfix[04:41:54] *** adaptr has joined #postfix[04:42:44] *** diranged has joined #postfix[04:43:15] <crumberly> I have configured the MX level like this:[04:43:35] <crumberly> Host name: barterhouse.net[04:43:51] <crumberly> mail server: mail[04:44:05] <crumberly> MX Level: 10[04:44:11] <diranged> i've got a quick question about postfix bouncing .... we've got our mail server setup to refuse any email from domains that don't reverse-resolve properly. however, on occation we'll see a network glitch that will cause our DNS server to hang even though new messages are still coming in. During this time, postfix *seems* to bounce all messages permanently. isthere a way to indicate that if the dns server fails, hold the message u[04:44:11] <diranged> ntil it can be checked again?[04:44:28] <crumberly> TTL: 1800[04:45:07] <crumberly> How do I set up my server at home to accept the email that will be coming my way?[04:46:16] <rob0> !basic[04:46:17] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[04:46:21] <rob0> crumberly: ^^[04:46:35] <crumberly> Yes?[04:47:06] <rob0> diranged, if the nameserver simply fails to respond, the failure should be temporary. A permanent failure only comes with a definite NXDOMAIN response.[04:47:40] <diranged> if the failure is temporary, willi t queue the message and then check it later?[04:48:47] *** Zeit|awy_ has joined #postfix[04:49:02] <diranged> can it be setup so that if the dns server fails to respond, just ignore the dns filter completely?[04:49:14] <diranged> that would be acceptable in our situation for the occations where the dns server fails momentarily[04:49:26] *** crumberly has quit IRC[04:49:29] <diranged> (essentially a fail-open circuit instead of a fail-closed circuit)[04:50:55] *** albanach has quit IRC[04:52:41] <rob0> You'd probably need to take your issue and your evidence to the mailing list. It could be that you have a bad nameserver, that would be my first suspect.[04:54:50] <diranged> hmm ok[04:55:21] *** Zeit|awy has quit IRC[04:58:32] *** RainDoctor has quit IRC[05:01:48] <rob0> Um, no, you can't use reject_unknown_client_hostname and "quarantine" it. Postfix doesn't have such quarantine features. You can tempfail all of them, or just not use that restriction.[05:02:14] *** diranged has quit IRC[05:02:21] <rob0> A Postfix does a lot of DNS ... oh well[05:04:21] *** diranged has joined #postfix[05:05:48] *** diranged has quit IRC[05:10:57] *** AcTiVaTe has quit IRC[05:14:02] *** Motoko-chan has joined #postfix[05:16:10] *** AcTiVaTe has joined #postfix[05:20:26] *** tyrok has quit IRC[05:25:43] *** RainDoctor has joined #postfix[05:41:36] *** adaptr_ has joined #postfix[05:48:41] *** adaptr has quit IRC[05:49:09] *** AcTiVaTe has quit IRC[05:58:12] <mjoseph> rob0: i think you could do it with a policy server[05:58:25] <mjoseph> though, quite frankly, i think it should be easier to do those things internally[05:58:38] * mjoseph ponders writing a generic policy server that just does simple attribute matching[06:03:16] *** stefan__ has quit IRC[06:03:29] *** stefan__ has joined #postfix[06:18:50] *** bottiger has quit IRC[06:59:55] *** fiXXXerMet has joined #postfix[07:01:02] *** bhagat has joined #postfix[07:08:35] *** saurabhb has joined #postfix[07:11:34] *** githogori_ has joined #postfix[07:12:06] *** muecke77 has joined #Postfix[07:13:26] *** rpetre has quit IRC[07:14:37] *** Mavvie has joined #postfix[07:23:10] *** eject_ck has joined #postfix[07:23:12] <eject_ck> Hi all[07:25:49] *** Mavvie_ has quit IRC[07:26:09] <eject_ck> Can anybody recommend pop3 fetcher like this for win32 http://www.softpedia.com/get/Internet/Servers/E-mail-Servers/POPcon.shtml[07:26:13] <eject_ck> thanks![07:30:55] <xpoint> hue ?, fetchmail[07:33:29] *** muecke77 has quit IRC[07:38:39] *** mirrorcolor has quit IRC[07:41:58] *** amrit|afk is now known as amrit[07:50:51] <f3ew> mjoseph, I have one[07:51:30] <mjoseph> yeah?[07:52:49] *** stefan__ has quit IRC[07:54:58] *** seekwill has joined #postfix[07:57:35] *** eject_ck has quit IRC[08:13:43] *** stefan-f has joined #postfix[08:19:38] *** ming_zym has quit IRC[08:24:32] *** Mavvie_ has joined #postfix[08:26:06] *** stony_ has joined #postfix[08:28:00] *** Mavvie has quit IRC[08:28:54] *** shinao1 has joined #postfix[08:37:07] *** fiXXXerMet has left #postfix[08:40:58] *** ming_zym has joined #postfix[08:41:31] *** stony has quit IRC[08:42:54] *** syneus has joined #postfix[08:42:57] *** lysander_ has quit IRC[08:43:24] *** lysander has joined #postfix[08:43:27] *** lunaphyte has quit IRC[08:44:21] *** Motoko-chan has quit IRC[08:46:39] *** jamola has joined #postfix[08:47:15] <jamola> hi all[08:47:35] <jamola> i am getting mail duplcation from root@hostname from my mailserver[08:47:45] <jamola> is this aliases problem[08:49:12] <LMJ> hi[08:53:05] <LMJ> little probleme : if I send an email to postfix with : user@emailboxhostname, postfix redirect that to my ISP smtp :-/ user at emailboxhostname dot fqdn delivers in local, but I have put mydestination = localhost, localhost.$mydomain, $myhostname, $mydomain = relay_domain[09:15:50] *** pa has joined #postfix[09:17:29] *** xpoint has quit IRC[09:17:36] *** PhilKC has joined #Postfix[09:20:52] *** Fallenou has joined #postfix[09:30:48] *** af_ has joined #postfix[09:38:08] *** mark-use has quit IRC[09:39:00] *** Tex-Twil has joined #postfix[09:48:24] *** jamola has quit IRC[09:58:40] *** war9407 has joined #postfix[10:00:36] *** felix_da_catz has joined #postfix[10:01:33] *** [1]felix_da_catz has joined #postfix[10:02:22] *** Tex-Twil has quit IRC[10:04:12] *** harobed has joined #postfix[10:04:19] *** oxtail has joined #postfix[10:15:35] *** af_ has quit IRC[10:18:46] *** snappy has quit IRC[10:18:49] *** snappy has joined #postfix[10:18:50] *** felix_da_catz has quit IRC[10:39:05] *** seekwill has quit IRC[10:46:10] *** oxtail has quit IRC[10:52:46] *** [1]felix_da_catz has quit IRC[11:07:39] *** kk_CHN has joined #postfix[11:10:57] *** mikefoo has quit IRC[11:12:12] *** Mez has joined #postfix[11:13:10] *** Draecos has joined #postfix[11:17:59] *** mirrorcolor has joined #postfix[11:34:34] *** [diablo] has joined #postfix[11:35:08] *** Nevstah has joined #postfix[11:40:03] <Nevstah> i'm trying to set 'notify_classes = resource, software' but everytime i check, its been removed? what am i doing wrong?[11:40:22] <Nevstah> i'm setting this in main.cf[11:40:34] *** madrescher has joined #postfix[11:44:51] *** hever has joined #postfix[12:01:42] *** Nevstah has quit IRC[12:04:14] *** rootsvr has joined #postfix[12:09:41] *** UQlev has joined #postfix[12:18:52] <stefan-f> Hello all :)[12:19:17] <stefan-f> I have an external usb device with ntfs on it and I can not mount it rw[12:19:31] <stefan-f> can someone help?[12:20:31] <jelly> stefan-f: not exactly a postfix issue, unless your queue is on it :-)[12:20:49] *** majikman has quit IRC[12:21:47] *** majikman has joined #postfix[12:29:56] *** wdp has joined #postfix[12:41:28] *** oxtail has joined #postfix[12:48:57] *** rootsvr_ has joined #postfix[12:57:22] *** Draecos has quit IRC[13:01:32] *** Draecos has joined #postfix[13:06:37] *** rootsvr has quit IRC[13:16:42] *** Frcsyk has joined #postfix[13:17:55] <Frcsyk> is anyone available to answer a few questions?[13:19:05] <dragonheart> depends on the question(s) :-)[13:19:49] <Frcsyk> :) pretty simple i think. I live in Japan and I can no longer use my old ISP's smtp server to route messages[13:20:09] <Frcsyk> so I installed postfix and I am able to send messages to addresses within my own domain but nothing outside[13:20:38] *** UQlev has quit IRC[13:20:40] <Frcsyk> I want to relay messages through my private postfix server[13:22:04] <dragonheart> have you setup some form of authentication for your relayed messages?[13:22:15] <Frcsyk> currently everything is at the default[13:22:24] <Frcsyk> so no smtp-auth or anything yet[13:23:05] <dragonheart> that would be required. alternately add your ip into my_networks[13:23:48] <Frcsyk> i added it in there but no luck so far[13:24:27] <Frcsyk> can i message you?[13:26:04] *** ming_zym has quit IRC[13:26:58] <dragonheart> i'm kinda doing other stuff at the same time and there are more knowlegeable people here than me[13:27:27] <Frcsyk> ok that's no problem[13:27:51] <dragonheart> what error does the log show?[13:28:21] <Frcsyk> error relaying denied[13:28:32] <Frcsyk> it only happens when I try to send messages outside the domain[13:28:37] <stefan-f> ups sorry wrong list ;)[13:29:39] *** phnord has joined #postfix[13:31:39] *** bhagat has quit IRC[13:31:42] <dragonheart> Frcsyk: can you pastbin postconf -n[13:32:02] *** kk_CHN has quit IRC[13:36:02] *** mozillamonks has joined #postfix[13:36:03] <Frcsyk> sure one sec[13:42:41] *** mozillamonks has quit IRC[13:46:29] <Frcsyk> ah i pm'd you but it was blocked[13:51:17] <dragonheart> rate limited[13:51:24] <Frcsyk> forgot to reg my nick[13:51:27] <Frcsyk> should be ok now[13:53:22] <dragonheart> does your mynetworks contain the ip your relaying from?[13:54:19] <dragonheart> please list your sender/recipent restrictions[13:56:42] <Frcsyk> that was all that was in my main.cf file[13:57:55] <Frcsyk> wait[13:58:04] <Frcsyk> i am able to forward messages now to outside domains[13:58:05] <dragonheart> stopped at [21:47:13] <Frcsyk> smtpd_use_tls = ye[13:58:15] <dragonheart> good - dinner time for me[13:58:31] <Frcsyk> lost connection with smtpin.eastlink.ca[24.222.0.18] while receiving the initial server greeting[13:58:36] <Frcsyk> get this error on the server[13:58:41] <Frcsyk> hah no problem, i have a conference call[14:08:30] *** madrescher has quit IRC[14:11:50] *** madrescher has joined #postfix[14:12:54] *** Bogaurd has joined #postfix[14:13:05] *** Bogaurd_ has quit IRC[14:17:22] *** xpoint has joined #postfix[14:24:23] *** ramoni has joined #postfix[14:47:42] *** jellis-real has joined #postfix[14:53:08] *** Fallenou has quit IRC[15:05:25] *** Frcsyk has quit IRC[15:15:02] *** martianixor has joined #postfix[15:18:48] *** shinao1_ has joined #postfix[15:18:54] <LMJ> hi[15:19:33] <LMJ> little probleme : if I send an email to postfix with "user" from the email server itself, postfix redirect that to my ISP smtp :-/ user at emailboxhostname dot fqdn delivers in local, but I have put mydestination = localhost, localhost.$mydomain, $myhostname, $mydomain = relay_domain[15:22:09] <LMJ> sound like my "transport" is incomplete, what should I had to get it work?[15:22:22] *** felix_da_catz has joined #postfix[15:24:02] *** shinao1 has quit IRC[15:25:10] <Dominian> !transport[15:25:11] <knoba> Dominian: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html[15:25:34] *** havvg has joined #postfix[15:26:15] <LMJ> Yes, thanks, I knew that ;)[15:26:33] <LMJ> localhost = & .localhost = seems to have solved my problem[15:45:26] *** Blinny has joined #postfix[15:51:28] *** Knoedel2 has joined #postfix[15:54:28] *** vsd has joined #postfix[15:54:38] <vsd> how can i see what version of postfix i have?[15:55:29] *** tom has joined #postfix[16:01:25] <tom> i have a strange problem with my e-mail server about once a week. i'm not sure if it's the fault of postfix, but the load goes up to 130 and the system is very unresponsive. here's a process listing: http://home.eggdrop.ch/tmp/ps-aux.txt any ideas what could be the cause?[16:01:31] *** hf|work has joined #postfix[16:01:34] <hf|work> hiho[16:01:45] <hf|work> i have a strange behavior with postfix and catchall[16:02:30] <hf|work> if i have NO catchall defined, and a explicit address - a mail to explicit adress is forwarded to the explicit mailbox correctly, a mail to a not existent adress gets bounced.[16:02:49] <hf|work> if i have A catchall defined, the catchall collects everything, even the explicit adress[16:03:07] <Dominian> What's the bounce message? user unknown in mailbox table or something?[16:03:25] <hf|work> User unknown in virtual[16:03:25] <hf|work> mailbox table (in reply to RCPT TO command)[16:03:40] <hf|work> this is correct, if there is no catchall[16:03:51] <hf|work> but why the catchall also takes valid adresses[16:04:05] <hf|work> this is not as expected I think[16:09:33] *** Draecos has quit IRC[16:09:47] *** albanach_ has joined #postfix[16:09:52] *** albanach_ is now known as albanach[16:13:14] <Dominian> hf|work: erm.. the catchall will cover everything..[16:13:28] <Dominian> hf|work: but if you have a true email account .. that email account will accept anything for itself.[16:13:51] <hf|work> yeah that's it[16:13:56] <Dominian> so.. if you have iamacatchall at domain dot tld and private at domain dot tld.. if you send to private at domain dot tld then it'll receive its own email anything else will get forwarded to the catchall delivery address.[16:13:57] <hf|work> but it doesn't[16:14:14] <hf|work> i would expect this at all[16:15:03] <Dominian> hm[16:15:25] <Dominian> unfortunately, I'm quite busy at the moment.. so I don't have much time to actually look into this with you[16:15:48] <hf|work> but catchall also takes the real accounts mail :/[16:16:03] *** seekwill has joined #postfix[16:16:14] *** martianixor has quit IRC[16:17:15] <Dominian> hf|work: then I'd say you have something mis configured somewhere[16:17:38] *** wdp has quit IRC[16:17:41] *** rhineheart_m has joined #postfix[16:18:15] <hf|work> hm.. yeah possibly ;)[16:18:19] <hf|work> but WHAT[16:20:03] <rhineheart_m> HI! My postfix before was able to send and receive mails...but I guess it started when I tried to configure it to have MYSQL support that I can't receive message anymore.. even receiving mails locally.. SO MY QUESTION IS: How could I solve this "User unknown in virtual alias table" problem? I am working in a debian machine.. thanks[16:21:43] <rhineheart_m> I tried: tail -n100 /var/log/mail.log And it gives me this output: relay=none, delay=0.03, delays=0.01/0/0/0.02, dsn=5.0.0, status=bounced (User unknown in virtual alias table)[16:22:39] *** seekwill has quit IRC[16:22:51] <Dominian> rhineheart_m: Do you have a mysql table and all the things needed tied into to postfix to make calls to mysql to get the virtual user information?[16:23:35] *** ming_zym has joined #postfix[16:24:08] <rhineheart_m> Dominian, I'm in a virtual hosting environment... anyway.. I don't like to use MYSQL to handle users' accounts.. so.. I want to reverse it to its original configuration... Is it possible? How and where will I start?[16:25:43] <Dominian> Well, I have no idea what you did int he first place[16:25:47] <Dominian> so whatever you did.. do the opposite of that?[16:26:31] *** nilesh123 has joined #postfix[16:27:14] *** githogori_ has quit IRC[16:27:16] <shasta> just restore you configs from backups you obviously took before reconfiguring (-8[16:27:34] <shasta> s/took/made/, my english sucks today[16:27:40] <shasta> s/today//[16:27:50] *** PhilKC has quit IRC[16:27:54] <rhineheart_m> that's the problem then.. before I did it.. mmm... I didn't back up its config[16:27:54] <Dominian> shasta: hehe[16:27:59] <Dominian> ouch[16:28:03] * Dominian slaps rhineheart_m[16:28:19] *** sysmonk has quit IRC[16:28:41] <rhineheart_m> Dominian... I didn't do anything except doing aptitude install postfix-mysql I guess...[16:29:02] <Dominian> yeah, but I dunno what that does[16:29:11] <Dominian> that may completely over write your existing postfix installation[16:29:51] *** sysmonk has joined #postfix[16:30:03] <rhineheart_m> I did the aptitude remove already... but it still didn't work.. any idea how could I instruct postfix not to use mysql as its database?[16:30:32] <Dominian> Like I said.. I have no idea what debian does whenyou install postfix-mysql[16:31:32] <shasta> pastebin output of postconf -n[16:31:52] *** seekwill has joined #postfix[16:34:26] <rhineheart_m> shasta, got it?[16:39:08] *** arreyder has joined #postfix[16:40:16] *** PhilKC has joined #Postfix[16:46:36] *** nilesh123 has left #postfix[16:49:38] *** rootsvr_ has quit IRC[16:52:39] *** j_s has joined #postfix[16:56:24] <arreyder> say I have two postfix clusters at different physical locations, but connected on the back side via private direct connection, in the event that one of the cluster's service provider fails, can I have it pass it's cued up mail to the other cluster for handling? maybe using the fallback_relay option?[16:56:38] <arreyder> bad idea, better way to do it?[17:01:07] *** hever has quit IRC[17:04:25] *** PhilKC has quit IRC[17:10:39] *** madrescher has quit IRC[17:11:17] <Roobarb> arreyder: do you have DNS on the private LAN ?[17:11:45] <arreyder> yes[17:12:08] <Roobarb> wait, are these inbound-only ?[17:12:14] <arreyder> currently there is an internal load balancer set up to send equal amounts of mail to both clusters[17:12:19] <arreyder> both inbound and outbound[17:12:53] <arreyder> every one inside sends to the virtual address that represents both clusters[17:12:57] <Roobarb> well, fallback_relay is usually used when you don't have a load-balancer[17:13:15] <arreyder> how so?[17:13:54] <Blinny> How can I make postfix pass only the username to my spam filter (using lmtp) instead of the full username at domain dot tld ?[17:14:00] <Roobarb> http://www.postfix.org/postconf.5.html#smtp_fallback_relay[17:14:10] <Roobarb> arreyder: note the caveat about MX's[17:14:19] <arreyder> I did[17:14:56] <arreyder> it is not applicable to what I am proposing[17:15:10] <Roobarb> arreyder: I've used smtp_fallback_relay in a situation where I had a primary/secondary relay and _all_ mail had to traverse the relay to go anywhere[17:15:52] <arreyder> ok, that is true of these clusters, they are the only way in, or out for mail.[17:15:56] <Roobarb> I use equal-weight MX's to load-balance inbound connections, and a smtp_fallback_relay for the onward (internal) route[17:16:30] <arreyder> I do the same for inbound, outbound as I said uses a loadbalancer[17:16:56] <Roobarb> not sure I quite understand your question then[17:17:15] <Roobarb> if a box has failed, how can it forward mail to somethign else?[17:17:44] <arreyder> I didnt propose a box to have failed: "in the event that one of the cluster's service provider fails"[17:18:17] <Roobarb> isn't that just a routing problem? :)[17:18:21] <arreyder> which means it is still accepting mail from the inside, and cueing it up because the a destination may be unreachable[17:18:28] <arreyder> never mind.[17:18:29] <arreyder> sheesh[17:20:43] *** phnord has quit IRC[17:26:02] <vsd> how can i change postfix's banner?[17:26:47] *** shinao1_ has quit IRC[17:30:33] <Roobarb> vsd: change smtpd_banner[17:31:26] <Roobarb> vsd: if you miss out $myhostname, you're violating the SMTP protocol[17:31:40] <vsd> Roobarb, is that a file?[17:32:18] <Roobarb> postconf -e "smtpd_banner = $myhostname Postfix"[17:32:23] <Roobarb> or whatever you want[17:32:30] <vsd> ah thanks once again :)[17:32:36] <Roobarb> http://www.postfix.org/postconf.5.html#smtpd_banner[17:32:54] <Roobarb> I'm guessing you're trying to remove the version string?[17:34:20] <vsd> postfix isn't the only esmtp right?[17:34:24] *** generic has quit IRC[17:34:25] <vsd> yes Roobarb[17:34:25] *** Lyfe has quit IRC[17:35:25] *** CrazyFoam has quit IRC[17:35:49] <Roobarb> vsd: Then I'd use: smtpd_banner = $myhostname ESMTP[17:36:00] *** madrescher has joined #postfix[17:36:17] <vsd> Roobarb, yes that's what i'm trying. but not only postfix is esmtp right?[17:36:31] <Roobarb> I don't understand your question[17:36:47] <vsd> it needs a \$myhostname[17:37:03] <vsd> i mean sendmail or exim4 are esmtps as well?[17:37:11] <Roobarb> You MUST advertise your hostname.[17:37:22] <Roobarb> You MAY advertise ESMTP[17:37:50] <Roobarb> sendmail and exim support ESMTP I believe[17:38:25] <vsd> ok thanks once again[17:40:07] *** rhineheart_m has quit IRC[17:40:49] <seekwill> I wonder what MTA Gmail uses...[17:41:05] <roe> I think I remember reading that they grew their own[17:41:25] <seekwill> Probably true for all their stuff[17:47:12] <Blinny> How can I make postfix pass only the username to my spam filter (using lmtp) instead of the full username at domain dot tld ?[17:48:15] *** Fallenou has joined #postfix[17:51:50] *** af_ has joined #postfix[17:58:06] *** netcrash has joined #postfix[17:58:38] <vsd> by default postfix has open relay enabled right?[18:02:16] <jduggan> wrong[18:05:48] <Dominian> that would be.. stupid.[18:09:28] <vsd> but i can connect to port 25 of my server[18:09:32] <vsd> from a remote host[18:09:38] <vsd> that should happen?[18:09:53] <Dominian> uhh yeah[18:10:01] <Dominian> !basic[18:10:02] <knoba> Dominian: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[18:10:56] *** githogori has joined #postfix[18:13:21] <googlah> You can connect to it, but it won't relay. :-)[18:18:41] *** madrescher has quit IRC[18:18:50] <Dominian> at least it shouldn't[18:18:59] <Dominian> by default postfix will not relay[18:19:29] <sysmonk> unless microsoft ported postfix to windows, then the default might be 'relay all' i think[18:19:43] <Dominian> true[18:19:52] <jelly> there's something to be said about reasonable defaults[18:20:12] <sysmonk> microsoft? reasonable?[18:20:39] * jelly looks angrily in the general direction of backscatterg-generating barracuda[18:21:04] <sysmonk> yummy :)[18:22:42] <jelly> I (and, worse, some of our paying customers) am receiving 00-000s of DSNs every day, and am contemplating murder[18:22:56] *** pa has quit IRC[18:23:46] <jelly> antispam vendor helpfully told me how to devnull all the DSN messages :-|[18:24:52] <jelly> good thing is I've learned how to say "**Message you sent blocked by our bulk email filter**" in French and Spanish![18:26:11] *** eject_ck has joined #postfix[18:39:05] *** Thalia18_sj_gf_j has quit IRC[18:39:25] <vsd> if i don't have a domain[18:39:30] *** Thalia4u_hy_wm_x has joined #postfix[18:39:34] <vsd> is there a way that people can send email to me?[18:39:56] <Dominian> not really[18:41:41] <vsd> i mean a .com domain or such[18:41:54] <vsd> can they use my ip to send me mail?[18:43:00] *** rootsvr has joined #postfix[18:43:03] <Dominian> yes.. that they can do[18:43:32] *** Draecos has joined #postfix[18:43:40] <vsd> so they should mail to user@ip?[18:43:50] <Dominian> they can try that.. but yes[18:45:58] *** eject_ck has quit IRC[18:46:06] *** eject_ck has joined #postfix[18:46:15] *** rootsvr has quit IRC[18:47:47] *** stefan-f has quit IRC[18:48:13] *** syneus has quit IRC[18:51:20] <Blinny> How can I make postfix pass only the username to my spam filter (using lmtp) instead of the full username at domain dot tld ?[18:52:02] <Dominian> I have to admit.. I wish Wietse would do his changelog a bit differently... hard to tell what version of postfix the patches are for[18:53:05] <Dominian> Blinny: no idea.. id on't use lmtp[18:53:46] <f3ew> Dominian, uh?[18:53:52] <f3ew> user@[ip] @ vsd[18:54:03] <f3ew> Ah, the release date things[18:54:30] <Dominian> f3ew: yes[18:54:36] <Dominian> f3ew: His changelog is gigantic..[18:54:41] <Dominian> and you have no idea what actually went into 2.5.1[18:55:23] <Dominian> I run 2.5.0 and it looks like the 2.5.1 patchlevel isn't something I need anyway, but I do like to try and stay on top of things in case something does get fixed with services I use[18:55:57] *** ming_zym has quit IRC[18:58:34] <f3ew> Dominian download 2.5.1 and diff the changelog?[18:58:55] <Dominian> bah[18:59:01] <Dominian> that's one way[18:59:07] <Dominian> Or just say to hell with it and not care.[18:59:28] *** af_ has quit IRC[19:00:30] *** lunaphyte has joined #postfix[19:05:29] *** Sieg has quit IRC[19:05:41] *** Sieg has joined #postfix[19:07:08] *** MalMen has joined #postfix[19:09:45] *** maw has quit IRC[19:09:48] *** maw has joined #postfix[19:10:12] *** maw has quit IRC[19:12:16] *** rootsvr has joined #postfix[19:13:23] *** UQlev has joined #postfix[19:14:46] *** maw_ has joined #postfix[19:15:06] <MalMen> hello[19:15:12] <MalMen> i have here one problem[19:15:20] <MalMen> i am not enable to login on my imaserver[19:15:25] <MalMen> anyone can help me please ?[19:15:29] <Dominian> imap isn't a postfix thing...[19:15:33] <MalMen> yes[19:15:35] <mwalling> wtf is an imaserver?[19:15:41] <MalMen> but maybe someone can help me[19:15:47] <Dominian> MalMen: What Imap server are you using?[19:15:48] <MalMen> i am using postfix + courier[19:15:49] <MalMen> + mysql[19:15:58] <Dominian> Welll, I can't help you.. I use dovecot[19:16:01] <MalMen> before i restart my server that is working[19:16:04] <Dominian> and this really isn't the right channel for an IMAP issue.[19:16:17] <MalMen> but on courier no one help me[19:16:17] <MalMen> lol[19:16:26] <Dominian> well... what can I say?[19:16:35] <sysmonk> you might want to hire a sysadmin[19:16:42] * Dominian nods[19:17:49] *** stefan-f has joined #postfix[19:17:50] <Dominian> too many people out there thing that email servers are set-it-and-forget-it[19:18:03] <Dominian> s/thing/think[19:19:15] <jpalmer> or that email servers are something you should attempt without any practical experience/knowledge/background[19:21:05] *** apotheon has joined #postfix[19:21:06] <Dominian> aye[19:22:18] <apotheon> What exactly does Postfix consider a "high" grade cipher?[19:22:37] <Dominian> what?[19:22:38] <apotheon> (other than "not medium or lower")[19:22:57] <Dominian> What are you on about?[19:23:00] *** paparsifal has joined #postfix[19:23:01] <Dominian> Your questionis a bit confusing[19:23:06] <paparsifal> hi[19:23:08] <apotheon> http://www.postfix.org/postconf.5.html#smtpd_tls_mandatory_ciphers isn't very clear on what constitutes a "high" grade cipher.[19:23:09] *** Fallenou has quit IRC[19:23:24] <paparsifal> i have some question to postfix gurus out there[19:23:42] <paparsifal> i need something simple yet difficult to do[19:23:54] <Dominian> apotheon: no idea on that one[19:24:00] <apotheon> hmm[19:24:07] <paparsifal> anyone in here to help me ?[19:24:15] <Dominian> paparsifal: gotta state your issue first[19:24:21] <apotheon> paparsifal: Just ask your question.[19:24:21] <paparsifal> ok[19:24:21] <mwalling> !ask[19:24:22] <knoba> mwalling: "ask" : If you have a question, just ask. Precise questions lead to precise answers. Vague descriptions of your problem will get you nowhere. See also: http://workaround.org/moin/GettingHelpOnIrc[19:24:23] <paparsifal> lets go[19:24:44] <paparsifal> i need to do some mail rewriting[19:25:06] <paparsifal> when mail is from:me at mydomain dot com[19:25:17] <apotheon> Well . . . does anyone know who I should ask about what constitutes a "high" grade cipher in Postfix configuration-speak?[19:25:24] *** Siegfried has joined #postfix[19:25:26] <Dominian> Wietse[19:25:28] <apotheon> Google isn't helping me much with this.[19:25:37] <Dominian> JOin the mailing list and pop the question.[19:25:53] <paparsifal> i want it to be modified with reply-to:otheradress at mydomain dot com bcc:me at mydomain dot com[19:26:02] <apotheon> I take it he's an active participant in the list, then.[19:26:09] <apotheon> Thanks -- I might do that, Dominian .[19:26:10] <Dominian> apotheon: oh yes[19:26:26] <sysmonk> um[19:26:27] <Dominian> paparsifal: Er.. reply-to is usually added by the email client...[19:26:28] <RainDoctor> there is all_bcc[19:26:31] <sysmonk> apotheon: read the docs[19:26:55] <apotheon> sysmonk: I've been reading the docs. See above, where I linked to some docs.[19:27:08] <paparsifal> my email client is .. ahem.. outlook.. :( and can't do what i want[19:27:11] <sysmonk> apotheon: did you read about tls_high_cipherlist ?[19:27:47] <apotheon> Yeah. Apparently the default configuration for tls_high_cipherlist just excludes the lesser cipher grades.[19:28:03] <apotheon> Thus, my earlier qualification "other than 'not medium or lower'".[19:28:39] <sysmonk> apotheon: look at tls_medium_cipherlist and tls_low_cipherlist[19:28:49] <paparsifal> and i also whant that if subject contain: *private* no reply-to is added and bcc is to privaterepository at mydomain dot com[19:28:54] <sysmonk> it's not really a static list[19:28:59] <Dominian> !header_check[19:29:00] <knoba> Dominian: Error: "header_check" is not a valid command.[19:29:01] <apotheon> sysmonk: I have.[19:29:01] <Dominian> !header_checks[19:29:02] <knoba> Dominian: "header_checks" : a configuration parameter in the main.cf: Optional lookup tables for content inspection of primary non-MIME message headers, as specified in the header_checks(5) manual page.[19:29:14] <apotheon> sysmonk: Perhaps you should look at them yourself before assuming they answer my question.[19:29:50] <paparsifal> the only way i've found to do that[19:30:03] <paparsifal> is creating a content_filter program[19:30:27] <sysmonk> apotheon: so ...? it doesn't?[19:30:35] <apotheon> Not in any meaningful way.[19:30:35] <paparsifal> like in http://www.postfix.org/FILTER_README.html[19:30:44] <sysmonk> apotheon: let me help you with knowing unix basics[19:30:45] *** eject_ck has quit IRC[19:31:12] <sysmonk> apotheon: the tls_*_cipherlist says ... 'The OpenSSL cipherlist ....' right?[19:31:28] <paparsifal> but i think there should be a easier way... perhaps with amavisd-new ?[19:32:02] <paparsifal> i've asked my question... Can someone help me ? or direct me in the right way ?[19:32:36] <apotheon> According to what Postfix docs say about "high" grade ciphers, they're higher grade than "medium" in some nebulous, undefined way. That's it.[19:32:45] *** rootsvr has quit IRC[19:33:05] <sysmonk> apotheon: you don't get it. it's an OPENSSL cipherlist[19:33:15] <sysmonk> it's not the postfix who defines what's "high" and what's "low"[19:33:28] <sysmonk> now, you got the keywrod - openssl and cipher list[19:33:36] <sysmonk> now, you have openssl on your system? right? right![19:33:59] <sysmonk> let's make a 'apropos cipher' ... and we get ciphers(1)[19:34:06] <sysmonk> do a man 1 ciphers and read it[19:34:54] <sysmonk> if you can't, then let me quote it: http://rafb.net/p/ThZVu065.html[19:35:04] <apotheon> Criminy. Am I the only one that thinks man openssl should have returned some useful results?[19:35:17] <apotheon> This, by the way, isn't "Unix basics". This is "being psychic".[19:35:30] <sysmonk> unix basics for me :)[19:35:34] <apotheon> "Unix basics" would have been "man openssl".[19:36:14] *** PhilKC has joined #Postfix[19:36:49] <vsd> i just set up postfix and i can send email to myself and the outside. but i cannot receive if they send me mail at user1@ip[19:36:53] <vsd> why?[19:37:16] <seekwill> What does it say?[19:37:53] <vsd> seekwill, it doesnt say anything[19:38:00] *** carl- has joined #postfix[19:38:03] <apotheon> . . . or even "man postfix".[19:38:14] <seekwill> Are those external MTAs able to connect? Are messages being rejected by some policy?[19:38:17] <vsd> the other person just receives it back[19:38:25] <seekwill> With what error?[19:38:37] <vsd> PERM_FAILURE: Gmail tried to deliver your message, but it was rejected by the recipient domain.[19:38:42] <sysmonk> apotheon: postfix manual actually says it's an openssl cipher list, not postfix-cipher-list, but openssl[19:38:50] <apotheon> The output of `apropos cipher` is a glut of information that's difficult to parse, too.[19:38:51] <vsd> The error that the other server returned was: 501 501 5.1.3 Bad recipient address syntax.[19:38:57] <seekwill> vsd: So there is your why...[19:39:07] <apotheon> sysmonk: That's why I tried `man openssl` (and didn't get useful information).[19:39:14] <vsd> 501 501 5.1.3?[19:39:29] <vsd> seekwill, i still don't understand. what does it mean?[19:39:57] *** hparker has joined #postfix[19:40:07] <apotheon> Even `apropos openssl` doesn't help.[19:40:59] <paparsifal> vsd: i don't think you can't send an email to user@ip. Try user@[ip][19:41:04] <apotheon> The "see also" in `man openssl` doesn't mention ciphers(1), either.[19:41:11] <apotheon> Like I said, psychic.[19:41:26] <sysmonk> apotheon: that ain't postfix problem :P[19:41:32] *** McJerry has joined #postfix[19:41:38] *** MalMen has quit IRC[19:41:40] <sysmonk> but you can always whine in #openssl or whatever :)[19:41:43] <seekwill> vsd: Use telnet to connect to your server and manually send an smtp message[19:42:08] <apotheon> sysmonk: I didn't say it was a Postfix problem.[19:42:16] <sysmonk> then stop whining :P[19:42:29] <apotheon> You, apparently, have a problem with assuming something is easy to find just because you already fucking know where it is, though.[19:42:45] <vsd> paparsifal, you mean user at [212 dot x.x.x] ?[19:42:48] <seekwill> vsd: I believe per RFC, an E-mail domain cannot be an IP. I think the bounce was created by gmail, not your server[19:42:50] <vsd> with the brackets?[19:43:06] <paparsifal> try with bracket[19:43:17] <paparsifal> but i don't think it will work either[19:43:20] <sysmonk> apotheon: i've just found it for you myself. never looked at it[19:43:26] <vsd> seekwill, i dont have a domain as in example.com[19:43:34] <apotheon> sysmonk: KMA[19:43:34] <paparsifal> i think it only work in local network[19:43:37] *** Filbert has quit IRC[19:43:40] <sysmonk> all i know about openssl is how to generate a certificate, and openssl s_client :)[19:43:41] <vsd> can i send to me email from the outside?[19:43:43] <seekwill> vsd: Then why are you setting up a mail server? :)[19:43:46] <apotheon> You have an attitude problem.[19:43:56] <apotheon> Great you pointed me at the right manpage. Not so great you have an attitude problem.[19:43:57] <sysmonk> ...[19:44:06] <seekwill> So we're trying to help vsd with a postfix problem...[19:44:07] <sysmonk> nevermind, forget it[19:44:16] *** apotheon has left #postfix[19:44:35] <seekwill> vsd: Get a free domain name from like dyndns.org or something[19:44:44] <vsd> seekwill, im going to put it on a domain. im testing it first[19:44:53] <paparsifal> vsd: mail sender need to find MX dns for your domain, with an ip address it can't...[19:45:15] <seekwill> vsd: Put it on a fake domain name, put it on some domain. Domain names are a big part of email[19:45:58] <vsd> like have postfix believe im purpleninja.org and send there?[19:46:04] <seekwill> no[19:46:17] <seekwill> Not fake... I meant "temporary"[19:46:24] <seekwill> Sorry, my mistake[19:46:33] <vsd> seekwill, you mean with dyndns?[19:46:37] <seekwill> Yeah[19:46:53] *** tyrok has joined #postfix[19:47:15] <paparsifal> So, ... nobody can help me...[19:47:30] <paparsifal> i'll try to find by myself[19:47:40] *** oxtail has quit IRC[19:47:46] <paparsifal> let's write a perl filter :)[19:48:00] <paparsifal> i love perl anyway[19:48:52] <paparsifal> c u[19:48:58] *** paparsifal has quit IRC[19:49:35] *** growltiger_ has quit IRC[19:49:43] <seekwill> vsd: Or you can try telneting into your box on the external IP and send a message through manually[19:50:06] <vsd> seekwill, i will try that. thank you very much[19:50:13] *** Filbert has joined #postfix[19:50:13] <seekwill> no prob[19:50:21] <tyrok> Hi! I've got a user trying to use Outlook to connect to our server for sending, and it looks like they're feeding us a totally bogus EHLO string, which is causing Postfix to reject their mail. They're authenticating properly (at least for receiving) using SASL, and I added their IP to mynetworks, but they're still being rejected. What's the best way to fix this problem so they can send?[19:51:25] <vsd> seekwill, hm ...how do i do that?[19:51:31] <vsd> i remember smth with HELO[19:51:35] <seekwill> heh[19:51:50] <tyrok> (I checked the EHLO using a packet capture - it came in as EHLO user********* - hex characters masked)[19:51:51] <seekwill> vsd: You should read a few RFCs :)[19:53:25] <seekwill> vsd: http://pastebin.com/m5d376f81 < the blank line on 7 is important[19:53:35] <seekwill> Those are all the commands you type... you'll get reponses.[19:53:57] <vsd> seekwill, thank you[19:54:06] <seekwill> vsd: for user1 at domain dot com, use a real address your postfix should really be accepting mail from[19:56:42] *** albanach has quit IRC[19:56:42] <vsd> seekwill, omg it sent it :)[19:56:57] <vsd> seekwill, but can't this be used from spammers?[19:57:08] <vsd> is this open relay?[19:58:48] *** stefan-f has quit IRC[19:59:56] *** harobed has quit IRC[20:00:05] <seekwill> vsd: Depends on what your policy is set to. If I can connect to your server, and send messages to gmail, then yeah, that's considered open.[20:00:08] <seekwill> What's your IP :)[20:00:33] <vsd> seekwill, huh?[20:01:16] <vsd> ah im not ready yet to give it to the public[20:01:32] <vsd> seekwill, it's default. does default conf allow this?[20:01:47] <seekwill> vsd: I don't know[20:01:52] <seekwill> You can PM it to me[20:02:03] <seekwill> (I don't use postfix, hehe)[20:02:32] <seekwill> vsd: Connect from an "outside" IP address that is not allowed to relay, and see if it can[20:02:36] <Dominian> default configuration of postfix will not relay[20:03:40] <seekwill> vsd: You can always google for an open relay test[20:03:57] <seekwill> Dominian: I'm not exactly sure he knows what open relay means.....[20:04:05] <vsd> aah it says relay address denied[20:04:11] <seekwill> Sounds good[20:04:37] <vsd> seekwill, what do you use?[20:04:54] <seekwill> vsd: I use a commercial MTA[20:05:24] <vsd> hm why? isnt postfix good enough?[20:05:27] <seekwill> :)[20:05:42] <vsd> so it can only send to the host itself?[20:05:46] <seekwill> Because I work for the company....[20:05:54] <vsd> haha:D[20:06:04] <vsd> i see[20:08:33] *** tyrok_ has joined #postfix[20:08:50] *** vsd has quit IRC[20:08:56] <tyrok_> Darn - lost my connection.[20:09:03] <tyrok_> Anyone know how to change the HELO settings in Outlook 2003?[20:10:24] <Dominian> huh[20:11:32] <tyrok_> Oh, sorry. Wrong channel.[20:12:56] *** SmallFurryThingI has joined #postfix[20:14:16] *** SmallFurryThingI is now known as growltiger_[20:14:43] *** Fallenou has joined #postfix[20:19:06] <tyrok_> How do I get Postfix to ignore the EHLO string for a certain IP address?[20:20:26] <growltiger_> !check_helo_access[20:20:27] <knoba> growltiger_: Error: "check_helo_access" is not a valid command.[20:21:55] *** stefan-f has joined #postfix[20:22:12] <growltiger_> !check_helo_access[20:22:13] <tyrok_> growltiger_: Ah, thanks.[20:22:13] <knoba> growltiger_: Error: "check_helo_access" is not a valid command.[20:22:23] <growltiger_> it IS TOO a valid command[20:22:26] <growltiger_> bastard[20:22:31] *** hemry has joined #postfix[20:23:03] <tyrok_> !smtpd_require_helo[20:23:04] <knoba> tyrok_: Error: "smtpd_require_helo" is not a valid command.[20:23:15] <tyrok_> growltiger_: Thought I'd try it. :)[20:25:00] <tyrok_> growltiger_: OK, it looks like it's off, but this system is still rejecting this Outlook client that's sending the bogus EHLO. smtpd_helo_required = no and smtpd_helo_restrictions is empty. Any other ideas?[20:25:07] *** suuuper has quit IRC[20:26:16] *** tyrok has quit IRC[20:26:45] *** [diablo] has quit IRC[20:26:57] <tyrok_> I suppose I should post what's showing up in the logs for reference:[20:27:00] <tyrok_> postfix/smtpd[*****]: warning: ***.***.***.**: hostname ************* verification failed: Name or service not known[20:27:23] <tyrok_> ...where the stars are either a PID, IP address, or hostname.[20:27:44] <seekwill> Don't like to share anything... sheesh![20:28:32] <tyrok_> seekwill: It's either a customer's address information, or the PID changes, so I figured I'd just star it out.[20:29:14] <seekwill> ok[20:29:25] <Blinny> How can I make postfix pass only the username to my spam filter (using lmtp) instead of the full username at domain dot tld ?[20:29:30] <tyrok_> The hostname doesn't resolve to any IP at all, and it's completely different than the EHLO string I'm getting in the packet capture. So at this point, I'm pretty much baffled.[20:30:09] <tyrok_> Even random guesses would be appreciated. :)[20:30:47] *** RainDoctor has quit IRC[20:30:50] <Dominian> Blinny: http://spike.porcupine.org/test/html/LMTP_README.html[20:31:13] <Dominian> tyrok_: What HELO.. the server HELO or the HELO the client is sending?[20:31:31] <tyrok_> Dominian: The one the client is sending.[20:33:50] <tyrok_> Dominian: It's coming in as EHLO user**********, where the stars are hex digits[20:36:45] <tyrok_> The account successfully authenticates - even in the packet capture, the server sends back a 235 Authentication successful code. Communication continues as normal, but the above message is logged to /var/log/maillog and the message is not sent.[20:36:48] <growltiger_> that is not a correct helo[20:37:06] <growltiger_> it should be a fqdn[20:37:09] <tyrok_> growltiger_: Not by any means.[20:38:26] <tyrok_> But I can't figure out where the settings are in Outlook, and even if I did, this guy is not exactly the most computer-literate guy, and knowing him, even changing the setting may not work. So I thought maybe there'd be a way to get Postfix to just accept it if it comes from that IP address or they successfully authenticate.[20:39:25] <seekwill> Are you sure the problem is with the EHLO string?[20:40:09] <tyrok_> That's the conclusion that was reached here yesterday based on the errors, but if you have any other ideas for places to look, I'm game.[20:40:37] <seekwill> Tried a different client?[20:40:51] *** webtech_m33 has left #postfix[20:41:15] <tyrok_> seekwill: On the same computer, no. On a different computer, yes.[20:41:32] *** Roobarb has quit IRC[20:42:01] <tyrok_> One other note I should add - he's receiving mail fine.[20:42:18] <seekwill> If the other computer was one the same network, I think it'll be a safe assumption that it will work...[20:43:28] <tyrok_> seekwill: On the same network with multiple other accounts set up the same way worked. On a different network with the same account worked.[20:44:08] <seekwill> No idea. I don't know postfix well enough to help. sorry[20:44:20] <tyrok_> seekwill: Let me clarify - on the same network, they *should* have been set up the same way, but the setup was over the phone, and that may not be entirely correct.[20:44:42] <Dominian> er hrm..[20:44:48] <Dominian> tyrok_: are you doing SMTP-AUTH by chance?[20:44:50] <tyrok_> seekwill: Well, thanks for trying.[20:45:19] <Dominian> Or is it it trying to do something like cram-md5?[20:45:52] <tyrok_> Dominian: It's using the LOGIN scheme for this client (as seen in the packet capture), but I know there are other auth schemes available.[20:46:01] *** UQlev has quit IRC[20:46:04] <Dominian> ah ok[20:46:49] <tyrok_> Dominian: And after authentication takes place, Postfix is sending back a 235 Authentication successful.[20:48:05] <Dominian> interesting[20:48:08] <Dominian> its eems to be bitching about rDNS[20:48:30] <Dominian> when I say smtp-auth are you using the submission port for clients to auth through to skip some of those checks?[20:49:15] <tyrok_> Dominian: No, it's all over port 25, but the submission port is set up as an alternate port.[20:49:37] <Dominian> I'd have the same client do the smtp-auth through 587 and see if the behavior changes[20:50:02] <tyrok_> Dominian: You think the ISP is interfering?[20:50:16] <Dominian> I dunno[20:50:26] <Dominian> I thought this was your server.. from what I can tell the client is trying to send an email directly through your server..[20:50:32] <Dominian> what's the IP address of the sender?[20:51:43] <tyrok_> Dominian: Worth a shot. I'll give them a call. As for the IP, I can't communicate that over a public forum like this. But let me give them a call and see if that works.[20:54:05] *** amrit is now known as amrit|wrk[20:55:41] *** Blinny has quit IRC[20:56:16] *** Siegfried has quit IRC[20:56:45] *** madrescher has joined #postfix[21:01:48] <tyrok_> Dominian: Same issue on 587[21:02:13] <Dominian> I'd have to see the error logs ...[21:05:44] <tyrok_> Dominian: Just a sec. Boy, I wish there was a good way to take out the address information easily on these things...[21:08:53] <tyrok_> Dominian: OK, here's a chunk of the logs: http://pastebin.com/d121dd1b1[21:09:51] <tyrok_> Dominian: It's pretty much that same group of messages every time they try to send.[21:10:31] <tyrok_> Dominian: I mean, the PID's are different, and the times are different, and I'm sure the message ID's are different, but the IP's and hostnames are the same every time.[21:11:54] <tyrok_> Dominian: I tried adding the IP to mynetworks to no avail. There are plenty of other people accessing this server with Outlook, so I know it works with it. Even accounts in the same domain name work just fine with Outlook. What else could I look for?[21:15:34] <tyrok_> Dominian: The configuration for this (looking back, it looks like I didn't make that clear enough) is that this server is the outgoing mail server for their domain. The customer is on a different (outside) network, and is supposed to be able to send e-mail through this server for mailboxes that are set up @ their domain. The company that owns the server is not the same as their ISP.[21:16:28] *** hemry has quit IRC[21:16:46] *** hemry has joined #postfix[21:20:29] <Dominian> tyrok_: give me a minute..[21:20:34] <Dominian> tyrok_: got busy suddenly[21:20:54] <Dominian> tyrok_: that's a DNS lookup issue[21:20:59] <tyrok_> Dominian: np[21:21:47] <Dominian> Its trying to do a rDNS on the IP and not finding anything.. so postfix kills it[21:22:19] <Dominian> do you have something like this in main.cf: reject_non_fqdn_hostname[21:22:42] <Dominian> or reject_non_fqdn_sender or reject_non_fqdn_recipient[21:23:34] <tyrok_> Dominian: postconf | grep fqdn returned non_fqdn_reject_code = 504, but nothing else, so I'd say no. Unless it's a default I'm not aware of.[21:29:18] <tyrok_> Hmmm, it looks like the server's got an old version of Postfix - 2.4.5. Let's see if updating it helps...may take me a minute...[21:30:06] * tyrok_ notes that there are some recent DNS-related fixes in the Postfix changelog...[21:30:09] *** hark has joined #postfix[21:31:49] * tyrok_ also notes that there were some patches applied on the installed version of Postfix, and adjusts the expected installation timeframe accordingly... :)[21:32:08] *** CrazyFoam has joined #postfix[21:35:05] <Dominian> heh[21:35:15] <Dominian> Other than that.. not sure what would cause it..[21:37:25] *** pirho has joined #postfix[21:37:53] <tyrok_> Dominian: In that case, I sure hope updating works![21:38:06] * tyrok_ groans in agony on the discovery of the limited documentation on the subject of the patching and compilation of the current installed verion. :)[21:38:53] <Dominian> hehe[21:40:35] * tyrok_ begins twitching and laughing in a strange, unearthly way. Clearly, something is wrong.[21:41:20] *** Zblakany has joined #postfix[21:51:18] *** CrazyFoam is now known as CrazyFoam_[21:52:09] *** carl- has quit IRC[21:52:43] *** CrazyFoam_ is now known as CrazyFoam[21:59:05] *** lunaphyte__ has joined #postfix[21:59:28] *** Zardinuk has joined #postfix[22:00:20] *** lunaphyte_ has quit IRC[22:00:26] <Zardinuk> I can add my ip address to relay hosts and send email, but my ISP has been changing my ip more often lately and I eed to enable SMTP authentication, I've turned on smtpd_sasl_auth_enable but I still can't send mail, anybody know the trick to get this working?[22:01:52] *** lunaphyte__ is now known as lunaphyte_[22:03:13] <Zardinuk> i just want it to use unix password auth[22:03:34] *** pirho has quit IRC[22:06:55] *** KrazyKat has joined #postfix[22:07:36] <KrazyKat> How can I get a header_checks file to apply to a particular virtual domain?[22:09:34] <rob0> !sasl[22:09:35] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[22:10:07] <rob0> Regardless of the ultimate auth backend, there has to be a SASL middleman.[22:11:45] <rob0> K, not possible unless you run separate instances for each domain that needs its own header_checks file. What is the actual problem you want to solve?[22:13:11] <Zardinuk> When I tested my server with telnet, after issueing the AUTH command, I got 503 5.5.1 Error: authentication not enabled[22:13:18] <KrazyKat> A virtual domain I'm hosting is getting a ton of mailer-daemon, etc., bounceback[22:13:29] <KrazyKat> Somebody's spamming a ton with her e-mail address[22:13:31] <Zardinuk> I have smtp_sasl_auth_enable = yes[22:13:42] <Zardinuk> is there a way to see if SASL has been compiled in?[22:13:56] <KrazyKat> I'd like to block bounces through header_checks, but just for her domain[22:14:31] <KrazyKat> If she got her mail on my server, i could do it with procmail, but it just forwards to her university e-mail account[22:15:21] <KrazyKat> Is there a different way I can block bounces for her domain?[22:16:01] *** havvg has quit IRC[22:19:12] *** pirho has joined #postfix[22:19:20] <rob0> KK, that's a good question. I'm not sure what the best answer would be. Can you design the header_checks such that it won't affect other mail?[22:19:59] <KrazyKat> Hmm[22:20:10] <KrazyKat> Can you do conditionals in header_checks?[22:20:21] <KrazyKat> If not, I don't see how[22:20:42] <googlah> can somebody tell me why I get: http://pastey.net/87404[22:21:17] <googlah> trying to send from gmail to one of my domains on my server.[22:22:13] <rob0> KK, conditionals in header_checks only apply to the contents of any single header.[22:22:54] <Signum> googlah: what's in your log about this delivery attempt?[22:23:39] *** felix_da_catz has quit IRC[22:26:15] <KrazyKat> Well... I'm not sure what I can do, then[22:26:24] <Zardinuk> when I telnet into the postfix smtpd daemon, I don't get a 250-AUTH[22:27:06] <Zardinuk> even thugh I've set auth enabled[22:27:23] <KrazyKat> Unless it's something ugly like pipe everything through procmail and send it out again[22:27:29] <Signum> Zardinuk: try "helo foobar"[22:27:34] <KrazyKat> Oh well[22:27:43] <Zardinuk> I tried EHLO example.com[22:27:44] <Signum> Zardinuk: or rather "ehlo foobar"[22:27:48] <Zardinuk> as per the howto[22:28:01] <KrazyKat> It'd be nice if there was a way to do per-virtual header_checks[22:28:21] <Signum> Zardinuk: smtp_sasl_auth_enable is for outgoing connections. smtpd_sasl_auth_enable is for incoming connections.[22:28:27] <Signum> Zardinuk: smtp versus smtpD[22:29:14] <Zardinuk> ah wierd... I edited master.conf and uncommented the -o smtpd_sasl_auth_enable and now it is showing the AUTH[22:29:15] <googlah> Signum: Nothing in my local logs. Only gmail gives me this. :/[22:29:29] <Signum> googlah: sounds like wherever the email went... it wasn't sent to your email server.[22:29:38] <Signum> googlah: are the MX records correct?[22:29:47] <Zardinuk> Ahhhh, Signum you got it[22:29:52] <Zardinuk> I had smtp_ instead of smtpd_[22:29:56] <Signum> Zardinuk: :[22:29:57] <Signum> Zardinuk: :)[22:30:12] <googlah> It works from the server to gmail. but not gmail and back. for this domain only. it works for everyone else. :\[22:30:33] <Signum> googlah: recent changes of the MX entry?[22:30:49] <Signum> googlah: which domain?[22:30:52] *** saurabhb has quit IRC[22:30:59] <googlah> Never set MX-records for my domains, it works anyway. is that strange? :)[22:31:06] <Signum> googlah: not if you have A records in place[22:32:20] <googlah> Of course A-record is set. 27mhz.se, psy.sh.nu does work back and fourth. But not movie-forumz.org. They all is set up the same.[22:32:43] <googlah> I think my ISP has done something. :)[22:33:07] <Signum> googlah: well, you have to MX records for that domain apparent. prio 0 (high): smtp.secureserver.net. and prio 10 (lower): mailstore1.secureserver.net.[22:33:10] <rob0> The pastebin suggests that movie-forumz.org. 3600 IN A 213.112.42.28[22:33:15] <rob0> oops[22:33:29] <rob0> The pastebin suggests that something's not working right[22:33:53] <googlah> For movie-forumz.org especially?[22:34:09] <Signum> googlah: try "dig mx movie-forumz.org"[22:34:23] <googlah> The other seems ok? I haven't set up movie-forumz.org myself.[22:34:29] <Signum> googlah: if there are MX records they have precedence over A records[22:34:45] <googlah> Aaah. so he might have faulty MX-records set.[22:35:09] <Signum> googlah: and neither 27mhz.se nor psy.sh.nu have an A or MX record[22:35:41] <googlah> Signum: dig: command not found. Hmm.[22:36:19] <Signum> googlah: time to install it. :) but any other client (e.g. nslookup) will show you[22:36:36] <googlah> What package provides dig? :) Debian.[22:36:47] <Signum> dig itself[22:37:00] <Signum> ah, no[22:37:14] <googlah> Nope. :)[22:37:26] *** UQlev has joined #postfix[22:37:36] <Signum> dnsutils[22:37:50] <googlah> Either way, 27mhz.se and psy.sh.nu does work.. but not this MF.[22:38:09] <googlah> they all are listed on mydomains =.[22:38:15] *** inimino has left #postfix[22:38:18] <Signum> strange... now I get ansewrs for the other two domains.[22:38:32] <Signum> I must have been looking for mx records only[22:38:33] <rob0> sounds like inconsistent NS hosts[22:38:52] <Signum> googlah: But your movie-kidporn-warez.org domain has MX servers set indeed.[22:39:59] <googlah> Yeah, I see that. probably if i remove them.. it will work.[22:41:30] <rob0> movie-kidporn-warez.org. ? Nice name, but NXDOMAIN here.[22:42:38] <googlah> Heh, yeah. so it's the MX-records set which makes it to not work?[22:43:32] <Signum> googlah: Your job to know that. Check that the MX records are what you want.[22:44:11] <googlah> I can't, because it's not my domain.. but I'll ask the owner[22:44:33] <Dominian> wtf[22:44:37] <Dominian> what kind of fucked up domain name is that?[22:45:00] * Signum 's rumors work :)[22:45:55] <googlah> yeah.[22:45:58] <googlah> :)[23:01:53] *** ramoni has quit IRC[23:03:04] *** Draecos has quit IRC[23:03:58] <seekwill> Hmm.. I don't have a postfix install handy atm. All the config files are owned by postfix, right? That way, one could make a "mail administrtor" user that doesn't have complete root of the system, right?[23:10:06] *** felix_da_catz has joined #postfix[23:12:52] <googlah> seekwill: In my system it's owned by root.[23:19:41] *** jellis-real has quit IRC[23:28:52] *** j_s has quit IRC[23:30:16] *** AgraWork has joined #PostFix[23:34:18] *** UQlev has quit IRC[23:41:57] *** Stijn has joined #postfix[23:43:37] <Stijn> Heya, I've got my complete setup running, except for one thing, I want to be able to acces my SMTP server from the outside, so I can use it as the SMTP server at home.. I already setup SASL (SMTP-AUTH), and I can do a telnet mail.mydomain.tld 993 (SSL), but not a 25... But when I enter this SMTP server @ my mail client, it just doesn't work, and I don't get much in the logs, any suggestions for my next step? :p[23:49:43] <seekwill> Usually your client will tell you what's wrong[23:51:01] *** manlymatt83 has quit IRC[23:52:17] <sysmonk> Stijn: 993 is imaps[23:52:33] <sysmonk> smtps is 465, submission is 587[23:52:50] <sysmonk> you'd want one of those, not 993(imaps) or 995 (pop3s)[23:54:11] <Stijn> And do I want smtps or submission ? (so I can disable one of them in master.cf)[23:54:20] <Stijn> Cause both of them are enabled right nog[23:54:44] *** manlymatt83 has joined #postfix[23:56:34] <sysmonk> how can i know what YOU want? :)[23:57:09] <sysmonk> they both give ya same functionality, but mostly 587 is plain ( or starttls ) and 465 is ssl