[00:01:03] *** Mony has joined #postfix
[00:01:06] <Stijn> okay, I'm getting further here :p
[00:01:07] <Stijn> May  7 21:58:22 bandwurst postfix/smtpd[32583]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
[00:01:30] <Stijn> apparently I didn't configure sasl correctly
[00:03:15] <tyrok_> Dominian: Finally got that patched Postfix updated.  But wouldn't you know it, the people who are having problems have already left the office.  So now I still won't know if it works 'til at least tomorrow.  Grrr...
[00:03:51] <tyrok_> Stijn: Apparently not.  :)
[00:04:08] *** Mony has quit IRC
[00:04:25] <googlah> is their a easy way to make Postfix listen on SSL 465? :p
[00:04:50] <tyrok_> googlah: Give it an extra ear?  :)
[00:05:19] * googlah adds a microphone on the case
[00:05:58] * tyrok_ adds amplifier, as port 465 has a pretty low volume level
[00:06:01] *** hemry has quit IRC
[00:08:51] <googlah> lol, but is it?
[00:09:13] <googlah> TLS is fine.
[00:10:00] *** felix_da_catz has quit IRC
[00:10:28] <tyrok_> googlah: Have no idea.  I have never personally set that up.
[00:11:55] *** tyrok_ has quit IRC
[00:19:15] *** Zblakany has quit IRC
[00:35:32] *** pitakill_ has joined #postfix
[00:43:41] *** Thalia4u_hy_wm_x has quit IRC
[00:57:04] *** seekwill has quit IRC
[01:11:06] *** sysmonk has quit IRC
[01:17:59] *** Filbert has quit IRC
[01:20:38] *** sysmonk has joined #postfix
[01:22:54] *** Mavvie_ is now known as Mavvie
[01:34:17] *** flami has joined #postfix
[01:35:42] *** AcTiVaTe has joined #postfix
[01:44:23] *** flami has quit IRC
[01:48:37] *** dballester has joined #postfix
[01:54:28] *** fl4mi has joined #postfix
[01:55:44] *** Filbert has joined #postfix
[01:59:02] *** Fallenou has quit IRC
[02:03:07] *** war9407 has quit IRC
[02:06:23] *** KrazyKat has quit IRC
[02:26:08] *** Zeit|awy_ is now known as Zeit|awy
[02:26:18] *** dballester has quit IRC
[02:31:39] *** githogori has quit IRC
[02:39:04] *** pitakill_ has quit IRC
[02:42:00] <shasta> !basic
[02:42:01] <knoba> shasta: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[02:52:25] *** ming_zym has joined #postfix
[02:55:27] *** DukGalNamu has quit IRC
[03:05:03] *** CrazyFoam has quit IRC
[03:08:19] *** felix_da_catz has joined #postfix
[03:15:32] *** sysmonk has quit IRC
[03:15:32] *** rio has quit IRC
[03:15:32] *** jelly has quit IRC
[03:15:33] *** AcTiVaTe has quit IRC
[03:15:34] *** lysander has quit IRC
[03:15:34] *** stony_ has quit IRC
[03:15:35] *** F|oFF has quit IRC
[03:15:35] *** rizi has quit IRC
[03:15:35] *** mXr has quit IRC
[03:15:36] *** LMJ has quit IRC
[03:15:36] *** echinos has quit IRC
[03:15:37] *** madclicker has quit IRC
[03:15:37] *** kiliko has quit IRC
[03:15:37] *** ikaro has quit IRC
[03:15:39] *** manlymatt83 has quit IRC
[03:15:40] *** Knoedel2 has quit IRC
[03:15:40] *** Stijn has quit IRC
[03:15:41] *** dhg has quit IRC
[03:15:41] *** mathez has quit IRC
[03:16:17] *** AcTiVaTe has joined #postfix
[03:16:17] *** sysmonk has joined #postfix
[03:16:17] *** manlymatt83 has joined #postfix
[03:16:17] *** Stijn has joined #postfix
[03:16:17] *** Knoedel2 has joined #postfix
[03:16:17] *** lysander has joined #postfix
[03:16:17] *** stony_ has joined #postfix
[03:16:17] *** ikaro has joined #postfix
[03:16:17] *** F|oFF has joined #postfix
[03:16:17] *** mXr has joined #postfix
[03:16:17] *** rizi has joined #postfix
[03:16:18] *** echinos has joined #postfix
[03:16:18] *** madclicker has joined #postfix
[03:16:18] *** LMJ has joined #postfix
[03:16:19] *** kiliko has joined #postfix
[03:16:19] *** rio has joined #postfix
[03:16:19] *** jelly has joined #postfix
[03:16:19] *** dhg has joined #postfix
[03:16:19] *** mathez has joined #postfix
[03:20:43] *** Tachy has quit IRC
[03:21:49] *** martianixor has joined #postfix
[03:29:18] *** madrescher has quit IRC
[03:29:53] *** INternat has quit IRC
[03:30:00] *** xpoint has quit IRC
[03:31:43] *** danbeck has joined #postfix
[03:33:17] *** danbeck has quit IRC
[03:35:10] *** Darkclaw has joined #postfix
[03:35:29] <Darkclaw> does mailbox_size_limit really enforcable if a virtual mail dir is being utilized?
[03:40:02] *** xpoint has joined #postfix
[03:46:10] *** xpoint has quit IRC
[03:48:53] *** xpoint has joined #postfix
[03:52:43] *** felix_da_catz has quit IRC
[04:00:28] *** hparker has quit IRC
[04:05:37] <growltiger_> i dont think so
[04:05:43] <growltiger_> !mailbox_size_limit
[04:05:43] <knoba> growltiger_: "mailbox_size_limit" : a configuration parameter in the main.cf: The maximal size of any local(8) individual mailbox or maildir file. In fact, this limits the size of any file that is written to upon local delivery, including files written by external commands that are executed by the local(8) delivery agent.
[04:09:54] *** Motoko-chan has joined #postfix
[04:10:03] *** keffer has quit IRC
[04:18:09] *** TheBonsai has quit IRC
[04:21:25] *** TheBonsai has joined #postfix
[04:29:25] *** seekwill has joined #postfix
[04:29:36] *** INternat has joined #postfix
[04:29:39] *** pirho has quit IRC
[04:29:40] *** githogori_ has joined #postfix
[04:32:49] *** hal1on has quit IRC
[04:33:29] *** hal1on has joined #postfix
[04:35:04] *** jalexand has joined #postfix
[04:35:49] *** adaptr_ has quit IRC
[04:35:54] <jalexand> Ok so I've googled all over and I'm just stupid.   Why when I send mail from my local machine is it assuming the name of com.com
[04:35:57] *** adaptr has joined #postfix
[04:36:03] <jalexand> that is when I send from the mail command via a shell
[04:42:09] *** puff has joined #postfix
[04:42:21] <Darkclaw> what syntax are you usinig
[04:42:36] <jalexand> I figured it out
[04:42:50] <jalexand> somehow I deleted $mydomain
[04:42:55] <Darkclaw> figured it was something like that
[04:43:04] <jalexand> I know I changed it
[04:43:13] <jalexand> I must have hit some magical vi key commands
[04:44:32] <jalexand> now I can get back to trying to SMTP-Auth working
[04:49:01] *** Zeit|awy_ has joined #postfix
[04:56:12] *** Zeit|awy has quit IRC
[05:05:39] *** lkthomas_ is now known as lkthomas
[05:16:30] *** amrit|wrk is now known as amrit|bbl
[05:17:01] <puff> Recently I've seen a spike in the number of false bounce messages - other sites being sent spam with a fake return address at my site.
[05:17:38] *** martianixor has quit IRC
[05:18:01] <mjoseph> !myorigin
[05:18:02] <knoba> mjoseph: "myorigin" : a configuration parameter in the main.cf: The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default $myhostname, which is fine for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) set up a domain-wide alias database that aliases each user to user at that dot users.mailhost.
[05:19:43] <puff> Now I'm even seeing false bounces that say "your IP address has been blacklisted", but, again, it's clear the return path is fake.  The From: line says my site, sometimes even the last Received: line, but it's pretty blatant that the next Received line is a bare IP address, or a comcast IP address.
[05:20:30] <puff> So, a) while I'm pretty sure this is all bogus and nothing I can do will affect it, I'm looking for some outside confirmation - are other people seeing similar spikes in activity?
[05:20:47] <puff> and b) how do I ensure that *I* am not sending similar false bounces back to people?
[05:21:45] <puff> I'm running debian, postfix (currently for a single domain, though I host a handful of websites for other domains and I've considered adding mail support), spamassassin, pyzor, amavis.
[05:24:05] <Motoko-chan> SA has a VBounces plugin
[05:24:07] <Motoko-chan> Read up on it
[05:26:05] <mjoseph> !backscatter
[05:26:05] <knoba> mjoseph: "backscatter" : http://www.postfix.org/BACKSCATTER_README.html
[05:26:09] <mjoseph> puff: ^^^
[05:26:40] *** Bogaurd_ has joined #postfix
[05:29:22] <puff> Thanks.
[05:29:58] <seekwill> Hmm.. I don't understand backscatter. Wouldn't the MTA that was sending the backscatter check for a valid rcptto before accepting the message?
[05:30:23] <seekwill> Or are the open relays the ones sending the backscatter?
[05:36:05] *** kk_CHN has joined #postfix
[05:36:39] *** bhagat has joined #postfix
[05:37:04] *** Zardinuk has quit IRC
[05:38:34] *** jalexand has quit IRC
[05:44:32] *** martianixor has joined #postfix
[05:45:02] *** Bogaurd has quit IRC
[05:46:37] *** padde has joined #postfix
[05:46:50] <padde> hi
[05:47:02] <googlah> hi
[05:49:29] *** LMJ has quit IRC
[05:49:46] <padde> i'm getting 'status=bounced (mail forwarding loop...' when I try to send mail to myself. i think because of the canonical map, but i'm not sure how to resolve that
[05:50:17] *** LMJ has joined #postfix
[05:52:13] <puff> padde: 'fraid I don't know.
[05:52:39] <padde> the system works as follows: the server is responsible for one city office of a larger organisation. all mail addresses get mail @company.net address, so I set up a canonical map that looks up the recipient address in the LDAP directory and appends @city.company.net to the left part if found in the directory. that should work, shouldn't it?
[05:53:09] *** Knoedel2 has quit IRC
[05:53:18] <padde> (the LDAP directory only contains local users)
[05:53:33] <puff> seekwill: A valid RCPT TO on the local address?
[05:54:21] <puff> knoba: Thanks, but is there a similar document on how to make sure *I* am not adding to the backscatter problem?
[05:54:51] <puff> seekwill: Are you saying the bouncing MTA shouldn't have to bounce because it should just drop the connection when RCPT TO is invalid?
[05:55:22] <puff> seekwill: The answer is, there are tons and tons of MTAs on the 'net, there is STILL way too much confusion on the net about what the "right" way is to do things.
[05:56:50] <puff> seekwill: And finally, not all backscatter is because of invalid RCPT TOs, some of it is from valid RCPT TOs but bounces for other reasons.
[05:58:40] <puff> Hm, maybe the IETF needs to issue a revised SMTP RFC.
[06:00:03] <seekwill> puff: When the RCPT TO is invalid, it should return a 5xx error, an inbound bounce. That wouldn't cause backscatter unless the backscatter/bounce message is coming from an open relay
[06:01:40] <puff> seekwill: Yes, and?
[06:02:18] <seekwill> If the message came from an open relay, why does it need to be "backscatter"? Why not just directly spam the target?
[06:02:37] <puff> seekwill: who said it came from an open relay?
[06:03:20] <seekwill> Do you have a site that better explains how backscatter happens? I can only find how to protect. Not any good overviews of how it happens
[06:03:40] <puff> seekwill: Dunno a site, maybe I can explain.
[06:03:49] <seekwill> ok, I'm listening
[06:04:10] <puff> seekwill: First, much backscatter is caused by MTAs that are acting in ways that a great many MTA admins today (but apparently not all) consider suboptimial.
[06:04:44] <puff> This behavior was not always suboptimal, we got along just fine for decades with it.  Some of this behavior is, in fact, required by RFC.
[06:05:10] <seekwill> You can tell me the details. I know many of them. Just not how they relate to backscatter...
[06:05:40] <puff> accept-then-bounce instead of bounce-during-transmission backscatter is only a portion of the problem.
[06:06:19] <puff> There are other reasons for mailers to bounce messages than an invalid recipient address. Mailbox full, virus detection, spam detection, etc.
[06:06:30] <seekwill> I understand how "accept-then-bounce" can make the backscatter. But it seems like those conditions are so small that it shouldn't be a problem
[06:06:34] <puff> There are arguments as to which are legitimate, or if any are, etc.
[06:06:51] <seekwill> oh wait
[06:07:13] <puff> The light dawns?
[06:07:16] <seekwill> So virus and spam filtering on some MTAs are done after the message has been accepted (given the 250)?
[06:07:21] <puff> Yeh.
[06:07:24] <seekwill> ah, click!
[06:07:34] <seekwill> I'm used to doing all that during the smtp transaction
[06:07:48] <puff> MTAs have been around for decades. Machines have been around for decades.  Admins STILL cannot get unified about what the right way to do it all is.
[06:07:50] <Dominian> I spam/viral filter after accepting.
[06:08:08] <puff> And even if they were, there are gazillions of installed MTAs out there.
[06:08:09] <Dominian> but I also do recipient verification to each domain I host.
[06:08:17] <puff> Some of them untouched for years (decades?)
[06:08:59] <seekwill> ok, I think I get it now. It's the legacy systems, or those MTAs that accept-then-bounce that are causing backscatter.
[06:09:11] <seekwill> (for the most part)
[06:09:33] <puff> Hm, I'm using postfix and spamassassin and pyzor and amavis.  I'm not sure I'm verfying during smtp transaction.
[06:09:40] <puff> Yup.
[06:10:15] <puff> I'm more competent than a lot of people, but I'm primarily a programmer.  Even I have a hard time finding the right way to set it all up.
[06:10:25] <seekwill> What is the reasoning for accept-than-bounce?
[06:10:45] <Dominian> stupidity
[06:10:48] <puff> seekwill:  That it wasn't necessary until relatively recently.
[06:10:49] <seekwill> Have less open connections?
[06:10:57] <seekwill> oh
[06:11:29] <Dominian> Spammers fucked that up.
[06:11:31] <puff> I've been on the internet since 1985... I miss the days when we tarred and feathered spammers and rode them out of town on a rail.
[06:11:49] <seekwill> heh, I've only been in the MTA world for a short time (a little over a year), so all the legacy workings is a bit new
[06:13:59] <puff> Fuck cantor and seigel.
[06:14:30] *** lysander_ has joined #postfix
[06:15:00] <puff> How do I make sure I'm not doing accept-then-bounce?  What setting do I check in /etc/postfix/main.cf?
[06:15:38] *** lysander has quit IRC
[06:20:00] *** timboy has joined #postfix
[06:20:06] <timboy> ok i have a question about what i need to add to my dns server. Here is the scenario: I my server name is link.zelda.com and zelda.com is hosted at site 1. mail for zelda mail.zelda.com is hosted at site 2. and on my server (link.zelda.com) I host mail for secucam.com... secucam.com users can't send mail to zelda.com users... I get this error: to=<timboy at zelda dot com>, relay=none, delay=0.18, delays=0.05/0.01/0.12/0, dsn=5.4.4, status=bounced (Hos
[06:20:06] <timboy> t or domain name not found. Name service error for name=zelda.com type=A: Host not found) however I do have an A record on my system (link.zelda.com) that points to my mail server on site 2... can someone point me in the right direction?
[06:21:38] <seekwill> So where does one find people who need mail hosting?
[06:22:35] <timboy> seekwill, what is webmail interface?
[06:24:01] <seekwill> huh?
[06:26:44] <timboy> seekwill, you were offering to host mail? does it have webmail as well?
[06:30:33] <seekwill> Hmm, it could. What I generally would do is just handle the MTA portions of it, and hand off the mailstore to you/the client to handle. I guess I could handle the mailstore as well.
[06:32:03] <seekwill> timboy: Would you seriously consider outsourcing your mail stuff to me? If so, we probably should talk details in private OM
[06:32:04] <seekwill> PM
[06:32:18] <timboy> just a thought seekwill. now a days most people need webmail as well. I use roundcube as a backup and zimbra as main...
[06:32:37] <timboy> seekwill, i'm starting a new business in about a year but not until then...
[06:36:49] <seekwill> Hm..not sure how zimbra works... But I think it's a mailstore as well. So your zimbra would talk to my MTA and I handle all the outgoing stuff.
[06:37:04] <seekwill> errr... messages to and from the internet, and pass them to you
[06:41:34] *** UQlev has joined #postfix
[06:42:02] <Motoko-chan> Zimbra is a full mail server solution.
[06:42:09] <Motoko-chan> It packages Postfix and a bunch of other tech
[06:43:09] *** tonyyarusso has left #postfix
[06:44:27] *** felix_da_catz has joined #postfix
[07:02:38] *** martianixor has quit IRC
[07:05:39] <padde> i really don't get it... why does this mail forwarding loop error occur? i'm probably doing something completely wrong :(
[07:10:14] <padde> here is the log I get... http://p173.de/gp/index.php?id=766d669c2e
[07:10:20] *** stefan__ has joined #postfix
[07:11:24] *** timboy has left #postfix
[07:12:12] <padde> and this is the canonical mapping: http://p173.de/gp/index.php?id=742c74c0de
[07:13:24] <seekwill> is it really required to hide a 192.168 address?
[07:14:14] <padde> seekwill: probably not, but  while i was searching&replacing... ;)
[07:14:38] <seekwill> Stuff like that can make things a lot harder to troubleshoot
[07:15:37] <padde> seekwill: i didn't think it would be of relevance...
[07:16:42] <padde> I think it has to do with the 'Delivered-to:' header... it seems to be inserted before local transport, and then local transport refuses to deliver it... but as you can see from this sentence, i'm very confused about all that stuff
[07:17:04] *** felix_da_catz has quit IRC
[07:18:37] *** stefan_ has joined #postfix
[07:23:17] <padde> what I don't undestand in the first place: why is the message being forwarded at all? "May  8 13:06:47 mailserver postfix/local[29277]: 57681CA0013: to=<my.user at city dot company.net>, orig_to=<my.user at company dot net>, relay=local, delay=0.05, delays=0.01/0/0/0.04, dsn=2.0.0, status=sent (forwarded as 5903ECA00FC) " - why not delivered directly via the dovecot LDA?
[07:25:59] <padde> that's how it looks like when I send to another user, not to myself: http://p173.de/gp/index.php?id=cb3d574ae5
[07:28:00] *** stefan-f has quit IRC
[07:28:43] <f3ew> padde, virtual_alias_maps has a catchall?
[07:29:19] *** Zblakany has joined #postfix
[07:29:57] <padde> f3ew: no, i don't have that set. but now that you mention aliases... wait a second!
[07:30:11] <padde> awww
[07:30:48] <padde> i have 'my.user:   my.user at company dot net' in /etc/aliases ... that's probably what's causing it
[07:31:02] *** Lap_64 has joined #postfix
[07:31:22] <padde> forgot to take that out...
[07:31:51] <padde> heh, that was it
[07:32:00] <padde> f3ew: thanks a lot :D
[07:33:42] <f3ew> oh yes, local
[07:33:54] <f3ew> Sorry, haven't had morning coffee yet and not enough sleep
[07:35:03] <rob0> That most likely does not solve the real problem which is that your munged domain name (and maybe subdomains too) is being seen in mydestination, whereas you see to expect to send it elsewhere.
[07:35:44] <rob0> The simple solution is to set mydestination as you need it to be.
[07:36:14] <rob0> oh, and unset parent_domain_matches_subdomains maybe
[07:36:15] *** stefan__ has quit IRC
[07:36:22] *** stefan__ has joined #postfix
[07:36:39] <padde> rob0: oh, let me think about that for a while ;)
[07:37:26] *** stefan_ has quit IRC
[07:39:26] <padde> rob0: actually 'company.net' is not in $mydestination - only 'city.company.net' is. that's why I have the canonical map in place (so the mail server actually accepts the mail that's for our users). where is the problem in your opinion? when i send mail to 'not-our-user at company dot net' it will be relayed to the headquarter's mailserver, because it can't be found in the canonical map, and thus the mail server doesn't recognise itself as destination for that
[07:39:35] <padde> address
[07:48:04] <f3ew> oops
[07:48:33] <f3ew> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#some_local # RTFM
[07:48:34] <f3ew> :P
[07:51:26] *** stefan__ has quit IRC
[07:54:57] *** phnord has joined #postfix
[08:02:33] *** UQlev has quit IRC
[08:03:35] <padde> well, that doesn't exactly apply... but thanks anyway ;)
[08:10:11] *** CrazyFoam has joined #postfix
[08:13:25] *** hooch has quit IRC
[08:16:04] *** xpoint has quit IRC
[08:19:31] *** stefan-f has joined #postfix
[08:20:32] *** UQlev has joined #postfix
[08:26:39] *** shinao1 has joined #postfix
[08:27:36] *** seekwill has left #postfix
[08:27:54] *** shinao1 has quit IRC
[08:30:56] *** stony__ has joined #postfix
[08:35:13] *** shinao1 has joined #postfix
[08:38:58] *** syneus has joined #postfix
[08:41:22] *** stony_ has quit IRC
[08:48:53] *** Lap_64 has quit IRC
[08:57:01] *** Motoko-chan has quit IRC
[09:00:45] *** lunaphyte_ has quit IRC
[09:01:05] *** pa has joined #postfix
[09:02:02] *** hooch has joined #postfix
[09:08:16] *** Zblakany has quit IRC
[09:27:48] *** yajith has joined #postfix
[09:28:44] <yajith> how do you prevent local users from using different "From:" addresses to send mails out with postfix ?
[09:34:12] <dragonheart> yajith: reject_authenticated_sender_login_mismatch
[09:34:29] <dragonheart> as part of smtpd_sender_restrictions
[09:34:39] <rob0> doesn't work for shell users
[09:34:54] <mjoseph> that doesn't help headers either
[09:34:55] <mjoseph> just the envelope
[09:35:06] <mjoseph> you could possible do thsi with a canonical rewrite
[09:35:15] <mjoseph> but it's probably not trivial
[09:35:56] <dragonheart> ah - true
[09:36:27] *** hf|work has left #postfix
[09:37:30] *** ToeiRei has joined #postfix
[09:38:59] *** UQlev has quit IRC
[09:39:22] <mjoseph> hrm
[09:39:24] <mjoseph> maybe not
[09:39:27] <yajith> great..tks but did not get the header part
[09:39:33] <mjoseph> i can't see how you'd get the sender either
[09:39:41] <mjoseph> yajith: that solution isn't generally useful
[09:39:46] <mjoseph> since it doesn't help with locally submitted mail
[09:39:47] <yajith> ??
[09:39:53] <mjoseph> among other things
[09:40:06] <mjoseph> the only way i can see to do this is a custom filter
[09:40:24] <mjoseph> it would have to match on the headers
[09:40:43] <mjoseph> and, quite frankly, i'm not sure you can prevent forging of the envelope sender on initial submission
[09:40:55] <mjoseph> oh, wait, the uid is recorded
[09:40:57] <mjoseph> you could use that
[09:41:20] <mjoseph> the whole thing is going to be kind of hairy, though
[09:41:35] *** rootsvr has joined #postfix
[09:42:58] <ToeiRei> I got a damn s
[09:43:12] <mjoseph> an s, eh?
[09:43:13] <ToeiRei> spammer here... that's flooding some unexistant adress...
[09:43:24] <ToeiRei> sorry - hit the enter key too early... lack of caffeine.
[09:43:35] <mjoseph> !local_recipient_maps
[09:43:36] <knoba> mjoseph: "local_recipient_maps" : a configuration parameter in the main.cf: Lookup tables with all names or addresses of local recipients. A recipient address is local when its domain matches $mydestination, $inet_interfaces or $proxy_interfaces.
[09:43:49] <mjoseph> !backscatter
[09:43:50] <knoba> mjoseph: "backscatter" : http://www.postfix.org/BACKSCATTER_README.html
[09:44:13] *** stony__ is now known as stony
[09:44:20] <ToeiRei> as I have a catchall adress I was looking for a simple way of killing a hand full of adresses.
[09:44:25] <stony> hi
[09:44:35] <mjoseph> ToeiRei: remove the catchall, problem solved :)
[09:44:38] <ToeiRei> hi stony
[09:44:39] <stony> is there a way to do receipient address rewriting on sender-address-basis ?
[09:44:48] <ToeiRei> mjoseph, that's not possible here.
[09:44:53] <stony> i think it should be possible, but i don't get how
[09:44:59] <mjoseph> ToeiRei: heh, well, you can add a recipient map
[09:45:06] <mjoseph> into the smtpd_recipient_restrictions
[09:45:12] <mjoseph> and then filter there
[09:45:47] <ToeiRei> hm
[09:46:14] <mjoseph> ToeiRei: add 'check_recipient_access hash:/etc/postfix/recipient' or similar to the beginning of your smtpd_recipient_restrictions
[09:46:43] <mjoseph> in /etc/postfix/recipient or equiv, list all of the emails you want to block, with a RHS of 'REJECT'
[09:46:46] <mjoseph> then run postmap on recipient
[09:47:00] <ToeiRei> that sounds good
[09:47:02] <mjoseph> stony: the header, or the envelope recipient
[09:47:22] <mjoseph> ?
[09:48:05] <stony> mjoseph: the envelope recipient
[09:48:53] <stony> mjoseph: i need to fetch mails that are send from a specific mailadress and get the pdfs inside the mail into an archive and also transfer the mail to the recipient - i think i'll do sender based routing and pipe the thing to a python script, that does the trick
[09:48:59] *** saurabhb has joined #postfix
[09:49:31] <stony> mjoseph: instead of sending the mail to the recipients and a special email that pipes the mail to the python script ...
[09:49:50] *** dida has joined #postfix
[09:49:53] <dida> hi al
[09:50:19] <mjoseph> stony: so, there are a few things you can do
[09:50:34] <mjoseph> it sounds like you don't want to really change the recipient, just deliver a copy to your script?
[09:50:42] <stony> mjoseph: jep
[09:50:48] <stony> mjoseph: that would be best
[09:51:06] <dida> my postfix is so heavy, how can i check that it is used correctly?
[09:51:07] <mjoseph> so, if you use procmail as the MDA, you can have a system-wide procmail in /etc/procmailrc that sees all messages first
[09:51:21] <mjoseph> do your thing ina carbon rule
[09:51:26] <mjoseph> and then it wil fall-through to the user
[09:51:34] <mjoseph> alternately, you can use the always_bcc rule
[09:51:35] <stony> mjoseph: the point is, i'm sending those mails to the outside, and they are not delivered at my machine
[09:51:42] <mjoseph> ah, outbound
[09:51:46] <mjoseph> then you can use one of the *_bcc rules
[09:51:52] <mjoseph> to copy a special mailbox that runs your script
[09:52:05] <stony> mjoseph: i'll check that - thx
[09:52:36] <mjoseph> dida: start my not lifting it
[09:52:47] <mjoseph> i recommend a weight-belt before lifting a postfix instance
[09:52:48] <ToeiRei> mjoseph, thanks! worked :)
[09:52:51] <mjoseph> lest you hurt your back
[09:52:52] <mjoseph> :)
[09:53:26] <mjoseph> ToeiRei: great :)
[09:53:31] <dida> i'm curious the postfix service is being used illegaly
[09:53:36] <dida> how can i check that?
[09:54:14] <mjoseph> /var/mail/log
[09:54:16] <mjoseph> err
[09:54:17] <mjoseph> sorry
[09:54:20] <mjoseph> /var/log/maillog
[09:54:21] <mjoseph> or
[09:54:23] <mjoseph> /var/log/mail.log
[09:54:28] <mjoseph> or maybe /var/log/mail
[09:54:31] <mjoseph> depending on your system
[09:54:42] <mjoseph> !logging
[09:54:42] <knoba> mjoseph: Error: "logging" is not a valid command.
[09:54:45] <mjoseph> 'shame
[09:54:54] <mjoseph> !syslog
[09:54:56] <knoba> mjoseph: Error: "syslog" is not a valid command.
[09:55:04] <mjoseph> knoba, you disappoint
[09:55:05] <yajith> mjoseph: is there a way to apply reject_authenticated_sender_login_mismatch kind of a restriction to locally submitted mail ?
[09:55:19] <mjoseph> yajith: no
[09:55:29] <mjoseph> at least, i don't know of any
[09:55:39] <dragonheart> yajith: forbit local submission and put the mail server on a machine that doesn't have users
[09:56:16] <yajith> mjoseph: dragonheart: hmm
[09:56:40] <mjoseph> actually, that is a possibility
[09:56:42] <dragonheart> another vserver perhaps
[09:56:49] <mjoseph> you don't really even have to do that
[09:56:59] <mjoseph> you could tweak postfix not to accept local mail
[09:57:14] <mjoseph> (don't run pickup, and change permissions on the directory)
[09:57:28] <dida> ya i check
[09:57:38] *** war9407 has joined #postfix
[09:57:42] <mjoseph> and then replace sendmail with nullmailer or ssmtp
[09:57:45] <yajith> but then, it would deny mails coming from a webmail kind of a thing, doesn't it ?
[09:57:46] <mjoseph> to localhost
[09:57:51] <dida> May  8 15:58:11 mercury73 postfix/qmgr[3885]: 2F86D21B8D76: to=<frank_7655 at yahoo dot com.tw>, relay=none, delay=34229, delays=34229/0.11/0/0, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.9] refused to talk to me: 421 4.7.0 [TS01] Messages from 202.160.123.69 temporarily deferred due to user complaints - 4.16.55.1;
[09:58:03] <dida> May  8 15:58:11 mercury73 postfix/qmgr[3885]: 2F86D21B8D76: to=<frank_76412 at yahoo dot com.tw>, relay=none, delay=34229, delays=34229/0.1/0/0, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.9] refused to talk to me: 421 4.7.0 [TS01] Messages from 202.160.123.69 temporarily deferred due to user complaints - 4.16.55.1;
[09:58:14] <dida> frank_7655 at yahoo dot com.tw and frank_76412 at yahoo dot com.tw
[09:58:17] <dida> see?
[09:58:25] <mjoseph> find the earlier message
[09:58:27] <dida> i think someone misused the service
[09:58:32] <mjoseph> search your maillog for 2F86D21B8D76
[09:58:53] <mjoseph> yajith: this still doesn't fix the from: header, though
[09:59:03] <mjoseph> yajith: what is the reaosn for this?
[09:59:27] <yajith> using a webmail program, from the pref.s
[09:59:43] <yajith> users can change there From:
[09:59:44] <mjoseph> heh
[09:59:45] <yajith> to someone else's
[09:59:56] <mjoseph> you can usually customize that in the webmail program
[10:00:01] <mjoseph> what webmail?
[10:00:18] <mjoseph> and, btw, you aren't really solving any problem
[10:00:29] <mjoseph> i can spoof an e-mail by setting the from: to one of your users
[10:00:33] <mjoseph> and i'm not even on your system
[10:00:43] <mjoseph> one of your users can spoof another user's easily too, without using your system
[10:00:58] <mjoseph> spoofed from:'s are very common, and you can't prevent it generally
[10:01:02] <yajith> yes..but when u look it up u can find out, can't u ?
[10:01:12] <yajith> i meant, the ip and all..
[10:01:14] <mjoseph> if you know what to look for
[10:01:21] <dida> mjoseph: what about that?
[10:01:21] <mjoseph> but your messages will show the right user too
[10:01:22] *** felix_da_catz has joined #postfix
[10:01:31] <mjoseph> dida: i told you what to do
[10:01:32] *** pacak has joined #postfix
[10:01:39] <yajith> but in this, its hard to say..
[10:01:49] <mjoseph> no, it's very clear
[10:01:59] <mjoseph> the actual submitting user shows up in the headers
[10:02:07] <mjoseph> in the first received header
[10:02:14] <mjoseph> (assuming you set the options appropriately for htat)
[10:02:30] <dida> i did grep 2F86D21B8D76: to a file to check it separately
[10:02:42] <mjoseph> dida: and what did you find?
[10:02:56] <dida> yea alot of email to send
[10:03:07] <mjoseph> yajith: you can enforce this in various ways, but none of them are simple
[10:03:12] <dida> frank_xxx at yahoo dot com.tw
[10:03:14] <mjoseph> and i would argue that they don't buy you much
[10:03:26] <dida> xxx keep random
[10:03:29] <mjoseph> dida: you're not really listening
[10:03:40] <mjoseph> dida: what is the first log entry in your mail log that contains 2F86D21B8D76?
[10:03:49] <dida> May  8 06:27:43 mercury73 postfix/smtpd[17116]: 2F86D21B8D76: client=unknown[202.71.103.34]
[10:04:31] <dida> sorry i missed what you told me abou the 1st log entry
[10:04:32] <yajith> mjoseph: i'm looking at one of those message's headers..cud u tell me what to look for ?
[10:04:55] <dida> how come postfix grant the access?
[10:05:18] <pacak> Is this possible to redirect all spam messages based on reject_rbl_client lookups instead of rejecting it?
[10:05:19] <mjoseph> dida: what is the postfix/local lines that contain 2F86D21B8D76 ?
[10:06:36] <dida> there's no postfix/local
[10:06:41] *** ToeiRei has left #postfix
[10:07:31] *** sergevn has quit IRC
[10:07:37] *** sergevn_ has joined #postfix
[10:07:44] <mjoseph> dida: err, sorry, the postfix/smtp or postfix/relay lines
[10:07:53] <dida> ok
[10:08:21] *** suuuper has joined #postfix
[10:09:12] <yajith> mjoseph: "Received:" headers don't seem to show a sending username over here..should it ?
[10:09:14] <dida> there's none of them
[10:09:15] <mjoseph> yajith: what is the first (the bottom-most) received line
[10:09:20] <dida> only postfix/qmgr
[10:09:20] <mjoseph> it may just show uid
[10:09:25] <mjoseph> if it is received locally
[10:09:59] <yajith> mjoseph: SMTP ID 118ea4d8339_4R6J_a34b
[10:10:03] <yajith> that it ?
[10:10:07] <mjoseph> yajith: no
[10:10:41] <yajith> Received: from internal           by mail.osc.lk (DeskNow) with SMTP ID 118ea4d8339_4R6J_a34b
[10:10:48] <mjoseph> dida: it is probably later, but i'll skip that for now...i'm going to go out on a limb here and guess that your relay_hosts are wrong
[10:11:00] <mjoseph> yajith: is this a message that you sent?
[10:11:08] <mjoseph> !relay_hosts
[10:11:09] <knoba> mjoseph: Error: "relay_hosts" is not a valid command.
[10:11:09] <dida> mjoseph: only postfix/cleanup postfix/qmgr and postfix/smtpd
[10:11:14] <mjoseph> !relay_clients
[10:11:15] <knoba> mjoseph: Error: "relay_clients" is not a valid command.
[10:11:26] <dida> ok
[10:11:39] <mjoseph> err
[10:11:42] <mjoseph> !relay_domains
[10:11:43] <knoba> mjoseph: "relay_domains" : a configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter.
[10:11:46] <mjoseph> there we go
[10:11:48] <mjoseph> either that
[10:11:51] <mjoseph> or:
[10:11:56] <mjoseph> !mynetworks
[10:11:56] <knoba> mjoseph: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.
[10:12:01] <mjoseph> one of those is wrong
[10:12:08] *** Roobarb has joined #postfix
[10:12:09] <yajith> mjoseph: yes..i had this sent to me, by using someone else's email other than the one the user should use...
[10:12:22] <mjoseph> yajith: what is DeskNow?
[10:12:32] <yajith> a collaboration suite..
[10:12:42] <mjoseph> yajith: pastebin the message, please
[10:12:43] <Stijn> Anyone have a good guide on how to get a public SMTP with auth working (so public meaning usable from the outside by postfixadmin registered users)
[10:12:49] <mjoseph> okay, i'm going to bed in 5 minutes
[10:12:54] <mjoseph> let's wrap this up :)
[10:12:58] <mjoseph> or maybe rob0's still around :)
[10:13:07] <rob0> nope
[10:13:10] <mjoseph> :)
[10:13:11] <rob0> !sasl
[10:13:11] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[10:13:14] <rob0> g'night
[10:13:18] <yajith> mjoseph: wait..
[10:13:19] <mjoseph> later rob
[10:13:24] <mjoseph> yajith: 5 minutes :)
[10:13:30] <mjoseph> yajith: pastebin, please
[10:15:51] <yajith> http://pastebin.com/d60df3a4d
[10:16:10] <yajith> mjoseph: its on sendmail now,,
[10:16:34] <yajith> m researching for moving it to postfix.
[10:16:38] <yajith> thats why..
[10:17:19] *** madrescher has joined #postfix
[10:17:24] <mjoseph> heh
[10:17:47] <yajith> mjoseph: heh :)
[10:19:28] <mjoseph> i will look up the headers for you
[10:21:49] *** sergevn_ is now known as sergevn
[10:23:54] *** havvg has joined #postfix
[10:24:58] <mjoseph> Received: from [192.168.1.100] (xxx.xxx.com
[10:24:58] <mjoseph>         [1.2.3.4]) (Authenticated sender: foo at mail dot bar.com) by
[10:24:58] <mjoseph>         mx1.bar.com (Postfix) with ESMTP id 6B9368C456 for <some at recipient dot here>; Sat,
[10:25:01] <mjoseph>         19 Apr 2008 14:26:49 -0400 (EDT)
[10:25:11] <mjoseph> that's with SASL, via SMTP
[10:25:20] <mjoseph> if submitted from the commandline:
[10:25:24] <mjoseph> Received: by mx1.bar.com (Postfix, from userid 1000)
[10:25:24] <mjoseph>         id 15D0918B789; Sun,  1 Jul 2007 06:01:31 -0400 (EDT)
[10:25:42] *** felix_da_catz has quit IRC
[10:25:57] <mjoseph> i happen to use squirrel mail for my webmail
[10:26:14] <mjoseph> and it adds another header that actually gives the real username (and can be configured to prevent changing of the from anyway)
[10:26:27] <mjoseph> if you don't like the local style
[10:26:28] <dida> mjoseph: how to cleaar the queue first?
[10:26:48] <mjoseph> (becuase it only has uid), then you can disable normal users from submitting mail
[10:26:55] <mjoseph> but i don't recommend that
[10:27:09] <mjoseph> dida: fix your config first
[10:27:12] <mjoseph> then worry about the queue
[10:27:38] <mjoseph> but to answer your question, you can move the queued mail out of the way with: postsuper -h ALL
[10:27:45] <mjoseph> once it is on hold, then you can delete it
[10:28:02] <mjoseph> (it is possible to delete w/o putting on hold, but i recommend against it)
[10:28:25] <mjoseph> err
[10:28:59] <mjoseph> to delete from the hold queue, it is: postsuper -d ALL hold
[10:29:08] <dida> mjoseph: u mean the relay_domains ?
[10:29:15] <mjoseph> either that or mynetworks
[10:29:20] <mjoseph> one of them is broken in your setup
[10:29:42] <mjoseph> yajith: good luck, i'm off to bed, i hope that explains things for you
[10:29:48] <mjoseph> dida: good luck, i'm off to bed
[10:29:50] <mjoseph> later folks :)
[10:30:00] <yajith> mjoseph: thanks a lot....
[10:30:13] <dida> how to clear queue?
[10:30:20] <dida> mjoseph
[10:30:23] <yajith> mjoseph: c ya..
[10:30:37] <mjoseph> dida: read
[10:30:40] <mjoseph> later :)
[10:30:53] <yajith> :)
[10:36:04] *** kk_CHN has quit IRC
[10:36:34] *** lkthomas has quit IRC
[10:36:45] *** bhagat has quit IRC
[10:38:13] *** madrescher has left #postfix
[10:42:36] *** Draecos has joined #postfix
[10:54:41] *** TheBonsai has quit IRC
[10:56:31] *** dida_ has joined #postfix
[10:58:35] *** Tex-Twil has joined #postfix
[11:00:20] *** UQlev has joined #postfix
[11:06:02] *** dida has quit IRC
[11:14:17] *** ricosecada has joined #postfix
[11:14:57] <ricosecada> I haven't messed around to much with setting up a FQDN other than home use. When I have a server with several domains pointing towards the server, which one should I choose as a "Mail name"?
[11:16:24] <f3ew> any one
[11:31:20] <ricosecada> Does it have any influence on mails being sent by a php mail script on the server?
[11:36:46] *** shinao1 has quit IRC
[11:37:17] <f3ew> no
[11:40:35] *** Knoedel2 has joined #postfix
[11:47:42] *** Nevstah has joined #postfix
[11:49:17] <Nevstah> hiya, having an issue with non-existant emails, i have set notify_classes = resource, software yet i still get postmaster notifications, what am i doing wrong?
[11:52:22] <f3ew> Uh?
[11:52:51] *** silverblade has joined #postfix
[11:53:35] *** ekimus_ has joined #postfix
[11:54:24] <silverblade> ive got a bit of a problem. i use mysql with postfix (for the user/domain map) and just realised that one of its config files has the mysql password visible in it, and is world-readable. i tried chowning this to the postfix user and chmod o-r it, but this then prevents things like web forms from working.
[11:54:34] <silverblade> whats a suitable way around this
[11:56:40] <ekimus_> hmm reading postconf(5) inet_protocols it says "When both IPv4 and IPv6 support are enabled, the Postfix SMTP client will attempt to connect via IPv6 before attempting to use IPv4." still i get error messages "Host or domain name not found. ... type=AAAA: Host not found" which is correct because for the host in question there's no AAAA just A. Am I misinterpreting that, shouldn't postfix automagically ask for A records if no AAAA is found?
[11:58:29] <ekimus_> silverblade: setfacl
[11:59:00] <ekimus_> silverblade: or chown to a group and add the users in question to that group
[12:00:19] <ekimus_> arg... it works A LOT better when I use a hostname that does actually exist as smarthost...
[12:01:20] <silverblade> hmm
[12:01:32] <silverblade> wouldnt that mean that those users could read the password though
[12:01:59] <ekimus_> silverblade: yes, you implied that this is necessary in your question
[12:02:11] *** _gAri- has quit IRC
[12:02:18] <ekimus_> so apache and postfix need to be able to read the PW to connect to the database right?
[12:02:38] <silverblade> im not sure why the webserver would need to read the configuration?
[12:02:39] <f3ew> yes
[12:02:51] <silverblade> it was having problems accessing postfix/main.cf
[12:03:08] <ekimus_> "this then prevents things like web forms from working."
[12:03:31] *** lysander_ has quit IRC
[12:03:58] *** lysander has joined #postfix
[12:04:17] <ekimus_> i assume that some hat somewhere the webapp has to get the password to the database. and my guess is that it get's this directly from the main.cf file
[12:04:48] <silverblade> nope it doesnt access the database from the webapp.
[12:05:05] <silverblade> (its phpBB if thats of any relevance)
[12:05:18] <silverblade> afaik it just uses the standard unix commands for sending mail
[12:05:35] <ekimus_> i guess it's more a cnfig problem of your webserver or webapp than postfix
[12:06:21] <silverblade> possibly. i just thought id check as it seems a bit nasty to have the password visible in these files.
[12:06:57] <silverblade> "postfix/sendmail[19574]: fatal: open /etc/postfix/main.cf: Permission denied"
[12:07:17] <f3ew> oops
[12:07:26] <silverblade> hmm i guess that runs under the permissions of whoever is mailing?
[12:07:28] *** Sypher has joined #postfix
[12:07:32] <ekimus_> silverblade: is that file owned by postfix?
[12:07:36] <Sypher> hello
[12:07:41] <silverblade> thats what i chowned it to
[12:07:44] <Sypher> guys ... whats the "format" of a sasldb2 file ? i mean .. how can i "read" that ? .. :o
[12:08:32] <f3ew> total 344
[12:08:41] <f3ew> lrwxrwxrwx  1 root root    51 Jan 29 12:46 examples -> /usr/share/doc/postfix-2.4.6-documentation/examples
[12:08:49] <f3ew> lrwxrwxrwx  1 root root    47 Jan 29 12:46 html -> /usr/share/doc/postfix-2.4.6-documentation/html
[12:09:20] <f3ew> lrwxrwxrwx  1 root root    49 Jan 29 12:46 readme -> /usr/share/doc/postfix-2.4.6-documentation/readme
[12:09:24] <Nevstah> oops
[12:09:32] <f3ew> oops
[12:09:35] * f3ew apologises
[12:09:36] <f3ew> drwxr-xr-x  2 root root 4096 May  2 19:50 /etc/postfix/
[12:09:39] <f3ew> drwxr-xr-x  87 root root 12288 May  5 11:53 /etc/
[12:10:26] <silverblade> i also have a couple of CF files which are responsible for carrying out the mysql query for postfix
[12:10:31] <silverblade> which are world-readable.
[12:10:38] <silverblade> which is what the issue is.
[12:10:43] *** postmanx has joined #postfix
[12:12:54] <silverblade> hmm perhaps my setup is a bit OTT.
[12:13:04] <silverblade> i might just reconfigure w/o mysql involved
[12:16:06] *** ricosecada has quit IRC
[12:17:02] <postmanx> hello, vger.kernel.org output is "Something WRONG!! rc=554" - Any idea how can I fix it ?
[12:17:08] <dida_> failed to send email using email client
[12:17:22] <dida_> it said bad certificate
[12:17:33] <dida_> but when i created a new certificate
[12:17:42] <Nevstah> hiya, having an issue with non-existant emails, i have set notify_classes = resource, software - yet i still get postmaster notifications, what am i doing wrong?
[12:17:45] <dida_> it says unable to connect to smtp server mail.regoo.com via STARTTLS since it doesn't offer STARTTLS in EHLO response
[12:18:58] *** amrit|bbl is now known as amrit|zzz
[12:21:03] *** madrescher has joined #postfix
[12:21:58] *** pirho has joined #postfix
[12:24:35] *** Mavvie has quit IRC
[12:24:41] *** ricosecada has joined #postfix
[12:25:33] <ricosecada> Do I have to add a domain to the mydestination every time I add a domain to my server?
[12:26:01] <ricosecada> At the current moment it is only set to localhost, but I am receiving mail on all the different domains.
[12:26:13] *** Nevstah has quit IRC
[12:28:55] <ricosecada> I have about 5 domains pointing towards the server, and they are setup in apache as virtual domains, and also in postfix as virtual domains. Should each domain be listed in mydestination and if so why?
[12:30:18] <ricosecada> Ahh, found it in the doc
[12:35:17] *** postmanx has quit IRC
[12:43:14] *** UQlev has quit IRC
[12:47:23] *** ricosecada has quit IRC
[12:47:39] *** Mavvie has joined #postfix
[12:49:28] *** rootsvr_ has joined #postfix
[12:49:28] *** rootsvr has quit IRC
[12:56:59] *** tore_ has joined #Postfix
[12:59:14] *** supa2 has joined #postfix
[13:00:28] <supa2> Hello, I've set up an email server following instructions at http://workaround.org/articles/ispmail-etch/ and I'm having some troubles in configuring autoreplies
[13:01:28] *** lunaphyte_ has joined #postfix
[13:01:32] <supa2> I'm trying to set up a script which scans /home/vmail/domain/username/new directory but the incoming emails do not ever get to the /new directory
[13:02:14] <supa2> I think that the mail gets delivered to amavis-d which in turn checks it and returns the message to the /cur directory
[13:04:31] <supa2> So anyway - if my way of (trying) to do the autoreply is considered bad then would someone please suggest what to try next?
[13:06:42] *** ming_zym has quit IRC
[13:06:51] *** wdp has joined #postfix
[13:07:00] *** wdp has left #postfix
[13:07:25] *** Mavvie has quit IRC
[13:09:32] *** snappy has quit IRC
[13:09:35] *** snappy has joined #postfix
[13:11:50] *** Mavvie has joined #postfix
[13:26:27] *** turdzzz has joined #postfix
[13:27:09] <turdzzz> Can someone explain to me what virtualdomains.tld is? Is it just a config file that holds the virtual domains you want to recieve mail for?
[13:28:30] *** ming_zym has joined #postfix
[13:33:00] *** Mavvie has quit IRC
[13:40:56] *** Fallenou has joined #postfix
[13:41:00] *** yajith has left #postfix
[13:52:23] *** cilly has joined #postfix
[13:56:34] *** Sypher_ has joined #postfix
[14:01:20] *** jmazaredo has joined #postfix
[14:10:36] *** Nockian has quit IRC
[14:13:55] *** supa2 has quit IRC
[14:14:21] *** Sypher_ has quit IRC
[14:14:38] *** Sypher has quit IRC
[14:14:40] *** Sypher_ has joined #postfix
[14:23:22] *** jellis-real has joined #postfix
[14:32:28] *** madresche1 has joined #postfix
[14:32:28] *** madrescher has quit IRC
[14:33:27] *** madresche1 has quit IRC
[14:39:08] *** Stijn has quit IRC
[14:41:15] <Roobarb> turdzzz: I don't believe it's distributed as part of a standard install, so I suspect you'll find reference to it in the output of "postconf -n"
[14:42:49] <Dominian> I've never heard of that file
[14:43:01] <turdzzz> thank god
[14:43:05] *** Draecos has quit IRC
[14:43:07] <turdzzz> makes no sense to me.
[14:43:13] *** keffer has joined #postfix
[14:43:30] <turdzzz> people use it in wiki's all the time too.
[14:46:15] *** Sypher_ is now known as sypher
[14:47:26] <turdzzz> just knowing that, I fixed my fking problem
[14:47:27] <turdzzz> thanks guys.
[14:54:02] <Dominian> heh
[14:56:13] *** postmanx has joined #postfix
[15:00:59] *** postmanx has quit IRC
[15:09:51] *** Fallenou has quit IRC
[15:15:52] *** madrescher has joined #postfix
[15:17:42] *** rootsvr_ has quit IRC
[15:18:45] *** Zblakany has joined #postfix
[15:21:31] *** af_ has joined #postfix
[15:25:51] *** Tex-Twil has quit IRC
[15:42:03] *** csm-laptop has joined #postfix
[15:43:17] *** wdp has joined #postfix
[15:43:24] *** Jax has joined #postfix
[15:43:26] *** ramoni has joined #postfix
[15:45:45] *** Zeit|awy_ has quit IRC
[15:50:12] *** hparker has joined #postfix
[15:52:21] *** lunaphyte_ has quit IRC
[15:53:05] *** Zblakany has quit IRC
[16:04:58] *** lunaphyte_ has joined #postfix
[16:05:01] *** Fallenou has joined #postfix
[16:09:53] *** Roobarb has quit IRC
[16:10:14] *** Roobarb has joined #postfix
[16:10:28] <turdzzz> for some reason I'm not able to authenticate with imap, I'm getting error imapd: authentication error: Input/output error
[16:10:33] <turdzzz> anyone have any ideas?
[16:10:40] <Dominian> what imap server?
[16:10:44] <turdzzz> courier
[16:10:45] <wdp> turdzzz, i get such messages when mysql isn't running.
[16:10:50] <turdzzz> it is
[16:11:00] <wdp> turdzzz, to many connections, or things like that?
[16:11:01] <Dominian> never used courier
[16:11:02] <f3ew> an Courier connect?
[16:11:05] <f3ew> can*
[16:11:09] <f3ew> Does the mailbox exist?
[16:11:21] <turdzzz> f3ew: yes I'm able to connect, and mailbox exists
[16:11:28] <turdzzz> wdp: what do you mean
[16:12:10] <wdp> turdzzz, i'm using courier with mysql. If the mysql isn't running, or there are no free connections, i get input output error in courier.
[16:12:33] <turdzzz> wdp: is there a way to check if mysql doesn't have any more open connections?
[16:12:42] <wdp> check your logfiles ;)
[16:12:47] <turdzzz> for mysql?
[16:12:57] <turdzzz> nothing in the mysql log
[16:13:50] <sysmonk> don't use courier! :P
[16:13:53] <sysmonk> joking
[16:14:12] <turdzzz> lol I've used it before and didn't have such a problem
[16:14:23] <Dominian> dovecot ftw
[16:15:16] <turdzzz> anything else anyone can think of?
[16:15:23] <sysmonk> Dominian: doh, cyrus ftw! :)
[16:15:46] <Dominian> hah
[16:17:21] *** lunaphyte__ has joined #postfix
[16:18:34] *** lunaphyte_ has quit IRC
[16:19:05] *** Siegfried has joined #postfix
[16:20:09] <dida_> i can't authenticate my self using smtp-auth
[16:20:26] <dida_> May  8 22:22:32 mercury73 postfix/smtpd[12419]: warning: SASL authentication failure: Password verification failed
[16:20:39] <dida_> i'm sure i entered it correctly
[16:20:49] <dida_> what should i check?
[16:23:21] <turdzzz> I think I fixed my problem, courier wasn't able to communicate outside my domain, and I was trying to login through my domain, thanks anyways guys.
[16:26:57] *** tore_ has quit IRC
[16:28:59] *** ming_zym has quit IRC
[16:30:54] *** ming_zym has joined #postfix
[16:31:31] *** seekwill has joined #postfix
[16:35:59] *** ming_zym has quit IRC
[16:41:28] *** muecke77 has joined #Postfix
[16:41:44] *** muecke77 has left #Postfix
[16:42:28] *** muecke77 has joined #Postfix
[16:42:43] *** turdzzz has quit IRC
[16:51:56] *** j_s has joined #postfix
[16:55:44] *** wdp has quit IRC
[16:57:38] *** ming_zym has joined #postfix
[17:01:40] *** keffer has quit IRC
[17:01:43] *** [diablo] has joined #postfix
[17:04:17] *** [diablo] has quit IRC
[17:06:39] *** knoba has quit IRC
[17:06:50] *** knoba has joined #postfix
[17:16:19] *** [diablo] has joined #postfix
[17:16:20] *** muecke77 has left #Postfix
[17:20:16] * Fallenou sautille partout
[17:20:29] *** ming_zym has quit IRC
[17:20:58] *** Daviey has joined #postfix
[17:21:14] *** Jax has quit IRC
[17:21:29] <Daviey> Hi, how can i integrate an external spamd server?
[17:23:04] *** ming_zym has joined #postfix
[17:24:56] *** keffer has joined #postfix
[17:30:46] *** jpalmer has quit IRC
[17:31:27] *** keffer has quit IRC
[17:31:40] *** keffer has joined #postfix
[17:32:41] *** martianixor has joined #postfix
[17:32:50] *** phnord has quit IRC
[17:36:01] *** _Siegfried has joined #postfix
[17:37:37] *** Dieu has joined #postfix
[17:40:01] <Dieu> hi al I wonder if somebody knows to block something like this in postfix:
[17:40:03] <Dieu> MAIL FROM: you at domain dot com
[17:40:03] <Dieu> OK
[17:40:03] <Dieu> RCPT TO: dest at mydomain dot com
[17:40:03] <Dieu> OK
[17:40:03] <Dieu> DATA
[17:40:04] <Dieu> From: other at other dot com
[17:40:06] <Dieu> ...
[17:40:17] *** felix_da_catz has joined #postfix
[17:40:48] *** Tex-Twil has joined #postfix
[17:41:00] <Dieu> THe fact is that MAIL and DATA has diferente mail,
[17:41:31] <Dieu> and some ugly mail clients shows FROM header in place RCPT, any idea?
[17:45:33] <seekwill> you want that
[17:47:50] *** Siegfried has quit IRC
[17:48:00] *** _Siegfried is now known as Siegfried
[17:49:28] *** descala has joined #postfix
[17:49:59] <seekwill> Dieu: The envelope (rcpt to) does not have to match the from header. This is very useful for like legit newsletter stuff where the bounce is handled by a different address
[17:52:42] *** [diablo] has quit IRC
[17:53:03] *** Tex-Twil has quit IRC
[17:54:32] *** Zeit|awy has joined #postfix
[17:56:01] *** UQlev has joined #postfix
[17:58:01] <Dieu> yes, i know but it's a customer requirement
[17:58:15] <seekwill> Tell them they are wrong
[17:58:28] <mwalling> seekwill: customers cant read RFCs
[17:58:38] <seekwill> It's a service provider's responsibility
[18:00:03] <seekwill> We have many customers who ask the same thing. We inform them the reason why they shouldn't do such actions, and they realize they are wrong. They don't know the full scope of what they're asking. That's why they pay you
[18:02:05] <Dieu> ok, brb thans
[18:02:59] *** Dieu has left #postfix
[18:03:32] *** stefan-f has quit IRC
[18:06:12] <Trengo> actually you can have different From: and Reply-to: can't imagine why anyone would want to reject those
[18:08:07] <seekwill> "customer requirement"
[18:08:43] <seekwill> misinformed "customer requirement"
[18:09:15] *** af_ has quit IRC
[18:13:20] <rob0> yeah, it would be a disaster
[18:15:16] *** netcrash has quit IRC
[18:15:46] *** githogori_ has quit IRC
[18:15:52] *** netcrash has joined #postfix
[18:20:07] *** suuuper has quit IRC
[18:21:27] *** CrazyFoam has quit IRC
[18:22:14] *** lunaphyte__ is now known as lunaphyte_
[18:24:39] *** wdp has joined #postfix
[18:25:12] *** sypher has quit IRC
[18:30:37] *** havvg has quit IRC
[18:30:58] *** ming_zym has quit IRC
[18:46:51] *** Nockian has joined #postfix
[18:58:18] *** syneus has quit IRC
[18:58:18] *** madrescher has quit IRC
[18:58:47] *** madrescher has joined #postfix
[19:06:07] *** madrescher has quit IRC
[19:08:26] *** INternat has quit IRC
[19:08:34] *** INternat has joined #postfix
[19:12:00] *** amrit|zzz is now known as amrit|wrk
[19:12:54] *** stefan-f has joined #postfix
[19:13:59] *** havvg has joined #postfix
[19:20:03] *** Vivek has joined #postfix
[19:24:01] *** quieteyes has joined #postfix
[19:27:46] *** seekwill has quit IRC
[19:31:03] *** martianixor has quit IRC
[19:32:21] *** ming_zym has joined #postfix
[19:33:08] *** kithpom has joined #postfix
[19:33:34] <kithpom> is it normal behavior that email passed through aliases doesn't get processed by recipient_bcc?
[19:36:26] <kithpom> anyone?
[19:37:24] <Dominian> no idea
[19:38:18] <kithpom> according to this: http://www.postfix.org/postconf.5.html
[19:38:31] <kithpom> Optional BCC (blind carbon-copy) address lookup tables, indexed by recipient address. The BCC address (multiple results are not supported) is added when mail enters from outside of Postfix.
[19:38:54] <kithpom> it would be outside mail only not locally generated from aliases. does this make sense to anyone else?
[19:39:29] <kithpom> that is under entry for recipient_bcc by the way.
[19:40:41] *** pa has quit IRC
[19:41:54] <kithpom> anyone willing to take a look at it and give me your interpretation or if you are otherwise familiar with the issue give me your take?
[19:48:02] *** saurabhb has quit IRC
[19:48:09] <f3ew> kithpom alias_maps are handled by local(8)
[19:48:31] <f3ew> which runs after smtpd(8), and smtpd(8) handles recipient_bcc_maps
[19:55:38] *** ming_zym has quit IRC
[19:59:54] *** netcrash has quit IRC
[20:01:16] <kithpom> thx f3ew that is very helpful.
[20:02:26] * f3ew => HOME
[20:02:30] *** rcsu has joined #postfix
[20:04:08] *** martianixor has joined #postfix
[20:04:20] *** hever has joined #postfix
[20:04:27] *** githogori_ has joined #postfix
[20:06:00] *** jpalmer has joined #postfix
[20:09:32] *** ma3x has joined #postfix
[20:09:33] <ma3x> hello
[20:09:55] <ma3x> is there any public smarthost i can use? my isp dont allow me to use theirs
[20:12:24] <jpalmer> ma3x: public smarthosts?  that sounds like a fancy way of saying "open relay"
[20:13:56] <UQlev> ma3x: you must have very much offended your ISP ;)
[20:14:17] <ma3x> UQlev: they dont allow me use theirs
[20:14:25] <ma3x> i mean the mail delivers to their host, but they dont deliver it
[20:14:29] <ma3x> dunno why
[20:14:34] <ma3x> i have no offended them in any way :)
[20:15:08] <UQlev> ma3x: usually ISP provide smtp service on default
[20:15:25] <jpalmer> call them and find out why.  that should be a standard service when you signup with an ISP.
[20:18:09] <ma3x> UQlev: is there public smarthost or no?
[20:18:17] <UQlev> definitely NO
[20:18:52] <UQlev> the last one collapsed in 1999
[20:19:35] *** felix_da_catz has quit IRC
[20:19:37] <ma3x> UQlev: well my isp won't provide mail for me
[20:19:38] <ma3x> dunno why
[20:19:41] <ma3x> or for any of its users
[20:19:44] <ma3x> its a shitty isp in macedonia
[20:19:48] <UQlev> ma3x: better find out reason of nondelivery
[20:19:56] <ma3x> i can't find out
[20:20:08] <ma3x> they'll simply tell you use our webmail
[20:20:28] *** shinao1 has joined #postfix
[20:20:36] *** [diablo] has joined #postfix
[20:20:55] <ma3x> are these 3 well set?
[20:20:56] <ma3x> inet_interfaces = internet
[20:20:57] <ma3x> default_transport = internet
[20:20:57] <ma3x> relay_transport = internet
[20:21:06] <UQlev> ma3x: ISP will never block your IP without reason
[20:21:21] * cpm blocks UQlev
[20:21:28] <UQlev> :P
[20:21:29] <cpm>  (without reason)
[20:21:50] <ma3x> UQlev: come on, don't tell me i did something
[20:21:53] <ma3x> it's like that for all of its users
[20:21:58] <ma3x> plus, i have a dynamic ip
[20:22:14] <ma3x> they couldn't block me
[20:22:31] *** jmazaredo has quit IRC
[20:22:36] <UQlev> for dynamic IPs smtpauth is used
[20:22:53] *** [diablo] has quit IRC
[20:22:56] <jpalmer> ma3x: can you send mail using your client, through your ISP's mailserver?
[20:23:01] <ma3x> what's smtpauth?
[20:23:10] <ma3x> I don't know
[20:23:15] <ma3x> I guess not
[20:23:21] <ma3x> let me check
[20:23:30] <jpalmer> you aren't allowed to guess here.  we don't troubleshoot guesses ;)
[20:23:33] *** [diablo] has joined #postfix
[20:24:54] *** seekwill has joined #postfix
[20:26:20] <UQlev> ma3x: if you are going to use any external smart host it means your outgoing smtp is allowed? run your own MTA then
[20:26:26] <ma3x> ok i tried with my client
[20:26:39] <ma3x> if i don't use smtp authentication (user + pass) it sends the email but it never arrives
[20:26:48] <ma3x> and if i use the smtpauth it says invalid userid/pass
[20:27:04] *** hemry has joined #postfix
[20:27:54] <UQlev> ma3x: what IP of your ISP's smtp?
[20:29:27] <ma3x> UQlev: my isp is mt.net.mk
[20:29:32] <ma3x> or adsl.com.mk
[20:29:37] <ma3x> those both
[20:29:53] <ma3x> they are now renamed to t-home.com.mk
[20:30:00] <ma3x> i guess deutsche telekom bought them
[20:32:39] <UQlev> Eudora Worldmail 1.3.167 might have no smtp-auth
[20:33:20] *** wdp has left #postfix
[20:33:45] <ma3x> UQlev: can ya help
[20:34:12] <UQlev> ma3x: to relay your mail?
[20:34:21] <ma3x> yeah
[20:34:29] <ma3x> inet_interfaces = internet
[20:34:30] <ma3x> default_transport = error
[20:34:30] <ma3x> relay_transport = error
[20:34:34] <ma3x> are these ok?
[20:34:41] <ma3x> or should i comment the default transport and relay?
[20:34:52] <ma3x> Reloading Postfix configuration...postfix: fatal: parameter inet_interfaces: no local interface found for 202.89.159.120
[20:34:52] <ma3x> failed.
[20:34:57] <ma3x> i get that error on reload
[20:35:45] <UQlev> ma3x: why don't you configure your postfix to deliver without sparthost?
[20:35:56] <UQlev> smarthost
[20:36:07] <ma3x> UQlev: my isp assigns dynamic ips to its clients
[20:36:13] <ma3x> so many of those are blacklisted
[20:36:16] <ma3x> i tried last time
[20:36:22] <ma3x> i deleted the configuration since
[20:36:29] <UQlev> I see
[20:37:17] <UQlev> ma3x: can you use your mail-clent without postfix to send?
[20:37:43] <ma3x> UQlev: with authentication or without?
[20:37:54] <UQlev> either
[20:38:54] <ma3x> loook
[20:39:13] <ma3x> May  8 20:38:27 ma3x postfix/smtp[5447]: 4247B5BC551: to=<deiun23 at yahoo dot com>, relay=paladin.mt.net.mk[195.26.152.151]:25, delay=0.46, delays=0.11/0.01/0.23/0.12, dsn=2.0.0, status=sent (250 <4822E18B000111F5> Mail accepted)
[20:39:26] <ma3x> it accepts my mail
[20:39:30] <ma3x> but then i never get it on the yahoo email
[20:39:33] <ma3x> (it never delivers it)
[20:39:37] <ma3x> so fucking pissing me off!
[20:39:44] <UQlev> yahoo delays from everyone
[20:39:44] <seekwill> It's yahoo. Try a different provider.
[20:39:50] <seekwill> Not everyone :)
[20:39:53] <ma3x> it's same for all
[20:39:56] <ma3x> it delivers nowhere
[20:40:04] *** xpoint has joined #postfix
[20:40:10] <seekwill> ma3x: Check your log for the reason why it was delayed. Try gmail.
[20:40:54] <ma3x> seekwill: i pasted you the log
[20:41:01] <ma3x> my isp's server accepts the mail
[20:41:06] <ma3x> May  8 20:38:27 ma3x postfix/smtp[5447]: 4247B5BC551: to=<deiun23 at yahoo dot com>, relay=paladin.mt.net.mk[195.26.152.151]:25, delay=0.46, delays=0.11/0.01/0.23/0.12, dsn=2.0.0, status=sent (250 <4822E18B000111F5> Mail accepted)
[20:41:11] <ma3x> but then it doesnt deliver it
[20:41:15] <ma3x> i can't check 'their' server's logs
[20:41:23] <seekwill> That was the acceptance. You should have another "delievered" log line
[20:41:39] <seekwill> Send a message to me, will at resetbypeer dot com
[20:42:45] <ma3x> sent it
[20:43:00] <seekwill> Check your logs
[20:43:02] <ma3x> May  8 20:42:41 ma3x postfix/pickup[5425]: 5BF4F5BC554: uid=1000 from=<deiun23 at yahoo dot com>
[20:43:02] <ma3x> May  8 20:42:41 ma3x postfix/cleanup[5515]: 5BF4F5BC554: message-id=<200805082042.41270.deiun23 at yahoo dot com>
[20:43:02] <ma3x> May  8 20:42:41 ma3x postfix/qmgr[5427]: 5BF4F5BC554: from=<deiun23 at yahoo dot com>, size=453, nrcpt=1 (queue active)
[20:43:02] <ma3x> May  8 20:42:41 ma3x postfix/smtp[5517]: 5BF4F5BC554: to=<will at resetbypeer dot com>, relay=paladin.mt.net.mk[195.26.152.151]:25, delay=0.41, delays=0.1/0.01/0.19/0.12, dsn=2.0.0, status=sent (250 <4821BF1C0003934A> Mail accepted)
[20:43:03] <ma3x> May  8 20:42:41 ma3x postfix/qmgr[5427]: 5BF4F5BC554: removed
[20:44:02] <seekwill> Hmm.. it did disappear heh
[20:44:34] <ma3x> yeah
[20:44:39] <seekwill> Well, we know it's not yahoo :)
[20:44:49] <ma3x> its not yahoo
[20:44:53] <ma3x> so what do i need to do
[20:45:04] <seekwill> Guessing it's your smarthost set up
[20:45:16] <seekwill> Possibly they are dropping the message
[20:46:04] <UQlev> seekwill: his ISP running Eudora Worldmail
[20:46:13] <seekwill> oh, no idea
[20:46:29] <seekwill> His ISP should tell him what he needs to do
[20:46:38] <descala> hi
[20:46:44] <UQlev> who knows how it was configured, may be their queue is flooded
[20:46:47] *** xpoint has quit IRC
[20:47:02] <seekwill> ma3x: Your best bet is to contact your ISP
[20:47:05] *** xpoint has joined #postfix
[20:47:10] <descala> i'm configuring postfix with cyrus-imap's virtual domains
[20:47:25] *** [diablo] has quit IRC
[20:47:47] <ma3x> seekwill: I don't want to contact that isp crap again
[20:47:52] <ma3x> thye always tell me to use their webmail
[20:47:53] <ma3x> fuckers
[20:47:57] <ma3x> what to do now?
[20:47:58] <seekwill> ma3x: Change ISPs
[20:48:01] <seekwill> There's not much you can do
[20:48:12] <ma3x> i can't stand those yahoo smtp servers, they always add stupid adds on the end of the emails
[20:48:15] <ma3x> i cant change isps
[20:48:17] <ma3x> i got contact 1 year
[20:48:21] <ma3x> blood ybastasrds
[20:48:29] <descala> postfix does give the wrong "to" to lmtp
[20:48:40] <seekwill> The only thing you can do is pay for an external relay
[20:48:56] <seekwill> (since I doubt you'll find a free one)
[20:49:46] <descala> to=<user at hostname dot domain.tldt>, orig_to=<user at domain dot tld>  ... any hint?
[20:49:52] <quieteyes> ma3x: go to dyndns.com and look at their MailHop services (note: I am not a customer, I just prefer their service)  I'm sure there are plenty of others with similar offerings
[20:50:11] <seekwill> quieteyes: That's for incoming
[20:50:19] <seekwill> I've used it before
[20:50:25] <quieteyes> seekwill: check the site, they also have relay now
[20:50:29] <seekwill> oh
[20:50:40] *** Vivek has quit IRC
[20:50:43] <quieteyes> and outbound :)
[20:50:57] <ma3x> quieteyes: is dyndns service free?
[20:51:11] <quieteyes> ma3x: "some" of the services are free, some are pay
[20:51:14] <seekwill> You don't want a free service
[20:51:24] <quieteyes> ma3x: you will want to go with a pay service here
[20:51:33] <seekwill> if it's free, it'll be a spam source and will be blocked
[20:52:04] <quieteyes> ma3x: afk and good luck...
[20:53:02] <seekwill> $15/year isn't bad
[20:53:20] *** shinao1 has quit IRC
[20:53:20] <ma3x> im not willing to pay money for it
[20:53:36] <seekwill> Then you're out of luck
[20:53:51] *** shinao1 has joined #postfix
[20:54:42] <ma3x> ok i now have official information
[20:54:48] <ma3x> smtp.mt.net.mk is the outgoing server
[20:54:51] <ma3x> let's see if i can use it
[20:54:58] <kithpom> do you guys know of any free backup mx services?
[20:55:34] <UQlev> kithpom: to collect spam for you?
[20:55:51] <seekwill> heh
[20:56:04] <UQlev> kithpom: you will have enough w/o backup ;)
[20:57:44] <seekwill> I'd totally do it, just to push more traffic through my VPS. It sits idle most of the day and I pay $50/month for it
[21:00:02] <kithpom> know of any good services in the $15 range?
[21:00:25] <kithpom> is dyndns.com good? anyone have firsthand experience with them?
[21:00:32] <seekwill> I've used them. They're good
[21:02:57] *** donspaulding has joined #postfix
[21:04:25] <donspaulding> I'm in trouble here and I could use some help.  I have postfix setup as purely a forwarding server.  I use pgsql with an alias map table in my db, and postmap finds mappings correctly.
[21:04:42] <ma3x> how do i use auth for realy host?
[21:04:49] <donspaulding> However, when I first connect to postfix, it gives me a 451 Temporory lookup failure
[21:05:43] <donspaulding> then it freezes on all attempts to connect afterward.  It doesn't refuse the connection, it just hangs there.
[21:05:55] <donspaulding> any ideas?
[21:07:50] *** [diablo] has joined #postfix
[21:14:36] *** stefan-f has quit IRC
[21:17:10] *** tyrok has joined #postfix
[21:17:18] *** seekwill has quit IRC
[21:17:46] *** seekwill has joined #postfix
[21:17:47] *** dida_ has quit IRC
[21:18:18] *** dida_ has joined #postfix
[21:22:45] *** descala has quit IRC
[21:23:13] <donspaulding> did pgsql mapping or virtual alias domains change from version 2.3.8 to version 2.5.1?
[21:24:38] <rob0> Does "postconf -m" list pgsql? Did you forget PGSQL_README?
[21:27:55] <hparker> Or rob0_readme?
[21:29:12] <rob0> if postconf -m | grep rob0 ; then echo "well I'll be!" ; fi
[21:29:50] <hparker> heh
[21:31:18] <tyrok> Got an Outlook 2003 client trying to connect to a Postfix server, and on the server I'm getting a "timeout after DATA" error for each message they try to send.  The messages are tiny, so I'm pretty sure there's something messed up between the way Outlook and Postfix are talking.  Any ideas?
[21:32:04] <hparker> Outlook sux?
[21:32:21] <hparker> I'd sniff the wire, tcpdump or something, and take a look
[21:32:24] <tyrok> hparker: Duh.  Thunderbird rules.  Anyone else?  :)
[21:32:44] <tyrok> hparker: Did that yesterday.  Hold on a sec while I pull it up...
[21:33:56] *** ramoni has quit IRC
[21:34:45] *** muecke77 has joined #Postfix
[21:35:43] <tyrok> hparker: Looks like the last message that was sent to them was an ACK from the server.  Before that, it was a DATA packet from them.  I could probably post the response from the server, if it would help.
[21:36:36] <hparker> Not sure on that, sounds like lookout isn't finishing the session
[21:37:20] <tyrok> hparker: There is a packet that goes from the server back to the client that's a "354 End data with <CR><LF>.<CR><LF>" shortly before the first DATA packet.  Would that have anything to do with it?
[21:37:48] <tyrok> hparker: lookout...I'll have to remember that one.  :)
[21:38:00] <hparker> that's normal... Send DATA and end with <CR><LF>.<CR>LF> when you're done
[21:38:42] <tyrok> hparker: Didn't know if that needed to be explicitly stated though.
[21:38:43] <hparker> So, lookout send the data, server acks and awaits <CR><LF>.<CR><LF>
[21:38:45] *** silverblade has quit IRC
[21:39:43] <hparker> Does that system have any other network issues other then lookout not sending mail?
[21:39:58] <tyrok> hparker: Not that I know of.
[21:39:59] *** AcTiVaTe has quit IRC
[21:40:39] <hparker> And it's just the one system having problems? If so, I'd look at AV software that might be messing with it
[21:41:28] <tyrok> hparker: One other thing I should probably add.  They just recently switched from using another e-mail server to this one, and didn't have any problems with the previous one.
[21:41:58] <hparker> no clue on that then, sorry... good luck :P
[21:43:14] <tyrok> hparker: Darn...well, thank you for trying anyway.
[21:43:29] <tyrok> Been fighting this for about three days now - tried putting the client's IP in mynetworks, tried reinstalling a new version of Postfix, tried about everything I can think of.  It's driving me nuts.
[21:43:33] <hparker> I'd still look at the AV software
[21:43:55] *** UQlev has quit IRC
[21:44:05] <tyrok> hparker: Hmmm...they do have a firewall - could be that too...
[21:44:15] <hparker> Is it a PIX?
[21:44:37] <tyrok> hparker: Haven't a clue.  I'm doing this remotely.
[21:44:38] <hparker> It has a "SMTP fix" that is known to cause strange things
[21:45:12] <tyrok> hparker: You mean the fix causes strange things, or not having it does?
[21:45:19] <hparker> having it on does
[21:45:41] <tyrok> hparker: Do you know how to turn it off?
[21:46:09] <hparker> It's obvious from what I've read.. I don't do cisco
[21:47:09] <rob0> !cisco_pix
[21:47:09] <knoba> rob0: "cisco_pix" : The Cisco PIX firewall has a SMTP proxy feature which breaks ESMTP. If your Postfix server is behind such a firewall you should disable the SMTP Fixup feature.
[21:47:22] *** sweeed__ has joined #postfix
[21:47:40] <tyrok> The server isn't behind a PIX firewall, that I know.  But I don't know about the client.
[21:47:52] <hparker> ty rob0
[21:48:06] <rob0> any PIX is one PIX too many
[21:48:15] <tyrok> Sounds like it.  Thanks for the info.
[21:48:18] <rob0> "SMTP fuxup"
[21:48:36] <quieteyes> sux-so networking?
[21:49:55] *** shinao1 has quit IRC
[21:50:34] <tyrok> That's making so much sense it's amazing.  Wouldn't you know it - their old e-mail provider set up the firewall.  This merits looking into.
[21:51:22] <rob0> is the Outhouse client even attempting to auth?
[21:52:16] <tyrok> rob0: Auth is working fine.  You can see that in the packet capture.  It's just that the message is getting interrupted before it finishes sending to us.
[21:52:31] <rob0> oh hmmm
[21:53:06] <rob0> usually PIX will prevent AUTH (because it changes any ESMTP command to "NOOP".)
[21:53:35] <tyrok> rob0: Hmmm - you're right.  Plus, I'm getting an EHLO, which should also be blocked.
[21:53:51] *** _dida_ has joined #postfix
[21:54:52] *** felix_da_catz has joined #postfix
[21:55:32] <tyrok> Also, the same thing happens to the client whether they connect using port 25 or 587.
[21:55:49] *** kithpom has left #postfix
[21:56:18] <tyrok> rob0: Any other ideas?
[21:57:48] <tyrok> Actually, come to think of it, it would be awfully odd for it to be the firewall, as other computers behind the firewall (also running Outlook 2003) are able to send just fine.  It's just this one particular computer.
[21:59:25] *** seekwill has quit IRC
[22:01:33] *** seekwill has joined #postfix
[22:01:38] *** xentrac has joined #postfix
[22:02:05] <xentrac> Hi.  I'm writing a milter to reject unauthorized postings to my Mailman lists at the SMTP level, using the Postfix 2.3.8 in Etch.
[22:03:09] <xentrac> But when my milter responds to the RCPT command with an SMFIR_REJECT, Postfix goes ahead and accepts the RCPT command --- and then later sends a 550 in response to the DATA command.
[22:03:45] <xentrac> This is suboptimal, because it means that in theory someone could send a message to, say, both me and a Mailman list, and the whole message would bounce, and I wouldn't get it.
[22:03:56] *** muecke77 has quit IRC
[22:04:51] <xentrac> Also, it means that spammers will consider the addresses of the mailing lists to be "validated" since the SMTP server accepts the RCPT commands for them, which it doesn't do for random addresses.
[22:05:09] <xentrac> Am I doing something stupid, or is this just a problem in 2.3.8?
[22:07:52] <unsolo> May  9 06:10:00 mail1 postfix/smtpd[6278]: NOQUEUE: reject: RCPT from 148.80-203-33.nextgentel.com[80.203.33.148]: 554 5.7.1 <kristian.jerpetjoen at gmail dot com>: Relay access denied; from=<kristian at customweb dot no> to=<kristian.jerpetjoen at gmail dot com> proto=ESMTP helo=<neon2.lan>
[22:08:00] <unsolo> any ideas how to trace it further ?
[22:08:05] *** rcsu has quit IRC
[22:08:18] <tyrok> xentrac: Any particular reason to use such an old version?
[22:09:04] <xentrac> tyrok: it's the version in Etch, and we're bringing up our server in a new location after moving it across the country, so we're trying to minimize configuration changes
[22:09:13] *** Draecos has joined #postfix
[22:09:25] <xentrac> so that we can debug things that result from the IP change separately from things that result from software updates
[22:09:40] <xentrac> maybe i should look at changelogs
[22:10:08] <tyrok> xentrac: Probably a good idea.  I don't know why it would be doing that.
[22:10:12] * unsolo would like to know where to look ;)
[22:10:41] <tyrok> unsolo: Do you have an auth requirement?
[22:10:47] <xentrac> unsolo: so you want to allow hosts on your local LAN to relay freely?
[22:10:48] <unsolo> hmm maybe i do
[22:11:05] <unsolo> xentrac: no i want all "logged in users"
[22:11:10] <unsolo> to relay freely
[22:11:16] <unsolo> maybe my login fails
[22:11:22] <unsolo> im not a kmail guru
[22:12:38] <xentrac> hmm, I've never set up SMTP authentication, so I don't think I can help
[22:14:14] <tyrok> unsolo: I've done it a couple times, but it's a pain, especially with old software, and I don't think I could do it remotely like this.
[22:14:48] <unsolo> http://workaround.org/articles/ispmail-etch/#step-9-authenticated-smtp
[22:14:51] <unsolo> im using dovecot
[22:15:10] *** seekwill has quit IRC
[22:15:11] <tyrok> unsolo: Dovecot SASL, or just Dovecot POP3/IMAP?
[22:15:37] *** dida_ has quit IRC
[22:16:04] *** UQlev has joined #postfix
[22:17:29] <unsolo> hmm i do not think i have isntalled dovecot sasl the guide does not include that
[22:18:04] <tyrok> unsolo: Don't know.  There are so many ways to set it up it's hard to tell what's going on.
[22:18:22] <unsolo> well it seems to relay locally
[22:18:31] *** [diablo] has quit IRC
[22:18:32] <unsolo> guess i have to look more at configs
[22:18:57] <tyrok> unsolo: That's pretty standard for an auth problem.
[22:20:19] *** lawnchair has quit IRC
[22:22:01] <tyrok> rob0: Have any other guesses as to why that client's connection's getting dropped?
[22:22:12] *** ma3x has quit IRC
[22:22:15] *** ma3x_ has joined #postfix
[22:22:34] <unsolo> tyrok: any way i can debug it deeper ?
[22:23:47] <tyrok> unsolo: Yes, but I'm not familiar with Debian.  Best bet would probably be to ask someone who is.
[22:23:48] <unsolo> hmm guess i can run postfix in front
[22:24:50] <unsolo> im working on a drbd + ocfs2 + ndb_cluster version of the http://workaround.org/articles/ispmail-etch
[22:24:59] <unsolo> turning out quite nicely thus far
[22:25:39] <xentrac> unsolo: sounds hot
[22:26:26] <tyrok> unsolo: Looks like a pretty good config, if you can figure out how to pull it off.  Just taking a quick look, it's surprisingly similar to one of the other setups I put together.
[22:27:26] <unsolo> well i have drbd + ocfs2 + mysql cluster already working nicely
[22:27:26] <donspaulding> rob0: (about my problem an hour ago) postconf -m does indeed list pgsql
[22:27:43] <unsolo> and the drbd contains the vmail
[22:28:02] <unsolo> so all mails + users are shared instantly between the servers
[22:28:03] <donspaulding> (I just upgraded my ubuntu server which was relaying mail like a champ prior to the upgrade).
[22:28:17] <unsolo> btw i think i found it
[22:28:20] <unsolo> reject_unauth_destination
[22:28:29] <tyrok> unsolo: Problem is, on the systems I've done, auth is usually the hard part.  And trying to hammer MySQL into that is even harder.
[22:28:36] <unsolo> will probably cause heddaces on all outgoing mail
[22:28:53] <tyrok> unsolo: Don't have any experience with drbd, ocfs2, or ndb_cluster.
[22:29:09] <tyrok> unsolo: But good luck!
[22:29:11] <unsolo> hehe mysql hammering is donw..
[22:29:29] <unsolo> ndb_cluster is mysql cluster.
[22:29:37] <tyrok> unsolo: Don't speak too soon - you haven't got auth fully working yet.  :)
[22:30:00] <unsolo> tyrok: persistent = 600 with ipvs from the load balancer makes it act as a dedicated server..
[22:30:09] <tyrok> unsolo: I don't mean getting MySQL running.  That's easy.  It's getting everything to work with MySQL that's a pain in the neck.
[22:30:46] <unsolo> tyrok: dovecot seems a lot nicer than courier on many fronts at least.
[22:31:12] *** AcTiVaTe has joined #postfix
[22:31:22] <tyrok> unsolo: By a factor of about 1x10e100, yes.
[22:32:06] *** jellis-real has quit IRC
[22:32:27] *** jelly has quit IRC
[22:32:44] <tyrok> unsolo: But it's still a pain, because there are so many components involved.  Just doing auth, you've got Postfix, Dovecot, MySQL, and possibly pam (depending on your setup), and they usually each have different logs.  And not all of them log all of the information you need.
[22:32:59] <unsolo> yea i know
[22:33:08] <unsolo> i already did the courier on a different less safe setup
[22:33:12] <unsolo> so im moving it to this
[22:33:19] *** pirho has quit IRC
[22:33:49] <tyrok> Well, at any rate, I need to get back to work.  I've got a client that's dropping the connection before they can send a message, and I've got to get that fixed.  Have fun!
[22:39:27] *** ma3x_ is now known as ma3x
[22:40:52] *** kreg has joined #postfix
[22:41:51] <xentrac> oh, I think I figured out what my milter problem is
[22:43:36] *** jelly has joined #postfix
[22:47:09] <unsolo>  so this happens when i mail to a mailuser from another mailuser at the server
[22:47:12] <unsolo> http://rafb.net/p/lrydS315.html
[22:47:16] <unsolo> everything seems fine there..
[22:49:14] *** AcTiVaTe has quit IRC
[22:49:34] <unsolo> and when a user mails out to somewhere else like my gmail account i get the followign
[22:49:39] <unsolo> http://rafb.net/p/BuFNPV15.html
[22:50:09] <unsolo> seems there is some form of auth problem
[22:50:41] *** tyrok has quit IRC
[22:53:48] *** rgl has joined #postfix
[22:53:50] <unsolo> maybe my kmail just doesnt attempt to auth
[22:55:37] *** hemry has quit IRC
[22:55:44] <unsolo> jupp kmail was my killer..
[22:56:18] <unsolo> yay ;)
[22:58:50] <xentrac> yeah, my implementation of the milter protocol was just broken --- the protocol got desynchronized and so the reject was processed in the wrong place
[22:58:51] <donspaulding> if postconf -m lists proxy, is there anything else I have to do to enable the proxymap daemon?
[22:58:54] *** Zblakany has joined #postfix
[22:58:57] <xentrac> wasn't postfix's problem at all
[23:01:20] *** AcTiVaTe has joined #postfix
[23:08:10] *** RainDoctor has joined #postfix
[23:11:22] * unsolo is driven nuts by the fact that he cannot list mail on one of his users..
[23:11:43] <unsolo> but all other work..
[23:12:38] <Trengo> who is "he"?
[23:13:07] <unsolo> its a user on the server
[23:13:17] <unsolo> it seems its sending mails to him privately..
[23:13:24] <unsolo> instead of to the vmail user..
[23:13:24] <Trengo> no, who are "you"
[23:13:44] <unsolo> kristian at customweb dot no
[23:13:53] <unsolo> the username exist on the actual server
[23:14:00] <unsolo> thats why its "acting" up i asume
[23:14:09] <unsolo> other than that it seems all the auth is working
[23:14:45] <Trengo> i thought you meant OS list
[23:14:53] <Trengo> pop3?
[23:17:48] *** githogori_ has quit IRC
[23:19:48] *** quieteyes has left #postfix
[23:23:46] *** Draecos has quit IRC
[23:24:51] <unsolo> tried using squirrel and pop3
[23:24:59] <unsolo> they all end at the user instead of at the vmail
[23:25:03] <unsolo> i wonder why
[23:26:16] *** martianixor has quit IRC
[23:26:48] <Dominian> Probably need to map that user specifically using a transport
[23:26:50] <Dominian> !transport
[23:26:51] <knoba> Dominian: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[23:27:14] <Dominian> I have multiple transports configured depending on what the user wants
[23:27:34] <Dominian> mailman gets its own.. users who don't need sieve filters for IMAP another.. and those who do want sieve filters for IMAP get another transport
[23:29:40] <unsolo> well basically i want all mails to go to the vmail
[23:29:48] <unsolo> no separate transports
[23:29:57] <Dominian> then check your configuration for the default transport..
[23:31:07] *** adaptr has quit IRC
[23:33:02] <unsolo> hmm
[23:33:09] <unsolo> seems his mail ends up in procmail
[23:34:23] <unsolo> mailbox_command = procmail -a "$EXTENSION"
[23:34:28] <unsolo> may be the reason
[23:35:45] *** j_s has quit IRC
[23:35:49] *** felix_da_catz has quit IRC
[23:36:23] <unsolo> jupp uncommenting that one did the trick..
[23:36:24] *** INternat is now known as Internat
[23:36:28] <unsolo> err
[23:36:31] <unsolo> commenting i mean
[23:50:19] *** jra has joined #postfix
[23:52:12] *** lawnchair has joined #postfix

   May 8, 2008  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >