May 16, 2008 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 16, 2008 [00:01:04] <SteveC> Is it possible to put an in-smtpd filter specifically for mail that's going to be relayed, or does it discover that after it's done all it's filtering?[00:02:55] *** Jemt has joined #postfix[00:03:05] <Jemt> Greetz. Can someone help me get Postfix to work? I'm able to send e-mails through TelNet but it dosn't ask me my password (which I want it to). Thunderbird keeps asking for password though, and even though I provide the right password, the mail is not send.[00:03:37] <Jemt> I think SASLAuth is failing[00:04:29] <Jemt> I get this error in my mail.log file : SASL authentication failure: Password verification failed[00:06:24] <Led-Hed> Jemt, what are you using for a MUA and SASL?[00:06:55] <Jemt> Led-Hed: What is MUA ?[00:07:21] <Led-Hed> your POP3/IMAP server[00:07:24] <Jemt> SASL is just "saslauthd"[00:07:38] <Jemt> Ah, Courior for POP3 (which works fine)[00:07:52] *** Zblakany_ has joined #postfix[00:08:09] <Led-Hed> I havent used Cyrus for SASL in a while. Are these local users or Virtual?[00:08:23] <Jemt> Led-Hed: Local users[00:08:44] <Jemt> Same accounts I use for shell access[00:09:48] <Led-Hed> Jemt, I would recommend Dovecot, it makes SASL much easier to setup.[00:10:17] *** McJerry has joined #postfix[00:10:27] <Led-Hed> Jemt, increase the logging level in postfix so you get more detail on the errors[00:10:30] <Jemt> Led-Hed: Oh, I see. Okay, I will look into that tomorrow. I actually found a guide describing how to set up DoveCot[00:10:46] <Led-Hed> Jemt, what version of postfix?[00:10:53] <Jemt> Led-Hed: Just a sec[00:11:29] <Jemt> Led-Hed: 2.3.8-2[00:12:23] <Led-Hed> Jemt, ok. That version supports Dovecot-Auth[00:12:31] *** pirho has joined #postfix[00:12:33] <Jemt> Great :)[00:14:04] <Jemt> Led-Hed: I will head to bed. Thanks for the advice. I will look at it tomorrow :)[00:14:07] <Jemt> Nighty :)[00:14:13] *** Jemt has quit IRC[00:17:19] *** [hC-] has joined #postfix[00:17:55] <[hC-]> what config directive would i look at to specify that only valid FROM domains are allowed to email $mydestination, and others are not?[00:24:28] *** Zblakany has quit IRC[00:25:59] *** havvg has quit IRC[00:34:39] *** visf_ has joined #postfix[00:42:47] *** Knoedel2 has quit IRC[00:45:02] *** seekwill has quit IRC[00:55:51] *** hever has quit IRC[01:01:42] *** hemry has quit IRC[01:02:13] *** felix_da_catz has quit IRC[01:03:21] *** Led-Hed has quit IRC[01:04:32] *** PhilKC has joined #Postfix[01:05:54] *** war9407 has quit IRC[01:07:20] *** McJerry has quit IRC[01:10:31] *** McJerry has joined #postfix[01:15:57] *** c00l2sv has joined #postfix[01:18:02] *** thana has joined #postfix[01:18:10] <thana> hi[01:18:51] <Trengo> hi[01:18:56] <thana> how can i make postfix to establish an ssl protected connection to pgsql looking up some stuff?[01:20:25] <Trengo> i dont know[01:20:44] *** Severed_Head_Of_ has joined #postfix[01:21:27] <Trengo> if you wait a little, im sure someone will tell you something[01:32:58] *** amrit|wrk is now known as amrit|afk[01:37:14] *** growltiger has quit IRC[01:41:41] *** Zblakany_ has quit IRC[01:59:14] *** jstad has quit IRC[02:04:37] *** felix_da_catz has joined #postfix[02:09:42] *** c00l2sv has quit IRC[02:20:03] *** thana has left #postfix[02:30:11] *** lunaphyte_ has quit IRC[02:59:43] *** githogori has quit IRC[03:05:02] *** pirho has quit IRC[03:05:53] *** magyar has quit IRC[03:10:14] *** Tachy_ has joined #postfix[03:21:36] *** Tachy has quit IRC[03:22:49] *** tbic has joined #postfix[03:26:09] *** mysterion has joined #postfix[03:27:58] <tbic> I keep getting "warning: problem talking to server private/graylist: Connection timed out" anyone have an iadea as to what is causing it?[03:28:10] <mysterion> I'm wondering if it's possible to have Postfix 'fork' a message and try two different delivery paths simultaneously. We've got a large cluster of mail servers that we keep live and in-sinc using an LDAP database. And everything's in there: the mailboxes, the mail addresses, virtual addresses, so on, so forth.[03:28:26] *** magyar has joined #postfix[03:29:03] <mysterion> We've got two different delivery paths, remote and local, and we want Postfix to try both of them and, if both check out, deliver to both, or one or the other, or neither, depending on how things are set.[03:30:16] <mysterion> Right now we've got the two LDAP lookups set in virtual_alias_maps, first remote, then local. And currently as soon as one of them appears to be a valid delivery path, it stops any further processing and just delivers to that one path.[03:41:29] *** seekwill has joined #postfix[03:43:07] <mysterion> Actually, some more diving through the postfix config docs tells me that it might be better to do the remote lookup in virtual_alias_maps and the local one in virtual_mailbox_maps. What I'm wondering, then, is if these work in a hierarchical fashion: if it delivers to one, will it then ignore the other, or will it try to deliver there, too?[03:43:38] *** Ryushin has quit IRC[03:43:43] <mysterion> (Umm, I think 'hierarchical' should have been 'chained', but, whatever)[03:44:48] *** [1]felix_da_catz has joined #postfix[03:47:04] *** felix_da_catz has quit IRC[03:47:06] <tbic> mysterion -> can you use procmail or a shell script based transport?[03:52:30] *** jerbear has joined #postfix[03:53:20] <jerbear> postfix is not appending the correct domain to outgoing mail.... /etc/mailname seems correct. any ideas?[03:54:22] <mysterion> Procmail is already our delivery agent, but we want to be able to send the email to a remote address or a local address, or to both a remote address and a local address at the same time, or neither.[03:55:53] *** [hC-] is now known as [hC][03:56:35] <mysterion> if I use procmail to do half of the lookup work, then we'll only be able to send to remote addresses if we can also send to a local address, otherwise Postfix will never send the mail on to procmail[03:57:48] *** magyar has quit IRC[03:58:55] *** lunaphyte_ has joined #postfix[03:59:56] *** magyar has joined #postfix[04:01:19] *** magyar has quit IRC[04:01:24] *** magyar has joined #postfix[04:05:02] *** tbic has quit IRC[04:09:53] *** jerbear has quit IRC[04:19:20] *** githogori has joined #postfix[04:24:54] *** growltiger has joined #postfix[04:32:00] *** xpoint has quit IRC[04:41:51] *** Motoko-chan has joined #postfix[04:42:10] *** Severed_Head_Of_ has quit IRC[04:58:49] *** Zeit|awy_ has quit IRC[05:01:55] *** AndyGraybeal_ is now known as AndyGray_Away[05:03:51] *** AndyGray_Away is now known as AndyGray_Sleep[05:06:41] *** yajith has joined #postfix[05:16:48] *** McJerry has quit IRC[05:42:45] *** m0f0x has quit IRC[06:03:56] *** sahil has joined #postfix[06:30:46] *** [1]felix_da_catz has quit IRC[06:45:51] *** felix_da_catz has joined #postfix[06:51:04] *** visf_ has quit IRC[07:14:00] *** amrit|afk is now known as amrit[07:16:16] *** kk_CHN has joined #postfix[07:16:17] *** bhagat has joined #postfix[07:21:37] *** Radiance has quit IRC[07:21:50] *** Radiance has joined #postfix[07:31:09] *** mysterion has left #postfix[07:49:44] *** lunaphyte_ has quit IRC[07:51:46] *** saurabhb has joined #postfix[08:19:18] *** stefan-f has joined #postfix[08:25:44] *** stony_ has joined #postfix[08:32:26] *** phnord has joined #postfix[08:32:47] *** syneus has joined #postfix[08:35:53] *** mayur_g3 has joined #postfix[08:36:50] <mayur_g3> how to flush mails on postfix?[08:39:00] <Motoko-chan> postfix flush[08:39:21] *** Motoko-chan has quit IRC[08:40:19] *** [1]felix_da_catz has joined #postfix[08:41:33] *** stony__ has quit IRC[08:42:06] <f3ew> define flush?[08:42:34] <SteveC> Anyone know if I can get at transport_maps or relay_domains from within a perl script? Are they using any sort of common library?[08:43:38] <f3ew> SteveC qx #postmap -q $query $transport_maps# ?[08:43:48] <f3ew> what are you trying to do?[08:44:33] *** ming_zym has joined #postfix[08:44:45] *** felix_da_catz has quit IRC[08:44:46] *** [1]felix_da_catz is now known as felix_da_catz[08:50:35] <SteveC> f3ew: wrote a script htat heads off to another SMTP server to check a recipient (and caches it if it's OK)[08:50:59] <mjoseph> the short answer, AFAICT is no[08:51:00] <SteveC> f3ew: I want to get it to check relays and transports accurately[08:51:09] <mjoseph> if you're looking for a way to have postfix "resolve" the address for you[08:51:23] <mjoseph> in theory, one could write something that speaks the postfix protocol and asks trivial-rewrite to resolve it[08:51:28] <mjoseph> but i don't know that anyone has[08:51:34] <mjoseph> if so, i wish they'd tell me[08:52:24] <SteveC> are you talking to me? No, I'm just taking the recipient and matching it against a tranpsort or relay - if there is one, go off to that server and ask it if it will recieve mail for that recipient or not - used in combination with an exchange server that checks recipient filters in-smtp conversation.[08:52:29] *** mayur_g3 is now known as maxquerry[08:52:59] <mjoseph> yes[08:53:13] <mjoseph> i mean, you can implement the resolution logic yourself[08:53:18] <mjoseph> using the method f3ew suggests[08:53:30] <mjoseph> personally, for that sort of thing, i'd really like to ask postfix to do the logic itself[08:53:52] <SteveC> true[08:54:06] <SteveC> but this is better than having a second config file with the same info :)[08:55:09] <mjoseph> sure[08:55:26] <mjoseph> the really frustrating thing is that postfix has a distinct RPC to do just this[08:55:31] <mjoseph> err[08:55:32] <mjoseph> IPC[08:55:37] <f3ew> SteveC, why not just use reject_unverified_recipient?[08:55:39] *** Tonik has quit IRC[08:56:22] <f3ew> http://www.postfix.org/ADDRESS_VERIFICATION_README.html[08:57:00] *** bind123 has joined #postfix[08:57:07] *** pa has joined #postfix[08:57:15] <maxquerry> join #mysql[08:57:20] *** [hC] has quit IRC[08:57:42] <mjoseph> actually[08:57:49] <mjoseph> reminds me, i wonder what the syntax for postkick would be here[08:57:54] *** Tonik has joined #postfix[08:58:09] *** Tonik has quit IRC[09:00:12] *** Tonik has joined #postfix[09:01:43] <SteveC> f3ew: can it do that on a relayed mail? This is anti-dictionary spam verification.[09:03:03] <SteveC> oh, ok - address verification does appear to be doing exactly what the script I wrote last night does.[09:03:53] *** bind123_ has joined #postfix[09:04:24] *** maxquerry_ has joined #postfix[09:04:27] <f3ew> postkick?[09:04:27] * f3ew pokes SteveC[09:04:27] <f3ew> ah[09:04:38] <f3ew> mjoseph, the best bit is that Postfix already does what he wants[09:04:54] *** bind123 has quit IRC[09:04:59] *** bind123_ is now known as bind123[09:05:16] * SteveC wishes someone had mentioned this while he was saying that he was backscattering because he relayed[09:06:09] * SteveC notes that the address_verify_map would be quite useful if it were to only cache successes, not failures.[09:07:25] *** Haris1 has joined #postfix[09:07:27] <Haris1> Hello people[09:07:32] <Haris1> is postfixadmin discussed here?[09:08:03] <f3ew> slightly[09:08:10] <Haris1> hah! nice[09:08:13] <f3ew> SteveC, oops[09:08:23] <SteveC> :)[09:09:48] * f3ew has been too busy for the past few days[09:10:05] <SteveC> Hmm, no time to investigate now, but adding reject_unverified_recipient[09:10:11] <SteveC> stalls my smtpd server.[09:10:26] <Haris1> i'v been busy too[09:10:37] <Haris1> found a second full time job for 1K at night[09:10:37] *** CrazyFoam has joined #postfix[09:10:48] <Haris1> :| It sucks! to be up all night after a full time day[09:11:16] <SteveC> Last time I did that was a as a student. Really cut into my drinking time[09:13:14] <f3ew> SteveC, Postfix will contact the recipient server and verify if it exists[09:13:21] <f3ew> that's going t take time[09:13:31] <SteveC> f3ew: dying at the helo stage[09:13:40] <f3ew> what do the logs say?[09:13:43] <SteveC> dieing, not changing colour :)[09:14:04] <f3ew> I understand that bit[09:14:13] <f3ew> even if English is my third language[09:14:16] <SteveC> erm, I'll look..[09:14:23] * SteveC was joking at his own ineptness :)[09:16:52] *** maxquerry has quit IRC[09:18:43] <padde> this is a bit off-topic... but i guess there are a lot of mail admins here: i'm looking for a straight forward way to separate attachments from incoming mail (leaving only a filename / link in the original mail)[09:20:11] <SteveC> f3ew: do you know if it will accept the mail then silently kill it, or will it reject it in-smtp?[09:20:23] <SteveC> Got a May 16 08:19:16 server50596 postfix/qmgr[28188]: 0CB1B400A5: removed[09:20:34] <SteveC> at the end of the conversation about that mail (which went through OK this time)[09:20:52] <SteveC> Would prefer to have it before amavisd etc.[09:21:05] <SteveC> Ho hum, better take kids to school.[09:21:13] *** Zblakany has joined #postfix[09:22:35] *** maxquerry_ has quit IRC[09:23:00] <Haris1> How do we set language in postfixadmin. The config file?[09:23:11] *** maxquerry has joined #postfix[09:23:12] *** a_ok has joined #postfix[09:23:13] <Haris1> the nutorius! config files![09:24:10] <Haris1> well[09:24:14] <Haris1> no language options in the config file[09:26:56] *** felix_da_catz has quit IRC[09:29:38] *** Fallenou has joined #postfix[09:39:06] *** thana has joined #postfix[09:39:09] <thana> hi[09:39:14] *** Tonik] has joined #postfix[09:39:17] <thana> how can i make postfix to establish an ssl protected connection to pgsql looking up some stuff?[09:53:09] *** mehulved has quit IRC[09:55:32] *** mehulved has joined #postfix[09:57:30] *** Tonik has quit IRC[09:58:12] *** war9407 has joined #postfix[10:00:01] *** harobed has joined #postfix[10:03:23] *** af_ has joined #postfix[10:09:22] *** Tex-Twil has joined #postfix[10:24:59] *** Zblakany has quit IRC[10:29:25] *** maxquerry has quit IRC[10:29:41] *** Tonik has joined #postfix[10:30:03] *** maxquerry has joined #postfix[10:30:33] *** Tonik] has quit IRC[10:30:47] *** suuuper has joined #postfix[10:31:34] *** maxquerry has quit IRC[10:32:03] *** maxquerry has joined #postfix[10:35:18] *** Zeit|awy has joined #postfix[10:37:18] *** _gAri- has joined #postfix[10:45:11] *** rootsvr has joined #postfix[10:53:35] *** madrescher has quit IRC[10:54:23] <SteveC> Are there any configuration items affecting the way reject_unverified_recipient works? It seems to just 'vanish' the email by default?[10:55:58] *** Tonik] has joined #postfix[10:56:25] <SteveC> Or not, maybe it's doing nothing at all for me...?[11:00:02] *** robboplus has quit IRC[11:01:06] *** _zsh has joined #postfix[11:01:41] *** arooni_ has joined #postfix[11:01:44] <arooni_> when sending mail to a SMTP server, with TLS encryption enabled, is it even possible to use a proxy server so that the SMTP server wouldn't know my computer's IP address (for privacy) ? if so , how would it work?[11:05:44] *** muecke77 has joined #Postfix[11:05:59] *** Tex-Twil has quit IRC[11:13:13] *** tonik-- has joined #postfix[11:13:29] *** Tonik has quit IRC[11:15:06] <padde> arooni_: why would you want to do that?[11:15:37] *** yajith has quit IRC[11:15:39] *** INternat has quit IRC[11:15:39] *** roe_ has quit IRC[11:15:41] *** Daviey has quit IRC[11:15:41] *** Signum has quit IRC[11:15:41] *** checkers has quit IRC[11:15:47] <arooni_> to protect my prviacy[11:15:54] *** magyar has quit IRC[11:15:57] *** w0rd54 has quit IRC[11:16:00] <arooni_> i believe in tor[11:16:10] <arooni_> and that my ip address is like my credit card #[11:16:48] *** w0rd54 has joined #postfix[11:16:49] *** magyar has joined #postfix[11:17:16] *** Fallenou has quit IRC[11:17:16] *** anuron has quit IRC[11:17:17] *** goldfischli has quit IRC[11:17:22] <padde> arooni_: shouldn't be a problem with TOR (it's on a lower level than SMTP)[11:17:23] *** Fallenou has joined #postfix[11:17:24] *** anuron has joined #postfix[11:17:38] *** af_ has quit IRC[11:17:42] *** goldfischli has joined #postfix[11:18:12] <arooni_> ahhh... but i'm sending mails programatically[11:18:28] *** yajith has joined #postfix[11:18:28] *** INternat has joined #postfix[11:18:28] *** roe_ has joined #postfix[11:18:28] *** Daviey has joined #postfix[11:18:28] *** Signum has joined #postfix[11:18:28] *** checkers has joined #postfix[11:18:32] <padde> arooni_: what does that have to do with anything?[11:18:32] <arooni_> and i dont know of how i can send mails thru tor[11:18:34] <arooni_> well it means[11:18:41] <arooni_> that tor seems to be running at localhost:8118 a http proxy[11:18:47] <arooni_> which i use for browsing & such[11:18:55] <f3ew> SteveC logs?[11:19:07] <arooni_> but i dont know how i would use tor to mask my ip address when sending emails[11:19:21] <padde> arooni_: tor can work as a SOCKS proxy[11:19:28] <f3ew> arooni_, then all your mail hits my antispam signatures[11:19:33] <padde> arooni_: of course you can't send your mail through a HTTP proxy[11:19:33] <f3ew> and goes bye bye[11:19:34] <arooni_> padde, what is SOCKS?[11:19:45] <arooni_> f3ew, why woudl that hpapen[11:19:48] <padde> arooni_: just use google, please[11:19:54] <arooni_> ok[11:20:14] <padde> arooni_: wisdom will give you better protection than mindlessly applied 'security tools' ;)[11:20:28] <arooni_> thats what i'm trying to pick up in here[11:20:33] <arooni_> some wisdom from you folks[11:22:09] <arooni_> f3ew, so why would my mail hit your antispam thing[11:22:23] <f3ew> if you send mail to my users?[11:22:40] <arooni_> the smtp server would be sending mail to your users[11:22:46] <arooni_> let's say a third party one[11:22:50] <SteveC> f3ew: http://www.pastebin.ca/1019885[11:22:51] <arooni_> like say; hotmail[11:23:00] <SteveC> f3ew: including a telnet to the server that's receiving the relay too.[11:23:22] * SteveC hmm, does that system work on transport as well as relay? I'm not sure of the difference and my domains are set up for both effectively[11:25:37] <SteveC> f3ew: http://www.pastebin.ca/1019887 includes the re-injection too.[11:25:40] *** tonik-- is now known as Tonik[11:26:17] <SteveC> and offending backscatter[11:29:36] *** muecke77 has quit IRC[11:30:13] *** Tonik] has quit IRC[11:43:04] *** INternat has quit IRC[11:44:20] *** pirho has joined #postfix[11:47:03] *** pirho has quit IRC[11:47:16] <SteveC> Ahh, never mind - looks as if the recipient relay checking only happens for non-local connections.[11:50:08] <SteveC> rm /usr/libexec/postfix/check_smtp_recipient.pl :)[11:50:50] *** pirho has joined #postfix[11:52:52] <Haris1> Guys[11:52:59] <Haris1> where do we set language for postfixadmin?[11:56:12] *** INternat has joined #postfix[11:59:05] *** jelly has quit IRC[12:00:50] *** loddafnir has joined #postfix[12:02:04] <jduggan> do access tables undestand cidr notations?[12:02:31] <jduggan> ooh dear, i missed NOTE 2 in man 5 access[12:02:35] <jduggan> they sure do[12:03:45] <sysmonk> jduggan: there are cidr tables[12:07:06] <jduggan> yea i meant note 3 btw :)[12:07:12] <jduggan> not 2, typo on my behalf[12:11:57] *** cpm has joined #postfix[12:19:01] *** CrazyFoam has quit IRC[12:20:18] *** jelly has joined #postfix[12:20:37] *** CrazyFoam has joined #postfix[12:33:16] *** maxquerry has quit IRC[12:33:57] *** [diablo] has joined #postfix[12:36:52] *** hever has joined #postfix[12:42:41] <Haris1> Is there a way to check why we can't send mail to a particular domain?[12:43:01] <Haris1> in a postfix+mysql setup[12:43:46] <SteveC> Haris1: read the logs or bounces and see why it's getting rejected?[12:45:52] <cpm> rejected? refused? bounced? what makes you think you can't send mail to 'a particular domain' ?[12:49:08] <Haris1> well[12:49:17] <Haris1> for example, exim has a way. exim -bt email@address[12:49:22] <Haris1> or exim -bv email@address[12:49:38] <shasta> LOGS[12:49:39] <Haris1> apart from th traditional ways, that is also a way to confirm[12:49:55] <shasta> the source of ultimate truth[12:49:58] <Haris1> this is what I was asking for[12:50:01] *** madrescher has joined #postfix[12:50:39] <cpm> LOGS LOGS LOGS LOGS READ THE FRAKKING LOGS[12:51:46] <Haris1> Ok .. ok[12:52:00] <Haris1> Its good I can't hear you. You'd drive anyone nuts with that much loudness turned on[12:52:01] <Haris1> hehe[12:52:21] <thana> how can i make postfix to establish an ssl protected connection to pgsql looking up some stuff?[12:56:34] *** rootsvr has quit IRC[12:57:47] *** rootsvr has joined #postfix[12:59:46] *** rootsvr has quit IRC[13:00:14] *** Tonik has quit IRC[13:00:21] *** rootsvr has joined #postfix[13:08:49] *** pirho has quit IRC[13:12:07] *** pirho has joined #postfix[13:15:26] *** madrescher has quit IRC[13:24:44] *** bhagat has quit IRC[13:25:49] *** kk_CHN has quit IRC[13:42:56] *** lunaphyte_ has joined #postfix[13:43:20] *** madrescher has joined #postfix[13:44:09] *** Tex-Twil has joined #postfix[13:45:31] *** amimusa has joined #postfix[13:46:16] <amimusa> hi, i need to configure an email address to send to all people. currently it is working but not for the new users. wheer can i set this please ?¿[13:46:18] <amimusa> thanks in advance[13:48:37] <f3ew> amimusa edit the alias_maps table and build the alias[13:50:44] *** saurabhb has quit IRC[13:51:23] <davidj> Hello. I'm getting "mail forwarding loop for postmaster@...." on one server. Mails addressed to postmaster are delivered correctly, but there are 79 deferred messages in the queue. How can I determine the root cause of the problem, or at least clear them out?[13:51:30] *** GoGi has joined #postfix[13:52:35] *** wdp has joined #postfix[13:53:15] <amimusa> f3ew, it is very strange to me that i can 't see the declaration for the other users.explain. there are seven users who recevive from tots at ubilibet dot com, two new users don't. but i can't see in any place the declaration of tots@ubilibet address[13:53:22] <cpm> davidj, you'd probably want to begin by reviewing your logs.[13:53:33] <amimusa> so i don't know what to write in the alias_maps[13:53:41] <amimusa> i use ldap for the accounts[13:53:52] *** tsurko has joined #postfix[13:54:00] *** stony_ is now known as stony[13:54:02] <tsurko> hello[13:54:04] <jpalmer> you can use postsuper to delete the queued messages, but you don't want to do that until you know what is causing them, and the contents of the queued messages.[13:54:17] <cpm> once you figure out (and we'll gladly help) what's misconfigured, clearing the queue won't be difficult but it would be silly to do that before the problem is resolved.[13:54:23] *** yajith has left #postfix[13:54:39] <tsurko> i've a postfix setup which reject mail for external domains - I mean it accepts mail for $mydestination, but rejects mail for yahoo for example[13:54:42] *** cilly has joined #postfix[13:54:50] <tsurko> have you got any idea what might be wrong?[13:55:08] <jpalmer> tsurko: you need either smtp authentication, or to setup mynetworks and use permit_mynetworks[13:56:05] <tsurko> jpalmer, i've smtp auth setup and i think it's working[13:56:16] <tsurko> however the mail is rejected even from localhost[13:56:24] <tsurko> and 127.0.0.1 is in mynetworks[13:56:25] <f3ew> amimusa, your LDAP query needs to return all the users in that case[13:56:30] <jpalmer> tsurko: is your client configured to use the auth? ;)[13:56:33] <Haris1> guys[13:56:37] <tsurko> jpalmer, yes[13:56:41] <Haris1> where do I set language for postfixadmin?[13:56:55] <jpalmer> tsurko: do you have permsit_sasl_authenticated set?[13:56:56] <tsurko> jpalmer, as far as i can see from the logs it is authenticated[13:57:15] <tsurko> yes - before permit_mynetworks[13:57:21] <Haris1> I checked /config.inc.php and config.inc.php.sample. I put LANG="en_US.UTF-8" or LANG="en_US" in /etc/environment but so far, in vain[13:58:10] <jpalmer> tsurko: post an example log to pastebin. if you have smtp auth enabled, the client is using it, and the permit_* line in place, there is no reason for an error as you describe. post logs so I can see the root cause.[13:58:11] <tsurko> the error is recpient address rejected - yahoo.com[13:58:25] <tsurko> ok just a moment[13:58:41] *** cilly has quit IRC[13:58:57] <amimusa> f3ew, how can i verify this, could you help me please ? i don't know too much about postfix and ldap[14:02:21] <tsurko> jpalmer, pastebin.com/d159fdb9e[14:02:50] <davidj> cpm: How can I tell postfix to log where it delivers each message (eg, /home/bob/Maildir/ vs /var/spool/mail/bob) ?[14:03:27] <cpm> davidj, postfix uses syslog, adjust your syslog.conf[14:03:36] <davidj> cpm: I've been reviewing my logs, and I haven't seen the problem yet.[14:03:49] <davidj> cpm: Ah, just direct mail.debug somewhere?[14:05:08] <Haris1> !bcc_recipient_maps[14:05:09] <knoba> Haris1: Error: "bcc_recipient_maps" is not a valid command.[14:05:12] <Haris1> bcc_recipient_maps[14:05:16] <Haris1> hmm[14:05:25] <Haris1> I was told, that this is the only way[14:05:32] <rob0> tsurko: postconf smtpd_recipient_restrictions[14:05:44] * rob0 expects to see a "reject" in there[14:05:48] *** m0f0x has joined #postfix[14:05:49] <Haris1> cpm: jpalmer: rob0: ALL, how can one make postfix store locally and forward a copy to another mail server?[14:06:33] <cpm> !always_bcc[14:06:34] <knoba> cpm: "always_bcc" : a configuration parameter in the main.cf: Optional address that receives a "blind carbon copy" of each message that is received by the Postfix mail system.[14:06:40] <Haris1> someone told me put mydestination's value in relay_domains and empty $mydestiantion[14:06:41] <jpalmer> tsurko: I don't see anything there about the smtp auth working.[14:06:48] <rob0> recipient_bcc_maps, sender_bcc_maps or always_bcc[14:07:07] <Haris1> is the message altered in anyway using these parameters?[14:07:23] <Haris1> or if it the exact copy of what was originally received?[14:08:18] <rob0> one thing it does NOT do is to preserve the original recipient address[es][14:08:20] <Haris1> if=is[14:08:32] <Haris1> that's my point[14:08:37] <Haris1> why I'm not using these[14:08:39] <rob0> but you can save your logs and look it up[14:08:49] <Haris1> o_O[14:08:57] *** suuuper has quit IRC[14:09:03] <Haris1> I can't do it manually each day[14:09:14] <Haris1> Was postfix not programmed with this feature?[14:09:30] <rob0> how often are you digging through archived messages?!?[14:09:36] <Haris1> archived?[14:09:39] <Haris1> these are not archived[14:09:41] <Haris1> these are real[14:10:37] <Haris1> I want the mail server to hand another mail server a copy of the message[14:10:44] <Haris1> like qmail can do[14:10:48] <Haris1> via smtproutes[14:10:56] <Haris1> backup mx[14:11:12] <Haris1> store locally and forward to another mta, btw, both boxes are postfix[14:13:26] <Haris1> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup[14:14:03] <Haris1> line #12[14:14:08] <Haris1> I have all my users in mysql[14:15:55] <Haris1> all I need to do is copy recipient_maps to relay_recipient_maps?[14:15:58] <jpalmer> Haris: thats for a backup MX. not for a "backup of all mails coming into your machine"[14:16:16] <Haris1> jpalmer: I am doing the same[14:16:52] <Haris1> jpalmer: I'm making a primary into a backup and putting up a new primary. I want the backup mx to receive and store mail untill the primary is put live[14:17:07] <Haris1> right now the primary is not configured in dns[14:17:32] <jpalmer> postfix (when configured as an MX) will deliver to the primary MX automatically, you don't have to change anything else. set your "backup" server as a lower priority MX (a higher numbered MX record)[14:17:36] <Haris1> and I'm not archiving. The copy on the current primary is just, so if I don't have any mails on the new primary, I can copy them over. Not lose current mails[14:17:47] <Haris1> yes, it will, but will it also store locally?[14:18:19] <jpalmer> it will queue. you don't want your backup MX to consider the domain to be local (or even virtual)[14:19:59] *** jellis-real has joined #postfix[14:21:02] *** lunaphyte_ has quit IRC[14:22:56] *** stefan-f has quit IRC[14:27:12] *** stickystyle has joined #postfix[14:32:08] *** ramoni has joined #postfix[14:36:09] <tsurko> jpalmer, rob0, sorry, my boss called me[14:36:57] *** felix_da_catz has joined #postfix[14:37:32] <tsurko> jpalmer, I'm using rimap as auth mech, isn't the log from [dovecot] meaning that the auth is owkring?[14:38:12] *** andrewy has joined #postfix[14:39:15] *** havvg has joined #postfix[14:39:56] <jpalmer> tsurko: if you don't see "sasl_username=" in the smtpd line, then the permit_sasl_authenticated directive doesn't match.[14:40:16] *** Tex-Twil has quit IRC[14:40:47] <jpalmer> dovecot has a builtin sasl implementation that works well with postfix, you might want to consider using it[14:40:51] *** andrewy has left #postfix[14:41:11] <tsurko> jpalmer, hm ok, I'll give it a try[14:41:53] *** bind123 has quit IRC[14:42:08] <jpalmer> either that, or add 192.168.1.0/24 to mynetworks, since the mail appears to be sent from your local LAN[14:42:33] <rob0> It wasn't "Relay access denied". That won't help.[14:43:23] <rob0> He has something returning a "reject" for (possibly) any recipient domain.[14:43:40] * cpm denies rob0[14:44:18] <jpalmer> oh, good catch. I glazed right over that assuming it was a relay problem.[14:45:31] *** lunaphyte_ has joined #postfix[14:45:36] <tsurko> jpalmer, it's not, the mail from localhost is rejected too[14:45:53] <tsurko> the only mail accepted is for $mydestination[14:46:24] *** lunaphyte_ has quit IRC[14:47:31] <jpalmer> tsurko: pastebin your entire smtpd_recipient_restrictions stanza, please[14:47:47] <tsurko> jpalmer, okay, just a sec[14:48:58] <tsurko> http://pastebin.com/d6639ad44[14:49:36] *** lunaphyte_ has joined #postfix[14:49:39] <tsurko> default_transport = error[14:49:39] <tsurko> relay_transport = error[14:49:50] <tsurko> I think this is not supposed to be in the conf[14:49:53] <tsurko> am i right?[14:50:31] <tsurko> I've installed it via debs, and in the installation i've selected local delivery only[14:51:28] <tsurko> I am incredibly stupid![14:51:53] <tsurko> sorry for wasting your time and many thanks for the help![14:52:32] <jpalmer> you probably want default_transport = smtp and relay_transport = relay[14:52:43] <tsurko> yes, exactly[14:53:00] <rob0> or just REMOVE settings that are silly[14:53:32] *** robboplus has joined #postfix[14:55:38] <jpalmer> tsurko: you'd probably be wise to move the permit_mynetworks and permit_sasl_authenticated to to beginning of the smtpd_recipients_restrictions, before the rejects, also. if they are valid users, you probably don't want them rejected for other reasons[14:56:24] <tsurko> jpalmer, you are right, thank you[15:01:28] *** Draecos has joined #postfix[15:05:36] <davidj> I need help determining the root cause of my mail loop. The logs don't have enough detail in them at the moment; how do I increase their verbosity?[15:08:04] <rob0> How do you know there's not enough detail? Chances are, between your config and the logs, the cause would be obvious. Pastebin "postconf -n" with a relevant section of logs.[15:08:43] <davidj> ok[15:08:56] * SteveC yeys for his mail server having a float ofa mere 62 emails - most of which should evaporate over the next 24 hrs as they're probably backscatter anyway :)[15:09:29] <davidj> I'm sure this is backscatter.[15:09:34] <davidj> Most of it, anyway.[15:09:46] <davidj> ! tell davidj pastbin[15:09:46] <knoba> davidj: Error: No factoid matches that key.[15:09:49] <davidj> ! tell davidj pastebin[15:13:20] *** keffff has joined #postfix[15:14:32] *** keffer has quit IRC[15:14:39] *** keffff is now known as keffer[15:18:40] <davidj> rob0: I've put postconf -n and part of the log at http://rafb.net/p/jeBUWf61.html[15:19:43] <davidj> Do you have any suggestions?[15:20:18] *** wdp has quit IRC[15:28:01] <rob0> "relevant section" means a whole chunk, showing the initial submission and a whole iteration of the loop. Also, myhostname and mydomain are not set (unwise), so they're defaults, but I would need to know the actual values.[15:28:48] *** gentgeen__ has joined #postfix[15:29:53] *** anonymouz666 has joined #postfix[15:31:43] <davidj> rob0: The log in question is 11,000 lines long, and the initial submissions have rolled off the logs.[15:31:59] <davidj> rob0: I will set myhostname and mydomain explicitly.[15:33:07] <anonymouz666> postfix/smtp[21598]: warning: SASL authentication failure: No worthy mechs found[15:33:09] <anonymouz666> WTF?[15:33:17] <anonymouz666> this is google[15:33:53] <anonymouz666> relaying to google's SMTP[15:34:53] <anonymouz666> postfix 2.3[15:34:56] <anonymouz666> SASL cert everything ok.[15:36:27] *** _sho_ has joined #postfix[15:36:33] <_sho_> whats the difference between -r and -f[15:36:38] <_sho_> man page says they are the same[15:37:36] <sysmonk> r is r, and f is f[15:38:02] *** shinao1 has joined #postfix[15:40:13] <anonymouz666> SASL authentication failed; cannot authenticate to server server.gmail.com[74.125.45.111]: no mechanism available)[15:40:38] *** arooni_ has quit IRC[15:40:57] *** Knoedel2 has joined #postfix[15:41:31] *** lunaphyte_ has quit IRC[15:42:59] *** arooni_ has joined #postfix[15:46:05] <_sho_> sysmonk: uh. is that sarcasm?[15:46:18] <_sho_> the man page says they are _completely_ identical[15:46:29] <_sho_> but doesnt say they are identical[15:46:34] <_sho_> is f legacy?[15:49:15] <thana> how can i make postfix to establish an ssl protected connection to pgsql looking up some stuff?[15:51:11] <f3ew> thana, the same way as any other app?[15:51:25] <anonymouz666> f3ew![15:51:41] <f3ew> anonymouz666?[15:52:22] <anonymouz666> f3ew: do you ever try to use postfix to relay to google's MX servers?[15:52:25] <anonymouz666> using TLS[15:52:44] <anonymouz666> or any other server that requires TLS[15:52:45] <f3ew> no[15:52:52] <f3ew> but there are lots of errors[15:52:55] *** Ryushin has joined #postfix[15:53:13] <f3ew> aqrgh[15:53:16] <f3ew> HOWTOs[15:53:31] *** Draecos has quit IRC[15:53:37] *** seekwill has quit IRC[15:53:39] <anonymouz666> do you have specific one to suggest?[15:53:42] <anonymouz666> I was using the http://www.darryl.cain.com.au/postfix/[15:55:30] *** Sypher has joined #postfix[15:57:14] <anonymouz666> the certificate part is working just fine.[15:57:18] <thana> f3ew: unfortunately not[15:57:25] <anonymouz666> no errors at all.[15:57:47] *** felix_da_catz has quit IRC[15:58:18] <thana> f3ew: it always tries to connect to pgsql without ssl. but with psql i can connect tp pgsql using ssl from the same host![15:59:32] <f3ew> hmmm[16:00:47] <thana> i had the same problem with dovecot (running on the same host like postfix). but postfix provides the possibility to set some connection-parameters, so i forced it to use ssl and now it works fine for fovecot[16:00:53] <thana> *dovecote[16:01:45] <rob0> _sho_: "the man page" doesn't tell us WHICH man page you mean. Anyway, if it's a Postfix manual, and it says -f/-r are identical, I would believe it.[16:02:06] *** lunaphyte_ has joined #postfix[16:04:08] <shasta> erm[16:04:28] <shasta> why would you want to use SSL overhead for connections ON THE SAME HOST?[16:04:42] <shasta> it's just waste of resources[16:05:24] <thana> shasta: misunderstanding. dovecote and postfix are running on the same host. pg doesn'[16:05:27] <thana> t[16:05:30] <shasta> oh[16:05:37] <shasta> that makes more sense[16:05:41] <thana> :-)[16:06:22] <shasta> workaround: setup a vpn tunnel between these machines :>[16:06:42] <rob0> And you looked in the PG_README ... and then ...[16:07:12] <thana> rob0: yes, but couldn't find the words "ssl" or "libpq" in there[16:07:13] *** Haris1 has quit IRC[16:07:22] <rob0> PGSQL_ actually, ok.[16:07:25] *** Spec has joined #postfix[16:07:26] <davidj> rob0: What should I do next to determine the root cause of my routing loop?[16:10:14] *** wdp has joined #postfix[16:12:06] <sysmonk> _sho_: yes, that was sarcasm, cause we don't even know what command you're talking about[16:13:00] <shasta> hm[16:13:07] <rob0> "rolled off the logs"?? You didn't answer my question, and you didn't pastebin an interation of the loop.[16:13:39] <shasta> thana, if I read the postfix source and pgsql documentation correctly, postfix should "negotiate" ssl connection if pgsql server supports it[16:14:16] <thana> shasta: yes that's right and that's the point i just don't understand. ACTUALLY sll should work[16:14:22] *** _sho_ has left #postfix[16:14:26] <thana> i just can't figure out why it does not[16:14:37] <shasta> I'd blame pgsql server then[16:15:00] <thana> shasta: dovecot and psql are able to establish an ssl protected con...[16:15:14] <shasta> postfix does: if ((host->db = PQsetdbLogin(host->name, host->port, NULL, NULL, dbname, username, password)) == NULL [...][16:15:18] *** seekwill has joined #postfix[16:15:26] <shasta> and reading http://www.postgresql.org/docs/8.1/static/libpq.html says:[16:15:31] <thana> yepp, found this fact, too[16:15:44] <shasta> PQsetdbLogin - Makes a new connection to the database server. (...) This is the predecessor of PQconnectdb with a fixed set of parameters. It has the same functionality except that the missing parameters will always take on default values. Write NULL or an empty string for any one of the fixed parameters that is to be defaulted.[16:16:08] <thana> currently i'm trying to find out if the standard-behavior if NULL is given is hard coded or configurable[16:16:19] <thana> but i'm not an c/c++ speaker :)[16:16:44] <shasta> PGconn *PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName, const char *login, const char *pwd);[16:16:58] <shasta> so there's even no place for 'sslmode'[16:17:02] <davidj> rob0: Sorry, I'm not sure what you mean by a "full iteration of the loop"[16:17:03] <thana> it is[16:17:12] <shasta> and sslmode: This option determines whether or with what priority an SSL connection will be negotiated with the server. There are four modes: disable will attempt only an unencrypted SSL connection; allow will negotiate, trying first a non-SSL connection, then if that fails, trying an SSL connection; prefer (the default) will negotiate, trying first an SSL connection, then if that fails, trying a regular non-SSL connection; require will try only an SSL[16:17:12] <thana> shasta: const char *pgoptions[16:17:18] <shasta> thana, no[16:17:28] <shasta> options: Command-line options to be sent to the server.[16:17:37] <davidj> Should I, for example, grep for a specific message in the log? Would that show everything I need?[16:18:25] <thana> shasta: by default, if no ssl mode is given, ssl is "preferred"[16:18:46] <shasta> [16:13:39] < shasta> thana, if I read the postfix source and pgsql documentation correctly, postfix should "negotiate" ssl connection if pgsql server supports it[16:18:51] <shasta> that's what I said ;)[16:19:11] <thana> shasta: i aggree with you. but it doesn't solve the problem[16:19:34] <shasta> dump the network traffic between those two machines[16:19:37] <shasta> see what's going on[16:19:53] <thana> good idea[16:19:54] *** madrescher has quit IRC[16:19:55] <shasta> wireshark will be handy[16:20:00] <davidj> rob0: http://rafb.net/p/MWxRdH49.html has the answers to your questions, as well as what I think is a complete iteration of a loop.[16:20:03] <shasta> it can decode pgsql protocol IIRC[16:20:27] <shasta> or there's a separate plugin for that[16:20:30] <shasta> http://wiki.wireshark.org/PostgresProtocol[16:21:23] *** madrescher has joined #postfix[16:21:32] <shasta> s/plugin/dissector/[16:26:06] <shasta> and suddenly #postfix become quiet[16:26:22] <shasta> I suspect everyone's listening to thana's network traffic ;)[16:28:47] *** adj has joined #postfix[16:30:13] <adj> hi. i'm having a terrible time getting my server to send mail from AUTH'ed users. i can successfully auth against dovecot's sasl provider, but the server keeps rejecting the sender address when i try to send[16:30:47] <adj> i'm fairly sure its something simple i'm missing, but i can't seem to find it :/[16:31:28] <mwalling> !logs[16:31:29] <knoba> mwalling: "logs" : by default, postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going.[16:33:30] *** githogori has quit IRC[16:33:57] <rob0> The unqualified address postmaster@localhost is having .$myorigin appended (append_dot_myorigin = yes, default). Normally "postmaster" should be in alias_maps pointed to "root", and "root" in turn should point to a real user. Since it's all local(8)/qmgr(8) tossing the same queue ID back and forth, I'd guess that there might be a .forward file involved.[16:37:17] *** anonymouz666 has quit IRC[16:37:53] <adj> ok. i figured out the auth problem on one server, but oddly enough i cannot send email from myself to myself. i get a Temporary lookup failure after warning: dict_ldap_lookup: Search error 4: Size limit exceeded[16:41:18] <rob0> So your LDAP lookup, whatever that might be (my crystal ball doesn't say) is failing. Bad query syntax or problem on the slapd maybe.[16:41:46] <adj> the query is fine. it just returns two uid's, instead of one[16:42:13] <thana> shasta: i just don't have a clue. it always says "no pg_hba.conf entry for host x.y.z.a SSL disabled" -- of course it's not, but there is one for SSL enabled :-([16:42:40] <rob0> If it should return only one UID, then perhaps it's not fine. :)[16:43:30] *** _zsh has quit IRC[16:43:37] *** wdp has quit IRC[16:44:46] <adj> why should it return only one UID?[16:46:24] <adj> i can make the query limit the results to one, but its strange to me that i would have to[16:47:28] *** AndyGray_Sleep has quit IRC[16:56:33] *** rootsvr_ has joined #postfix[17:01:07] *** pa has quit IRC[17:01:25] *** Trengo has quit IRC[17:01:33] *** tsurko has quit IRC[17:02:48] *** Trengo has joined #postfix[17:02:55] <shasta> thana, pastebin your pg_hba.conf then[17:04:12] <thana> shasta: what do you expect to find in there?[17:05:08] <davidj> rob0: I've decided to punt on the root cause analysis for now, I'll revisit it when it reoccurs.[17:05:58] <davidj> ! tell davidj etrn[17:05:59] <knoba> davidj: Error: No factoid matches that key.[17:07:27] *** lunaphyte_ has quit IRC[17:09:52] <shasta> thana, errors, of course :->[17:10:22] <thana> shasta: i'm sorry, but there aren't :-) it's absolutley correkt[17:10:59] <shasta> apparently your postgres says something else, I'm not going to argue with that :-P[17:11:45] <thana> shasta: no it doesn't it says just the truth :)[17:12:40] <thana> shasta: postfix says in its mail.log:[17:12:41] <thana> warning: connect to pgsql server <sql-server-domain>: FATAL: kein pg_hba.conf-Eintrag f??r Host <postfix-ip>, Benutzer ??postfix??, Datenbank ??mailsys??, SSL aus?[17:13:36] <thana> translated to english: "warning connect to pgsql server <...>: no pg_hba.conf-Entry for host <postfix-ip> user postfix, database mailsys, ssl disabled"[17:13:46] <thana> and thats absoluty correct[17:13:49] *** rootsvr has quit IRC[17:13:50] <thana> there is no[17:15:04] <thana> th pg_hby entry looks like "hostssl mailsys +mailsys <postfix-ip>/32 md5"[17:15:11] <thana> and postfix is in group mailsys[17:15:43] <thana> as i said befor: using the same login details like the postfix server from the same host like the postfix-server it works wonderfull[17:16:29] <shasta> postfix spits out error returned by libpq[17:16:36] <shasta> I'd still blame postgres :->[17:16:37] <thana> correct[17:16:59] <thana> that's nearly impossible[17:17:20] <thana> i just can't understand why you ignore the fact that using psql it works[17:17:37] <shasta> you can't get any more from postfix side - no config params for that[17:17:52] <davidj> thana: What is the exact command line you use with psql?[17:18:31] <thana> davidj: psql --host <db_host_like_postfix> --user postfix --password --dbname mailsys[17:18:46] <thana> s/db_host_like_postfix/db_host_like_postfix_use :)[17:22:27] <davidj> thana: Is <db_host_like_postfix> an IP address or a hostname?[17:22:39] <thana> davidj: hostname[17:22:54] <thana> (in both cases)[17:22:59] <davidj> Is that hostname listed in /etc/hosts?[17:23:00] *** Sypher has quit IRC[17:23:13] <thana> davidj: nope[17:23:46] <davidj> Does that hostname resolve to 127.0.0.1?[17:24:16] <f3ew> thana, http://archives.postgresql.org/pgsql-novice/2006-11/msg00147.php[17:24:38] <thana> davidj: nope, furthermore it work if i change the line in pg_hba from hostssl to host[17:25:16] <f3ew> thana was Postfix compiled with SSL support?[17:25:22] <f3ew> http://ubuntuforums.org/showthread.php?t=332269[17:25:47] <thana> f3ew: i think so. it depends on the package libpq5 which depends on libssl[17:28:17] *** lunaphyte_ has joined #postfix[17:28:23] <thana> shouldn't libpq handle this ssl stuff itself?[17:28:34] <f3ew> thana, true[17:28:42] <f3ew> How about the Ubuntu suggestion?[17:29:08] <thana> f3ew: this says "No Thread specified. If you followed a valid link, please notify the administrator"[17:29:10] <shasta> oh well, with debian and ssl you can never know...[17:29:11] <shasta> ;-P[17:29:19] *** adj has left #postfix[17:29:22] <thana> shasta: i just waited for that comment :p[17:29:57] <f3ew> thana, might as well ask in #postgresql or on postfix-users[17:30:50] <shasta> hm[17:31:21] <shasta> thana, ldd /usr/lib/libpq.so[17:31:50] <thana> f3ew: they say it was the default to prefer the SSL connection if no sslmode is given[17:32:13] <shasta> once again, exactly what I said ;)[17:32:26] <thana> # ldd /usr/lib/libpq.so.5 linux-vdso.so.1 => (0x00007fff3e5fe000) libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00002aac6c7ab000)[17:32:57] <thana> shasta: we know you said it befor. but it doesn't help in any way :)[17:33:51] <shasta> but it makes me look smart! ;)[17:34:03] *** donspaulding has joined #postfix[17:34:10] <shasta> honestly, I have no other ideas but tweaking pgsql/libpq[17:34:11] <thana> shasta: :-)[17:34:37] *** madrescher has quit IRC[17:34:42] <donspaulding> are SMTP headers that were tacked on to the message before DATA? or inside of the DATA section?[17:34:54] *** madrescher has joined #postfix[17:35:27] <donspaulding> like the Received: headers, are they part of the message itself, or does the previous hop just repeat it in between RCPT TO and DATA?[17:36:00] <shasta> they are part of the message[17:36:31] <f3ew> donspaulding post data[17:38:15] *** Tex-Twil has joined #postfix[17:39:44] *** rootsvr_ has quit IRC[17:52:54] *** [diablo] has quit IRC[17:53:42] <donspaulding> shasta: f3ew: Thanks.[17:53:43] *** sysmonk has quit IRC[17:53:55] *** madrescher has quit IRC[17:54:39] <donspaulding> so is there any delimiter between the old headers and the original message inside DATA.[17:55:09] <rob0> No, but you can figure it out by reading carefully.[17:58:21] *** githogori has joined #postfix[17:58:57] <pUmkInhEd> good morning #postfix, i am trying to rewrite addresses, i use relay_domains and transport to get mail to my exchange server, and i have a list of emails i would like the address rewritten on, virtual_alias_maps doesnt support this (it cant be used with relay domains)[17:59:00] <pUmkInhEd> so what can?[18:04:29] *** madrescher has joined #postfix[18:04:45] *** hparker has quit IRC[18:04:52] <shasta> thana, what happens if you add both host and hostssl lines to your pg_hba.conf?[18:05:38] <shasta> and add some debugging to your pgsql daemon[18:05:40] *** Fallenou has quit IRC[18:05:41] <shasta> maybe it helps[18:06:26] *** hparker has joined #postfix[18:08:42] <thana> shasta: works without ssl[18:10:15] <rob0> Wrong: "virtual_alias_maps ... cant be used with relay domains". virtual_alias_maps applies to all addresses in ANY address class.[18:11:29] *** syneus has quit IRC[18:15:01] *** Tex-Twil has quit IRC[18:16:18] <pUmkInhEd> rob0: ok, i will give it a shot[18:17:19] *** wdp has joined #postfix[18:18:34] <ananke> for virtual_alias_maps, can you specify multiple maps?[18:19:49] <pUmkInhEd> rob0: i get 550 Recipient address rejected: User unknown in relay recipient table;, so those users still need to be in my relay_map[18:20:00] <pUmkInhEd> let me try that too[18:20:01] <pUmkInhEd> :)[18:21:58] <pUmkInhEd> rob0: it did not rewrite the address :([18:26:54] *** muecke77 has joined #Postfix[18:29:09] *** sysmonk has joined #postfix[18:30:12] *** muecke77 has left #Postfix[18:30:21] *** action09 has joined #postfix[18:36:15] *** lunaphyte_ has quit IRC[18:36:28] <donspaulding> pUmkInhEd: you may want to try out postmap -q to see if the user is indeed in the table correctly.[18:37:24] *** anonymouz666 has joined #postfix[18:37:43] <donspaulding> ananke: something like me at virtual dot com: me2 at real dot com, you2 at real dot com, you3 at alsoreal dot com is possible.[18:37:58] <donspaulding> ananke: I believe*[18:40:20] *** goudkov has joined #postfix[18:40:41] *** madrescher has quit IRC[18:41:27] <goudkov> hi guys, i have two ip addresses on the box. i'm using one ip to send my regular mail. i also have a message board that sends out email notifications. is there a way to make postfix send out that email using the other ip address on the box? without running a second instance of postfix?[18:43:14] <Dominian> eh..[18:43:16] <Dominian> not that I know of[18:43:28] *** suuuper has joined #postfix[18:43:44] <goudkov> i know there is a way of specifying a relay based on the from address, but there doesn't seem to be a way of setting smtp bind dynamically[18:43:59] <Dominian> right[18:44:09] <goudkov> i used to run 3 instances of postifx, but i'm switching boxes and want to clear things up a bit[18:44:16] *** wdp has quit IRC[18:44:17] *** robboplus has quit IRC[18:44:17] *** hever has quit IRC[18:44:17] *** Radiance has quit IRC[18:44:19] *** F|oFF has quit IRC[18:44:20] *** chrisq has quit IRC[18:44:21] *** manlymatt83 has quit IRC[18:44:21] *** rizi has quit IRC[18:44:21] *** mXr has quit IRC[18:44:21] *** kiliko has quit IRC[18:44:21] *** echinos has quit IRC[18:44:22] *** padde has quit IRC[18:44:22] *** madclicker has quit IRC[18:44:32] <goudkov> hmm, a network split?[18:44:52] <rob0> ananke, yes, and I think they're checked in order, such that a match in the first one would bypass further checking.[18:45:14] *** robboplus has joined #postfix[18:45:14] *** hever has joined #postfix[18:45:14] *** Radiance has joined #postfix[18:45:14] *** F|oFF has joined #postfix[18:45:14] *** chrisq has joined #postfix[18:45:14] *** manlymatt83 has joined #postfix[18:45:14] *** padde has joined #postfix[18:45:14] *** kiliko has joined #postfix[18:45:14] *** madclicker has joined #postfix[18:45:14] *** echinos has joined #postfix[18:45:14] *** rizi has joined #postfix[18:45:14] *** mXr has joined #postfix[18:45:17] *** wdp has joined #postfix[18:45:17] *** zuez has quit IRC[18:45:26] *** zuez has joined #postfix[18:47:02] *** madclicker has quit IRC[18:47:13] *** harobed has quit IRC[18:47:25] *** madclicker has joined #postfix[18:48:26] *** joebob has joined #postfix[18:50:57] <joebob> I've got a question about one of my email clients. I can send email fine from their address to an address and when they try to send email from their ADP software which uses outlook to send mail they get this in return: "was considered unsolicited bulk e-mail" does this just mean that their outlook isn't set up to use smtp authentication?[18:51:54] <rob0> huh[18:52:22] <rob0> "get this in return"[18:53:41] *** rootsvr has joined #postfix[18:53:47] *** ayeuu has joined #postfix[18:54:43] *** quieteyes has joined #postfix[18:55:12] <joebob> rob0 that is the error message they get back after sending along with a 5.7.1 error[18:55:32] <joebob> I'm just wondering if that is a standard message my postfix server is sending them back[18:55:40] <rob0> !debug[18:55:41] <knoba> rob0: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .[18:55:56] *** shinao1 has quit IRC[18:56:23] *** joebob has quit IRC[18:56:40] <ayeuu> hi there, i need help for pouting off addresses *.toto at toto dot com ; I've try this : "transport_maps = regexp:/etc/postfix/transport" and "/(.*)toto at toto dot com/ 450" in this file, but that's not the correct solution[18:56:48] <ayeuu> can someone help me please ?[18:57:08] <ayeuu> (i've got "mail transport unavailable" in the log)[18:57:34] <rob0> yikes.[18:58:35] *** amimusa has quit IRC[18:59:01] *** rootsvr has quit IRC[18:59:12] *** wdp has quit IRC[18:59:12] *** F|oFF has quit IRC[18:59:12] *** rizi has quit IRC[18:59:12] *** Radiance has quit IRC[18:59:13] *** mXr has quit IRC[18:59:13] *** echinos has quit IRC[18:59:14] *** kiliko has quit IRC[18:59:14] *** hever has quit IRC[18:59:14] *** padde has quit IRC[18:59:14] *** manlymatt83 has quit IRC[18:59:17] *** chrisq has quit IRC[18:59:17] *** robboplus has quit IRC[18:59:17] <rob0> First, that's not an appropriate use of transport_maps.[18:59:36] <rob0> Second, it's not proper regexp syntax.[18:59:37] *** McJerry has joined #postfix[18:59:43] *** Severed_Head_Of_ has joined #postfix[18:59:44] <ayeuu> ^^[18:59:58] <ayeuu> ok, so how to do what I need please ?[19:00:45] <rob0> What is the goal in real terms?[19:01:32] *** wdp has joined #postfix[19:01:32] *** robboplus has joined #postfix[19:01:32] *** hever has joined #postfix[19:01:32] *** Radiance has joined #postfix[19:01:32] *** F|oFF has joined #postfix[19:01:32] *** chrisq has joined #postfix[19:01:32] *** manlymatt83 has joined #postfix[19:01:32] *** padde has joined #postfix[19:01:32] *** kiliko has joined #postfix[19:01:32] *** echinos has joined #postfix[19:01:32] *** rizi has joined #postfix[19:01:32] *** mXr has joined #postfix[19:02:37] *** manlymatt83 has quit IRC[19:02:47] *** echinos has quit IRC[19:02:58] *** tshine has joined #postfix[19:03:11] <ayeuu> I've got a MX master that is flooded; I've put an slave MX for helping it; all spams are for *toto at toto dot com (it's not a real user) so I need to reject silently all mails for *toto at toto dot com[19:03:32] <rob0> silently?[19:03:46] <ayeuu> without a mail that say "go away"[19:03:51] <soren> Returning 450 is not silent.[19:03:55] <ayeuu> oups[19:04:03] <rob0> REJECT, don't discard.[19:04:06] <soren> Just accept it and stuff it in /dev/null.[19:04:17] <rob0> No way, that's wrong.[19:04:18] <ayeuu> yes, but how ?[19:04:27] <rob0> check_recipient_access[19:05:00] *** echinos has joined #postfix[19:06:21] <ayeuu> hum, here is my check_recipient_access (pcre) : /./ FILTER dspam:unix:/var/spool/postfix/var/run/dspam.sock[19:06:48] <rob0> so?[19:07:02] <ayeuu> I can do something like /^(.*)*toto at toto dot com/ DROP ?[19:08:49] *** rizi has quit IRC[19:09:00] *** rizi has joined #postfix[19:09:31] *** anonymouz666 has left #postfix[19:09:52] <rob0> I would suggest that you stop guessing and start reading, "man 5 access", and if you're going to use pcre/regexp, learn how to construct a safe and ANCHORED expression. Do you know what "*" is? How about "."? You anchored the beginning "^" needlessly, but not the end.[19:11:30] <rob0> I have no clue as to whether or not this will help the "flooded MX master".[19:11:33] <ayeuu> .* = all befor[19:12:51] *** halflife has joined #postfix[19:13:09] <halflife> hello folks i am getting this error postfix/postdrop[16689]: warning: mail_queue_enter: create file maildrop where do i look for the potential problems ?[19:13:31] <ayeuu> /(.*)toto at toto dot com/ will be the same no; anyway, reading the man 5 access; but that take time .. that's only for that[19:15:00] *** growltiger has quit IRC[19:15:11] *** manlymatt83 has joined #postfix[19:19:39] *** madclicker has quit IRC[19:23:20] *** jellis-real has quit IRC[19:28:32] *** madclicker has joined #postfix[19:31:08] *** lunaphyte_ has joined #postfix[19:32:46] <ayeuu> discard doesn't seems to work :/[19:34:08] *** goudkov has quit IRC[19:38:53] <ayeuu> don't want to sleep here; thx anyway rob0[19:41:30] *** Motoko-chan has joined #postfix[19:46:57] <pUmkInhEd> rob0: virtual alias maps work like a charm, just had to learn2pay attention to file format[19:47:05] <pUmkInhEd> thanks[19:47:21] *** wdp has quit IRC[19:47:26] *** thana has left #postfix[19:47:32] *** madclicker has quit IRC[19:49:48] *** the_empty has joined #postfix[19:49:56] *** madclicker has joined #postfix[19:51:23] *** pettersen has joined #postfix[19:51:24] <pettersen> hello[19:51:29] <pettersen> i'm using postfix and postgrey[19:51:39] <pettersen> but somehow some important e-mails never get through[19:51:49] <pettersen> is there any way to have a "safe list" to add domains to?[19:54:32] *** ChrisC35 has joined #postfix[19:55:11] <Motoko-chan> I believe postgrey has user-defined whitelists.[19:55:27] <Motoko-chan> Do most of those important e-mails get sent directly from MS Exchange?[19:55:38] <Motoko-chan> If so, there is a patch to fix Exchange because that is a bug.[19:56:15] <ChrisC35> I think my server is hacked, i'm getting lots of bounces back to one of my email addresses, which look legitimate. I went into VirtualMin, clicked Help, and got this message: Security Warning Warning! Webmin has detected that the program /help.cgi/virtual-server/limits was linked to from an unknown URL, which appears to be outside the Webmin server. This may be an attempt to trick your server into executing a dangerous command.[19:56:55] <pettersen> thanks[19:56:58] <ChrisC35> what should I do?[19:57:12] <the_empty> ChrisC35 - you should do access control on your webmin- that thing is a massive security problem and always has been[19:58:15] <the_empty> but the bounce backscatter COULD just be spammers using you as the envelope sender without using your server at all... do headers indicate it came form your server?[19:58:52] <ChrisC35> what do you mean by access control?[19:59:05] <ChrisC35> I'll look[20:00:41] *** mwalling has quit IRC[20:00:46] *** mwalling has joined #postfix[20:02:09] *** jellis-real has joined #postfix[20:02:54] *** wdp has joined #postfix[20:03:23] <ChrisC35> how can I tell? (if it came from my server)[20:04:52] *** Alfrenovsky has joined #postfix[20:05:09] <pUmkInhEd> in the bounced message headers, do you see your hostname/ip?[20:05:51] <ChrisC35> Received: from spamfilter2.phylax.nl (unknown [194.123.186.90])[20:05:51] <ChrisC35> by kermit.webinfuse.com (Postfix) with ESMTP id 936B157B809A[20:05:51] <ChrisC35> for <chris at chriscorrigan dot net>; Thu, 15 May 2008 23:43:48 -0700 (PDT)[20:05:58] <ChrisC35> kermit.webinfuse.com is my server[20:06:59] <Alfrenovsky> I'm new in postfix, I have a server (not configured by me) with postgrey and when I send a mail, because the other servers are checking via call back and my postfix greylistes all, all my outgoing mails needs a retry[20:07:18] <ChrisC35> the_empty what did you mean by access control? we have logins for webmin, and they are set to use tne nix accounts[20:07:22] <rob0> Sounds like classic backscatter from a clueless spam/virus filter, but I don't have time nor inclination to explain everything about how email works.[20:07:25] <Alfrenovsky> postgrey should not greylist the mails from a null "<>" sender[20:07:30] <ChrisC35> should I be turning off the webmin server when its not being used[20:07:51] *** anonymouz666 has joined #postfix[20:08:25] <Alfrenovsky> How can I set postgrey to not greylist mail from null envelope sender ?[20:09:00] <Alfrenovsky> rob0, That's for me ?[20:10:36] <pUmkInhEd> no, that was for chrisc[20:10:50] <anonymouz666> what else is need by postfix to auth another smtp server? i have configured the smtp_sasl_auth_enable, sasl_password_maps and security_options[20:10:58] <anonymouz666> it's postfix 2.3[20:10:59] <rob0> Al, check_sender_access, see "man 5 access".[20:11:44] *** quieteyes has left #postfix[20:11:56] <ChrisC35> rob0 I'm suddenly getting tonnes of these bounces though, since last night[20:12:04] <ChrisC35> to only one of my emails[20:12:16] <the_empty> ChrisC35, you should limit what IPs can hit webmin. Webmin is terrible software, frankly[20:12:44] <ChrisC35> is cpanel software in general terrible? or just webmin[20:12:46] <cpm> quite[20:13:21] <the_empty> ChrisC35, it all has potential to be terrible but webmin has a track record of it[20:13:57] <ChrisC35> can you define what you mean by terrible?[20:14:00] <anonymouz666> sasl_password it's also configured[20:14:18] <the_empty> it just adds paths for exploitation, especially since a lot of people don't bother to run it over https or with appropriate ip filters[20:14:48] <the_empty> terrible = in this context, meaning bad.[20:14:58] *** Alfrenovsky has left #postfix[20:16:47] *** muecke77 has joined #Postfix[20:16:51] <ChrisC35> we run it over https[20:17:04] <ChrisC35> i dont think we've setup the ip filters yet[20:17:33] <ChrisC35> i was thinking, though, of only starting and stopping the webmin service when I actually use it, which is not very often[20:17:44] <the_empty> Does anyone know if there's a way to capture the entire smtp conversation on a per-client basis in Postfix?[20:18:44] <the_empty> ChrisC35, both would be a good idea :)[20:19:26] <ChrisC35> what can I check regarding this securiuty breach?[20:20:56] <the_empty> Walk your mail logs and see if you can make sure it was actually a breach, make sure webmin is up to date, make sure it's not some other vector (open relay etc)...[20:21:14] *** Gokee2 has joined #postfix[20:21:27] <ChrisC35> k thanks[20:29:53] <Gokee2> Hello all, today I woke up to over 200 undelivered, failed or returned msgs in my catchall account. Looking at them they all say they come from users that are not on the server and from diffrent servers (not mine). However they are being delevered with my domain name attached. If there are this many not delevered it makes me wonder how many got through. Is there anything I can do about this? Thanks[20:30:34] *** lunaphyte_ has quit IRC[20:30:47] <cpm> not much you can do about that. This is called backscatter. some say that publishing a valid spf record will cut down on this some.[20:31:09] <cpm> btw, catchalls kinda beg for this.[20:31:23] <Gokee2> I already have a spf record[20:31:32] <Gokee2> Hmm why is that?[20:31:52] *** amrit is now known as amrit|wrk[20:32:19] <ChrisC35> hehe soudns like what I am asking about too[20:32:49] <ChrisC35> whats a catchall?[20:33:18] <Dominian> *HEADDESK*[20:33:29] * Dominian goes back to pulling his fingernails out with a pair of needle-nose pliers[20:33:43] <Gokee2> Catches all email that no user is around for[20:34:06] <ChrisC35> http://www.spamresource.com/2007/02/backscatter-what-is-it-how-do-i-stop-it.html[20:34:50] <ChrisC35> the_empty what cpanel would you reccomend?[20:35:15] <ChrisC35> I'm actually have been t hinking about just not offering an email service, as its jsut a lot of work and not worth it[20:35:27] <Motoko-chan> Considering how few server support SPF, it doesn't help at all.[20:35:34] <ChrisC35> jsut concentrate on my system[20:36:35] <SteveC> Any good way of killing off all the MAILER-DAEMON items in my queue prematurely?[20:36:48] <Motoko-chan> And yes, catchall configurations are asking for backscatter and spam.[20:37:27] *** UQlev has joined #postfix[20:39:00] *** muecke77 has left #Postfix[20:40:33] *** anonymouz666 has quit IRC[20:40:46] <Gokee2> Motoko-chan, I was finding if I did not have one some servers (one big one I think yahoo or msn?) would bounce my mail[20:41:36] <the_empty> ChrisC35, my favorite admin interface is called ssh[20:42:10] <Motoko-chan> Gokee2, haven't noticed that.[20:42:43] <Motoko-chan> SPF would really hurt my customers. Many have to send through their ISP because they are blocked from using our SMTP server.[20:42:53] <Motoko-chan> Even via SSL.[20:43:19] <the_empty> Motoko-chan, port 587[20:43:42] <Motoko-chan> I don't run submission at the moment (stupid qmail is a pain to configure).[20:43:49] <Motoko-chan> I do offer SMTPS on 465.[20:45:45] *** Fallenou has joined #postfix[20:46:18] <the_empty> Motoko-chan, you wouldn't happen to know anything for postfix a la recordio for qmail would you?[20:46:41] *** lunaphyte_ has joined #postfix[20:46:42] <Motoko-chan> Not offhand, but I am sure it exists.[20:46:56] *** GoGi has quit IRC[20:47:17] *** muecke77 has joined #postfix[20:47:24] *** goudkov has joined #postfix[20:47:36] <Motoko-chan> Possibly listed in here: http://www.postfix.org/DEBUG_README.html[20:47:53] <goudkov> when setting up multiple instances, does inet_interfaces in the additional ones need to be set as a host name not an ip address?[20:48:43] <the_empty> Motoko-chan, they suggest tcpdump in there LOL[20:49:09] *** pettersen has left #postfix[20:52:09] <Gokee2> So that link does not talk about a catchall account but he seems to have a "spamtrap" is this any diffrent then a catchall?[20:53:45] <Motoko-chan> catchall: An account that recieves mail sent to any possible address on a domain.[20:54:04] *** blizzow has left #postfix[20:54:15] <Motoko-chan> Example: you have bob at example dot com set as your catchall. That means it will get e-mail sent to joe at example dot com and even jiojohihioxxj at example dot com[20:54:25] <Motoko-chan> Assuming those aren't existant accounts.[20:55:01] <Motoko-chan> spamtrap: Account that has never been given out and doesn't officially exist. The only purpose is to collect spam sent to the domain for various purposes.[20:56:41] *** halflife has left #postfix[20:56:59] <Gokee2> So where does it get its spam from?[20:57:46] *** lunaphyte_ has quit IRC[20:57:54] <the_empty> spamtraps may also be used in things like usenet postings to obscure your real address- eg emptyPANTS at somedomain dot com (remove pants to reply)[21:00:19] *** arooni_ has quit IRC[21:01:30] <Gokee2> Hmm I see[21:02:11] <Gokee2> So why do spamers like sending mail out from a domain that has a catchall?[21:04:55] <Dominian> because they can specify anything they want?[21:07:31] *** tshine has quit IRC[21:10:02] *** Filbert has quit IRC[21:18:33] *** goudkov has quit IRC[21:22:31] *** lunaphyte_ has joined #postfix[21:29:06] *** UQlev has quit IRC[21:31:32] <Motoko-chan> Gokee2, basically since if the remote server does an address verify, anything works.[21:31:45] <Motoko-chan> Also, the big problem is sending mail TO those domains.[21:32:01] <Motoko-chan> And the fact that some spammers don't care if the address exists and just make them up.[21:32:10] <Motoko-chan> Problem is with a catchall, you get all the bounces.[21:32:37] <Motoko-chan> And if the spam is directed at your domain, all the mail being blasted on a dictionary attack of addresses.[21:41:01] *** felix_da_catz has joined #postfix[21:46:26] *** Ryushin has quit IRC[21:46:30] <Signum> Holy fork... amavisd takes 100 MB and just processes <1 mail/sec? I never noticed that.[21:47:06] *** Ryushin has joined #postfix[21:48:03] *** pUmkInhEd has quit IRC[21:48:20] *** hemry has joined #postfix[21:48:45] <Trengo> im not so happy about amavis... its a lot of processing and it isnt even doing it itself[21:48:59] <Signum> What else... dspam?[21:49:13] <Trengo> still shopping :)[21:53:36] <Trengo> i was looking at setting up postfix with SA, it mentions amavis, but its not really required is it?[21:54:01] <Dominian> Trengo: mailscanner is another option.[21:54:10] *** cpm has quit IRC[21:54:30] *** lunaphyte_ has quit IRC[21:54:44] *** loddafnir has quit IRC[21:55:36] *** muecke77 has left #postfix[21:55:59] <Trengo> Dominian brilliant![21:56:04] <Trengo> no reinjection[21:56:16] <Dominian> Trengo: right[21:56:25] <Dominian> Trengo: #mailscanner for help[21:56:35] <Trengo> Dominian thanks :)[21:56:59] <Dominian> np[21:57:11] <Motoko-chan> AMaViSd-new is quite fine on my server with no problem.[21:57:14] <Motoko-chan> And speedy.[21:58:01] <Motoko-chan> I'm doing all kinds of checks, too.[21:58:14] <Motoko-chan> 16 children.[21:58:32] <Motoko-chan> Note the server does have 4gb of memory.[21:59:24] * Motoko-chan sees about 65-80mb per process[22:02:47] *** Zerberus has joined #postfix[22:05:11] <Signum> Motoko-chan: I didn't run spamassassin as spamd. does amavis recognize that automatically?[22:05:15] *** jstad has joined #postfix[22:05:19] *** muecke77 has joined #postfix[22:05:23] <Signum> Motoko-chan: ...I mean if I enable the spamd :)[22:05:46] *** CrazyFoam has quit IRC[22:21:38] *** ChrisC35 has quit IRC[22:22:42] *** havvg has quit IRC[22:24:19] *** magnat has joined #postfix[22:28:49] *** lunaphyte_ has joined #postfix[22:31:43] *** magnat has quit IRC[22:35:51] <Motoko-chan> Back.[22:36:03] <Motoko-chan> I don't use spamd, it is used directly.[22:36:25] <Motoko-chan> Which probably accounts for the memory size as AMaViSd-new actually loads it inside the process.[22:44:02] *** muecke77 has left #postfix[22:44:21] *** sweed has joined #postfix[22:47:40] *** the_empty has quit IRC[22:47:47] *** hemry has quit IRC[22:49:52] *** ramoni has quit IRC[22:52:31] *** Bilhega has joined #postfix[22:56:08] *** m0f0x has quit IRC[22:56:18] *** Bilhega has left #postfix[22:56:52] *** Bert_2 has joined #postfix[22:57:37] <Bert_2> hi, I have postfix installed and I'm configuring SMTP, what do I have to configure if I want to send mail form any PC to any adress as long as I have the right username and password ?[23:00:35] <Bert_2> anybody here ?[23:00:46] *** jellis-real has quit IRC[23:00:55] *** seekwill has quit IRC[23:06:20] *** madrescher has joined #postfix[23:06:21] <jpalmer> Bert_2: if all the PC's are on the same subnet, configure mynetworks. if not, configure smtp authentication[23:06:59] <Bert_2> jpalmer: smtp authentication as in SASL ?[23:07:10] <jpalmer> yes[23:07:53] <Bert_2> jpalmer: do you know a good guide to SASL as the hunderds of different how-to's and faq make it very difficult to really understand what I need to do ?[23:08:23] <sysmonk> try reading one, not all[23:08:24] <sysmonk> ;)[23:08:51] <Bert_2> sysmonk: most of them start with version things which I don't really get, looks like most of them are from 99 or something[23:09:26] *** stickystyle has quit IRC[23:09:42] <sysmonk> configs are mostly backward-compatible, so even if it was written in '99 there'a s big chance it will still work[23:10:30] <Bert_2> sysmonk: so ignore this: "This HOWTO was written for Postfix 1.x and Cyrus-SASL-1.5.x. With the arrival of Cyrus-SASL-2.x some minor, but important changes were made to configuration options."[23:10:38] <sysmonk> if you don't like the how-to's, then sure, read this[23:10:39] <sysmonk> !sasl[23:10:39] <knoba> sysmonk: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[23:10:41] <sysmonk> !smtpauth[23:10:41] <knoba> sysmonk: "smtpauth" : a feature that allows road-warriors (trusted users which are outside your network) to send mail via your mail server. The user needs to send a username and password which allows him/her to relay email. See: http://www.postfix.org/SASL_README.html[23:10:48] *** Ryushin has quit IRC[23:10:59] <sysmonk> ah, the same link, anyway :) it has everything you need to know from postfix side[23:11:23] <Bert_2> sysmonk: okey, thank you, that's very usefull :D[23:14:32] *** felix_da_catz has quit IRC[23:14:53] <Bert_2> sysmonk: if I have SASL configured, do I still have to permit all senders and receivers or is that done automatically ?[23:15:13] <jpalmer> if they have a valid user/pass, they authenticate and are allowed to send[23:15:29] <Bert_2> jpalmer: even if they aren't part of mynetworks ?[23:15:41] <jpalmer> right. they are authenticated[23:15:54] <Bert_2> jpalmer: okey; great, thzank you[23:17:27] *** felix_da_catz has joined #postfix[23:29:01] *** a133x has quit IRC[23:29:09] *** a133x has joined #postfix[23:30:42] *** Bert_2 has quit IRC[23:30:48] *** stickystyle has joined #postfix[23:31:01] *** debacle has joined #postfix[23:31:15] *** stickystyle has quit IRC[23:31:27] *** stickystyle has joined #postfix[23:31:29] <debacle> hi all, can anyone help me with postfix configuration please ??[23:32:26] <debacle> trying to deliver mails to an smtp mailq report this error: Error: timeout exceeded (in reply to end of DATA command))[23:32:35] <debacle> how can i fix it ?[23:36:42] *** hemry has joined #postfix[23:38:07] <debacle> anyone here ?[23:38:17] *** cilly has joined #postfix[23:40:45] *** cilly has quit IRC[23:47:32] *** ming_zym has quit IRC[23:48:48] *** ming_zym has joined #postfix[23:51:23] *** xpoint has joined #postfix[23:59:02] *** debacle has left #postfix