May 20, 2008 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 20, 2008 [00:06:51] *** muecke77 has quit IRC[00:11:46] *** Severed_Head_Of_ has quit IRC[00:13:00] *** seekwill has quit IRC[00:23:12] *** ricosecada has quit IRC[00:31:45] *** {Chris} has joined #postfix[00:32:09] <{Chris}> Hi, I have installed Postfix daemon on my Debian and I have a problem with the Postfix mail server name[00:32:14] <{Chris}> root@jupiter:~# telnet localhost 25[00:32:15] <{Chris}> Trying 127.0.0.1...[00:32:15] <{Chris}> Connected to localhost.localdomain.[00:32:30] <{Chris}> How to change "localhost.localdomain." by the real server name[00:32:30] <{Chris}> ?[00:32:35] <Motoko-chan> Check main.cf[00:32:41] <jduggan> thats not postfix[00:32:47] <jduggan> thats your local domain name[00:32:57] <{Chris}> in /etc/hosts ?[00:32:58] <jduggan> /etc/hosts[00:33:05] <{Chris}> 127.0.0.1 localhost.localdomain localhost[00:33:05] <{Chris}> 91.121.124.189 ns6886.ovh.net[00:33:05] <{Chris}> 91.121.124.189 jupiter.unikity.fr jupiter[00:33:05] <{Chris}> 91.121.125.189 jupiter.unikity.fr jupiter[00:33:33] <{Chris}> It's not good ?[00:33:51] <jduggan> nothing wrong with it[00:34:23] <{Chris}> What is the problem ?[00:34:31] <jduggan> i dont see any problem[00:34:56] <jduggan> 'connected to ip...' is your telnet app.. has nothing to do with postfix[00:35:13] <jduggan> anything printed after 'escape character is '^]' is what posfix prints[00:35:15] <{Chris}> mm in mail sended with my Postfix[00:35:21] <{Chris}> in his headers[00:35:28] <{Chris}> I see "localhost.localdomain" too[00:35:32] <{Chris}> :([00:35:47] <jduggan> have you configured myhostname in main.cf[00:36:00] <{Chris}> with /etc/mailname ?[00:36:17] <{Chris}> myorigin = /etc/mailname?[00:36:21] <jduggan> !basic[00:36:22] <knoba> jduggan: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[00:36:25] <jduggan> read[00:36:26] <{Chris}> myhostname = jupiter.unikity.fr[00:36:27] <{Chris}> ok[00:36:28] <{Chris}> sorry[00:36:35] <{Chris}> it's configured[00:38:10] *** war9407 has quit IRC[00:40:09] *** ayeuu has quit IRC[00:42:23] *** geek_cl has quit IRC[00:47:27] <{Chris}> I have that in my mail header[00:47:27] <{Chris}> Received: from jupiter.unikity.fr (localhost.localdomain [127.0.0.1])[00:47:27] <{Chris}> by jupiter.unikity.fr (Postfix) with ESMTP id E367A2C004C[00:47:51] <{Chris}> Why is "localhost.localdomain" ?[00:48:18] <habnabit_> {Chris}: I think that's the HELO message.[00:48:38] *** Severed_Head_Of_ has joined #postfix[00:48:54] <{Chris}> Send by the client ?[00:49:05] <habnabit_> {Chris}: yes.[00:49:08] <{Chris}> mmm[00:49:17] <{Chris}> I check that[00:49:26] <{Chris}> I use JavaMail[00:53:17] *** McJerry has joined #postfix[00:56:17] *** corporeal has quit IRC[00:56:44] <{Chris}> <property name="javaMailProperties">[00:56:44] <{Chris}> <props>[00:56:44] <{Chris}> <prop key="mail.smtp.localhost">jupiter.unikity.fr</prop>[00:56:44] <{Chris}> </props>[00:56:44] <{Chris}> </property>[00:56:48] <{Chris}> thanks all :)[00:57:13] *** cyr- has quit IRC[00:57:31] <{Chris}> mail.smtp.localhost Local host name used in the SMTP HELO or EHLO command. Defaults to InetAddress.getLocalHost().getHostName(). Should not normally need to be set if your JDK and your name service are configured properly.[01:00:00] *** felix_da_catz has quit IRC[01:05:55] *** growltiger has quit IRC[01:21:04] *** scarebyte has quit IRC[01:22:52] *** Fallenou has quit IRC[01:34:11] *** gnot has joined #postfix[01:44:16] *** jammanbo has joined #postfix[01:47:09] <jammanbo> I want to set up postfix to send mail from my Rails app. I need only a single out-going and incoming address (Rails will process the mails), Can some one recommend a good tutorial to an intimidated noob. On Ubuntu behind a shared router (sending emails locally is enough for the moment). Thanks.[01:47:39] <mwalling> !basic[01:47:40] <knoba> mwalling: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[01:48:11] *** HSorgYves_ has joined #postfix[01:49:22] <gnot> hello all[01:50:05] <gnot> i was wondering how it is possible to limit the content-filtering service in master.cf to only filter outgoin messages[01:50:37] *** c00l2sv has quit IRC[01:50:59] <gnot> sorry... i mean exclude outgoing messages from filtering[01:51:30] <gnot> is it possible to separate incoming/outgoing messages with any postfix configuration directive?[01:52:23] *** Motoko-chan has quit IRC[01:57:51] <gnot> to be more specific, i would like to configure postfix so that it does not route emails through the specified content-filter (spamassassin), if they (the emails) originate from a domain for which postfix is the final destination.[01:58:28] <growltiger_> !transport_maps[01:58:29] <knoba> growltiger_: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[01:59:17] <gnot> growltiger_, thanks. will look into it[02:00:37] *** stickystyle has joined #postfix[02:03:17] *** HSorgYves has quit IRC[02:13:59] *** McJerry has quit IRC[02:25:33] *** HSorgYves_ has quit IRC[02:27:27] *** mirrorcolor has quit IRC[02:28:15] *** felix_da_catz has joined #postfix[02:31:56] <gnot> growltiger_, if the transport_maps are used to direct incoming emails through the content-filter, then, normaly, the 'content_filter' directive within main.cf is no longer needed, right?[02:33:42] *** quieteyes has left #postfix[02:35:16] *** usrsrc has joined #postfix[02:35:52] <usrsrc> hello.[02:37:16] <growltiger_> hi![02:37:17] <growltiger_> wb[02:37:41] <usrsrc> i just installed postfix and i have some questions. sasl auth doesn't work and my outgoing main is "is neither permitted nor denied by best guess record for domain of"[02:38:31] <usrsrc> i disabled sasl for now (imap courier works well) and i am very interested in second question.[02:39:03] <usrsrc> didn't sleep two nights and have some job to do more.. that's why came to the channel :-)[02:39:08] *** jammanbo has quit IRC[02:39:46] <usrsrc> ..actually this is my first mail server but i am not a newbie in linux :-)[02:41:31] <usrsrc> ..i mean google and all other mail servers marks my mail as a spam.[02:42:00] <usrsrc> i need 100% outgoing working email[02:47:16] *** ming_zym has joined #postfix[02:49:38] *** CrazyFoam has quit IRC[02:50:34] *** CrazyFoam has joined #postfix[02:52:27] *** felix_da_catz has quit IRC[02:52:43] *** felix_da_catz has joined #postfix[03:03:07] *** usrsrc has left #postfix[03:06:39] *** McJerry has joined #postfix[03:10:21] *** Tachy_ has joined #postfix[03:20:44] *** keffer has quit IRC[03:23:18] *** Tachy has quit IRC[03:23:58] *** keffer has joined #postfix[03:24:19] <gnot> growltiger_, i did not manage to only route emails to domains, for which postfix is the final destination, through spamassassin. The messages loop between spamassassin and postfix.[03:24:33] *** mirrorcolor has joined #postfix[03:24:53] <gnot> growltiger_, it seems that the transport maps are checked even after the email message is ijected back to postfix from spamassassin[03:26:09] <gnot> is it certain that transport maps can be a replacement of 'content_filter=spamassassin... ' ?[03:27:53] *** githogori_ has quit IRC[03:31:31] *** Laban has quit IRC[04:10:06] *** _Siegfried has quit IRC[04:31:39] *** cyr- has joined #postfix[04:59:09] *** Zeit|awy_ has quit IRC[05:07:06] *** seekwill has joined #postfix[05:08:08] *** maxquerry has joined #postfix[05:08:23] *** felix_da_catz has quit IRC[05:18:40] *** CrazyFoam has quit IRC[05:27:26] *** Motoko-chan has joined #postfix[05:30:43] *** githogori has joined #postfix[05:36:55] *** stickystyle has quit IRC[05:37:26] *** stickystyle has joined #postfix[05:37:39] *** stickystyle has quit IRC[07:07:25] *** Lap_64 has joined #postfix[07:15:53] *** UQlev has joined #postfix[07:17:31] *** muecke77 has joined #postfix[07:19:00] *** fabounio has joined #postfix[07:20:37] *** fabounio has quit IRC[07:29:19] *** m_p has joined #postfix[07:35:12] *** Laban has joined #Postfix[07:36:36] *** xpoint has quit IRC[07:47:03] *** amrit|wrk is now known as amrit[07:54:36] *** a_ok has quit IRC[08:02:57] *** stefan-f has joined #postfix[08:16:46] *** fabounio has joined #postfix[08:23:22] *** af_ has joined #postfix[08:25:57] *** stony_ has joined #postfix[08:26:20] *** muecke77 has quit IRC[08:26:21] *** growltiger has joined #postfix[08:26:26] *** releod has joined #postfix[08:26:56] <releod> Anyone know why I am getting "Invalid query: Can't create table './postfix/vacation_notification.frm' (errno: 150)" when running setup.php for the first time??[08:27:08] <releod> sorry - wrong channel[08:27:17] *** ming_zym has quit IRC[08:30:57] *** ming_zym has joined #postfix[08:31:33] *** aba- has quit IRC[08:32:01] *** aba- has joined #postfix[08:36:03] *** af_ has quit IRC[08:37:22] *** aba- has quit IRC[08:39:23] *** syneus has joined #postfix[08:41:13] *** FuriousGeorge has joined #postfix[08:41:30] *** mutante has quit IRC[08:42:15] *** stony has quit IRC[08:42:52] <FuriousGeorge> hey all[08:43:08] *** Severed_Head_Of_ has quit IRC[08:43:12] <sysmonk> hey there ;)[08:43:32] <FuriousGeorge> good to see you, how are things[08:44:36] <FuriousGeorge> sysmonk: you ever use kolab?[08:47:43] *** phnord has joined #postfix[08:49:15] <sysmonk> nope[08:49:20] <sysmonk> neva :)[08:51:55] *** releod has left #postfix[08:52:00] <FuriousGeorge> it uses postfix[08:52:08] <sysmonk> it doesn't[08:52:15] <FuriousGeorge> does too :)[08:52:51] <sysmonk> maybe, but main doodie-boobie about kolab is - it stores stuff in imap folders, stuff as contacts, calendars and etc[08:53:02] <FuriousGeorge> i dont understand why there isnt more excitement about it...[08:53:03] <sysmonk> atleast last time i read / saw it :)[08:53:10] <FuriousGeorge> still does, afaik[08:53:17] <FuriousGeorge> you dont like that?[08:53:30] <sysmonk> FuriousGeorge: doesn't support all the clients i use[08:54:07] <sysmonk> so not even tried that[08:54:27] <sysmonk> + i'm more interested in using that kind of staff via caldav / ldap[08:54:29] <FuriousGeorge> it supports a lot of clients, there are 3rd party connectors, both open source and proprietary depending on what *cough outlook cough* you are connecting to[08:55:16] <sysmonk> FuriousGeorge: ever looked up into zimbra ?[08:55:23] <sysmonk> (if you're already interested in kolab)[08:56:07] *** gibson has joined #postfix[08:56:35] <FuriousGeorge> sysmonk: i looked into it, but isnt it one of those kind-of-open-source-but-not-really deals[08:56:56] <FuriousGeorge> you get a crippled version for open source or something[08:57:32] <gibson> hey guys.. where can I set the ip range that is allowed to send mail thru my postfix server :[[08:57:51] <FuriousGeorge> plus, yahoo bought it, presumably to compete with google apps, so it probably wont even be stand alone in short order[08:58:39] <FuriousGeorge> sysmonk: but please convince me that zimbra is better, if you want :)[08:59:59] *** aba- has joined #postfix[09:04:58] <FuriousGeorge> which reminds me of something else... with google hosting everyone's e-mail for free, what is that going to do to small hosting companies... you know they are gonna start web hosting next[09:06:40] <FuriousGeorge> not only that, but what they host constitutes groupware, minus the outlook 'connector'... which is why ive been messing with kolab[09:07:11] *** rmayorga has quit IRC[09:07:48] * gibson coughs[09:07:49] <gibson> anyone?[09:09:27] <FuriousGeorge> gibson: i dont know. i somehow got my smtpd listening on port 587, and im not even sure how i did that :)[09:09:36] <FuriousGeorge> i see the obvious line in master.cf[09:09:57] <FuriousGeorge> but i notice it listens by default on 127.0.0.1, so i guess thats not gonna help[09:12:58] *** c00l2sv has joined #postfix[09:14:03] *** mmp has joined #postfix[09:14:34] <sysmonk> FuriousGeorge: that's a problem which already is being discussed[09:14:52] <sysmonk> our guys where at hosting conf this year, and this problem was discussed at it[09:15:25] <FuriousGeorge> which problem did you guys discuss?[09:16:02] <sysmonk> FuriousGeorge: google and hosting business[09:16:08] <cite> This is not MTA related, but an address like vff7fitc.2a11yz at largefeed dot incertum.net _is_ a valid email address according to RFC 2822, isnt' it?[09:16:10] <sysmonk> google taking over the IT world[09:16:10] <sysmonk> ;)[09:16:17] <cite> I mean, just because it doesn't make sense to humans...[09:16:21] <sysmonk> cite: yes[09:16:24] <FuriousGeorge> sysmonk[09:16:32] <FuriousGeorge> how did you guys solve it?[09:16:44] <sysmonk> FuriousGeorge: did you read what i said? :)[09:16:46] <sysmonk> 05-20 10:14:51 < sysmonk> our guys where at hosting conf this year, and this problem was discussed at it[09:16:51] <sysmonk> our guys != me[09:17:17] <sysmonk> but afair the solution which was made was - offer more than google[09:17:53] <FuriousGeorge> sysmonk: sorry that was a typo. i meant to ask you: how did you(r) guys solve it?[09:18:06] <FuriousGeorge> sysmonk: duh, which is why im asking you about kolab :)[09:18:09] <sysmonk> FuriousGeorge: who said we solved it? :)[09:18:14] *** rmayorga has joined #postfix[09:18:25] *** McJerry has quit IRC[09:18:41] <FuriousGeorge> sysmonk: so you think zimbra is the solution[09:18:42] <sysmonk> FuriousGeorge: i'm not into hosting really, so i'm not really interested, i'm more into dedicated server managment and complex solutions[09:18:48] <sysmonk> FuriousGeorge: never tried it, really.[09:18:58] <sysmonk> but if i would think about this - i'd try it first[09:19:13] <FuriousGeorge> any reason?[09:19:28] <sysmonk> FuriousGeorge: any reason why NOT to do it?[09:20:06] *** Pazzo has joined #postfix[09:20:37] <FuriousGeorge> sysmonk: let me check out their homepage, i cant remember if their was a third reason besides the 'being bought by yahoo' and the 'not really open source' thing[09:21:42] <sysmonk> FuriousGeorge: the 3rd reason i have is 'yahoo being almost sold to microshit' ;)[09:22:25] <cite> sysmonk: Well, then I have to blame the stupid address harvesting programs. No harm is done in "truncating" the addresses like that, it's just strange. YOu would think address harvesting programs would want to have _valid_a addresses.[09:22:26] <FuriousGeorge> sysmonk: of course there is that huge elephant in the inbox[09:22:41] <cite> Not everyone maps everything to one address with virtual_alias_maps ;-)[09:24:38] <f3ew> my big problem with Zimbra is the custom Java pop3/imap server, with a custom mail delivery agent[09:24:55] <sysmonk> blah, didn't know that :P[09:24:59] * sysmonk hate java[09:25:44] *** dorijan has joined #postfix[09:26:04] *** Motoko-chan has quit IRC[09:27:52] *** harobed has joined #postfix[09:29:46] *** Fallenou has joined #postfix[09:32:30] *** mutante has joined #postfix[09:36:05] *** dim has joined #postfix[09:36:08] <dim> hi[09:36:38] <dim> I have content_filter=lmtp:unix:/tmp/dspam.sock and virtual_transport= lmtp:inet:127.0.0.1:2026[09:36:51] <dim> and it seems the content_filter is not taken into account[09:36:54] <dim> any idea?[09:37:06] *** amrit is now known as amrit|zzz[09:39:33] *** Tex-Twil has joined #postfix[09:42:55] <sysmonk> dim: maybe it's overriden in master.cf[09:43:09] *** m0f0x has quit IRC[09:43:12] <dim> don't think so[09:43:25] <dim> I'm seeing content_filter = scan:localhost:10025 in the doc[09:43:45] <dim> scan: will help here? I'm trying to understand...[09:44:18] <dim> sysmonk: in fact I first added the content_filter option in master.cf but then in main.cf, seeing it had no effect[09:44:27] <dim> no effect in both cases :/[09:44:42] <sysmonk> dim: sorry have to go to a meeting right now, i'll be able to look at it when i'll come back[09:44:55] <dim> thx a lot ;)[09:48:46] <f3ew> dim scan is something defined in master.cf[09:49:53] <dim> ok (trying to understand http://www.postfix.org/FILTER_README.html)[09:50:26] <dim> f3ew: do you know of any "incompatibility" or precedence thing wrt virtual_transport against content_filter?[09:50:35] *** ming_zym has quit IRC[09:50:37] <dim> should the content_filter be marked virtual:...[09:50:49] <f3ew> no, and no[09:51:13] <dim> ok thx[09:51:20] <dim> so my conf is really broken :)[09:52:03] <dim> I'm using ArchiveOpteryx for the delivery, configured in postfix following recommandations I got here, using virtual_mailbox_domains and relay_recipient_maps and virtual_transport[09:52:11] <dim> plus virtual_alias_maps for good measure[09:52:41] <dim> all those setting use a pgsql: file to make queries to the ArchiveOpteryx data (views I made atop their tables)[09:54:02] <dim> now the content_filter is not used when sending mail to a virtual address: lmtp delivery is done, without the filter added headers[09:54:04] <f3ew> postconf content_filter says what?[09:54:15] <dim> content_filter = lmtp:unix:/tmp/dspam.sock[09:54:40] <f3ew> and your logs?[09:55:02] *** ming_zym has joined #postfix[09:55:20] *** madrescher has joined #postfix[09:55:47] <dim> re testing (echo foo |mail -s bar dim at virtualdomain dot tld)[09:56:06] <dim> mail.go2m.mobi[/tmp/dspam.sock]: No such file or directory[09:56:08] <dim> ahahaha[09:56:22] <dim> it was damn to late yesterday evening when I made this[09:56:51] <dim> thx f3ew, I'll try to fix the setup and ask about "real" problems here ;)[09:57:21] <f3ew> heh[09:57:31] <f3ew> Is dpsam running?[09:57:38] <dim> I think so, checking[09:58:28] <dim> 2588 pts/7 S 0:00 /usr/bin/dspam --daemon and /var/run/dspam.pid is up-to-date[09:59:35] <dim> restart: no errors in logs about the socket[09:59:45] *** war9407 has joined #postfix[09:59:49] <dim> oh, or is this a debian package changed the default socket path under the hood thing?[10:00:45] *** jeffspeff2 has joined #postfix[10:00:57] <gibson> hey just configured mynetworks to allow my subnet but its still giving relay access denied errors when trying to send thru it[10:01:21] *** Tex-Twil has quit IRC[10:01:25] <gibson> mynetworks_style = subnet[10:01:40] <dim> ahah, f3ew, was another late oversight: forgot to uncomment a property of dspam.conf to have the socket file[10:02:01] * f3ew grins[10:02:17] <f3ew> gibson add your IP block explicitly to mynetworks[10:02:21] <f3ew> and reload postfix[10:02:45] <dim> restarted (to be sure), still same logs: status=deferred (connect to mail.go2m.mobi[/tmp/dspam.sock]: No such file or directory)[10:02:56] <dim> oops, domain name revealed[10:03:03] <f3ew> heh[10:03:08] *** {Chris} has quit IRC[10:03:15] <dim> morning is not better than late evening ;)[10:03:15] <f3ew> dim mail.go2m.mobi[/tmp/dspam.sock]: No such file or directory[10:03:18] <f3ew> earlier[10:03:23] * f3ew adds coffee[10:03:26] *** [diablo] has joined #postfix[10:03:42] * dim is coffee free... may be it's time to revisit this[10:04:04] <gibson> f3ew, yep, thats what i did[10:04:28] <dim> and I have srwxrwxrwx 1 root dspam 0 2008-05-20 10:01 /tmp/dspam.sock[10:05:26] <dim> content_filter = lmtp:unix:/tmp/dspam.sock[10:06:46] <f3ew> and permissions on /tmp?[10:07:01] <dim> oh, idea: postfix chrooted[10:07:18] <dim> and /tmp is drwxrwxrwt[10:08:42] <dim> let's try to have dspam write its socket into postfix chroot, which seems to be /var/spool/postfix/[10:10:05] <gibson> any input there?[10:10:56] <dim> relay=mail.go2m.mobi[/tmp/dspam.sock], delay=0.47, delays=0.08/0.02/0/0.36, dsn=2.6.0, status=sent[10:11:00] <dim> hehe, was postfix chroot :)[10:11:16] <f3ew> gibson, postconf mynetworks[10:12:07] <gibson> yeah, that outputs something completely different[10:12:18] <gibson> 127.0.0.0/8[10:13:15] *** kronic has joined #postfix[10:13:28] <gibson> why...why..why[10:14:18] *** {Chris} has joined #postfix[10:15:28] <f3ew> you have it defined twice[10:16:15] <gibson> uh[10:16:16] <gibson> how?[10:17:39] *** jeffspeff has quit IRC[10:18:13] <f3ew> see at the bottom of main.cf?[10:20:51] *** [diablo] has quit IRC[10:21:42] <dim> ok, -o content_filter=... in master.cf allows me to use whatever socket file without having to tell dspam to go into postfix chroot[10:21:45] <dim> much better[10:25:55] *** xpoint has joined #postfix[10:27:36] *** AcTiVaTe has quit IRC[10:31:39] *** Jax has joined #postfix[10:32:25] *** ming_zym has quit IRC[10:33:52] *** gamla_kossan has joined #postfix[10:35:05] *** Tex-Twil has joined #postfix[10:35:26] <gibson> f3ew: huh?>[10:35:30] <gibson> see what at the bottom[10:35:51] *** Zeit|awy has joined #postfix[10:39:22] <Jax> does it need a lot of CPU to send 3000 mails? the mail has one sentance in it and is BCCed to all those recipients[10:40:39] *** ming_zym has joined #postfix[10:45:02] <cite> Jax: No, it doesn't.[10:45:41] <cite> Jax: If done properly, that mail will end up as three queue entries, each with 1000 recipients, making it a total of six queue files.[10:46:36] <cite> Jax: I'm hosting a mailing list on a virtual private server, sending one mail (it's announcement only) per 25 hours to a total of 90k subscribers.[10:46:44] <cite> 24 hours[10:47:00] <Jax> what kind of machine is that[10:47:17] <cite> Jax: gimme a second, OK?[10:47:25] *** Pazzo has quit IRC[10:48:03] <cite> Jax: http://rafb.net/p/ULiWGN82.html[10:48:18] *** Pazzo has joined #postfix[10:48:23] <Jax> oh, i don't know how to interpret that[10:48:28] <Jax> can you give me a hand[10:48:49][10:48:58] <cite> Jax: Every halway recent machine will provide more power.[10:49:37] <cite> Really, you don't need to worry about sending one mail to 3k recipients.[10:50:00] <cite> Given you have a working internet connection, of course ;)[10:50:03] <Jax> ok ;)[10:53:07] *** dim has left #postfix[11:00:50] *** robboplus has quit IRC[11:05:51] *** havvg has joined #postfix[11:10:14] <gamla_kossan> hey ppl[11:10:19] <gamla_kossan> how do I flush the mailq?[11:10:28] <Jax> postqueue -f[11:10:34] <gamla_kossan> cheers =)[11:10:45] <gamla_kossan> yeeey[11:13:10] *** tsauter has joined #postfix[11:13:38] <tsauter> hi all[11:14:11] *** Sieg_ has joined #postfix[11:15:13] <tsauter> I have a set of postfix servers (in different subnets) which should be able send mails over one relaying postfix server. At the moment I have added all childservers (ip address) into the mynetworks paramter. But I am wondering if there is a better/more secure way to do this then using the mynetwork?[11:15:36] <sep> tsauter, SMTP AUTH[11:15:49] <sep> preferably over smtp+tls[11:21:04] *** Sieg has quit IRC[11:23:01] <tsauter> sep: good idea. :-)[11:23:31] <tsauter> ah no. one if the server isn't able to do smtp auth :-([11:25:28] <cite> tsauter: You can add the to a text file (multiple lines o: <IP-Address> OK), hash that file (postmap filename) and then add a "check_client_access hash:/path/to/file) in your smtpd_recipient_restrictions somewhere before reject_unauth_destination (or reject)[11:26:36] *** PodMan99a has joined #postfix[11:26:37] <PodMan99a> hey all ... using ubuntu 8.04 on my new mail server postfix / (dspam/amavis) and neither of them are modifing headers.... when I know that older versions modified headers successfully any ideas?[11:28:37] *** mirrorcolor has quit IRC[11:28:39] <tsauter> reject_unauth_destination is responsible to reject relaying clients?[11:28:52] <f3ew> yes[11:28:55] <cite> yes[11:30:53] <cite> Hm. I wonder up to how many entries those hash files scale. This is not a problem wit ha few entries for servers, but would they scale up to, say, 10k entries?[11:32:48] <Jax> any of you use spam assassin with postfix 2.5 and amavisd?[11:33:01] <Jax> none of my messages are getting marked as spam anymore[11:33:43] <cite> Ok, forget that question. Just created a hashtable with 100k entries and average query time is not measurable.[11:39:16] *** Tex-Twil has quit IRC[11:42:07] <gibson> its sometdamn. can someone refer me to a doc for setting up postfix as an mta? i'm spending like 3 hours messing around with 1 line in the cf and it ain't helping[11:43:09] <sep> gibson, i think all postfix docs would be about that[11:43:15] <sep> try a more detaild question[11:43:42] <sep> if you want tutorials you can look at the topic or read the docs on the postfix webpage[11:45:08] <cite> Jax: I do. Can you verfiy they actually enter the content_filter you specified?[11:45:15] <gibson> well, i tried a detailed q and look where it got me..[11:45:54] <gibson> lemme be more specific, i'm trying to get postfix to work as an smtp[11:46:20] <gibson> i've configured the mynetworks accordingly, but postconf still shows only localhost...[11:46:51] <sep> and you have restared postfix[11:46:58] <cite> gibson: Can you nopaste that main.cf of yours?[11:47:12] <gibson> there any twack commands like makemap / etc that need to be exec'd?[11:47:15] <cite> gibson: If postconf says it's 127.0.0.1, then it probably is a typo[11:47:19] <gibson> Yes, restarted postfix for sure.[11:47:41] <gibson> what's weird is postfix says its localhost, and the ip of eth0, but that isn't even in the .cf[11:47:55] <cite> gibson: can we see that main.cf and master.cf, please?[11:47:59] <gibson> IU should also add this is a vhcs2-installed linux server,.[11:48:19] <gibson> cite: i think that's a bit overkill to post the entire cf's don't you?[11:48:43] <cite> !nopaste gibson[11:48:44] <knoba> cite: Error: "nopaste" is not a valid command.[11:49:33] <cite> !paste gibson[11:49:33] <knoba> cite: Error: "paste" is not a valid command.[11:49:56] <gibson> when i've configured mynetworks_style = subnet and mynetworks = 1.2.3.4/32, that should allow for 1.2.3.4 to use it as an smtp right? without any changes to myorigin/mydestination etc?[11:50:05] <cite> gibson: Why, yes.[11:50:32] <cite> gibson: Given that smtpd_*_restrictions are either left to "default" or that the contain a "permit_mynetworks" before a specific reject.[11:50:38] <gibson> im restarting with 'postfix reload' - thats good enough hey?[11:50:50] <cite> Yes.[11:50:59] * gibson stabs himself in the eye[11:51:41] <gibson> I just don't see why it isn't picking up the mynetworks[11:51:45] *** UQlev has quit IRC[11:51:56] <cite> gibson: This is why I wanted to see your configuration.[11:52:02] <cite> !tell gibson paste[11:54:30] <gibson> I'm assuming it's because VHCS2 (a ispconfig/cpanel type nasty program) has shat on the out of box install of postfix[11:54:41] <gibson> pasting ;p[11:54:58] <f3ew> postconf -e 'mynetworks=new,ranges,formynetworks' && postfix reload[11:55:14] <cite> gibson: While you are at it, can we see the exact error message again, please?[11:55:46] <gibson> "relay access denied"[11:55:56] <gibson> ooh, f3ew, from the command lkine edit? nice[11:56:17] <gibson> #[11:58:55] <f3ew> !pastebin[11:58:55] <knoba> f3ew: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.[11:59:29] <gibson> .... f3ew, brilliant. for some reason I had about 500 different mynetworks= in a lot of different files all thru /etc - and I didn't realy know which one was correct.. VHCS2 really screwed that up.. but that worked. thanks[12:02:33] <f3ew> gibson it's always main.cf[12:04:08] <gibson> man.[12:04:29] <gibson> i have 8 main.cf's[12:04:34] <gibson> never ever use vhcs2.[12:04:37] <f3ew> /etc/postfix/main.cf[12:04:49] <gibson> it's a symlink to /etc/vhcs2/mail/postfix[12:04:52] <gibson> :P[12:05:13] <cite> f3ew: Actually, it's $(postconf config_directory)/main.cf[12:05:14] <cite> ;)[12:05:28] <f3ew> True[12:05:54] <cite> I think you could compile it to have /opt/freeware/postfix/etc or something like that.[12:06:05] <cite> Then again, I have never compiled it from sources.[12:06:07] <f3ew> yes[12:07:57] <gibson> heh[12:08:14] <gibson> /opt/var/lol/slackware/31337/postfix[12:08:19] <checkers> can anyone suggest a way to do server side mail categorisation with the Virtual transport to a Maildir?[12:12:04] <Jax> cite are you using it with spamd?[12:12:39] <tsauter> cite: the smtpd_recipient_restrictions doesn't work. it lookups for the recipient and not for the sender.[12:16:57] <f3ew> checkers maildrop[12:17:18] <f3ew> tsauter all checks run at recpient time, unless you tell them not to[12:17:47] <Jax> cite could you give me your settings in amavisd.conf for SA?[12:29:34] <cite> Jax: one moment, please[12:30:33] <cite> Jax: http://rafb.net/p/UWLm4r54.html[12:30:44] *** maxquerry has quit IRC[12:30:57] <cite> Jax: This is from a Debian style configuration, which means that a lot of values might have default or other reasonable settings.[12:32:02] <Jax> cite ok, how do you test it? ;)[12:32:12] <Jax> you using rules_du_jour or sa-update ?[12:32:36] <Jax> + what is your /etc/spamassisin/local.cf ?[12:34:12] *** cpm has joined #postfix[12:34:33] <cite> Jax: sa-update, for local.cf see http://rafb.net/p/lKOnAI72.html[12:34:54] <tsauter> f3ew: can I change this?[12:35:48] <cite> tsauter: You don't have to. Unless smtpd_delay_reject is "no", which it should never be, that check_client_access will be evaluated correctly in smtpd_recipient_restrictions[12:38:41] <Jax> cite you are using razor2, do you just use one user for all your mailboxes?[12:38:47] <Jax> or how do you deal with the virtual users[12:39:53] <cite> Jax: I use one account, and I simply forward all spam to a "plussed" address, as you can see. I.e. john.user at company dot com will be rewritten as joe.user+spam at company dot com and then the virtual delivery agent will deliver that to a differen IMAP folder[12:40:35] <cite> We do that only for "+spam" suffix, other "+recipientdelimiter" addresses will be delivered to the users inbox as usual.[12:44:54] <tsauter> cite: I have added the following configuration line to postfix: smtpd_recipient_restrictions = permit_mynetworks, mysql:/etc/postfix/relay-access.mysql, reject_unauth_destination[12:45:53] <cite> tsauter: What is the output of postmap -q 192.168.10.1 mysql:/etc/postfix/relay-access.mysql - please replace 192.168.10.1 with the IP addresses of one of your servers that need to relay[12:46:03] <tsauter> but know if I watch at the mysql query log, postfix only search for the recipient and not for the sender (eg. t.sauter at viastore dot de): ip='t.sauter at viastore dot de', ip='viastore.de', ip='de', ip='t.sauter@'[12:46:27] <cite> tsauter: And it needt sto read smtpd_recipient_restrictions = permit_mynetworks, check_client_access mysql:/etc/postfix/relay-access.mysql, reject_unauth_destination[12:47:09] *** Lap_64 has quit IRC[12:47:10] <cite> tsauter: You missed that "check_client_access"[12:47:48] <tsauter> cite: yes, thats it thanks a lot.[12:48:37] <Jax> cite hm this is weird... i set $sa_tag_level_deflt = -999; but it never adds a spam header in my mails i send[12:48:40] *** Pazzo has quit IRC[12:48:49] <cite> Jax: Have you verified mails actually pass through amavis?[12:49:01] <Jax> i just get the X-Virus-Scanned header by amavis[12:49:02] <cite> +whetger[12:49:02] <tsauter> btw: what should the mysql select statement return? "select "OK" from server where ip='%s'?[12:49:48] <cite> tsauter: It just needs to return an "OK" for every IP that should be allowed. I don't know how to do this in MySQL. But I posted you that postmap -q line, you can test using this one.[12:50:24] <cite> tsauter: As a side remark, I think you want it to read: proxy:mysql:/etc/postfix/relay-access.mysql[12:51:09] <cite> tsauter: If smtpd is running chrooted and want to connect to mysql using a unix domain socket, it will fail. The proxymap service, OTOH, is almost never running in a chroot.[12:51:20] <tsauter> cite: the postmap returns one line with only OK[12:51:37] <cite> tsauter: And besides, using proxy:mysql will allow you much more control about the number of connections to your SQL backend[12:51:57] <cite> tsauter: For every IP you throw at it or only for those who are in that table?[12:52:34] <tsauter> cite: only for ips in the table. the where query looks ok.[12:52:58] <cite> tsauter: Well, then I'm out of ideas why it isn't working.[12:53:55] <tsauter> cite: you missunderstand me, it works now. My only question is, should the mysql query only OK or something like OK\t192.168.10.1[12:54:11] <cite> Jax: set "$sa_debug=1;" in amavisd.conf, kill amavis, start with amavisd-new debug 2>&1 | tee /tmp/amavis.log and have a lok at that logfile when sending a spam sample.[12:54:21] <cite> tsauter: Ah, ok. Nono, it does only need an "OK".[12:54:53] <tsauter> thanks for your proxy tip, at the moment I used a hard link for the mysql socket. :-)[12:55:01] <cite> Don't do that![12:55:56] <cite> tsauter: Either use host = 127.0.0.1 or the proxymap service.[12:56:37] <cite> Never ever do that with a hardlink. This is a very, very bad idea and might lead to a lot of hard to diagnose problems.[12:57:45] <cite> !tell tsauter mysqlchroot[12:59:01] <Jax> cite do you know which program amavisd actually calls when going through SA ?[12:59:10] <cite> Jax: It preloads SA code as Perl module.[13:01:00] *** xpoint has quit IRC[13:01:29] <Jax> hm it's not even eating the GTUBE test[13:01:32] <Jax> >;/[13:02:46] <cite> Jax: Do you have: @bypass_spam_checks_maps = (\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); somewhere in your amavisd-new.conf?[13:03:43] <cite> Jax: If not, you need to add this line to enable spam filtering. In Debian, this is the file /etc/amavisd-new/conf.d/15-content_filter[13:03:46] <cite> (or something similar)[13:04:40] <Jax> no they are all commented out[13:04:50] <cite> Well, comment them IN![13:04:53] <cite> Erm.[13:04:54] <cite> I mean.[13:04:57] <cite> Remove those comments.[13:05:32] <Jax> hm[13:05:47] <cite> Do you run Debian?[13:05:59] <Jax> but it says: The following example disables spam checking altogether: @bypass_spam_checks_maps = (1);[13:06:01] <Jax> no, gentoo[13:06:28] <cite> Jax: Yes. But you are building an actual map of submaps.[13:06:41] <cite> Jax: So please, just try adding that line I cited to your configuration and see if it works.[13:06:46] <Jax> k[13:07:21] <Jax> you got the signs right there? first % then @ then $ ?[13:07:49] <cite> Jax: Yes. See http://rafb.net/p/wLHHP627.html[13:07:59] *** Pazzo has joined #postfix[13:08:23] <tsauter> do I need to add all available lookup maps to proxy_read_maps? I have now added only the maps I have used in main.cf but I get an error: unix:passwd.byname[13:08:38] <cite> Jax: That's the whole file, you can probably ignore that "1" to insure a defined return ;)[13:09:28] <Jax> hm don't even have a conf.d dir, let me check for a amavisd update - maybe i didn't merge the configuration files last time[13:09:29] <cite> tsauter: I do it for all PostgreSQL maps and of course for the local_recipient_maps = proxy:unix:passwd.byname $alias_maps seting[13:10:46] <tsauter> the best way is to copy the output of postconf -d | grep ^proxy_read_maps and the append my own maps[13:11:53] <cite> Oh, shit. I totally forgot proxy_read_maps[13:11:54] <cite> Sorry.[13:13:48] <tsauter> np :-)[13:17:31] *** m_p has quit IRC[13:25:12] *** amrit|zzz has quit IRC[13:25:23] *** Sieg_ has quit IRC[13:25:37] *** Sieg has joined #postfix[13:27:19] *** fabounio has quit IRC[13:27:36] *** jammanbo has joined #postfix[13:28:32] <jammanbo> Im reading this http://wiki.rubyonrails.org/rails/pages/HowToReceiveEmailsWithActionMailer, and one of the config lines is transport_maps = hash:/path/to/etc/postfix/transport. I dont see such a file. Should I just create it?[13:30:46] *** ming_zym has quit IRC[13:36:01] <mwalling> !transport_maps[13:36:02] <knoba> mwalling: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[13:36:04] <mwalling> jammanbo: ^^[13:44:35] *** tsauter has quit IRC[13:52:49] <jammanbo> (Sorry about all this) So I just have @example.com jammanbo in my virtual file. According to the README that should send anything sent to example.com to UNIX user jammanbo, but it instead expands it to jammanbo at example dot com, and I get the mail back saying that user doesnt exist (he does, its me!) ...[13:52:49] *** madrescher has quit IRC[13:53:51] *** kronic has quit IRC[13:53:57] *** madrescher has joined #postfix[13:54:23] *** Jax has quit IRC[13:54:34] *** pirho has joined #postfix[13:55:57] <jammanbo> It seems to work if I list example.com as a mydestination domain, but the read me says "NEVER" do that ... ?[13:57:59] *** UQlev has joined #postfix[14:01:09] <cite> Help. My tie is not working.[14:01:16] <cite> I can't breathe.[14:01:23] *** xemacs has quit IRC[14:04:56] <jammanbo> Am I being mocked?[14:06:32] * cpm chuckles[14:16:00] *** Jax has joined #postfix[14:16:07] *** stickystyle has joined #postfix[14:19:33] *** McJerry has joined #postfix[14:22:41] <rob0> Whoever designed that Ruby-on-Rails thing may be a clever programmer, but is severely lacking in email knowledge. Seems like the thing is designed to count on a catchall, which makes it both a spam magnet and a spam source.[14:24:40] <jammanbo> rob0: I dont know much about it, but I get the impression that its quite flexible. Its just the nature of my app that it makes sense to have a catchall email address and let Rails determine how to process incoming mail.[14:24:56] *** xemacs has joined #postfix[14:24:57] <rob0> And generate backscatter spam.[14:25:30] <rob0> Like I said, the designer seems to know nothing about mail.[14:26:08] *** jellis-real has joined #postfix[14:26:19] <jammanbo> Whats backscatter spam?[14:26:31] <rob0> !backscatter[14:26:31] <knoba> rob0: "backscatter" : http://www.postfix.org/BACKSCATTER_README.html[14:27:48] <sysmonk> joejoes :)[14:29:25] * robtone_ did such things with procmail[14:33:40] <Jax> cite what do you have @local_domains_acl set to?[14:36:15] *** k4z has joined #postfix[14:36:35] <gibson> heh[14:36:37] <gibson> backscaterr[14:37:06] * cpm screams[14:43:03] <jammanbo> Would you gentlemen give me your advice then. What I was thinking of doing was this. My site would allow users to send emails to people. Each email would be given a unique reply to address (xxx at mydomain dot com). My Rails app would catch all mail to mydomain.com, and process them into comments on the original email (simply discarding ones with invalid addresses). I was going to make xxx 20 chars long, case sensetive, alpha numeric. Thats a[14:43:03] <jammanbo> total of 10^35 possible addresses. If I fantasise about my app being successful I might have 10^5 threads on the system That would mean a spammer would have to send 10^30 emails to find one with a valid address. Thats a low probability of success. Put on top of that some basic spam filtration I thought it would be pretty safe. Comments?[14:44:22] *** xpoint has joined #postfix[14:46:43] *** ramoni has joined #postfix[14:47:12] *** dustybin has joined #postfix[14:47:24] <dustybin> when one creates a new alias, what is the command to update the aliases?[14:47:39] *** xemacs has quit IRC[14:47:41] <f3ew> newaliases[14:47:45] <rob0> You totally miss the point, just as the Rails programmer did. What happens to those 10^30 emails to INvalid addresses?[14:47:52] <f3ew> jammanbo possible[14:47:54] <dustybin> aye thanks[14:47:57] <f3ew> until you get joejobbed[14:48:14] <jammanbo> newaliases ... even I know that :)[14:48:23] *** xemacs has joined #postfix[14:48:39] <jammanbo> rob0: Well, nothing ...[14:48:44] <jammanbo> discarded[14:48:58] <jammanbo> Oh, I see ,,, You mean I am going to be back scattering?[14:50:01] <jammanbo> f3ew: joejobbed? Noting from google ...[14:50:24] *** FuriousGeorge has quit IRC[14:51:37] <jammanbo> rob0: Because as far as postfix is concerned, an invalid address is valid, its not going to be bouncing mail back, INstead the Rails app determines that the address is invalid and it is simply ignored. Is there a problem Im not seeing?[14:53:58] *** tshine has quit IRC[14:54:09] <gnot> i try to setup as a test an alias that can be used to send emails to sa-learn (for spamassassin training). This alias is supposed to receive forwarded spam messages from legitimate email addresses. Is there a problem for the legitimate addresses. Will this configuration poison the bayesian database?[14:54:25] <robtone_> jammanbo, what happens with the mail if your app "ignores" it?[14:55:23] <robtone_> jammanbo, does it accept it and pipe it to /dev/null?[14:55:42] <robtone_> jammanbo, or does it reject it, and let postfix decide what to do next?[14:56:32] <jammanbo> robtone_: Is that a leading question? Well, what I am thinking (and please bear in mind I am here to learn) the mails is accepted from the queue, Rails examines the address and if its not falid the method just returns. No action is tyaken and the mail is removed from the system in the proocess.[14:56:58] <jammanbo> woah ... spelling :([14:57:58] <robtone_> jammanbo, well, in other words, you don't really know how this thing handles inavlid/nonexistent recipients[14:58:36] <jammanbo> robtone_: Not really ... It just does nothing. Its as though the mail was never sent.[14:59:11] <robtone_> jammanbo, and if some sender does a typo?[15:00:16] <jammanbo> Yes there is that, but Im not too worried about it. As the addresses are going to be so weird nobody is likely to try and type them manually. Also, hitting reply to will be encouraged by some template text in the maail that the receiver needs to fill in.[15:00:56] * robtone_ will ask you for a can of worms next time he goes phishing[15:01:24] <Jax> grrrr my spamassassin isn't workign with amavisd-new - it isn't adding the Spam headers[15:01:32] <Jax> eventhough i said to add it above -999[15:01:58] <jammanbo> robtone_: less cryptic?[15:02:40] <robtone_> jammanbo, it would be to hard and time consuming to tell you why your assumptions are wrong[15:02:59] <jammanbo> oh go on ... please[15:04:59] *** anuron has quit IRC[15:05:03] <robtone_> jammanbo, you will always have excuses why accepting mails foe nonexistent/inavlid recipient is wrong.[15:05:17] <robtone_> thus it is gonna be timeconsuming.[15:06:37] <robtone_> jammanbo, thus, take your time, this might take like 4-5 years to understand. meanwhile you will have a mature appliance which cannot be changed because of historic grown excuses.[15:06:48] <rob0> One thing worth tossing in is that email is supposed to be reliable. Discarding mail from a real sender is a Bad Thing.[15:07:07] * cpm screams[15:07:14] <rob0> see?[15:08:43] * thumbs runs after cpm[15:09:11] <cpm> there has been a lot of traffic as of late concerning folks who want to accept everything. This trend is such a bad idea, i just can't fathom it.[15:09:21] <jammanbo> Well, Im not sure I understand what you are all suggesting as the alternative? You think I should bounce emails to nonexistent addresses with spam filtration to prevent back scatter?[15:09:49] *** UQlev has quit IRC[15:09:50] <cpm> no, you shouldn't accept mail to nonexistent addresses in the first place.[15:09:54] <robtone_> jammanbo, you should not accept mails for nonexistant/invalid users on the MX[15:09:55] <rob0> We are NOT suggesting an alternative. We are suggesting that you research it more, maybe.[15:10:03] <rob0> timw[15:10:05] <rob0> tinw[15:10:40] *** Davx2 has joined #postfix[15:10:46] <Davx2> hello everyone[15:11:42] <rob0> It's a shame that otherwise bright programmer get such ideas, when they have no clue about how email works. And then people like jammanbo follow along.[15:12:00] <rob0> it IS possible to do it right[15:12:28] <cpm> Well, pretty much everyone who stumbles into doing stuff with email, figures they know better. And no wonder, it's such a mess.[15:12:31] <rob0> they could have a policy service (sure, even written in Ruby) which rejects invalid recipients.[15:12:50] <Davx2> rob0 whats the best way (easiest without compromising on security) to set up a smtp auth[15:12:56] *** muecke77 has joined #postfix[15:13:03] <Dominian> !sasl[15:13:03] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[15:13:07] *** Sypher has joined #postfix[15:13:12] *** anuron has joined #postfix[15:13:20] *** Sypher has quit IRC[15:13:41] <cpm> there needs to be a good dovecot-sasl/postfix howto out there, that doesn't begin with 'apt-get blah blah blah'[15:14:20] <Davx2> indeed all i want to do it auth when sending smtp mail[15:14:24] <robtone_> Hm, debian and " without compromising on security" doesn't match anyway.[15:14:27] <robtone_> *run*[15:14:36] <rob0> haha![15:14:42] <shasta> ;)[15:15:10] <rob0> I sure hope this teaches them something.[15:15:18] <gnot> please, can anyone tell me what would be the proper way to train spam assassin by sending spam and ham messages to sa-learn _via_email_? will this method eventually lead spamassassin to consider the legitimate email addresses that have been used to feed sa-learn as spammer addresses?[15:15:44] <jammanbo> So someone comes to site and creates new "thread", a corresponding entry is made in the virtual mailbox file, all of which map to my Rails app, postmap is run on the file, the mail is sent from the new account?[15:15:47] <gnot> where can i get this information?[15:15:56] <Dominian> cpm: wiki.slackadelic.com[15:16:38] <Dominian> cpm: although.. that doesn't hit on the sasl and smtp-auth at all[15:17:07] <cpm> Dominian, then it wouldn't be a dovecot-sasl/postfix howto then, would it?[15:17:33] <cpm> maybe I mis stated[15:17:57] <robtone_> jammanbo, something like that. One could even use a database.[15:18:01] <rob0> jammanbo: that might work too, as long as "the virtual mailbox file" is checked for recipient validation. You're on the right track there, anyway.[15:18:30] <rob0> does your Ruby-on-Rails mailer do something like that natively?[15:18:48] <rob0> if not, it really should[15:18:49] <jammanbo> robtone_: That was my next question. Would that remove the necessity for running postmap?[15:18:58] <robtone_> jammanbo, yep[15:19:02] <Dominian> cpm: hehe[15:19:06] <jammanbo> rob0: Dont know. Not quite sure what you mean.[15:19:07] <rob0> yes, database is checked live[15:19:10] <Dominian> cpm: no.. you didn't mistate.. I wasn't paying attention.[15:19:17] * rob0 screams[15:19:32] <jammanbo> prone to panicing you lot arent you ...[15:19:35] <jammanbo> ;D[15:19:38] * rob0 screams at Dominian : PAY ATTENTION[15:20:10] <Dominian> rob0: hehe[15:20:17] <rob0> Dammit Dominian, you think we're going to sit here and give you free support if you won't pay attention?[15:20:31] <Dominian> what? I didn't catch that.. I wasn't paying attention.[15:20:36] <cpm> Dominian, No, I was wrong! pay attention![15:20:46] <Dominian> well damn it![15:20:49] <Dominian> !cpm[15:20:49] <knoba> Dominian: "cpm" : an operating system originally created for Intel 8080/85 based microcomputers[15:20:50] <Dominian> !dominian[15:20:51] <knoba> Dominian: "dominian" : A sentence-completion bot.[15:20:51] * cpm goes back to screaming[15:20:52] <Dominian> !rob0[15:20:53] <knoba> Dominian: "rob0" : a pathetic bot that reacts to newly joined users with reciting the !basic factoid :)[15:20:54] <Dominian> hehe[15:21:20] <shasta> erm[15:21:27] <shasta> Dominian, that howto of yours...[15:21:43] <shasta> you're suggesting duplicate indexes on mysql tables - useless :)[15:22:00] <Dominian> shasta: Taken from some where else actually[15:22:16] <Dominian> shasta: I couldn't find the tutorial I yanked that from so I just pasted it into mine so I wouldn't lose it[15:22:43] * cpm indexes useless stuff all the time. In fact, that's mostly my life these days[15:22:55] * rob0 screams[15:23:01] * robtone_ adjusts cpm pitch with some pins[15:23:19] <shasta> all your indexes are belong to me[15:23:33] <lunaphyte_> wtf is going on in here?![15:23:40] * cpm jabs shasta with a spork, 'All yer screams are belong to us!'[15:23:45] <rob0> Somebody set up us the lunaphyte_[15:24:19] <Dominian> Make your time...[15:24:22] <sysmonk> lunaphyte_: you're a freebsd user, right?[15:24:35] * cpm continues to scream[15:24:42] * sysmonk duck-tapes cpm[15:24:48] <lunaphyte_> sysmonk: yes, but i'm in treatment.[15:24:57] <sysmonk> duckt*[15:25:06] * lunaphyte_ gives cpm eye scream.[15:25:07] <sysmonk> lunaphyte_: er, what do you mean by that?[15:25:36] <rob0> Eye scream is in fact what started all this.[15:26:00] <robtone_> sysmonk, he will soon be a debian, vista and mac os x user :-)[15:26:02] <lunaphyte_> sysmonk: like a self medicating junkie... :)[15:26:09] *** muecke77 has quit IRC[15:26:11] <sysmonk> ah, awful[15:26:12] <sysmonk> :))[15:26:37] <lunaphyte_> oh, i use vista all the time, as a source of humor.[15:27:07] <shasta> funny ha-ha, or funny peculiar?[15:27:43] <rob0> I don't use Vista, but Vista sure uses me.[15:27:58] <shasta> wonder what Vista does in Soviet Russia[15:28:14] <sysmonk> vista? in russia? doh[15:28:22] <soren> shasta: hates you, probably.[15:28:34] <shasta> very likely[15:28:55] <sysmonk> shasta: and what does vista in poland? :)[15:29:06] <lunaphyte_> funny like I'm a clown, I amuse you?[15:29:43] <shasta> sneaks into computers[15:29:56] <sysmonk> shasta: ah, nothing new then...[15:30:23] <shasta> im in jor camputer, steeling j0r pazzwordz[15:30:59] <shasta> which reminds me I haven't seen lolcats for some time now[15:31:53] <lunaphyte_> one of my favorite pass-times is accidentally typing in my password when the irc window has focus.[15:32:46] <sysmonk> lunaphyte_: or writing .msg nickserv identify ....[15:32:54] <lunaphyte_> haha[15:32:54] <cpm> funny how? funny looking?[15:33:07] <robtone_> or telling your wife what you would like to do ...[15:37:30] *** af_ has joined #postfix[15:41:21] *** anuron has quit IRC[15:41:45] *** anuron has joined #postfix[15:41:50] *** hparker has joined #postfix[15:42:10] * cpm stabs hparker with a spork[15:42:27] <Dominian> Why a spoon cousin.. why not a knife.. or an axe...[15:42:34] <Dominian> Because its DULL you twit it'll hurt more[15:42:45] <hparker> heh[15:42:47] <cpm> sporks are intrinsically more humorous[15:43:22] <cpm> like fish slapping[15:46:21] *** felix_da_catz has joined #postfix[15:50:44] <Davx2> can someone provide some help for me with postfix[15:56:18] <mwalling> !ask[15:56:19] <knoba> mwalling: "ask" : If you have a question, just ask. Precise questions lead to precise answers. Vague descriptions of your problem will get you nowhere. See also: http://workaround.org/moin/GettingHelpOnIrc[15:56:32] <cpm> can haz[15:56:45] *** tshine has joined #postfix[15:58:24] *** seekwill has quit IRC[15:59:20] *** [1]felix_da_catz has joined #postfix[15:59:22] <rob0> If SASL is too complicated, rig up some out-of-band solution.[16:00:09] <rob0> But of course, if SASL is too complicated, you probably wouldn't be able to figure out an out-of-band solution. :)[16:03:47] *** af_ has quit IRC[16:04:11] * cpm is getting tired of screaming[16:04:35] * Dominian screams[16:04:45] * mwalling shoots Dominian[16:04:49] <mwalling> stfu[16:05:15] <lunaphyte_> if screaming is taking too long, maybe just try creaming.[16:05:48] <cpm> ewwww[16:06:14] <lunaphyte_> what?[16:08:03] * Dominian screams for cpm[16:08:29] <cpm> whew!, thanks[16:09:08] <Dominian> heh[16:10:54] * jduggan looks @ lunaphyte_[16:11:17] <lunaphyte_> quit staring, it's a birth defect.[16:11:33] *** pirho has quit IRC[16:12:04] <jduggan> http://www.nbc10.com/2007/0620/13535998_400X300.jpg lunaphyte_ is this you??[16:12:15] *** pirho has joined #postfix[16:12:20] <lunaphyte_> what in god's name?[16:13:29] * cpm starts screaming again[16:14:07] *** seekwill has joined #postfix[16:15:53] *** felix_da_catz has quit IRC[16:15:53] *** [1]felix_da_catz is now known as felix_da_catz[16:18:49] <Davx2> postfix unknown user "[options]"[16:18:56] <Davx2> help?[16:19:24] <mwalling> !debug[16:19:25] <knoba> mwalling: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .[16:25:38] <rob0> !gigo[16:25:39] <knoba> rob0: Error: "gigo" is not a valid command.[16:32:50] *** iNick has joined #postfix[16:33:02] <Davx2> what is the easiest way, to config postfix to sendmail through a smtp server with login details[16:35:27] <mwalling> !relay_host[16:35:28] <knoba> mwalling: Error: "relay_host" is not a valid command.[16:35:33] <mwalling> !relayhost[16:35:34] <knoba> mwalling: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination.[16:35:39] <mwalling> !sasl_readme[16:35:40] <knoba> mwalling: "sasl_readme" : www.postfix.org/SASL_README.html[16:38:31] <iNick> http://pastebin.com/d61b20dc8 -- LDAP searches that should work throw errors. should have all pertnant info[16:44:31] <rob0> www.postfix.org/SASL_README.html#client_sasl I think is the anchor[16:45:28] <mwalling> !learn sasl_client as www.postfix.org/SASL_README.html#client_sasl[16:46:56] <rob0> dn: uid=sample.user ... can you have a dot in that? I don't know LDAP at all, but that's my guess.[16:47:19] <iNick> yes, anything but a comma from what I know[16:47:30] <rob0> or is it that including the uid attribute in dn is wrong?[16:48:05] <rob0> you definitely need to be asking in LDAP places.[16:48:33] <f3ew> dn is like a primary key[16:51:42] *** amrit has joined #postfix[16:52:15] <iNick> rob0: no, it's postfix that is finding this invalid. every other software in this mix accepts it.[16:52:44] <iNick> and LDAP DNs are kinda like domain names. i.lost.my.home.to.a.dotcom.com[16:53:48] <rob0> If you think you have found a bug in Postfix's LDAP implementation, research it more and post to the mailing list. I would hold off on mentioning the word, "bug," however. :)[16:53:59] *** Siegfried has joined #postfix[16:54:54] <iNick> i didn't say bug[16:55:04] <iNick> it could be a typo, hence asking question is the first step[16:56:46] <seekwill> Help. I can't get postfix working. It won't relay. It must be a bug![16:56:47] <rob0> I know[16:56:52] <seekwill> :)[16:57:09] <mwalling> !tell seekwill basic[16:57:15] <mwalling> !tell seekwill mwalling[16:57:17] <mwalling> :)[16:57:18] <seekwill> ... :([16:58:09] <rob0> Spreading hate is great in 2008.[16:58:42] <mwalling> heh[16:58:45] <mwalling> that rhymed[16:58:55] <stickystyle> iNick: (not familar with postfix ldap, but am with ldap) Are there any other search options you can try? like bringing the base dn down one level and doing a sub-tree search?[16:58:59] <rob0> You're sharp![16:59:23] <stickystyle> iNick: just thinking of things to troubble shoot to maybe get you more info[16:59:42] <iNick> stickystyle: i want to keep it ou=accounts so postfix isn't trying to find company-wide contacts (which aren't accounts on our mailserver), or our groupware's "groups"[17:00:04] <iNick> so dropping it to o=default or to the dc=example,dc=com just isn't feasible[17:00:07] <stickystyle> iNick: i'm just saying...If you do that, does it still complain?[17:00:21] <iNick> stickystyle: haven't tried. i can. the server isn't "live" yet[17:00:22] <stickystyle> iNick: is this in production[17:00:30] * iNick can sense your questions[17:00:31][17:00:44] <rob0> bye suckas[17:01:13] <rob0> "LOTERIE ROMANDE (LR 2008)" <loterieromandeoffice at yahoo dot co.uk>[17:01:23] <iNick> stickystyle: honestly -- since everything below o=default is controlled pretty tightly for ACLs, do you think postfix is complaining DN syntax, but it's really a ACL?[17:01:57] <stickystyle> iNick: how is postfix binding? annon?[17:03:13] <stickystyle> iNick: but the error is complaining about syntax, so I'm not sure - as i said, i haven't done postfix with an ldap backend, so i don't knows its errors.[17:03:38] <iNick> uhm.. i don't know offhand. lol[17:03:45] <iNick> too many things in my head. hang on[17:03:46] *** mirrorcolor has joined #postfix[17:04:05] <iNick> it's searching anonymously[17:04:10] <iNick> ooh.. hang on[17:04:12] *** Draecos has joined #postfix[17:05:42] <iNick> looking at openldap's logfile[17:05:49] <iNick> it'll tell me how it bound, if it bound[17:09:31] <iNick> i'll get back to you.[17:10:23] *** alex_ has joined #postfix[17:13:28] <cite> iNick: are you sure special_result_attribute is what you want? This would try to expand a non-existant group called "uid"...[17:18:12] *** Siegfried has quit IRC[17:22:44] *** alex12 has quit IRC[17:24:15] *** jammanbo has left #postfix[17:27:20] <iNick> well -- i bound as rootdn and still throws invalid DN syntax. slapd.log shows two searches, one completely properly formatted, and then a search with ONLY the userid of the entire domain (sample.user at example dot com)[17:29:47] *** pirho has quit IRC[17:29:54] *** k4z has quit IRC[17:31:18] <iNick> and the 2nd is what throws invalid dn syntax[17:31:19] *** pirho has joined #postfix[17:31:43] <cite> iNick: This is because you use special_result_attribute attribute.[17:31:58] <cite> iNick: You are trying to do group expansion here when what you really want is just a list of uid's.[17:32:10] <iNick> cite: the special_result_attribute was set to maildrop in my PREVIOUS setup. the groupware i'm using doesn't use maildrop, so I have to tell it some other unique attribute[17:32:31] <iNick> cite: what would you recommend?[17:33:05] <cite> iNick: Try setting result_attribute instead of special_result_attribute[17:33:26] <iNick> okay[17:34:44] <cite> iNick: What are you looking up in LDAP? I mean, what kind of answer do you expect? Is this a virtual_*_maps query?[17:35:53] <iNick> result_attribute seems to have gotten it to work.[17:36:06] <iNick> virtual mailbox domain (right term?!)[17:36:25] <iNick> so what's the diff between special_result_attribute and result_attribute? besides one being special[17:36:54] <cite> iNick: As I said, the latter is needed to expand groups.[17:37:18] <cite> iNick: It reads all "uid:" entries and uses _their_ content as new search queries.[17:37:59] <cite> You might have an LDAP entry like: adminstraff: uid=joe, o=example, o=com and adminstaff: uid=bob, o=example, o=com[17:38:27] <iNick> ah[17:38:32] <iNick> i see[17:38:32] <cite> If you want a lookup for for the uid attribute of all members of the grup "adminstaff"; you would set special_result_attribute=adminstaff[17:39:01] <iNick> i love postfix, i just don't have it down memorized yet.[17:39:07] <iNick> thanks, stickystyle and cite[17:40:38] <Jax> gah i'm too stupid to setup spamassassin[17:40:55] <Jax> i ran: spamassassin -tD < sample_spam.txt (http://spamassassin.org/full/3.0.x/dist/sample-spam.txt)[17:40:59] <Jax> and it gives me score 0[17:41:03] *** jammanbo has joined #postfix[17:43:35] <iNick> i am starting to run dspam instead of spamassassin[17:43:44] <jammanbo> Can someone tell me what I need to do to pipe a mail to a script? Can it be done in a virtual_mailbox_map the same way it can in an alias?[17:46:47] <Jax> jammanbo likely you'll have to make a transport in master.cf[17:50:29] <jammanbo> k[17:50:31] <jammanbo> ta[17:51:20] *** Draecos_ has joined #postfix[17:52:26] *** harobed has quit IRC[17:52:41] *** harobed has joined #postfix[18:00:08] *** Siegfried has joined #postfix[18:02:21] *** phnord has quit IRC[18:03:24] *** Draecos has quit IRC[18:03:42] *** kiliko has quit IRC[18:03:48] *** af_ has joined #postfix[18:03:57] *** kiliko has joined #postfix[18:04:23] *** Draecos_ has quit IRC[18:05:09] *** netcrash has joined #postfix[18:05:52] *** Severed_Head_Of_ has joined #postfix[18:06:55] *** madrescher has quit IRC[18:07:04] *** mangezoutianya has joined #postfix[18:07:28] *** j_s has joined #postfix[18:08:53] *** havvg has quit IRC[18:09:25] *** mangezoutianya has left #postfix[18:16:03] *** muecke77 has joined #postfix[18:16:40] *** rev has joined #postfix[18:17:09] *** robboplus has joined #postfix[18:19:00] *** upsideup has joined #postfix[18:19:01] <upsideup> Waaay off topic, but, anyone got amavisd-new working with local_domains_maps working out of SQL?[18:19:39] *** stefan-f has quit IRC[18:25:12] *** growltiger has quit IRC[18:25:57] *** suuuper has quit IRC[18:26:21] *** FuriousGeorge has joined #postfix[18:26:28] <FuriousGeorge> hey all[18:29:07] <FuriousGeorge> where i am (nj, usa) all of the isps offer a static-ip service for around $50 US per month... i called one (optimum online) who does dhcp over cable, and asked if i would own rDNS with that service, and they put me on hold, asked a supervisor, came back and said 'yes'[18:29:29] <seekwill> So why are you furious?[18:29:36] <cpm> george[18:29:42] <FuriousGeorge> does that make it just as suitable for hosting postix[18:29:49] <cpm> and no, you won't 'own' it.[18:29:55] <cpm> it just means they can set it up.[18:30:12] <FuriousGeorge> seekwill: i was born addicted to crack, and im periodically beaten by a man with a yellow bat, when i'm not knife-fighting other monkeys[18:30:15] <FuriousGeorge> and i have one eye[18:30:28] <cpm> but they said 'yes' ![18:30:40] <FuriousGeorge> cpm: its a good day so far[18:30:45] <cpm> quite[18:30:53] <Jax> ok i can't get spamassassin to work :([18:30:55] <cpm> yeah, that'll work.[18:30:59] <Jax> always gives me scores of 0[18:31:10] *** hark has quit IRC[18:31:11] <FuriousGeorge> Jax: what distro?[18:31:15] <Jax> gentoo[18:31:24] <FuriousGeorge> are you following the official howto?[18:31:31] <Jax> is there one?[18:31:41] <seekwill> FuriousGeorge: Yes and no, depends on what IP address you actually get. Some RBL's hit the entire /24, so who knows.[18:32:18] <cpm> seekwill, but for rfc compliance, if he has a in-addr.arpa and a valid A, he's good.[18:32:30] <seekwill> Yeah[18:32:31] <cpm> and since he can make them match, all the better[18:32:34] <FuriousGeorge> yeah, its pretty great, though some of their config choices make guys in here wonder... like they set up a domain on the local transport just to do it[18:32:57] <FuriousGeorge> seekwill: you went a bit over my head? RBL?[18:33:28] <cpm> !rbl[18:33:28] <knoba> cpm: "rbl" : short for "realtime black list". RBLs are DNS zones that can help your mail server to determine if an IP address is trusted. It's a great way to fight spam. See http://www.au.sorbs.net/ http://www.dnsrbl.net/ http://www.spamcop.net/ http://www.mail-abuse.org/ http://www.rfc-ignorant.org/[18:33:52] <rob0> The man with the yellow bat![18:33:54] <FuriousGeorge> Jax: http://www.gentoo.org/doc/en/virt-mail-howto.xml[18:34:04] <FuriousGeorge> you may be past that, but you can use it as a reference[18:34:14] * cpm makes note of the yellow bat in rob0's hand by nodding[18:34:15] *** rev has left #postfix[18:34:22] <rob0> FWIW you might do better with a VPS.[18:34:37] <seekwill> Not my VPS :([18:34:49] <rob0> they tend to be cheaper than local commercial ISP service.[18:34:49] <Jax> they don't even mention spamassassin there FuriousGeorge[18:34:50] <seekwill> Well, there is "one" bad IP on my VPS's /24[18:34:57] <cpm> rob0, selling vpses now?[18:35:03] <rob0> nonononono[18:35:06] <FuriousGeorge> Jax: i know[18:35:11] * cpm says just use google apps and be done with it.[18:35:13] <FuriousGeorge> im looking for the other one and not finding it[18:35:17] * rob0 swings the yellow bat at cpm[18:35:27] <FuriousGeorge> the other one is based off of that so i gave it to you as background[18:35:30] * cpm blocks with a spork[18:35:54] * rob0 loses hold of the yellow bat and it flies into the yellow cave[18:35:57] <FuriousGeorge> Jax: http://www.gentoo.org/doc/en/mailfilter-guide.xml[18:36:14] * cpm needs to go to the batroom[18:36:27] <cpm> err, yellowroom then[18:39:02] <FuriousGeorge> seekwill: so, assuming i could have some control over my ip, and they will really set rDNS to whatever i want, it should be fine for mailhosting?[18:40:25] <seekwill> FuriousGeorge: Define, fine :), generally yes[18:40:31] <seekwill> People have been hosting on much less[18:40:49] <FuriousGeorge> i think ive used them in the past ;)[18:41:11] *** fabounio has joined #postfix[18:42:03] *** McJerry has quit IRC[18:45:25] *** hark has joined #postfix[18:48:58] *** stefan-f has joined #postfix[18:51:21] *** githogori has quit IRC[18:54:36] *** McJerry has joined #postfix[18:56:32] *** af_ has quit IRC[18:58:53] *** mmp has quit IRC[19:01:12] *** mmp has joined #postfix[19:03:49] *** havvg has joined #postfix[19:09:16] *** GoGi has joined #postfix[19:09:45] *** gpled has joined #postfix[19:11:45] <gpled> i do not want to take mail from any server at *.campaignmonitor.com what is the easiest way to do that?[19:11:52] *** hbueno has joined #postfix[19:11:59] <cpm> !access[19:12:00] <knoba> cpm: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[19:12:22] <cpm> or turn off smtpd[19:12:30] * hparker turns off cpm[19:12:35] <cpm> no kidding[19:12:41] <jduggan> better than turning him on, i guess[19:12:44] <cpm> nothing personal, really[19:13:19] <Jax> gah [12931] dbg: check: is spam? score=0 required=5[19:13:21] *** muecke77 has quit IRC[19:13:24] <Jax> for the GTUBE test mail[19:13:25] <Jax> GREAT[19:14:03] *** smultron has joined #postfix[19:14:30] <seekwill> Is GTUBE a google virus?[19:14:45] *** rokra has joined #postfix[19:15:31] *** stickystyle has quit IRC[19:16:17] <smultron> any idea why an alias with 50 users doesn't get sent to all those users? some people say they never get the email sent to that alias, even though they're in the alias group...[19:16:42] <Jax> seekwill[19:16:48] <Jax> can you send me a mail real quick[19:17:08] <Jax> with in it: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X[19:17:24] <gpled> http://en.wikipedia.org/wiki/Gtube[19:17:25] <seekwill> eek virus![19:17:29] <Jax> i think my addresses might be whitelisted[19:17:42] <seekwill> Jax: Actually, I can't since my MTA would block it[19:17:47] <Jax> outgoing?[19:17:50] <Jax> doubti t[19:18:00] <seekwill> You doubt how I configure my MTA?[19:18:05] <Jax> never[19:18:07] * Jax bows[19:18:08] <seekwill> :)[19:18:16] <seekwill> I filter everything[19:20:51] *** syneus has quit IRC[19:21:20] <seekwill> Plus, I don't have your email address to spa^H^H^Hsend it to[19:22:30] *** fabounio has quit IRC[19:22:31] *** amrit is now known as amrit|wfh[19:23:10] <jammanbo> Permission denied ... "rubymail unix - n n - - pipe" ... The script its trying to run is 777. Any suggestions?[19:24:16] *** muecke77 has joined #postfix[19:26:38] *** muecke77 has left #postfix[19:28:02] *** McJerry has quit IRC[19:31:48] *** McJerry has joined #postfix[19:32:07] *** kfullert has joined #postfix[19:33:49] *** McJerry has quit IRC[19:35:28] <kfullert> hi - are there any guides around for setting up postfix 2.4.6 to only allow mail from a certain range of addresses, or from clients that authenticate? I've got authentication working but getting a lot of spam from cached MX records - I'm now using a nospam service as my primary MX which forwards the mail which passes the spam checks to my postfix server[19:38:44] <cite> kfullert: set smtpd_recipient_restrictions to something like "permit_sasl_authenticated, reject"[19:39:42] <kfullert> cite: will that also allow the primary MX server (not under my control) to deliver mail to my server?[19:39:43] <cpm> smultron, check your logs[19:41:03] <cite> kfullert: no. But - guess what - you can add a check_client_access hash:/some/file and whitelist IPs there.[19:41:18] <kfullert> cite: ahhhh - excellent - I'll give that a go - thanks[19:41:31] *** Brownoxford_ has joined #postfix[19:42:41] *** fabounio has joined #postfix[19:43:41] <Brownoxford_> Hi all. Are the message IDs listed in postfix log output (ie: "B808E30981C3" in "postfix/pickup[18317]: B808E30981C3:...") unique, or do they get re-used eventually?[19:44:54] *** Brownoxford_ is now known as Brownoxford[19:45:12] <cite> They are not guaranteed to bie unique forever, no.[19:45:47] *** NameBrand has joined #postfix[19:45:53] <Dominian> eh[19:46:00] <Dominian> they are unique for "now"[19:46:08] <Dominian> they do have a slight possibility of being reused in the future.[19:46:13] <Dominian> but.. doubtful[19:46:27] <NameBrand> Can I blocked the root alias, but still allow all the delimited messages to come though? Reject: alias at domain dot tld Permit: alias+delimiter at domain dot tld[19:46:38] <Dominian> eh..[19:46:44] <Dominian> you don't want to block email for root..[19:46:45] <Dominian> alias it off[19:47:05] <rob0> Sure, check_recipient_access can do it. (Not commenting on the "should" part.)[19:47:08] <sky> when migrating a postfix install to system with a different endian, I wipe /var/imap/db/* and /var/imap/deliver.db... can I wipe /var/imap/*db?[19:47:14] <NameBrand> Can I do this by using a wildcard in the access.db file? permit alias_*@ deny@[19:47:31] <sky> i havent heard xomplains about the other db files but I cant imagine they would work (like mailboxes.db)[19:47:52] <rob0> Wildcards do not work in hash: maps. You probably want pcre: or regexp:.[19:48:21] * cpm regexps '^rob0%'[19:48:30] <lunaphyte_> don't help NameBrand. he says #postfix has a tendency to get snippy.[19:48:32] <rob0> /var/imap/ is not normally a Postfix pathname.[19:48:38] <rob0> lunaphyte_: thanks[19:48:39] <NameBrand> Well, I tried rejecting alias@ but it is rejecting all the delimiters[19:49:02] <sky> guess I should call it the 'database location'[19:49:03] <rob0> I'm about to go afk anyway[19:49:10] <NameBrand> and lunaphyte_ is proving my point[19:49:14] <lunaphyte_> haha[19:51:57] <lunaphyte_> alas, i've never found an application for delimiters, so i can only offer snide comments :)[19:52:06] <kfullert> cite: just got that setup and works exactly as i wanted - many thanks![19:52:58] *** Brownoxford has left #postfix[19:53:05] <NameBrand> lunaphyte_: they are great for preventing/tracking spam. You can make email addresses on the fly. junk+visa@ junk+electric@ junk+cable@[19:53:30] <NameBrand> then you know when you start getting viagra mail on the junk+electric@ account you know the electric company gave your email out[19:53:46] *** harobed has quit IRC[19:54:32] <NameBrand> that method is alot faster than creating a true alias for every place that needs an email address that you don't trust.[19:54:40] <kfullert> NameBrand: except some e-mail validation scripts (incorrectly) mark delimited addresses as an invalid e-mail address and don't let you use it :([19:55:14] <rob0> Oh indeed, those scripts piss me off.[19:55:24] <rob0> Seem to be very common.[19:55:27] <NameBrand> I don't use + as my delimiter character[19:55:31] <NameBrand> so I've never had a problem[19:55:57] <rob0> (Even a place like uribl.org, which SHOULD be more intelligent.)[19:56:01] <kfullert> NameBrand: what do you use for a delimiter?[19:56:16] <NameBrand> ok, new question. Is there a way (for one user) to sort mail into sub-folders in the CLI like a daemon?[19:56:32] <rob0> Too late for me, I've had + for years, and I'd have to change all my old list subscriptions to fix it.[19:56:47] <NameBrand> My webmail lets me run filters to sort things into sub dirs, but thunderbird does not. So I'd like to be able do it before the mail reaches dovecot[19:56:51] <NameBrand> I use _[19:57:21] *** githogori has joined #postfix[19:57:28] <cpm> use dovecot sieve[19:57:34] <seekwill> sieve sucks[19:57:36] <seekwill> :([19:57:41] <rob0> .forward file, .forward_FOO, procmail?[19:57:45] * seekwill is debugging a sieve script now...[19:57:47] <rob0> (sorry lunaphyte_ :) )[19:57:49] <kfullert> doesn't sieve not support variables in the script?[19:57:54] <cpm> seekwill has offered to set it up for you, since he knows better[19:58:03] <seekwill> :P[19:58:06] <cpm> :)[19:58:08] *** shinao1 has joined #postfix[19:59:22] <NameBrand> rob0: so, use the .forward file to route my mail through procmail and let that filter it?[19:59:27] *** kfullert has left #postfix[20:00:40] <NameBrand> interesting... I'll look into it tonight.[20:00:40] <rob0> or better yet, targeted .forward_FOO files only affect user_FOO[20:00:46] <rob0> man local[20:01:09] *** rokra has quit IRC[20:01:49] <NameBrand> so .forward_junk would affect user_junk ; and .forward+blah would affect user+blah ?[20:02:24] <lunaphyte_> that's an interesting idea. i have a few throwaway addresses, but it gets difficult to make determinations pretty quickly.[20:03:04] <NameBrand> lunaphyte_: delimiters ftw[20:04:19] <rob0> Not quite. You can only have one delimiter.[20:04:26] *** jammanbo has left #postfix[20:04:42] <NameBrand> rob0: I read an artile somewhere about someone that changed it, and was able to make the old one work.[20:05:09] <NameBrand> I'll man local later, and I'll look at procmail.[20:05:11] <NameBrand> thanks[20:05:18] <NameBrand> wife is bugging me to head out.[20:05:38] <lunaphyte_> is that code for something?[20:05:49] <NameBrand> already done that today...[20:05:58] <NameBrand> taking dog to vet and going to go eat[20:06:06] <NameBrand> already 1pm, and past my bedtime[20:06:18] <rob0> Eat the dog and skip the vet.[20:06:37] <lunaphyte_> i was just thinking that![20:06:46] <rob0> sick minds think alike[20:06:51] <lunaphyte_> rob0: that's disgusting![20:06:58] <rob0> I resemble that![20:07:27] <rob0> But you're right, it's disgusting to eat a sick dog.[20:07:44] <NameBrand> thx 4 help... l8r[20:07:50] <rob0> Go to the pound and get a healthy one.[20:08:05] * cpm nevers eats sick dogs[20:08:09] <cpm> indeed[20:19:49] <FuriousGeorge> /join #networking[20:20:08] <FuriousGeorge> and get a free bobblehead doll :)[20:28:01] *** wack47 has joined #postfix[20:28:56] <cite> I just got a fatal error stating that I cannot use the proxymap service to do virtual_uid_maps lookups.[20:29:11] <cite> I think I have to upgrade to 2.3 :-P[20:29:32] <rob0> UPgrade to 2.3?[20:31:00] <cite> Well, it will then silenty discard the request.[20:31:08] <cite> An error you do not see is not an error, is it?[20:31:45] <Dominian> You have to realize, there is no error.[20:32:13] <cite> This way, the next time some of the database guys comes to my office to blame me for high load on one of their servers, I can point to my main.cf, show them I access their databse through proxymap (with well defined limits on concurrency) and blame someone else.[20:33:10] * cpm ponders 'no error'[20:36:06] *** sweed has joined #postfix[20:43:15] *** shinao1 has quit IRC[20:57:41] <sysmonk> cite: sure, and you think your database guys will understand main.cf?[20:57:59] * cpm doesn't understand sysmonk[20:58:35] <sysmonk> and proxymap limits in no way define the load on the server ;P[20:58:42] <sysmonk> one query and you're doomed[20:59:43] <sysmonk> (let's make a query on 20 tables with no indexes, and half milions rows each, and don't forget to use joins)[21:00:33] * cpm refuses to use joins, just writes down output on a piece of paper, and requiries[21:01:28] *** dustybin has left #postfix[21:05:29] <cite> sysmonk: That's the idea behind all of that. In trained them to accept "proxy:<database>:..." is a good thing for them. Now when I change something in my config, they can access that changeset in our internal SVN.[21:05:51] <cite> sysmonk: But, when they see I only changed something that starts with proxy:<database>..., they won't know I'm hte culprit![21:06:10] <cite> sysmonk: And I didn't tell them the part about load.[21:06:28] <cite> sysmonk: I just told them about concurrency and alluded to it also miting load...[21:08:13] *** lunaphyte_ has quit IRC[21:13:48] *** stickystyle has joined #postfix[21:14:53] *** {Chris} has quit IRC[21:19:03] *** gpled has left #postfix[21:21:34] *** Siegfried has quit IRC[21:25:35] *** Motoko-chan has joined #postfix[21:26:40] *** wack47 has quit IRC[21:33:00] *** carl- has joined #postfix[21:33:46] *** cpm has quit IRC[21:38:43] <Jax> cite i give up[21:39:09] *** CrazyFoam has joined #postfix[21:40:54] *** davidj has quit IRC[21:41:50] *** rmayorga has quit IRC[21:41:54] *** davidj has joined #postfix[21:42:15] *** rmayorga has joined #postfix[21:42:50] *** davidj has quit IRC[21:44:06] *** keffer has quit IRC[21:49:41] *** jp- has quit IRC[21:50:27] *** muecke77 has joined #postfix[21:55:42] *** muecke77 has left #postfix[21:57:27] *** jammanbo has joined #postfix[21:57:44] *** hopiangbaboy has joined #postfix[22:02:14] *** ziro_ has quit IRC[22:03:09] *** lwilke has joined #postfix[22:07:48] *** jammanbo has left #postfix[22:08:14] *** keffer has joined #postfix[22:08:17] *** {Chris} has joined #postfix[22:08:57] *** tshine_ has joined #postfix[22:09:15] *** sweed has left #postfix[22:10:04] *** tshine_ has quit IRC[22:10:40] *** tshine_ has joined #postfix[22:11:12] *** tshine has quit IRC[22:11:17] *** tshine_ is now known as tshine[22:15:59] <Jax> gah[22:16:17] <Jax> i just can't get amavis working. any time i send myself an email with the GTUBE "virus" in it, nothing catches it - it just goes through[22:18:30] *** havvg has quit IRC[22:21:04] <lwilke> hi, i have a postfix 2.5.1 setup in which relay_domains=A and virtual_alias_domains=B in virtual_alias_maps i have an entry x@A somewhereelse. This entry is used. I do not understand why? I though mail for domain a in relay_domains is in the RELAY CLASS therefor why is this mail send? The mail is send from the local system alias_maps and local_delivery are all disabled. I checked with debug_peer_list and clearly the rcpt is in class=relay bu[22:21:13] <lwilke> still looks in virtual_alias_maps[22:21:37] <lwilke> hm, i am running out of ideas - help :)[22:26:51] *** m0f0x has joined #postfix[22:26:54] *** mmp has quit IRC[22:27:11] <rob0> Jax, amavisd logged ...[22:28:02] *** Pazzo has quit IRC[22:28:03] <Jax> everything looks fine in the logs.[22:28:16] <Jax> it finds the virus scanner too[22:28:24] <Jax> Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan[22:28:32] *** mmp has joined #postfix[22:29:16] *** stickystyle has quit IRC[22:30:28] *** edini has joined #postfix[22:30:36] <rob0> virtual_alias_maps applies to ALL addresses on the way out, and to virtual_alias_domains on the way in.[22:32:25] <rob0> A virtual_alias_maps entry for an address in another class (such as relay_domains) does not mean you don't need that address listed in the class's recipient validation maps (relay_recipient_maps in this case.)[22:34:05] *** dustybin has joined #postfix[22:34:12] <dustybin> i run a mail server at home using postfix, courier-imaps, squirrelmail[22:34:15] <dustybin> if i open up port 143 on my router, would it be possible for my cellphone to communicate with my imap server[22:34:24] <dustybin> so i can read all my live email?[22:34:36] <sysmonk> 143?[22:34:44] <dustybin> isnt that what imaps uses?[22:35:00] <dustybin> server:~# netstat -natp | grep 143[22:35:00] <dustybin> tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 3736/couriertcpd[22:35:03] <sysmonk> err, 993 for imaps[22:35:08] <sysmonk> 143 is imap2 afair[22:35:11] <jduggan> if its SSL enabled, sure, but 993 usually[22:35:18] <jduggan> (for imaps)[22:35:24] <dustybin> server:~# netstat -natp | grep 993[22:35:25] <dustybin> tcp 0 0 127.0.0.1:993 0.0.0.0:* LISTEN 3748/couriertcpd[22:35:28] <dustybin> aye ok[22:36:07] <lwilke> rob0: i just read about the cleanup daemon is responsible for this well rewriting is done by the trivial-rw daeomn, but when sending to x@A from extern this works, too. But postmap -q x@A on the relay_recipient_map gives me not result[22:36:10] <dustybin> im going to buy a new cellphone, need to find one what can connect to my imap server[22:36:19] <sysmonk> dustybin: anything that talks imap[22:36:27] <dustybin> interesting[22:36:34] <jduggan> dustybin: most phones these days can do imap[22:36:40] <dustybin> cool[22:36:47] <lwilke> rob0: no the server is not an open relay trying other addresses in A does not work[22:36:48] <jduggan> might be nice to find one that the client supports IDLE[22:36:59] <jduggan> but this is offtopic for #postfix :)[22:37:04] <sysmonk> jduggan: right :)[22:37:10] <dustybin> id like my cellphone to check my imap server for new messages and alert me when i have new mail[22:37:20] <dustybin> just the same way i get SMS[22:37:29] <sysmonk> it's a topic for #mobile-phones-which-have-mail-user-agents-that-support-imap4-idle-extension[22:37:40] * dustybin joins[22:38:00] <jduggan> dustybin: IDLE is the feature you want... it tells YOU that you have mail, rather than you check.. this is better suited for #courier, though :)[22:38:01] <rob0> 127.0.0.1:143 won't be reachable from anywhere but the server itself[22:38:05] <sysmonk> dustybin: mostly they have a setting like 'check for mail each xxx minutes'[22:38:18] <dustybin> aye excellent[22:38:23] <sysmonk> rob0: heh, good point :)[22:38:25] <dustybin> this is serious stuff[22:38:56] <sysmonk> dustybin: as rob0 noticed, if your imap server listens on 127.0.0.1 only - it won't be accessible from anywhere[22:39:03] <dustybin> rob0: i know that, i will change the listen address[22:39:20] <dustybin> im using it locally with squirrelmail at the moment[22:39:39] *** rudebwoy has joined #postfix[22:39:56] <dustybin> imap + cellphone = perfect match[22:40:23] <sysmonk> dustybin: welcome to the XX century :P[22:40:28] <dustybin> :D[22:40:38] *** pa has quit IRC[22:41:16] <Jax> dustybin you think so? i wish my stupid phone would support some kind of CalDav or something[22:41:58] *** jellis-real has quit IRC[22:42:08] <dustybin> CalDav ?[22:42:24] <Jax> there's still no decent groupware solution[22:42:35] <Jax> like sharing calendars via calendar server, contacts,...[22:42:38] <Jax> email is only one part of it[22:44:31] *** edini has quit IRC[22:45:03] <dustybin> thats enough for a mobile device[22:46:34] <sysmonk> there's no such thing as enough! :)[22:46:52] <sysmonk> we need more(1) and more(1)[22:47:06] <sysmonk> but we get a hard link to less(1) :([22:48:30] <mwalling> most(1)?[22:48:58] <sysmonk> no most(1) here[22:49:08] <sysmonk> only more(1) and less(1)[22:49:15] <sysmonk> where more(1) is a hard link to less(1)[22:49:33] <sysmonk> so, when i ask for more(1) i get less(1) :([22:49:38] <sysmonk> it's always like that![22:50:16] <sysmonk> btw, i've always liked the man page for less(1), especially the title of it[22:50:20] <sysmonk> less - opposite of more[22:54:12] <lwilke> rob0: not sure if i undestand this fully but x@A is accepted from localhost and TO is rewritten by the trivial-rw daemon because it comes from localhost and the trivial-rw daemon does this for all mail. If x@A is accepted from an external host though it is not listed in a relay_recipient_maps=... but in a virtual_alias_maps file and Domain A is listed as relay_domains=A and smtpd_recipient_restrictions contain reject_unlisted_recipient[22:54:18] *** pitakill has joined #postfix[22:55:00] <lwilke> and virtual_alias_domains=B[22:55:03] *** tshine has quit IRC[22:55:27] <lwilke> then is the trivial-rw daemon the reason for this?[22:55:42] <lwilke> i thought that this mail would not even be accepted[22:56:01] <rob0> List all your valid recipients for ANY class in that class's recipient maps. Your smtpd_recipient_restrictions probably also contain permit_mynetworks, no?[22:56:36] <rob0> you did an end-run behind the class recipient validation, and accidentally got validated by virtual_alias_maps[22:56:42] *** smultron has quit IRC[22:56:55] <lwilke> rob0: yes, but the external host is not in mynetworks[22:57:08] <lwilke> rob0: eh what is an end-run?[22:57:42] <rob0> pastebin logs to show what you mean. No more guessing.[22:59:50] *** tshine has joined #postfix[23:02:38] *** ramoni has quit IRC[23:04:48] *** drzed__ has joined #postfix[23:05:11] *** drzed_ has quit IRC[23:06:18] *** Matt has joined #postfix[23:06:22] <Matt> hey guys[23:09:51] *** rudebwoy has quit IRC[23:16:15] *** hopiangbaboy is now known as jmazaredo___[23:16:35] <lwilke> rob0: the config: http://pastebin.com/d55c63400[23:16:40] <lwilke> logs come in a moment[23:17:41] *** fabounio has quit IRC[23:18:08] <Jax> is there a way to test clamd?[23:23:02] <lwilke> Jax: search for eicar test signature[23:26:02] *** bancus___ has joined #postfix[23:26:47] *** c00l2sv has quit IRC[23:26:56] *** ek has quit IRC[23:27:17] <bancus___> Hey, guys. I'm getting hammered right now because a spammer is using my address as his from:. Something like 11k messages in an hour or two, just to my one address. Can anyone point me to some way to filter or otherwise protect myself from this flood?[23:27:46] <bancus___> I considered trying to use sieve, but there's no way to use external files, which is the only way I can think of to monitor for flooding and only enable the filters for that case.[23:27:58] *** carl- has quit IRC[23:28:01] <bancus___> Because I still need to get the occasional "Message undeliverable" responses.[23:28:26] *** ek has joined #Postfix[23:29:14] <bancus___> Maybe there's a prebaked solution?[23:32:21] <lwilke> rob0: here is the log http://pastebin.com/d53528ad8[23:32:28] <lwilke> rob0: Thanks a lot for your input![23:36:55] *** donspaulding has joined #postfix[23:38:21] <donspaulding> I've got a virtual_alias_maps setting that pulls back the real email address and an address that I want to receive a copy of all emails. How do I tell postfix not to send errors back to the sender when the copied address has a delivery failure?[23:38:53] <rob0> Nope, non-munged and non-verbose. I don't have time for that.[23:39:39] <seekwill> heh[23:40:30] <seekwill> lwilke: embarassed by your hostname?[23:41:40] <Jax> gah[23:41:43] <Jax> my setup finally works again[23:41:58] *** bancus has joined #postfix[23:41:59] <donspaulding> rob0: was that comment meant for me?[23:43:03] <lwilke> seekwill: oh well, i thought it would be a good idea to anonymize it. I give up. It works anyway, i am just not sure i understand this detail. Thanks all![23:43:38] <seekwill> lwilke: ok. Anonymizing it generally hides the problem[23:44:16] <bancus> The amount of mail coming in is actually causing my network connection to lag. :x[23:44:38] <seekwill> bancus: Spam?[23:44:43] <lwilke> seekwill: well yeah i guessed it _after_ posting page after page of the log :) Well next tiem i will know better[23:45:09] <bancus> seekwill: Spam responses.[23:45:18] <bancus> someone's using my address as their From: on spam messages[23:45:30] <bancus> So I'm getting a flood of "Undeliverable" responses.[23:45:39] <seekwill> oh[23:46:05] <seekwill> lwilke: :) Live and learn.[23:46:35] <rob0> I explained it to lwilke in general terms. With real, nonverbose logs I could have explained it in concrete terms. I have a pretty good idea what happened.[23:47:25] <seekwill> rob0: In #mysql, we have the same issue. People anonymizing column and table names for who knows what reason. And the problem was with the actual name of the column... :)[23:47:48] *** bancus__1 has joined #postfix[23:48:17] <bancus__1> Goddamnit.[23:48:21] <bancus__1> This is crazy.[23:48:26] <lwilke> rob0: i think i understood you, but i am not sure what you were referring to with "end-run"[23:48:39] <seekwill> bancus__1: service postfix stop? :)[23:48:45] <lwilke> rob0: anyway i am glad you had the patience to even look[23:48:46] <bancus__1> It is stopped, now.[23:48:49] <lwilke> :)[23:48:55] <bancus__1> But it took a while for the network flood to die down again.[23:49:05] <bancus__1> But I can't leave it down.[23:49:09] <bancus__1> I need some sort of solution for this.[23:49:16] <seekwill> Get a bigger pipe[23:49:20] <bancus__1> Not an option.[23:49:28] <seekwill> Get a backup MX[23:49:44] <bancus__1> An option, but ultimately, those messages still end up here.[23:50:09] <bancus__1> You could rate limit it, but then that chokes off legitimate mail.[23:50:10] <iNick> bancus__1: firewall off the remote ip[23:50:16] <bancus__1> There's more than one.[23:50:31] <iNick> oh[23:50:32] <Jax> May 19 13:20:05 cxg2 imapd: authentication error: Input/output error[23:50:33] <bancus__1> This is 100s of smtp servers telling me that such and such mailbox does not exist.[23:50:37] <Jax> nobody knows what that is?[23:50:52] <donspaulding> is there a setting that will tell Postfix to ignore qmgr errors for a specific address?[23:51:17] <Jax> i get that error from time to time... but generally imap auth works[23:51:22] <Jax> any idea what that could be from?[23:51:29] <iNick> bancus__1: but if the remote IP who is SENDING the message is firewalled off, you won't get the respective mailer-daemon bounces back[23:51:40] <rob0> "end run" is sort of a sports term I guess. Basically your mail was accepted by permit_mynetworks, and because of virtual_alias_maps on the way OUT, it was deliverable.[23:52:03] <seekwill> iNick: Yeah, it's unlikely that the remote server will send more than one bounce[23:52:07] <bancus__1> iNick: I can't control their firewall.[23:52:17] <seekwill> iNick: Yeah, it's unlikely that the remote server will send a significant number of bounces[23:52:20] <bancus__1> What's happening here is someone is spamming a bunch of people, with my address in From:[23:52:25] <bancus__1> So bounces are going to me.[23:52:32] <bancus__1> I can't control that this spammer is sending those.[23:52:37] <bancus__1> I just have to deal with the flood of responses.[23:52:40] <seekwill> backscatterer.org?[23:52:45] <rob0> bancus__1: I've seen it too[23:52:45] <iNick> bancus__1: i guess i'm not understanding this. someone remote is sending spam through your mailserver, and the recipient of the spam are sending mailer-daemon messages back. right?[23:52:51] <rob0> NO[23:52:59] <donspaulding> bancus__1: iptables -A INPUT -s bad.mx.ip.add -j DROP[23:53:02] <bancus__1> Not through my server.[23:53:06] <bancus__1> It never touches my server.[23:53:10] *** johndo has quit IRC[23:53:22] <iNick> i see.. sorry man. ouch[23:53:28] <iNick> sorry i misunderstood[23:53:31] <bancus__1> Yeah.[23:53:39] <rob0> Thousands of backscatter spammers are hammering him. He's completely innocent.[23:53:59] <rob0> I've seen a machine knocked offline in a backscatter attack.[23:54:19] *** timboy has joined #postfix[23:54:24] <bancus__1> rob0: Is there anything I can do?[23:54:37] <seekwill> bancus__1: Option to block bounces for the time being? Or use the backscatterer.org RBL?[23:54:40] <rob0> unfortunately not much[23:54:44] <rob0> yes[23:54:45] <bancus__1> How do I block bounces?[23:54:58] * seekwill doesn't know how to do that in postfix...[23:54:58] <rob0> backscatterer.org as a temporary solution[23:54:59] <bancus__1> And wouldn't the people sending me bounces have to use the RBL?[23:55:04] <bancus__1> Or am I misunderstanding it?[23:55:13] <seekwill> Yes, temporary, only to stop the current attack[23:55:27] <timboy> I've got a question. my webmail account sends mail fine but when I set up my account in outlook I get the messages back with saying it "was considered unsolicited bulk e-mail (UBE)."[23:55:38] <rob0> put it in smtpd_client_restrictions and turn off smtpd_delay_reject[23:56:04] <rob0> it might cost some legitimate mail, but it is your best hope[23:56:05] <seekwill> bancus__1: There is a chance you're going to miss legit bounces... but there's not much you can do[23:56:18] <bancus__1> I'll put up with that possibility.[23:56:33] <Jax> do i just drop the backscatter dns into smtpd_client_restrictions ?[23:56:33] <bancus__1> I wonder if it'd be possible to have a flood-detect script that enables the RBL for an hour.[23:56:42] <seekwill> Anything is possible[23:57:04] <rob0> When your domain is used in a spam run, you are hit immediately by the idiots.[23:57:11] <rob0> and hit HARD[23:57:29] <bancus__1> That way I'd lose minimal legit stuff.[23:57:35] *** bancus___ has quit IRC[23:57:48] <bancus__1> rob0: What exactly do I put in smtpd_client_restrictions?[23:58:11] <Jax> you put in: reject_rbl_client ips.backscattered.org[23:58:40] <Jax> oops[23:58:43] <Jax> r at the end, not d[23:59:00] <rob0> ips.backscattered.orr ? :)[23:59:24] <rob0> ips.backscattered.orgy[23:59:36] <sysmonk> yeah, would be a nice tld :P[23:59:37] <bancus__1> Heh.[23:59:37] <Jax> backscatterer[23:59:50] <bancus__1> Just anywhere in main.cf?