June 2, 2008 
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30
June 2, 2008 [00:00:01] <JoaoCarneiro> Mez, :D [00:00:06] *** Draecos has joined #postfix [00:00:28] <JoaoCarneiro> Mez, and it should be owned by postfix only? [00:00:44] <JoaoCarneiro> shouldn't it be available to other users? [00:00:47] <JoaoCarneiro> lol [00:00:49] <JoaoCarneiro> daemons [00:04:08] <action09> rob0 Hoo great thx :) [00:04:19] <JoaoCarneiro> Mez, that really broke things [00:04:21] <JoaoCarneiro> lol [00:11:00] <Mez> JoaoCarneiro, It only works for me if i own it by postfix [00:11:02] <Mez> but only postfix uses it in my cas [00:11:28] <JoaoCarneiro> chown -R root.sasl /var/spool/postfix/var/run/saslauthd [00:11:42] <JoaoCarneiro> this was the one that did it on my system [00:12:47] *** internat85 has quit IRC [00:13:05] *** internat85 has joined #postfix [00:20:30] *** j_s has quit IRC [00:22:09] *** Haris has quit IRC [00:23:39] <Mez> JoaoCarneiro, I wasnt suggesting you do it - just saying that I have to [00:23:39] <Mez> sprry if that wasnt clear [00:27:56] *** Lizzy has joined #postfix [00:29:00] <Lizzy> hello? [00:29:26] <JoaoCarneiro> Mez, it was clear, i was just throwing back some feedback :) [00:31:13] <Lizzy> I installed postfix the mail server worked fine. I could send and receive [00:31:30] <Lizzy> but after i restarted the computer i could only receive [00:31:44] <Lizzy> (Host or domain name not found. Name service error for name=gmail.com type=MX: Host not found, try again) [00:32:02] <Lizzy> i get that error in the postqueue when i try to send anything [00:35:54] <JoaoCarneiro> that seems like a DNS problem [00:35:56] <JoaoCarneiro> check it [00:36:16] <JoaoCarneiro> check /etc/resolv.com [00:36:57] <seekwill> resolv.com? [00:37:46] <Lizzy> yeah /etc/resolv.conf is right [00:38:00] <Lizzy> it's exactly the same as it was before i restarted [00:39:15] <Lizzy> nameserver 10.1.1.1 [00:39:20] <Lizzy> the router IP [00:39:31] <Lizzy> nameserver [00:40:31] <seekwill> dig gmail.com mx [00:40:35] <seekwill> What does that say? [00:41:07] <JoaoCarneiro> seekwill, .conf [00:41:09] <JoaoCarneiro> :) [00:43:59] <Lizzy> ; <<>> DiG 9.4.2 <<>> gmail.com MX [00:43:59] <Lizzy> ;; global options: printcmd [00:43:59] <Lizzy> ;; connection timed out; no servers could be reached [00:44:14] <Lizzy> It does that to all mailservers [00:44:19] <Lizzy> not just gmail [00:44:24] <seekwill> ooooh [00:44:35] <seekwill> Then you should fix your DNS server ;) [00:44:56] <seekwill> ssh root at 10 dot 1.1.1 /sbin/service named start [00:44:58] <seekwill> :) [00:46:04] *** Draecos has quit IRC [00:46:04] <Lizzy> log into the router? [00:46:24] <Lizzy> 10.1.1.1 is the router ip [00:46:44] <seekwill> I don't know how your network is set up. But it isn't a Postfix issue... [00:47:04] <Mez> Lizzy, add the following line to /etc/resolv.conf [00:47:09] <Mez> nameserver 4.2.2.3 [00:47:16] <Mez> and see if that helps [00:47:33] <Mez> though if your router is completely down - it wont do anything [00:47:33] <Lizzy> okay [00:47:45] <seekwill> Who runs 4.2.2.3? [00:47:56] * seekwill has used 4.2.2.1 for Verizon DSL [00:48:15] <Mez> seekwill, Its an open DNS server - cant remember who its run by [00:48:20] <seekwill> ah [00:48:25] * Mez usually uses 4.2.2.2 but 4.2.2.3 seems to work better [00:49:07] <Mez> ah, tis run by level3 internet (a backbone provider) [00:49:30] * seekwill wants a Level1 provider [00:50:39] <seekwill> Ah, nice to know. Looks like they run 4.2.2.1 as well [00:50:45] *** GoGi has quit IRC [00:50:48] <Lizzy> nope. still the same [00:50:50] <Lizzy> :/ [00:55:35] *** roe has joined #postfix [00:57:22] <vice-versa> 4.2.2.[1-3] are verizon (gtei.net) dns servers [00:57:41] <Lizzy> thanks for the help. :) [00:57:46] *** Lizzy has left #postfix [00:59:56] *** JoaoCarneiro has left #postfix [01:13:50] *** oxtail has quit IRC [01:14:45] <dafrog`> http://ipower.ning.com/netneutrality [01:19:48] *** Sypher_ has quit IRC [01:20:12] *** suuuper has quit IRC [01:23:55] *** pirho has quit IRC [01:26:29] *** wladek_ has quit IRC [01:50:12] *** loddafnir has quit IRC [01:51:58] *** war9407 has quit IRC [02:15:24] *** Zblakany has quit IRC [02:26:20] *** ming_zym has joined #postfix [02:27:49] *** ming_zym has quit IRC [02:29:54] *** ming_zym has joined #postfix [02:51:23] *** madrescher has quit IRC [03:04:39] *** FuriousGeorge has quit IRC [03:10:25] *** Tachy_ has joined #postfix [03:23:55] *** Tachy has quit IRC [03:28:37] * thumbs blames seekwill [03:36:38] <rob0> Yeah, seekwill is definitely all-thumbs. [03:36:45] <rob0> and vice-versa [03:46:23] <thumbs> hey, easy. [03:52:15] * rob0 is easy [03:52:50] <thumbs> yeah, seekwill is not. [04:10:33] *** hing has quit IRC [04:17:14] <jonez> greetings. I'm stuck on a config change. I have two mx records, one uses sasl properly and the other has a problem where it cannot find any worthy mechs [04:17:58] <jonez> anyone around that can help me triage? :) [04:20:39] *** ming_zym has quit IRC [04:40:06] <checkers> can anyone suggest how I can send outgoing mail on different IPs based on the sender's domain? I've been given the hint 'transport_maps', but I'm still in the dark after reading TRANSPORT [04:40:53] *** Fallenou has quit IRC [04:55:22] <rob0> postconf.5.html#sender_dependent_relayhost_maps with specific per-IP smtp(8) transports defined in master.cf -- but, I'm curious about the real problem you are trying to solve, and doubt this will do it. [04:56:43] <rob0> @example.com examplecom: [04:56:51] <rob0> @example.net examplenet: [04:57:24] <rob0> examplecom and examplenet both in master.cf as smtp(8) clones with -o smtp_bind_address [04:58:09] <rob0> offer void where taxed or prohibited by law, or if you have routing table issues you don't understand [05:01:09] *** magyar has quit IRC [05:02:07] *** Zeit|awy_ has quit IRC [05:08:10] *** ming_zym has joined #postfix [05:18:18] *** Motoko-chan has joined #postfix [05:19:19] *** saurabhb has joined #postfix [05:38:36] *** Mavvie has quit IRC [05:45:13] *** keffer has quit IRC [05:45:21] *** keffer has joined #postfix [05:56:02] *** Zelest_ has joined #postfix [06:00:44] *** nox has quit IRC [06:02:28] *** nox has joined #postfix [06:09:40] *** Zelest has quit IRC [06:21:20] <checkers> rob0: we'd like mail from foo.com to come from mx-out.foo.com, and s/foo/bar, when these two domains are on the same box [06:23:26] <checkers> is there a better way to do it, short of setting up separate servers? [06:26:11] <rob0> mx-out.foo.com. 3600 IN A 64.94.125.138 [06:26:19] <rob0> Host mx-out.bar.com. not found: 3(NXDOMAIN) [06:26:32] <rob0> anyway, didn't I answer that? [06:26:52] <checkers> yes, you just wondered why I wanted to do it [06:27:05] <rob0> You still didn't say why :) [06:28:32] <checkers> ok, we're splitting one company into two, and management want everything to appear as separate as possible... so one of them knows about email headers, and now we have a directive :P [06:29:31] <rob0> People in the real world don't know how to read headers, but oh well, if mgmt is willing to pay to get the job done, it's the shareholders' money. [06:30:08] <checkers> private company, but I agree with the sentiment [06:31:27] <rob0> you'd probably want the users to use separate submission services too [06:32:04] <rob0> otherwise, $myhostname will appear in the first Received: header [06:32:47] <checkers> well, postfix has inet_interfaces = mx.foo.com, mx.bar.com [06:33:11] <checkers> so as long as the bar'ers do submission via SMTPS to the latter, it should be safe, right? [06:35:06] <rob0> Try it and you will see what I mean. [06:40:49] <rob0> Received: from HELO given (rDNS.name[ip.add.re.ss]) (TLS info) by $myhostname ($mail_name) ... [06:41:30] *** grandy has joined #postfix [06:42:56] <grandy> hello ... general mail system question ... when sending mail i read that it's beneficial if the reverse DNS lookup matches the sending server's hostname ... does it matter what the sending server's hostname is (as long as it has valid reverse DNS)? [06:43:29] <rob0> !fcrdns [06:43:31] <knoba> rob0: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost . [06:44:14] <rob0> Many sites will block (or subject to extra scrutiny) mail from hosts with generic-looking rDNS. [06:44:55] <rob0> Best bet, set your rDNS to mail.yourdomain.tld [06:50:44] <grandy> but what if i'm using amazon ec2 and i can't get them to set the reverse DNS? would it be bad to just send mail from the default hostname? [06:50:55] <grandy> (which is reverse dns'ed) [06:57:28] <grandy> (assuming I don't care if someone sees that it was sent from amazon? ) also I'm using dkim [06:59:35] *** Cabbage has joined #postfix [07:00:00] <Cabbage> Hello. :) [07:02:54] <Cabbage> Quick question - I'm attempting to write an app that will interface with mailman/postfix; rather than directly edit hash:/etc/postfix/virtual, is there another method you might recommend that I can use to modify the virtual aliases? [07:03:45] <Cabbage> modify the alias maps?*, rather. [07:04:00] <rob0> grandy, no way to answer from such little information, and any answer would be subjective anyway ... but ... [07:04:32] <rob0> ... if a hosting provider doesn't give control of rDNS, I wouldn't deal with them. [07:06:40] <Motoko-chan> My host doesn't, but will change for you. [07:06:54] <Motoko-chan> Well, they don't delegate rDNS in blocks less than /24. [07:07:02] <rob0> EC2 looks like an interesting pricing concept, however. [07:07:26] <rob0> (pay for what you use in terms of CPU and bandwidth) [07:07:34] <Motoko-chan> One note on PTR records. Only have ONE for your mail server. [07:07:48] <Motoko-chan> Many tools support only one, and if you have a few in, it can cause issues. [07:11:06] <Cabbage> Whoops, this channel is my rubber ducky / teddy bear. Looks like I had the answer all along. :| [07:11:33] <rob0> aliases(5) in SQL? [07:12:02] <Cabbage> That's the one. :) [07:12:45] <rob0> it's probably no worse to do it the way you originally thought, however. [07:12:54] <Cabbage> (I was getting horribly stressed at the prospect of having a web tool hacking on a /etc/postfix/virtual textfile. Concurrency problems, much?) [07:13:05] <rob0> ah, possibly so [07:13:07] <Motoko-chan> Important tip to avoid being marked as spam: Set your PTR for the server to the same as your HELO string. [07:13:16] <Motoko-chan> Do not use anything else. [07:13:29] <rob0> yes, myhostname should be the PTR [07:13:39] <cite> Cabbage: The solution would be to use an RDBMS like PostgreSQL. [07:14:24] <cite> Cabbage: If you want to mix "pseudo static" data with all dynamic data, you can use several tables and create a VIEW in the RDBMS as needed. [07:14:49] <Cabbage> *Nods* Thanks. [07:15:57] <cite> I'm doint this to avoid multiplying information (e.g., my preference and user tables for DSPAM and/or Spamassassin) enitrely consist of views. That way, I only need to change one table entry i na table which I do need vor Postfix anyways. [07:16:05] <cite> Ah, I'm typing slow this morning. [07:16:41] <grandy> Motoko-chan: that's still forward DNS right? [07:16:52] <Motoko-chan> PTR = rDNS [07:16:54] <grandy> rob0: ec2 lets you modify forward DNS, but not (to my knowledge) reverse [07:17:02] <grandy> Motoko-chan: ahh [07:17:31] <Motoko-chan> grandy, usually you can ask your host to set the PTR. [07:17:45] <Motoko-chan> If you have a /24 allocated, you can also try asking for delegation [07:17:51] <grandy> Motoko-chan: ahh i will try, sent them an email but not sure if they do that [07:17:55] <rob0> so they also control your forward zone? [07:18:06] <rob0> that doesn't sound good [07:18:49] <grandy> rob0: not sure... i have "elastic IPs" that are "mine" to use indefinitely, and I can point any dns records at those IPs, but not sure about anything reverse DNS oriented [07:19:05] <cite> grandy: http://docs.amazonwebservices.com/AmazonEC2/dg/2007-01-19/TechnicalFAQ.html#d0e15044 [07:19:41] <rob0> Oh, it's NAT'ed, ugly! [07:19:51] <cite> grandy: Short story: You are screwed. [07:19:59] <Motoko-chan> I've dealt with four different ISPs/hosts, and all would set the PTR if I put in a support request. [07:19:59] <grandy> bummer [07:20:12] <cite> Indeed *g* [07:20:22] <grandy> why is NAT bad for mail? [07:20:30] <rob0> Funny thing, at most hosting services, IP addresses are cheap. [07:20:56] <Motoko-chan> They were specifically Hosting.com, Savvis, TierZero, and Dedicated NOW (shortened to DedNow - pronounced Dead Now_/ [07:21:15] <Motoko-chan> NAT isn't inherently bad. [07:21:21] *** muecke77 has joined #postfix [07:21:27] <Motoko-chan> My production servers have a 1-to-1 NAT, actually. [07:21:46] <rob0> but, what if some other customer gets r00ted and starts being used as a spewer? [07:21:51] <grandy> Motoko-chan: that's how I have my ec2 instances set up [07:22:11] <grandy> rob0: how would that be bad for me? [07:22:15] <cite> rob0: They don't specify whether it is a 1:1 NAT. If it isn't I suppose that makes you screwed twice. [07:22:33] <rob0> your IP address would be blacklisted as a spam source [07:22:38] <Cabbage> cite: Do you know where I might find the table schema for the equivalent of hash:/etc/postfix/virtual / the virtual_alias_maps setting? [07:22:46] <cite> Try telling "but it wasn't me, I'm just sharing this IP" to a RBL lookup ;) [07:22:55] *** muecke77 has left #postfix [07:23:00] <grandy> cite: they let you have dedicated IPs... [07:23:02] <Cabbage> (I'm only switching over the virtual_alias_maps setting, none of the rest.) [07:23:20] <rob0> Cabbage, "man 5 virtual" ( virtual.5.html ) [07:23:32] <cite> Cabbage: Table with two entries. SELECT result-with-any-field-name FROM table WHERE other-field-name = $QUERY_KEY. [07:23:34] <grandy> rob0: you made me think of a way to test this further... i never checked what happens when i reverse lookup an elastic IP [07:23:39] <grandy> thanks for the help guys [07:23:47] <grandy> going to look into a few more details [07:26:25] <cite> Does "dspam witha per user bayes database and then Spamassassin, with rules for DSPAM results and one bayes database for all users as fallback for new users until their DPSAM is mature" sound like a resonable idea? [07:26:30] <Motoko-chan> Off-topic, but rob0, have you any knowledge of a DCL shell for Linux? [07:27:19] <rob0> dcl? http://en.wikipedia.org/wiki/DIGITAL_Command_Language ? [07:27:37] <Cabbage> cite: Sorry, I don't quite follow. I'm not sure what you mean by that query, and what it has to do with a table with two entries. [07:27:51] <Motoko-chan> Yes. [07:27:56] <Cabbage> man 5 virtual doesn't provide me with a useful schema, unfortunately, just a description of the textual format. [07:28:13] *** Zelest_ has quit IRC [07:28:15] <Motoko-chan> If I make it the default shell, I will be happy. It'll also mess with hackers. [07:28:38] * Motoko-chan still has a few versions of OpenVMS on CD - and an old hobbyist license [07:29:20] <Cabbage> cite: Oh, sorry, I think I understand. [07:29:50] <Cabbage> The query is defined in the postfix config, and determines how the data is accessed. I think. [07:30:28] <rob0> http://freshmeat.net/search/?q=dcl didn't turn up much [07:30:48] <Motoko-chan> Yeah, FreeVMS looks interesting. [07:31:21] <Motoko-chan> Been watching for a while, but not much dev on it. [07:34:10] *** grandy has quit IRC [07:34:35] <cite> Cabbage: Postfix doesn't care about DB schemas. It expects to find a query in which it will substitute the search keys - described, for example, in man 5 mysql_table, man 5 ldap_table and so on - and expects one string per line as result (one or more lines possible, depending on the table which is looked up). [07:35:53] <Cabbage> Got it. [07:36:59] <cite> Cabbage: You can check your configuration with something like postmap -q my.virtual at alias-domain dot cd mysql:/etc/postfix/virtual-alias.cf [07:47:02] *** Zblakany has joined #postfix [07:48:11] <Cabbage> cite: Is it necessary to implement mysql virtual_alias_maps, virtual_mailbox_domains, virtual_mailbox_maps, etc, or is it possible to only convert the former over and leave the rest as-is (using hash: or something else)? [07:50:10] <cite> Cabbage: You can only specify a tiny fraction of any of the needed tables. you can, e.g., specify virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps, proxy:mysql:/etc/postfix/virtual-alias-maps-mysql.cf [07:50:57] <cite> Cabbage: You could specify aliases like "abuse@" and so on in the hash table and only add aliases your web application needs to modify in the SQl database. [07:52:25] <Cabbage> cite: Oh, so it's a combination of everything you specify? Interesting. [07:52:30] *** test has joined #postfix [07:54:34] <cite> Cabbage: Results will be combined using _all_ specified tables, AFAIC. [07:55:37] <cite> Cabbage: This means, if you specify abuse at example dot org in a hash database and then again in a SQL database, you will get interesting or even unpredictable results - a situation which you should TEST before you go live. [07:55:39] <Cabbage> Thanks. :) [07:58:05] <Cabbage> Noted. [07:58:25] <Cabbage> cite: Complete side-note... Is there any specified upperbounds as to the length of an email address? [07:59:10] <cite> Uh oh. Let me look that up in rfc 2822. [07:59:31] <Cabbage> Not what the RFC says, what postfix will actually accept. :) [07:59:43] <Cabbage> (If it matches what the RFC says, fine.) [08:00:43] <Cabbage> 64 characters local... And however long a domain can be. [08:01:03] <cite> Cabbage: 2821 say 64 chars for a localpart. I don't know of any limits within Postfix. [08:01:26] <Cabbage> Thanks. [08:01:47] <cite> Yes, my postfix here accepts a 64 char localpart. [08:01:49] <Cabbage> Time for testing, I think. :| [08:02:15] <cite> Hm, Ok. Exchange bails out at 59. [08:02:32] <Cabbage> Cripes. That's, uh... Nice. [08:03:32] <rob0> unless you buy the 64-character extension from MS for only US$299 per user [08:03:34] <Cabbage> Hmm. The length problem is not really the localpart, it's the local internal name that postfix uses. [08:03:48] <Cabbage> ... I mean, uh... Example time: [08:04:11] <cite> rob0: You are not being serious, are you? [08:04:28] <rob0> call MS and find out ;) [08:04:30] <Cabbage> I put the following in /etc/postfix/virtual: test at example dot com reaaaally-friggin-long-user-domain-thingy-name-here [08:04:35] <Cabbage> rob0: Oh shush. :) [08:04:48] <Cabbage> Is there a limit to how big "reaaaally-frig..." can be? [08:04:56] <Cabbage> as to how* [08:05:43] <cite> Cabbage: If you are referencing a local username on the right-hand side, you will have to consult your operationg systems documentation. [08:07:00] <cite> If your RHS consist of an email address (reaaaally-friggin-long-use@domain-thingy-name-here), it's 64 chars for localpart and 255 octets for the domain name. [08:07:35] <cite> Exchange will bail out out 237 (5.0, 2k) or 248 (newer tha 2k). [08:07:52] <cite> Postfix will bail out at 254. [08:08:11] [08:09:26] *** Filbert has joined #postfix [08:10:14] <cite> Cabbage: To further complicate things, the maximum length of a domain name will be limited by your operating system's resolver library. [08:10:21] <Cabbage> Woo. [08:10:23] <Cabbage> Ok, thanks. [08:10:28] <cite> And I don't have any idea what limits this will impose. [08:10:56] <cite> And even worse: You have to worry about domain name servers being able to handle domains that long. [08:11:13] <Cabbage> :| [08:11:18] <cite> bind9 and pdns seem to be fine, but I can't test bind8 or djbdns or maradns right now. [08:11:31] <Cabbage> Fortunately, the domains aren't a problem. [08:11:54] *** pinksock has joined #postfix [08:12:13] <Cabbage> If they get to the point of using the app with a broken domain, it's not our issue. I can set a high field-length and not worry a great deal about it (sans sanity checks to make sure it isn't accidentally snipped). [08:12:49] <Cabbage> It's a mailing list management app. By the time they've gotten there, they already have a website and a google apps domain for email. [08:13:05] <cite> I think if you impose a limit of 235 chars on the domain name and 58 chars on the localpart, you should be very, very safe. [08:13:10] <pinksock> I keep getting this error in my mail log....ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, [08:13:24] <pinksock> Any ideas...can someone please point me in the right direction...thanks [08:13:46] <cite> pinksock: Are you doing lmtp delivery from within postfix to that socket? [08:14:57] <cite> pinksock: Do you have LocalSocket /var/run/clamav/clamd.ctl in your clamd.conf? [08:15:02] <pinksock> cite...not that I know of [08:15:49] <cite> What kind of an answer is that? [08:16:00] <pinksock> Im checking clamd.conf, but I dont think Im using LMTP [08:16:55] *** `k has joined #postfix [08:17:12] <pinksock> cite: I have LocalSocket /var/run/clamav/clamd.ctl in clamd.conf [08:17:17] *** phnord has joined #postfix [08:18:40] <cite> pinksock: Does that file exist? Which program is trying to connect to that socket? [08:18:42] <`k> how do I send mail through amavisd that is being forwarded. I have some accounts that forward to gmail and i would like to limit the amount of email forwarded [08:18:59] *** SniZ has quit IRC [08:20:29] <pinksock> cite: Clamd.ctl does exist [08:20:45] *** loddafnir has joined #postfix [08:21:51] *** ktne has joined #postfix [08:21:53] <pinksock> And I believe amavis is calling it [08:21:55] <ktne> hello [08:21:58] <ktne> does postfix run on win32? [08:26:19] <Motoko-chan> Not without some work. [08:27:02] <Motoko-chan> It could possibly run under Cygwin, but it would need some work for the makefile to run. [08:27:52] <Motoko-chan> You could also try running something like coLinux. [08:28:12] <cite> pinksock: Das restarting clamd solve the issue? [08:28:17] <cite> pinksock: Does* [08:30:16] *** Zeit|awy has joined #postfix [08:30:53] <`k> one account is crazy.. forwards 13,000 spam emails per month to a gmail account [08:31:12] <`k> I do forwarding to many different accounts [08:31:56] *** stony__ has joined #postfix [08:32:08] <pinksock> cite: Ive tried restarting them all...it seems that in etch, the amavis conf files have been moved...thats the only thing I can see would cause this error [08:32:28] <`k> that is a bunch of nonsense forwarded that amavisd should filter [08:34:27] <cite> pinksock: Yes, that's right. COpy the contents of your old amavisd.conf to /etc/amavis/conf.d/50-user and rename the old file to amavisd.conf.moved or sth like that. [08:34:50] *** ktne has left #postfix [08:34:53] <cite> pinksock: It still doesn't explain while a socket that should be fully operational does not work :) [08:34:58] *** amrit|zzz is now known as amrit [08:35:52] <pinksock> not sure...all of this is a new install...the only amavis files i have are in the directory you mentioned [08:36:09] <pinksock> everything looks like its in the right place [08:36:11] <cite> You will habe to run amavisd-new debug then. [08:36:11] *** m_p has joined #postfix [08:36:22] <pinksock> ok, Ill try that [08:36:33] <cite> /etc/init.d/amavis stop ; rm -f /tmp/amavis.log ; amavisd-new debug 2>&1 | tee /tmp/amavis.log [08:36:49] <cite> And then send a mail through the system. [08:37:06] <cite> YOu should see the reason it fails in /tmp/amavis.log afterwards. [08:41:50] <cite> pinksock: I have an idea. [08:42:04] <cite> pinksock: Which version of clamav are you using? The one from etch (security) or etch-volatile? [08:42:23] <cite> If it is the one from etch (not the volatile one), clamav will fail to update it's database and therefore never connect to it's control socket. [08:42:34] *** tshine has quit IRC [08:43:08] <cite> pinksock: This is easily resolved by adding "deb http://volatile.debian.org/debian-volatile etch/volatile main contrib non-free" to your sources.list and upgrading to clava 0.93 [08:43:16] *** tshine has joined #postfix [08:43:21] *** tshine has quit IRC [08:43:48] *** stony_ has quit IRC [08:44:04] *** tshine has joined #postfix [08:44:28] *** tshine has quit IRC [08:45:02] <pinksock> I have no idea which version Im using [08:45:11] *** tshine has joined #postfix [08:46:38] <cite> pinksock: apt-cache policy clamav-daemon [08:46:59] <pinksock> cite: Im follwoing your instructions on updating my sources list [08:47:21] <cite> pinksock: If the line which starts with "Installed" doesn't contain a reference to "~volatile[number]", add that line, do aptitude update and aptitude dist-upgrade [08:47:31] <pinksock> Installed: 0.90.1dfsg-3etch11 [08:48:32] <cite> pinksock: If you have never used volatile before, enter "wget -O- http://www.debian.org/volatile/etch-volatile.asc | apt-key add -" befor that aptitude update [08:48:49] <cite> Yeah, go ahead, upgrade, this will solve that problem. [08:49:31] <pinksock> cite: so start with the wget command and then add the line to the sources list and do the update and dist-upgrade? [08:49:37] <cite> Yes. [08:49:43] <pinksock> ok [08:49:47] <cite> Restart amavisd-new after the upgrade. [08:49:55] <cite> Gotta run. bbl. [08:49:57] <pinksock> thanks [08:50:15] <cite> pinksock: Let me know if it works out, I've got an away-log :) [08:50:19] *** Motoko-chan has quit IRC [09:03:24] <pinksock> cite: That worked! Thank you so much, youre the man! [09:28:54] *** [diablo] has joined #postfix [09:30:11] *** amrit is now known as amrit|zzz [09:31:57] *** oxtail has joined #postfix [09:40:26] *** action09 has quit IRC [09:46:02] <pinksock> Anyone know how to clear out mail....I have a test message to a phony account and it keeps trying to send it over and over [09:48:01] *** Tex-Twil has joined #postfix [09:48:32] *** PhilKC has quit IRC [09:55:52] *** RockHound has joined #postfix [09:57:43] <RockHound> hi everyone. I am looking for a hint on howto setup early warning mails. Meaning if someone sends a mail which causes an error on my outbound gateway, this gateway should report the error back to the sender immediately but keep trying to resolv the problem. I have seen such error messages with gmail for example. Is this easy to accomplish with postfix? [09:58:00] <sysmonk> yes [09:59:34] *** war9407 has joined #postfix [10:00:25] *** _Fallen has joined #postfix [10:01:30] <_Fallen> Hello. Setting up a server with virtual maps. Almost everything is working, but its possible for an unauthenticated client to send mail from foo at mydomain dot tld to bar at mydomain dot tld. How do I fix this? [10:04:45] <sysmonk> _Fallen: i don't see anything wrong with that [10:05:00] <sysmonk> _Fallen: youre smtpd server must accept emails to _your_ domains, doesn't matter from where [10:05:21] <sysmonk> there's no way to check if the given sender is really who it says it is [10:06:21] <robtone_> _Fallen, http://www.arschkrebs.de/postfix/postfix_incoming.shtml [10:06:57] <sysmonk> ah [10:07:05] <sysmonk> he was talking about from @mydomain.tld [10:07:08] <sysmonk> didn't see that o_O [10:07:13] <robtone_> yep :-) [10:07:39] * sysmonk hides [10:07:44] <robtone_> happens [10:08:43] <`k> hey sysmonk :) [10:09:22] <_Fallen> aha...nice, thanks. [10:12:06] <`k> how do I send mail through amavisd that is being forwarded. for example I have some accounts that forward to gmail and i would like to limit the amount of email forwarded, one account is crazy.. forwards 13,000 spam emails per month to a gmail account I do forwarding to many different accounts [10:15:58] *** ming_zym has quit IRC [10:16:24] *** denis has joined #postfix [10:19:16] *** hever has joined #postfix [10:20:17] *** af_ has joined #postfix [10:20:26] <RockHound> sysmonk: that yes was for me? [10:26:31] *** ming_zym has joined #postfix [10:42:21] *** xpoint has joined #postfix [10:51:25] *** c00l2sv has joined #postfix [10:55:38] *** havvg has joined #postfix [10:57:08] *** UQlev has joined #postfix [11:00:04] *** af_ has quit IRC [11:06:20] *** seekwill has quit IRC [11:12:20] *** Mavvie has joined #postfix [11:14:41] *** oxtail has quit IRC [11:18:49] *** test has quit IRC [11:22:04] *** UQlev has quit IRC [11:22:59] *** Tex-Twil has quit IRC [11:23:24] *** thojo has joined #postfix [11:30:01] *** denis_ has joined #postfix [11:31:35] *** denis_ has quit IRC [11:35:43] *** denis has quit IRC [11:58:00] *** oxtail has joined #postfix [12:08:10] *** spybsd has quit IRC [12:11:02] *** __science has joined #postfix [12:23:06] *** UQlev has joined #postfix [12:24:11] <`k> its only 3:20am people [12:24:23] <`k> the nights a puppy [12:34:13] *** [diablo] has quit IRC [12:40:51] <Trengo> 11h40 here [12:41:27] <`k> nice [12:43:03] *** oxtail has quit IRC [12:43:14] <Trengo> been at work for 2h now [12:43:50] <`k> There are 39 flagged staff members does anyone know one? I need my nick dropped from nickserv so i can set a new pas [12:46:38] *** Alocado has joined #postfix [12:46:44] <Alocado> hello [12:46:56] <Trengo> hello [12:47:18] <`k> hello [12:47:25] <Alocado> how can i set two or more recipients of a mail alias (with mysql and std-alias-file)? [12:48:08] <Trengo> alias: mailbox,alias at gmail dot com [12:48:29] <Trengo> in the database, depends on how you did your queries [12:49:41] <Alocado> in main.cf i set virtual_alias_maps = mysql:/etc/postfix/sctrl_alias_maps.cf [12:50:17] <Alocado> and this file contains: table = sctrl_mailaliases \n select_field = target \n where_field = email [12:50:40] *** _bt has quit IRC [12:51:59] <Alocado> Trengo, any idea? [12:53:37] <Trengo> does that still work? [12:53:45] <Trengo> mine are full queries [12:53:59] <Alocado> mh... yes [12:54:04] <Alocado> can you show me an example? [12:54:15] <Trengo> select target from sctrl_mailaliases where email = '%s' [12:54:50] <Alocado> mh... after set_virtual_alias_maps or in *alias.cf? [12:54:52] <Trengo> now, either set target to 'mailbox,alias at gmail dot com' where email='alias@domain' [12:55:04] <Trengo> no you dont have to change that config [12:55:09] <Trengo> if it works, it works [12:55:52] <Alocado> i'm interested... if this is the only way to get more targets working i will have to change the config [12:55:54] <Trengo> or setup two lines target='mailbox' and target='alias at gmail dot com' both where email='alias@domain' [12:56:03] <Trengo> depends on your DB [12:56:11] <Alocado> mh... [12:56:49] <Alocado> this should work with two full mail addresses, or? [12:57:02] <Alocado> target=mail1@serv2,mail2@serv1 [12:58:57] *** cpm has joined #postfix [12:59:00] <Trengo> oh aye [12:59:10] <Trengo> that was my typical example [12:59:22] <Alocado> Diagnostic-Code: X-Postfix; unknown user: "mail1@serv2" [13:00:08] <Alocado> but the second mail address was accepted ;) [13:01:38] *** _bt has joined #postfix [13:02:17] *** Tex-Twil has joined #postfix [13:04:55] *** suuuper has joined #postfix [13:13:56] *** UQlev has quit IRC [13:15:03] *** CrummyGummy has joined #postfix [13:16:55] *** robboplus_ has joined #postfix [13:17:43] *** madrescher has joined #postfix [13:18:35] *** ming_zym has quit IRC [13:22:30] *** Haris1 has joined #postfix [13:29:26] *** robboplus has quit IRC [13:29:54] *** technoid_ has quit IRC [13:30:20] <CrummyGummy> Hi, what file is used to enable the auxprop myqsl plugin? [13:31:10] *** sophokles has joined #postfix [13:32:37] <CrummyGummy> I'm farely sure it isn't compiled with my disro. [13:43:53] *** Alocado has quit IRC [13:47:13] *** Draecos has joined #postfix [13:59:12] *** ramoni has joined #postfix [14:04:41] *** gamla_kossan has joined #postfix [14:05:56] <CrummyGummy> is auxprop mysql the best way to do mysql user validation? [14:07:06] <gamla_kossan> hey folks.. if I want to add a host on an external ip permission to use my postfix server to deliver mail, what option do I give in my /etc/postfix/main.cf? [14:14:42] <Trengo> CrummyGummy which distro is it? [14:14:53] <CrummyGummy> Ubuntu [14:14:58] <Trengo> CrummyGummy my postfix auths directly against mysql.. [14:15:45] <CrummyGummy> How do you do that? [14:18:38] <CrummyGummy> Trengo: Every howto I've seen talks about using pam or auxprop. [14:19:26] <Trengo> CrummyGummy in /etc/postfix/main.cf virtual_alias_maps=mysql:/etc/postfix/mysql_virtual_alias_maps.cf [14:20:31] <Trengo> CrummyGummy and in /etc/postfix/mysql_virtual_alias_maps.cf user=postfix password=postfix hosts=10.0.100.14 dbname=mail and a huge query follows [14:20:47] *** jellis-real has joined #postfix [14:21:16] *** oxtail has joined #postfix [14:27:38] <CrummyGummy> Trengo: Will that work for smtp validation? [14:27:52] *** gamla_kossan has left #postfix [14:27:55] <Trengo> CrummyGummy SMTPAuth? [14:28:03] <CrummyGummy> ja [14:28:05] <Trengo> no [14:28:18] <Trengo> i see why you wanted pam or sasl :) [14:28:23] <CrummyGummy> Sorry, I realised afterwards that I wasn't being clear. [14:28:41] *** `k has left #postfix [14:28:43] <Trengo> well you know what i did? i setup sasl to auth against imap [14:28:53] <Trengo> works like a charm [14:28:58] <Trengo> only its sendmail not postfix :() [14:29:04] <Trengo> :) even [14:29:08] <sysmonk> ouch, sendmail. [14:29:16] <Trengo> hey, sendmail's cool [14:29:19] <sysmonk> oh, suuuuureee [14:29:21] <Trengo> ;) [14:30:54] <CrummyGummy> hmmm, cyrus? [14:31:21] <Trengo> saslauthd yes [14:31:43] *** madrescher1 has joined #postfix [14:31:55] <CrummyGummy> K, I don't have that installed. Maybe thats the problem. [14:32:25] *** madrescher has quit IRC [14:36:32] *** hark has quit IRC [14:38:02] *** Samonoske_ has quit IRC [14:45:15] *** lunaphyte_ has quit IRC [14:50:27] *** magyar has joined #postfix [15:03:12] *** lunaphyte_ has joined #postfix [15:08:34] *** hever has quit IRC [15:09:57] *** [diablo] has joined #postfix [15:11:10] <alex12> so anyone know any viable solutions for image scanning spam protection? [15:11:46] <Dominian> ocr [15:11:54] *** oxtail has quit IRC [15:12:19] <Dominian> look into the: Mail::SpamAssassin::Plugin::ocrtext plugin [15:13:13] <lysander> alex12 - FuzzyOcr :D [15:13:22] <lysander> also a spamassassin plugin :) [15:13:58] *** keffer has quit IRC [15:15:07] <alex12> is it... good? :D [15:15:21] *** _Fallen has left #postfix [15:15:21] *** hever has joined #postfix [15:18:06] *** Spec has joined #postfix [15:18:25] *** Tex-Twil has quit IRC [15:21:32] *** misty_wrk has joined #postfix [15:21:49] <misty_wrk> Good morning [15:22:14] <misty_wrk> I'm getting the occasional 451 'temporary lookup failure' when Postfix queries my LDAP server [15:22:35] <misty_wrk> the LDAP server is across a VPN and I'm sure this is just some kind of timeout that happens occasionally. Can I change the timeout interval? [15:22:37] <cpm> happens [15:22:59] <cpm> change what timeout interval? [15:29:25] <misty_wrk> the timeout for the lookup, I suppose [15:29:56] *** Flobbie has left #postfix [15:32:27] *** keffer has joined #postfix [15:36:34] *** tshine has quit IRC [15:38:58] *** bpgoldsb has joined #postfix [15:39:00] *** higuita has joined #postfix [15:40:09] *** tshine has joined #postfix [15:40:50] *** ming_zym has joined #postfix [15:44:31] *** CrummyGummy has left #postfix [15:47:50] *** pitakill has quit IRC [15:51:06] <alex12> misty_wrk, you could a non laggy vpn connectio [16:03:40] <misty_wrk> that's nice [16:07:14] *** madrescher1 has quit IRC [16:10:45] *** madrescher has joined #postfix [16:24:34] *** Haris has joined #postfix [16:25:18] *** madrescher has quit IRC [16:33:17] *** saurabhb has quit IRC [16:34:56] *** Fallenou has joined #postfix [16:39:05] *** denis_ has joined #postfix [16:48:22] <jduggan> xsasl_cyrus_server_first: sasl_method LOGIN <- might be a dumb question but if i make postfix log verbosely i get that, is that assuming im using cyrus's sasl? rather than dovecots?? [16:48:39] *** muecke77 has joined #postfix [16:49:46] <jduggan> i've been asked to finish off configuring something that a client started, he couldnt get smtp auth workin but ive a feelin he's tried both methods i want to be sure ;o [16:50:22] <Dominian> !sasl [16:50:24] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details. [16:50:26] *** misty_wrk has left #postfix [16:50:51] <jduggan> how does that help me Dominian [16:51:06] *** SniZ has joined #postfix [16:51:23] <jduggan> what im basically saying is, does postfix always say xsasl_cyrus_server type stuff in verbose logs regardless of which sasl method one uses [16:53:09] <rob0> I would guess not. Furthermore, it's likely that the verbose logging is making it more difficult to debug your misconfiguration. [16:54:52] * cpm thinks rob0 is verbose [16:55:25] <jduggan> well he told me he'd been using dovecot for sasl, yet the verbose logs shows all this cyrus type stuff, there's no smtpd.conf configured anywhere so im just tryin to track down which method he's really using [16:55:58] <rob0> Specifically, to wit, in the affirmative of verbosity; that is to say, indeed I am. [16:57:04] <vice-versa> postconf | grep sasl_type [16:58:16] <rob0> postconf | grep dovecot || echo oops jduggan got wrong information from the client [16:59:11] <jduggan> is that configureable, or is it reading from how it was built? [16:59:17] <jduggan> sure is saying cyrus [16:59:22] <rob0> !debug [16:59:22] <knoba> rob0: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ . [16:59:36] <rob0> 14:50 < Dominian> !sasl [17:00:02] <rob0> How can you set up SASL without the SASL_README? [17:02:53] <jduggan> ... [17:03:03] <jduggan> if you read, im not setting it up [17:03:19] <vice-versa> O.o [17:04:10] <jduggan> as i said, i wanted to make sure i wasnt passed misinformation froma client, so asked if cyrus type stuff is printed in logs regardless of version - now i know its not, ive got more information [17:05:23] <rob0> "finish off configuring something that a client started" != "setting it up" [17:05:27] * rob0 stands corrected [17:05:39] <jduggan> i havent touched anything yet heh [17:05:59] <jduggan> its actually been built with both versions so postconf -a tells me [17:06:11] <rob0> !sweet [17:06:13] <knoba> rob0: "sweet" : http://sweet.nodns4.us/ [17:06:54] *** RockHound has quit IRC [17:08:00] <jduggan> lighten up :) [17:10:23] * vice-versa gives jduggan the saslfinger [17:10:27] <vice-versa> !saslfinger [17:10:27] <knoba> vice-versa: "saslfinger" : SASL authentication debugging tool for Postfix: http://postfix.state-of-mind.de/patrick.koetter/saslfinger/ [17:10:38] <pinksock> cite: are you here [17:12:58] *** muecke77 has quit IRC [17:16:09] *** Haris_ has joined #postfix [17:21:01] *** madrescher has joined #postfix [17:22:46] *** madrescher has quit IRC [17:23:04] *** seekwill has joined #postfix [17:23:10] *** VaNNi has quit IRC [17:24:00] *** VaNNi has joined #postfix [17:26:15] *** Haris1 has quit IRC [17:26:38] *** craigbass1976 has joined #postfix [17:27:44] <craigbass1976> Something weird going on... I tried setting up an address the same way I've done all the others, but root is Amanda's mail instead of Amanda [17:27:59] <craigbass1976> Not Amanda the tape backup app, Amanda my wife [17:27:59] *** j_s has joined #postfix [17:28:38] *** githogori has quit IRC [17:29:03] *** af_ has joined #postfix [17:29:31] <craigbass1976> amanda at moultonlumber dot com amanda is the line in /etc/postfix/virtual, same format as the other lines [17:34:41] *** ampex2 has joined #postfix [17:35:05] <ampex2> is there a way to get postfix to filter/deliver incoming messages into an imap subdirectory based upon preconfigured criteria? [17:35:20] *** Filbert has quit IRC [17:35:33] <Dominian> eh [17:35:38] <Dominian> sieve filters maybe [17:35:47] <Dominian> pysieved ftw [17:35:57] <craigbass1976> Any idea why these emails are being relayed to root? [17:36:31] <Dominian> craigbass1976: did you alias off root to someone else? [17:36:52] <craigbass1976> I don't remember touching anything like that. Main.cf? [17:37:00] <Dominian> aliases [17:37:05] <ampex2> Dominian: so it's not trivial :) [17:37:19] <Dominian> ampex2: not that I'm aware...but pyseived ties into squirrelmail [17:37:23] <Dominian> and may not work for your needs [17:37:51] *** muecke77 has joined #postfix [17:38:17] *** sophokles has quit IRC [17:38:24] <craigbass1976> Dominian, ok, etc/aliases has root as an alias for amanda. Weird... why would that be? [17:38:26] *** sophokles has joined #postfix [17:39:05] <vice-versa> you already said it, Amanda the tape backup app [17:39:07] <craigbass1976> Oh, becuase it IS getting frigged up between my wife and the tape backup amanda... DOH! [17:39:25] *** sophokles has quit IRC [17:39:40] <vice-versa> indeed, so you're wife is going to have to change her name ;) [17:40:05] *** Brownoxford has joined #postfix [17:41:43] <Brownoxford> Hi all, is it possible (without modifying code) to get the pickup process to emit the value of a specific header to the maillog? I'm trying to find a way to associate email IDs from an internal system with the email ID assigned by postfix. [17:43:24] *** Haris_ is now known as Haris1 [17:49:45] <vice-versa> Brownoxford: you may be able to accomplish what you want with header_checks and a WARN action [17:50:13] <vice-versa> !header_checks [17:50:13] <knoba> vice-versa: "header_checks" : a configuration parameter in the main.cf: Optional lookup tables for content inspection of primary non-MIME message headers, as specified in the header_checks(5) manual page. [17:50:32] <Brownoxford> Yeah, that does work well, but results in a lot of white noise in our monitoring systems that pick up on it being an actual warning. [17:51:08] <vice-versa> can't exclude it? [17:51:51] *** Southron has joined #Postfix [17:52:24] *** sophokles has joined #postfix [17:52:29] *** hparker has joined #postfix [17:53:01] <Brownoxford> That's possible, but I wanted to be sure to explore other options first... ideally, I'd want output like this: [17:53:01] <Brownoxford> Jun 2 11:51:07 host postfix/pickup[21213]: 309F830981F6: customid=mycustomid uid=0 from=<user at domain dot com> [17:53:30] <Dominian> I don't think so [17:53:37] <vice-versa> me either [17:54:07] <jonez> could you use procmail or something to do all that? [17:54:28] <jonez> you could pipe each message through a program, and that program can emit whatever you want to the logs. [17:55:00] <Brownoxford> That also sounds like it would work, but I would prefer to avoid the overhead of an additional process per email... we do send out quite a few. [17:55:05] * vice-versa thinks it would be easier to exclude it from monitoring [17:56:16] *** thojo has quit IRC [18:02:58] *** cmdln has joined #postfix [18:03:06] <cmdln> morning [18:03:17] <alex12> evening [18:08:26] *** Raphux has joined #postfix [18:08:33] <Raphux> hello [18:10:34] <cmdln> is there a way I can do per email address relay control? Basically I want to allow internal email for all users, but only select users be able to send and receive external mail. [18:11:19] *** zbrown has joined #postfix [18:11:38] <zbrown> Hi, is there a way you can limit the users that can use postfix by group? [18:11:57] <zbrown> so if I have a group called "mailers" and only they can use postfix? [18:12:01] <zbrown> or rather the MTA [18:26:30] *** af_ has quit IRC [18:28:50] *** ming_zym has quit IRC [18:30:07] *** phnord has quit IRC [18:32:07] *** Filbert has joined #postfix [18:32:13] *** zauwn has joined #postfix [18:39:28] *** quieteyes has joined #postfix [18:46:53] *** sophokles has left #postfix [18:48:28] *** muecke77 has quit IRC [18:48:30] <Raphux> Is it possible to have a catch-all adress for an address with a delimiter like : *+spam at domain dot org [18:48:32] <Raphux> ? [18:52:41] *** PhilKC has joined #Postfix [19:00:46] *** githogori has joined #postfix [19:09:58] *** habnabit_ has left #postfix [19:12:50] <higuita> Raphux: try adding it in a virtual table... should work [19:13:41] <Raphux> like : "+spam at domain dot org spambox" ? [19:14:09] <higuita> zbrown: using postfix you are saying using sendmail command, using post* commands or connection to localhost:25 ? [19:14:33] <higuita> .*\+spam at domain dot org spambox [19:14:42] <higuita> if using regexp or pcre [19:14:58] <Haris> I see 1:2.5.3-1: as latest for amavisd-new on http://packages.debian.org/search?keywords=amavis&searchon=names&suite=all§ion=all . Yet, when I run aptitude update; apt-get update, I get the same old version 1:2.5.2-2 [19:15:13] <Haris> ah, need to adjust my sources list [19:15:25] <zbrown> higuita: connection to localhost:25 then I guess [19:16:04] <Haris> oops [19:16:06] <Haris> wrong window [19:16:43] <higuita> zbrown: connectiong to localhost is open for everyone logged in on the machine [19:17:19] <Raphux> Haris, thx! [19:17:19] <higuita> but you can activate the SASL auth and disable the relay even for localhost... [19:17:33] <higuita> this way only auth users can send emails... [19:17:44] *** amrit|zzz is now known as amrit|wrk [19:18:20] <higuita> of course, you also need to adjust the permissions of the sendmail command, so users cant send emails without being in the allowed group [19:18:24] <zbrown> higuita: well I've got SASL with a mysql db of users, the question is now how would I limit mail access to only a certain group [19:18:27] <zbrown> ah ok [19:18:57] <zbrown> higuita: so do you mean actually chown'ing it to a particular group and then adding users to said group? [19:22:33] <higuita> zbrown: yes, for sendmail, that is the "right path" [19:22:50] <higuita> for SASL, just enable SASL for the users you want [19:29:22] <zbrown> ah ok [19:35:50] *** hever has quit IRC [19:36:52] * jonez learned all about sasl over the last week :) [19:37:31] *** Raphux has quit IRC [19:41:29] *** m_p has quit IRC [19:50:54] *** seekwill has quit IRC [19:54:37] *** zauwn has quit IRC [19:54:57] *** suprsonic has joined #postfix [19:55:05] *** muecke77 has joined #postfix [19:55:44] *** craigbass1976 has left #postfix [19:56:15] *** stickystyle has joined #postfix [19:57:33] *** stickystyle has quit IRC [19:59:27] *** jpalmer has quit IRC [20:01:40] <pinksock> Any recommendations for logfile analysis??? [20:02:32] *** ehlo32 has joined #postfix [20:03:16] <adaptr> what kind of log ? [20:03:24] *** ramoni has quit IRC [20:03:32] <adaptr> and what kind of analysis... [20:04:12] <adaptr> pflogsumm is one of the easiest, and it tells you useful stuff... mailgraph is pretty... [20:04:18] <adaptr> but there are dozens [20:04:38] <adaptr> without knowing what you want, I could go on for quite some time [20:06:25] <ehlo32> hello i have configure cyrus-sasl with postfix, to use shadow for auth, but when i try to send e message from a client, i get a relay access denied error [20:06:43] <ehlo32> and in the logs : Jun 2 21:04:14 linuxteam postfix/smtpd[807]: sql_select option missing [20:06:45] <ehlo32> Jun 2 21:04:14 linuxteam postfix/smtpd[807]: auxpropfunc error no mechanism available [20:06:45] <ehlo32> Jun 2 21:04:14 linuxteam postfix/smtpd[807]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql [20:06:58] <ehlo32> but i don;t use sql [20:07:02] <ehlo32> i use shadow [20:09:06] *** madrescher has joined #postfix [20:09:19] <pinksock> adaptr: I would like to use something like AWStats and something to show spam/virus filter activity [20:09:22] *** brancaleone has joined #postfix [20:09:49] <adaptr> well, then use that [20:10:08] <adaptr> FGS don't ask for recommendations when you know what you want to use [20:12:26] <pinksock> adaptr: "I would like to use..." does not mean "I know what I want to use", dont tell people not to ask for recommendations when they're not sure about what to use. [20:12:37] <adaptr> true, too! [20:12:55] <adaptr> I use mailgraph, and it shows you sent.received.bounced/spamfiltered/queueued etc [20:13:03] <pinksock> I guess I should have asked if anyone had an issue with AWStats...my mistake [20:13:05] <adaptr> but pflogsumm does that too, and it applies some smarts to the log [20:13:12] <ehlo32> any idea [20:13:12] <ehlo32> s? [20:13:15] <adaptr> I have never used awstats for postfix, only apache [20:13:25] <pinksock> good point [20:13:35] <adaptr> and although it is very pretty,I find awstats a total skanky bitch whore to set up properly [20:13:43] <adaptr> ...for apache, that is [20:14:07] <pinksock> lmao....it is pretty, but thanks for letting me know about the setup...I was just now reading about it. [20:14:52] <pinksock> Ill look into mailgraph, thats really the info that Im looking for...thank you [20:15:24] <adaptr> mailgraph is fairly easy to set up, and once set up, it's maintenance-free [20:16:08] <pinksock> wow, it looks really good too [20:16:25] *** muecke77 has quit IRC [20:19:16] <adaptr> rrdtool, heh [20:19:50] <adaptr> there';s also a plugin for munin, and a template to get mailgraph into cacti [20:19:58] <adaptr> graphs are pretty [20:25:24] *** stickystyle has joined #postfix [20:33:04] <ampex2> adaptr: http://mailstats.circuitvps.com/ [20:33:06] <ampex2> very easy to setup [20:33:40] <adaptr> pretty graphs ? [20:34:02] <ampex2> mailgraph [20:34:40] *** kithpom has joined #postfix [20:34:42] <pinksock> Ive installed rrdtool, but I cant find any documentation on mailgraphs [20:35:00] <ehlo32> can anyone help me with sasl and postfix? [20:35:17] <ampex2> pinksock: what distro? [20:35:25] <pinksock> etch [20:35:55] <ampex2> pinksock: http://www.howtoforge.com/mailgraph_pflogsumm_debian_etch [20:36:10] <basic`> hmm, so i've got a semi-working postfix setup, we can send/receive, imap works, everything appears to work -- but every once in a while users are getting locked out of the system and im not seeing anything in the logs [20:36:24] <ampex2> basic`: "locked out"? howso [20:37:12] <basic`> just a sec, i'll get the exact error thunderbird is giving [20:37:29] <pinksock> thanks [20:39:55] <basic`> "unable to connect to your imap server" -- i guess it's somewhat random, not a big deal to figure it out right now but if there's anything i should look at for max connections/concurrency limiting i think it's somehow related to that [20:40:58] <adaptr> are you using a sane imap server ? [20:41:11] <basic`> courier [20:41:21] <adaptr> sorry, mate ;) [20:41:41] <basic`> hehe [20:42:26] <adaptr> anyhoo, you have to configure how many imapd processes to allow, and remember that EVERY MAILBOX uses one - not just every user [20:42:42] <adaptr> so set it to 5~10 times the number of actual concurrent users [20:43:16] <adaptr> (okay, not strictly a truity.. but TB does it that way, for efficiency) [20:49:39] *** muecke77 has joined #postfix [20:54:14] *** muecke77 has quit IRC [20:56:06] *** fabounio has joined #postfix [20:56:47] *** thojo has joined #postfix [20:59:23] *** Motoko-chan has joined #postfix [21:05:43] *** ehlo32 has quit IRC [21:06:49] *** unclecameron has joined #postfix [21:07:45] *** stpierre has joined #postfix [21:09:10] <stpierre> i'm about to rebuild one of my MXes; it's got several messages in the queue that are mostly obviously misaddressed (e.g., to "foo at htomail dot com"). is it possible to either a) force these to bounce back now, rather than waiting five days; or b) back them up and and restore them once the box is rebuilt? I'd like to go ahead with the rebuild, but i don't want it to appear that messages are just disappearing to my users. [21:10:03] <adaptr> stpierre: A), yes - stop the transport and flush the queue; they will bounce (and re-queue) [21:10:26] <adaptr> you cannot change the destination of queued messages, once queued [21:10:38] <adaptr> so you have to deliver them SOMEwhere if you are upgrading your hardware [21:11:53] <stpierre> so, silly question: how do i stop the transport? [21:12:34] <adaptr> comment out the transport in master.cf and re*start* (not reload) postfix [21:13:32] <stpierre> which of the many lines do i comment out? [21:19:18] <cpm> !reload [21:19:18] <knoba> cpm: Error: You don't have the owner capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified. [21:19:23] <cpm> !restart [21:19:23] <knoba> cpm: "restart" : (#1) When edit thou thine master.cf, restarteth thou thins Postfix, lest ye die!, or (#2) There is no postfix restart command. There is postfix stop, postfix start, or postfix reload. Changes made to master.cf and some functional changes to main.cf will require a stop and a start in order to take effect [21:24:54] *** unclecameron has left #postfix [21:25:05] <stpierre> was that for me? 'cause i understand how to restart postfix. what i don't understand is which of the 31 daemons listed in master.conf is _the_ transport. there are several that are transports, but I'm not sure which is the (canonical?) transport adaptr meant [21:27:15] *** stickystyle has quit IRC [21:27:39] *** stickystyle has joined #postfix [21:28:47] *** xnixan has quit IRC [21:30:18] *** pirho has joined #postfix [21:30:38] *** quieteyes has quit IRC [21:31:10] <mwalling> cpm: did rob0 write !restart? [21:31:18] *** loddafnir has quit IRC [21:41:07] <cpm> mwalling, err, may have written part of it. [21:41:48] *** brancaleone has quit IRC [21:42:35] *** action09 has joined #postfix [21:45:30] *** havvg has quit IRC [21:47:24] *** suprsonic has left #postfix [21:47:35] *** adam33 has joined #postfix [21:47:57] <adaptr> bashful fellow, that err [21:49:11] *** mehulved is now known as whtevr|bbl [21:50:46] *** cpm has quit IRC [21:51:57] *** adam33 has quit IRC [21:54:08] *** stpierre has left #postfix [21:54:17] *** whtevr|bbl is now known as mehulved [21:56:55] *** mehulved is now known as whtevr [21:57:11] *** Filbert has quit IRC [21:58:25] *** fabounio has quit IRC [22:01:43] *** brancaleone has joined #postfix [22:02:59] *** whtevr is now known as mehulved [22:03:17] *** xnixan has joined #postfix [22:08:01] *** Haris_ has joined #postfix [22:08:34] *** fabounio has joined #postfix [22:12:57] *** Haris1 has quit IRC [22:13:37] *** kithpom has quit IRC [22:14:17] *** kithpom has joined #postfix [22:14:31] *** kithpom has quit IRC [22:22:19] *** kithpom has joined #postfix [22:22:54] *** thojo has quit IRC [22:27:34] *** fabounio has quit IRC [22:28:46] *** pinksock has quit IRC [22:31:54] *** fabounio has joined #postfix [22:33:17] *** fabounio has quit IRC [22:36:18] *** mofino has joined #postfix [22:36:26] <mofino> How does postfix pass to a command in local? [22:36:30] <mofino> pass the message itself? [22:36:32] <mofino> seekable STDIN? [22:37:21] <cruxeternus> Can someone link me to a master.cf/main.cf example where postfix listens for deliveries on 25 and (TLS) submissions on 587? [22:38:29] <adaptr> mofino: through a pipe, like it does everything else [22:38:45] <adaptr> cruxeternus: it is in the stock distribution master.cf [22:38:48] <mwalling> cruxeternus: isnt that in the supplied master? [22:38:50] <adaptr> submission commented out [22:39:05] <mofino> seekable pipe? [22:39:59] <cruxeternus> Ok... then what do the options in main.cf apply to? 25? or both? How do I set options that apply only to submission/587? [22:40:20] <adaptr> mofino: man pipe ? [22:40:33] <adaptr> mofino: stop with the seekabel, it's meaningless [22:40:36] <adaptr> *seekable, even [22:40:38] <cruxeternus> I see... so, -o everything in master.cf, and only apply universal options in main.cf? [22:41:16] <mofino> uhh it's meaningless? [22:41:19] <mofino> since when? [22:41:42] <mwalling> cruxeternus: pretty much [22:41:59] <cruxeternus> mwalling: Ok, cool. Thanks. [22:42:31] *** brancaleone has quit IRC [22:44:09] <mofino> you do realize the difference between seekable and not seekable file descriptors right? [22:46:10] <adaptr> yes [22:46:15] <adaptr> I suppose [22:46:25] <adaptr> postfix uses pipes and sockets [22:46:27] *** jellis-real has quit IRC [22:46:31] <mofino> pipes != sockets [22:46:36] <adaptr> they presumably have manual pages [22:46:41] <mofino> they sure do [22:46:45] <mofino> and they sure don't detail this [22:46:47] <adaptr> AND, it's a word, look it up sometime [22:47:06] <mofino> not all pipes are seekable [22:47:08] <mofino> all i'm saying [22:47:30] <mofino> i'll assume since postfix is sane, that it is seekable [22:47:36] <adaptr> if you pipe postfix messages to a custom command, you should accept all of it, and process accordingly [22:47:53] <mofino> seems like it a pain [22:47:58] <mofino> i like the ability of seeking [22:48:03] <adaptr> it's not logical to assume you can treat a piped message as a random access file, as it isn't random - it is piped [22:48:11] <mofino> err? [22:48:21] <adaptr> seek implies random access [22:48:46] <adaptr> more than that, it requires it [22:48:56] <mofino> ok? [22:49:09] <mofino> i don't get your obvious point [22:49:17] <mofino> or at least why you stated it. [22:49:22] <adaptr> a sequential mail message piped from postfix to you is not random [22:49:43] <adaptr> if you don't "eat" all of it in you rcustom command, you lose whatever you skip [22:50:00] <adaptr> and we don't like lost mail :) [22:50:12] <mofino> sounds retarded [22:50:25] <mofino> all it has to do is pass the file descriptor of the queue message [22:50:27] <adaptr> show me an MTA that works differently [22:50:29] <mofino> haha [22:50:31] <mofino> serious? [22:50:37] <adaptr> you do not get access to queue messages [22:50:41] <adaptr> never [22:50:46] <mofino> well you do [22:50:48] <mofino> through a pipe [22:50:57] <adaptr> nope [22:51:02] <mofino> you don't? [22:51:04] <mofino> how do you deliver then? [22:51:05] <adaptr> you don't have access to queue messages *on disk* [22:51:15] <adaptr> postfix delivers them through a pipe, sequentially [22:51:21] <mofino> jesus christ [22:51:23] <mofino> i just said that [22:51:28] <adaptr> no, you didn't [22:51:31] <mofino> oh pulease [22:51:36] <mofino> what i did i say then? [22:51:41] <adaptr> "sequentially" and "seeking" are mutually exclusive [22:51:48] <mofino> jesus you are daft [22:51:50] <mofino> 16:50 < mofino> well you do [22:51:50] <mofino> 16:50 < mofino> through a pipe [22:52:10] <mwalling> !adaptr [22:52:12] <knoba> mwalling: "adaptr" : a small shell script that floods the channel with factoids [22:52:19] <mwalling> hmm... s/small/daft/ ? [22:52:21] <mofino> anyway, other MTAs provide seekable input [22:52:36] <mofino> i left it up to you to find them [22:52:38] <robtone_> then use other MTAs [22:52:40] <mofino> haha [22:52:45] <mofino> god... [22:52:47] <mofino> the problem is not the MTA [22:52:57] <mwalling> right [22:52:57] <mofino> it was a question, does postfix use seekable pipes? [22:53:00] <mwalling> its the user [22:53:02] <mofino> sigh [22:53:16] <mofino> if you're going to try to be an elitest dick, try on someone else. [22:53:46] <adaptr> 22:38:19 < mofino> How does postfix pass to a command in local? [22:53:52] <adaptr> that was the actual question [22:54:06] <mofino> paste the context you dimwit [22:54:08] <mofino> 16:36 < mofino> How does postfix pass to a command in local? [22:54:08] <mofino> 16:36 < mofino> pass the message itself? [22:54:08] <mofino> 16:36 < mofino> seekable STDIN? [22:54:13] <mofino> 3 questions in one [22:54:15] <adaptr> STDIN is also not a pipe [22:54:20] <adaptr> a pipe is a pipe [22:54:20] <mofino> oh jesus [22:54:24] <mofino> anyway [22:54:26] <mofino> back to work [22:54:40] *** diogo_79 has joined #postfix [22:54:42] <adaptr> bye bye elitist disagree-er [22:54:47] <robtone_> read fseek. [22:54:47] <diogo_79> hi to all [22:55:12] <diogo_79> can someone help me create a imap.pem certificate??????? [22:55:19] <mofino> why? [22:55:19] *** fabounio has joined #postfix [22:55:22] <mofino> i know what fseek does [22:55:24] <robtone_> mofino, try to understand ESPIPE [22:55:40] *** Siegfried has joined #postfix [22:55:55] <mofino> why? [22:56:04] <mwalling> diogo_79: thats not a postfix question, and prolly answered throughly on google or openssl's man page [22:56:08] <mofino> i'm using seekable pipes right now [22:56:12] <mofino> i don't understand the problem [22:56:22] *** Siegfried has quit IRC [22:56:22] <mofino> clearly postfix does not do it, that's fine [22:56:28] <mofino> i can workaround it [22:56:30] *** fabounio has quit IRC [22:56:31] <diogo_79> i am new to postfix and i need to generate a imapd.pem file can some one help me please? [22:56:31] <robtone_> mofino, which OS? [22:56:35] <mofino> robtone_, linux? [22:57:00] <mwalling> diogo_79: imapd implies imap which implies not somthing postfix is concerned with. [22:57:29] <mofino> seek( STDIN, $$email->body_pos(), 0 ); [22:57:31] <mofino> while (<STDIN>) { [22:57:38] <robtone_> mofino, it's not POSIX [22:57:43] <mofino> well it works... [22:57:45] <robtone_> over and out. [22:58:06] <mofino> and show me the posix outline of FD 0 [22:58:24] <mofino> what do you think ./command < file does? [22:58:29] <mofino> seekable stdin [22:59:05] <mofino> or did you think pipes weren't file descriptors? [22:59:54] <robtone_> jesus. [23:00:07] <adaptr> robtone_: steady... [23:00:19] <mofino> well what? am i wrong or something? [23:00:29] *** action09 has quit IRC [23:00:31] *** action09 has joined #postfix [23:00:40] <adaptr> mofino: piping commands on the command line does not, ever, "seek" or otherwise randomly access the piped data stream [23:00:44] <adaptr> EVER [23:00:49] <adaptr> trust me on this one [23:00:51] <mofino> uhh [23:00:51] <mofino> i know that [23:01:02] <adaptr> and yet, you are claiming that that is what you are doing [23:01:05] <mofino> did i ever say it was possible? [23:01:12] <robtone_> mofino, http://std.dkuug.dk/jtc1/sc22/wg15/docs/rr/9945-1/9945-1-58.html [23:01:14] <mofino> i don't think i spoke of shell pipes [23:01:16] <adaptr> oh go troll yourself [23:01:26] *** denis_ has quit IRC [23:01:41] <robtone_> mofino, just read the fucking manpages and standards, thou shall not seek on fifos [23:01:51] <mofino> THIS IS NOT A FIFO [23:01:54] <mofino> jesus fucking christ [23:02:00] <mofino> lrn2unix [23:02:05] <robtone_> mofino, thou shall neither seek on pipes [23:02:10] <mofino> omg [23:02:19] <mofino> lrn2unix [23:02:21] <diogo_79> ok, mwalling thanks [23:02:51] <robtone_> STDIN is a pipe. [23:03:09] <mofino> .... [23:03:18] <mofino> anyway, you guys answered my question [23:03:31] <mofino> postfix provides a "regular" pipe [23:04:13] <mofino> hint: qmail uses seekable STDIN everywhere [23:04:24] <mwalling> qmail != postfix [23:04:26] <mofino> I KNOW [23:04:32] <mofino> holy fuck you guys [23:04:46] <robtone_> you are djb? [23:04:50] <mwalling> robtone_: :) [23:04:54] <mofino> are you serious? [23:04:54] <robtone_> that explain everything [23:04:56] <mofino> grow up [23:05:01] <mofino> like wow [23:05:15] <mwalling> robtone_: i too can invent my own standards? [23:05:25] <mofino> you can't properly answer my question, you don't understand the technology you operate, then because i know qmail uses seekable stdin, i'm somehow djb [23:05:29] <mofino> like, get a life [23:05:29] <mofino> seriously. [23:06:12] <mofino> you don't even know how djb did it [23:06:17] <mofino> you didn't even know it was possible [23:06:24] <adaptr> we would appreciate continuing not to know how he did it [23:06:32] <mofino> yeah [23:06:34] <adaptr> and we are pretty much guaranteed not to know it, too [23:06:36] <mofino> ignorance is bliss eh? [23:06:38] <robtone_> alright, do yourself a favor, and leave this painful place [23:06:42] <mofino> nah [23:06:44] <mofino> I know some people here [23:06:49] <mofino> they aren't half a dim as you guys [23:06:49] <adaptr> really ? [23:07:06] <mwalling> who? [23:07:08] <mofino> you could say, they shine where you absorb [23:07:15] <mofino> doesn't matter... [23:07:35] <adaptr> then stay, but be so civilized as to leave the potty mouth where it belongs, mmmkay ? [23:07:40] <mwalling> !mofino [23:07:40] <knoba> mwalling: "mofino" : Damn troll. [23:07:47] <mofino> cute [23:07:49] <mofino> troll with facts. [23:07:56] <mofino> facts you all cannot refute [23:07:58] * robtone_ dislikes fish, anyway [23:08:00] <adaptr> trolls cannot have facts [23:08:04] <mofino> obviously they do [23:08:17] <adaptr> if they had facts, they would not be trolls [23:08:19] <mwalling> robtone_: salmon is good, tuna is ok, the rest is bleh [23:08:26] <mofino> then maybe your label isn't appropriate [23:08:28] <adaptr> it's a logical impossibility, cap'n! [23:08:33] <mofino> or maybe you are dimwitted and ignorant [23:08:39] <mofino> i suspect it's the latter [23:08:47] <adaptr> I've about had enough of your cussing and insults [23:08:52] <mofino> cussing? [23:08:54] <robtone_> mwalling, dunno, I have to puke everytime I try it - thus of course I try to avoid it [23:08:56] <mofino> are you really that dim? [23:09:01] <mwalling> /ignore mofino ALL [23:09:03] <mofino> "dim" is not a cuss [23:09:07] <mwalling> argh [23:09:07] <adaptr> you could be god for all I care, you're an insufferable little boy with a bad mouth [23:09:10] <mofino> haha [23:09:12] <mofino> with facts [23:09:17] <mofino> hence the reason you are annoyed with me [23:09:19] <adaptr> nobody cares, bitch [23:09:20] <mwalling> robtone_: heh [23:09:23] <mofino> hahaha [23:09:23] <mofino> awesome [23:09:28] <mofino> i love burning idiots on irc [23:09:34] <robtone_> mofino, just to a simple google search on fseek and STDIN [23:09:36] <adaptr> buh bye [23:09:41] <mofino> robtone_, uh huh [23:09:46] <mofino> ignorance stikes again [23:09:48] <adaptr> robtone_: it's useless, he's 15 and bored [23:09:50] <mofino> guys [23:09:52] <mofino> seriously [23:09:57] <mofino> go read qmail-local.c [23:09:57] <adaptr> if that [23:10:02] <mofino> and qmail-lspawn.c [23:10:04] <mofino> ok? [23:10:10] <mofino> when your done, and schooled, come back and apologize [23:10:18] <robtone_> mofino, my FS deletes files whose author is djb [23:10:24] <mofino> haha [23:10:29] <mofino> of course you won't [23:10:31] <adaptr> I want that! [23:10:31] <mofino> typical [23:10:36] <adaptr> is it GPLed ? [23:10:38] <adaptr> :) [23:10:56] <robtone_> it's - keep your breathe - reiserfs [23:11:36] <adaptr> hmm... a lunatic versus a suspected murderer... which to choose... [23:11:50] *** weasel has joined #postfix [23:12:55] *** j_s has quit IRC [23:13:10] *** tshine has quit IRC [23:21:45] *** suuuper has quit IRC [23:21:49] *** will has joined #postfix [23:22:14] <will> does anyone know if there is a way to have a "null" transport map....basically where the message essentially gets dropped, but through the transport map [23:22:36] *** tshine has joined #postfix [23:27:11] <adaptr> use.. I dunno.. /dev/null ? [23:27:13] <robtone_> will, the discard service [23:27:28] <adaptr> ..or that (it probably logs, and stuff) [23:27:30] <robtone_> (man 8 discard) [23:27:51] *** suuuper has joined #postfix [23:28:32] <will> robtone_: thanks ill look it up [23:29:39] <robtone_> will, depends on whether your want suppress DSN and so on [23:30:06] <robtone_> delivery to discard teel the sender which requested a DSN that it has been delivered [23:30:40] <adaptr> that's.. naughty ;) [23:30:58] <will> robtone_: what do you mean the sender will think it has been delivered successfully? That is actually what I want [23:31:50] <robtone_> will, the sender might get (if requested) an information that the message has been delivered (which might call legal troubles) [23:31:59] <adaptr> oooh... you're a naughty boy [23:32:02] <will> heh [23:32:43] <robtone_> will, however, you should see whether discard: fits for you, I never used it [23:33:18] <will> ok cool [23:33:44] <will> so how do i define for the message to a certain recipient to go to the discard service [23:34:52] <robtone_> I thought you are familiar with transport maps [23:35:13] <will> oh i see just like [23:35:22] <will> oops, just like return "discard" [23:35:30] <will> or maybe discard:[127.0.0.1] [23:35:32] <will> or whatever [23:35:53] <robtone_> I guess you can just use discard: [23:35:57] <will> yeah [23:35:59] <will> ill try that [23:37:53] <will> that seems to do what I want, thanks a bunch :) [23:37:55] *** will has quit IRC [23:38:35] *** Fallenou has quit IRC [23:38:38] *** zbrown has left #postfix [23:50:29] *** zbrown has joined #postfix [23:50:48] <zbrown> Is there a way to restrict mail use in postfix to only a certain group of users?