[00:00:57] *** keffer has quit IRC
[00:04:58] *** lysander_ has joined #postfix
[00:06:41] *** Shamgar has joined #postfix
[00:07:02] <Shamgar> Hey all.  I need some advice cause I'm coming up against a wall here.
[00:07:53] <Shamgar> I'm trying to configure my mailserver so that I can generate unique addresses dynamically on the website and still have all the mail go to the right place.
[00:08:18] <Shamgar> an example migh tmake it clearer
[00:08:39] <Shamgar> you have an account with username ABC, and you register to mail something in.
[00:09:09] <Shamgar> it gives you an address that is something like ABC+<some_hash_string> to email it to.
[00:09:58] <Shamgar> When you send in the email, the server turns and delivers it .... doh...I just figured out what I need to do.
[00:10:01] <Shamgar> yeesh.
[00:10:11] <Shamgar> I had a couple test implementations using +ext that weren't working, but just realized why.
[00:10:14] <Shamgar> NM.  ;-)
[00:10:16] <Shamgar> thanks for listening!
[00:10:17] <Shamgar> hehe
[00:10:18] *** Shamgar has left #postfix
[00:10:34] *** pitakill has quit IRC
[00:12:08] *** j_s has quit IRC
[00:17:02] *** lysander has quit IRC
[00:19:01] *** havvg has quit IRC
[00:19:12] *** Southron has quit IRC
[00:20:27] *** gpled has left #postfix
[00:27:48] *** jonez has quit IRC
[00:30:25] *** m0f0x has joined #postfix
[00:30:44] *** m0f0x has quit IRC
[00:36:41] *** Draecos has left #postfix
[00:38:02] *** jonez has joined #postfix
[00:48:57] *** jonez has quit IRC
[00:53:51] *** xpoint has quit IRC
[00:55:07] *** jonez has joined #postfix
[01:10:59] *** lysander_ has quit IRC
[01:11:19] *** cilly has quit IRC
[01:11:25] *** lysander has joined #postfix
[01:22:00] *** [diablo] has quit IRC
[01:38:30] *** keffer has joined #postfix
[01:42:27] *** zeitsofa has joined #postfix
[01:46:50] <zeitsofa> hello people :) i have a little problem with my postfix. i have install it on deiban etch, create a user and try to send emails with mei email client. the client is connecting to postfix but the email cant send; error:>> Relay access denied << i dont know what is wrong :(
[01:53:43] *** tshine_ has quit IRC
[01:55:32] <shasta> !sasl
[01:55:33] <knoba> shasta: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[01:55:42] <shasta> zeitsofa, ^^^^^
[01:57:35] <zeitsofa> thx :) i try it
[02:05:38] *** martianixor has quit IRC
[02:08:02] <lunaphyte> !tls
[02:08:03] <knoba> lunaphyte: "tls" : short for "Transport Layer Security" (RFC2246). It adds an additional layer of encryption to protocols like SMTP, POP3 or IMAP to improve security during transmission over the internet. You can find HOWTOs on that topic on http://www.postfix.org/docs.html
[02:08:35] <lunaphyte> hmm
[02:21:34] <zeitsofa> hmm ok it helps alittle bit for me. know client can connect but postfix use AUTH CRAM-MD5. i like to use unix accounts for email so unix username and userpw can use but it dosnt work. some idees what is wrong ?
[02:23:52] <shasta> you should know that both CRAM-MD5 and DIGEST-MD5 require plaintext passwords at both (client and server) ends
[02:24:26] <shasta> if your server doesn't store plaintext passwords (*very* common case), you're limited to LOGIN and/or PLAIN mechs
[02:26:31] <zeitsofa> hmm i think if i add user unixuser the passwords are not in plaintext sure ?
[02:28:27] *** tomocha6 has quit IRC
[02:28:48] <zeitsofa> what is a good and secure way to use unixusers with postfix ?
[02:34:01] <shasta> tls
[02:34:33] *** tshine has joined #postfix
[02:34:53] <zeitsofa> hmm ok tls are installed
[02:35:08] <zeitsofa> mom i can nopaste the errorlog
[02:36:44] <zeitsofa> http://paste.pocoo.org/show/79193/ that are errorlog from client connection
[02:38:41] <shasta> 250-AUTH NTLM DIGEST-MD5 CRAM-MD5
[02:39:03] <shasta> your postfix offers only non-plaintext auth mechanisms
[02:39:29] <shasta> (non-plaintext as in "no plaintext passwords is transmitted over the wire")
[02:40:03] <shasta> since you use only unix users with crypted passwords stored in /etc/shadow, you can't use those mechanisms
[02:40:14] <shasta> !smtpd_sasl_security_options
[02:40:14] <knoba> shasta: "smtpd_sasl_security_options" : a configuration parameter in the main.cf: Restrict what authentication mechanisms the Postfix SMTP server will offer to the client. The list of available authentication mechanisms is system dependent.
[02:40:20] <shasta> !smtpd_sasl_tls_security_options
[02:40:20] <knoba> shasta: "smtpd_sasl_tls_security_options" : The SASL authentication security options that the Postfix SMTP server uses for TLS encrypted SMTP sessions. This feature is available in Postfix 2.2 and later. See also smtpd_sasl_security_options
[02:50:31] <zeitsofa> hmm i try these config but there isnt work http://paste.pocoo.org/show/79194/ :(
[02:55:51] *** pirho has quit IRC
[02:57:26] <shasta> mptd?
[02:57:48] <zeitsofa> ?
[02:58:48] <shasta> lines 45-46 of http://paste.pocoo.org/show/79194/
[02:59:56] *** jonez has quit IRC
[03:01:03] <zeitsofa> lol - head > table - i have change it but the problem
[03:03:50] <shasta> it's better now: 250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
[03:04:23] <shasta> choose to use LOGIN or PLAIN in your client, and configure SASL to authenticate against shadow
[03:10:40] <zeitsofa> http://paste.pocoo.org/show/79195/ << error log from new try sasl config, too. but it dosnt work :/
[03:12:16] *** pirho has joined #postfix
[03:19:56] *** pirho has quit IRC
[03:33:58] *** confound has quit IRC
[03:41:08] *** PhilKC has joined #Postfix
[03:45:36] *** ccd has joined #postfix
[03:46:17] <ccd> I have postfix setup as a smart host for my exchange server, what seting can I change to make postfix hold mail longer if it cant reach the exchange server?
[03:46:47] *** Trapdoor has joined #postfix
[03:46:55] <Trapdoor> excellent!
[03:46:55] <shasta> !maximal_queue_lifetime
[03:46:56] <knoba> shasta: "maximal_queue_lifetime" : a configuration parameter in the main.cf: The maximal time a message is queued before it is sent back as undeliverable, the default value is 5 days.
[03:47:07] <Trapdoor> will you give any support on postfixadmin?
[03:47:14] <Trapdoor> or can you point me somewhere that does?
[03:47:29] <Trapdoor> nevermind, found #postfixadmin
[03:58:34] *** ming_zym has joined #postfix
[03:58:47] <Ciaran_H> ccd: In case you were expecting a ping, shasta gave the answer above - maximal_queue_lifetime.
[03:59:38] <sahil> oh, how sweet.
[03:59:41] <sahil> :P
[03:59:56] <Ciaran_H> Mmm?
[04:00:05] <sahil> mmm what?
[04:00:22] <Ciaran_H> Oh, just wondering why the "how sweet" comment :D
[04:00:37] <sahil> ah, you providing ccd a ping with the nick completion. :-)
[04:00:50] <sahil> woops, must've received a ping there too.
[04:01:27] <Ciaran_H> Heh. Well, I figured that since they didn't respond, they might not have seen someone gave the answer. Or maybe they assumed it was something else.
[04:01:32] <sahil> i know most small-to-large corporations use exchange but i really don't envy postmasters who have to cater to those setups. :/
[04:01:41] * sahil -> bbl
[04:12:09] *** L0rd_Rahl has joined #postfix
[04:20:21] *** amrit|zzz is now known as amrit|bbl
[04:26:34] *** tomocha6 has joined #postfix
[04:28:33] <zeitsofa> shasta: now i can connect to postfix but Relay access denied are back again :confused:
[04:35:08] *** [raz] has joined #postfix
[04:39:52] <rob0> !relay_denied
[04:39:53] <knoba> rob0: "relay_denied" : \"554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER_ADDRESS> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>\": This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).
[04:40:15] *** prime has joined #postfix
[04:43:13] *** confound has joined #postfix
[04:44:35] <prime> so, why use postfix over sendmail?
[04:45:04] <mwalling> try configuring sendmail
[04:45:18] <mwalling> then configure an identical site in postfi
[04:45:25] <mwalling> x
[04:45:56] <prime> plenty people seem to be able to do it though, why not me?
[04:46:01] <mwalling> then look in the CVE db for sendmail related bullitens, then look for postfix bullitans
[04:46:11] <mwalling> prime: what distro do you use?
[04:46:32] <prime> i dont have a "distro"
[04:46:40] <mwalling> damnit, play along
[04:46:45] <prime> freebsd
[04:46:55] <mwalling> thats even easier ;)
[04:47:04] <prime> something that wanst hacked together
[04:47:05] <mwalling> prime: why do you use bsd over linux?
[04:47:15] *** raz has quit IRC
[04:47:16] *** [raz] is now known as raz
[04:47:22] <prime> bsd was designed
[04:47:28] <prime> linux was thrown together
[04:47:43] <mwalling> damnit, i'm too plastered for this... it boils down to personal preference
[04:48:11] <mwalling> which is why i suggested trying to configuring identical sites with both MTAs and decide which you prefer
[04:48:44] <prime> ok
[04:49:21] <mwalling> i use postfix because i like the simplicity and power of it
[04:49:28] <zeitsofa> rob0: sure its true but i hav auth. enable so i thinks dont need ip from client in mynetworks - i would setup an mailserver to use from all over the world with auth.
[04:49:30] <mwalling> (and because rob0 and Dominian use it)
[04:49:56] <rob0> s/use/are used by/
[04:50:25] <mwalling> see above comment about my current BAC
[04:50:31] <rob0> :)
[04:51:54] *** PhilKC has quit IRC
[04:58:17] *** keffer has quit IRC
[05:06:37] *** Zeit|awy_ has joined #postfix
[05:12:17] <zeitsofa> what can i write to "mynetworks =  " to allow all IPs ? i try 0/0 but it dosnt work
[05:12:48] *** Zeit|awy has quit IRC
[05:13:17] <rob0> ouch
[05:13:20] <mwalling> doing it wrong
[05:13:37] <rob0> Tell me what your IP address is, then I'll tell you how to do it. :)
[05:14:16] <zeitsofa> hmm i think the problem is i traviling a round the world and on all destiantions i have a other one
[05:14:32] <rob0> I told you what the problem was.
[05:15:26] <zeitsofa> i try "mynetworks = 84.133.221.81" and it works fine - 84.133.221.81 its my ip atm
[05:15:55] <rob0> !outlook
[05:15:55] <knoba> rob0: "outlook" : MS Outlook has numerous problems with TLS and AUTH support. Try using a better client to troubleshoot your Postfix server's AUTH features; then once you know it works, you can go back and break it such that Outlook will work.
[05:16:01] <zeitsofa> but i connect remote to a server in uk with other IP and sending emails from it it dosnt work
[05:16:21] <zeitsofa> lol i dont have outlook (windows not my world :) )
[05:16:32] <mwalling> then set up smtp auth
[05:16:38] <rob0> !sasl
[05:16:39] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[05:16:50] <zeitsofa> i have auth activate
[05:16:56] <zeitsofa> sasl works fine
[05:17:04] <rob0> but apparently not right, or you're not using it.
[05:17:15] <zeitsofa> hmm
[05:18:26] *** DaveH_Work has joined #postfix
[05:18:51] <zeitsofa> Jul 12 03:05:41 vs241063 ipop3d[26064]: Login user=email host=p5485DD51.dip.t-dialin.net [84.133.221.81] nmsgs=4/4
[05:18:52] <zeitsofa> Jul 12 03:05:41 vs241063 ipop3d[26064]: Logout user=email host=p5485DD51.dip.t-dialin.net [84.133.221.81] nmsgs=0 ndele=4
[05:20:09] <zeitsofa> just a moment i nopaste all my configs - so you can see what i have done :D i think it was ok - i hope
[05:21:16] *** Ciaran_H has quit IRC
[05:21:57] <zeitsofa> http://paste.pocoo.org/show/79196/ << that is main.cf
[05:23:14] <zeitsofa> http://paste.pocoo.org/show/79197/  << that is saslauthd config
[05:25:48] <rob0> ipop3d != postfix
[05:26:01] <zeitsofa> ?
[05:26:08] <rob0> this should be obvious.
[05:26:40] *** Ciaran_H has joined #postfix
[05:26:50] <zeitsofa> hmm for :) but not for me :/
[05:27:23] <rob0> ipop3d != postfix ? You posted logs from ipop3d, why?
[05:27:38] * rob0 points at the channel name
[05:28:45] 
[05:29:31] <mwalling> 23:18 < zeitsofa> Jul 12 03:05:41 vs241063 ipop3d[26064]: Login user=email host=p5485DD51.dip.t-dialin.net  [84.133.221.81] nmsgs=4/4
[05:29:49] <zeitsofa> this is from mail.log
[05:30:24] <rob0> It is not *Postfix* logging that. Therefore it is not relevant to Postfix.
[05:30:51] <zeitsofa> k
[05:31:10] <mwalling> mail.log is written to by syslogd
[05:31:29] <zeitsofa> ah ok thx i dont know that
[05:32:10] <rob0> It's common for IMAP/POP daemons as well as MTAs, and sometimes even MUAs, to use the "mail" syslog facility.
[05:33:33] *** DaveH|Work has quit IRC
[05:34:01] <zeitsofa> did you need other configs logs or you are know what are wrong with my postfix so i cant send emails ?
[05:34:22] <rob0> !tell zeitsofa sasl
[05:34:51] <rob0> Either you did something wrong with SASL, or your client is not using AUTH.
[05:35:20] <mwalling> !debug
[05:35:20] <knoba> mwalling: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .
[05:35:23] <mwalling> thats a good one too
[05:38:14] <zeitsofa> i try auth in my client PLAIN / LOGIN / CRAM-MD5 / DIGEST but nothing worked
[05:38:38] <sahil> read the debug readme linked for you above; and also look into using something called 'saslfinger'.
[05:38:50] <zeitsofa> kk
[05:39:14] <mwalling> debug_peer or somethingdingkdnglike that
[05:43:09] <rob0> um, how about this:
[05:43:20] <rob0> postconf smtpd_recipient_restrictions
[05:44:13] <rob0> that's a whole lot quicker and easier than debug_peer_list
[05:44:52] <zeitsofa> Tsaslfinger -s  >>> here is no smtpd.conf that defines what SASL should do for Postfix.
[05:44:52] <zeitsofa> SMTP AUTH can't work!  -- i think that is the problem :D
[05:45:03] <rob0> ok, ignore me then
[05:48:50] <zeitsofa> thx for the help i try it again after sleeping :) goog night @ all
[06:16:27] *** iamrtg has joined #postfix
[06:17:46] <iamrtg> hi, can someone help me with mail server question, I am trying to send emails from my ubuntu server , i installed postfix, mailx, and mailutils.
[06:18:13] <iamrtg> to send an email i do: echo "test" | mail -s "test" root@localhost
[06:19:00] <iamrtg> i can get internal emails but i can't send them to external servers, do i have to setup the postfix config file with my ip address to send out?
[06:19:09] <rob0> !basic
[06:19:10] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[06:19:27] <iamrtg> thanks, will take a look at it
[06:27:34] *** prime has quit IRC
[06:30:09] *** iamrtg has quit IRC
[06:38:40] *** f3ew has quit IRC
[06:40:30] *** keffer has joined #postfix
[06:41:07] *** f3ew has joined #postfix
[06:59:49] *** f3ew has quit IRC
[07:00:33] *** f3ew has joined #postfix
[07:02:01] *** tshine is now known as tshine_afk
[07:03:38] <sahil> what happen to the days when people pretended to rtfm before expecting something to work out of the box? :P
[07:04:59] <rob0> They still pretend, just not very convincingly.
[07:06:46] <Motoko-chan> lulz
[07:08:30] *** f3ew has quit IRC
[07:12:15] *** keanne has joined #postfix
[07:15:18] *** idle-boy`` has joined #postfix
[07:26:54] *** Lap_64 has joined #postfix
[07:31:07] *** c0m has joined #postfix
[07:32:40] *** idle-boy` has quit IRC
[07:38:48] *** githogori has joined #postfix
[07:51:21] *** cilly has joined #postfix
[08:13:31] *** ming_zym has quit IRC
[08:17:48] *** ming_zym has joined #postfix
[08:19:34] *** Trapdoor has quit IRC
[08:29:57] *** ovd has joined #postfix
[08:55:58] *** madrescher has joined #postfix
[08:57:37] *** j_s has joined #postfix
[08:58:03] *** zeitsofa has quit IRC
[08:58:42] *** zeitsofa has joined #postfix
[08:59:59] *** jerlique has joined #postfix
[09:01:27] <jerlique> My postfix is delivering local mail to the smtp_fallback_relay. The queue is full of messages waiting to go to the fallback relay for a local destination. The MX is resolving on the machine locally. ANy ideas?
[09:15:21] *** master_o1_master has joined #postfix
[09:21:15] *** slackjr_ has joined #postfix
[09:21:52] *** slackjr_ has quit IRC
[09:23:00] <zeitsofa> heallo again :) rob0 http://paste.pocoo.org/show/79200/ there are the output from saslfinger -c it looks good i think but nothing work :(
[09:27:42] *** Mohammed has joined #postfix
[09:27:43] *** master_of_master has quit IRC
[09:29:35] *** master_o1_master is now known as master_of_master
[09:35:24] *** internat1 is now known as Internat
[09:39:01] *** romero has joined #postfix
[09:47:02] <Mohammed> dragonheart: good morning heart
[09:51:15] *** oliver76 has quit IRC
[10:07:09] *** af_ has joined #postfix
[10:27:32] *** Mohammed has quit IRC
[10:29:17] *** Lap_64 has quit IRC
[10:38:45] *** Motoko-chan has quit IRC
[10:45:52] <sysmonk> romero: doh
[10:46:03] <sysmonk> romero: why another nick? :)
[11:00:47] *** havvg has joined #postfix
[11:10:18] <adaptr> jerlique: does mydestination include your local domain ?
[11:28:18] <romero> sysmonk, couse asyd is owned :(
[11:28:42] <sysmonk> pwn3d!
[11:28:54] <sysmonk> ah right, i remember, i always try talking to him haha :)
[11:29:10] <sysmonk> then he's like "um, what? what language is it?"
[11:31:57] *** af_ has quit IRC
[11:33:33] <romero> sysmonk, so, is there any info about noratus bw monitoring?:)
[11:37:48] <sysmonk> romero: the port it is connected should by monitored
[11:37:51] <sysmonk> so i could show cacti graphs
[11:38:00] <sysmonk> the only problem - i don't know on which port it is ;/
[11:38:47] <sysmonk> as soon as i'll know to which switch and port it is connected i'll take a look at it
[11:39:01] <sysmonk> and, if possible, maybe give cacti access to you
[11:40:14] <sysmonk> i didn't know that you pay for traffic and not for speed
[11:42:41] <romero> i think sooner or later we get new contract
[11:42:47] <romero> with unlimited bw
[11:43:04] <sysmonk> k, great
[11:43:10] <sysmonk> and a new hardware *cough*
[11:43:18] <sysmonk> and drop a colfdusion client *cough*
[11:43:39] <romero> yeah, cf is pain in the ass us too
[11:43:40] <romero> :))
[11:44:37] <romero> but nobody gives resurces to rewrite all system
[12:05:43] *** pirho has joined #postfix
[12:06:09] *** saurabhb has joined #postfix
[12:08:22] *** saurabhb has quit IRC
[12:18:59] *** Deffie has joined #postfix
[12:19:17] *** Deffie has quit IRC
[12:28:04] *** madrescher has quit IRC
[12:38:22] *** Deffie has joined #postfix
[12:40:03] *** Deffie has quit IRC
[12:40:28] *** rokra has joined #postfix
[12:42:11] *** mib_9ew2er has joined #postfix
[12:43:19] *** sin__ has quit IRC
[12:44:14] <mib_9ew2er> guys. i have a host listed in dns as 102.2.168.192.station1.example.com. IN A 127.0.0.2 how do i block it in postfix. smtpd_recipient_restrictions = reject_rbl_client station1.example.com
[12:45:40] <mib_9ew2er> this setting doesn't let 192.168.2.99 use the server
[12:45:45] <mib_9ew2er> too
[12:49:37] *** dusty_ has quit IRC
[12:50:14] *** mib_9ew2er has quit IRC
[13:17:41] *** rokra_ has joined #postfix
[13:19:30] *** rokra_ has left #postfix
[13:20:30] *** dusty has joined #postfix
[13:43:09] *** cpm has joined #postfix
[13:45:14] *** [diablo] has joined #postfix
[13:45:27] *** tshine_afk is now known as tshine
[14:19:08] *** preaaaaa has joined #postfix
[14:37:23] *** c0mrade has quit IRC
[14:37:31] *** c0mrade has joined #postfix
[14:45:01] *** preaaaaa has quit IRC
[14:45:06] *** preaaaaa has joined #postfix
[14:55:10] *** xpoint has joined #postfix
[15:01:22] *** c0mrade has quit IRC
[15:07:32] *** worgil has joined #postfix
[15:08:10] *** sophokles has joined #postfix
[15:09:09] *** [diablo] has quit IRC
[15:15:27] *** idle-boy` has joined #postfix
[15:23:27] *** cpm has quit IRC
[15:24:00] *** cilly has quit IRC
[15:26:35] *** servettas has quit IRC
[15:33:12] *** idle-boy`` has quit IRC
[15:37:02] *** servettas has joined #postfix
[15:41:21] *** cpm has joined #postfix
[15:50:13] *** worgil has quit IRC
[15:51:42] *** havvg_ has joined #postfix
[15:58:03] *** Zblakany has quit IRC
[15:58:33] *** servettas has quit IRC
[16:05:56] *** preaaaaa is now known as c0mrade
[16:08:08] *** Zblakany has joined #postfix
[16:09:57] *** havvg has quit IRC
[16:21:29] *** servettas has joined #postfix
[16:22:50] *** preaaaaa has joined #postfix
[16:38:35] *** nicram_ has joined #postfix
[16:40:18] *** c0mrade has quit IRC
[16:53:45] *** havvg_ has quit IRC
[16:56:14] <nicram_> I'm "fighting" with postfix, second day and I have the last problem. Emails that are coming to me aren't delivered and there isn't any information at log files. I can send message outside, testsaslauthd works ok, login into imap also works. How can I find the problem?
[16:56:57] <nicram_> Locally messages work.
[16:57:04] *** cilly has joined #postfix
[16:57:47] <nicram_> Any ideas?
[17:01:24] *** nicram_ has left #postfix
[17:01:49] *** neoeinstein has joined #postfix
[17:06:37] *** jeevan_ullas has joined #postfix
[17:07:08] <jeevan_ullas> hi all
[17:07:48] <jeevan_ullas> i have configured postfix such that on my lan i have blocked one client via dnsbl. but it seems to be not working
[17:09:24] <jeevan_ullas> here's my postconf -n http://rafb.net/p/pDFZD130.html
[17:09:59] <jeevan_ullas>  /var/named/chroot/var/named/example.com.zone (forward zone file for the domain) have this line in it
[17:10:14] <jeevan_ullas> 98.2.168.192.station1.example.com. IN A 127.0.0.2
[17:11:29] *** denis__ has joined #postfix
[17:12:21] <jeevan_ullas> when i do openssl s_client -starttls smtp -host station1.example.com -port 25 from 192.168.2.98 i can use the mail server to send email
[17:20:50] *** cilly has quit IRC
[17:26:17] *** cpm has quit IRC
[17:27:16] <jeevan_ullas> any idea guys seems like i need some tweaking in my smtpd_recipient_restriction line
[17:47:07] *** martiancode has joined #postfix
[17:51:34] *** keffer has quit IRC
[17:53:13] *** Kimi has joined #postfix
[17:53:38] *** Kimi has left #postfix
[17:56:15] *** keffer has joined #postfix
[18:02:07] *** Internat has quit IRC
[18:02:28] *** Internat has joined #postfix
[18:04:20] *** af_ has joined #postfix
[18:05:16] *** Southron has joined #Postfix
[18:05:22] *** havvg has joined #postfix
[18:07:43] *** Trengo has quit IRC
[18:11:54] *** martiancode has quit IRC
[18:19:38] <jerlique> My postfix queue directory is in /var/spool/postfix. What is the recommended way to move this directory to another one?
[18:22:11] *** Pnano has joined #Postfix
[18:24:31] <jeev> maybe rebuild it selecting another dir
[18:24:38] <Pnano> hello, someone here could point me why email sent failed?
[18:24:41] <Pnano> rfc822 Status: 4.4.2 lost connection with while receiving the initial server
[18:24:53] <jeev> have you tried sending to another account ?
[18:25:14] <Pnano> I mean what's possible reasons
[18:25:28] <jeev> have you tried sending to another account ?
[18:25:29] <jeev> have you tried sending to another account ?
[18:25:37] *** af_ has left #postfix
[18:25:37] <Pnano> jeev, to me
[18:25:52] <jeev> so you're sending from outside to inside?
[18:25:53] <Pnano> are you talking to?
[18:26:25] <Pnano> no
[18:26:39] <Pnano> from outside to inside
[18:27:25] *** m0f0x has joined #postfix
[18:27:36] <jeev> so you're sending from
[18:27:40] <jeev> like gmail to your mail server
[18:27:42] <jeev> for example
[18:28:51] <Pnano> yesm from another domain, not gmail
[18:28:52] *** vice-versa has quit IRC
[18:30:47] <Pnano> what's protential reasons to cause that error, i wonder
[18:31:09] <Pnano> rfc822 Status: 4.4.2 lost connection with while receiving the initial server
[18:31:53] *** arahman has joined #postfix
[18:31:59] *** cilkay has joined #postfix
[18:32:16] <Pnano> /s/protential/potential
[18:32:41] *** Deffie_ has joined #postfix
[18:34:00] <cilkay> Hello. I'm migrating to a new server so I'm reevaluating what we've been doing for the user database. We've been using PostgreSQL and it has worked very well for the last few years but I suspect it's not the most resource-efficient way of doing this. (MySQL is not an option, not to mention that it wouldn't be any lighter on resources.) Would using OpenLDAP for the user db be a lighter weight option?
[18:34:25] <jeev> have you tried
[18:34:27] <jeev> emailng from gmail
[18:34:29] <jeev> i dont know the problem
[18:34:35] <jeev> maybe you could figure it out by testing from other server Pnano
[18:34:38] *** m0f0x has quit IRC
[18:34:52] <Pnano> not yet
[18:34:52] <jeev> i've never used ldap cilkay.
[18:34:54] <cilkay> Setting up and managing OpenLDAP seems to be much more involved.
[18:35:25] <Pnano> how to "testing from other server"?
[18:35:30] <cilkay> Adding/deleting/modifying virtual users with PostgreSQL is dead easy, just standard SQL.
[18:35:32] <jeev> DOOD
[18:35:33] <jeev> for christ sake
[18:35:38] <jeev> send an email from anotehr address
[18:35:42] <jeev> see if it gives you the same problem
[18:36:05] <Pnano> you mean: sent mail from other outside server
[18:36:17] <jeev> i'm not gonna try helping you anymore
[18:36:37] <Pnano> if not, what it indict
[18:36:54] <jeev> what's wrong with you
[18:36:56] <jeev> maybe you're having a problem
[18:36:59] <jeev> with the place you're sending from
[18:37:02] <jeev> what if there is a networking issue
[18:37:04] <jeev> and it's LOSING CONNECTION
[18:37:08] <jeev> you dont want to try all your options first/
[18:37:14] <jeev> you have probably something misconfigured
[18:37:18] <jeev> but it's good to test all avenues
[18:37:48] <Pnano> indicate
[18:38:26] <Pnano> ok, get it
[18:38:32] <Pnano> thank you, jeevv
[18:39:36] <cilkay> Ah... open source support at its best :)
[18:39:57] <jeev> what you figure out cilkay
[18:45:16] *** c00l2sv has quit IRC
[18:48:11] *** Pnano has quit IRC
[18:48:49] *** arahman_ has quit IRC
[18:50:02] *** F6F has joined #postfix
[19:07:16] <F6F> hi
[19:07:26] <F6F> well im looking vor some help
[19:07:59] <F6F> my postfix wan't fetch mails vom Extern
[19:08:15] <F6F> there also warnings
[19:08:26] <F6F> in mail.warn
[19:08:35] <F6F> Jul 12 18:54:10 antifuse postfix/master[12045]: warning: process /usr/lib64/postfix/smtpd pid 12607 exit status 1
[19:08:35] <F6F> Jul 12 18:54:10 antifuse postfix/master[12045]: warning: /usr/lib64/postfix/smtpd: bad command startup -- throttling
[19:08:56] <F6F> netstat says
[19:09:03] <F6F> smtp is listening
[19:09:04] <sysmonk> postfix doesn't fetch anything
[19:09:34] <F6F> smtp want fetch
[19:09:47] <sysmonk> F6F: try looking at lines before throttling, should have some errors
[19:10:05] <sysmonk> and, try looking if there's somebody who speaks german here, as your english isn't really good and it's hard to understand you
[19:11:18] <F6F> in maillog.warn there is only this warning
[19:11:29] <F6F> no error ist shown there
[19:12:19] *** ecrist has joined #postfix
[19:12:36] <sysmonk> look at other log files (mail.*)
[19:12:45] <sysmonk> i hate when maillog is splitted to 10 different files
[19:12:46] <ecrist> hey folks, I'm trying to get postfix 2.5.1 running on freebsd 7.0, with TLS enabled, I get the following error in my logs:
[19:13:06] <ecrist> fatal: tls_prng_exch_open: cannot open PRNG exchange file /var/lib/postfix/prng_exch: Permission denied
[19:13:28] <F6F> sysmonk, i think I have the Error
[19:13:39] <F6F> : fatal: open database /etc/postfix/aliases.db
[19:13:42] <F6F> *G*
[19:13:45] <F6F> thx so far
[19:13:59] <jduggan> postalias
[19:14:02] <jduggan> :o
[19:14:02] <sysmonk> F6F: very common problem
[19:14:18] <sysmonk> jduggan: postalias requires a param, newaliases doesn't
[19:14:27] <sysmonk> although newaliases is for sendmail compatibility :)
[19:14:44] <sysmonk> but i still like to use mailq / newaliases which is sendmails commands
[19:14:47] <sysmonk> s/id/are/
[19:14:54] <sysmonk> damn it :) s/is/are/
[19:15:47] <higuita> yep, me too, old habits dont die :)
[19:16:25] <ecrist> anyone on my TLS problem?
[19:16:36] *** Deffie_ has quit IRC
[19:16:45] <sysmonk> ecrist: are you SURE you're runing freebsd ? :)
[19:16:58] <ecrist> sysmonk: ?
[19:17:01] <sysmonk> i mean, freebsd doesn't have /var/lib/postfix/
[19:17:11] <sysmonk> freebsd stores everything in /usr/local/lib/
[19:17:11] <ecrist> sysmonk: sure it does.
[19:17:16] <sysmonk> ecrist: oh really ?
[19:17:31] <ecrist> yes, the port creates that directory for the 2.5.1 install
[19:17:54] <sysmonk> oh reeaaaaaaly
[19:18:00] <sysmonk> > uname -r && ls -la /var/lib/postfix; pkg_info | grep postfix
[19:18:14] <ecrist> root@snort:/var/lib/postfix-> uname -a
[19:18:14] <ecrist> FreeBSD snort.secure-computing.net 7.0-RELEASE-p2 FreeBSD 7.0-RELEASE-p2 #0: Fri Jul 11 09:13:04 CDT 2008     root at snort dot secure-computing.net:/usr/obj/usr/src/sys/SNORT  i386
[19:18:18] <ecrist> root@snort:/var/lib/postfix-> ls /var/lib
[19:18:20] <ecrist> dovecot postfix
[19:18:23] <ecrist> root@snort:/var/lib/postfix->
[19:18:29] <sysmonk> ecrist: don't pastebin here
[19:18:31] <ecrist> :p
[19:18:42] <sysmonk> ecrist: i'm runing 7.0 and there's NO /var/lib/postfix
[19:18:44] <ecrist> sysmonk: <= 5 lines
[19:18:53] <ecrist> sysmonk: what version of postfix are you running?
[19:18:58] <sysmonk> and really, i'm an old user of freebsd, and there's no such thing as /var/lib/postfix
[19:19:02] <sysmonk> that's not the freebsd way.
[19:19:08] <sysmonk> ecrist: 2.5.1_2,1
[19:19:21] <ecrist> sysmonk: I know that, I've been running freebsd since 2.2.5 (iirc)
[19:19:49] <ecrist> I have a fresh install of 7.0Rp2, which I updated from source
[19:20:01] <ecrist> that directory *does* exist, and I didn't create it.
[19:20:11] <ecrist> postconf | grep data_directory points to it.
[19:20:20] <sysmonk> ecrist: pastebin your /etc/make.conf
[19:20:50] <ecrist> http://pastebin.com/m646ac218
[19:21:12] <sysmonk>  dunno
[19:21:24] <ecrist> did you install from ports?
[19:21:27] <sysmonk> i can make you a jail and you'll show me how ports install postfix and use /var/lib/
[19:21:31] <sysmonk> sure
[19:21:47] <sysmonk> you didn't ?
[19:21:53] <ecrist> sysmonk: I'm not making this up, quit doubting me and just try to help, pleas.
[19:21:56] <ecrist> sysmonk: of course I did.
[19:22:06] <sysmonk> ecrist: i'm not making it up too
[19:22:15] <sysmonk> that really depends
[19:22:34] <sysmonk> i'm trying to help you but i want to know how did it end up in /var/lib/postfix
[19:23:00] <ecrist> sysmonk: cd /usr/ports/mail/postfix && make all install clean
[19:23:24] <sysmonk> ecrist: could you pastebin your postconf -d daemon_directory ?
[19:23:34] <sysmonk> or paste here even
[19:24:03] <ecrist> wtf? it says /usr/libexec/postfix
[19:24:13] <ecrist> shouldn't that be /usr/local/libexec/postfix?
[19:24:13] <sysmonk> ecrist: did you copy over the config from some lunix machine ?
[19:24:26] <ecrist> sysmonk: I copied a config from my running freebsd machine.
[19:24:32] <sysmonk> hm
[19:24:53] <sysmonk> i don't know, but your main.cf has the wrong paths
[19:24:57] <ecrist> actually, the running/working freebsd system reports the same thing.
[19:25:01] <sysmonk> and postfix was compiled ith /usr/libexec
[19:25:05] <sysmonk> but main.cf has /var/lib/
[19:25:20] <sysmonk> ecrist: was the runing/working machine installed from source or from ports?
[19:25:49] <ecrist> ports
[19:26:03] *** Angel has quit IRC
[19:26:07] <ecrist> sysmonk: when I look at my config (on both machines), I have daemon_directory = /usr/local/libexec/postfix in main.cf
[19:26:20] <sysmonk> hm
[19:26:33] <sysmonk> but postconf -n daemon_directory returns what?
[19:26:45] <sysmonk> /var/lib/..  ?
[19:26:55] <ecrist> daemon_directory = /usr/libexec/postfix
[19:27:01] <sysmonk> the -n one ?
[19:27:45] *** havvg has quit IRC
[19:27:51] <sysmonk> hm, you've told postconf | grep /var/lib returned something, could you pastebin what it returns?
[19:27:53] <ecrist> sorry, that was -d
[19:28:03] <sysmonk> ah, -d should return /usr/libexec/postfix
[19:28:04] <ecrist> daemon_directory = /usr/local/libexec/postfix
[19:28:30] <ecrist> data_directory = /var/lib/postfix
[19:28:50] <ecrist> fwiw, I don't have data_directory defined in my main.cf file...
[19:29:32] <sysmonk> ecrist: now, postconf -n | grep /var/lib  and pastebin it
[19:29:44] <sysmonk> and do the same for -d
[19:29:47] <ecrist> nothing for -n
[19:30:10] <sysmonk> ecrist: and without -n / -d
[19:30:32] <sysmonk> and without -d ? ( just postconf | grep /var/lib )
[19:30:37] <ecrist> without -d/-n, I get same as -d
[19:30:48] <sysmonk> hm
[19:31:50] <sysmonk> ecrist: k, open up your main.cf
[19:31:54] <ecrist> yup
[19:31:57] <sysmonk> and find data_directory
[19:32:00] <sysmonk> is it there?
[19:32:16] <ecrist> nope - I mentioned that it's not defined there.
[19:32:26] <sysmonk> yeah, not defined != exists but uncommented
[19:32:39] <sysmonk> ecrist: your old server uses postfix < 2.5 ?
[19:32:45] <ecrist> yes
[19:32:48] <sysmonk> that's the problem
[19:33:02] <sysmonk> you've copied the config from postfix < 2.5 which doesn't have that data_directory
[19:33:09] <sysmonk> it showed up in 2.5
[19:33:22] <sysmonk> so it falls back to the source default ( /var/lib/postfix )
[19:33:28] <sysmonk> and freebsd's default is /var/db/postfix
[19:34:13] <sysmonk> so, there's two ways of fixing it, 1. put data_directory = /var/db/postfix in main.cf 2. create the dir and set the correct permissions
[19:34:42] <sysmonk> (postfix set-permissions should do that, but i'm not sure 100%)
[19:34:59] <ecrist> sysmonk: the direcotry was there, and permissions were set, but it didn't work
[19:35:08] <ecrist> however, I've added the line, and all is better.
[19:35:10] <ecrist> thanks for the help
[19:35:23] <sysmonk> ecrist: which directory? /var/db/postfix or /var/lib/postfix ?
[19:35:35] <ecrist> the freebsd one - /var/db/postfix
[19:35:37] <sysmonk> /var/db/postfix should have been created by the ports install
[19:35:40] <sysmonk> ye
[19:35:46] <ecrist> adding the data_directory and restarting worked.
[19:35:51] <sysmonk> yup
[19:36:05] <ecrist> so, this was a problem caused by my copying of an old config.
[19:36:09] <sysmonk> that's the reason why blindly copying over the configs sucks :)
[19:36:13] <sysmonk> yup
[19:36:25] <ecrist> heh, thanks.  I've gotta go now, but I appreciate your help.
[19:36:31] <sysmonk> np
[19:36:33] <sysmonk> 99.99$
[19:38:36] *** ming_zym has quit IRC
[19:42:17] *** [diablo] has joined #postfix
[19:43:42] <jduggan> haha
[19:53:34] *** jonez has joined #postfix
[19:57:49] *** sophokles has quit IRC
[20:00:59] *** madrescher has joined #postfix
[20:14:23] *** dusty has quit IRC
[20:26:19] *** hever has joined #postfix
[20:26:54] *** keffer has quit IRC
[20:27:33] *** AllenJB has joined #postfix
[20:33:55] *** dusty has joined #postfix
[20:44:17] *** servettas has quit IRC
[20:48:56] <AllenJB> What are peoples opinions on the best greylisting implementation for Postfix?
[20:56:22] <rob0> There 3 that I know to be good ones: sqlgrey, postgrey, policyd. My opinion at this time is that greylisting is not as effective as it once was. My greylisted domains get as much spam as the non-greylisted.
[20:56:28] <rob0> !cheatsheet
[20:56:29] <knoba> rob0: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[20:56:33] <rob0> !zen
[20:56:34] <knoba> rob0: "zen" : http://www.spamhaus.org/zen/ : A composite of all Spamhaus DNSBLs: SBL, XBL and PBL
[20:58:45] <sysmonk> although i wouldn't offer using PBL, but it depends on your policies
[20:59:22] <rob0> nice thing about PBL is that anyone can delist an IP address
[20:59:49] <sysmonk> hm, they can? i thought only isp's can
[20:59:55] <AllenJB> Surely that can also be a bad thing? =)
[21:00:15] <rob0> I think they have a human review the delisting requests.
[21:00:43] <rob0> you have to pass captcha and give a working email address
[21:01:16] <rob0> if a delisted IP spams, it won't be delisted again, they say
[21:01:26] <rob0> (it will go in SBL)
[21:18:33] *** pa has quit IRC
[21:21:46] *** pa has joined #postfix
[21:31:10] *** fatgoose has quit IRC
[21:46:08] *** denis__ has quit IRC
[21:46:14] *** denis__ has joined #postfix
[21:55:44] *** keffer has joined #postfix
[22:07:19] *** tomocha6 has quit IRC
[22:22:37] *** kjkoster5489 has joined #postfix
[22:27:14] *** icewaterman has joined #postfix
[22:27:19] <icewaterman> hi
[22:30:03] <kjkoster5489> hi
[22:31:26] *** denis__ has quit IRC
[22:32:06] <icewaterman> i am running a private mailserver at home using ssl. however i'd like to know how common the use of ssl for smtp between mailservers actually is.
[22:32:38] <sysmonk> icewaterman: you can't require other servers to use ssl
[22:32:42] <sysmonk> that's against rfc
[22:32:49] <sysmonk> but you can offer ssl to them ( tls )
[22:32:53] <icewaterman> sysmonk: i do not intend to
[22:33:00] <sysmonk> and, if they want they'll try to use it
[22:33:09] <icewaterman> because it will probably break a lot of mailservers transmissions.
[22:33:36] <sysmonk> most of them
[22:33:39] <icewaterman> sysmonk: i just wanted to know whether other mailservers or how man (in %) approximately use ssl at all
[22:33:58] <sysmonk> for inter-server connectivity? who knows
[22:34:10] <sysmonk> for server<->user connectivity - lots
[22:34:42] <icewaterman> sysmonk: i know that
[22:35:02] <icewaterman> would be interesting to know what servers support it for inter-server connections
[22:35:10] <icewaterman> or how many
[22:35:27] <sysmonk> that's the same as "i would like to count how many people use linux"
[22:35:30] <sysmonk> you can't know, that's all
[22:35:39] <sysmonk> it not something that you can count so easily
[22:35:58] <sysmonk> but most servers have it disabled by default, so i'd say very few servers have it enabled
[22:36:48] <sysmonk> also, it's a question of - do you want to know how many servers OFFER tls or how many servers would TRY to use tls if you'd offer them
[22:36:56] <sysmonk> (a.k.a client tls and server tls)
[22:38:03] <icewaterman> for my server (i use an smtp smarthost) i can only offer tls for recieving mails - at least i hope i do.
[22:38:52] *** kjkoster5489 has quit IRC
[22:59:28] *** [diablo] has quit IRC
[23:01:14] *** Isvara has joined #postfix
[23:02:37] <Isvara> Hi. How relevant is the O'Reilly Postfix book, given that it's from 2004?
[23:03:44] *** orzel has quit IRC
[23:04:00] *** orzel has joined #postfix
[23:11:07] *** jcrites has joined #postfix
[23:11:24] <jcrites> what can I optimize to ensure low latency when receiving mail?
[23:11:50] <jcrites> in some experiments I've seen spikes up to ~2s on my system when sending mail to itself .... HD maybe busy or something?
[23:15:34] *** idle-boy`` has joined #postfix
[23:16:17] <shasta> oh my :)
[23:16:29] <shasta> jcrites, smtp is not "instant messaging"
[23:16:35] <jcrites> under very low load too... like 1 message/s
[23:17:38] <jcrites> yup I'm aware of that... but I have some software that needs to generate mail... if I can't get the latency down to a reasonable level I'll have to (1) build a bunch of custom shit (2) buy some expensive custom solution like IronPort
[23:17:48] <jcrites> I'm leaning more towards the (1)
[23:18:10] *** hever has quit IRC
[23:18:18] <jcrites> we already have a fleet of expensive mail servers.  I was hoping that by using the PostFix instances that are already on all our machines, I could provide lower latency than a remote send
[23:18:27] <jcrites> then configure them to relay to the main servers
[23:18:40] <jcrites> but for some reason I still see spikes when delivering to myself :(
[23:19:10] <jcrites> maybe I need to swithc to another protocol like QMQP?
[23:20:41] <jcrites> sorry
[23:20:49] <jcrites> when I said:   	in some experiments I've seen spikes up to ~2s on my system when sending mail to itself
[23:21:01] <jcrites> what I meant was that's the time it takes to open a connection to localhost and transmit the mail
[23:21:07] <jcrites> not receive it :)
[23:21:14] <jcrites> that's a bit high, no?
[23:22:51] <sysmonk> dns problems?
[23:23:09] <sysmonk> see at a/b/c/d delays when you submit email
[23:23:14] <sysmonk> (it's in the logs)
[23:24:10] <jcrites> k
[23:24:23] <jcrites> good idea
[23:24:33] <jcrites> I've had DNS problems with our other mail systems
[23:24:54] <jcrites> when you have a corporate infrastructure, what DNS do you generally confgiure mail servers to look up against?
[23:25:17] <jcrites> we have records like x.example.com that are external-only, records that are internal and external with different IPs (nat external and internal), and internal-only
[23:26:08] <jcrites> if I configure them to look up externally then certain mail flows break directed internally
[23:27:14] <sysmonk> local recursive dns which uses your 'central' dns server as a forwarder
[23:27:47] <sysmonk> i.e. bind with forwarders { your_recursive_dns1; your_recursive_dns2; }; or whatever it is:)
[23:29:42] <jcrites> the a/b/c/d delays, am I looking in the mail log ?
[23:29:51] <jcrites> the requests all say delay=0 ...
[23:30:14] <jcrites> thanks for your help :)
[23:30:25] <jcrites> I think I ought to buy a book, a comprehensive tutorial to all the relevant aspects
[23:30:30] <jcrites> there are a lot of things to learn about PostFix
[23:31:22] <sysmonk> it's Postfix
[23:31:24] <sysmonk> or postfix
[23:31:27] <sysmonk> but not PostFix
[23:31:44] <jcrites> oh?
[23:31:53] <jcrites> dammit.  now I have to change all my notes
[23:31:58] <higuita> hehehe, first lesson: how to write postfix :)
[23:31:59] <sysmonk> heh
[23:32:03] <jcrites> thanks for pointing that out
[23:32:03] <sysmonk> s/PostFix/Postfix/g :)
[23:32:11] <jcrites> lol, I write in pen on paper >_<
[23:32:17] <sysmonk> that's more trouble :P
[23:33:07] <jcrites> so what happens if I mount all the postfix files in a memory-mapped filesysem?   >:)
[23:33:38] *** idle-boy` has quit IRC
[23:33:41] <higuita> binaries?
[23:33:44] <higuita> they would just disapear when you reboot the system...
[23:33:59] <jcrites> I'm trying to upgrade my company's infrastructure to use postfix where we currently use a proprietary solution .... I figured I'd have two classes of machine.... border machines for sending outwards, and internal machines for relay
[23:34:16] <jcrites> the internal relay machines need to accept messages and send them between internal systems *really* quickly ....
[23:34:24] <jcrites> so I was thinking if I put the queues on a memory-mapped FS it might speed some things up
[23:34:40] <jcrites> no, I mean like the data files ... spool?
[23:34:41] <higuita> the /var/spool/postfix ? dangerous thing, you may lose emails, and the RAM could be more usefull for the smtp and smtpd (and clamav, spamassasin, etc) to run
[23:34:48] *** Joe_Wulf has joined #postfix
[23:34:53] <rob0> oh yikes! Sure it would. But that is SO wrong!
[23:35:01] <jcrites> it might actually hurt overall bandwidth ... especially for the border machines
[23:35:06] <jcrites> but what if I'm trying to minimize latency?
[23:35:16] <higuita> email HAVE latency
[23:35:16] <jcrites> our systems right now actually have website page views generating mail sends in some cases
[23:35:22] <jcrites> just the accept latency
[23:35:26] <jcrites> I don't mean delivery....
[23:35:41] <jcrites> get it into the incoming queue asap
[23:35:41] <higuita> trying to reduce it will just move it to another place
[23:35:43] <higuita> email is not a IM
[23:36:11] <jcrites> I'm not trying to make the messages get delivered faster... just have the server accept them faster from the client :)
[23:36:20] <sysmonk> jcrites: use sendmail (not teh daemon ) for quick injection
[23:36:25] <sysmonk> sendmail will inject directly to the queue
[23:36:34] <sysmonk> so no latency of accepting the mail
[23:36:46] <jcrites> right now I'm using the apache commons mail library to make a local smtp connection
[23:36:57] <jcrites> I could switch to that if you think it would work better :D
[23:37:01] <sysmonk> jcrites: what software do you use for websites?
[23:37:02] <higuita> unless your CPU/RAM/HD is too slow,  you can accept thousands of emails per second
[23:37:06] <sysmonk> perl/php/c/whatever?
[23:37:11] <jcrites> ya
[23:37:13] <sysmonk> WHAT
[23:37:13] <sysmonk> :)
[23:37:24] <jcrites> all of the above but c :P
[23:37:29] <jcrites> err
[23:37:30] <jcrites> php
[23:37:36] <sysmonk> use php's mail() function
[23:37:46] <sysmonk> it will inject the mail to the queue using sendmail
[23:37:53] <jcrites> higuita: I actually do see very high total bandwidth from Postfix even on very limited virtualized hardware... comparable with the expensive proprietary machines
[23:37:54] <higuita> my old P500 with 128Mb ram could acceprt without any problem (and some tune in the smtpd limit) about 200 messages/s
[23:37:59] <sysmonk> that won't take a second ...
[23:38:13] <jcrites> but I have two use cases... one that's high-bandwidth, and one that's low-latency, and I need machines for both :<
[23:38:39] <jcrites> various classes of financial applications
[23:39:18] <jcrites> maybe I could provide QoS by having either different classes of machines with different configs, or maybe different accepting daemons with different configs?
[23:39:39] <sysmonk> 0.226u 0.035s 0:00.63 39.6%     11+2046k 34+0io 1pf+0w
[23:39:40] <jcrites> I read some about how to address Postfix congestion, e.g., setting up dedicated outbound smtp daemons
[23:39:49] <sysmonk> less than a second to initialize a connection to a remote host and send the email
[23:39:50] <higuita> if you need to kind of email use, setup 2 mail servers, usually when the volume of email increase, it also increase the latency, so break the two
[23:40:11] <jcrites> yeah, most of the connections have pretty good latency
[23:40:19] <jcrites> even the remote servers I have now average around something like 20ms
[23:40:25] <jcrites> it's the 99.9th percentile that sux :(
[23:40:26] <higuita>  the problem isnt the smtpd usually, its the queue manager and the smtp client sending emails
[23:40:50] <sysmonk> higuita: as far as i can understand, he has problems puting the email to the queue, not delivering it
[23:41:14] <jcrites> I sort of want Postfix to act like a giant queue..... it doesn't matter as much when the mails get out to the final destinations as long as it's within a couple hours.... but by the design of the client software, it needs to service *them* really quickly
[23:41:40] <jcrites> I thought of just writing my own system.... a pipe-based daemon that just stripes a bunch of messages to disk, then transfers them over to the server :)
[23:41:40] <sysmonk> jcrites: imho you've got dns problems
[23:41:41] <higuita> putting emails in the queue? maybe he is trying to deliver too much in parallel
[23:41:46] <sysmonk> jcrites: can you reproduce the problem ?
[23:42:18] <jcrites> let me try..... this is from localhost to localhost.... would the DNS problem be impacting certain recipients based on their envelope address?
[23:42:20] <higuita> you can try to increase the smtpd limit and add more HD to the spool queue (so you have less IO per HD)
[23:42:42] <sysmonk> jcrites: for connect time - no, for recipient submission - yes, depending on the configuration
[23:43:18] <sysmonk> yeah, that's also a question - how much emails / s does your postfix accept currently ?
[23:43:20] <higuita> also, dont forget the syslog, it also consume HD and CPU, send it to another HD (or even reduce the log level)
[23:44:09] *** JoeWulf has quit IRC
[23:44:39] <jcrites> we don't have any postfix in production for this part of the system ... it's the part I'm trying to build
[23:44:44] <jcrites> our total rate would be something like ....
[23:44:58] <higuita> you still dont have postfix running?
[23:45:13] <higuita> well, you will be suprised with its speed then :)
[23:45:13] <jcrites> it's not handling our production traffic except for incoming bounces
[23:45:55] <jcrites> hmmm, so the rate will be something like 150 m/s .... should be able to handle that easy
[23:46:15] <jcrites> to be clear, I am not worried about the throughput of the system as a whole.... mostly about its worst case performance, latency of an individual mail send
[23:46:39] <jcrites> and I am not saying its performance is *bad*.... I am just trying to build some really high powered infrastructure :)
[23:47:07] <jcrites> think maybe something like Amazon Web Services but for email
[23:47:37] <jcrites> for financial systems or other notification engines
[23:47:49] <higuita> just to give a example, a friend of mime have a university smtp server that gets about 4000 mails/minute with spam filtering
[23:48:03] <jcrites> yeah?  postfix?
[23:48:11] <jcrites> I don't even know what our incoming rate is .... let me check
[23:48:13] <sysmonk> higuita: that's only ~66 mails /s
[23:49:15] <higuita> yes, but with spamassassin and clamav running on it, its alot, and its not "just small" emails (like my case), its usually a wide range of sizes
[23:49:44] <jcrites> ya right now we are getting less than 100 spams per second :)
[23:49:48] <sysmonk> higuita: on one box?
[23:50:02] <jcrites> hovering around 50-100
[23:50:39] *** Isvara has quit IRC
[23:51:26] <jcrites> any of you guys use DomainKeys/DKIM?
[23:51:41] <higuita> sysmonk: yes
[23:51:51] <sysmonk> higuita: i don't believe it. really.
[23:51:55] <higuita> jcrites: not yes,
[23:52:12] <higuita> i also didnt belive it
[23:52:20] <sysmonk> higuita: i have a bit more than that and it's 3 boxes - 1 frontend and 2 antispam boxes
[23:52:26] <jcrites> what kind of machine?
[23:52:27] <sysmonk> i know the loads
[23:52:44] <sysmonk> i'm not saying postfix couldn't do that, i'm saying that antispam won't do that
[23:52:49] <jcrites> one of the caveats of my setup is that rather than having a couple high-powered boxes, I'll be using commodity hardware :)
[23:53:06] <sysmonk> antispam boxes are runing amavisd + clamav + spamassassin + razor + ocr + some other crap
[23:53:11] <higuita> i'm not sure if the clamav runned over all emails, if spamassassin marked then as spam, but the han had clamav for sure
[23:53:15] <jcrites> don't know how many machines I will need but i can increase in capacity fairly easily
[23:53:44] <sysmonk> and the boxes aren't old crap too
[23:55:25] <higuita> my friend its using a 4*quad core with 16Gb of ram
[23:55:57] <sysmonk> 2x quad cores each box here
[23:56:03] <higuita> my server its just a dual cpu  with 1Gb of ram, but that is enough
[23:56:14] <jcrites> any particular advice for running Postfix on virtualized or commodity hardware?
[23:56:37] <sysmonk> postfix itself doesn't have lots of requirements
[23:56:41] <sysmonk> but stuff like antispam does
[23:57:10] <higuita> yep, after setup, monitor the system to find out what limit are you hitting... if you are hitting any limit
[23:57:30] <sysmonk> for postfix - just make sure you have a good/fast working dns server(s), good io for queues and some ram
[23:57:40] <jcrites> hmmmm
[23:57:44] <sysmonk> ofcorse, if you'll do tls you might need some cpu power
[23:57:45] <jcrites> another team maintains the dns servers
[23:57:46] <higuita> for a internal relay system, postfix should be very fast
[23:57:53] <jcrites> probably shared for the whole datacenter... maybe I should get my own?
[23:58:24] <sysmonk> jcrites: just run a dns server on each mail server which forwards the queries to your main dns servers
[23:58:35] <jcrites> yeah?
[23:58:35] *** jeevan_ullas has quit IRC
[23:58:39] <jcrites> k
[23:58:51] <higuita> email ABUSES alot the DNS, if your DNS arent good, the email will slow down... but you have to check yourself that
[23:59:03] <sysmonk> but if those main servers are overloaded, you could consider runing a normal recursive dns ( not a 'forwarder')
[23:59:57] <higuita> i run a dns just for both the internal and external email... the "main" dns servers for the rest arent used by the email





top