[00:00:11] <khopesh> most of the F/OSS groupware suites have connectors you can *buy* to get outlook calendaring support
[00:00:37] <khopesh> plus all of the commercial "open source" suites (zimbra, scalix)
[00:01:40] *** will has quit IRC
[00:02:48] <khopesh> will left, but.. http://www.toltec.co.za/connector.html
[00:10:13] *** kjkoster5489 has quit IRC
[00:13:14] *** madrescher has quit IRC
[00:20:39] <bpgoldsb> I want to have any message to FOO+WHATEVER at domain dot tld to go to FOO at domain dot tld, where should I be looking to do this?
[00:21:05] <bpgoldsb> '+' is a generic delimiter, I'm happy to use whatever
[00:22:57] *** vexor has quit IRC
[00:25:24] *** pickcoder has quit IRC
[00:34:28] *** suuuper has quit IRC
[00:56:45] *** keffer has joined #postfix
[00:57:30] <_codepoet_> Is there a way of having a custom written script sort of proxy to the virtual transport? Basically all I want is to run a script every time a new mail comes in to my postfix box, then just let the mail go through to virtual transport as normal.
[00:57:54] <_codepoet_> I'm almost at the point where I have to write my own transport application
[00:58:20] <_codepoet_> But even then I don't know how to get the mail from whatever I write back in to postfix to process normally via the virtual transporr
[00:58:23] <_codepoet_> tranport
[00:58:26] <_codepoet_> bah whatever.
[00:58:28] <adaptr> so pipe the mail to your application, and have that forward it back to a transport
[00:58:38] <adaptr> that IS actually the usual way
[00:59:00] <adaptr> (hint: a transport doesn't have to be SMTP)
[00:59:09] <_codepoet_> Yeah, it made the most sense to me do it like that but I don't know if I am doing something wrong on the transport end
[00:59:40] <_codepoet_> I wrote a foo.rb script, chmoded it, stuck it in /usr/sbin/foo.rb    then added the piped transport for it
[00:59:53] <_codepoet_> I then changed virtual_transport to be foo (which is the name I picked for the transport in master.cf)
[01:00:07] <_codepoet_> from the logs it says 'relay=foo' so I know its going to the script
[01:00:14] <adaptr> postfix running chrooted, as usual ?
[01:00:19] <_codepoet_> but inside the script all I'm doing is `touch somefile`
[01:00:26] <_codepoet_> and it appears to never actually execute it
[01:01:17] <_codepoet_> I'm not really sure if its running chrooted
[01:01:24] *** Fallenou has quit IRC
[01:01:25] <_codepoet_> I didn't do the install and I don't know how to figure out if it is :)
[01:01:57] <_codepoet_> I guess I can try opening up the permissions on that file to see if it actually runs it
[01:02:14] <_codepoet_> I would have thought that it would log to /var/log/maillog or /var/log/messages if there were user/permission issues
[01:03:31] <adaptr> master.cf defines whether it runs chrooted or not
[01:03:33] <_codepoet_> relay=junk, delay=0.69, delays=0.67/0.01/0/0.01, dsn=2.0.0, status=sent (delivered via junk service)
[01:03:48] <_codepoet_> Says it delivered via the service but once again it doesnt look like it ran the script
[01:03:55] <_codepoet_> (foo is actually junk)
[01:03:56] *** F6F has quit IRC
[01:04:26] <adaptr> where are the queues ?
[01:04:34] <adaptr> and the transports ?
[01:07:47] <_codepoet_> What do you mean where?
[01:07:51] <_codepoet_> Like the actual log lines?
[01:07:57] <_codepoet_> I don't see anything logged pertaining to 'transport'
[01:08:29] <adaptr> no, *where*
[01:08:50] <adaptr>  /var/spool/postfix/active ? /var/spool/postfix/private ?
[01:15:44] *** duli has quit IRC
[01:16:11] *** UberDuper has left #postfix
[01:17:26] *** Juspion has quit IRC
[01:17:28] <_codepoet_> Under var/spool/postfix/private I have a file named junk=
[01:17:49] <adaptr> that is the transport
[01:17:53] <adaptr> and it runs chrooted
[01:18:07] <adaptr> ergo it will NEVER execute /usr/sbin/WHATEVER
[01:18:45] <_codepoet_> it's chrooted to the /var/spool/postfix/private dir?
[01:19:29] <_codepoet_> I guess I am a little confused because when I was playing with maildrop to suit my needs, it installed /usr/bin/maildrop
[01:19:34] <_codepoet_> And it had no problem running that guy :)
[01:20:51] <adaptr> no, it's chrooted to /var/spool/postfix
[01:21:10] <adaptr> so put the script in /var/spool/postfix/usr/sbin
[01:21:10] <_codepoet_> Odd. I wonder how maildrop worked then
[01:21:17] <adaptr> A. it's not a script
[01:21:35] <adaptr> B. the transport connects to it directly
[01:21:48] <_codepoet_> I literally copied/pasted the maildrop line and replaced the command with my new script
[01:21:54] <_codepoet_> maildrop is piped though
[01:22:04] <adaptr> is it setuid ?
[01:22:07] <_codepoet_> piped means 'pass this mail via stdout to some app on the box' right?
[01:22:20] <adaptr> depends on context
[01:22:23] <_codepoet_> i didnt configure maildrop to setuid when i configured it
[01:22:29] <adaptr> IS IT
[01:23:05] <adaptr> it shouldn't have to be, but that's the only difference I can think of that could possibly be of relevance
[01:23:12] <_codepoet_> Maildir: pipe   flags=ODRu user=virtualmailuser argv=/usr/bin/maildrop -d ${recipient}     mine: pipe flags=ODRu user=virtualmailuser argv=/usr/sbin/junk.rb
[01:23:20] <_codepoet_> Yeah
[01:23:38] <_codepoet_> No clue . I'll try sticking this in the chroot dir
[01:24:18] <adaptr> if the pipe runs chrooted, then /usr/bin/maildrop IS inside the chroot
[01:24:26] <adaptr> or it cannot find it
[01:24:28] *** punkpussy has joined #postfix
[01:27:35] *** slackjr has quit IRC
[01:31:51] <_codepoet_> Moving it to that dir had no effect :(
[01:31:58] * _codepoet_ cries
[01:34:04] <_codepoet_> Oh wait. Hrm.
[01:34:46] <sahil> why are you chroot'ing postfix again?
[01:34:54] <sahil> don't trust venema's security creds? :P
[01:35:06] <_codepoet_> I don't think I am chrooting postfix
[01:35:13] <_codepoet_> But I don't know for sure
[01:36:04] <adaptr> sahil: postfix runs its processes chrooted by default
[01:36:40] <_codepoet_> Ah ha.
[01:36:53] <_codepoet_> Well I put my test.rb script back in /usr/sbin
[01:37:06] <_codepoet_> I wanted to eliminate any variables so I made it use bash instead of ruby in the shebang line
[01:37:08] <sahil> ding ding ding.
[01:37:15] <_codepoet_> and I made it touch /tmp/bar .. and it worked
[01:37:28] <sahil> touch /me/there.
[01:37:29] <_codepoet_> so I guess its not chrooting it
[01:37:34] <_codepoet_> sahil: hehe
[01:37:37] <sahil> :P
[01:38:26] <_codepoet_> So the next step, is how do I get my junk.sh transport just send the mail back to postfix )
[01:38:36] <_codepoet_> All of my users are virtual so ldeliver is not possible
[01:41:45] <xpoint> take care of faked envelope senders
[01:42:13] <_codepoet_> Yeah
[01:48:22] <_codepoet_> Well hopefully if I just just forward it on to postfix as-is, like I want, it can handle all of that
[01:48:59] <_codepoet_> I am not actually modifying the e-mail. I just want to parse the mail and update a database depending on whats in the mail
[01:49:28] <xpoint> do not use From: header
[02:06:42] *** idle-boy has quit IRC
[02:06:58] *** idle-boy has joined #postfix
[02:07:42] *** war9407 has quit IRC
[02:16:14] <_codepoet_> Any thoughts on how to get mail from my custom transport script back in to virtual  transport?
[02:17:36] *** penrod has joined #postfix
[02:25:51] *** pirho has quit IRC
[02:30:37] *** cgibin has joined #postfix
[02:31:07] <cgibin> evening, i getting some error in log http://pastebin.ca/1076105
[02:31:30] <cgibin> its rejecting due to rdns checkin on my rdns it works fine like the pastebin you see
[02:32:22] <_codepoet_> is it possible to use two transports?
[02:32:30] <_codepoet_> like foo at bar dot com transport1:transport2
[02:33:04] <adaptr> _codepoet_: to duplicate it  ? no :(
[02:33:17] <adaptr> cgibin: ?????somethingiput.com <-- and that is what ?
[02:33:21] <_codepoet_> more of a 'do this one first, then do this one'
[02:33:43] <adaptr> _codepoet_: transport -> postfix loses mail, so.. still no
[02:33:45] <shasta> cgibin, obfuscating log messages reduces chances to get proper support in this channel
[02:34:11] <_codepoet_> So there is no way of accomplishing what I am trying to do ?
[02:34:20] <_codepoet_> Get my custom transport to send to another transport
[02:34:46] <_codepoet_> All I want is to 'run script X before hand off to virtual transport'
[02:35:02] <cgibin> what can i do to trouble shot? dig on the host was correct
[02:35:06] <adaptr> so write it as a content filter ?
[02:35:32] <shasta> cgibin, first of all, pastebin the exact log message, don't strip the froms and tos
[02:35:34] <adaptr> cgibin: you have not established the first thing that allows me to verify your claims
[02:36:24] <cgibin> i see, not even info for you to see what is happin
[02:37:00] <shasta> let's face the truth - you removed the most valuable information from that pastebin
[02:39:01] <cgibin> thank you
[02:39:28] <shasta> huh
[02:39:35] <adaptr> hey, why complain ?
[02:39:45] <cgibin> ? i m sorry
[02:39:50] <adaptr> he's civil
[02:39:56] <adaptr> moronic, true - but civil
[02:40:14] <cgibin> i havent said anything for you to input this info i m not complaining like this girl next to me
[02:41:03] <adaptr> you have neither said nor pasted any single item that either allows or compels me to help you in any way
[02:41:21] <adaptr> I can't make it any clearer than that, really
[02:41:32] <cgibin> i understand thats why i said thank you
[02:41:51] <cgibin> the way it came out like thank you whatever i know, i mean think you for taking a look at list
[02:42:39] * shasta hands this case over to adaptr, who's much better at solving social issues
[02:42:43] <shasta> ;)
[02:43:41] <adaptr> cgibin: that pastebin is NOT reported by postfix - postfix does not log multilie responses in its logs, as it plays merry hell with syslogging
[02:43:50] <adaptr> multilie responses ftw!
[02:43:59] * adaptr thinks he will multilie some more tomorrow
[02:44:49] <shasta> resistance is multilie, you will be ass-laminated
[02:46:23] <adaptr> if you can multilie, you can brown multinose, and be multi-earning in no time!
[02:48:10] <cgibin> fbsd doesnt have syslog, has mes and bind daemon take cares of it, i m still looking let me see what i can dig up on dig
[02:48:33] <adaptr> if your OS does not have syslog, then it cannot run postfix
[02:49:12] <cgibin> i m not quite sure if you have used unix os
[02:49:31] <adaptr> I'm quite sure I am using one now
[02:49:49] <cgibin> hows that workin out for ya
[02:50:07] <_codepoet_> ahg
[02:50:08] <_codepoet_> bah
[02:50:20] <adaptr> ignored, dickwad
[02:51:10] <_codepoet_> thanks for the help all
[02:51:16] <_codepoet_> have a good weekend
[02:51:18] *** _codepoet_ has quit IRC
[02:52:02] *** cgibin has left #postfix
[02:56:50] *** pitakill has joined #postfix
[03:11:13] <hparker> wow, interesting backscroll :P
[03:12:57] <adaptr> heh
[03:13:03] <adaptr> that's one word for it
[03:21:09] <rob0> Did I miss some fun?
[03:21:23] <adaptr> there's another ;)
[03:23:29] *** kyky has joined #postfix
[03:24:35] <hparker> heh
[03:26:22] <kyky> hi all Mailscanner howto allow exe file ?
[03:26:37] <adaptr> hint: this is #postfix
[03:28:39] <kyky> oh sorry
[03:56:31] *** kyky has quit IRC
[03:59:28] *** AllenJB_ has joined #postfix
[03:59:32] *** AllenJB has quit IRC
[04:15:23] *** xpoint has quit IRC
[04:23:55] *** cilly has joined #postfix
[04:26:02] *** martiancode is now known as martianixor
[04:51:29] *** pitakill has quit IRC
[05:15:42] *** Zeit|awy_ has quit IRC
[05:17:46] *** pickcoder has joined #postfix
[05:25:49] *** punkpussy has quit IRC
[05:41:50] *** aszlig_ has joined #postfix
[05:42:39] *** pickcoder has quit IRC
[05:56:14] *** aszlig has quit IRC
[05:57:55] *** pickcoder has joined #postfix
[06:08:44] *** UQlev has joined #postfix
[06:24:56] *** tshine has quit IRC
[06:32:12] *** martianixor has quit IRC
[06:44:52] *** cilly has quit IRC
[06:48:40] *** Motoko-chan has joined #postfix
[07:05:21] *** F6F has joined #postfix
[07:09:55] *** aszlig_ is now known as aszlig
[07:19:57] *** UQlev has quit IRC
[07:20:56] *** pickcoder has quit IRC
[07:26:36] *** aszlig has quit IRC
[07:51:40] * F6F is away: Bin grad weg ....i
[08:05:15] *** EasilyOdd has joined #postfix
[08:09:22] *** Trengo has quit IRC
[08:22:17] *** Lap_64 has joined #postfix
[08:44:52] *** kRocKodile has joined #postfix
[08:47:26] <kRocKodile> can i have maildir storage with virtual domain and non system users?
[08:49:11] *** madrescher has joined #postfix
[08:59:13] *** Adam[weg]Weishau has joined #postfix
[09:00:43] *** zeitsofas has quit IRC
[09:15:52] <sysmonk> kRocKodile: sure
[09:16:11] <sysmonk> kRocKodile: i.e. cyrus or dovecot
[09:16:18] *** master_o1_master has joined #postfix
[09:17:56] <kRocKodile> sysmonk: for this setup i need something more than " at mydomain dot com vmailuser" in the /etc/postfix/virtual file?
[09:20:59] <sysmonk> kRocKodile: depends on the way you'll choose to do that
[09:21:08] <sysmonk> there's plenty of ways, really
[09:21:44] <sysmonk> also, as your imap/pop3 daemon will have to access those files somehow, you should do that in the way your daemon supports it
[09:22:11] <sysmonk> one howto is on workaround.org website, i think it meets your criterias
[09:22:25] <sysmonk> (i never done it so i'm not 100% sure)
[09:23:36] <kRocKodile> i'm trying the the most simple way
[09:24:29] <kRocKodile> but i can't find any working combination of postfix + dovecot config settings
[09:24:43] <sysmonk> check workaround.org
[09:24:53] <kRocKodile> i read it now:>
[09:28:22] *** master_of_master has quit IRC
[09:28:59] <kRocKodile> workaround.org howto is with mailboxes...
[09:29:42] <kRocKodile> why the most postfix howtos is written for mailboxes instead of maildir?
[09:29:53] <sysmonk> not really
[09:30:02] * sysmonk just looked at that howto
[09:30:03] <sysmonk> it has maildir
[09:30:18] <sysmonk> "which will tell that the users' mailboxes are always found at /home/vmail/DOMAIN/USER and that it should be in maildir format."
[09:30:58] <kRocKodile> ok now i'm more comfused....
[09:31:58] <kRocKodile> so the mailbox postfix options referenced for maildir also?
[09:34:25] <kRocKodile> for example this 'virtual_mailbox_base' means also maildir_base?
[09:36:49] <sysmonk> yes/no
[09:36:57] <sysmonk> there is no such thing as maildir_base
[09:37:23] <sysmonk> and mailbox != mbox
[09:37:32] <kRocKodile> yes... i mean this option reference a location of maildirs and not mailbox?
[09:37:40] *** Fallenou has joined #postfix
[09:38:11] <kRocKodile> (my english sucks i know...)
[09:39:14] <sysmonk> kRocKodile: there's 2 things about mailboxes
[09:39:23] <sysmonk> 1. mailbox is teh format which you're talking about
[09:39:38] <sysmonk> 2. mailbox is a mailbox. that is, where you get mail, and it doesn't matter which format it is, it's still a mailbox
[09:39:48] *** VaNNi_ has joined #postfix
[09:39:51] *** master_o1_master has quit IRC
[09:39:51] *** Adam[weg]Weishau has quit IRC
[09:39:51] *** AllenJB_ has quit IRC
[09:39:51] *** internat has quit IRC
[09:39:51] *** cruxeternus has quit IRC
[09:39:51] *** chrisq has quit IRC
[09:39:51] *** taec has quit IRC
[09:39:51] *** memetic has quit IRC
[09:39:52] *** supa_user has quit IRC
[09:39:52] *** _bt has quit IRC
[09:39:52] *** VaNNi has quit IRC
[09:39:52] *** unixtippse has quit IRC
[09:39:52] <sysmonk> like a pen is a pen, even if it's a black pen or red pen - it's still a pen
[09:39:54] *** seekwill has quit IRC
[09:40:09] *** master_o1_master has joined #postfix
[09:40:09] *** Adam[weg]Weishau has joined #postfix
[09:40:09] *** AllenJB_ has joined #postfix
[09:40:09] *** internat has joined #postfix
[09:40:09] *** cruxeternus has joined #postfix
[09:40:09] *** supa_user has joined #postfix
[09:40:09] *** memetic has joined #postfix
[09:40:09] *** unixtippse has joined #postfix
[09:40:09] *** _bt has joined #postfix
[09:40:09] *** taec has joined #postfix
[09:40:09] *** chrisq has joined #postfix
[09:40:56] <sysmonk> postfix knows the format of a mailbox it should use by the name of it - if it ends in / then it's a maildir, if not - then it's a mailbox(mbox)
[09:41:49] <sysmonk> quote from postconf(5): The virtual(8) delivery agent uses this table to look up the per-recipient mailbox or maildir pathname. If the lookup result ends in a slash ("/"), maildir-style delivery is carried out, otherwise the path is assumed to specify a UNIX-style mailbox file.
[09:42:22] <kRocKodile> yes i read that but all the last before that i did know
[09:43:10] <kRocKodile> now i can read (again) the howtos with more hope:) thanks man!!!
[09:53:09] *** j_s has joined #postfix
[09:58:57] *** war9407 has joined #postfix
[10:00:40] *** Lap_64 has quit IRC
[10:07:14] *** idle-boy has quit IRC
[10:07:19] *** idle-boy has joined #postfix
[10:14:46] *** Motoko-chan has quit IRC
[10:26:35] *** roe___ has joined #postfix
[10:41:16] *** war9407 has quit IRC
[10:43:03] *** war9407 has joined #postfix
[10:48:28] *** roe___ has quit IRC
[11:00:14] *** Zeit|awy has joined #postfix
[11:02:19] *** havvg has joined #postfix
[11:12:00] *** sophokles has joined #postfix
[11:24:41] *** master_o1_master is now known as master_of_master
[11:26:30] *** idle-boy` has joined #postfix
[11:35:09] *** Zblakany has joined #postfix
[11:52:23] *** pirho has joined #postfix
[11:54:43] *** pirho has joined #postfix
[11:58:30] *** Filbert has quit IRC
[12:02:41] *** Filbert has joined #postfix
[12:02:49] *** cilly has joined #postfix
[12:22:11] *** Zblakany has quit IRC
[12:25:11] *** dusty__ has joined #postfix
[12:38:25] *** dusty_ has quit IRC
[12:38:31] *** pinchartl has quit IRC
[12:38:42] *** pinchart1 has joined #postfix
[12:39:29] *** xpoint has joined #postfix
[13:05:16] *** idle-boy` has quit IRC
[13:08:31] *** denis has joined #postfix
[13:30:33] *** Zblakany has joined #postfix
[13:30:48] *** VaNNi_ has quit IRC
[13:31:11] *** VaNNi has joined #postfix
[13:43:36] *** rokra_ has joined #postfix
[13:45:18] *** Zikey has joined #postfix
[13:45:41] <Zikey> Hi, anyone knows how to specify a logging directory for postfix instead of using syslog ?
[13:48:58] <hparker> It logs to the system logger
[13:49:25] <Zikey> k that's explain why i didn't find how to change it
[13:52:40] <sysmonk> but you can change the syslog facility and so on
[13:53:20] <Zikey> yup now i need to find out how to have syslog rotation :)
[13:53:21] <hparker> syslog-ng is more flexible in it's configuration, i've moved almost everything to it
[13:53:30] <Zikey> will check it out
[14:00:24] *** _nalle has quit IRC
[14:00:36] *** __science has quit IRC
[14:04:35] *** pirho has quit IRC
[14:08:53] *** Fallenou has quit IRC
[14:09:27] <sysmonk> hparker: i'm storing everythin locally with generic syslog, and additionally send everything to a dedicated logging server runing syslog-ng
[14:10:50] <hparker> yeah, -ng is pretty nice if you want to filter things
[14:11:40] <sysmonk> yup
[14:11:53] <sysmonk> i store everything per domains/date/facility basis
[14:12:11] <sysmonk> i.e. /logs/server1/2008/200807/200807-auth
[14:12:30] <sysmonk> quite good for a long-term log storage
[14:12:49] <sysmonk> and log forensis
[14:13:01] <sysmonk> nice to have unmungled log after some kind of attack
[14:13:19] <hparker> yeah
[14:14:40] <sysmonk> also log analyzing with sec is nice, but we don't have time to write all the needed regexps, and with current ones we have a 'bit' too much false-positives :)
[14:16:31] *** Zikey has left #postfix
[14:17:08] <hparker> heh
[14:20:01] <hparker> I played with splunk for awhile... Too slow for me
[14:20:13] <hparker> And I'm a little server :P
[14:22:11] *** Fallenou has joined #postfix
[14:33:28] *** _nalle has joined #postfix
[14:48:21] *** denis has quit IRC
[14:55:41] *** F6F has quit IRC
[14:57:27] *** watts_ has joined #postfix
[14:59:08] *** F6F has joined #postfix
[15:12:29] *** tundra__ has quit IRC
[15:13:35] *** tombar has joined #postfix
[15:15:39] *** AllenJB_ is now known as AllenJB
[15:25:45] *** dusty__ has quit IRC
[15:26:40] *** dusty__ has joined #postfix
[15:26:44] *** Adam[weg]Weishau has quit IRC
[15:30:27] *** havvg has joined #postfix
[15:31:17] *** martiancode has joined #postfix
[15:33:36] *** pa has joined #postfix
[15:35:17] *** Zblakany has quit IRC
[15:43:16] *** devdas has joined #postfix
[15:50:57] *** watts__ has joined #postfix
[15:51:17] *** Juspion has joined #postfix
[15:57:00] *** rgoldber_ has joined #postfix
[16:02:01] *** pirho has joined #postfix
[16:07:02] *** watts_ has quit IRC
[16:10:40] *** tombar has quit IRC
[16:19:17] *** martiancode is now known as martianixor
[16:22:12] *** rgoldber_ has quit IRC
[16:23:05] *** watts__ has quit IRC
[16:28:05] *** Juspion has quit IRC
[16:30:02] *** _zsh has joined #postfix
[16:30:03] *** UQlev has joined #postfix
[16:34:06] *** sophokles has quit IRC
[16:38:27] *** cilly has quit IRC
[16:38:41] *** UQlev has quit IRC
[16:47:09] *** cilly has joined #postfix
[16:49:59] *** Zblakany has joined #postfix
[16:53:00] *** hever has joined #postfix
[16:54:27] *** pulsar is now known as ati
[16:55:16] *** Zblakany has quit IRC
[16:57:51] *** ati is now known as pulsar
[17:02:56] *** suuuper has joined #postfix
[17:15:24] *** roe___ has joined #postfix
[17:22:05] *** Azrael has joined #postfix
[17:25:10] *** Azrael has quit IRC
[17:31:44] *** Azrael has joined #postfix
[17:34:10] *** tomocha6 has quit IRC
[17:36:20] *** F6F has quit IRC
[17:37:46] *** clownish has joined #postfix
[17:38:28] <clownish> hey. mynetworks_style = host does the same as mynetworks = 127.0.0.0/8?
[17:38:53] <devdas> no
[17:40:16] <clownish> no? whats different?
[17:40:36] <devdas> It's a bunch of /32s, each assigned to the host
[17:43:02] *** tomocha6 has joined #postfix
[17:43:22] *** cilly has quit IRC
[17:45:17] *** F6F has joined #postfix
[18:04:44] *** roe___ has quit IRC
[18:04:58] *** clownish has quit IRC
[18:07:49] *** idle-boy has quit IRC
[18:08:02] *** idle-boy has joined #postfix
[18:09:08] *** kRocKodile has quit IRC
[18:10:01] *** Zblakany has joined #postfix
[18:11:43] *** mark-use has joined #postfix
[18:13:19] *** roe___ has joined #postfix
[18:15:42] *** higuita has quit IRC
[18:18:37] *** makerc has joined #postfix
[18:20:16] *** roe___ has quit IRC
[18:24:23] *** Virus_FFF has joined #postfix
[18:27:12] *** F6F has quit IRC
[18:51:04] *** Tinozaure is now known as _Tino
[18:51:13] *** _Tino is now known as Tinozaure
[18:53:45] *** Draecos has joined #postfix
[18:59:55] *** Draecos has quit IRC
[19:01:53] *** devdas has quit IRC
[19:06:17] *** roe___ has joined #postfix
[19:25:38] *** Motoko-chan has joined #postfix
[19:35:26] *** UQlev has joined #postfix
[19:40:08] *** devdas has joined #postfix
[19:45:23] *** Zblakany has quit IRC
[19:51:26] *** UQlev has quit IRC
[19:54:53] *** pitakill has joined #postfix
[20:10:39] *** mark-use has quit IRC
[20:10:48] *** Motoko-chan has quit IRC
[20:10:50] *** Tachy has joined #postfix
[20:40:33] *** Virus_FFF is now known as F6F
[20:43:41] *** jetole has quit IRC
[20:54:52] *** _zsh has quit IRC
[21:11:02] *** bernie has joined #postfix
[21:19:52] <bernie> hello, postfix can create the directory of the virtual domain or I need to make it ?
[21:20:25] <devdas> you need to make the parent
[21:20:34] <bernie> ok thx
[21:21:41] *** tld_ has joined #Postfix
[21:22:10] <tld_> Which capabilities do I need for proper interdomain authentication of STARTTLS sessions?  Will a normal RapidSSL certificate do fine?
[21:22:17] <sysmonk> devdas: we had a talk about it some time before
[21:22:30] <sysmonk> devdas: i didn't test it, but actually postfix creates it if it _has_ permisions to do so
[21:22:42] <mwalling> tld_: you are mixing concepts
[21:23:17] <tld_> I'm curious both about SSL certificate purpouses, such as "SSL client", "SSL server" etc, and if anyone have any comment on which CA roots are typically acceptable for inter-domain email.
[21:23:19] <devdas> sysmonk: well, but that's true for any process
[21:23:33] <tld_> mwalling, How do you mean?  I suspect I might just be explaining myself badly.
[21:23:42] <tld_> mwalling, Or I could be misunderstanding something. :/
[21:24:02] <mwalling> or i'm an idoit... you mean authenticating based on the client ssl cert?
[21:24:21] <sysmonk> devdas: yup, but postfix has some internal voodoo too (i.e. it doesn't mail to root / with root privileges)
[21:24:36] <devdas> yes
[21:24:55] <tld_> mwalling, Yeah, but not authenticating the users themselves, but for relaying email between domains.
[21:25:11] <tld_> mwalling, If my email server wants to sent an email to your email server, and both support STARTTLS
[21:25:41] <sysmonk> tld_: there's 2 things about that. 1. the server ( remote ) has starttls and accepts the email over tls
[21:26:03] <sysmonk> and 2. you can use a tls certificate to authenticate against a remote server ( the server has to have your fingerprint)
[21:26:03] <devdas> tld_: doesn't matter
[21:26:11] <devdas> most people use self signed certificates
[21:26:24] <sysmonk> yup, or cacert :P
[21:26:28] * sysmonk waves to cacert users
[21:26:54] <tld_> Actually, I'm using cacert now, but just considering changing.
[21:27:14] <tld_> I know it sort of doesn't actually matter, since pretty much everyone will take pretty much any certificate
[21:27:14] <sysmonk> tld_: i don't think it would matter
[21:27:24] <sysmonk> i.e. postfix doesn't have any "acceptable CA's" by default
[21:27:25] *** tshine has joined #postfix
[21:27:37] <tld_> sysmonk, Actually, I thought postfix used OpenSSLs default CA list?
[21:27:44] <devdas> not really
[21:27:44] <sysmonk> each app which uses openssl has to have it's own trusted CA list
[21:27:52] <sysmonk> tld_: openssl doesn't have one
[21:28:21] <devdas> It does
[21:28:25] <sysmonk> tld_: do you believe that verisign should be accepted by all ?
[21:28:47] <sysmonk> devdas: it doesn't :P
[21:28:55] <sysmonk> devdas: openss s_client -connect www.verisign.com:443
[21:28:59] <sysmonk>     Verify return code: 19 (self signed certificate in certificate chain)
[21:29:09] <sysmonk> hooray, verisign uses a self-signed ca!!!
[21:29:09] <sysmonk> ;P
[21:29:14] *** rokra_ has quit IRC
[21:29:17] <sysmonk> s/openss/openssl/ :P
[21:30:17] <tld_> Ok, then the default CA list installed by OS vendors.
[21:30:36] <sysmonk> tld_: which, again, each app has to have defined
[21:30:56] <sysmonk> that is, you have to give each app path to the cabundle file or whatever it is called
[21:31:28] <sysmonk> unless, again, OS vendor might have precompiled apps with that ca-bundle path as a default one
[21:31:38] <tld_> Hmm, thought openssl would default to picking up OS installed ones, based on openssl.cnf
[21:32:52] <tld_> actually, when I think about it, given the number of people using cacert, it's probably more likely to be accepted than even VeriSign
[21:33:02] <tld_> If there's no default CA list for most UNIXy mailservers
[21:34:08] <sysmonk> tld_: i heard cacert is included in the ca-bundle on some of linux distros ( or even bsd's)
[21:34:31] <sysmonk> can't give the source of information as i'm lazy to search for it, but if you need it you'll find it :P
[21:34:34] <tld_> No real reason not to include them
[21:36:14] <tld_> Sort of sad it's not included by Microsoft actually.
[21:36:28] <tld_> Must be some kind of "It's free, so it can't be as secure"-things
[21:36:33] <sysmonk> i don't care bout microsoft
[21:36:44] <sysmonk> i'd be very happy if mozilla would include it
[21:37:15] <tld_> actually, mozilla is on thee way I'm told
[21:37:27] <sysmonk> yeah... for a few years already...
[21:37:28] <sysmonk> ;))
[21:37:34] <tld_> true
[21:37:41] <tld_> looks to be moving a bit though
[21:37:46] <tld_> so maybe 2010 or so
[21:38:05] <sysmonk> you've mistyped
[21:38:06] <sysmonk> 2100
[21:38:15] <tld_> haha
[21:38:19] <tld_> let's hope not
[21:38:36] 
[21:39:02] 
[21:40:31] * sysmonk uses cacert for internal stuff and i'm happy bout it
[21:40:55] <sysmonk> not much public servers requiring a ssl cert
[21:46:05] *** keffer has quit IRC
[22:00:43] *** rgoldber_ has joined #postfix
[22:11:01] *** Zblakany has joined #postfix
[22:14:03] *** keffer has joined #postfix
[22:16:14] *** maw_ has quit IRC
[22:19:58] *** rgoldber_ has left #postfix
[22:22:07] *** UQlev has joined #postfix
[22:23:51] *** pitakill has quit IRC
[22:30:09] *** dembug has joined #postfix
[22:32:00] <dembug> hello there, I've setup several mailservers before on my debian and bsd machines, I'm using sasl postfix tls and pop3 to success so far but am having some problems with permissions
[22:32:29] <dembug> I'm getting the warning SASL authentication failure: cannot connect to saslauthd server: permission denied (thats from postfix/smtpd
[22:33:15] <dembug> which causes a SASL LOGIN authentication failed: generic failure - presumably :-)
[22:33:30] <dembug> which follows in tail /var/log/mail.log .
[22:35:38] <dembug> I thought this might be something to do with the chroot debian uses, so i tried adding a symlink to /var/spool/postfix/var/run/saslauthd from /var/run/saslauthd with a symbolic link but then i get the error 'too many levels of symboli links' - sounds like chroot problem :( I just don't know how to fix it. Any help is really uberly appreciated ;0
[22:37:06] *** souldier has quit IRC
[22:39:37] <devdas> turn off the chroot in master.cf
[22:40:07] <dembug> heh is chroot notified by a '-' I tried reading man 5 postfix but i didnt see anything about the key
[22:40:28] <dembug> i tried adding 'n' for all smtpd stuff, nothing so far
[22:42:45] <dembug> I already have, smtp      inet  n       -       n       -       -       smtpd , is that enough? :O
[22:43:05] * dembug goes to search for the debian chroot in docu
[22:44:33] <dembug> ahh right
[22:44:37] <dembug> i need more n's ;)
[22:44:49] <dembug> brb thanks duder, i kinda knew this was what i had to do but feel a bit more confident doing it, ahem brb :)
[22:48:59] <dembug> well i have pickup n, cleanup n, qmgr n rewrite n bounce n defer n trace n now
[22:49:06] <dembug> but i'm still getting the same error after postfix reload
[22:49:17] <dembug> oh and of course smtp n , i have that too :)
[22:52:02] <dembug> http://pastebin.com/m18c142c4
[22:52:17] <dembug> here is my master.cf i've turned of chroot
[22:52:47] <dembug> *off
[22:54:43] *** Juspion has joined #postfix
[22:57:56] <dembug> hmm maybe an adduser postfix sasl
[22:57:59] <dembug> we will see
[23:02:04] *** Draecos has joined #postfix
[23:04:08] <dembug> ok permission problem fixed :) needed the additional chgrp :)
[23:04:17] *** Draecos has quit IRC
[23:06:34] <dembug> thanks devdas
[23:12:59] *** roe___ has quit IRC
[23:18:29] <dembug> ahhhh
[23:18:34] <dembug> PARAMS/OPTIONS ;o
[23:18:35] <dembug> lol
[23:18:44] <dembug> init.d was different :( debian bugs :P
[23:19:21] *** Juspion has quit IRC
[23:20:44] <dembug> wtf
[23:20:56] <dembug> DEFAULTS is totally missing from this version of /etc/init.d/saslauthd wtf
[23:20:58] <dembug> :(
[23:23:54] *** GrEEnFiRe has joined #postfix
[23:24:22] *** roe___ has joined #postfix
[23:28:22] *** roe___ has quit IRC
[23:32:01] *** Draecos has joined #postfix
[23:33:55] <dembug> heh
[23:33:59] <dembug> i'm now getting saslauthd[21768] :cache_lookup    : [login=azio at welp dot co.uk] [service=welp.co.uk] [realm=smtp]: not found, update pending
[23:34:05] <dembug> 'realm not found :P
[23:34:06] <dembug> heheh
[23:36:32] <dembug> I am manually debugging sasl now :P
[23:40:11] *** Juspion has joined #postfix
[23:44:48] *** suuuper has quit IRC
[23:48:25] *** suuuper has joined #postfix
[23:49:21] *** pirho has quit IRC
[23:54:47] *** Juspion has quit IRC
[23:59:42] <thumbs> dembug: you do realise that you've been talking to yourself for an hour, do you?
[23:59:57] <devdas> has (s)he?





top