postfix IRC logs [July 22

[00:01:39] <rob0> You'd have to look into SA documentation to see how they handle the string "viagra". I bet they don't automatically flag it as spam, but it might be given a spammy score. In non-spam, negative scores should offset that.
[00:03:00] <torn> So I suppose you are a spamassassin's spamd user.
[00:03:26] <torn> that seems to me to be the best way to scan emails the way you like
[00:03:39] * rob0 rereads to see where that was said
[00:03:48] <rob0> !cheatsheet
[00:03:49] <knoba> rob0: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[00:03:52] <rob0> !zen
[00:03:53] <knoba> rob0: "zen" : http://www.spamhaus.org/zen/ : A composite of all Spamhaus DNSBLs: SBL, XBL and PBL
[00:03:56] <torn> I said 'I suppose'!
[00:04:05] <rob0> ^^ safer and more accurate than content filtering.
[00:04:06] <torn> I'm just investigating the various possibilities
[00:04:39] <torn> I'm going to read them, thank you
[00:04:57] <rob0> At a heavily spammed site I would want amavisd-new and SA with URIBL behind all the front line defenses.
[00:05:12] *** felix-da-catz has quit IRC
[00:05:42] <torn> why amavisd-new and not just SA? just asking.
[00:06:21] <Motoko-chan> amavisd-new is a nice framework to integrate things.
[00:06:26] <rob0> yes
[00:06:51] <rob0> a single running perl daemon, a superior way to control SA, IMO
[00:07:31] <torn> even with spamd you have a single daemon...
[00:07:31] <Motoko-chan> If you toss in AV and p0f support though...
[00:14:49] *** Daviey has quit IRC
[00:15:42] <roe_> p0f?
[00:15:54] <Motoko-chan> It's a passive OS fingerprinter.
[00:16:11] *** brancaleone has quit IRC
[00:16:18] <Motoko-chan> http://lcamtuf.coredump.cx/p0f.shtml
[00:16:43] <Motoko-chan> You could, for example, then reject mail from any Windows 9x system
[00:16:57] <Motoko-chan> (Which shouldn't be sending mail directly unauthenticated).
[00:17:17] <rob0> Does that work if they're behind a NAT router?
[00:17:24] *** Juspion has joined #postfix
[00:17:48] <Motoko-chan> It's quite good at detection.
[00:18:10] <Motoko-chan> http://lcamtuf.coredump.cx/p0f-help/
[00:18:18] <Motoko-chan> That'll show you the fingerprint
[00:18:20] <roe_> Motoko-chan, not sure I agree with you, I can think of legacy networks that may use an older version of exchange on win9x sending mail to your mailserver
[00:18:40] <Motoko-chan> Did Exchange even work on 9x?
[00:18:47] <Motoko-chan> I seem to recall it needing NT.
[00:18:48] <roe_> sure did
[00:18:53] <jduggan> also you're adding latency to the transaction while its doing the scan
[00:18:59] <Motoko-chan> jduggan, passive.
[00:19:11] <rob0> and if they are, it's probably pwn3d many times over.
[00:19:42] <Motoko-chan> If someone is still using Exchange on 9x, they need to upgrade.
[00:19:47] <Motoko-chan> Or you whitelist them
[00:19:59] <rob0> hard to imagine any serious site using 9x for anything, it was a toy
[00:20:59] <Motoko-chan> Yeah. I can't recall seeing it in serious shops even when it was popular.
[00:21:07] <Motoko-chan> It was all NT 3.1 and 3.51
[00:21:14] <Motoko-chan> And maybe even NT4!
[00:21:58] <rob0> as workstations maybe, in fact I helped purge 98 from workplaces, but there were no servers.
[00:22:49] *** troythetechguy has joined #postfix
[00:22:51] <Motoko-chan> I'm talking workstations.
[00:23:18] <Motoko-chan> But I wasn't exactly going around everywhere, so I don't have the breadth of experience from back then.
[00:23:48] <Motoko-chan> I do know one 95 box. It was for playing with the betas from MSDN.
[00:24:07] <rob0> oh haha, yeah, the consultant I worked for (running his Linux servers) used to support w98 workstations at several sites. I fought against that.
[00:24:08] <Motoko-chan> The machines all ran 3.51 except one using NT4 beta and one 95 beta.
[00:24:11] *** havvg has quit IRC
[00:24:22] *** Juspion has quit IRC
[00:28:29] <jpalmer> 98 was quite common for use as a workstation on networks with novell servers
[00:29:19] *** rootsvr has quit IRC
[00:30:37] <Motoko-chan> They were running an NT domain and some VAX stuff where I was at the time.
[00:31:06] <Motoko-chan> And some really crazy DECnet stuff to link remote terminals.
[00:32:22] <Motoko-chan> I forget what those boxes were labeled. They took ethernet (I think) and turned it into RS232, which was then cabeled through RJ45 until it got to the terminal.
[00:32:49] <Motoko-chan> The RJ45 stuff wasn't part of the DEC equipment.
[00:36:08] *** Samonoske has joined #postfix
[00:53:04] *** makerc has joined #postfix
[01:01:36] *** war9407 has quit IRC
[01:03:13] *** torn_ has joined #postfix
[01:03:14] *** torn has quit IRC
[01:05:25] <lunaphyte> sigh...
[01:05:32] <lunaphyte> i'm getting joe-jobbed.
[01:08:43] *** alienbrain has joined #postfix
[01:13:36] *** seekwill has joined #postfix
[01:13:51] *** GoGi has joined #postfix
[01:14:04] *** Rafa-el has joined #postfix
[01:14:16] <Rafa-el> hola
[01:14:40] <Rafa-el> anda por aqui ChrisH?????
[01:18:19] *** hever has quit IRC
[01:18:25] <alienbrain> Does anybody know how I could change the port sendmail uses for sending out e-mails? I'm running postfix on a non-standard port
[01:19:35] <xpoint> eh using both sendmail and postfix on same host ?
[01:20:02] *** keffer has quit IRC
[01:30:55] <shasta> running smtpd on a non-standard port means "I won't get any emails from the world"
[01:31:24] <xpoint> he meant smtp not smtpd
[01:31:44] <xpoint> or i am clueless again :)
[01:32:16] <shasta> he wasn't very specific, that's for sure
[01:32:19] *** Draecos has joined #postfix
[01:32:47] *** Draecos has quit IRC
[01:33:02] *** Draecos has joined #postfix
[01:33:26] <xpoint> as i read it he want to have postfix do the smtpd, and have sendmail do the smtp
[01:35:59] *** madrescher has quit IRC
[01:41:07] *** Motoko-chan has quit IRC
[01:41:21] <alienbrain> shasta: xpoint Hm. Sorry :). Here is a rephrase: I'm running Postfix on a non-standard port on a remote server. On my local machine, how can I configure local postfix or /usr/sbin/sendmail (provided by postfix package) to send e-mails to that remote MTA through this non-standard port?
[01:42:06] <xpoint> !transport_maps
[01:42:07] <knoba> xpoint: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[01:42:16] <xpoint> see this link
[01:42:41] <xpoint> smtp:[127.0.0.1]:port
[01:43:16] <xpoint> in the transport_maps:
[01:43:29] *** seekwill has quit IRC
[01:43:43] <xpoint> domain.tld smtp:[remote-ip]:remote-port
[01:44:06] <xpoint> [] is need to disable mx lookup
[01:44:59] <alienbrain> xpoint: awesome. thanks!!
[01:45:36] <alienbrain> xpoint:  Though I don't want to disable MX lookup. All I want is to change the port :)
[01:45:54] <xpoint> disable mx anyway
[01:46:12] <xpoint> if you use the ip
[01:47:35] *** keffer has joined #postfix
[01:48:40] <rob0> or maybe just
[01:48:45] <rob0> !relayhost
[01:48:45] <knoba> rob0: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination.
[01:54:31] <alienbrain> rob0: I've tried this before, relayhost = :port, didn't work
[01:54:58] <alienbrain> rob0: it looks like /etc/postfix/transport is it. For some reason it didn't take effect so far though.
[01:55:15] <rob0> sigh
[01:56:11] <rob0> It appears that you did not read how to do it correctly. It is hyperlinked from here:
[01:56:14] <rob0> !basic
[01:56:15] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[01:57:03] *** pirho has quit IRC
[01:59:14] <alienbrain> xpoint: I've: amrmostafa.org smtp:amrmostafa.org:2525
[02:00:05] <alienbrain> xpoint: but mail to amr at amrmostafa dot org is still being sent on 25 according to mailq: (connect to mail.amrmostafa.org[77.74.198.251]:25: Connection timed out). Do you have an idea what could I be doing wrong?
[02:02:46] <shasta> pastebin postconf -n
[02:03:03] *** cilly has joined #postfix
[02:03:06] <alienbrain> xpoint: worked! I just had to add transport_maps to my main.cf, thought it was the default :)
[02:03:20] <alienbrain> shasta: thanks, what you thinking of was indeed the problem. :)
[02:03:26] <shasta> (:
[02:05:25] <torn_> does it make sense, in your opinion, to reject_rhsbl_helo multi.uribl.com ?
[02:06:03] <torn_> the uribl should cointain urls found INSIDE spam messages, so it's automatic that it's a good idea to look for that URIs in the HELO string
[02:06:09] <torn_> what do you think?
[02:07:17] <xpoint> alienbrain, [] makes sure we do not send to our self
[02:08:23] <alienbrain> xpoint: ahh, gotcha :)
[02:09:08] <alienbrain> xpoint: but I thought I read somewhere the MTA is smart enough to exclude itself from the result of MX lookup on its own domain
[02:09:26] <xpoint> nope
[02:10:08] <xpoint> computer software is not smart, dns is not simple, problem is not just a answer of 42
[02:13:18] <alienbrain> xpoint: It doesn't sound "that" difficult :)
[02:14:34] <alienbrain> if (myhostname == mx[i]) { continue; } :P
[02:17:03] <alienbrain> xpoint: thanks for your help, greatly appreciated!
[02:17:04] <xpoint> comal is more simple
[02:17:05] *** Mozillero has joined #postfix
[02:17:11] <alienbrain> nighty ;)
[02:17:13] *** alienbrain has quit IRC
[02:17:20] <Mozillero> ola
[02:17:23] *** pitakill has joined #postfix
[02:17:38] <Mozillero> spanis
[02:17:44] *** Joe_Wulf has joined #postfix
[02:17:58] *** Mozillero has left #postfix
[02:27:04] *** JoeWulf has quit IRC
[02:31:44] *** GoGi has quit IRC
[02:37:30] *** magyar has quit IRC
[02:40:54] *** ming_zym has joined #postfix
[02:42:13] *** magyar has joined #postfix
[02:44:27] *** Rafa-el has quit IRC
[02:57:03] *** Zblakany has quit IRC
[02:58:05] *** keffer has quit IRC
[03:10:44] *** Tachy_ has joined #postfix
[03:21:52] *** Tachy has quit IRC
[03:25:30] *** makerc has quit IRC
[03:27:21] *** cilly has quit IRC
[03:27:39] *** cilly has joined #postfix
[03:28:32] *** cilly has quit IRC
[03:28:33] *** mysterion has joined #postfix
[03:29:05] <mysterion> Is anyone in here familiar with setting up tarpitting?
[03:29:09] *** cilly has joined #postfix
[03:30:36] *** seekwill has joined #postfix
[03:33:32] *** nhuisman has joined #postfix
[03:33:43] <nhuisman> hey do I need to install a mail outgoing program for postfix?
[03:33:46] <nhuisman> to emulate "mail"
[03:33:53] <nhuisman> or is there just a different command for postfix
[03:41:04] <rob0> huh?
[03:43:14] *** mysterion_ has joined #postfix
[03:44:47] <nhuisman> I'm trying to send a mail
[03:44:54] <nhuisman> what command do I use with postfix as the mta
[03:45:01] <seekwill> telnet :)
[03:45:10] <nhuisman> what's the replacement for "mail"
[03:45:17] <nhuisman> for a simple shell script email
[03:45:33] <rob0> mail(1) / mailx(1) is a MUA. It is not a part of any MTA package. If you need it, install it.
[03:46:02] <nhuisman> ok that's what I was thinking
[03:46:19] <nhuisman> I guess for this server I really only need mailx
[03:46:25] <nhuisman> purging postfix :P
[03:47:05] <rob0> um, unless it's the newer "heirloom mailx", it requires a MTA or sendmail(1) replacement (null SMTP client.)
[03:47:32] <rob0> Heirloom mailx can act as its own SMTP client.
[03:47:35] <nhuisman> hmm
[03:47:48] <nhuisman> wonder if that's in the debian package tree
[03:48:07] <rob0> most things are
[03:48:18] <nhuisman> it only has one mailx
[03:48:30] <nhuisman> hmm somehow I doubt it's the newwer one
[03:48:33] <rob0> try "nail"
[03:48:35] <nhuisman> based on the dependencies :   exim4 exim4-base exim4-config exim4-daemon-light liblockfile1 libpcre3 psmisc
[03:48:49] <rob0> It used to be called "nail" a few years back.
[03:49:15] <nhuisman> feature rich BSD mail(1)
[03:49:16] <nhuisman> could be it
[03:49:29] <rob0> likely so
[03:50:22] <nhuisman> orkalike of the classical mail(1). Nail can produce and read MIME messages and has greatly improved character-set handling, including support for UTF-8.  It can send mail through SMTP to a smarthost directly, and receive mail from POP3 and IMAP servers, optionally encrypted with SSL.
[03:50:24] <nhuisman> sounds like it
[03:50:44] <nhuisman> nice no dependencies
[03:50:57] *** mysterion has quit IRC
[03:51:23] <nhuisman> wonder how I set the smarthost it uses
[03:52:06] <nhuisman> well thanks for the info
[03:52:09] <shasta> nail documentation covers that, I'm sure.
[03:53:10] <nhuisman> yeah reading it now
[03:53:57] <shasta> yay! i finally forced myself to fit meta-greylist inside Net::Server 'framework', so I don't have to spawn(8) it once in a while, instead I Net::Server::PreFork it few times and check_policy_access inet:localhost:12345 (-8
[03:56:40] <shasta> s/access/service/ of course ;)
[04:00:03] *** keffer has joined #postfix
[04:01:12] *** Motoko-chan has joined #postfix
[04:01:18] <rob0> IIRC you set the environment variable "smtp".
[04:01:30] <nhuisman> works, thanks.
[04:01:36] <nhuisman> yeah just found it
[04:02:40] <mysterion_> Any of you guys familiar with tarpitting in Postfix?
[04:03:20] *** mysterion_ is now known as mysterion
[04:14:47] *** xpoint has quit IRC
[04:25:21] <torn_> mysterion: me not. I just know the existence of http://k2net.hakuba.jp/targrey/index.en.html
[04:25:29] <torn_> that is a patched version of postgrey
[04:26:20] <mysterion> I know postfix can do tarpitting natively, I'm just wondering if it can trigger the tarpit the way I want it to.  The most likely answer is no, but I still have to check.
[04:27:30] <torn_> you mean with smtpd_error_sleep_time?
[04:28:05] *** cilly has quit IRC
[04:28:28] <mysterion> Yes.
[04:29:28] <mysterion> What I'm trying to accomplish is to have postfix tarpit the current connection if sender_login_mismatch is triggered.
[04:31:40] <lunaphyte> so are we still blocking backscatter via header/body checks these days?
[05:00:59] *** pitakill has quit IRC
[05:04:52] *** nhuisman has quit IRC
[05:07:23] *** _jaldhar has joined #postfix
[05:08:50] *** Zeit|awy_ has joined #postfix
[05:14:52] *** Zeit|awy has quit IRC
[05:21:24] *** kykub has quit IRC
[05:31:10] *** saurabhb has joined #postfix
[05:32:04] *** saurabhb has joined #postfix
[05:58:16] *** saurabhb has quit IRC
[06:01:14] *** Southron has left #Postfix
[06:36:49] *** saurabhb has joined #postfix
[06:55:09] *** cyzie has quit IRC
[07:11:45] *** pa has quit IRC
[07:48:33] *** Fallenou has joined #postfix
[07:50:54] *** Kako_ is now known as Kako
[07:53:15] *** _zsh has joined #postfix
[07:53:22] <ams> how would i put user maildir spools in /com/mail?
[07:54:27] *** Haris_ has joined #postfix
[07:54:59] *** Haris1 has quit IRC
[07:55:11] *** Sausage has quit IRC
[07:56:02] *** Sausage has joined #postfix
[07:56:18] *** Sausage has quit IRC
[08:00:46] *** Sausage has joined #postfix
[08:03:43] *** tshine has quit IRC
[08:28:07] *** phnord has joined #postfix
[08:31:11] *** hparker has quit IRC
[08:32:15] *** sophokles has joined #postfix
[08:40:28] *** Sausage has left #postfix
[08:41:29] *** madrescher has joined #postfix
[08:49:14] *** Haris_ is now known as Haris1
[08:54:14] *** Motoko-chan has quit IRC
[09:00:07] *** mysterion has left #postfix
[09:04:31] *** _supastuff_ has joined #postfix
[09:05:15] <_supastuff_> hi, I have a question which I'm not able to find an answer for in the docs, mainly because I don't know what to look for.  how can I get bnc-* at domain dot com forwarded to a single local address?
[09:05:44] <_supastuff_> basically bnc-anythinghere@domain,com to a single address
[09:12:10] *** slackjr has joined #postfix
[09:12:56] <f3ew> recipient_delimiter
[09:15:31] <slackjr> hi, i use postfix with ldap (virtual users) and works fine, but i need an autoreply ( vacation ) for my users, i try postfixadmin script but dont works very well, someone knows a good software for this???
[09:16:12] *** master_o1_master has joined #postfix
[09:16:28] <f3ew> recipient_delimiter @ _supastuff_
[09:16:37] <f3ew> slackjr jamm
[09:18:40] <slackjr> f3ew: ihave my own interface, i just looking for a script that handles correctly emails and reply ...
[09:19:26] <_supastuff_> f3ew: thanks,. I'll look into it now.
[09:21:08] <_supastuff_> f3ew: what do I then specify in my virtual domain conf: can I do bnc+* at domain dot com mybouncehandler ?
[09:22:36] *** f3ew has quit IRC
[09:25:17] *** f3ew has joined #postfix
[09:26:45] *** _zsh has quit IRC
[09:27:23] *** master_of_master has quit IRC
[09:27:50] *** syneus has joined #postfix
[09:27:59] <_supastuff_> f3ew: what do I then specify in my virtual domain conf: can I do bnc+* at domain dot com mybouncehandler ?
[09:28:22] *** Zblakany has joined #postfix
[09:29:19] <f3ew> Yes
[09:29:28] <f3ew> just bnc at example dot com actually
[09:29:32] <f3ew> no need for the +*
[09:29:52] <_supastuff_> awesome, thanks
[09:29:58] <_supastuff_> works nicely
[09:30:55] *** pa has joined #postfix
[09:32:06] <_supastuff_> oops, a small issue: in my alias, I added an alias called bouncehandler: "|/script/path"
[09:32:17] <_supastuff_> but it now attempts to call bouncehandler+whatever instead
[09:32:59] <_supastuff_> to call: to deliver to rather
[09:34:19] <internat> mayve ive fubared something but for some reason, postfix seems to be checking with sasl AUTHDAEMON for the person the email came from.. any ideas why that would happen?
[09:35:07] <internat> actually..
[09:37:15] *** _zsh has joined #postfix
[09:39:59] *** amason_ has left #postfix
[09:40:13] *** slackjr has quit IRC
[09:40:43] <internat> nm ignore me.. my bad
[09:48:25] *** brancaleone has joined #postfix
[09:58:15] *** war9407 has joined #postfix
[10:02:08] *** Filbert has quit IRC
[10:03:08] *** hot-dog has joined #postfix
[10:06:42] *** Filbert has joined #postfix
[10:06:53] *** hever has joined #postfix
[10:07:33] *** master_o1_master is now known as master_of_master
[10:09:03] *** jonez has quit IRC
[10:15:10] *** hot-dog has quit IRC
[10:26:30] *** unomystEz has joined #postfix
[10:30:13] *** madrescher has quit IRC
[10:36:05] *** TheMatrixIsYou has joined #postfix
[10:36:24] *** pulsars has joined #postfix
[10:37:07] *** pulsars has joined #postfix
[10:49:17] *** rootsvr has joined #postfix
[10:52:46] *** pulsar has quit IRC
[10:59:00] *** Zblakany has quit IRC
[11:17:22] *** pinchart1 has quit IRC
[11:24:29] *** wdp has joined #postfix
[11:28:19] *** tomocha6 has quit IRC
[11:28:26] *** tomocha6 has joined #postfix
[11:28:27] *** cilly has joined #postfix
[11:28:34] *** ming_zym has quit IRC
[11:29:42] *** rootsvr has quit IRC
[11:34:01] *** pulsar has joined #postfix
[11:36:44] <n215> when Recipient address rejected: user unknown in virtual mailbox table, I dont get message from postmaster
[11:39:03] <Roobarb> why would you?
[11:39:17] <sysmonk> he want to be spammed to death, that's why
[11:39:35] <sysmonk> n215: just gimme your email, i'll forward you all my spam and postmaster failures
[11:40:10] *** jelly has quit IRC
[11:40:11] <dragonheart> spammed to death - very painful way to die. very silent - noone hears about them.
[11:40:48] <n215> sysmonk : it works fine if i send notvalidemail at gmail dot com or something. i get replay, but if i try to send notvalidemail at mydomain dot ge I dont get no message from postmaster
[11:41:01] <n215> i just see rejected in /var/log/maillog
[11:42:21] *** dragonheart has quit IRC
[11:42:30] <n215> Jul 22 23:45:23 postfix postfix/smtpd[6874]: NOQUEUE: reject: RCPT from unknown[172.16.1.44]: 550 5.1.1 <everyone at 1tv dot ge>: Recipient address rejected: User unknown in virtual mai
[11:42:31] <n215> lbox table; from=<test1 at 1tv dot ge> to=<everyone at 1tv dot ge> proto=ESMTP helo=<windoze>
[11:43:07] *** kRocKodile has joined #postfix
[11:43:19] <n215> this message is not being delivered to sender
[11:43:45] <n215> in this case to test1 at 1tv dot ge
[11:47:46] *** JoKoT3 has joined #postfix
[11:47:52] *** JoKoT3_ has joined #postfix
[11:48:11] *** JoKoT3 has quit IRC
[11:53:30] *** F6F has joined #postfix
[12:04:09] *** cilly has quit IRC
[12:09:49] *** jelly has joined #postfix
[12:11:16] *** cilly has joined #postfix
[12:11:58] *** rootsvr has joined #postfix
[12:23:20] *** hever has quit IRC
[12:28:46] *** madrescher has joined #postfix
[12:33:37] *** sypher has joined #postfix
[12:35:34] *** cyzie has joined #postfix
[12:41:03] <kRocKodile> my postfix deliveres the mail through my ISP my the (source) domain is changed from @mycompany.gr to @webcpl02.internet.gr (ISP domain). how can this be happent?
[12:41:12] <kRocKodile> (sorry for my bad english...)
[12:47:26] <kRocKodile> its a fresh install and i only add smtp_sasl options to main.cf and set the relayhost = option
[12:53:03] *** cilly has quit IRC
[12:54:32] *** cilly has joined #postfix
[13:02:28] *** cpm has joined #postfix
[13:03:26] *** madrescher has quit IRC
[13:04:56] *** higuita has joined #postfix
[13:31:01] *** _zsh has quit IRC
[13:38:18] *** havvg has joined #postfix
[13:40:17] <kRocKodile> solved.. its was problem from my isp...
[13:40:44] *** Zblakany has joined #postfix
[13:48:11] *** jelly has quit IRC
[13:55:29] *** sypher_ has joined #postfix
[13:59:01] *** Southron has joined #Postfix
[13:59:27] *** _supastuff_ has quit IRC
[13:59:51] *** _supastuff_ has joined #postfix
[14:12:16] *** sypher has quit IRC
[14:15:39] *** wdp has quit IRC
[14:22:18] *** saurabhb has quit IRC
[14:40:34] *** Draecos has quit IRC
[14:47:02] *** ZeiP has quit IRC
[14:48:07] *** Draecos has joined #postfix
[14:48:41] *** ZeiP has joined #Postfix
[14:51:13] <n215> does amavisd-new have its own spam filter ?
[14:52:21] <adaptr> no
[14:52:31] *** jelly has joined #postfix
[14:53:50] *** xpoint has joined #postfix
[15:06:00] *** ivan_ has joined #postfix
[15:06:51] *** Filbert- has joined #postfix
[15:07:27] <ivan_> hey, hows it going? i'm having some trouble with smtp auth using postix and cyrus-sasl... i need to remove cram-md5 and DIGEST-MD5 from the auth options, but i can't
[15:07:46] *** Samonoske has quit IRC
[15:09:06] <ivan_> i entered the mech options i need into smtd.conf for sasl2, but its helping too much...
[15:09:16] <cpm> ivan_, contents of your smtpd.conf file?
[15:10:01] <ivan_> pwcheck_method: saslauthd mech_list: plain login saslauthd_version: 2
[15:10:21] *** Samonoske has joined #postfix
[15:10:24] <cpm> mech_list: LOGIN PLAIN
[15:10:35] <ivan_> had that too, didn't help at all
[15:11:01] <cpm> so, you are still seeing md5 in your helo greeting?
[15:11:08] <ivan_> yup
[15:11:16] <ivan_> 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
[15:11:34] <cpm> makes no sense. How did you install cyrus sasl?
[15:11:42] <rob0> sounds like maybe you're changing the wrong smtpd.conf
[15:11:47] <cpm> yeah, exactly
[15:12:01] <cpm> or not stopping and then starting postfix after the changes
[15:12:27] *** Draecos_ has joined #postfix
[15:12:30] <ivan_> all of it is intstalled via rpm on centos
[15:12:51] <ivan_> full path to the file: /usr/lib/sasl/smtpd.conf
[15:12:55] <ivan_> everything is restarting
[15:13:58] <ivan_> i've been bashing my head on it all morning... i now know how to do a lot of other nice stuff, but still can't get this to work the way i need it =)
[15:14:22] <ivan_> file perms for /usr/lib/sasl/smtpd.conf are 644
[15:14:32] <rob0> !chroot
[15:14:33] <knoba> rob0: "chroot" : The fifth column in master.cf, if not n , means that the Postfix process described on that line runs in a chroot, see !debug and !queue_directory .
[15:15:16] <ivan_> nope, not chrooting
[15:16:00] <adaptr>  /etc/postfix/*
[15:16:05] <adaptr> NOT /usr/whatever
[15:16:15] <adaptr> put it where postfix will look for it
[15:16:18] *** jellis-real has joined #postfix
[15:16:39] <ivan_> ok, i'll try that out, one sec
[15:17:09] <cpm> /usr/lib/sasl/ Not /usr/lib/sasl2/ ?
[15:17:19] <cpm> dusty centos?
[15:17:52] <ivan_> adaptr: no luck, still getting md5 crap
[15:18:10] <ivan_> cpm: it was like that when i got there =)
[15:18:21] <adaptr> ivan_: up the debug level until you get SASL in your logs - see what it is reading the config from
[15:18:49] <ivan_> adaptr: up the debug level for postfix or saslauthd?
[15:18:58] <ivan_> or all of it =)
[15:19:23] <rob0> Check the centos/RHEL documentation for the correct path.
[15:19:27] <rob0> don't guess
[15:19:29] <adaptr> postfix is the one reading smtpd.conf, yes ?
[15:19:50] <adaptr> whoever tries to read that, or should read it - you're deifnitely editing the wrong file
[15:20:09] <adaptr> many (MANY) distros completely fuck up and put it where it will never be read
[15:20:48] *** Draecos has quit IRC
[15:22:37] *** Filbert has quit IRC
[15:22:53] <ivan_> heh, looks like it is messed up, coped the file over the stuff to sasl2, all working now....
[15:23:47] <adaptr> I said that :)
[15:24:07] <ivan_> i have been working with email for a very small time, but it is the most .. complex part about it..
[15:24:16] <adaptr> what is ? everything ?
[15:24:33] <ivan_> working with email is probably the hardest i have worked with on linux/bsds
[15:25:14] <ivan_> everything else is a lot clearer... at least for me =)
[15:25:30] <adaptr> but but but email is so simple! such a simple little protocol
[15:25:32] <ivan_> thanks a lot, btw
[15:25:42] <ivan_> the protocols are simple...
[15:25:51] <ivan_> all the mtas, auth mechanisms, broken clients...
[15:25:53] <ivan_> SPAM...
[15:25:54] <ivan_> arrrggg...
[15:26:07] <adaptr> well, if you just accept all spam it'll be easier
[15:26:23] <ivan_> my boss doesn't like that idea
[15:26:46] *** ziro has quit IRC
[15:27:10] <ivan_> he is particularly sick of viagra and englarge your penis emails, whatever that might mean =)
[15:27:23] <f3ew> email is easy
[15:27:23] <adaptr> he probably tried some and they did nothing for him
[15:27:30] <ivan_> hehe
[15:27:31] <f3ew> Doing it right is harder ;)
[15:27:51] <ivan_> f3ew: exactly, and thats what i'm (trying) to do
[15:27:54] <f3ew> More because email has a lot of moving parts
[15:28:19] <f3ew> Web services are now getting into the more complex era, with partitioned databases, caching ...
[15:28:34] <ivan_> i was first introduced into the world of email through sendmail.. i couldn't stomache it and switched to postfix.. looked like the most sane one of them all
[15:28:53] <adaptr> oh it is
[15:29:04] <adaptr> a small island of sanity in a crazy world
[15:29:25] <adaptr> if we sometimes go berserk it's not because of postfix, but because of all the other crap
[15:29:46] <ivan_> f3ew: yeah, but half of the world isn't trying to spam via webservices and you don't have to cope with other crap like outlook
[15:30:37] <f3ew> ivan_, SEO == web spam
[15:30:48] <f3ew> you have IE
[15:31:20] *** Draecos_ has quit IRC
[15:31:22] <ivan_> right, forgot about its outlooks bastard brother
[15:31:35] *** Draecos has joined #postfix
[15:32:55] <ivan_> ok, the postfix is now correctly advertising the auth capabilities, but i was trying that actually to fix another problem...
[15:33:20] <ivan_> using thunderbird, i can successfully send out email using this email server
[15:33:38] <adaptr> don't say the O word
[15:33:51] <ivan_> with the same credentials, i can't send email via python, perl, php, whatever, no scripts are working...
[15:33:55] <ivan_> adaptr: what 0 word?
[15:34:13] <adaptr> ivan_: NO scripting language sends SMTP mail
[15:34:24] <adaptr> it has nothing to do wtih SMTP
[15:34:44] <adaptr> and you can't "authenticate" the use of sendmail
[15:36:05] <ivan_> adaptr: either i'm missing something or scripting languages CAN use smtp to send email. i use it on other systems just fine
[15:36:41] *** ndonegan has left #postfix
[15:36:41] <rob0> Sure, I think CPAN for one has a Net::SMTP module.
[15:36:56] <ivan_> rob0: yup, thats one of them.
[15:37:16] <ivan_> oops, sorry, my bad, looks like i got it working, it was another error.. sorry for that =))))
[15:37:36] <ivan_> looks like the correct auth advertisement fixed it after all...
[15:37:53] <ivan_> dump scripts.. they started to use the cram-md5, and that was not configured...
[15:39:22] <ivan_> i think i'm getting the hang of this.. its all starting to work out pretty good..
[15:39:40] <cpm> welcome to our hell
[15:39:50] <ivan_> and I'm especially happy with Mailscanner, works like a charm against spam...
[15:39:53] <ivan_> nah.. its not hell..
[15:40:01] <ivan_> on my day job.. i'm working as a qa engineer..
[15:40:03] <ivan_> now thats hell,
[15:40:06] <ivan_> regression checks...
[15:40:07] <ivan_> arrggg
[15:40:43] <ivan_> this stuff is really fun on the contrary.. you actually get to accomplish something..
[15:42:10] <ivan_> after a couple of years working on linux, i tried to debug a problem with a copy/scanner/printer on my bosses xp machine.. now thats hell - now good logs to check, no documentation on the matter, you can't even make an educated guess on it.
[15:42:15] <ivan_> thats hell..
[15:42:37] <ivan_> here..where you got documentation, logs, commented source..
[15:42:48] <rob0> indeed
[15:44:03] <ivan_> and would any of you have any idea on what this thing means: SASL LOGIN authentication failed: bad protocol / cancel
[15:44:16] <ivan_> google didn't give me anything but the source for sasl on this error message
[15:54:41] *** n215 has quit IRC
[15:55:47] *** F6F has quit IRC
[15:56:22] *** F6F has joined #postfix
[16:00:52] *** cedric3 has joined #postfix
[16:01:01] *** will has joined #postfix
[16:03:02] <cedric3> hi all i use yaa autorespondeur i have a question when i send a mail to on who he activated the autorespondeur i receiv a mail i am on holliday ok its' good but if i resend a mail i receiv the same mail autorespondeur i want when i send one or other  i receiv one mail autorespondeur
[16:03:03] *** kRocKodile has quit IRC
[16:03:06] <cedric3> thanks
[16:06:28] *** jonez has joined #postfix
[16:09:11] *** nphase has joined #postfix
[16:14:40] *** nphase has quit IRC
[16:15:18] *** supa_user has quit IRC
[16:18:06] <lunaphyte_> this is driving me nuts.  i'm using mail(1) on os x to submit a message, which arrives to the recipient somehow, yet i can't find any evidence of postfix ever processing it.
[16:20:16] *** pickcoder has joined #postfix
[16:24:53] <rob0> be methodical, you can figure it out
[16:25:27] <rob0> note that mail(1) by default (or perhaps ONLY in the case of old BSD mailx) uses sendmail for submission
[16:33:31] <pickcoder> sendmail is submissive?
[16:35:01] <cpm> can be, if you're nice about it.
[16:35:09] <cpm> come up with safe words and such
[16:35:13] <will> hah
[16:38:17] <will> What's your safe word?
[16:39:10] <cpm> Signum is my safe word.
[16:39:41] <rob0> Signum is my shepherd, I shall not want.
[16:39:48] <rob0> But where is he?
[16:39:57] <rob0> !seen Signum
[16:39:57] <knoba> rob0: Signum was last seen in #postfix 2 days, 1 hour, 40 minutes, and 25 seconds ago: <Signum> night_time: run "postconf smtpd_recipient_restrictions" and you'll probably see that postfix is right
[16:40:18] <cpm> Signum!
[16:40:22] <cpm> he's here, lurker
[16:41:43] *** jonez has quit IRC
[16:42:05] *** jonez has joined #postfix
[16:44:26] <Signum> cpm: no I'm not!
[16:44:28] <Signum> (oops)
[16:46:17] *** sophokles has quit IRC
[16:47:07] *** sophokles has joined #postfix
[16:50:41] *** jimi_ has joined #postfix
[16:50:53] <jimi_> Is it possible to route an always_bcc by sender?
[16:51:24] <jimi_> For instance, I want to have 2 groups of users. If a person sends an email out from group A, it always_bccs foo, and if it is from group B, it always_bcss bar ?
[16:51:32] <Signum> !sender_bcc_maps
[16:51:33] <knoba> Signum: "sender_bcc_maps" : a configuration parameter in the main.cf: Optional BCC (blind carbon-copy) address lookup tables, indexed by sender address. The BCC address (multiple results are not supported) is added when mail enters from outside of Postfix.
[16:51:36] <pickcoder> !sender_bcc.....
[16:51:36] <Signum> Like that?
[16:51:37] <pickcoder> meh
[16:51:37] <knoba> pickcoder: Error: "sender_bcc....." is not a valid command.
[16:52:06] <jimi_> ty
[16:52:49] *** LordDicranius has joined #postfix
[16:54:03] <jimi_> Hmm is sender_bcc_maps for incoming or outgoing mail?
[16:54:22] <f3ew> mail coming into postfix
[16:54:38] <jimi_> Oh, i need it going out
[16:57:12] <jimi_> Instead of bccing everyone to 1 address, I want to have it go to multiple addresses depending on what team/group you are on. Is that possible?
[16:58:22] <f3ew> the address you bcc to can be an alias
[16:58:35] <jimi_> I know, but that still sends all emails to everyone on that alias.
[16:58:49] <f3ew> yes
[16:59:02] <jimi_> If Jimi is in group A, I only want all of his emails sent to foo at bar dot com , but if f3w is in group B, i want his sent to something at bar dot com
[16:59:20] <jimi_> Instead of sending Jimi and f3ew to alias@ , is that possible?
[17:05:19] <jimi_> maybe it coul dbe done with recipient_bcc_maps?
[17:05:23] <jimi_> !recipient_bcc_maps
[17:05:24] <knoba> jimi_: "recipient_bcc_maps" : a configuration parameter in the main.cf: Optional BCC (blind carbon-copy) address lookup tables, indexed by recipient address. The BCC address (multiple results are not supported) is added when mail enters from outside of Postfix.
[17:05:41] <jimi_> n/m
[17:06:04] *** rakosh76 has joined #postfix
[17:08:13] <jimi_> Or, would this work?
[17:08:20] <jimi_> What if I always_bcc everything to 1 alias...
[17:08:46] <jimi_> then, use sender_bcc_maps on the alias, to send it to the different teams?
[17:09:12] <f3ew> urk
[17:09:37] <f3ew> foo at example dot com  alias1 at example dot com
[17:09:42] <f3ew> bar at example dot com  alias2 at example dot com
[17:09:48] <f3ew> alias1: jimi_
[17:09:59] <f3ew> alias1: other,group,member
[17:10:03] <f3ew> alias2: other,group,member
[17:10:04] <f3ew> even
[17:10:56] <jimi_> So, I would setup the sender_bcc_maps to check incoming mail for alias@ ,, then if the recipient is alias1  send ti to foo,bar,baz, and if it is alias2 send it to 1,2,3?
[17:12:07] <f3ew> no
[17:12:15] <f3ew> you bcc to alias1, alias2 ...
[17:12:30] *** pitakill has joined #postfix
[17:12:59] <jimi_> always_bcc?
[17:13:01] <jimi_> im lost :(
[17:16:26] *** nphase_ has joined #postfix
[17:16:40] *** nphase_ has quit IRC
[17:19:52] *** jimi_ has quit IRC
[17:22:29] <roe_> can and if so how do I get postfix to authenticate to another mta using sasl as a user
[17:22:41] <rob0> !sasl
[17:22:43] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[17:22:51] <rob0> !client_sasl
[17:22:51] <knoba> rob0: Error: "client_sasl" is not a valid command.
[17:23:04] <rob0> http://www.postfix.org/SASL_README.html#client_sasl
[17:23:49] *** craigbass1976 has joined #postfix
[17:24:42] *** pgega has joined #postfix
[17:25:06] <craigbass1976> This is more of a client question, but...  I want to have one email account that I can check from wherever (this I can do already) but I'd also like to save sent messages on the server as well and have my clients update so that I have the same sent emails on every client.  WHere do I start?
[17:25:25] <craigbass1976> I'm currently running postfix and dovecot
[17:25:36] *** LordDicranius has quit IRC
[17:27:39] *** Daviey_ has joined #postfix
[17:29:27] <pgega> Hi all,  I  am just about to start writing Nagios checks for postfix mail server , and could you advise me what should be monitored ?
[17:30:29] <will> heh
[17:31:15] <f3ew> pgega, that you can download a message sent via this server from a remote pop3/imap account
[17:32:09] <pgega>  f3w: great idea
[17:32:21] <pgega> have you ever tried that ?
[17:33:24] <f3ew> yes
[17:34:44] <pgega> was it complicated ?
[17:35:19] *** Ryushin has joined #postfix
[17:39:57] <f3ew> no
[17:40:09] <f3ew> non trivial
[17:40:13] <f3ew> but not painful
[17:40:22] <f3ew> you need to parse headers
[17:41:12] * f3ew => $HOME
[17:42:03] <jduggan> does postfix provide no nice method of a virtual isntance? like changing helo based on IP, sending out specific SASL users from the configured bind IP? only method i can think of is transporting to another postfix instance, but that doesnt scale so well if you have ~1000 virtual domains that want dedicated IPs etc
[17:42:55] <will> jduggan: That's when you call up a commercial MTA company :)
[17:44:04] <jduggan> blasphemy ;)
[17:44:46] <will> I know of a good one too! :)
[17:45:12] <f3ew> heh
[17:45:15] <f3ew> Hotmail?
[17:45:31] <f3ew> jduggan one instance per IP
[17:45:53] * f3ew does not recommend it
[17:46:13] <will> It's for deliverability to inbox
[17:48:28] *** aaahhh has joined #postfix
[17:48:33] <will> choooo
[17:48:49] <cpm>  ~1000 virtual domains that want dedicated IPs
[17:48:56] <aaahhh> haha
[17:49:02] <cpm> means you need to get a lot more IP addresses. If they want them, they'll pay.
[17:49:41] <cpm> now, why on earth folks seem to think that it matters what their MX record is, amazes me.
[17:49:44] * will hugs companies that buy /24's
[17:49:44] <aaahhh> that'd be hella hard to debug if you are using the txt config
[17:50:01] <will> cpm: It's not for their MX record. It's for bulk senders
[17:50:14] <will> IP reputation, all that jazz
[17:50:24] <cpm> you mean spammers?
[17:50:26] <will> No
[17:50:31] <will> Bulk senders.
[17:50:35] <cpm> no matter
[17:50:53] <will> If you consider double-opt in emails spam, then ok
[17:50:57] <aaahhh> so your other ip's don't get blacklisted if another does
[17:52:09] <cpm> yeah, I keep getting bulk mail that tells me how i opted in. It's pretty funny.
[17:52:39] <cpm> I don't have a lot of problem with mailing lists that I run. But none of them have any more than a few hundred addresses.
[17:52:50] <will> heh
[17:52:53] <cpm> I can see how folks sending out 10s of thousands have issues
[17:52:59] <aaahhh> well i can understand junk mail that is legit
[17:53:05] <aaahhh> well bulk mail*
[17:53:06] <will> cpm: How about... millions :)
[17:53:24] <cpm> anyone who is sending millions of emails, won't find a lot of friends here.
[17:53:30] <will> Why not?
[17:53:50] <will> Because postfix cannot handle that kind of traffic??? ;)
[17:54:02] <aaahhh> really?
[17:54:20] <aaahhh> i hightly doubt that
[17:54:29] <will> In a suitable amount of time
[17:54:30] <aaahhh> works better than exchange
[17:56:28] <will> Really hard to compare Postfix to Exchange in this context...
[17:57:06] <pickcoder> cpm: no problem here
[17:57:16] <pickcoder> I send a semi-monthly newsletter
[17:57:28] <pickcoder> ~38K per newsletter
[17:57:39] <will> pickcoder: How long does it take to send?
[17:57:42] <pickcoder> I've even had it turned up to 2500 processes
[17:57:52] <pickcoder> depends on the process limit
[17:58:02] <pickcoder> at 2500 it doesn't take long
[17:58:03] <will> The maximum you've been able to hit
[17:58:04] *** havvg has quit IRC
[17:58:10] <pickcoder> but it kills the T1
[17:58:13] <will> heh
[17:58:19] <will> Yeah, that would be a bottleneck...
[17:58:26] <aaahhh> well obviously
[17:58:54] <pickcoder> the web mail providers are the largest spool strain
[17:59:02] <pickcoder> especially yahoo
[17:59:07] <will> heh
[17:59:26] <will> Everyone has at least two Yahoo accounts it seems...
[17:59:32] <pickcoder> it's not that
[17:59:41] <will> Greylisting?
[17:59:42] <pickcoder> they just stop blocking with 451 after a few come in
[17:59:50] <aaahhh> wow
[17:59:51] <aaahhh> dumb
[17:59:51] <pickcoder> it's not greylisted.. just blocked
[17:59:58] <pickcoder> they eventually flow through
[18:00:04] <pickcoder> takes a day or so
[18:00:08] <pickcoder> for ~5000
[18:00:19] <will> pickcoder: You read their bulk sender page? It describes what kind of throttles you need
[18:00:22] <aaahhh> and yahoo's antispam is not that great either
[18:00:40] <pickcoder> I can't tailor one mail server to 10 different servers
[18:00:53] <will> pickcoder: Too bad :(
[18:01:11] <pickcoder> until it starts to backup enough between sendings, I'm not bothering with it
[18:01:17] <pickcoder> I've already complained to the postmaster
[18:03:29] <pickcoder> (and to marketing)
[18:03:37] * pickcoder hates babysitting it
[18:03:50] *** sypher_ has quit IRC
[18:03:57] *** rootsvr has quit IRC
[18:04:46] <aaahhh> http://pastebin.com/d33360dea
[18:04:55] <aaahhh> it seems my system is still backscattering
[18:04:57] <aaahhh> not sure why
[18:05:22] <lunaphyte_> generating, or receiving?
[18:05:38] <aaahhh> well generating
[18:05:43] <aaahhh> since it's on the backscatterer.org list
[18:07:01] <pgega> thanks a lot f3ew
[18:07:22] <lunaphyte_> lists and rbls are nice and all, but i don't think i'd rely on someone else to tell me how my system is behaving.
[18:08:21] <will> aaahhh: Check yourself. Are you backscattering?
[18:08:31] *** craigbass1976 has quit IRC
[18:08:40] *** phnord has quit IRC
[18:09:18] * jelly checks himself before he wrecks himself
[18:10:29] * jelly finds "ips.backscatterer.org LISTED! See why", but he expected that
[18:10:38] <cpm> heh
[18:10:44] <bondoer> hi all, how can i achieve that the incoming mail will be directly sent to my content filter which is running as a daemon on some local port. I checked FILTER_README but i am little bit confused, cause there are only spawn and pipe methods, and pipe is done through some shell script, and i am wondering whether i can directly send the email to my content_filter without any middle-script
[18:11:07] <aaahhh> what content filter?
[18:11:20] * jelly shrugs and waits for the nonexistent perl programmer to fix over-quota backscattering on his system
[18:12:12] <bondoer> aaahhh: mine own
[18:12:32] *** idle-boy has quit IRC
[18:12:51] *** idle-boy has joined #postfix
[18:13:33] <jduggan> cpm: yea, they want whitelabelled mail hosting - and rather not be associated with a specific company.  We're an LIR (our core business is rack space/colocation/dedicated servers etc) and have plenty of IP space, im thinking perhaps the best route is to build a big VM cluster and have dumb postfix instances per vm, perhaps postfix just isnt the route we need, im not sure, its all ideas at this stage
[18:14:09] <aaahhh> oh wow
[18:14:10] <cpm> jduggan, that's a good approach.
[18:14:14] <aaahhh> a 1000 vm's
[18:14:25] <will> jduggan: LIR?
[18:14:44] <cpm> jduggan, but is that the business you want want to be in?
[18:14:51] <cpm> there are commercial outfits that do this, and do it well
[18:14:58] <jduggan> will: Local Internet Registry... it means we can hand out IP space to companies that can justify it
[18:15:10] <will> ah
[18:15:24] <will> jduggan: There is software that can handle that
[18:15:27] <cpm> seems like a terrible waste of resources
[18:15:36] <aaahhh> yea
[18:15:38] <will> jduggan: Commercial MTAs specialize in what you're looking to do
[18:15:42] <aaahhh> having a vm per instance seems dumb
[18:15:57] <aaahhh> a lot of process space wasted on operating system
[18:16:07] <aaahhh> and memory
[18:16:14] <jonez> not if you can tweak the vm to only have the resources you need...
[18:16:34] <aaahhh> still wasting quite a bit on the operating system
[18:16:35] * cpm thinks this sounds like folks looking for plausible deniability.
[18:16:36] <jelly> and one doesn't really need a vm, just a separate instance of postfix listening on its own ipaddr
[18:16:44] <jduggan> cpm: I'm not the decision maker here, simply researching viable methods for the people that be :), we have quite a big virtual hosting platform with resellers etc, that want the look of dedicated servers, but in reality we're handling it, we get requests for it so we can justify it
[18:16:49] <aaahhh> yea
[18:16:52] <aaahhh> what jelly said
[18:17:02] <will> jduggan: Depending on how many times you'll be sending out mail, an outsourced company may be the better route
[18:17:14] <jelly> (but running a thousand postfixen on a couple of machines will be interesting too)
[18:17:14] <aaahhh> lol
[18:17:19] <jduggan> jelly: multiple postfix intsances is YUCK, an administrators nightmare
[18:17:27] <aaahhh> i love when outsourcers outsource
[18:17:33] <jduggan> heh
[18:17:55] <will> Contractors -> Subcontractors. Very common..
[18:18:03] <aaahhh> i know
[18:18:04] <aaahhh> i am one
[18:18:06] <will> :)
[18:18:12] <jelly> jduggan: nah, it's not that hard to design and implement, but I have _no_ idea about the actual performance
[18:18:56] <jduggan> we have the resources in house to not need to outsource, i asked here incase anyone has experience in doing it.. like i said, a commercial MTA might be the best route in this instance, it all depends on the numbers we want to scale to
[18:19:51] <jelly> jduggan: then again I guess you could play someone to dig into the source and tell you whether it's feasible to implement custom HELO per listening ip
[18:20:04] <will> jduggan: It's not just hardware resources... It's also experience
[18:20:15] <will> Such as deliverability
[18:20:22] <jduggan> will: ofcourse
[18:20:44] <jduggan> will: which is why we're researching the easiest and most feesible way of doing it without overcomplicating things
[18:20:59] <will> hehe :)
[18:21:03] <jelly> our customers don't really nag about HELO, which is why it is always something like mxoutX.iskon.hr ;-)
[18:21:14] <jduggan> we already have a pretty big mail setup, just with no 'whitelabel' abilities
[18:21:29] <will> jduggan: If you want some info about commercial MTAs, /msg me
[18:21:58] <jduggan> we have a reseller API, but the reseller likes to distance themselves from the original host, as generally, we're cheaper than they are heh, not good for them, so its a bonus for us if we can provide that service
[18:22:12] *** brancaleone has quit IRC
[18:24:02] *** sophokles has quit IRC
[18:30:24] *** pgega has quit IRC
[18:30:58] *** pulsar is now known as __init__
[18:31:25] *** ivan_ has quit IRC
[18:33:40] *** brancaleone has joined #postfix
[18:34:09] *** mark-use has joined #postfix
[18:36:59] *** Joe_Wulf has quit IRC
[18:38:56] *** pa has quit IRC
[18:39:57] *** JoKoT3_ has quit IRC
[18:39:57] *** memetic has quit IRC
[18:41:59] *** memetic has joined #postfix
[18:42:08] *** pa has joined #postfix
[18:42:32] *** hot-dog has joined #postfix
[18:43:20] *** Kako has quit IRC
[18:43:53] *** hot-dog has left #postfix
[18:43:55] *** Kako has joined #postfix
[18:44:40] *** Kako has quit IRC
[18:45:09] *** Kako has joined #postfix
[18:48:21] <justdave> is there a way to disable a milter if the user is SASL-authenticated?
[18:49:21] <justdave> closest thing I've found is to just disable it on ports 587 and 465, but I've got a couple people that do STARTTLS on port 25...
[18:49:58] <justdave> maybe I should just make them do 587 like everyone else. :)  thought I'd make sure there wasn't a technical solution first though
[18:53:55] *** f3ew has quit IRC
[18:54:41] *** f3ew has joined #postfix
[18:56:01] *** tshine has joined #postfix
[18:59:07] *** Ryushin has quit IRC
[19:01:35] *** Kako has quit IRC
[19:02:30] <cpm> justdave, using 587 really is the correct approach. Might as well start heading there.
[19:03:03] <cpm> your port 25 users will run into problems. Surprised they haven't yet.
[19:03:25] <justdave> yeah, it's mostly people in the office who used it because it worked. :)
[19:03:39] <justdave> people who check mail from home or on the road figured out the 587 thing pretty quick
[19:03:45] <cpm> Well, in house, yeah, that makes sense. But what milter do you want them to avoid?
[19:04:07] <justdave> amavisd
[19:04:11] <cpm> heh,
[19:04:17] <justdave> too slow. :)
[19:04:18] <cpm> never would I allow that. Ever.
[19:04:23] *** j_s has joined #postfix
[19:04:27] <cpm> but that's your call
[19:04:37] <justdave> I don't mind it being slow for incoming mail, it's better than backscatter
[19:04:38] <cpm> not for one second do I trust my users
[19:04:45] <cpm> :)
[19:05:00] <justdave> yeah, I'm not 100% sure of the idea either, but it's definitely the source of slow connections.
[19:05:20] <cpm> amavisd *shouldn't* be all that slow.
[19:05:27] <cpm> what kinda loads are you seeing?
[19:05:30] <justdave> takes a good 10 to 15 seconds to send an email with amavis in the loop
[19:05:39] <justdave> with it out it takes less than a second
[19:05:39] <cpm> hrmm, got dns checks in amavis?
[19:05:53] <justdave> thought I had those disabled because we're doing those at the MTA level
[19:06:23] <cpm> yeah, most folks do, and a lot of constipated amavis setups I've seen were timing out on dns lookups. Check that.
[19:06:58] <justdave> ohh...
[19:07:06] <justdave> I set it in the spamassassin config, and amavis is overriding it :)
[19:07:11] <justdave> $sa_local_tests_only = 0;    # only tests which do not require internet access?
[19:08:24] <justdave> I suppose that disables urlbl and so forth, too, though
[19:08:26] *** amrit|vgs is now known as amrit|wrk
[19:09:26] <cpm>  $sa_local_tests_only = 1 will do that, yeah
[19:09:31] *** memetic has quit IRC
[19:11:31] *** memetic has joined #postfix
[19:12:16] <justdave> hmm, nope, that didn't speed it up any
[19:12:52] *** f3ew has quit IRC
[19:13:39] <cpm> grab the amavis detail from the logs, see what's hanging it up.
[19:16:15] *** f3ew has joined #postfix
[19:18:43] <cpm> morning f3ew
[19:23:40] *** havvg has joined #postfix
[19:29:12] *** __init__ is now known as pulsar
[19:35:09] *** madrescher has joined #postfix
[19:36:17] *** brancaleone has quit IRC
[19:36:43] <justdave> ok, it got speedier after a few minutes, guess it just had to catch up after having it down for a restart
[19:36:50] *** a13x has joined #postfix
[19:36:53] <a13x> hi
[19:36:57] *** syneus has quit IRC
[19:39:06] <a13x> i have this problem with outlook and postfix: the server doesn't support any auth methods that outlook does (or so outlook says)
[19:40:19] <a13x> my server supports plain cram-md5 and digest-md5, it looks like something may be broken with outlook, my other email client works fine
[19:40:48] <jduggan> enable LOGIN
[19:42:15] <jduggan> as a mechanism
[19:42:25] <jduggan> !sasl
[19:42:26] <knoba> jduggan: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[19:42:32] <jduggan> check the readme
[19:52:28] *** devdas has joined #postfix
[19:53:19] *** PcPixel has joined #postfix
[19:55:07] <PcPixel> I am using reject_unknown_helo_hostname to help fight spam and it is doing a good job. I have the ability to create exceptions for systems who I know are valid but fail that test. I currently have a client who refuses to rework their email server but that my exception isnt working for. pastebin: http://pastebin.com/d2a566ca0
[19:55:19] <PcPixel> what can i do to allow mail to come from them
[19:55:46] *** onre has quit IRC
[19:56:50] <devdas> use a check_client_access before the reject
[19:57:02] <PcPixel> i am
[19:57:17] <PcPixel> its still failing
[19:57:43] <PcPixel> ill post the check
[19:58:28] <PcPixel> http://pastebin.com/d67ad45f0
[19:58:32] <PcPixel> thats the section for them
[20:01:11] <PcPixel> any ideas?
[20:02:09] <devdas> remove the [] around the IP
[20:02:27] <PcPixel> ok one sec
[20:02:42] *** Haris1 has quit IRC
[20:03:11] <PcPixel> ok done
[20:03:32] <PcPixel> based on their trial times, the next retry should be around 2:12PM my time
[20:03:37] *** Haris_ has joined #postfix
[20:03:42] <PcPixel> whats pissing me off about them is they flat out refuse to even call me
[20:03:47] <PcPixel> "its your server, its your fault."
[20:04:10] <devdas> Bleh
[20:04:14] <devdas> My server, my rules
[20:04:20] <PcPixel> thats what my reponse was
[20:04:28] <PcPixel> and the majority of other people have been fine with changing their systems
[20:04:35] <PcPixel> i did the math on my system over 5 days
[20:04:40] <PcPixel> i have a 0.06% false positive rate
[20:04:49] <devdas> Do they ever need to mail Outblaze? AOL?
[20:04:52] <PcPixel> over 5 days ive blocked 31,361 spams
[20:05:00] <PcPixel> with that one directive
[20:05:07] <PcPixel> strike that, 31,261 invalid domains
[20:05:08] <js_> i've having problems with outblaze
[20:05:16] <PcPixel> what is outblaze?
[20:05:50] <devdas> js_: why?
[20:05:58] <PcPixel> ah, i see trhem now
[20:06:03] <devdas> PcPixel: fairly small mail host ~ 35M odd users ...
[20:06:04] <PcPixel> i dunno. i havent seen mail from them
[20:06:13] <js_> i think they marked me as a spammer when i sent a newsletter for a site
[20:06:19] <devdas> mail.com? email.com? post.com? lawyer.com ? ...
[20:06:34] <devdas> js_: postmaster at outblaze dot com is the right place to go
[20:06:43] <PcPixel> assuiming they implemented it
[20:06:49] <js_> alrighty
[20:06:50] <PcPixel> thats another thing. so many places arent using postmaster
[20:06:56] <devdas> they did
[20:07:00] <PcPixel> oh nice
[20:07:00] * devdas used to work there
[20:07:03] <PcPixel> one of the few lol
[20:07:17] *** mark-use has quit IRC
[20:08:29] <PcPixel> bingo
[20:08:30] <PcPixel> that did it
[20:08:35] <PcPixel> removing the [] around the IP worked
[20:21:23] <PcPixel> and i just spammed them to prove my point
[20:21:44] *** hparker has joined #postfix
[20:23:23] <PcPixel> this is the second place thats pulled the "Well you can send to us, but we cant send to you. Therefore, it's your fault."
[20:25:27] <will> Hmm
[20:25:53] * cpm throws hparker to rob0
[20:26:08] <will> Their users would complain. Seems like they need to fix their server
[20:26:12] <hparker> *PLOP*
[20:29:11] <pdragon> what did the brackets do in that? just curious
[20:29:47] <devdas> the [] caused an error
[20:32:19] <PcPixel> will: thqats what im hoping
[20:32:30] <PcPixel> i sent an email in to them using: helo i.am.not.real
[20:32:35] <a13x> jduggan: i have this line in dovecot.conf
[20:32:37] <PcPixel> and it sailed right on through
[20:32:45] <a13x> jduggan: mechanisms = plain login digest-md5 cram-md5 ntlm
[20:33:01] <PcPixel> so i pasted my raw SMTP conversation into an email & sent it off to them saying "this is what im preventing"
[20:33:25] <a13x> jduggan: my postfix config is linked to dovecot
[20:33:41] <a13x> jduggan: my postfix config is linked to dovecot
[20:34:31] <a13x> jduggan: when i go into kontact config and click "check what the server supports" for outgoing accounts it tells me only login is supported
[20:34:46] <pickcoder> any suggestions on software to handle bounce backs?
[20:36:03] <PcPixel> i have to say though, postfix just kicks ass. my mail server went online jun 28th. since then using only the functionality built into it i am at 9% ham, 91% spam
[20:36:19] <PcPixel> our Exchange server is actually breathing lol
[20:37:02] <pickcoder> PcPixel: I give my mail gate some help and use fail2ban with postfix logs
[20:37:16] <PcPixel> never heard of that one
[20:37:17] <pickcoder> people who make it unhappy get banned for an hour
[20:37:39] <PcPixel> oh nice
[20:37:43] <pickcoder> banned = iptables drop
[20:37:43] <PcPixel> ive got somethinglike that yeah
[20:38:14] <PcPixel> the machine itself is fairly powerful: dual core 2.4Ghz, 4GB RAM and a raptor HD for the mail queues
[20:39:14] <pickcoder> the gateway here is quite large, but why waste bandwidth when you obviously know the client is spamming
[20:39:36] <PcPixel> equally valid point :)
[20:40:01] <PcPixel> is it just for password failures?
[20:40:33] <pickcoder> I have a myriad of error triggers
[20:40:40] <pickcoder> and fail2ban acts on some of them
[20:40:51] <PcPixel> ahok so you can trigger it on things
[20:40:52] <PcPixel> got it
[20:40:53] <PcPixel> :)
[20:41:00] <pickcoder> specific known domains
[20:41:07] <pickcoder> the xbl from spamhaus
[20:41:21] <pickcoder> if it's rejected.. the client gets blocked
[20:41:47] <pickcoder> failregex = reject: RCPT from (.*)\[<HOST>\]: (554|450|550|504)
[20:41:56] *** GoGi has joined #postfix
[20:42:00] <pickcoder> I don't have to do anything else to make it work
[20:42:04] <pickcoder> just add the error code
[20:47:12] <PcPixel> wow
[20:47:53] <pdragon> cool program. thanks!
[20:48:10] <pickcoder> welcome
[20:48:20] <pickcoder> nice for ssh too
[20:48:25] <pickcoder> and ftp services
[20:48:34] <pickcoder> (though I don't see a point in FTP anymore)
[20:48:40] <pdragon> yeah, i'm reading the one HowTo for SSH setup
[20:49:16] <pdragon> i have my ssh port set to a non-default. seems to stop a majority of them right off the bat
[20:49:42] <pdragon> well, non-default in my firewall. forwards to 22 inside the firewall
[20:56:38] <a13x> i have this problem with outlook and postfix: the server doesn't support any auth methods that outlook does (or so outlook says)
[20:57:17] <aaahhh> are you using spa?
[21:00:14] <pickcoder> a13x: disable_plaintext_auth = no
[21:00:19] <pickcoder> dovecot.conf
[21:00:24] <pickcoder> people miss that often
[21:01:04] <lunaphyte_> i miss my spa.
[21:04:00] <xpoint> year right use 450 in fail2ban
[21:04:14] <pdragon> bleh... can't run newest fail2ban on debian etch stable
[21:04:48] <pickcoder> why?
[21:04:49] *** madrescher has quit IRC
[21:04:56] <pdragon> requires a newer version of python
[21:05:17] <pickcoder> why do you need the most current release?
[21:06:31] <pdragon> well, read about all the bug fixes in 8.2. etch stable has fail2ban back at 7.5
[21:06:57] <pickcoder> sid has 8.2.3
[21:07:40] <pickcoder> 8.2.3 is also in etch-backports
[21:07:54] <pdragon> which would require updating a bunch of other sid packages. i try to keep as much in stable as i can
[21:07:54] <a13x> pickoder: thanks, it turned out i had encryption set to none in outlook
[21:08:54] <PcPixel> is anyone here implementing SPF on postfix?
[21:10:14] <pickcoder> I haven't configured the plug-in but our DNS is setup
[21:11:06] <PcPixel> my boss is wondering if we should implement it as well
[21:11:17] <PcPixel> at what point during the SMTP conversation does SPF kick in?
[21:11:54] <will> The beginning
[21:12:01] <PcPixel> "You had me at HELO"?
[21:12:11] <will> You had me @ EHLO
[21:12:17] <PcPixel> ;)
[21:12:34] <lunaphyte_> implementing spf checking in postfix doesn't have anything to do with you having an spf record for your domain(s)
[21:13:10] <PcPixel> so you would use SPF or reject_unknown_helo_hostname
[21:13:14] <PcPixel> but not both?
[21:13:20] <lunaphyte_> spf checking can't be done until after the envelope sender has been provided.
[21:13:34] <will> oh yeah heh
[21:13:49] <PcPixel> ok so you could actually do both
[21:13:58] <PcPixel> one is at HELO the other is at the "mail from"
[21:14:01] <pickcoder> the recommended method is a policy plug-in
[21:14:09] <PcPixel> yes, that much i did see.
[21:14:21] <PcPixel> is there a prefered one for postfix? openspf.org lists a few
[21:14:23] <pdragon> meh... guess i'll try the old stable version and see how it works.
[21:14:25] <lunaphyte_> you should always do rudimentary helo checks.  additionally doing spf checking can be helpful as well.
[21:14:34] <pickcoder> pdragon: just install the backports version
[21:14:40] <PcPixel> luna: i am. i am just getting a lot of flack from outside clients.
[21:14:41] <pickcoder> or build a sid backport
[21:14:52] <pickcoder> it wouldn't be on backports if it wasn't stable
[21:14:57] *** cedric33 has joined #postfix
[21:15:00] <cedric33> hi all
[21:15:04] <lunaphyte_> what sort of flack?
[21:15:30] <PcPixel> "Well, you can send mail to us and we can't send mail to you. Therefore, it's your problem. We aren't going to reconfigure our server."
[21:15:47] <cedric33> i use yaa autoirespondeur when i try to start the yaa demon i have  Daemon mode is not set in configuration file or command line options.
[21:15:48] <lunaphyte_> why can't they send mail to you?
[21:16:02] <cedric33> i think i not install one package but i don't know who
[21:16:10] <PcPixel> luna: they fail the reject_unknown_helo_hostname check
[21:16:10] <cedric33> thanks for your help
[21:16:36] <lunaphyte_> PcPixel: oh, i see.  yes, there are still a few of those out there.
[21:16:48] <pickcoder> I don't use that check
[21:16:49] <PcPixel> luna: Yes. and these two are adimant it is me.
[21:16:57] <rob0> EHLO/HELO has nothing to do with SPF. SPF compares the client IP and the sender domain against the sender domain's SPF record if any.
[21:16:59] <cedric33> nobody have any idea please?
[21:17:03] <PcPixel> pickcoder: ive blocked 31,361 invalid domains weith it
[21:17:18] *** havvg has quit IRC
[21:17:34] <PcPixel> ive had 19 false positives thus far
[21:17:41] <pickcoder> PcPixel: I ran into the same problem even with reject_invalid_hostname and reject_non_fqdn_hostname
[21:17:42] <rob0> And  IMO, SPF is not worth the trouble. Spammer domains always have perfect SPF.
[21:17:52] <PcPixel> rob0: really?
[21:17:58] <pickcoder> for business mail run by admins that couldn't turn a computer on if it had auto-start
[21:18:15] <will> rob0: eh, but you use it in conjunction with other technologies
[21:18:30] <lunaphyte_> PcPixel: i'd say chances are good that an email admin lacking enough clue to get his helo straight will not fair any better with spf records.
[21:18:52] <PcPixel> luna: they are usinf SPF, thats why my boss thought it might be better to go that route than what I'm doing currently
[21:19:05] <lunaphyte_> see what rob0 said already.
[21:19:19] * PcPixel nods
[21:19:32] <cedric33> i use yaa autoirespondeur when i try to start the yaa demon i have  Daemon mode is not set in configuration file or command line options.
[21:19:33] <pickcoder> PcPixel: whitelist the problem servers
[21:19:42] <PcPixel> pickcoder: thats what i have been doing
[21:19:50] <lunaphyte_> best bet, imho, is to get your boss on your side, and tell the other company where they can stick it.
[21:19:58] <pickcoder> or.. make your filter tighter and let it flow
[21:19:58] <PcPixel> pickcoder: the problem was theirs was being really odd and I didnt pick up how to whitelist it until today.
[21:20:09] <PcPixel> pickcoder: they wouldnt even call to talk to me or speak to me.
[21:21:02] * pickcoder gets mail from random gov servers that have no DNS
[21:21:06] <PcPixel> it just made it harder to fix without their help.
[21:22:06] <lunaphyte_> pickcoder: those are numbers messages
[21:22:19] <pickcoder> I doubt the DOD would listen to an IT director from small business
[21:22:32] <PcPixel> hell, i cant get a public school system to listen to me :)
[21:23:02] <pickcoder> lunaphyte_: it's valid business mail...
[21:23:25] <pickcoder> sometimes the machine happens to be from a specific branch that really has DNS but maybe no MX entry
[21:23:28] <lunaphyte_> on the surface...  but upon closer inspection...  :)
[21:23:37] <cpm> no MX is fine.
[21:23:45] <cpm> should 'just work'.
[21:23:52] <pickcoder> cpm: it does.. but those are the few
[21:23:58] <cpm> also get a lot of government agency stuff that has no MX
[21:24:01] <pickcoder> so I've had to drop a lot of the recommended rejection tests
[21:24:04] <cpm> no worries
[21:24:10] <cpm> pickcoder, such as?
[21:24:18] *** rootsvr has joined #postfix
[21:24:28] <pickcoder> non_fqdn_sender, non_fqdn_hostname, invalid_hostname
[21:24:33] <pdragon> pickcoder: thanks, didn't see you said it was in backports before. got it :)
[21:24:44] <cpm> yeah, I don't use those.
[21:25:06] <cedric33> nobody idea fro create a deamon yaa ? :'(
[21:25:18] <cpm> actually, no, they work. MX has nothing to do with that at all.
[21:25:21] <pickcoder> cedric33: I don't use autoresponders
[21:25:30] <cpm> yet
[21:25:31] <cpm> :)
[21:25:38] <pickcoder> cpm: it matters when there's no DNS at all
[21:25:55] <cpm> pickcoder, example?
[21:26:10] <pickcoder> I dunno.. do you really want me to dig through my gateway logs?
[21:26:22] <will> Yes, he does
[21:26:25] <pickcoder> :P
[21:26:36] <cpm> sure, you are claiming that such a thing exists, I am skeptical. burden of proof is on you.
[21:26:39] <cpm> :)
[21:26:41] <pickcoder> (some of them are foreign servers, btw)
[21:26:51] <pickcoder> we ship internationally
[21:26:56] <pickcoder> hold on
[21:27:03] * devdas uses those
[21:27:13] <cpm> devdas, uses which?
[21:27:16] <cpm> those rules?
[21:27:22] <cpm> those are good rules
[21:27:24] <devdas> non_fqdn_sender, non_fqdn_hostname, invalid_hostname
[21:27:29] <cpm> right.
[21:27:31] <PcPixel> yeah i use them too
[21:27:39] <PcPixel> i use almost everything & its been working reaosnably well
[21:28:13] *** madrescher has joined #postfix
[21:29:37] * sysmonk starts buying beer for friday
[21:30:02] * lunaphyte_ starts frying deer for friday.
[21:30:04] <cpm> it's reject_unknown_client that hung me out to dry a few times. I just warn on it.
[21:30:17] <cpm> fried deer?
[21:30:41] <PcPixel> oh wow, i never heard of that one before
[21:30:44] <PcPixel> interesting options
[21:30:47] <PcPixel> option rather
[21:30:55] <sysmonk> which one? fried deer?
[21:30:55] <sysmonk> ;)
[21:30:59] <cpm> yeah
[21:30:59] <pickcoder> jeez.. there's about 20X the amount of rejections to passing
[21:31:21] *** lysander has quit IRC
[21:31:40] <PcPixel> yeah im not using that one
[21:31:45] <PcPixel> dunno if i would
[21:31:57] <cpm> don't.
[21:32:31] <pickcoder> 64.136.84.178
[21:32:56] <pickcoder> looks to be a customer of ours
[21:33:15] <cpm> Centramedia Incorporated  not DOD
[21:33:30] <pickcoder> of course not
[21:33:30] <cpm> reject that nasty dog
[21:33:40] <cpm> or allow it in a map
[21:33:47] <cpm> put the rule back
[21:33:49] <pickcoder> there is no way for me to tell what the e-mail body is in the mail log
[21:33:54] <pickcoder> I can't
[21:33:58] <cpm> allow by specific as encountered if you have to.
[21:33:58] <pickcoder> I want to
[21:34:42] <cpm> there is no reason by RFC to accept mail from that host, fails all sanity checks (no PTR record for that IP address, imply strongly that it isn't being used, all active IP *should* have PTR records)
[21:35:05] <pickcoder> I've explained that and it doesn't matter
[21:35:20] <cpm> fine, accept mail from that IP, but put the rule back.
[21:35:32] <cpm> get a complaint, research it, apply an exception.
[21:35:47] <cpm> welcome to hell
[21:36:01] <PcPixel> cpm: i know. its awesome.
[21:36:10] <lunaphyte_> we serve fried deer here.
[21:36:15] <cpm> sounds tasty
[21:36:44] <pickcoder> here's another from an old white list.. 206.171.111.227
[21:36:53] <cpm> pickcoder, just fyi, no sane mail server would accept mail from that host, unless it's authing somehow
[21:36:54] <lunaphyte_> goes great with girl scout cookies.
[21:37:08] <pickcoder> cpm: I know that.. Unfortunately people use screwy mail services
[21:37:14] <cpm> that one is legit
[21:37:21] <lunaphyte_> especially when they're made with real girl scouts.
[21:37:21] <pickcoder> I get no DNS for it here
[21:37:34] <cpm> and how are you checking? exchange.corp.hakkousa.com
[21:37:50] <pickcoder> dig <ip>
[21:38:07] <devdas> dig -x ip
[21:38:12] <pickcoder> yeah
[21:38:18] <pickcoder> interesting
[21:38:22] <pickcoder> someone _fixed_ it
[21:38:26] <cpm> formal dig 227.111.171.206.in-addr.arpa IN PTR
[21:38:45] <cpm> informal dig -x 206.171.111.227
[21:39:14] <cpm> devdas, when did the -x switch show up?
[21:39:17] *** PcPixel has quit IRC
[21:39:33] <devdas> long time ago
[21:39:59] <cpm> been using the formal query forever. just started using -x fairly recently.
[21:40:20] <pickcoder> ok.. we'll see who complains
[21:40:22] * cpm misses nslookup
[21:40:29] <lunaphyte_> gtfo
[21:40:34] <lunaphyte_> nslookup is garbage.
[21:40:46] <pickcoder> I guess that's why it just started showing up on 'doze
[21:40:55] <pickcoder> dig will probably be in Win 7.0
[21:40:58] <pickcoder> :P
[21:41:15] <cpm> lunaphyte_, dunno, as an interactive shell, it was really handy.
[21:41:52] *** Southron has quit IRC
[21:41:53] <cpm> set the -s switch, and hammer away at a resolver, learn all there was to know.
[21:44:23] *** cpm has quit IRC
[21:44:31] *** PcPixel has joined #postfix
[21:44:49] <PcPixel> is there any correlation in the maillog about the service and the number in square brackets?
[21:45:01] <sysmonk> number is the pid...
[21:45:08] <PcPixel> ok
[21:45:18] <PcPixel> i ask becaus emy boss wants me to write a log analysis tool
[21:45:19] <lunaphyte_> what does -s do?
[21:45:41] <sysmonk> PcPixel: oh, i like that kind of bosses
[21:45:48] <sysmonk> that is i "like" them ...
[21:45:50] <lunaphyte_> oh, he left.
[21:45:54] <sysmonk> my old boss was like that
[21:45:56] <PcPixel> hehe
[21:46:01] <PcPixel> i know...
[21:46:09] <sysmonk> he wanted everything to be written from scratch
[21:46:19] <sysmonk> he wants monitoring - i offer him nagios and cacti
[21:46:21] <PcPixel> im going to import the logs into a database to pick them apart. wasnt sure if those were related to a specific email or not
[21:46:37] <sysmonk> he sticks to writing own perl daemons, storing the data in mysql, with 1 minute interval
[21:46:47] <sysmonk> for everything - temperatures, network traffic, disks and etc
[21:47:24] <pickcoder> PcPixel: what kinda of database
[21:47:26] <sysmonk> you want a sms daemon for notifications ? i offer him some software, but he sticks to writing own to do it ...
[21:47:50] <PcPixel> pickcoder: some kind of SQL. MSSQL or MySQL probably.
[21:47:57] <pickcoder> sysmonk: insecurity can lead to that
[21:48:07] <pickcoder> PcPixel: heh.. hope you have decent storage
[21:48:13] <PcPixel> ive got a tiny web server that has integrated SQL queries in it. not too powerful but makes for very rapid app development for database querying
[21:48:22] <sysmonk> pickcoder: sure, and his passwords lead to insecurity
[21:48:22] <sysmonk> ;)))
[21:49:57] * pickcoder thinks pick is better suited for data mining
[21:51:43] <PcPixel> i know im going tyo need the storage lol
[21:52:04] <PcPixel> if i was feeling masochistic, i'd do it in MS Access
[21:53:59] <pickcoder> raw XML
[21:54:04] <pickcoder> if you really want to be "portable"
[21:54:23] <pickcoder> just remember the 2GB file size limit on 32-bit systems
[21:55:10] *** unstable has joined #postfix
[21:55:23] *** devdas has left #postfix
[21:57:10] *** GoGi has quit IRC
[21:58:53] <unstable> So I just did apt-get install postfix on ubuntu, I have request tracker setup on this box. and I need to follow this guide: http://wiki.bestpractical.com/view/ManualEmailConfig ... so I need to setup aliases. so the MTA (postfix) forwards mail to RT, where is the proper place to put an alias? in /etc/aliases ?
[21:59:07] <unstable> "rt: "|/opt/rt3/bin/rt-mailgate --queue general --action correspond --url http://localhost/rt"
[21:59:25] <unstable> " .. I just append lines like that to the end of /etc/aliases, and and postfix will see that and forward to RT?
[21:59:28] <pickcoder> aliases
[21:59:42] <pickcoder> whereever they are configured
[21:59:45] *** supastuff_ has joined #postfix
[22:00:35] <pickcoder> !alias_database
[22:00:36] <knoba> pickcoder: "alias_database" : a configuration parameter in the main.cf: The alias databases for local(8) delivery that are updated with "newaliases" or with "sendmail -bi".
[22:02:52] *** hparker has quit IRC
[22:03:25] *** pirho has joined #postfix
[22:04:23] <unstable> pickcoder: So I add those lines to /etc/postfix/main.cf , at the end?
[22:05:57] <pickcoder> unstable: postconf alias_database
[22:06:03] <pickcoder> what is the current setting?
[22:06:23] <unstable> alias_database = hash:/etc/aliases
[22:10:28] <unstable> pickcoder: http://pastebin.com/m1faa86c5 .. is that right?
[22:15:04] <pickcoder> |"command opt opt2"
[22:15:17] *** VaNNi has quit IRC
[22:15:46] *** lunaphyte__ has joined #postfix
[22:16:22] *** _supastuff_ has quit IRC
[22:17:25] *** lunaphyte_ has quit IRC
[22:18:45] *** pirho_ has joined #postfix
[22:24:47] *** pirho has quit IRC
[22:25:06] *** pgega has joined #postfix
[22:25:22] *** pgega is now known as pg
[22:26:31] <pg> Hi there I am new to postfix , i ve configured it for localhost users, and postfix relays to localhosts, logs give me status=sent but mail is not written to /var/mail directory.
[22:27:33] *** skor has joined #postfix
[22:34:11] *** VaNNi has joined #postfix
[22:34:35] *** dembug has quit IRC
[22:36:20] *** pitakill has quit IRC
[22:40:36] *** lysander has joined #postfix
[22:43:03] *** pgega_ has joined #postfix
[22:47:16] <pickcoder> !home_mailbox
[22:47:18] <knoba> pickcoder: "home_mailbox" : a configuration parameter in the main.cf: Optional pathname of a mailbox file relative to a local(8) user's home directory.
[22:47:18] *** Trengo has quit IRC
[22:47:19] <pickcoder> !mailbox_command
[22:47:20] <knoba> pickcoder: "mailbox_command" : a configuration parameter in the main.cf: Optional external command that the local(8) delivery agent should use for mailbox delivery. The command is run as the recipient. Exception: command delivery for root executes with $default_user privileges.
[22:48:27] *** jellis-real has quit IRC
[22:48:51] <pickcoder> how can I specify an smtp bounce destination
[22:49:20] <pickcoder> !2bounce_notice_recipient
[22:49:21] <knoba> pickcoder: "2bounce_notice_recipient" : a configuration parameter in the main.cf: The recipient of undeliverable mail delivery error reports. This feature is enabled with the notify_classes parameter.
[22:49:45] <pickcoder> the docs says that it's for undeliverable mail that cannot be returned to sender
[22:50:03] <pickcoder> what if the sender is available, but I just want specific errors to go elsewhere
[22:50:36] *** PcPixel has quit IRC
[22:56:16] * pickcoder has too many mail boxes and relays
[23:00:14] *** pg has quit IRC
[23:05:05] *** hever has joined #postfix
[23:06:19] *** Azrael has joined #postfix
[23:11:22] *** pgega_ has quit IRC
[23:14:44] <pickcoder> when I get bounces for a specific user, I'm getting duplicate bounces. I think the bounce is going to Postmaster and <user>. both them are aliased to my pop account on that server.
[23:14:58] <pickcoder> s/them/they
[23:21:13] *** FuriousGeorge has joined #postfix
[23:21:21] <FuriousGeorge> hey all
[23:25:33] *** pitakill has joined #postfix
[23:30:50] <pickcoder> ugh.. this is driving me nuts
[23:32:38] *** Grufft3ch has joined #postfix
[23:33:45] <pickcoder> why in the heck am I getting double-bounce
[23:34:04] *** AcTiVaTe has joined #postfix
[23:40:38] *** j_s has quit IRC
[23:40:43] <Grufft3ch> ?
[23:42:41] <pickcoder> if I set error_notice_recipient and bounce_notice_recipient to the same user and specify bounce,software,resources  as notify_classes should root (postmaster) get bounce notices?
[23:43:31] <pickcoder> (provided "the same user" is not root or postmaster)
[23:53:05] *** Motoko-chan has joined #postfix
[23:54:21] *** Fallenou has quit IRC
[23:54:52] *** tshine has quit IRC
[23:55:12] *** tshine has joined #postfix
[23:59:42] *** tshine_ has joined #postfix





top