August 5, 2008 
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31
August 5, 2008 [00:00:16] <hesco> ok, I'll do that. Thanks for your leads today. I'll head out to dinner myself, then. [00:00:35] *** toytoy has joined #postfix [00:01:24] *** toytoy has quit IRC [00:03:07] *** xnixan has joined #postfix [00:05:13] *** Ryushin has quit IRC [00:08:37] *** |KaV| has quit IRC [00:12:52] *** dogmeat has quit IRC [00:13:06] *** BlackBishop has joined #postfix [00:13:13] <BlackBishop> Aug 5 01:12:32 godzilla postfix/postfix-script[682]: fatal: the Postfix mail system is not running [00:13:13] <BlackBishop> Aug 5 01:12:32 godzilla sendmail[684]: My unqualified host name (localhost) unknown; sleeping for retry [00:13:17] <BlackBishop> I funked it up again :| [00:14:53] <BlackBishop> and now I fixed it again .. [00:18:44] *** BlackBishop has quit IRC [00:20:04] *** toytoy has joined #postfix [00:26:34] *** dMaggot has joined #postfix [00:27:30] <dMaggot> hey guys, I want to hold messages going to yahoo, but postfix seems to be ignoring the following commands [00:27:43] <dMaggot> smtpd_recipient_restrictions = [00:27:43] <dMaggot> reject_unauth_destination [00:27:43] <dMaggot> check_recipient_mx_access regexp:/etc/postfix/recipient_access [00:27:57] <dMaggot> my recipient_access map is working cool [00:28:07] <dMaggot> (triend postmap -q) [00:30:02] *** dusty has joined #postfix [00:42:00] *** hparker has quit IRC [00:43:16] *** gcleric has quit IRC [00:45:47] <xpoint> dMaggot, in what way do you want to hold ? [00:45:58] <dMaggot> put those in the hold queue [00:45:58] *** pickcoder has quit IRC [00:46:07] <xpoint> why ? [00:46:34] <dMaggot> 'cuz I need to process those later on [00:46:56] *** Tykling has left #postfix [00:47:03] <xpoint> does not say much about why [00:47:30] <xpoint> not always on mail server ? [00:47:30] <dMaggot> makes no difference, I just need a method to do so [00:48:00] *** Vi5in has joined #postfix [00:48:05] <Vi5in> Hello [00:48:12] <xpoint> 42 [00:48:20] <Vi5in> my problems are solved! thanks! [00:48:26] *** kreg_work has joined #postfix [00:48:29] <xpoint> good [00:48:33] <Vi5in> ;) anyway, [00:48:58] <kreg_work> there a normal way to bounce an email back to notify sender of a new address? [00:49:18] <kreg_work> like "mailbox no longer exsists, please email support at domain dot com" [00:49:29] <kreg_work> bad example......... [00:49:34] <Vi5in> i've installed postfix on my system. [00:49:52] <kreg_work> i want to change a mailbox i've been using called dcc at domain dot com. I used to receive all my support cases there [00:50:07] <Vi5in> when i test the set up with telnet localhost 25 and doing commands to send/receive mail, it works. but I can't send anything through mutt. it says mail sent, but nothing gets sent [00:50:13] <kreg_work> now i want incoming messages to dcc at domain dot com to be send to support at domain dot com and eventually kill dcc at domain dot com [00:50:50] <Landon> kreg_work: just forward the mail? [00:50:55] <kreg_work> obviously easy to get the mail delviery to work. that's in place so i don't lose mail. but i want the senders to be notified of the change [00:51:00] <kreg_work> Landon: ya that's done. [00:51:03] <Landon> and then switch all mentions of it to support@domain [00:51:17] <Landon> and eventually turn it off when you stop getting email to it [00:51:30] <kreg_work> wondering if there is a way to auto response "fyi, from now on please email support" [00:52:05] <kreg_work> we have switched all mentions. flyers, websites, etc. but old habbits won't die [00:54:38] <Vi5in> i have a question about local_recipient_maps in main.cf [00:54:54] <Vi5in> I did newaliases and that creates /etc/aliases.db, right? [00:55:56] *** adie_ has joined #postfix [00:55:56] *** adie has quit IRC [00:59:22] *** diabollo_ is now known as diabollo [00:59:53] *** war9407 has quit IRC [01:00:11] *** Zblakany has joined #postfix [01:01:35] <Vi5in> hello? [01:02:11] <Trengo> yesh? [01:03:24] *** x3me has joined #postfix [01:03:26] <x3me> hi [01:03:46] <x3me> I'm using postfix + mailscanner and I have a problem when blockin the attachments... [01:04:07] <x3me> the problem is: postfix receives the mail to 20 recipients per example on a unique ID [01:04:16] <x3me> and HOLD's to Mailscanner [01:04:24] <Vi5in> i have a brand new postfix set up [01:04:30] <Vi5in> and i'm trying to create aliases [01:04:37] <x3me> so, mailscanner reads that ID and apply the same rule for attachments to all the 20 recipients.. [01:04:48] <x3me> solucttion I've configured: running 2 instances of postfix [01:04:56] <Vi5in> I did "newaliases" but i am not entirely sure what that does. does it create it off the /etc/passwd? [01:05:09] *** dMaggot has left #postfix [01:05:10] <x3me> the first, receives the email and split them into one per one.. and them send to the other who run mailscanner ... [01:05:14] <Vi5in> doh /etc/aliases i mean [01:05:17] <x3me> anyone haves another soluction? [01:06:25] <Vi5in> So I ran newaliases and now it creates /etc/aliases.db [01:07:16] <Vi5in> does that take into account all the users i have on the box then? [01:07:47] <Vi5in> I guess my question is are there any other steps I need to take? and also, what would be relevant changes in main.cf [01:15:14] *** martiancode has quit IRC [01:16:29] *** brancaleone has joined #postfix [01:16:51] <Vi5in> ... alright [01:16:59] <Vi5in> what is the syntax for the virtual maps? [01:17:04] <Vi5in> in /usr/local/etc/postfix/virtual? [01:19:09] <higuita> @domain @mapped_domain [01:19:23] <higuita> email@domain email@new_domain [01:19:36] <higuita> @domain email@new_domain [01:20:19] <Vi5in> higuita: thanks! [01:21:33] <higuita> of course, assuming you are using hash [01:21:45] <higuita> you can use regexp, pcre, etc, etc [01:22:16] <Vi5in> higuita: i only had a few, so I just wrote them out as email: username? [01:22:40] <higuita> remove the : and its perfect [01:23:24] <Vi5in> oh, ok! [01:23:26] <higuita> you can check the virtual man page (man 5 virtual) [01:23:31] <Vi5in> sweet, thanks a bunch [01:23:42] <Vi5in> i also did newaliases after i made some changes to /etc/aliases [01:24:33] <higuita> yes, newsaliases is for the aliases file, postmap is for all other hash files (like the virtual) [01:25:16] <higuita> of course, regexp, pcre and other dont need postmap (hash and btree are the one that need it) [01:27:24] <Vi5in> ah ok. i'm testing now by sending myself some mail [01:27:38] *** magyar has joined #postfix [01:28:38] <Vi5in> awesome :) looks like i am receiving mail! [01:28:42] <Vi5in> now let me try sending from my box [01:29:53] <Vi5in> hmm... some trouble [01:30:16] <Vi5in> higuita: i am using a relay service from dyndns and it requires me to authenticate... i've kinda forgotten how to do that. would that setup exist in main.cf? [01:31:39] *** JoeWulf has joined #postfix [01:34:30] *** Jense has quit IRC [01:48:16] <higuita> Vi5in: you need to setup the sasl in the smtp client [01:48:24] <higuita> you need to check some howto [01:48:41] <higuita> you can see the options avaiable with postconf |grep sasl|grep smtp_ [01:49:46] <Vi5in> higuita: yeah, i tried that. but it says i need to authenticate. i followed all the isntructions here: [01:49:53] <Vi5in> http://www.dyndns.com/support/kb/mail_servers_and_mailhop_outbound.html#postfix [01:51:27] *** mavrick61 has joined #postfix [01:56:26] *** F6F has quit IRC [01:57:02] *** brancaleone has quit IRC [02:04:38] *** littlebird has quit IRC [02:05:03] *** chadmaynard has joined #postfix [02:15:01] <higuita> Vi5in: that howto seems correct [02:15:05] <higuita> check and recheck everything [02:15:22] <Vi5in> higuita: yeah, that's what i'm doing right now. i will look at this later i guess. right now i am going to get dinner [02:15:25] <Vi5in> thanks for your help! [02:15:45] <higuita> check the logs and if needed try to hand connecto to the server and do the authentication [02:18:28] *** Zblakany has quit IRC [02:20:52] *** stephelton has left #postfix [02:32:56] *** meshugga has quit IRC [02:33:02] *** meshugga has joined #postfix [02:35:41] *** Haris1 has quit IRC [02:42:16] *** meshugga has quit IRC [02:45:21] *** los415 has joined #postfix [02:45:58] *** los415 has left #postfix [02:47:27] *** meshugga has joined #postfix [02:52:19] *** amrit|wrk is now known as amrit|bbl [02:57:13] *** x3me has quit IRC [02:57:41] *** x3me has joined #postfix [02:59:47] *** JT has joined #postfix [03:04:30] *** Juspion has joined #postfix [03:14:40] *** x3me_ has joined #postfix [03:19:12] *** rcsu_ has joined #postfix [03:25:21] <JT> does postfix have the ability to accept email for a virtual user based on a regex? [03:25:42] <JT> or is it a choice of specific email addresses only vs. catchall [03:28:21] *** Juspion has quit IRC [03:30:33] *** x3me has quit IRC [03:31:21] *** githogori has quit IRC [03:35:19] *** rcsu has quit IRC [03:38:16] *** JoeWulf has quit IRC [03:38:33] *** pirho has quit IRC [03:40:51] *** cilly has quit IRC [03:41:16] *** ming_zym has joined #postfix [03:43:12] *** CodemasterMM has joined #postfix [03:46:30] *** gonewestcoast_ has quit IRC [03:48:47] *** stickystyle has joined #postfix [03:50:14] *** Codemaster has quit IRC [04:00:24] *** mavrick61 has quit IRC [04:01:32] *** mavrick61 has joined #postfix [04:05:03] *** Haris has quit IRC [04:05:34] *** Haris__ has joined #postfix [04:05:37] *** Knoedel2 has quit IRC [04:08:26] *** cilly has joined #postfix [04:08:27] *** m1n3s6 has joined #postfix [04:26:52] *** JoeWulf has joined #postfix [04:27:20] *** SnakeO2 has quit IRC [04:34:14] *** Slashman has quit IRC [04:37:41] *** x3me_ has quit IRC [04:39:20] *** x3me_ has joined #postfix [04:45:30] *** cilly has quit IRC [05:21:58] *** stickystyle has quit IRC [05:23:26] *** Haris__ is now known as Haris [05:25:08] *** dusty has quit IRC [05:26:00] *** dusty has joined #postfix [05:26:06] *** Haris1 has joined #postfix [05:31:13] *** JoeWulf has quit IRC [05:32:07] *** hparker has joined #postfix [05:33:52] *** McJerry has quit IRC [05:38:35] *** keffer has quit IRC [05:40:11] *** keffer has joined #postfix [05:41:03] *** pickcoder has joined #postfix [05:45:18] *** goldfisc1li has joined #postfix [05:46:30] *** ki__ has left #postfix [06:01:21] *** goldfischli has quit IRC [06:05:12] *** rcsu_ has quit IRC [06:13:20] *** hparker has quit IRC [06:19:29] *** sbathe_ has joined #postfix [06:25:40] *** pickcoder has quit IRC [06:32:41] *** jdrake has joined #postfix [06:43:19] *** Motoko-chan has joined #postfix [07:00:46] *** x3me_ has quit IRC [07:11:02] *** w0rd54 has quit IRC [07:11:17] *** w0rd54 has joined #postfix [07:44:51] *** EasilyOdd has quit IRC [08:02:01] *** internat1 has joined #postfix [08:02:27] *** DarklyCute has joined #postfix [08:02:44] *** sophokles has joined #postfix [08:03:25] *** Internat has quit IRC [08:03:44] *** tshine has quit IRC [08:04:27] *** Zeit|awy_ has quit IRC [08:05:44] *** githogori has joined #postfix [08:07:22] *** phnord has joined #postfix [08:13:28] *** chadmaynard has quit IRC [08:13:42] *** littlebird has joined #postfix [08:18:14] *** rnix has left #postfix [08:20:39] *** Motoko-chan has quit IRC [08:32:04] *** Filbert has joined #postfix [08:35:28] *** internat1 has quit IRC [08:35:44] *** Internat has joined #postfix [08:36:03] *** gonewestcoast has joined #postfix [08:36:11] *** Pazzo has joined #postfix [08:43:47] *** syneus has joined #postfix [08:45:05] *** bhagat has joined #postfix [08:48:39] *** Nathariel has joined #postfix [08:48:45] *** Nappy has quit IRC [08:53:37] *** majikman has quit IRC [08:54:13] *** majikman has joined #postfix [09:01:17] *** smultron has joined #postfix [09:08:05] *** DarklyCute has quit IRC [09:11:05] *** j_s has joined #postfix [09:26:44] *** Sun has joined #postfix [09:27:26] *** amrit|bbl is now known as amrit|zzz [09:34:38] *** Roobarb has quit IRC [09:37:51] *** Roobarb has joined #postfix [09:39:18] *** Jense has joined #postfix [09:41:18] *** gonewestcoast has quit IRC [09:42:30] *** Sun has quit IRC [09:58:23] *** kRocKodile has joined #Postfix [09:58:36] *** war9407 has joined #postfix [10:11:43] *** cilly has joined #postfix [10:18:30] *** alienbrain has joined #postfix [10:27:58] *** madrescher has quit IRC [10:51:33] *** F6F has joined #postfix [10:59:23] *** Slashman has joined #postfix [11:04:23] *** Zeit|awy has joined #postfix [11:10:14] *** martiancode has joined #postfix [11:34:27] *** cilly has quit IRC [11:45:39] *** cilly has joined #postfix [11:49:40] *** madrescher has joined #postfix [11:55:56] *** jgreig has joined #postfix [11:58:10] <sysmonk> uber silent today [11:58:28] <jgreig> hey guys I work for a hosting company, we have a postfix mail gateway for dedicated/virtual customers. Recently a malicious south african 419 scammer spammed via our mail gateway (he was a customer at the time). As a result our IP was blocked by hotmail/live for a day or two. We were wondering if it was possible to have a 'pool' of IPs that can be used on postfix as sending IPs, is this straight forward? or is it easier to just alter the smtp_bind_addr [11:58:31] <Trengo> you broke the silence [11:58:39] *** kk_CHN has joined #postfix [11:58:46] <sysmonk> damn it [11:59:18] <jgreig> if you broke the silence i just nuked it. [11:59:26] <sysmonk> jgreig: ye [11:59:32] <sysmonk> jgreig: about the pool - not that i know of [11:59:43] <sysmonk> we just change the bind addie [11:59:59] <jgreig> fair enough, that's what I thought [12:00:11] <jgreig> i did find this, though it's slightly different to what I need [12:00:15] <jgreig> http://www.jpuddy.net/2008/05/19/how-to-email-from-specific-ips-using-linux-and-postfix/ [12:00:59] <sysmonk> yuk [12:01:10] <sysmonk> i think it would be a LOT easier and cleaner to do it on firewall side [12:01:20] <sysmonk> i.e. nat'ing through a pool of ip's [12:01:43] <sysmonk> so each time a connection to host * port 25 would go through a random ip [12:02:46] <jgreig> heh, that's a good idea [12:03:13] <jgreig> i'll try and leech a pix or asa from somewhere in the building:) [12:03:31] <sysmonk> or do that on the server side [12:03:31] <sysmonk> ;) [12:05:00] <jgreig> noted, thanks for the advice;) [12:05:26] <shasta> keep in mind that it would require some main.cf tweaks too [12:05:48] <shasta> as you should accept emails to username at 1 dot 2.3.4 [12:06:37] *** McJerry has joined #postfix [12:06:50] *** fbe has joined #postfix [12:06:53] <sysmonk> shasta: yeah, and send them to the nearest /dev/null pseudo device [12:06:53] <sysmonk> ;) [12:07:31] <jgreig> cheers, it's literally just an smtp gateway out of the network [12:09:47] <fbe> simple question: is it possible to apply RCPT TO restrictions based on the MAIL FROM ? [12:10:38] <sysmonk> um, what? [12:12:01] *** rootsvr has joined #postfix [12:12:06] <jgreig> is it possible to stop people coming into my house if they're already in my kitchen? [12:12:13] <dragonheart> fbe e.g. only jack can email jill? [12:12:16] <sysmonk> jgreig: yes [12:12:31] <sysmonk> jgreig: read access(5) manual page [12:12:42] <jgreig> will do, cheers [12:12:43] <fbe> i want some user (without smtp auth) to be restricted to only some domains for rcpt to. [12:12:57] <sysmonk> and gun(4) man page :P [12:13:19] <fbe> I know it's clearly not a good way to implement this (direct connection and fake mail from will bypass this). but that's not the question here [12:13:25] <sysmonk> fbe: you might want to look into restriction classess [12:13:29] <sysmonk> !restriction_classess [12:13:30] <knoba> sysmonk: Error: "restriction_classess" is not a valid command. [12:13:32] <sysmonk> !restriction_classe [12:13:32] <knoba> sysmonk: Error: "restriction_classe" is not a valid command. [12:13:33] <sysmonk> !restriction_class [12:13:34] <knoba> sysmonk: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html [12:13:39] * sysmonk is a flooder [12:13:52] <dragonheart> so what package contains gun? [12:14:40] <sysmonk> dragonheart: it's gun(4) [12:14:42] <sysmonk> note the 4 [12:14:43] <fbe> thanks, will read this. [12:22:08] <idle-boy> i have a server with 2 public IP, each has a domain, i want to configure postfix to sending emails using 2 domains and 2 IP, [12:22:14] <idle-boy> for ex/ 1.2.3.4 --> example1.com, and 1.2.3.5 --> example2.com, any idea ? [12:24:14] *** morpheus08 has joined #postfix [12:26:46] <morpheus08> there is someone who speaks italian, can write in italian for a configuration problem for postfix as slave? [12:28:30] *** plee has quit IRC [12:28:42] *** CodemasterMM has quit IRC [12:32:48] *** shinao1 has joined #postfix [12:33:06] <fbe> you seems to be all smart people here ;-), so I will try one other stupid question (the first is resolved, thanks again): is there a way to force the relaying through a relay_host event if the destination is my_domain, and so for certain "mail from" values ? [12:34:22] <f3ew> for mail from? use a check_sender_access and a FILTER response [12:34:39] * f3ew also suggests using more domains and aliases [12:37:31] *** Nockian has quit IRC [12:37:45] * fbe should buy a new book "postfix in 5 minutes" [12:41:51] *** hever has joined #postfix [12:47:22] <fbe> f3ew: yeah, more domain would be better but this will be temporary during a migration in a rather tortured customer mail setup. (using msmail and pop fetch actually, yes, the precursor of ms exchange; 10 years back...) [12:48:03] <fbe> since we have other application wo need (in database) the final adress, if I can go from the start with the final adress it's way easier. [12:48:19] <f3ew> fbe, I meant using a subdomain to control mail routing [12:48:24] <f3ew> It's transparent to the end user [12:48:52] * fbe is really going to buy a book on postfix ... [12:49:22] <fbe> I don't know about that. any howto somewhere ? (until the book arrives) [12:49:59] <f3ew> fbe, relaying is controlled by recipient domain, so you just alias [12:50:07] <f3ew> foo: foo at sub dot example.com [12:50:31] <f3ew> Also see http://www.postfix.org/STANDARD_CONFIGURATION_README.html#some_local if it applies [12:52:18] *** mark-use has joined #postfix [12:54:38] *** Draecos has joined #postfix [12:57:33] *** stickystyle has joined #postfix [12:59:29] *** hparker has joined #postfix [13:02:30] *** m1n3s6 has quit IRC [13:11:11] *** McJerry has quit IRC [13:17:16] *** dusty has quit IRC [13:24:27] <milligan> I have SPF enabled on a domain. If a SPF rule hits and is valid, should it mark the header about the email originating from a valid destination, or will it just go through without any more "fuss" ? [13:25:01] *** Danskmand1 has joined #postfix [13:25:52] *** cpm has joined #postfix [13:26:36] *** download123 has joined #postfix [13:27:29] <download123> hey [13:27:34] <download123> I need help [13:27:47] *** dusty has joined #postfix [13:28:05] <milligan> download123, Take a left on the first corner, first building on the right hand side. [13:28:30] <download123> haha.. [13:28:50] <sysmonk> or hire a sysadmin! [13:29:19] <download123> i got problems with my postfix, so i looked at the mail.log and omg its got 60000 lines only from today [13:29:51] <milligan> if those lines are error messages, ouch. If they are logs of incoming email,jummy :) [13:30:11] <Danskmand1> What does it say ? - always the same lines ? - do they repeat ? [13:30:25] <dragonheart> milligan: spf verification can mark a header like http://tools.ietf.org/html/draft-kucherawy-sender-auth-header-15 however its really up to the implementation/configuration as to what it does with the email [13:30:25] <download123> all i got from the log was that postfix tries to connect to muliple hosts but allways gets refused because of some spamhouse list [13:31:38] <Danskmand1> Does your ISP have a smart host that you could send the mails to ? (you shouldnt send the mails directly to the receiver...) [13:32:10] <download123> some lines look like this localhost postfix/qmgr[7691]: 1754D12200D7: from=<ubaxsjlri at albrecht-kienemund dot de>, size=26686, nrcpt=1 (queue active) what should this say to me is postfix trying to send an email to xy? [13:32:29] *** hacim has joined #postfix [13:33:07] <hacim> someone has just sent a phishing attempt to all of our users, I would like to block any outgoing mail to that particular user, can that be done? [13:33:20] <download123> the problem is that the postfix is running on a hetzner server that was installed years ago [13:34:06] <Danskmand1> Unless your domain is albrecht-kienemund.de, it looks like you are a spamming the internet..... [13:34:07] *** stickystyle has quit IRC [13:34:08] <e_> hm, is there a tool to print out a mail in my queue to the console? [13:34:23] <f3ew> postcat [13:34:29] <e_> ah, great [13:34:31] <e_> thank you [13:35:21] <e_> ehm, which file should i give to it? [13:35:38] <hacim> e_: mailq queueid [13:35:48] <sysmonk> postdog [13:35:54] <hacim> postdog? [13:35:59] <e_> hehe [13:36:19] <e_> hacim: hm, that should be the first thing in the output line of mailq, right? like "0C02518B8757" [13:36:24] <e_> if i do that, nothing happens [13:36:24] <hacim> yes [13:36:30] <download123> Danskmandl oh thats what i purposed ... how can i stop that ? or find out what has happend the server was running for years without problems [13:36:30] <hacim> postcat -q 0C02518B8757 [13:37:10] <e_> no output [13:37:14] *** brancaleone has joined #postfix [13:37:25] *** cpm has quit IRC [13:38:05] * e_ scratches head [13:39:21] <download123> how can i stop that someone is sending spam using my postfix. I tested it over telnet and get refused but the log says that other people get it working [13:39:25] *** cpm has joined #postfix [13:39:32] <milligan> dragonheart, ok, sounds good. I guess it's configured to only mark on fail. How would I set it up to mark email with OK messages aswell ? [13:39:49] <Danskmand1> Well, I am myself a starter with postfix, but know Lotus Domino very well....The server has been running very well for years - until "someone" found out that it could use your server as an "open relay" - which means that "he" can use your server to spam thousands of addresses....Could also be that they found out how to get around your anti-spam settings.... [13:40:46] <dragonheart> milligan: are you doing the verification? I guess it depends on what software you're using. [13:40:58] <e_> wtf.. if i strace it i can see the mail being written to stdout ^^ [13:41:08] <download123> sounds bad as first action i will stop postfix [13:41:33] <f3ew> download123, LOGS? [13:41:50] <Danskmand1> So,it could be that some of the people you spamed found out that it was through your server that they got this spam - and told "spamhouse" that you are an open relay.....Once you are on this list, many servers will reject your emails because you are on this list.... [13:41:59] <download123> f3ew ? what do you mean [13:42:34] <download123> Danskmandl sounds logical [13:42:44] <Danskmand1> What I am telling you is what I *think*, I dont know it because I have not seen your log-files.... [13:42:49] <download123> so i have to stop that other people use my server as an open relay [13:43:02] <Danskmand1> Right.... [13:43:40] <e_> selinux [13:43:45] <Danskmand1> Is it a big server ? - is it a big company with many users ? [13:43:51] <download123> noe [13:43:53] <download123> no [13:44:33] <download123> its a small company .. i don't even know if the emails of the company run through this server [13:44:39] <milligan> dragonheart, I'm running the dns server :) I've set up an SPF record (TXT), and it appears to be working. I'd just like some kind of verification. [13:45:05] <download123> i hope i din't kill all mail transfers :P [13:45:10] <Danskmand1> Ok...Then I would also find out what the smtp-smart host for your ISP is, since many servers dont want to receive emails from servers directly, better from the ISP's.... [13:45:51] <dragonheart> milligan: http://www.openspf.org/Tools email based testers - send email there and look at the response [13:46:29] <download123> Danskmand1 as far as i see the server is configured to use an ISP from Hetzner but the ISP also rejects requests ;) [13:47:01] <Danskmand1> But first, show your Log-files (parts of it) - all I told you up to now is only theory, since we havent seen your logfiles ! [13:47:19] <Danskmand1> But I need to leave now ..... be back later .... [13:47:20] <download123> okay.. latest entries ? [13:47:25] <download123> well [13:47:33] <download123> thank you for your help [13:47:39] <Danskmand1> Right ....latest entries.... [13:48:11] <Danskmand1> And have a look at your main.cf of postfix... [13:48:28] <Danskmand1> Thats the main config file.... [13:48:40] <Danskmand1> You are welcome :-) - Have fun ! [13:48:51] <Danskmand1> I will ask my question later :-) [13:49:03] *** cilly has quit IRC [13:49:34] <milligan> dragonheart, cheers mate. I'll do some more digging :) [13:50:11] *** stickystyle has joined #postfix [13:50:48] <download123> anyone a link from a service where i can post the log [13:51:11] <phnord> paste.debian.net [13:51:12] *** stickystyle has quit IRC [13:52:57] <download123> http://paste.debian.net/13937/ [13:53:06] <hacim> anyone know how I can block on the postfix level sending TO a particular address? [13:53:07] <download123> the last few entries [13:58:03] <download123> is my interpretation correct that someone tries to send emails over my server over smtp to AnneBauer at currentmail dot com and KarlEnderbvurp at myfirstmail dot com etc? [13:58:27] *** cilly has joined #postfix [14:01:00] <download123> no one left? [14:01:09] <sysmonk> how much money you have? [14:02:18] <download123> at the moment none [14:04:17] <cpm> Not sure I understand. the server @ 213.239.211.232 is blacklisted. [14:05:51] <download123> jep [14:06:07] <download123> well .. this is my server [14:06:13] <shasta> hacim, check_recipient_access of course [14:07:06] <cpm> it's listed in the cbl, http://cbl.abuseat.org [14:07:08] <cpm> my question is why? [14:07:16] <cpm> you are acting as an open relay? [14:08:20] <download123> sems so .. i don't realy know [14:08:53] *** noneo has joined #postfix [14:09:42] <download123> it seems as if the server is spamming [14:09:55] <download123> prob is i don't know how its done [14:10:06] <shasta> you shouldn't run a mailserver then [14:10:21] <shasta> sad but true [14:10:29] * shasta sings to the metallica's tune [14:10:33] <hacim> shasta: ok, great....thanks. one last related question: check_sender_access is the email address that the message claims to be from, and check_client_access is the actual ip or host of the machine that the message is coming from? [14:10:52] <download123> well .. what i wanted to say is that i tryed to use it as an open relay .. and get refused [14:11:09] <shasta> hacim, man 5 postconf has the answers you need [14:11:27] <hacim> in otherwords, this scammer is impersonating "info at mail dot com", and that is not a valid address, so I would add a line to check_sender_access to REJECT that, and add a line to REJECT the last hop in the header in check_client_access [14:12:05] <hacim> right, man 5 postconf... just was reading it, and wanted to verify what I found [14:15:15] <hparker> download123: Is the same system the router for the LAN with 'doze systems behind it? [14:15:46] <download123> no its a webserver (root server) [14:15:51] <download123> hparker [14:15:53] <cpm> ah ha [14:15:58] <hparker> Bad scripts? [14:16:09] * cpm wouldn't bet against it. [14:16:13] <hparker> Any email forms? [14:16:31] <download123> no script [14:16:40] <cpm> is it running php at all? [14:16:49] <download123> php is running [14:16:56] <hparker> does it have users other then you? [14:17:03] <cpm> check the box to see if it has been rooted [14:17:12] <hparker> and that [14:17:46] <download123> hparker its the rootserver of the company but normaly no one else is on the system than me [14:17:54] <download123> cpm witch box? [14:18:21] <download123> sry i'm not that close with linux [14:19:24] <hparker> If it's for a company they ought to pay for a competent admin to run it :P [14:20:13] <hparker> How long have you been listed? [14:20:34] <download123> :-P my opinion .. but the company is to small and the normal admin is on vacations [14:21:04] <hparker> Admins carry laptops on vacation... just in case... [14:21:37] <hparker> You're going to need to go through the logs and see if you can figure out where the mail is coming from that's causing the problems [14:23:04] <cpm> hparker, he's only been listed for a few hours, so the hack probably happened recently. [14:23:20] <hparker> ahh... Then should still be in the logs [14:23:31] <cpm> <download123> sry i'm not that close with linux [14:23:36] <cpm> then you need to find someone who is. [14:23:52] <hparker> yup [14:23:52] <cpm> contact the on-vacation admin [14:24:10] <download123> Aug 4 17:58:25 localhost sshd[31400]: reverse mapping checking getaddrinfo for 75.25-183.uio.satnet.net failed - POSSIBLE BREAKIN ATTEMPT! [14:24:16] <download123> fine .. :P [14:24:35] <hparker> That's just a normal ssh attack [14:24:42] <cpm> yeah, nothing to see there. [14:24:55] <cpm> just for fun, pastebin the output of the command: [14:24:58] <cpm> qshape all [14:25:17] <hparker> Seriously, admin's can't travel without a way to connect back.. especially if they're the only admin [14:25:33] <cpm> qshape deferred rather [14:25:45] <cpm> quite so. [14:26:00] <download123> hparker .. if the boss knows that something like that can happen .. etc [14:26:19] <hparker> now he knows [14:26:53] <download123> ;) [14:27:12] <hparker> I used to carry my laptop just for weekend camping trips... Drive 5 miles to find a cell a few times a day to check voice mail... You never know [14:27:57] <hparker> when you are the single point of failure.... [14:28:05] * xpoint uses fail2ban to get the fun last longer :) [14:28:51] <hparker> that's something for the normal admin to deal with [14:28:53] *** ming_zym has quit IRC [14:29:03] <hparker> download123: time to get the boss to call the admin [14:29:22] <cpm> cracks happen, fact of life. get over it. [14:29:40] <hparker> practice safe hex [14:29:45] <xpoint> cpm, he yeps [14:29:48] <download123> on my home system fail2ban runs .. hmm.. why is nobody installing such usefull tools on the server ?? [14:30:45] <Roobarb> ? [14:30:45] <hparker> maybe you ought to sharpen your skills a bit and become the new admin :P [14:31:40] <cpm> what's the output of qshape deferred? [14:33:02] <download123> mom [14:33:08] <download123> cpm its a very long list [14:33:17] <download123> http://paste.debian.net/13940/ [14:33:17] <xpoint> hparker, and get a laptop out of it to vacations :-) [14:33:23] <download123> thats the beginning [14:33:29] <hparker> xpoint: hehe [14:35:20] <xpoint> download123, if you use postfix and not exim its not that hard to do the things right, but trace the logs why you are blacklisted, and recerse track it to where the reason comes from, if its domain based blacklist its still your ip [14:36:21] <xpoint> senders should really use sasl on php scripts or get relay denied [14:37:00] <xpoint> its not that hard to secure it [14:37:17] *** download123 has quit IRC [14:37:50] *** download123 has joined #postfix [14:38:09] <download123> wow sry pressed the wrong button .. im a little bit nervous today... [14:38:39] <xpoint> yes but dont kill your self on it ;) [14:38:41] <download123> how should spamsending log entries look like [14:38:59] <xpoint> 42 [14:39:03] <download123> XD [14:39:17] <download123> so there is nothing to search for [14:39:19] <hparker> To:;akshfah at yahoo dot com :P [14:39:29] <hparker> Look for gibberish addresses [14:39:33] <download123> :-P [14:39:47] <download123> okay [14:40:05] <xpoint> or content where reply-to is diff then the users login [14:41:17] <download123> this is a send email isn't it? http://paste.debian.net/13942/ [14:41:38] <xpoint> hparker, generic search for free domains to: [14:41:59] *** canburak has joined #postfix [14:42:50] <hparker> yeah [14:43:36] *** hal1on has quit IRC [14:43:45] <xpoint> download123, is the from: local domain and or virtual ? [14:43:46] <download123> but i cant see where this mail is coming form or? [14:44:02] <download123> neigther nor [14:44:15] <xpoint> so its remote [14:44:28] <xpoint> track the queue id then [14:44:43] <download123> thats my problem .. the domain is nither local nor virtual and there are an lot more entries like this [14:44:52] <download123> how can i trac the queue id ? [14:45:07] <xpoint> grep 3E9061220443 /var/log/messsage [14:45:44] <download123> Aug 5 06:29:16 localhost postfix/smtpd[5987]: 3E9061220443: client=CPE-76-178-56-175.natsow.res.rr.com[76.178.56.175] [14:46:00] <download123> seems as if someone has logged in via smtp am i right? [14:46:03] <xpoint> this is the sender ip [14:46:33] <xpoint> no [14:46:52] <download123> no? [14:46:59] <canburak> hi, i'm piping contents of all mails to a filter (spamc). my active queue has ~1000 mails and postfix seems to spawn ~50 spamc processes. spamd's max-child limit is at 128. i want to find out how to check the cause of this. [14:47:01] <xpoint> its smtpd [14:47:58] <download123> xpoint that isnt the smtp service? [14:48:00] <xpoint> download123, postfix is server not client [14:48:09] <cpm> "240 and so on" [14:48:16] <cpm> yeah, I'd say that box was compromised [14:48:38] <cpm> you *NEED* to contact the admin of that system. Now is better than later. [14:49:47] <download123> okay well ill contact the boss but one last question ... [14:50:15] <xpoint> will we deliver pitza ? :-) [14:50:29] <download123> is that log pice above a prove that the spam mails where injected to the server using smtp and a hacked login? [14:51:02] <xpoint> if the ip is in mynetworks yes [14:51:04] *** PcPixel has joined #postfix [14:52:05] <download123> an mynetworks is what ? [14:52:26] <download123> *im very sry i think im very stupid* [14:52:28] <xpoint> postconf -d | grep mynetworks [14:52:34] <xpoint> if not non default [14:52:46] *** jellis-real has joined #postfix [14:53:38] <xpoint> download123, its not stupid to ask stupid questions, its stupid not to get why its wroung [14:53:59] <download123> mynetworks = 127.0.0.0/8 213.239.211.224/27 [14:54:17] <download123> dosent seem like the ip is in mynetworks [14:54:23] <xpoint> download123, and best sysops it them that have made all the trial and errors and laernt from it [14:54:47] <xpoint> then its not a hack [14:55:55] <xpoint> what ip is blacklisted ? [14:56:07] <download123> well .. one thing i don't understand ... how does this mail get in there [14:57:29] <xpoint> sender or recipient is local or sender used smtp auth, but the logs above shows no smtp auth user [14:58:21] <download123> oh okay [14:58:22] <xpoint> or using pop-before-smtp, heaven forbids that, but it could be this to [14:58:30] <cpm> xpoint, and you are saying the box isn't hacked because of what exactly? [14:58:34] <download123> so smtp auth would insert some data in the log? [14:58:37] <cpm> this is a web server, not a mail server [14:59:15] *** AcTiVaTe has quit IRC [14:59:18] <xpoint> download123, yes sasl [14:59:55] <xpoint> php mail() uses pickup, there is no pickup in the logs [15:00:20] <xpoint> and the ip is remote, so its not sent with php [15:00:35] <xpoint> did i miss some logs ? [15:01:18] *** sbathe_ has quit IRC [15:01:45] <download123> no thats right [15:02:35] *** kk_CHN has quit IRC [15:02:35] <download123> well ill take a ride to the company [15:02:58] *** Zblakany has joined #postfix [15:02:59] <xpoint> close port 25 it the server is just a webserver [15:03:45] <xpoint> and scan mails sent from it with spamassassin [15:04:05] <xpoint> redirect to root if its spam [15:04:10] <download123> ... and how should i send my mails .. and its also possible that the server recives mails .. from its domains [15:04:14] *** bhagat has quit IRC [15:04:35] <download123> ill have a talk to my boss [15:04:40] <download123> thank you all :) [15:04:41] *** g0rd0n has joined #postfix [15:05:07] <xpoint> download123, your boss can always email me at junc dot org :) [15:05:44] <xpoint> if his server is not blacklisted [15:07:12] <hacim> is the 'envelope from' the address that can be faked in a SMTP session when doing MAIL FROM: ? [15:08:35] <shasta> all addresses can be faked [15:09:19] <shasta> the one in headers ("header-from"), as well as MAIL FROM: ("envelope-from") [15:09:42] *** shoonya has joined #postfix [15:09:44] <hacim> i guess I am looking for the terms... the From: header is called the "evelope from"? [15:10:36] <shasta> EHLO foobar.e.h.lo [15:10:37] <xpoint> thats why sasl is usefull for local users to [15:10:46] <shasta> MAIL FROM:<envelope at f dot r.o.m> [15:10:54] <shasta> RCPT TO:<envelope at t dot o> [15:10:57] <shasta> DATA [15:11:18] <shasta> From: Hello Darling <headers at f dot r.o.m> [15:11:20] <shasta> ... [15:11:50] <xpoint> hesco, postfix uses return-path as envelope-from header [15:12:13] <shasta> xpoint, fix your tabcompletion ;) [15:12:22] <xpoint> ups [15:12:38] <xpoint> hacim, you [15:12:50] <hacim> shasta: ok, and most mail clients will only show the envelope from unless you look at the full headers? [15:13:02] <shasta> sigh [15:13:05] <shasta> no [15:13:09] <hacim> the other way around [15:13:22] <shasta> most mail clients show headers-from [15:14:11] <xpoint> only trust return-path, not other headers can be trusted [15:14:33] <xpoint> unless the sender uses smtp auth [15:14:46] <hacim> right, so how does the envelope from show up in the headers? as a Received: line? [15:14:55] <xpoint> but even there he can still use forged from: ! [15:15:05] <shoonya> hi all [15:15:07] <hacim> xpoint: Return-Path: can be forged [15:15:19] <shoonya> how to control who can send mail to a particular id ? [15:15:21] <xpoint> hacim, not with smtp auth [15:15:26] <hacim> xpoint: right [15:16:07] <shoonya> can someone help me on this [15:16:23] <xpoint> id ? [15:17:12] <shoonya> for example, the recipient id is group1 at mydomain dot com, i want only users belonging to this group to be able to post messages to this id [15:17:27] <xpoint> 42 is common answers to undefined questions :) [15:18:12] <xpoint> how ? [15:18:39] * hparker hands shoonya a copy of mailman [15:19:02] <xpoint> hparker, mailman is bugggy [15:19:13] <hparker> never a problem for me [15:19:19] <xpoint> hparker, even on gentoo [15:19:24] <hparker> nope [15:19:29] <hparker> got a few running atm [15:19:38] <xpoint> hparker, you need to search more then [15:19:50] <hparker> I don't go looking for trouble ;) [15:20:00] * cpm doesn't have these phantastical mailman 'bugs'. [15:20:07] <xpoint> but thay do exists [15:20:23] <shoonya> ok, i guess i was not clear with my question. i am not using/looking for a mailing list manager [15:20:50] <cpm> shoonya, that's almost exactly what a mailing list manager does. [15:20:53] <xpoint> shoonya, or even mlmmj ? [15:20:58] <cpm> that's the correct tool for the job you described. [15:21:12] <shoonya> what i mean is lets say if there is a email id as myname at mydomain dot com, can i control who can send mail to this id using postfix ? [15:22:07] <xpoint> yes no problem if you run it on a lan with no internet access [15:22:09] <shoonya> i mentioned group@... because this email id could be an alias for all users [15:22:10] <cpm> can probably do with it some clever maps and transport. [15:22:28] <cpm> yeah, I use mailman for that purpose, Have for many years. Works well. [15:22:30] *** kRocKodile has quit IRC [15:23:12] *** canburak has left #postfix [15:23:17] <shoonya> any solution possible using postfix alone ? [15:24:45] <xpoint> i will not suggest messy configs, but if you want it, postfix can make it with classes, but it will be very messy [15:25:33] <xpoint> it will be more clear to every user on this why mailman is the way to go in the end [15:25:52] <hparker> and then have to learn mailman :P [15:25:59] <shasta> or a policy daemon :> [15:26:13] <xpoint> or use mlmmj if one need a lightweight solution [15:26:47] <xpoint> hparker, python is scarry :-) [15:26:57] <shoonya> is there any policy daemon for this requirement [15:27:13] <shasta> write one, shouldn't be that hard [15:27:21] <xpoint> !google policyd v2 [15:27:22] <knoba> xpoint: Error: "google" is not a valid command. [15:27:29] <hparker> xpoint: heh... I have to go back to the docs every new list I setup, fortunately that's not many [15:27:30] <xpoint> dmm [15:27:31] <shoonya> that's really hard for me :) [15:28:14] <xpoint> hparker, web create new list works for me [15:28:17] *** AcTiVaTe has joined #postfix [15:28:33] <hparker> xpoint: heh.. I hate web interfaces ;) [15:28:37] <xpoint> hparker, but its a mess config i have [15:28:39] <cpm> mlmmj might be a better answer [15:28:59] <cpm> mailman is a very handy application, worth learning [15:29:18] <PcPixel> can you use multiple maps with relay_recipient_maps? [15:29:40] <cpm> sure, first match wins [15:29:40] <xpoint> hparker, and you still use mailman, hmm :-) [15:29:46] <dragonheart> I didn't really follow you xpoint however have you looked at reject_authenticated_sender_login_mismatch ? I've also used mailman for many purposes. [15:29:59] <hparker> xpoint: I host < 10 lists, no biggie [15:30:00] * cpm has used mailman for over a decade. Is pretty fond of it. [15:30:20] <cpm> does hit nasty bugs from time to time, true enough. [15:30:49] <xpoint> dragonheart, yes it can be done, but its messy :=) [15:32:29] <xpoint> hparker, mailman have its quirks, here i got it working with postfix virtual domains, but just use non virtual setup in postfix, so postfix just reads the alias pipe list and nothing more, it crap config but it works :) [15:33:10] <hparker> I use @lists. as a local domain for those that want a list [15:33:32] <xpoint> hparker, have to figure out how to make real web create with virtual maillist via webud create [15:33:57] <hparker> Now you see why I do it all manually ;) [15:33:57] <cpm> I managed to get mailman working with virtual domains in mysql a while back, didn't bother writing up how I did it though. was really proud of it at the time too [15:34:28] * hparker still has dents in his forehead from trying to get it going virtual [15:34:39] * PcPixel giggles [15:34:41] <xpoint> cpm, make a patch to mailman ? [15:34:46] <cpm> xpoint, nope. [15:34:56] <xpoint> so its lie :-) [15:35:22] <cpm> No, worked okay. Some bletcherous regexp matching in mailman aliases thoug. [15:35:53] *** chadmaynard has joined #postfix [15:36:07] *** download122 has joined #postfix [15:36:16] *** littlebird has quit IRC [15:36:17] <cpm> and used the postfix-to-mailman.py script [15:37:15] <xpoint> hparker, i have the virtual defined with mydestination in postfix, but configure mailman as to use that one domain as virtual postfix domain [15:37:37] <xpoint> hparker, thats all i did here [15:38:12] <xpoint> hparker, this only wiorks with one virtual domain through [15:38:58] <g0rd0n> what config parameter is it that rejects mail from servers that do not have a reverse dns on ther ip? [15:39:00] <hparker> Yeah, I added @lists to mydestination and use them all as local domains [15:39:41] <xpoint> hparker, since pipe only works with local :-) [15:40:11] <hparker> heh [15:42:33] <xpoint> g0rd0n, try remove one restrictions until you find it, na i dont remember exactly what one do this [15:43:03] <download122> hey, does that log mean that the mail was send from localhost ? (because from is empty) [15:43:08] <download122> http://debian.pastebin.com/d4d058563 [15:44:21] <shasta> no [15:44:35] <xpoint> download122, grep CD1181220634 /var/log/messages [15:44:47] <shasta> empty from is used for bounces [15:45:03] <hacim> shasta: I setup check_recipient_access and blocked an email address, but I just attempted to send to it, and it was delivered [15:45:12] * xpoint sees more a accept and bounce there [15:45:17] *** AcTiVaTe has quit IRC [15:45:19] *** noneo has quit IRC [15:45:42] <download122> xpoint thats grep CD1181220634 /var/log/messages [15:45:49] <shasta> hacim, maybe you placed your check_recipient_access rule after some permissive rule [15:45:49] <xpoint> download122, you use rbl restrictions to late [15:46:12] <shasta> xpoint, what? ;) [15:46:26] <shasta> xpoint, postfix/smtp[9116] [15:46:33] <xpoint> have reject_unlisted_recipient in smtpd_client_restrictions [15:46:57] <shasta> it's remote smtpd rejecting HIS emails, where's the place for your rbl checks? ;) [15:47:06] <hacim> shasta: yeah, I have permit_sasl_authenticated before :p [15:47:48] <xpoint> he sender is blacklisted, but its sent from local [15:48:05] <xpoint> thats why it creates a bounce [15:48:37] <download122> xpoint that was grep CD1181220634 /var/log/messages [15:48:39] <xpoint> then reject_unlisted_sender [15:49:36] <xpoint> reject if mail is not known in local [15:49:52] <download122> xpoint to me? [15:50:01] <xpoint> and reject if bounce is not possible :) [15:50:24] <xpoint> trace why it bounces [15:50:46] <xpoint> and reject before you need to bounce, solves the problem [15:51:24] <xpoint> queue id is the trace pointer [15:51:27] <download122> xpoint was help for me or hacim [15:51:58] <hacim> download122: not for me [15:52:33] <fbe> is it possible to overide relayhost using -orelayhost=xxxx of the sendmail compatibility interface ? [15:53:11] <xpoint> fbe, in master.cf yes [15:53:28] <download122> other question .. easyer to completly reinstall postfix or try to fix it [15:54:03] <xpoint> download122, its more easy to make more coffie :-) [15:54:25] <cpm> easier to get the admin who built it to deal with it. [15:54:28] <xpoint> download122, but you learn more by fix the mess [15:55:04] <cpm> personally, if someone here decided to hamfist one of my servers, rather than call me, I'd have them killed, at some time in the future, when they weren't expecting it. [15:55:12] <fbe> so, is there a way to specify alternative main.cf for a given "sendmail" run ? [15:55:25] <cpm> hire xpoint to do it. [15:55:53] <xpoint> fbe, sendmail is pickup in master.cf [15:56:17] <xpoint> fbe, configure pickup as you like [15:56:29] <download122> cpm the admin isnt in the company and the guy i thought is admin has lass knowlledge about linux than i [15:56:59] <cpm> so, no one there has any idea how to run a mail server? [15:57:03] <cpm> outsource time. [15:57:12] *** mark-use has quit IRC [15:57:14] <xpoint> download122, one of this admin that know when its time to cacations :-) [15:57:27] <cpm> but wait, this isn't a mail server right? This is a webserver, yes? [15:57:54] <download122> its a root server where apache and postfix is installed [15:57:57] *** lysander has quit IRC [15:59:15] <cpm> what is a root server? [15:59:42] * cpm is only aware of a few root servers, but that is only relevant to dns [16:00:51] <cpm> I have a nuclear power plant, and the plant operator is on vacation, and these dials are all going deeper in to the red, and I'm not really very good with nuclear power plants, what knob do I turn? [16:01:06] <download122> hetzner call it like that its an server to witch the user gets complett access [16:01:37] * cpm really likes that analogy. [16:01:51] <xpoint> download122, so he can even format disks ? [16:01:56] * xpoint hiddes [16:01:58] <download122> only partly rightx [16:02:11] <download122> xpoint :P [16:02:32] <download122> no vacations .. ther is no admin [16:03:22] <cpm> hmm, the story changes. [16:03:45] <cpm> !topic [16:03:46] <knoba> cpm: "topic" : The Postfix MTA || Wiki: postfixwiki.org || On using IRC: workaround.org/moin/GettingHelpOnIrc || Bot info: workaround.org/f=postfix || post postconf -n and relevant logs to a pastebin when asking questions / check your logs / know your unix basics [16:04:17] <roe_> whose domain is workaround.org? [16:05:29] <hparker> Registrant Organization:Christoph Haas EDV-Consulting [16:06:25] <roe_> I guess what I meant to ask was, is workaround.org anyone in here or just somebody donating use of their domain to #postfix [16:06:57] *** Zeit|awy has quit IRC [16:07:10] * hparker isn't smart enough to know that [16:09:09] *** ribasushi has joined #postfix [16:09:11] <ribasushi> hi [16:09:40] <ribasushi> now after dnsstuff got closed down (became a paid service) did some other dnsbl checker emerge? [16:10:41] <Trengo> ribasushi a few [16:11:10] <Trengo> i like robtex.com, some people like intodns.com or dnscheck.net [16:12:03] *** alienbrain has quit IRC [16:14:30] <cpm> roe_, it's Signum [16:14:38] <roe_> ah, ok [16:14:47] <cpm> ribasushi, what do you need to know? [16:15:08] <cpm> there are a lot of rbl 'checkers' [16:15:09] <PcPixel> can you use multiuple map files with relay_recipient_maps or just a single [16:15:24] <cpm> PcPixel, what did I say last time you asked/ [16:15:31] <PcPixel> i got dragged awayu [16:15:35] <PcPixel> i apologize [16:15:41] <cpm> yes, first match wins [16:15:50] <PcPixel> ok then somethng else is wrong with them [16:15:59] <PcPixel> cool [16:16:28] <ribasushi> cpm: the more the better [16:16:39] <ribasushi> I mean the more checks I can make - the better [16:16:54] <ribasushi> Trengo: intodns doesn't seem to do this (just checks dns stuff) [16:17:00] <ribasushi> will look into the others [16:17:14] <cpm> ribasushi, what do you need to check? if yer doing the 'right stuff' then you don't need to sweat that stuff [16:17:25] <cpm> :) [16:17:46] <Trengo> ribasushi oh dnsbl, check robtex.com/rbl [16:18:02] <ribasushi> cpm: bah... that's a very "helpful" answer [16:18:06] <ribasushi> thanks anyway [16:18:42] <cpm> ribasushi, lotta variables. What -specifically- do you need to know? [16:18:52] <ribasushi> cpm: I don't know dude [16:18:58] <cpm> ah. Can't help ya then. [16:18:59] <cpm> :) [16:19:00] <ribasushi> ever heard of preventive checks? [16:19:31] <PcPixel> yeah something is up when i implement it. my map files cause all mail to get kinda "lost" [16:19:33] <cpm> I've heard of reading the rfcs yeah. [16:19:46] <cpm> PcPixel, lost? [16:19:52] <cpm> can you give an example? [16:20:04] <PcPixel> cpm: it never makes it into the server [16:20:13] <PcPixel> if i implement relay_recipient_maps over the check i was doing, mail stops coming in [16:20:23] <PcPixel> nothing in the mail log either [16:20:26] <cpm> PcPixel, pastebin your example [16:20:29] <PcPixel> outbound mail is fine [16:20:32] *** lysander has joined #postfix [16:20:35] <PcPixel> ok one sec [16:20:38] <cpm> k [16:20:52] <ribasushi> cpm: do you honestly believe that if you configure your shit right, you stand no chance of being blacklisted somewhere? [16:21:03] <ribasushi> or you are of the "if they don't want to talk to me it's their problem" camp? [16:21:25] <ribasushi> Trengo: this is exactly what I was after, thanks a ton [16:21:32] <Trengo> ribasushi if you're setup right, you wont get listed [16:21:55] <PcPixel> http://pastebin.com/d20ce043f [16:21:56] <ribasushi> Trengo: what about the whitelisting services listed on top of the report - are they any good or not worth the hassle? [16:21:59] <PcPixel> there's a start [16:22:02] <cpm> ribasushi, no. You can always be blacklisted. 'My Server, My Rules'. However, folks normally have reasons for blacklisting. [16:22:06] *** Nathariel has quit IRC [16:22:13] <download122> does anybody know if this is a good tutorial http://workaround.org/articles/ispmail-sarge/ [16:22:46] <cpm> PcPixel, no. [16:22:55] <cpm> one map 'type' [16:22:55] <Trengo> ribasushi no idea, sorry [16:22:57] <PcPixel> cpm: to which [16:23:07] <cpm> you probably should combine them to one db. [16:23:17] <PcPixel> cpm: thats what i was asking earlier :) [16:23:19] <cpm> rather than hashing all those files, combine them to one. [16:23:25] <PcPixel> i was just about to dfo that & make it a single line [16:23:32] <PcPixel> and see if that makes a difference [16:24:10] <cpm> Thought you were maybe doing a regex, a hash, a db lookup, or similar. That should work however, but that's a lot of lookups. Better to combine them, and hash one db file, will take a whole lot less effort. But in theory, it's not exactly wrong. [16:24:37] <PcPixel> cpm: ok cause if i do that & enable it versus my other checks, its like mail just stops flowwing in [16:24:58] <PcPixel> the contents of the file are currently valid at qddress dot com OK and i saw that it just needs any value on the right side so i should still be ok [16:25:23] <cpm> Umm, not sure that will work. [16:25:42] <PcPixel> the documentation said it just has to be an address on the left, and any value on the right [16:26:24] <cpm> not exactly, close. "valid addresses in the domains that match $relay_domains" [16:26:32] *** Internat has quit IRC [16:26:35] <PcPixel> well right [16:26:44] <PcPixel> if the arent listed there then it doesnt work :) [16:26:47] *** bacaci has joined #postfix [16:26:51] <PcPixel> all the ones i have listed are listed in relay_domains [16:26:53] <cpm> So, it's a check on address for domains that are already allowed to relay [16:27:00] *** Internat has joined #postfix [16:27:03] <PcPixel> cpm: correct :) [16:27:17] <cpm> okay. then combine all that crap into one file, and hash that. be sure to postmap it. [16:27:36] <cpm> then check it with postmap -q 'value' hash:/path/to/file [16:27:45] <PcPixel> that was my next step :) and its fine to leave the OK's right [16:27:53] <cpm> yeah, think so. [16:27:58] <PcPixel> poifect [16:27:59] <cpm> why are you doing this? [16:28:18] <PcPixel> we're getting a lot of email for addresses that dont exist [16:28:23] <cpm> So? [16:28:25] <cpm> reject it. [16:28:37] <PcPixel> thats what im doing now [16:28:43] <bacaci> hi all, I'm using python's smtplib to connect to postfix on port 25, and send mail, but I'm getting this error: http://dpaste.com/69545/ [16:28:48] <cpm> that's kinda a ass-backwards way to go about it. [16:28:49] <bacaci> any ideas? [16:28:59] <PcPixel> using a relay_map is ass backawards? [16:29:07] <PcPixel> (sorry, myu telnet connection is MAD slow) [16:29:16] <cpm> bacaci, what do the smtp server logs show? [16:29:23] <cpm> PcPixel, for that purpose yes. [16:29:31] <bacaci> cpm one sec [16:29:40] <cpm> !cheatsheet [16:29:41] <knoba> cpm: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control. [16:29:48] <PcPixel> cpm: then what would you do? its serving as a relay to an Exchange server [16:30:05] <cpm> you need to verify the recipient. [16:30:12] <cpm> PcPixel, ^^ [16:30:55] *** shoonya has quit IRC [16:31:22] <cpm> PcPixel, take a look at http://www-personal.umich.edu/~malth/gaptuning/postfix/ [16:32:26] <PcPixel> ok cause im skimming/searching the other one & im not finding what youre talking about [16:32:29] <PcPixel> ill look at that one now [16:32:51] <PcPixel> no, no LDAP or AD integration. [16:33:05] <PcPixel> but yeah [16:33:08] <PcPixel> thats what i am doing [16:33:14] <PcPixel> i have a list of valid recipients [16:33:17] <cpm> PcPixel, also see http://slett.net/spam-filtering-for-mx/smtpchecks.html [16:33:22] <PcPixel> which i want to load into relay_recipient_maps [16:33:25] <PcPixel> so how is that ass backwards [16:33:31] <cpm> specifically section 2.3.2.4. [16:33:35] <cpm> that's the easy way [16:34:21] <cpm> No No, ignore taht. [16:34:23] <cpm> that even [16:34:27] <cpm> that's not what I'm looking for. [16:34:34] <PcPixel> ignore 2.3.2.4? [16:35:47] <download122> is it all right if some options in main.cf were empty [16:35:56] <PcPixel> cause the Michigan one is what i was gonna do [16:35:58] <download122> like "relayhost = " [16:36:00] <PcPixel> even the books recommeneded that [16:37:07] <cpm> PcPixel, yeah, that's a good approach, sorry. [16:37:20] <cpm> I know there is an easier way, can't put my finger on it right now. [16:37:37] <f3ew> download122 yes [16:38:35] <download122> f3ew thx [16:38:40] *** rootsvr has quit IRC [16:38:42] <PcPixel> cpm: not a problem :) [16:38:48] <PcPixel> im making the single file now to test [16:39:01] <cpm> be sure to test it with the query [16:41:12] *** smultron has quit IRC [16:41:16] * PcPixel nods [16:44:19] *** pickcoder has joined #postfix [16:44:29] <PcPixel> ugh/... $!#@#$ SELinux SUCKS [16:45:50] <download122> what does "smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination" mean ? [16:46:27] <shasta> !basic [16:46:28] <knoba> shasta: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here. [16:46:32] *** Gaara` has joined #postfix [16:46:32] <shasta> download122, ^^^^^^ [16:47:08] <download122> thx :) [16:47:54] <ribasushi> why would anyone run SELinux on a hardened mail server is beyond me [16:48:00] <PcPixel> cpm looking good! [16:48:31] <cpm> SELinux gives me hives [16:48:51] <PcPixel> cpm: im agreeing w you [16:49:11] <f3ew> ribasushi, selinux works well if you know what you are doing [16:49:28] <cpm> f3ew, my point exactly :) [16:49:29] *** Gaara` has quit IRC [16:49:57] <PcPixel> yeah [16:49:59] <PcPixel> wont let you postman anything [16:50:02] <PcPixel> postmap [16:51:57] <dusty> Hey guys, I need an experienced opinion. I have just aquired a new VPS (Virtual Private System) like guest os using openvz. The specs are: 256mb ram, 30gb hd, 200mb connection. I want to setup a new mailserver on there, it is also running apache for two domains that don't have too much traffic. My question is, if I don't use amavis and stick to plain ole postfix/dovecot/mysql will the server handle that ok, or will there [16:51:58] <dusty> be memory issues ? The reason i'm asking is I don't want to put the hard work into setting it up to find it borks on memory as I cannot get it upgraded. I currently run a postfix/dovecot/amavis/mysql mailserver which munches a lot of ram, around 512 - 1gb. Im pretty sure thats mainly amavis consuming it and to be honest im going to drop amavis for other methods in my new setup, whats everyone's thoughts ? [16:52:14] <dusty> (Did that cut my question, if so where) ? [16:52:54] <ribasushi> f3ew: the complexity of the fine control you have over the system must be warranted by something [16:53:03] *** bacaci has left #postfix [16:53:20] <ribasushi> f3ew: security for the sake of security is... dunno [16:53:50] <PcPixel> cpm: ok, one file worked [16:54:18] <f3ew> ribasushi, depends on the actual requirements [16:54:25] <f3ew> It's needed for a webhost [16:55:28] <PcPixel> that should help things out. now ive got that recipient check out of the smtpd_Recipients_restriction [16:56:23] <PcPixel> leave my other classes/etc in there, but the check commented out & see how things go [16:57:53] <PcPixel> is SELinux even worth it [16:58:16] <dusty> do you offer accounts on the mailserver to people you don't trust ? [16:58:28] <dusty> or do you have users other than yourself on that system ? [16:58:31] *** Draecos has quit IRC [16:58:34] <PcPixel> mailserver is a relay and no. ssh only by admins [16:58:42] <dusty> then i wouldn't bother. [16:59:07] <dusty> If you had local users on there then I would. [16:59:24] <PcPixel> i love it [16:59:26] <dusty> or if you had users interacting with the system other than collecting/sending mail. [16:59:28] <PcPixel> im pissing my boss of with reboots [16:59:32] <dusty> hah [16:59:37] <PcPixel> why the heck hes camping out on my email server i dont know [16:59:42] <dusty> by the way, anyone have any opinions on my question? [16:59:47] <PcPixel> ive had to reboot it 4 times to get selinux to pick up the changes [17:00:18] <dusty> Would 256mb of ram on a vps be not enough for postfix/dovecot/mysql ? (bearing in mind it has apache on there also, hosting two vhosts). [17:00:30] <fdask> try it and see [17:00:32] <PcPixel> depends on your vilume [17:00:38] <PcPixel> volume [17:00:39] <fdask> i'd say yeah, depending on your apache/postfix settings [17:00:42] <fdask> and volume, sure [17:00:54] *** morpheus08 has quit IRC [17:00:57] <dusty> yes as in it would need more memory [17:01:00] <roe_> are you SAing somewhere else or forgoing spam scanning completely? [17:01:01] <dusty> or yes as in it would suffice ? [17:01:12] <dusty> roe_, me ? [17:01:15] <roe_> yes [17:01:19] *** xpoint has quit IRC [17:01:38] <dusty> I am not using SA on my new mailserver im going to try other methods such as black lists, etc. [17:01:48] <dusty> im going to look into what postfix has to offer [17:01:57] <dusty> as SA is written in perl and uses far too much memory [17:02:00] <dusty> well, amavis. [17:02:02] <PcPixel> ive got a nicely powered system right now & its not breaking a sweat [17:02:13] <dusty> beautful [17:02:16] <dusty> beautiful [17:02:19] <roe_> dusty, good luck with that [17:02:21] <PcPixel> but not what you stated [17:02:35] <dusty> roe_, what do you mean ? [17:02:48] <dusty> Hey, i'm open to opinions/ideas so blast them at me :) [17:02:52] *** mark-use has joined #postfix [17:03:02] <dusty> I just found amavis very confusing, very hard to troubleshoot problems. [17:03:02] <PcPixel> more RAM for starters [17:04:30] <roe_> those are not reasons to try to extend postfix into a realm it was not written for. You can definitely limit how much email hits your spam scanning software but I would not try to make postfix into a spam detector [17:04:42] *** g0rd0n has quit IRC [17:04:46] <PcPixel> i agree w roe [17:05:06] *** g0rd0n has joined #postfix [17:05:47] *** conjurous has quit IRC [17:06:20] <download122> how can i delete all emails that were in wait list of postfix [17:06:22] <download122> ?? [17:06:27] <PcPixel> cpm: dang it they are delayed again [17:06:37] <PcPixel> or not showing up [17:08:06] <PcPixel> ok, i need a test server. i cant keep doing this. [17:08:27] <roe_> what? take down your primary email server in the middle of a work day? [17:08:54] <PcPixel> especially wheni cant tell my $@#! boss is working on it at the same time [17:08:57] <dusty> roe_, hrm ok, maybe I need to look more into the spam aspect of things. [17:09:08] <dusty> roe_, what would you suggest for spam control then ? [17:09:13] <roe_> amavis :) [17:09:18] <dusty> heh [17:09:33] <roe_> what distro do you use? [17:09:35] <PcPixel> im doing a bunch of spamchecks w/o amavisd [17:09:42] <PcPixel> and im at about 10% good 90% rejected [17:09:57] <dusty> roe_, currently, ubuntu server. However i'm open to opinions I can stick any os on there. [17:11:06] <roe_> well postfix supports blacklist checking, which you definitely should do, the nice thing about amavis is that it is one scanner that will do spam and virus checking, doing SA and virus without is definitely possible and relatively easy, but give you fewer options [17:11:31] <dusty> roe_, another problem with amavis is, postfixadmin breaks the tables, there is no id column where amavis does a lookup against it and breaks because of it. I need postfixadmin so users dont hastle me for password changes etc. [17:12:06] <dusty> roe_, I would stick with amavis if I could fix the issue where it breaks tables. [17:12:34] <roe_> you want to give them per user control of the spam settings? [17:13:11] <dusty> that would be awesome i have not delved into that yet though [17:13:28] <dusty> I want users to be able to control their own spam, and manage their own account (e.g. password changes) [17:13:46] <dusty> hence the reason for postfixadmin [17:13:58] <roe_> I'm not sure why amavis cares about your users, especially if postfixadmin doesn't support spam settings [17:14:12] <dusty> let me show you [17:14:13] <dusty> hang on a sec [17:14:33] <dusty> http://paste.stoned-hacker.co.uk/35 [17:14:38] <dusty> check that out, thats where it breaks [17:14:51] <ribasushi> dusty: do you do greylisting? it is still amazingly effective [17:15:07] <dusty> I dont do anything like that yet, amavis has handled everything so far. [17:15:12] <dusty> e.g. spam/av stuff [17:15:18] <dusty> postfix just did plain ole mta stuff [17:15:28] <ribasushi> I doubt amavis can do greylisting [17:15:38] <ribasushi> dusty: look into postgrey [17:15:48] <dusty> yeah that was what i was going to substitute amavis for [17:15:49] <PcPixel> yeah postgrey is good [17:15:55] <dusty> postgrey and a few other things [17:15:58] <dusty> rbl checks etc [17:16:17] <roe_> dusty, not sure how your amavis is configured, but it does not need to do that sql query to operate properly [17:18:11] <dusty> roe_, i've been here before I could not disable the sql stuff. [17:18:23] <dusty> i commented out every sql line in amavis.conf and it still performed sql lookups [17:18:44] <roe_> if you are using ubuntu don't you have a /etc/amavis/conf.d? [17:19:10] <ribasushi> dusty: this is what I do, works amazingly well (6 domains, about 15 accounts in each, about 20 spam messages total a week) [17:19:11] <ribasushi> http://pastebin.com/m314dd6d3 [17:20:30] <ribasushi> it's mainly google spam that gets through [17:22:43] <dusty> roe_, yes, but not many are familiar with that. [17:22:48] <dusty> roe_, ill show you the sql stuff now [17:23:07] <dusty> but the thing is, if i comment it out, or just remove the sql syntax then restart amavis it still does sql stuff [17:23:25] <roe_> then you missed something :) [17:23:42] <dusty> nope [17:23:49] <dusty> unless its not related to the term 'sql' [17:23:58] <dusty> as I grepped everything to do with amavis for sql [17:23:59] <roe_> which is very likely [17:24:02] <dusty> ok [17:24:04] <dusty> doh [17:24:27] <PcPixel> time for lunch [17:24:29] *** PcPixel has quit IRC [17:24:38] <dusty> Do you have the time to help me out with this? you seem to know a bit about amavis and it may help me out no end (as I won't have to research a new setup) ? [17:25:01] <ribasushi> dusty: if you are ever in a situation where you think a piece of software is doing stuff wrong the odds are: it is wrong - 1%, the hardware is faulty - 0.1%, you are wrong - the rest :) [17:25:06] <roe_> I was about to follow PcPixel's lead [17:26:13] <roe_> ribasushi, I guess you have never tried to get debian running on a sparc before :) [17:26:21] *** download122 has quit IRC [17:26:56] <ribasushi> roe: hardware is faulty, case closed :D [17:27:06] <roe_> don't tell sun that [17:27:59] * roe_ goes to lunch [17:29:27] <dusty> lol [17:31:17] <dusty> oooh [17:31:24] <dusty> just found a application called postfixmanager [17:31:28] <dusty> looks promising [17:39:03] *** phnord has quit IRC [17:39:57] *** githogori has quit IRC [17:46:23] *** temba has joined #postfix [17:46:47] <temba> hello all, i get suddenly after an update this = (temporary failure. Command output: ERR: authdaemon: s_connect() failed: Connection refused /usr/bin/maildrop: Temporary authentication failure. ) [17:46:51] <temba> any ideas why ? [17:48:21] *** madrescher has quit IRC [17:54:05] *** jellis-real has quit IRC [17:54:05] *** hever has quit IRC [17:54:05] *** Silowyi has quit IRC [17:54:05] *** chrisq has quit IRC [17:54:05] *** mXr has quit IRC [17:54:05] *** dragonheart has quit IRC [17:54:05] *** sysmonk has quit IRC [17:54:05] *** ayeuu has quit IRC [17:54:05] *** temba has quit IRC [17:54:05] *** lysander has quit IRC [17:54:06] *** Zblakany has quit IRC [17:54:06] *** cilly has quit IRC [17:54:06] *** Haris1 has quit IRC [17:54:06] *** Haris has quit IRC [17:54:06] *** Radiance has quit IRC [17:54:06] *** adaptr has quit IRC [17:54:06] *** tore has quit IRC [17:54:06] *** jelly has quit IRC [17:54:06] *** bondoer has quit IRC [17:54:06] *** Dewi has quit IRC [17:54:06] *** soren has quit IRC [17:54:06] *** Bejgli has quit IRC [17:54:07] *** confound has quit IRC [17:54:07] *** pingouin has quit IRC [17:54:07] *** loompek has quit IRC [17:54:07] *** _nalle has quit IRC [17:54:07] *** Zborg has quit IRC [17:54:07] *** biz has quit IRC [17:54:07] *** sv-- has quit IRC [17:54:07] *** dhg has quit IRC [17:54:07] *** tomocha6 has quit IRC [17:54:07] *** zamba has quit IRC [17:54:07] *** frag4 has quit IRC [17:54:07] *** Mazon has quit IRC [17:54:08] *** tuxick has quit IRC [17:54:08] *** Tanguy has quit IRC [17:54:08] *** higuita has quit IRC [17:54:09] *** F|oFF has quit IRC [17:54:09] *** vertigo- has quit IRC [17:54:09] *** amrit|zzz has quit IRC [17:54:09] *** frato has quit IRC [17:54:09] *** jduggan has quit IRC [17:54:09] *** _ruben has quit IRC [17:54:09] *** g0rd0n has quit IRC [17:54:09] *** Internat has quit IRC [17:54:09] *** dusty has quit IRC [17:54:10] *** goldfisc1li has quit IRC [17:54:10] *** meshugga has quit IRC [17:54:10] *** adie_ has quit IRC [17:54:10] *** xnixan has quit IRC [17:54:10] *** bisoc has quit IRC [17:54:10] *** cafuego has quit IRC [17:54:11] *** Niemi has quit IRC [17:54:11] *** tundra has quit IRC [17:54:11] *** cite has quit IRC [17:54:11] *** sparkleytone has quit IRC [17:54:11] *** lennard has quit IRC [17:54:11] *** stony has quit IRC [17:54:11] *** hparker has quit IRC [17:54:11] *** jdrake has quit IRC [17:54:11] *** Flobbie has quit IRC [17:54:11] *** TTilus has quit IRC [17:54:11] *** knoba has quit IRC [17:54:11] *** Toerkeium has quit IRC [17:54:12] *** ikaro has quit IRC [17:54:12] *** blackflag has quit IRC [17:54:12] *** radius has quit IRC [17:54:12] *** manlymatt83 has quit IRC [17:54:12] *** qdot has quit IRC [17:54:12] *** rikkyc has quit IRC [17:54:12] *** bio___ has quit IRC [17:54:12] *** harlan has quit IRC [17:54:12] *** F6F has quit IRC [17:54:13] *** magyar has quit IRC [17:54:13] *** master_of_master has quit IRC [17:54:13] *** Spec has quit IRC [17:54:13] *** SeJo has quit IRC [17:54:13] *** hesco has quit IRC [17:54:13] *** Marticus has quit IRC [17:54:13] *** memetic has quit IRC [17:54:13] *** flart has quit IRC [17:54:13] *** rob0 has quit IRC [17:54:13] *** jeev has quit IRC [17:54:13] *** ams has quit IRC [17:54:13] *** viimrles has quit IRC [17:54:13] *** mark-use has quit IRC [17:54:14] *** download123 has quit IRC [17:54:14] *** cpm has quit IRC [17:54:14] *** fbe has quit IRC [17:54:14] *** Roobarb has quit IRC [17:54:14] *** Filbert has quit IRC [17:54:14] *** sophokles has quit IRC [17:54:14] *** toytoy has quit IRC [17:54:14] *** echinos has quit IRC [17:54:14] *** pulsar has quit IRC [17:54:14] *** jonez has quit IRC [17:54:14] *** OneFix_Work has quit IRC [17:54:15] *** Rada_ has quit IRC [17:54:15] *** buffoon_work has quit IRC [17:54:15] *** ph8 has quit IRC [17:54:15] *** fluxdude has quit IRC [17:54:15] *** f3ew has quit IRC [17:54:15] *** maqr has quit IRC [17:54:15] *** lunaphyte has quit IRC [17:54:15] *** _bugz_ has quit IRC [17:54:15] *** ryan|work has quit IRC [17:54:15] *** pickcoder has quit IRC [17:54:15] *** ribasushi has quit IRC [17:54:15] *** shinao1 has quit IRC [17:54:15] *** Slashman has quit IRC [17:54:15] *** Jense has quit IRC [17:54:16] *** majikman has quit IRC [17:54:16] *** Pazzo has quit IRC [17:54:16] *** w0rd54 has quit IRC [17:54:16] *** keffer has quit IRC [17:54:16] *** VaNNi has quit IRC [17:54:16] *** AllenJB has quit IRC [17:54:16] *** kreg_work has quit IRC [17:54:16] *** Tinozaure has quit IRC [17:54:16] *** dotplus has quit IRC [17:54:16] *** Captain has quit IRC [17:54:16] *** roe_ has quit IRC [17:54:17] *** magyar_ has quit IRC [17:54:17] *** xous has quit IRC [17:54:17] *** tibyke has quit IRC [17:54:17] *** cipherz has quit IRC [17:54:17] *** tkooda has quit IRC [17:54:17] *** pa has quit IRC [17:54:17] *** Verilium has quit IRC [17:54:17] *** sep has quit IRC [17:54:17] *** mjoseph has quit IRC [17:54:17] *** Dominian has quit IRC [17:54:17] *** JT has quit IRC [17:54:18] *** brancaleone has quit IRC [17:54:18] *** war9407 has quit IRC [17:54:18] *** _bt has quit IRC [17:54:18] *** Odd_Bloke has quit IRC [17:54:18] *** Landon has quit IRC [17:54:18] *** milligan has quit IRC [17:54:18] *** Trengo has quit IRC [17:54:18] *** nfsnobody has quit IRC [17:54:18] *** tris has quit IRC [17:54:19] *** Niklas- has quit IRC [17:54:19] *** lawnchair has quit IRC [17:54:19] *** e_ has quit IRC [17:54:19] *** Rockj has quit IRC [17:54:19] *** shasta has quit IRC [17:54:19] *** chadmaynard has quit IRC [17:54:19] *** lunaphyte_ has quit IRC [17:54:20] *** diabollo has quit IRC [17:54:20] *** thumbs has quit IRC [17:54:20] *** DGnome has quit IRC [17:54:20] *** barnie has quit IRC [17:54:20] *** sahil has quit IRC [17:54:20] *** Danskmand1 has quit IRC [17:54:20] *** martiancode has quit IRC [17:54:20] *** syneus has quit IRC [17:54:20] *** mavrick61 has quit IRC [17:54:20] *** robtone_ has quit IRC [17:54:20] *** rmayorga has quit IRC [17:54:20] *** rizi_ has quit IRC [17:54:20] *** js_ has quit IRC [17:54:21] *** Vi5in has quit IRC [17:54:21] *** ek has quit IRC [17:54:21] *** c0m- has quit IRC [17:54:21] *** glitch- has quit IRC [17:54:21] *** hooch has quit IRC [17:54:21] *** nitbix has quit IRC [17:54:21] *** eye69 has quit IRC [17:54:21] *** idle-boy has quit IRC [17:54:21] *** jgreig has quit IRC [17:54:21] *** ovd has quit IRC [17:54:21] *** Signum has quit IRC [17:54:21] *** fdask has quit IRC [17:54:21] *** wedge has quit IRC [17:54:21] *** piksi has quit IRC [17:54:21] *** Matt has quit IRC [17:57:02] *** manlymatt83 has joined #postfix [17:57:30] *** theneb has quit IRC [18:02:21] *** ryan|work has joined #postfix [18:02:21] *** _bugz_ has joined #postfix [18:02:21] *** lunaphyte has joined #postfix [18:02:22] *** maqr has joined #postfix [18:02:22] *** f3ew has joined #postfix [18:02:22] *** buffoon_work has joined #postfix [18:02:22] *** fluxdude has joined #postfix [18:02:22] *** ph8 has joined #postfix [18:02:22] *** Rada_ has joined #postfix [18:02:22] *** OneFix_Work has joined #postfix [18:02:22] *** jonez has joined #postfix [18:02:22] *** echinos has joined #postfix [18:02:22] *** toytoy has joined #postfix [18:02:22] *** sophokles has joined #postfix [18:02:22] *** Filbert has joined #postfix [18:02:22] *** Roobarb has joined #postfix [18:02:22] *** fbe has joined #postfix [18:02:22] *** cpm has joined #postfix [18:02:22] *** download123 has joined #postfix [18:02:22] *** mjoseph has joined #postfix [18:02:22] *** sep has joined #postfix [18:02:22] *** Dominian has joined #postfix [18:02:22] *** Verilium has joined #postfix [18:02:22] *** pa has joined #postfix [18:02:22] *** tkooda has joined #postfix [18:02:22] *** cipherz has joined #postfix [18:02:22] *** tibyke has joined #postfix [18:02:22] *** xous has joined #postfix [18:02:22] *** magyar_ has joined #postfix [18:02:22] *** roe_ has joined #postfix [18:02:22] *** Captain has joined #postfix [18:02:22] *** dotplus has joined #postfix [18:02:22] *** Tinozaure has joined #postfix [18:02:22] *** AllenJB has joined #postfix [18:02:22] *** VaNNi has joined #postfix [18:02:22] *** kreg_work has joined #postfix [18:02:22] *** JT has joined #postfix [18:02:22] *** keffer has joined #postfix [18:02:22] *** w0rd54 has joined #postfix [18:02:22] *** Pazzo has joined #postfix [18:02:22] *** majikman has joined #postfix [18:02:22] *** Jense has joined #postfix [18:02:22] *** Slashman has joined #postfix [18:02:22] *** shinao1 has joined #postfix [18:02:22] *** ribasushi has joined #postfix [18:02:22] *** pickcoder has joined #postfix [18:02:22] *** subq_ has joined #postfix [18:02:22] *** blackflag has joined #postfix [18:02:22] *** qdot has joined #postfix [18:02:22] *** bio___ has joined #postfix [18:02:22] *** radius has joined #postfix [18:02:22] *** rikkyc has joined #postfix [18:02:22] *** ikaro has joined #postfix [18:02:22] *** knoba has joined #postfix [18:02:22] *** harlan has joined #postfix [18:02:22] *** TTilus has joined #postfix [18:02:22] *** Toerkeium has joined #postfix [18:02:22] *** Flobbie has joined #postfix [18:02:22] *** jdrake has joined #postfix [18:02:22] *** hparker has joined #postfix [18:02:22] *** Danskmand1 has joined #postfix [18:02:22] *** jgreig has joined #postfix [18:02:22] *** martiancode has joined #postfix [18:02:22] *** syneus has joined #postfix [18:02:22] *** mavrick61 has joined #postfix [18:02:22] *** Vi5in has joined #postfix [18:02:22] *** robtone_ has joined #postfix [18:02:22] *** rmayorga has joined #postfix [18:02:22] *** rizi_ has joined #postfix [18:02:22] *** fdask has joined #postfix [18:02:22] *** js_ has joined #postfix [18:02:22] *** ek has joined #postfix [18:02:22] *** c0m- has joined #postfix [18:02:22] *** glitch- has joined #postfix [18:02:22] *** Matt has joined #postfix [18:02:22] *** nitbix has joined #postfix [18:02:22] *** eye69 has joined #postfix [18:02:22] *** idle-boy has joined #postfix [18:02:22] *** wedge has joined #postfix [18:02:22] *** ovd has joined #postfix [18:02:22] *** Signum has joined #postfix [18:02:24] *** harlan_ has joined #postfix [18:02:25] *** harlan_ has quit IRC [18:02:28] *** fdask has quit IRC [18:02:32] *** ek has quit IRC [18:02:33] *** idle-boy has quit IRC [18:02:34] *** ikaro has quit IRC [18:02:34] *** rmayorga has quit IRC [18:02:41] *** brancaleone has joined #postfix [18:02:41] *** war9407 has joined #postfix [18:02:41] *** _bt has joined #postfix [18:02:41] *** Odd_Bloke has joined #postfix [18:02:41] *** Landon has joined #postfix [18:02:41] *** milligan has joined #postfix [18:02:41] *** Trengo has joined #postfix [18:02:41] *** nfsnobody has joined #postfix [18:02:41] *** tris has joined #postfix [18:02:41] *** Niklas- has joined #postfix [18:02:41] *** e_ has joined #postfix [18:02:41] *** lawnchair has joined #postfix [18:02:41] *** Rockj has joined #postfix [18:02:41] *** shasta has joined #postfix [18:02:44] *** martiancode has quit IRC [18:02:47] *** Signum has quit IRC [18:02:48] *** dusty has joined #postfix [18:02:48] *** Signum has joined #postfix [18:02:48] *** fdask has joined #postfix [18:02:48] *** martiancode has joined #postfix [18:02:48] *** ikaro has joined #postfix [18:02:48] *** idle-boy has joined #postfix [18:02:48] *** sahil has joined #postfix [18:02:48] *** barnie has joined #postfix [18:02:48] *** thumbs has joined #postfix [18:02:48] *** DGnome has joined #postfix [18:02:48] *** diabollo has joined #postfix [18:02:48] *** lunaphyte_ has joined #postfix [18:02:48] *** chadmaynard has joined #postfix [18:02:48] *** error404notfound has joined #postfix [18:02:48] *** saurabhb has joined #postfix [18:02:48] *** c0m has joined #postfix [18:02:48] *** madrescher has joined #postfix [18:02:48] *** g0rd0n has joined #postfix [18:02:48] *** Internat has joined #postfix [18:02:48] *** F6F has joined #postfix [18:02:48] *** goldfisc1li has joined #postfix [18:02:48] *** meshugga has joined #postfix [18:02:48] *** magyar has joined #postfix [18:02:48] *** adie_ has joined #postfix [18:02:48] *** xnixan has joined #postfix [18:02:48] *** master_of_master has joined #postfix [18:02:48] *** hesco has joined #postfix [18:02:48] *** Spec has joined #postfix [18:02:48] *** SeJo has joined #postfix [18:02:48] *** bisoc has joined #postfix [18:02:48] *** cafuego has joined #postfix [18:02:48] *** tundra has joined #postfix [18:02:48] *** Niemi has joined #postfix [18:02:48] *** cite has joined #postfix [18:02:48] *** sparkleytone has joined #postfix [18:02:48] *** lennard has joined #postfix [18:02:48] *** stony has joined #postfix [18:02:48] *** Marticus has joined #postfix [18:02:48] *** memetic has joined #postfix [18:02:48] *** ams has joined #postfix [18:02:48] *** flart has joined #postfix [18:02:48] *** viimrles has joined #postfix [18:02:48] *** rob0 has joined #postfix [18:02:48] *** jeev has joined #postfix [18:03:00] *** bio____ has joined #postfix [18:03:00] *** Vi5in has quit IRC [18:03:01] *** Jense has quit IRC [18:03:02] *** Flobbie has quit IRC [18:03:03] *** TTilus has quit IRC [18:03:06] *** nitbix has quit IRC [18:03:07] *** harlan has quit IRC [18:03:09] *** mavrick61 has quit IRC [18:03:09] *** gridl0ck has joined #postfix [18:03:09] *** js_ has quit IRC [18:03:11] *** eye69_ has joined #postfix [18:03:11] *** Jense_ has joined #postfix [18:03:11] *** ovd has quit IRC [18:03:11] *** harlan__ has joined #postfix [18:03:12] *** rikkyc has quit IRC [18:03:13] *** robtone_ has quit IRC [18:03:13] *** mavrick61 has joined #postfix [18:03:13] *** Vi5in has joined #postfix [18:03:13] *** hooch has joined #postfix [18:03:13] *** Flobbie has joined #postfix [18:03:13] *** TTilus has joined #postfix [18:03:13] *** piksi has joined #postfix [18:03:13] *** adaptr has joined #postfix [18:03:13] *** higuita has joined #postfix [18:03:13] *** _ruben has joined #postfix [18:03:13] *** jduggan has joined #postfix [18:03:13] *** frato has joined #postfix [18:03:13] *** amrit|zzz has joined #postfix [18:03:13] *** vertigo- has joined #postfix [18:03:13] *** F|oFF has joined #postfix [18:03:13] *** robtone_ has joined #postfix [18:03:13] *** chrisq has joined #postfix [18:03:13] *** mXr has joined #postfix [18:03:13] *** dragonheart has joined #postfix [18:03:13] *** Silowyi has joined #postfix [18:03:13] *** hever has joined #postfix [18:03:13] *** jellis-real has joined #postfix [18:03:13] *** temba has joined #postfix [18:03:13] *** lysander has joined #postfix [18:03:13] *** Zblakany has joined #postfix [18:03:13] *** cilly has joined #postfix [18:03:13] *** Haris1 has joined #postfix [18:03:13] *** Haris has joined #postfix [18:03:13] *** Radiance has joined #postfix [18:03:13] *** loompek has joined #postfix [18:03:13] *** tore has joined #postfix [18:03:13] *** ayeuu has joined #postfix [18:03:13] *** jelly has joined #postfix [18:03:13] *** bondoer has joined #postfix [18:03:13] *** Dewi has joined #postfix [18:03:13] *** soren has joined #postfix [18:03:13] *** Bejgli has joined #postfix [18:03:13] *** tomocha6 has joined #postfix [18:03:13] *** confound has joined #postfix [18:03:13] *** tuxick has joined #postfix [18:03:13] *** pingouin has joined #postfix [18:03:13] *** sysmonk has joined #postfix [18:03:13] *** biz has joined #postfix [18:03:13] *** _nalle has joined #postfix [18:03:13] *** zamba has joined #postfix [18:03:13] *** Zborg has joined #postfix [18:03:13] *** Tanguy has joined #postfix [18:03:13] *** sv-- has joined #postfix [18:03:13] *** dhg has joined #postfix [18:03:13] *** Mazon has joined #postfix [18:03:13] *** frag4 has joined #postfix [18:03:15] *** download123 has quit IRC [18:03:16] *** qdot has quit IRC [18:03:17] *** _glitch- has joined #postfix [18:03:17] *** pulsar has joined #postfix [18:03:17] *** c0m- has quit IRC [18:03:18] *** Jense_ has quit IRC [18:03:25] *** Jense has joined #postfix [18:03:31] *** wedge has quit IRC [18:03:33] *** eye69 has quit IRC [18:03:38] *** bio___ has quit IRC [18:03:43] *** glitch- has quit IRC [18:03:48] *** radius has quit IRC [18:03:51] *** Jense has quit IRC [18:03:52] *** gridl0ck is now known as radius [18:04:02] *** Jense has joined #postfix [18:04:12] *** Toerkeium has quit IRC [18:04:22] *** radius is now known as Guest9252 [18:04:26] *** Jense has quit IRC [18:04:32] *** rmayorga has joined #postfix [18:04:37] *** Jense has joined #postfix [18:04:49] *** ovd has joined #postfix [18:04:55] *** knoba has quit IRC [18:04:57] *** rizi has joined #postfix [18:04:59] *** knoba` has joined #postfix [18:05:08] *** rikkyc has joined #postfix [18:05:12] *** qdot has joined #postfix [18:05:16] *** nitbix has joined #postfix [18:05:20] *** wedge has joined #postfix [18:05:30] *** js_ has joined #postfix [18:06:13] *** ek has joined #Postfix [18:06:13] *** knoba` is now known as knoba [18:07:09] *** jgreig_ has joined #postfix [18:10:26] <g0rd0n> ok [18:10:37] <g0rd0n> sorry if i repeat my question, but there has been screen flooding :P [18:10:39] <g0rd0n> i'm using policy-spf, but i noticed that for every recipient in CC, postfix will insert one Received-SPF header. so, in my case i got an email with 1 To address anad 18 in Cc, and i got a total of 19 headers saying the same thing... is this a bug or a misconfigration? [18:10:54] *** rizi_ has quit IRC [18:11:13] *** jgreig has quit IRC [18:11:49] *** error404notfound has quit IRC [18:13:33] <rob0> I guess you're invoking it at RCPT TO, perhaps you should call your policy service at end_of_data. Check its documentation. [18:14:52] *** Pazzo has quit IRC [18:16:00] * hparker checks the end of rob0's data [18:18:14] *** madrescher has quit IRC [18:18:30] *** sophokles has quit IRC [18:18:51] *** jcrites has joined #postfix [18:18:56] <jcrites> hi [18:19:12] <jcrites> I was wondering if someone could tell me where I might research to find the answer to the following question ... [18:19:15] <g0rd0n> rob0: hmmm im calling it at the end of smtpd_recipient_restrictions [18:19:41] <g0rd0n> check_policy_service unix:private/spfpolicy, check_policy_service inet:127.0.0.1:2525, permit [18:19:47] <jcrites> originally we configured our mail hosts like mail-001.example.com, mail-002.example.com. back then each number corresponded to one actual machine. [18:20:04] *** saurabhb has quit IRC [18:20:26] <jcrites> at some point, we moved IPs and DNS around, so the numbers became meaningless and unnecessary. we tried naming the records like mail-c-d.example.com where c,d were the last octets of the IP address a.b.c.d [18:20:34] <jcrites> but that's annoying and seems superfluous [18:20:46] <jcrites> so my question is: is there any disadvantage to putting all my mail servers under one FQDN? [18:21:06] <jcrites> for example, I could have mail.example.com as the A record to each IP address I have, with PTRs back [18:21:07] *** Tykling has joined #postfix [18:21:36] <jcrites> I am wondering whether this is (1) correct under SMTP standards (2) likely to get our domain blocked or something else. what would be a good resource to research this kind of thing? [18:21:40] <g0rd0n> jcrites: this is normal practice, as far as i know [18:21:56] <jcrites> oh really? maybe I'm looking at bad examples then :) [18:22:00] <g0rd0n> you mean you want to use one fdqn as a round robin, right? [18:22:16] <jcrites> well, this is actually for our corporate outgoing mail servers, not the incoming [18:22:27] <jcrites> I got a load balancer for the incoming mail already [18:22:28] <rob0> Oh I don't know about normal practice, I think most big mailers use different names for each machine. [18:22:38] <g0rd0n> hmmm... [18:22:42] <jcrites> like google for example [18:22:52] <jcrites> google.com MX smtp1,2,3,4.google.com [18:22:59] <rob0> MX is not outbound [18:23:08] <jcrites> oh, stupid me [18:23:09] <rob0> you're comparing apples and oranges [18:23:29] <g0rd0n> as long as your smtp reply with the HELO that equals the rdns reply [18:23:30] <g0rd0n> it should be fine [18:23:39] <jcrites> yeah but I still see a lot of that kind of thing on the outgoing side too [18:23:55] <rob0> yes, and avoid hostname patterns which look dynamic [18:24:42] <jcrites> ti-out-0910.google.com ([209.85.142.188]) looks to be one of the outbound gmail servers [18:24:45] <rob0> mailX.example.com where X is a single digit is good [18:25:13] <jcrites> right -- so what I am asking is whether mail servers need different FQDNs at all, whether there would be any disadvantage from calling them all mail.example.com [18:25:15] <rob0> but then, no one can anticipate what some fool will come up with as a FUSSP [18:25:54] <rob0> The only disadvantage I can think of is that it might be a bit harder to diagnose in case of problems. [18:26:10] <jcrites> think spam blocking solutions might.... do something? [18:26:19] <jcrites> for example, if any ISP rate-limits on FQDN I'll be screwed. or similar [18:26:26] *** dusty__ has joined #postfix [18:26:27] <jcrites> :/ [18:27:54] *** error404notfound has joined #postfix [18:27:54] <fbe> is there a way to override transport_maps in master.cf (-o option ?) [18:28:04] <rob0> There are far more idiots trying to fight spam than there are spammers. But see above ... just use good sense and that's the best you can hope for. [18:28:04] <jcrites> thanks for the help rob, gordon [18:33:04] <cpm> rob0, yeah, true. But the spammers make more money [18:34:30] <rob0> unfortunately so [18:35:54] <rob0> Yet, I'm sure that all the money spent on spam abatement is FAR higher than the total revenues of the spam industry. [18:37:08] <cpm> rob0, no doubt. But it's a revenue-effort/results ratio. The spammers will ALWAYS win, as long as folks buy their goods. It's pretty simple. [18:37:47] <cpm> Dont' for one second think that Pfizer hasn't made horrifically large fortune off of 'that bad viagra spam, shame shame' [18:38:29] <rob0> a monument to stupidity ... Einstein's proof [18:40:30] <ribasushi> three strike rule for a stupid user - you receive a package off a viagra pharma site, or you are caught in a 419 deal [18:40:34] <ribasushi> and you lose your internet [18:40:38] <ribasushi> that'd be awesome [18:41:55] <rob0> but the Internet grew far beyond the supply of clueful admins [18:41:57] *** temba has quit IRC [18:43:16] *** dusty__ has quit IRC [18:43:39] *** dusty has quit IRC [18:44:04] *** dusty__ has joined #postfix [18:46:50] *** buffoon_work has quit IRC [18:49:46] *** error404notfound has left #postfix [18:50:11] <cpm> rob0, and grew quickly [18:51:32] <cpm> f3ew, rob0, sysmonk, Signum, to some degree lunaphyte are clueful. [18:53:09] * f3ew is not clueful [18:53:44] *** jcrites has quit IRC [18:53:48] <rob0> Reminds me, I saw a truck with a Texas license plate which ended in "3ew" on the road. I did a doubletake to see if some Indian guy was driving it. :) [18:54:53] *** githogori has joined #postfix [18:56:20] <lunaphyte_> if i did as much postfix these days as i used to i might take offense at that ;) [18:56:44] <f3ew> what do you do now? [18:56:54] * f3ew has spent the past four hours debugging Java [18:58:59] <Trengo> blimey [18:59:57] *** amrit|zzz is now known as amrit|wrk [19:01:25] <cpm> indeed [19:01:42] <cpm> f3ew, life is shorter than you know. careful of that java man. [19:02:50] *** pirho has joined #postfix [19:03:07] <lunaphyte_> i guess i'd call it "unix development", for lack of a better term. i still do some admin stuff, mostly just to keep the windows stuff our it department parades around at bay, and for my own stuff at home. [19:05:28] <f3ew> heh [19:05:31] <lunaphyte_> actually, if i'm honest, cpm is probably right on. i'm ashamed to admit i've had double bounces piling up after changing some stuff and not cleaning up aliases that broke, and i still haven't taken the time to fix it, even though it's been probably months. [19:05:35] <f3ew> So your stuff is now just working? [19:05:47] <f3ew> or you are just burning out? [19:05:58] *** rootsvr has joined #postfix [19:06:17] *** dan has joined #postfix [19:06:39] <lunaphyte_> well, it's definitely not just working.. thinking that would probably be the worst mistake i could make :) [19:07:46] <lunaphyte_> actually, i think neither. just other stuff increasing in priority. i've gone into that "keep the ideas in the back of your head and when you have a chance you'll get to it" mode, i think. [19:08:46] <Landon> #facebook [19:08:48] <Landon> whoops [19:09:17] *** syneus has quit IRC [19:10:15] *** pirho has quit IRC [19:10:46] <lunaphyte_> i've spent the last week trying to build and debug a bunch of bash scripts that are probably doing things way beyond what bash was likely ever intended for. [19:11:54] *** pirho has joined #postfix [19:12:55] <dan> I'm struggling with understanding how to make postfix use TLS along with relayhost. I don't have any local delivery, all mail goes to my ISP's server and it was working but they just decided to use TLS on their server. [19:13:31] <f3ew> postconf | grep smtp_tls [19:16:04] *** Niemi_ has joined #postfix [19:16:45] <dan> http://pastebin.com/d7658468e [19:17:15] <dan> it seems that somewhere I need to set a variable that says use tls and then find a place to stick a username/password from my ISP [19:17:45] <lunaphyte_> don't forget smtp_use_tls [19:17:47] <f3ew> postconf | grep smtp_tls <=== all relevant variables [19:17:52] <f3ew> that too [19:17:54] <dan> I have the smtp_use_tls [19:18:38] <lunaphyte_> the docs are pretty straightforward, i thought. what part are you getting hung up on? [19:18:49] *** madrescher has joined #postfix [19:19:04] <dan> wwhich variable controls the username/password that is used when relaying mail [19:19:06] *** PcPixel has joined #postfix [19:20:33] <dan> I think in general I'm confused over which variables control authentication between a local email client trying to send mail and my postfix server versus authentication between my postfix server and the relayhost [19:20:36] <lunaphyte_> have you been through TLS_README ? [19:21:11] <f3ew> dan the first is smtpd_*, the second is smtp_* [19:21:19] *** linkslice has joined #postfix [19:21:24] <cpm> f3ew, what time is it? [19:21:25] <f3ew> smtp_sasl_... [19:21:28] <f3ew> Tue Aug 5 22:49:32 IST 2008 [19:21:40] <cpm> kinda late, eh? [19:21:47] <f3ew> yeah [19:22:15] <dan> f3ew. thanks. thats a big help. [19:25:57] *** toytoy has quit IRC [19:27:32] *** felix-da-catz has joined #postfix [19:27:58] <felix-da-catz> Is there anything I need to configure besides uncommenting the submission line in the master.cf to make port 587 work? [19:29:00] <f3ew> no [19:29:12] <felix-da-catz> I see master listening on 587 with nestat -anp, but I do not get anything when I telnet in to there. [19:29:15] <dan> lunaphyte: I've been struggling through that document. [19:29:46] <felix-da-catz> I can telnet just fine into port 25... [19:29:58] <f3ew> logs? [19:30:07] <felix-da-catz> At least on this network that doesn't block 25. Another machine I have cannot connect through 25 to send mail. [19:31:37] <felix-da-catz> I don't see anything in there. The connection never shows up. I guess i need to check my firewall then... Forgot I even had one. [19:32:32] <felix-da-catz> Sorry.. :D Thanks for the head pull out of rear manuver. [19:33:22] <f3ew> heh [19:34:28] <felix-da-catz> That is tcp traffic right? [19:34:33] <dan> http://pastebin.com/m5981181a [19:35:33] *** Toerkeium has joined #postfix [19:35:43] <f3ew> yes [19:38:25] <dan> my postconf -n output along with a couple of comments is at http://pastebin.com/d4088375e [19:39:11] *** jeeter522 has joined #postfix [19:39:30] <jeeter522> anybody have any good tutorials or can help me getting chroot jail to work w/ SASL ? [19:42:15] *** Vi5in has quit IRC [19:43:24] *** davidj has joined #postfix [19:46:29] <rob0> felix-da-catz read-da-logz kill-da-firewalz :) [19:46:34] *** AcTiVaTe has joined #postfix [19:46:51] <jduggan> lol [19:47:51] <davidj> I'm looking for help with Postfix. I've got a postfix server at a remote office configured with relayhost=mail.wan. mail.wan is in our dns and resolves correctly. When someone at the remote office emails someone at another site, the message gets deferred with "Unknown user". How do I tell Postfix to forward all mail to the relayhost, not just non-local mail? [19:48:58] <rob0> Sounds like davidj has told Postfix to accept mail for some (?) domains. [19:49:00] <rob0> !basic [19:49:01] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here. [19:49:07] <rob0> !virtual [19:49:07] <knoba> rob0: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html [19:49:44] <jeeter522> transport [19:49:47] <davidj> rob0: Thanks [19:50:01] <davidj> jeeter522: Thanks, I'll look into transport, too. [19:50:04] <rob0> postconf | egrep 'domains|mydestination' [19:50:29] <rob0> You don't need transport_maps if you're using DNS for routing. [19:51:18] <jeeter522> rob0 : any knowledge on chroot? :\ [19:51:40] <davidj> Can I tell it to accept mail for bob@ and charlie@, but not for dan@$mydomain? [19:52:01] <jeeter522> setup a recipient table [19:52:09] <jeeter522> relay_recipients [19:52:17] <davidj> jeeter522: Thanks, I'll look into that. [19:53:15] *** Freddie` has joined #postfix [19:54:03] <davidj> Should relay_hosts = mail.wan or [mail.wan] ? [19:54:35] <Freddie`> is there a way to serve multiple domains without using mysql/postgresql ? [19:54:36] <davidj> iirc, [mail.wan] prevents postfix from looking for an mx record for mail.wan. Is that correct? [19:55:14] <davidj> Freddie`: I've seen several examples today that use ldap instead of sql databases for multiple domains. [19:55:18] <jduggan> Freddie`: you can just use hash [19:55:55] <jduggan> !virtual [19:55:56] <knoba> jduggan: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html [19:56:00] <jduggan> ^read [19:57:02] <Freddie`> jduggan: wounderful... so i can manage multiple users and multiple domains ? [19:57:10] <jduggan> yes and yes [19:57:17] *** githogori has quit IRC [19:57:17] <Freddie`> jduggan: wow ;-) [19:57:45] <davidj> Freddie`: If you have a lot of users, maintaining the list with vi can be a chore ;-) [19:57:55] <jduggan> !virtual_alias_domains [19:57:55] <knoba> jduggan: "virtual_alias_domains" : a configuration parameter in the main.cf: Optional list of names of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains. [19:58:00] <jduggan> !virtual_alias_maps [19:58:01] <knoba> jduggan: "virtual_alias_maps" : a configuration parameter in the main.cf: Optional lookup tables that alias specific mail addresses or domains to other local or remote address. The table format and lookups are documented in virtual(5). [19:58:09] <jduggan> ^see above two parameters for domains [19:58:27] <Freddie`> davidj, jduggan : i run a simple home server, so having something simple as textfiles is a great things [19:58:56] *** jeeter522 has quit IRC [19:59:50] <jduggan> Freddie`: you might want to read the basic readme [19:59:52] <jduggan> !basic [19:59:53] <knoba> jduggan: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here. [20:16:38] *** gonewestcoast has joined #postfix [20:17:41] *** master_o1_master has joined #postfix [20:25:35] *** Motoko-chan has joined #postfix [20:28:48] *** pickcoder has quit IRC [20:29:15] <rob0> There are dozens of ways to serve multiple domains without using mysql/postgresql [20:29:49] *** master_of_master has quit IRC [20:29:49] <rob0> Sure, put everything in your chroot that Postfix might need. [20:32:38] * cpm chroots rob0 [20:34:04] * sysmonk jails cpm [20:34:24] *** TTilus has left #postfix [20:34:26] * cpm starts singing da bluez [20:36:28] *** Gershwin has joined #postfix [20:36:30] *** Gershwin has left #postfix [20:36:32] *** e-head has joined #postfix [20:37:12] *** Gershwin has joined #postfix [20:39:30] <e-head> Hey, anyone around? [20:39:43] <e-head> hey Gershwin [20:40:02] <e-head> I'm trying to send mail from a Site5 hosted account to unite.org. [20:40:34] <e-head> I get back a "Mail delivery failed" message saying "The mail server could not deliver mail to lynn.***** at unite dot org. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries." [20:40:59] <e-head> In all liklihood, is this the unite.org server slamming the mail for some reason? [20:41:10] <cpm> what say the logs? [20:41:23] <e-head> ahh. Unfortunately, I don't have access to the logs on either server. [20:41:43] <e-head> So, this makes it harder to pin point what's going on. [20:41:50] <cpm> Yup. [20:42:00] <e-head> I do know this much... the account lynn.*** at unite dot org DOES exist. [20:42:09] <e-head> I can send mail to her from my gmail and verizon accounts. [20:42:10] <lunaphyte_> prove it. [20:42:16] <e-head> ha [20:42:19] <lunaphyte_> heh [20:43:08] <e-head> Oddly enough, I can't get mail from her either. So, the two servers are having definite problems talking. [20:43:25] <lunaphyte_> presumably, the server having the conversation with unite.org's mx would have additional insight. [20:43:39] <e-head> exactly. [20:43:44] <davidj> Can I set a size limit on incoming messages? [20:43:52] <e-head> If I could get my hands on the relevant log entries it would definitely help. [20:44:24] <e-head> So... I guess I'm asking what is the most likely scenario(s)? [20:44:27] <lunaphyte_> why can't you? [20:44:43] <e-head> I emailed them to ask. Havn't heard back from them yet. [20:44:50] <lunaphyte_> who? [20:45:06] <e-head> The sending SMTP server (Site5 hosted). [20:45:12] <e-head> I don't administer either server. [20:45:16] <lunaphyte_> oh, i see. [20:45:18] * rob0 sings ... "'Cuz I'm down in Folsom Chroot ..." [20:45:21] <e-head> I used to, but then we moved it to site5. [20:45:33] <rob0> The Geek in black [20:45:56] <lunaphyte_> you are trying to be the admin, but are not the admin. [20:46:04] * cpm rejoins 'An I see that chroot a'running, on down to rob0' [20:46:06] <e-head> exactly. [20:46:08] <e-head> ;) [20:46:30] <e-head> My boss doesn't understand this. He thinks somehow I should know all the answers. I tried to tell him it's sort of like 2 black boxes. [20:46:43] <rob0> Well e-head, the error you pasted here is not from Postfix, so perhaps that will help narrow it down further. [20:47:06] <e-head> It's relatively rare for an outgoing SMTP server to run a lot of checks once it's authenticated the sender, correct? I mean... it will verify the sender, sure, but then beyond that it just tries to go ahead and send the mail. [20:47:07] <lunaphyte_> yeah, that looks like an error from pistfox. [20:47:10] * davidj adds "I killed a pid on Jackson, just to see how it would die" [20:47:16] *** devdas has joined #postfix [20:47:31] <cpm> or an error from lunafox [20:47:40] <e-head> So... I'm thinking it's the receiving server (unite.org), that is slamming the message. [20:47:40] <rob0> John E-cash [20:47:44] <lunaphyte_> davidj: postconf | grep -i size [20:47:52] <davidj> lunaphyte_: Thanks! [20:47:59] * cpm falls over [20:48:07] <davidj> rob0: owww ;-/ [20:48:22] <rob0> e-head, do you think somehow WE should know all the answers without any information? [20:48:23] <lunaphyte_> i think it's site5 being sucky, and unite.org being picky. [20:48:37] <lunaphyte_> then we guess! [20:48:47] <e-head> Now... would you guys happen to know this much. The error given in the "Mail Delivery Failed" message... is that in all liklihood the error the unite.org server (receiving) gave the sending SMTP server, and the sending SMTP server just passed it along to the sender. [20:48:52] *** harlan__ is now known as harlan [20:49:15] <rob0> Or the MUA, or the relayhost ... [20:49:47] <e-head> It's not the MUA I don't think. [20:50:07] <e-head> The message came from the sending email server. [20:50:17] <e-head> Where it cooked up the message though I have no idea. [20:51:08] <e-head> My guess... it tried to send the message, got a denial error code from the receiving server (something like "550-The mail server could not deliver mail to"), then it just passed then back to me (the sender). [20:51:15] *** Niemi_ has quit IRC [20:51:39] *** blackflag has quit IRC [20:51:46] <e-head> As for blacklists... a sender SMTP wouldn't check a blacklist first. [20:51:59] <e-head> The thing is... these error messages are meaningless half the time. [20:52:32] <rob0> unite.org. 3600 IN MX 0 70.90.142.249. [20:52:37] <davidj> rob0: Johny cache? [20:52:38] *** jelly has quit IRC [20:52:46] <PcPixel> omg that was awdul. [20:52:49] <e-head> that should be a FQDN, shouldn't it? [20:52:50] <PcPixel> awful even [20:52:52] <rob0> davidj: owww back atcha [20:52:56] <davidj> 249.142.90.70.in-addr.arpa. 3149 IN PTR 70-90-142-249-BusName-michigan.mi.hfc.comcastbusiness.net. [20:53:07] <e-head> I don't think you are supposed to use IP addresses in MX records. [20:53:08] <lunaphyte_> yay for michigan! [20:53:14] <lunaphyte_> i swear it's not mine. [20:53:14] <rob0> NO, that is NOT a valid MX entry. [20:53:34] <e-head> Because it's not a FQDN, right? [20:53:36] <rob0> So any site that delivers to that domain is broken. [20:53:43] <e-head> I see. [20:54:19] <rob0> It's lunaphyte_'s fault. [20:54:31] * davidj sings "gonna hang my head in shame" [20:54:40] * davidj slinks off to get some work done. [20:54:52] *** jdrake has quit IRC [20:55:02] <e-head> rob0: thanks. [20:55:07] <e-head> that may be the answer, right there. [20:55:29] <lunaphyte_> i can't even look up that ptr. [20:56:05] <rob0> I told you it was lunaphyte_'s fault. [20:56:18] *** g0rd0n has quit IRC [20:56:32] <lunaphyte_> oh, nvm. apparently host doesn't like trailing dots. [20:56:58] <lunaphyte_> on ip addresses, that is. [20:57:20] <cpm> who does? [20:57:22] <davidj> lunaphyte_: IP addresses aren't supposed to have trailing dots. [20:57:56] <lunaphyte_> i wish i left a trail of dots, like the family circus cartoons. [20:57:59] <davidj> lunaphyte_: Trailing dots are proper on a FQDN [20:58:02] <PcPixel> cpm: the relay_recipient_maps thing mucked up again. im building a test system now so i can mess around with it. [20:58:43] <lunaphyte_> davidj: it was a joke. [20:58:51] <rob0> Format for MX is "priority RRname". Priority is an integer, RRname is a FQDN which should resolve to an A record. [21:00:52] <lunaphyte_> rr is railroad? [21:01:27] <devdas> Resource Record [21:05:11] <rob0> Road Runner, Roger Rabbit, rabble rouser [21:05:53] <lunaphyte_> rabid raccoon [21:06:25] *** pirho has quit IRC [21:09:18] *** pirho has joined #postfix [21:12:12] *** subq_ has quit IRC [21:14:35] *** pickcoder has joined #postfix [21:15:44] *** Draecos has joined #postfix [21:16:00] <davidj> rob0: Thanks for the help earlier, I owe you a beer sometime. [21:16:58] *** pickcoder has quit IRC [21:17:24] *** pickcoder has joined #postfix [21:18:31] <sysmonk> did i hear beer? [21:19:33] <adaptr> that's all you ever hear [21:19:49] <sysmonk> nope [21:19:52] <sysmonk> that's all i want to hear :P [21:19:56] * devdas waves whisky [21:19:59] <devdas> heh [21:20:18] <sysmonk> nah, /me likes beer and vodka [21:20:25] <cpm> devdas! put down that bottle, and go to bed! [21:20:28] <sysmonk> no whiskey [21:20:30] *** mrnotproper has joined #postfix [21:21:03] <adaptr> step. away. from the whiskehs! [21:21:04] <sysmonk> devdas: yeah, put down that bottle, and pass it to cpm [21:21:04] <sysmonk> ;) [21:21:09] <davidj> I should have realized that "beer" was the magic word that would wake everyone up ;-) [21:21:35] * devdas passes the Stoli to sysmonk [21:21:41] * cpm pouts [21:21:42] <sysmonk> what's stoli? [21:21:57] <sysmonk> oh, stolichnaya [21:22:06] <sysmonk> we never call it like that [21:22:28] *** gonewestcoast_ has joined #postfix [21:22:45] <devdas> too lazy to type [21:22:58] <sysmonk> you don't have autocomplete for that yet?!!?! [21:23:35] * sysmonk notices that lately postfix seems to be veeeery offtopic :P [21:23:42] <sysmonk> that is #postfix, not postfix [21:23:48] <davidj> sysmonk: Do you prefer CTOTTN? [21:24:18] <sysmonk> what the f.* is that ?! [21:24:21] * devdas passes the 30 yo whisky to cpm [21:24:29] <mrnotproper> Hi, i've a big problem here. We change our hosting server and we transfer all the stuff into the new. We have done all the necessary change but right now when I want to send a message with a client like evolution or outlook, he always ask me the smtp password and nothing is sending. I verify the log and everything seems to be fine. Any idea ? [21:24:51] <devdas> mrnotproper: logs? [21:25:05] <sysmonk> mrnotproper: describe 'fine'. pastebin logs. [21:25:05] * cpm bows in thanks [21:25:11] <davidj> sysmonk: An admittedly poor approximation of what "Stoli" looks when written with the right letters. [21:25:15] <mrnotproper> ok [21:25:18] <cpm> fills flask, hands back [21:25:39] <sysmonk> devdas: define 'right letters' ? :) [21:25:54] *** JoeWulf has joined #postfix [21:25:57] <devdas> Russian [21:26:11] <sysmonk> you guys speak russian ? :) [21:26:22] <devdas> I would need to photograph the bottle ;) [21:26:23] <rob0> da [21:26:32] <rob0> n'yet [21:26:33] <sysmonk> rob0: shut up you russian phreak [21:26:33] <sysmonk> ;P [21:27:11] <sysmonk> devdas: ohhhh, you don't know russian, you just saw the bottle :) [21:27:18] <sysmonk> rob0: and good morning to you [21:27:27] <sysmonk> err, evening* [21:27:30] <devdas> sysmonk: and drank it [21:27:32] <cpm> sysmonk, so he knows enough russian [21:27:53] <sysmonk> devdas: /me drinks it quite often [21:27:53] <rob0> davidj, you're kidding of course, how could I have helped anyone here? All I do is sit back and make snide comments and silly jokes. [21:28:04] <sysmonk> although i prefer some other [21:28:13] <cpm> ??????????? ??????? ? ???? [21:28:23] <sysmonk> cpm: hehe [21:28:27] * devdas has liked Russky Platinum, and Stolichnya [21:28:28] <sysmonk> cpm: 'enough russian i know' [21:28:30] <davidj> cpm: He! [21:28:32] <devdas> Grey Goose is good [21:28:45] <mrnotproper> there-> http://inovo.ca/mail.log [21:28:53] * cpm bows to sysmomkl [21:28:57] <cpm> sysmonk even [21:29:03] <sysmonk> oh yeah mrnotproper, great [21:29:10] <davidj> cpm: Or should I say X? ? [21:29:16] *** toytoy has joined #postfix [21:29:20] <sysmonk> mrnotproper: couldn't you paste the whole log, not only the few megs of it? [21:29:44] * sysmonk irony off [21:30:18] <mrnotproper> sysmonk, I copy the whole log [21:30:21] <sysmonk> mrnotproper: pastebin the RELEVANT log lines, not FULL log [21:30:26] <mrnotproper> ah ok [21:30:39] <sysmonk> i.e. try emailing and pastebin the last 20 log lines [21:32:13] *** toytoy has quit IRC [21:32:50] *** blackflag has joined #postfix [21:35:23] <mrnotproper> Now i see the error -> http://pastebin.ca/1093099 [21:37:05] <sysmonk> mrnotproper: so, your sasl is misconfigured [21:37:21] *** gonewestcoast has quit IRC [21:38:29] * cpm waves the flash around, shouting 'Don't touch me in my sasl!' [21:39:08] <sysmonk> in your ass'l ? [21:39:12] <sysmonk> oh, sasl! [21:39:17] *** rootsvr has quit IRC [21:39:28] * cpm stumbles out the door, muttering 'g'night' [21:39:43] *** cpm has quit IRC [21:43:03] <adaptr> in Soviet Russia, vodka likes YOU [21:43:12] <PcPixel> hey monk :) [21:44:08] <sysmonk> vodka? in russia?! there's no such thing as vodka in soviet russia! [21:44:15] <sysmonk> there was also no sex in soviet russia! [21:44:17] <sysmonk> PcPixel: ho [21:44:53] <PcPixel> sysmonk: hows it going [21:45:17] *** havvg has joined #postfix [21:45:25] <adaptr> sysmonk: it shows, all they gopt left is clones [21:46:21] <sysmonk> PcPixel: still no job [21:46:24] <sysmonk> ;P [21:46:34] <PcPixel> sysmonk: awesome. still hating mine! [21:46:45] <sysmonk> oh damn :/ [21:46:53] <PcPixel> sysmonk: the mail server is fine [21:46:55] <sysmonk> i should have told you to do some nasty commands [21:47:04] <PcPixel> i think its an invalid character check in the sender address that killed it [21:47:09] <PcPixel> im building the test environment now [21:47:11] <sysmonk> and in parallel write my cv and send it to your chief [21:47:18] <PcPixel> cv? [21:47:20] <PcPixel> of [21:47:21] <sysmonk> resume [21:47:21] <PcPixel> resume [21:47:35] <PcPixel> took me a sec to shift gears :P [21:47:47] <sysmonk> we call it CV here [21:47:52] <PcPixel> yup :) [21:47:54] <sysmonk> and you call it resume out there [21:48:29] <PcPixel> the two things that seem to be cocking it up right now are: relay_recipient_maps and the "bad_senders" file i created [21:48:48] *** tshine has joined #postfix [21:49:14] <sysmonk> believe me, i don't know your setup, i don't read and try to remember it before going to bed [21:49:21] <sysmonk> and i don't dream of it at night [21:49:22] <sysmonk> :P [21:49:27] <PcPixel> sysmonk: thts me! [21:49:30] <PcPixel> i ahve nightmares [21:49:40] <PcPixel> though i am taking your advice and am attempting a clean up in a new enviro [21:50:13] <PcPixel> i wanna get the valid recipients into relay_recipient_maps [21:50:51] <PcPixel> that would definately simplify a little [21:51:04] <devdas> sysmonk: no job? [21:51:24] <sysmonk> devdas: nah, i do one, but i could do another one in parallel / half-time [21:51:38] <sysmonk> a remote one, though [21:51:53] <sysmonk> or could do it full-time if it pays well :) [21:52:10] <PcPixel> sysmonk: if you think this is bad, you shouldve seen the sendmail set up i replaced [21:52:38] <PcPixel> WORLDS better now [21:52:43] <sysmonk> PcPixel: sendmail isn't bad, you just have to learn one more programming language to configure it :P [21:52:55] <PcPixel> sysmonk: it was a dinosaur. [21:53:05] <sysmonk> a big one even :P [21:54:43] *** pirho_ has joined #postfix [21:56:22] <PcPixel> sysmonk: the stuff we gained w postfix is insane [21:56:31] <PcPixel> i would never even consider sendmail after using postfix [21:59:17] <sysmonk> i never considered sendmail, even before i tried postfix [21:59:23] <sysmonk> and before i tried postfix i used sendmail [21:59:23] <sysmonk> ;P [22:01:01] *** mrnotproper has quit IRC [22:01:27] <PcPixel> me too [22:01:29] <PcPixel> i got nowhere with it [22:01:55] <Gershwin> what about qmail? [22:02:21] <adaptr> what about it ? huh ? you think you can alter it / huh ? do you think you're lucky ? punk [22:03:13] <sysmonk> :))) [22:03:37] *** mrnotproper has joined #postfix [22:03:37] <rob0> Indeed, what about it? qmail is not a serious MTA contender for many years. It's spam-friendly and incomplete. Security through lack of essential functionality. [22:05:17] <adaptr> in SOviet Russia, sendmail considers YOU [22:05:32] <sysmonk> do you still have to recompile qmail if you want to add an alias in qmail? [22:05:32] <sysmonk> ;PP [22:06:10] <rob0> No. Patch it and THEN recompile. ;) [22:06:17] <sysmonk> oh yes yes [22:06:37] <sysmonk> qmail-xx.x-p9948193 [22:06:38] *** m0f0x has joined #postfix [22:06:51] *** F6F has quit IRC [22:09:53] *** fbe has quit IRC [22:10:53] *** pirho has quit IRC [22:12:13] *** brancaleone has quit IRC [22:12:27] <PcPixel> never looked at QMail [22:13:38] <PcPixel> once i saw postfix was a "drop in replacement" for sendmail I figured that would suit me well [22:22:25] *** jdrake has joined #postfix [22:25:40] <magyar_> how do you guys deal with <> type backscatter? [22:27:55] <PcPixel> i havent had a problem with it yet. only real thing im doing is the reject_multirecipient_bounce [22:29:15] <PcPixel> or however the parameter is defined :P [22:32:03] <Gershwin> interesting... considering that i've never looked at qmail, it's good to hear about this little stuff w/o having to investigate [22:32:04] *** jellis-real has quit IRC [22:32:21] <Gershwin> little/just right/big stuff [22:36:33] <sysmonk> Gershwin: we overdozed ofcorse, but there's some truth in what we say [22:36:46] <sysmonk> you need to apply hundreds of patches for it to work well [22:37:03] <sysmonk> but what rob0 said is truth [22:37:18] <sysmonk> magyar_: we're not fighting it, we're sending it! [22:39:50] <magyar_> sysmonk, hmmm? didn't get it.. [22:41:47] *** tshine has quit IRC [22:42:37] <sysmonk> magyar_: nah, just joking, but i did find out about a few backscatter-sources on my network, already patched [22:43:01] <sysmonk> magyar_: i don't know of any good way of fighting it thought [22:43:03] <magyar_> PcPixel, what is "reject_multirecipient_bounce" ? [22:43:08] *** F6F has joined #postfix [22:43:24] <sysmonk> !reject_multi_recipient_bounce [22:43:24] <knoba> sysmonk: Error: "reject_multi_recipient_bounce" is not a valid command. [22:43:26] <magyar_> sysmonk, it's a pain on the arse [22:43:55] <magyar_> !reject_multirecipient_bounce [22:43:56] <knoba> magyar_: Error: "reject_multirecipient_bounce" is not a valid command. [22:44:22] <sysmonk> !learn reject_multi_recipient_bounce as Reject the request when the envelope sender is the null address, and the message has multiple envelope recipients. [22:44:25] <sysmonk> !reject_multi_recipient_bounce [22:44:26] <knoba> sysmonk: "reject_multi_recipient_bounce" : Reject the request when the envelope sender is the null address, and the message has multiple envelope recipients. [22:44:34] <PcPixel> yeah that [22:45:03] *** tshine has joined #postfix [22:46:35] *** Freddie` has quit IRC [22:49:00] *** felix-da-catz_ has joined #postfix [22:49:30] *** felix-da-catz has quit IRC [22:49:51] *** felix-da-catz_ is now known as felix-dat-catz [22:49:57] *** felix-dat-catz is now known as felix-da-catz [22:56:51] <PcPixel> ok [22:56:53] <PcPixel> home time [22:56:56] <PcPixel> later taters! [22:56:58] *** PcPixel has quit IRC [23:14:54] *** sypher has joined #postfix [23:24:47] *** Nockian has joined #postfix [23:26:00] *** fdask has quit IRC [23:29:12] *** ayeuu has quit IRC [23:29:26] *** Draecos has left #postfix [23:31:29] *** riz_ has joined #postfix [23:34:01] <riz_> Hello. I would like the e-mail received with wrong user and/or domain are rejected before rbl check. If I invert the order of rules in main.cf I can't send e-mail. This is a piece of main.cf http://pastebin.com/m1ea63a91 [23:35:04] <Toerkeium> "The default_destination_concurrency_limit parameter (default: 20) controls how many messages may be sent to the same destination simultaneously" <--- what's the meaning of "destination" there? a smtpd daemon? email address? anyone knows? [23:39:09] *** havvg has quit IRC [23:40:27] <adaptr> yes [23:40:31] <adaptr> I know [23:41:16] <Toerkeium> adaptr: share with poor people [23:41:27] * Toerkeium is poor [23:41:47] <devdas> IP [23:41:52] <adaptr> a destination is the next-hop MTA deduced from an MX record or directly specified in the config [23:42:02] <Toerkeium> aha [23:42:11] <adaptr> in any case, an IP address with a breathing SMTP server [23:42:32] <adaptr> not a Kenny [23:43:33] <Toerkeium> do you know a parameter to limit all oubound smtp connections? not a per-xxx limit? [23:43:46] <Toerkeium> I've been reading the postfix docs, but I can't find it [23:43:55] <devdas> maxproc in master.cf [23:43:59] *** mrnotproper has quit IRC [23:44:03] <adaptr> set whatever limit you require in master.cf, obviously [23:44:13] <adaptr> damnfucker! stop being 3 seconds in front of me! [23:44:19] <Toerkeium> won't that limit all (even incoming) connections? [23:44:23] <adaptr> at least I can writ ea full sentence :) [23:44:30] <Toerkeium> lol [23:44:31] <devdas> no [23:44:38] <devdas> Only smtp processes [23:44:42] <adaptr> Toerkeium: learn what master.cf does [23:44:44] <devdas> Avoid modifying the smtpd line [23:45:09] *** j_s has quit IRC [23:46:11] <Toerkeium> ah, one will be the smtp client (smtp unix - - n - - smtp) and the other the server (smtp inet n - n - - smtpd) right? [23:46:27] <adaptr> !master [23:46:28] <knoba> adaptr: "master" : http://www.postfix.org/master.5.html [23:46:36] <adaptr> all is explained [23:46:40] <Toerkeium> thanks [23:46:43] <Toerkeium> gonna read it [23:46:46] *** m0f0x_ has joined #postfix [23:47:01] *** Guest9252 has left #postfix [23:47:21] <Toerkeium> I was reading the tunning, but when I thought I got it... hmm, well I didn't.. :) [23:47:35] *** radius has joined #postfix [23:48:11] <adaptr> most people never need to adjust these settings, and having to tune before you even know how it works always makes me suspicious [23:48:42] <adaptr> but then, sunrise makes me suspicious - hell, birds chirping make me suspicious, devious bastards! [23:49:51] <Toerkeium> well.. it's for a particular customer which will send a newsletter, and want to adjust the outoing limit, but I want to let the customer send all its mails for once [23:50:15] <Toerkeium> if I let him 100 processes, he will eat my bandwidth [23:50:26] <Toerkeium> 100 procs/sec I ment [23:51:25] <adaptr> he can eat your bandwidth on 1 per second, too [23:51:38] <adaptr> bandwidth limiting is not a function ofan application protocol - it never is [23:51:50] <Toerkeium> he will send small messagess [23:52:00] <adaptr> that's what he told you , he ? [23:52:24] <Toerkeium> messages are just html hosted on another provider [23:52:28] <Toerkeium> so it's just some html code [23:52:33] <Toerkeium> from a football team [23:52:53] <adaptr> hosted HTML ? so all he really needs to send is a URL ? [23:53:24] *** hparker has quit IRC [23:53:25] <Toerkeium> well, no. he will send the html in the message (some images and some text), but images will be hosted on another machine [23:53:28] <Toerkeium> another provider [23:53:29] <adaptr> (hosted HTML is sometimes referred to by techies as a "web site" - crazy world, eh? ) [23:53:53] <Toerkeium> lol, yes, it's crazy.... [23:53:57] <Toerkeium> and expensive, eh? [23:54:05] <adaptr> not really, why ? [23:54:49] <Toerkeium> I like good stuff, they are always so expensive.. or well.. I could have a bad salary, depends the point of view [23:55:47] *** m0f0x has quit IRC [23:56:35] <adaptr> what does that have to do with... anything ? [23:56:44] <adaptr> postfix doesn't cost any money [23:58:01] <Toerkeium> ahh, well.. I was just not talking about postfix when I said "expensive" referring to the "world" [23:58:04] <Gershwin> I think he was trying to come up with different lyrics to Sir-Mix-A-Lot's "I Like Big Butts" [23:58:29] <Toerkeium> what's a butts? [23:58:49] <Gershwin> It's a song from about 10 or 15 years ago [23:59:12] *** mschiff has joined #postfix [23:59:41] <rob0> I think that refers to the non-burning part of a cigarette. [23:59:54] <Toerkeium> heh [23:59:55] <Gershwin> :)