[00:00:34] <mschiff> how can I make postfix defer defined local parts?
[00:00:40] *** rmayorga_ has joined #postfix
[00:00:48] <mschiff> is this possible from within an alias file?
[00:02:23] <rob0> possibly with check_recipient_access or transport_maps, see access(5) and transport(5) respectively.
[00:02:42] <Toerkeium> Gershwin is the right name for tha known musician? or is it with "g" at its end ?pianist, if I'm not wrong
[00:02:45] *** hparker has joined #postfix
[00:02:56] <Toerkeium> hparker: the one everywhere
[00:03:24] <hparker> heh
[00:04:00] <Toerkeium> how are you? I remember you from wireless staff, you smart guy
[00:04:27] <hparker> not bad, you?
[00:05:32] <adaptr> I-like-big-buttsbutidontknowwhy
[00:05:38] <adaptr> it was a catchy song
[00:05:59] <Toerkeium> fine, trying to pay bills.. a common behavior :)
[00:06:16] <Toerkeium> heh, lets find that interesting title song
[00:06:25] <rob0> George and Ira Gershwin, brothers, lyricist and composer respectively, collaborated on many popular and well-regarded musicals.
[00:06:50] *** Haris has quit IRC
[00:07:57] <mschiff> rob0: thx I think the access table can do it..
[00:10:15] *** devdas has quit IRC
[00:11:02] *** Vi5in has joined #postfix
[00:11:11] <Vi5in> hello
[00:11:38] <Vi5in> I'm using an outbound mailhop service through dyndns. I followed all the instructions here: https://www.dyndns.com/support/kb/mail_servers_and_mailhop_outbound.html#postfix
[00:11:59] <Vi5in> but everytime I try to send mail, it bounces back with:
[00:12:07] <Vi5in>  host outbound.mailhop.org[63.208.196.178] said: 550
[00:12:07] <Vi5in>     You must authenticate to use MailHop Outbound (in reply to MAIL FROM
[00:12:07] <Vi5in>     command)
[00:13:29] *** Muisje has joined #postfix
[00:14:14] <adaptr> so authenticate
[00:14:21] * hparker hands Vi5in a copy of SASL_README and points to the client section
[00:14:32] <Muisje> Hi, i'm using Postfix and courier and i had it working monday, however it doesn't work anymore. People who mail do not get a delivery failure or delay but the emails don't show up in the mailbox... i tried to manually send a mail using telnet but that didn't arrive either.
[00:14:57] *** rmayorga_ has quit IRC
[00:15:00] * hparker points Muisje to his logs
[00:15:01] <adaptr> do you know about logs ?
[00:15:11] <hparker> heya adaptr ;)
[00:15:15] <Vi5in> adaptr: Exactly how do I 'authenticate'? I have followed all the instructions provided. I used this same setup a few months ago and it worked without a glitch
[00:15:16] <adaptr> huh! another usurper! this is getting annoying
[00:15:24] <hparker> lol
[00:15:36] * hparker heads back to his cave
[00:15:37] <Muisje> There's nothing in it that i helps me
[00:15:38] <adaptr> Vi5in: you have not followed the required SASL client instructions, since if you had, it would work
[00:15:49] <adaptr> Muisje: and that is conclusive, is it ?
[00:16:05] * adaptr changes his nick to Katje
[00:16:16] <Muisje> Not really, but i'm wondering maybe i'm looking in the wrong place, but i have found it that when i send mails
[00:16:29] <Muisje> they can be found in the logs
[00:16:50] <Vi5in> adaptr: I am following the instructions from ? https://www.dyndns.com/support/kb/mail_servers_and_mailhop_outbound.html#postfix
[00:16:53] <Muisje> Hold on, i'll setup a quick test
[00:16:58] <Vi5in> are you saying dyndns has wrong/incomplete instructions?
[00:17:15] <adaptr> Vi5in: not at all, since I have no idea what they are saying
[00:17:27] <adaptr> I am saying that if your mailhost requires authentication, then you should authenticate
[00:17:32] <adaptr> !sasl_readme
[00:17:33] <knoba> adaptr: "sasl_readme" : www.postfix.org/SASL_README.html
[00:17:41] <adaptr> go there, refer to the client section
[00:17:51] <hparker> It's deja vu all over again
[00:18:01] <adaptr> yup
[00:18:41] <Vi5in> adaptr: i am pretty confused here. so I have my mailserver, and I use dyndns' mailhop outbound service to relay mail through them, which requires authentication. i am under the impression that the authentication information is provided in /etc/postfix/sasl_passwd ?
[00:19:56] <Vi5in> adaptr: if you look at the instructions from dyndns, it shows you what information you need to add to main.cf and what you need to do to set up authentication through /etc/postfix/sasl_passwd. so I don't understand why it won't authenticate
[00:20:37] <adaptr> Vi5in: SASL can be enabled on INCOMING mail, and on OUTGOING mail
[00:20:52] <adaptr> in the one case you are the SERVER, in the other case you are the CLIENT
[00:21:11] <Vi5in> adaptr: I see, I am trying to enable this on outgoing mail where I am the mailserver and I am sending out mail
[00:21:12] <adaptr> refer to the appropriate documentation for your flavour of SASL on how to set that up
[00:21:26] <adaptr> and no, I am not looking at the instructions from dyndns
[00:22:24] <Vi5in> adaptr: i have referred to the documentation pertinent to my situation. and i haven't gotten any further. lookinag the SASL_README gives me similar instructions to what dyndns' instructions are.
[00:22:32] <Vi5in> i'm trying to find out what else could be wrong
[00:23:37] *** pickcoder has quit IRC
[00:24:30] <adaptr> increase the sasl logging and retry
[00:24:47] <Vi5in> ok, let me try that
[00:25:09] *** F6F has quit IRC
[00:31:52] *** Vi5in has left #postfix
[00:36:09] *** syneus has joined #postfix
[00:38:40] *** syneus has quit IRC
[00:44:40] *** slackjr_ has joined #postfix
[00:47:04] *** Zblakany has quit IRC
[00:49:47] *** Motoko-chan has quit IRC
[00:51:22] *** Haris has joined #postfix
[00:57:05] *** dogmeat has joined #postfix
[01:04:48] <Muisje> What is the default log location of postfix?
[01:04:57] <adaptr> syslog
[01:05:08] <adaptr> i.e., it has none
[01:05:15] *** felix-da-catz is now known as felix-da-catz_zz
[01:05:59] <Muisje> Ok, i have send a mail using telnet onto my server, yet the mail doesn't show up in the mailbox and the sender doesn't get a delivery failure
[01:06:31] <Muisje> and i can't find nothing in syslog, saying why it could've gone wrong
[01:06:37] <adaptr> what sender ? you said you used telnet
[01:07:19] <Muisje> Any, doesn't matter, right?
[01:07:41] <Muisje> I've sent mails using hotmail, uebemiau and straight using telnet
[01:08:01] <adaptr> yes, it does matter
[01:08:13] <adaptr> it will be in syslog
[01:08:22] <adaptr> if there is nothig in the logs, then you have not sent any mail
[01:10:00] <rob0> Some newbies delete their logs without understanding how a syslogd/Unix works with open files.
[01:10:43] <Muisje> adaptr, it's there
[01:10:59] <Muisje> and it didn't arrive
[01:11:03] <adaptr> rob0: nice subtle selfreference there ;)
[01:11:18] *** mschiff has left #postfix
[01:11:24] <rob0> no logs, no help. Know logs ...
[01:12:44] *** magyar_ has quit IRC
[01:13:01] <Muisje> I fixed it
[01:13:01] <Muisje> wooh
[01:13:24] *** magyar_ has joined #postfix
[01:13:26] <Muisje> Apparently the server was removing the mail after it got forwarded to one of the forwards...
[01:13:30] <Muisje> Fixed
[01:13:45] * Muisje <--- that dude is smart
[01:14:34] *** war9407 has quit IRC
[01:15:36] * adaptr eats the Muisje
[01:15:46] * Muisje likes
[01:24:03] *** Jense has quit IRC
[01:25:59] <Muisje> adaptr would you like some sauce with that?
[01:27:14] *** pirho_ has quit IRC
[01:28:36] *** GoGi has joined #postfix
[01:30:50] *** pirho_ has joined #postfix
[01:32:46] *** Muisje has quit IRC
[01:34:49] *** m0f0x__ has joined #postfix
[01:36:42] <adaptr> beschuitje graag
[01:37:17] *** m0f0x__ is now known as m0f0x
[01:41:55] *** cilly has quit IRC
[01:44:15] *** martiancode has quit IRC
[01:44:29] *** m0f0x_ has quit IRC
[01:50:51] *** c0m- has joined #postfix
[01:53:53] *** user1_ has joined #postfix
[01:54:04] *** Tykling has left #postfix
[01:55:12] <user1_> hello! how can i know about which rule in smtpd_restrictions is write error in log
[01:55:45] <adaptr> by.. looking at it ?
[01:55:53] <user1_> (i mean 'this rule is log this error')
[01:56:20] <adaptr> and I meant "look at the log message"
[01:56:22] <user1_> adaptr: i.e. Sender address rejected: Domain not found
[01:58:14] <user1_> but log is not say to me about which rule is have rejected
[01:58:55] *** hparker has quit IRC
[02:01:03] *** user1_ has quit IRC
[02:01:54] *** user1_ has joined #postfix
[02:05:07] *** madrescher has quit IRC
[02:06:18] <rob0> that's reject_unknown_sender_domain
[02:08:00] *** c0m has quit IRC
[02:09:15] *** GoGi has quit IRC
[02:14:46] <adaptr> it's kinda obvious
[02:42:10] *** Danskmand1 has left #postfix
[02:48:01] <user1_> rob0: thanks', but can i know full list of error=parameter? do you understand me?
[02:56:40] <rob0> Well, I think you should carefully read the documentation before experimenting with any restrictions you don't understand. And if you DO understand one, you won't be surprised and asking questions like this about it.
[03:02:12] *** Juspion has joined #postfix
[03:09:44] *** ayeuu has joined #postfix
[03:16:00] *** Haris1 has quit IRC
[03:17:32] *** pirho_ has quit IRC
[03:18:20] *** pirho_ has joined #postfix
[03:38:54] *** user1_ has quit IRC
[03:38:54] *** pirho_ has quit IRC
[03:39:57] *** pickcoder has joined #postfix
[03:40:16] *** user1_ has joined #postfix
[03:42:03] <sahil> rob0: well, DO YOU UNDERSTAND him, rob0?  Huh?  Do ya do ya?  Huh?
[03:42:07] <sahil> :P
[03:44:36] *** ming_zym has joined #postfix
[03:44:59] <rob0> But ... but ... but ... *nobody* understands ME!
[03:45:01] * rob0 bursts out in tears and runs away sobbing
[03:45:48] <user1_> sahil: hey, my english is slow. i not see the funny
[03:46:42] <sahil> user1_: but it's right in front of you!
[03:48:18] *** hever has quit IRC
[03:48:54] *** gonewestcoast_ has quit IRC
[03:49:50] * pickcoder looks up rob0 in dictionary: (n) confusion, lack of understandnig
[03:54:33] *** jeffspeff has joined #postfix
[03:55:07] *** slackjr_ has quit IRC
[04:00:13] *** mavrick61 has quit IRC
[04:01:22] *** mavrick61 has joined #postfix
[04:02:27] *** Juspion has quit IRC
[04:03:16] *** gonewestcoast has joined #postfix
[04:08:23] <user1_> i think, i find, that i was search. i mean dsn=
[04:08:29] <user1_> in log
[04:09:34] *** Motoko-chan has joined #postfix
[04:12:35] *** m1n3s6 has joined #postfix
[04:29:00] * sahil shrugs with apathy
[04:29:50] <rob0> Apathy is the only one who cares about me!
[04:29:57] <sahil> haha
[04:29:58] * rob0 bursts out in tears and runs away AGAIN sobbing
[04:30:22] * sahil slaps rob0 with a bit large trout (at least that's how well i recall the mIRC skillz)
[04:31:11] <sahil> ah, it wouldn't be a normal weekday without a bajillion netbios scans from winblows zombies.  sigh.
[04:32:16] <lunaphyte> that's my spam botnet.
[04:32:35] * sahil slaps lunaphyte with a bit large trout
[04:33:09] <lunaphyte> i'm like the anakin skywalker of email.
[04:34:05] <rob0> Fear leads to anger. Anger leads to hate. Hate leasds to the Spam Side.
[04:34:44] * lunaphyte rubs the trout all over his body.
[04:35:09] <sahil> omg
[04:35:12] * sahil runs away, FAST
[04:37:49] *** gonewestcoast has quit IRC
[04:42:34] *** unixSnob has joined #postfix
[04:43:08] *** gonewestcoast has joined #postfix
[04:43:29] <unixSnob> how do I find out what options postfix was compiled with?  the man pages don't show a way to get version info
[04:43:49] <lunaphyte> ask the trout
[04:43:52] <sahil> lol
[04:44:09] <sahil> version info and the options with which postfix was compiled... two different things, homie.
[04:44:13] *** JoeWulf has quit IRC
[04:44:22] <pickcoder> postconf mail_version
[04:44:33] <pickcoder> that other one.. I dunno.. I guess the trout would know?
[04:45:00] <sahil> unixSnob: is there a specific problem you're trying to solve?
[04:45:14] <pickcoder> sounds fishy
[04:45:17] * pickcoder slaps his knee
[04:45:27] <sahil> haha
[04:45:37] <lunaphyte> i don't believe there's a practical way to retrieve that.
[04:45:45] <unixSnob> sahil: i'm about to setup gmail, and need to verify taht TLS and SASL were compiled in
[04:46:03] <lunaphyte> oh, just use ldd
[04:46:06] <sahil> man ldd
[04:46:12] <unixSnob> the version info will often indicate compile time options.. apparently not this case though
[04:46:22] <sahil> unixSnob: no, it won't.
[04:48:07] <unixSnob> Eg. mutt -v
[04:48:08] <sahil> unixSnob: what is the output of ldd /path/to/your/postfix/binary ?
[04:48:16] <sahil> unixSnob: ok, mutt != postfix.
[04:48:18] <lunaphyte> ldd /path/to/postfix/smtpd
[04:48:20] <unixSnob> I would have to use pastebin to show you the results
[04:48:40] <sahil> unixSnob: don't bother, do you see anything with "sasl" in there for starters?
[04:49:18] <unixSnob> no, don't see sasl
[04:49:24] <unixSnob> (using ldd)
[04:49:29] <sahil> libsasl etc?
[04:49:32] <unixSnob> i take that back
[04:49:35] <sahil> you suuuuuure
[04:49:43] <unixSnob> I see libsasl
[04:50:24] <unixSnob> but i don't see tls (unless it's part of crypto)
[04:50:50] <lunaphyte> how did you install it?
[04:51:19] <unixSnob> aptitude install postfix
[04:51:29] <lunaphyte> what os?
[04:51:50] <unixSnob> debian etch with backports
[04:52:05] <unixSnob> kernel was upgraded to 2.6.25-2-amd64
[04:52:12] <sahil> sigh
[04:52:14] *** Gershwin has quit IRC
[04:52:25] <lunaphyte> what is postconf mail_version?
[04:52:44] <unixSnob> mail_version = 2.3.8
[04:53:19] <lunaphyte> ldd /usr/lib/postfix/smtpd | egrep '(tls|ssl)'
[04:53:26] *** gonewestcoast has quit IRC
[04:53:56] <lunaphyte> if i recall, when i was using etch, the postfix package included support for tls.
[04:54:06] <sahil> nah, you won't find 'tls' in that output.
[04:54:10] <lunaphyte> i guess you could always just try and see
[04:54:14] <lunaphyte> sahil: i do.
[04:54:23] <sahil> lunaphyte: can you paste that line?
[04:54:26] * sahil doesn't have it.
[04:54:34] <unixSnob> interesting... it's there lunaphyte.  It didn't appear when I ran ldd on /usr/sbin/postfix though
[04:54:43] <sahil> in fact, i don't have sasl becausei don't use cyrus sasl, but dovecot auth.
[04:54:46] <unixSnob> http://rafb.net/p/bOUFuj86.html <= ldd on postfix
[04:54:57] <lunaphyte> the postfix binary doesn't talk to the network.
[04:55:04] <sahil> unixSnob: that's ok, it was right to try on smtpd in the first place -- lunaphyte's instructions.
[04:55:26] <lunaphyte> or smtp, depending on which direction you're interested in.
[04:55:35] <sahil> oh, we go both ways here baby.
[04:55:50] <lunaphyte> dovecot is sasl.
[04:56:15] <sahil> yes but i do not get a libsasl line.
[04:57:29] <unixSnob> i believe it's smtp I'm interested in... my need in question is for outbound mail to gmail
[04:57:48] <sahil> lunaphyte: what's your tls line in the output of ldd?
[04:59:20] <unixSnob> http://rafb.net/p/Ikm7w467.html <= output of ldd on smtp
[04:59:31] <lunaphyte> looks fine
[05:00:00] <lunaphyte> sahil: libpostfix-tls.so.1 => /usr/lib/libpostfix-tls.so.1 (0xb7f6a000)
[05:00:29] <sahil> # ldd /usr/local/libexec/postfix/smtpd | egrep '(tls|ssl|sasl)' libssl.so.5 => /usr/lib/libssl.so.5 (0x280f8000)
[05:00:32] <sahil> woops
[05:00:37] <sahil> sorry for lack of wrap
[05:00:38] <sahil> bbl
[05:01:30] <lunaphyte> i'd imagine that's related to the tls manager, as a guess.
[05:01:50] <pickcoder> unixSnob: you should have libsasl
[05:02:03] <pickcoder> dpkg -l | grep sasl
[05:02:36] <unixSnob> yeah, i have that
[05:03:00] <unixSnob> libsasl was also present in the ldd query
[05:03:05] <pickcoder> you have libsasl2-2 and libsasl2-modules
[05:03:28] <unixSnob> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00007f1449cfd000)
[05:04:23] <pickcoder> you should have libpostfix-tls.so.1 for /usr/lib/postfix/smtp
[05:04:30] <pickcoder> if so. it's compiled in
[05:06:07] <unixSnob> yup.. got everything i need.  I'm following http://freshmeat.net/articles/view/1673/ to get this thing set up
[05:06:38] <unixSnob> i figure once i'm sending w/ gmail's smtp server, I won't have to reconfigure everytime i switch ISPs
[05:07:04] <unixSnob> which is always a pain in the ass for me, considering i move every year
[05:07:16] <pickcoder> good luck with gmail...
[05:07:23] <unixSnob> thanks
[05:07:30] <pickcoder> unixSnob: consider tzo or something similar
[05:07:56] <unixSnob> i know there are some things I don't like about gmail.. like it's overly aggressive spam blocking
[05:08:08] <unixSnob> tzo?  maybe i'll check it out
[05:08:12] <pickcoder> (provided you have port 25 incoming)
[05:08:24] <pickcoder> that doesn't help with the relay
[05:09:01] <pickcoder> it's a dynamic DNS service
[05:09:09] <unixSnob> actually gmail will cause me problems.. i just remembered -- gmail forces senders to have a FROM field that matches their gmail account.  That won't work for me
[05:10:13] <unixSnob> ah.. i see what tzo is.. I used to use 'justlinux.org' about 10 years ago.. did the same thing
[05:10:53] <rob0> postconf trout_slapping_limit
[05:11:13] <unixSnob> i need to find an smtp provider that is more flexible than gmail
[05:11:26] <unixSnob> .. something that will accept anything in the FROM field of the message
[05:11:27] <lunaphyte> i said that about my last girlfriend
[05:11:55] <lunaphyte> ok, i'm sorry.
[05:12:02] <rob0> The girlfriend would accept anything in the FROM field?
[05:12:26] <lunaphyte> nah, everything always ended in a period.
[05:12:59] <rob0> Her name was Dot.
[05:13:17] <unixSnob> everything /she/ said ended in a period, right?  Anything /you/ said was arguable
[05:13:55] <lunaphyte> well, i'm sick and twisted...
[05:15:00] <unixSnob> ah
[05:15:07] <unixSnob> that's another way to look at it
[05:15:53] *** error404notfound has joined #postfix
[05:16:06] <error404notfound> are the local postfix account pop by default?
[05:16:12] <lunaphyte> yes
[05:16:35] <lunaphyte> sigh.  now i'm just being mean.
[05:16:37] <lunaphyte> !pop
[05:16:38] <knoba> lunaphyte: Error: "pop" is not a valid command.
[05:16:42] <lunaphyte> darn
[05:17:23] <pickcoder> heh
[05:17:30] <lunaphyte> !pop
[05:17:31] <knoba> lunaphyte: "pop" : postfix is not an imap or pop server
[05:17:36] <pickcoder> error404notfound: #dovecot and #courier are --->
[05:18:19] <error404notfound> pickcoder: what do you suggest?
[05:18:32] <pickcoder> whichever one you installed would be preferable
[05:19:00] <error404notfound> pickcoder: I have to install either dovecot or courier, so still need to make the choice
[05:19:48] <pickcoder> well I'd have to say dovecot since I've never used courier
[05:19:54] <pickcoder> but I'm a little biased
[05:22:44] *** githogori has joined #postfix
[05:32:31] *** AcTiVaTe has quit IRC
[05:36:38] <error404notfound> what's the difference between postfix and courier/dovecot?
[05:37:15] <pickcoder> postfix accepts and delivers mail.. pop3/imap are mailbox protocols for pickup up mail
[05:40:35] <unixSnob> I just read that TLS was "formerly called SSL", yet TLS and SSL are separate options in Thunderbird
[05:43:21] <error404notfound> do I have to put some value in place of maildir in "home_mailbox = Maildir" or is it okay?
[05:45:31] *** goldfischli has joined #postfix
[05:48:39] <roe_> unixSnob, SSL = SSL version2 TLS=SSL version3
[05:49:55] <unixSnob> thanks
[05:50:23] <roe_> the wiki article on tls is pretty helpful
[05:50:26] *** ju_ has joined #postfix
[05:51:06] <ju_> Hi
[05:52:27] *** sypher_ has joined #postfix
[05:52:48] *** sypher has quit IRC
[05:52:58] <ju_> Does anybody facing some issues like : (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting) these days with Debian Etch set up with Howto: ISP-style Email Server with Debian-Etch and Postfix 2.3. All of this has been stable for months but these days I got this strange message.
[05:54:54] <ju_> It seems the clamd transition has troubles. Anybody got such issues ? Signum ?
[05:55:13] *** meshugga_ has joined #postfix
[05:55:59] <pickcoder> ju_: nope.. I use amavisd-new and it runs fine
[05:56:47] <roe_> ju_, I am trying to track down a similar problem, one of my SA rules is running away with an amavis thread and I don't know how to figure out which one
[05:56:52] *** meshugga has quit IRC
[05:58:19] <ju_> and roe_ as me this trouble has appeared recently ?
[05:58:36] <roe_> about a month ago
[05:59:20] <pickcoder> there's not much postfix can do
[05:59:59] <ju_> I'm running amavisd-new also ...
[06:00:11] <roe_> no pickcoder, mine and ju_ 's problem lie in #clam or #spamassassin
[06:00:15] <ju_> Client is yelling, emails are delivered but 4 hours after ...
[06:00:47] <sahil> ju_: the answer is in your logs; look carefully.
[06:01:03] <roe_> search your logs, the answer has been there all along :)
[06:01:34] <roe_> or I guess: "search your logs luke, you know it to be true"
[06:01:47] <ju_> What makes me feel even more weird is that this has aoccured one month ago for you roe_ and my client has noticed it yesterday, taking the phone saying mails are not delivered.
[06:02:06] <roe_> I think my problem is a shotty sare rule
[06:02:13] <pickcoder> ju_: a transport just doesn't stop working properly out of the blue
[06:02:20] <pickcoder> something changed
[06:02:27] <pickcoder> firewall?
[06:02:35] *** goldfisc1li has quit IRC
[06:02:37] <pickcoder> upgrade to software
[06:02:46] <ju_> My logs are not saying that much more than delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting
[06:03:17] <ju_> and firewall issue wouldn't f__k a conversation with localhost
[06:03:19] <roe_> ju_, amavis has some insane logging ability, if you are using that, increasing verbosity on the amavis end my be your best bet
[06:03:41] <pickcoder> ju_: sure it could
[06:03:46] <ju_> thanks for this advise, I'll change this at once.
[06:03:53] <pickcoder> pastebin your master.cf and main.cf
[06:04:06] <pickcoder> amavis talks to postfix over port 10025 normally
[06:04:13] <pickcoder> on 127.0.0.1
[06:05:31] <sahil> ju_: what does amavisd-nanny have to say about all this?
[06:05:50] * unixSnob hates this 30 step process to configuring TLS
[06:05:58] <sahil> unixSnob: it's not that bad.
[06:06:04] <roe_> crypto is a lot of fun
[06:06:38] * roe_ agrees with unixSnob, it only isn't bad the third time you have to do it
[06:07:02] <ju_> PID 29745: 29745-03    terminated   0:12:10 =========:=========:=========:=====>
[06:07:02] <ju_> PID 29903: 29903-01    terminated   0:12:10 =========:=========:=========:=====>
[06:07:02] <ju_> PID 29745: sending SIGKILL in 29 s
[06:07:02] <ju_> PID 29903: sending SIGKILL in 29 s
[06:07:02] <ju_> PID 29903:             successfully killed
[06:07:03] <ju_> Waiting for the process to terminate: 29745
[06:07:05] <ju_> PID 29745: sending SIGKILL in 28 s
[06:07:08] <ju_> Waiting for the process to terminate: 29745
[06:07:09] <roe_> !pastebin
[06:07:10] <knoba> roe_: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.
[06:07:10] <ju_> PID 29745: sending SIGKILL in 27 s
[06:07:12] <ju_> Waiting for the process to terminate: 29745
[06:07:19] <ju_> PID 29745: sending SIGKILL in 26 s
[06:07:19] <ju_> Waiting for the process to terminate: 29745
[06:07:19] <ju_> PID 29745: sending SIGKILL in 25 s
[06:07:22] <ju_> Waiting for the process to terminate: 29745
[06:07:22] <ju_> that is what nanny tells me.
[06:07:31] <roe_> ju_, don't do that
[06:07:38] <ju_> sorry
[06:08:06] <roe_> and if you let amavid-nanny finish it will kill those proceses and spawn new ones
[06:08:23] <roe_> but that has nothing to do with increasing your logging
[06:08:47] <ju_> I didn't know how to pastebin, usually I'm solving issues myself and it's the first time i'm coming here, taking advises from colleagues.
[06:10:09] <pickcoder> ju_: are you using CLI?
[06:10:21] <ju_> you mean command line ?
[06:10:24] <pickcoder> yeah
[06:10:31] <ju_> of course.
[06:10:58] <ju_> i hate to click on something
[06:12:20] <sahil> so um what is that pid up to?
[06:12:42] <pickcoder> 29745
[06:12:51] <sahil> no, *what* is it up to?
[06:13:05] <pickcoder> it's to up about 29745
[06:13:07] <sahil> as in does ps give any clues? :)
[06:13:08] <ju_> roe_: can i have more verbose than : $syslog_priority = 'debug';
[06:13:08] <pickcoder> heh
[06:13:15] <sahil> no no, what is that process doing damnit! :)
[06:13:22] <sahil> this is like 'who's on first' haha
[06:13:22] <roe_> ju_, nope
[06:13:30] <ju_> ok
[06:13:34] <roe_> sahil, 3rd basew
[06:14:07] <roe_> $log_level = 5;
[06:14:09] <unixSnob> the problem with TLS configs is there are multiple complex approaches... nothing as simple as a checkbox, like a thunderbird user gets.  Eg. some guides deal with fingerprints, others do not
[06:14:29] <sahil> unixSnob: you're a sysadmin.
[06:14:30] <sahil> deal.
[06:14:55] <pickcoder> so don't use TLS
[06:15:05] * roe_ questions unixSnob's nick if he is preferring a GUI to VI
[06:15:15] <Landon> SASL is a pita :\ I set up postfix to se dovecots sasl, but Thunderbird is reporting that the server does not support secure authentication
[06:15:54] <Landon> I'm not really sure what side is failing to report that it supports authentication, the imap server or the smtp server
[06:15:58] <sahil> Landon: postfix+dovecot sasl works fine here.  the instructions on postfix.org are what i followed.
[06:15:59] <unixSnob> roe_: i've seen toggles in text mode before... it could be "TLS = on" for example
[06:16:10] <roe_> it could be sure
[06:16:11] <Landon> I followed them to the letter
[06:16:25] <roe_> but what fun would that be
[06:16:37] <roe_> the first time I configured tls it took me like 3 days
[06:17:08] <sahil> Landon: paste your configs somewhere.
[06:17:12] <sahil> and errors, etc.
[06:17:13] <unixSnob> 3 days, bouncing between 5 different sets of instructions
[06:17:20] <roe_> yuppers
[06:17:22] <Landon> juse a second, was trying something else
[06:17:27] <Landon> looked in the logs
[06:17:27] <roe_> ah, the good ole days
[06:17:33] <Landon> dovecot is reporting:
[06:17:34] <Landon> Aug  5 23:06:45 c29150 dovecot: imap-login: Aborted login (0 authentication attempts): rip=70.179.170.189, lip=208.83.233.64, TLS
[06:17:49] <Landon> so I'm going to assume that's where the problem is
[06:17:57] <ju_> roe_: pickcoder : http://paste.debian.net/plain/14018
[06:19:47] <roe_> ju_, you have all those wonderful lines of logs and you choose to paste two? what was it doing just before that?
[06:20:01] <ju_> Landon : you can proceed an nmap localhost to figure out what are the open ports on your server, if not secured port is opened (995 pops or 993 imaps) you have a misconfig.
[06:20:12] <Landon> right, 993 is open
[06:20:18] <Landon> that's how I've been conenecting in the past
[06:20:20] <sahil> you don't need nmap.
[06:20:24] <sahil> we can tell from the log 993 is open.
[06:20:50] *** pickcoder has quit IRC
[06:21:07] <ju_> roe_: shall i provide you all what is said about the process 26306 ?
[06:21:32] <sahil> Landon: what are your mechanisms in dovecot.conf?
[06:21:34] <Landon> http://lfowles.org/files/dovecot.conf
[06:21:41] <sahil> hm
[06:21:49] <ju_> Landon: in your thunderbird configuration, you enable just use SSL so.
[06:22:03] *** margs has joined #postfix
[06:22:16] <Landon> ju_: yea, but Secure Authentication doesn't work
[06:23:12] <Landon> http://lfowles.org/files/dovecot.conf.txt if the other doesnt work
[06:23:21] *** tshine has quit IRC
[06:23:28] <ju_> Landon: you don't need secure auth if you have secured connection.
[06:23:43] <ju_> you can uncheck secured auth.
[06:23:55] <Landon> oh
[06:24:01] <Landon> hm, I wish thunderbird made that more obvious :)
[06:24:48] <sahil> yes, do NOT check use secure auth.
[06:24:53] <sahil> just check SSL.
[06:24:54] * Landon fails :P
[06:25:03] *** kk_CHN has joined #postfix
[06:25:04] <sahil> i don't see anything wrong with your dovecot.conf.
[06:25:05] <Landon> now I can get back to setting up TLS
[06:25:17] <sahil> and in the future, please just paste dovecot -n. :)
[06:25:27] <sahil> (not in the channel)
[06:26:27] <Landon> heh, right
[06:27:02] <Landon> on the SMTP server, a 250 - STARTTLS means TLS is configured correctly?
[06:27:06] <Landon> or will I have to do more testing
[06:28:13] <sahil> that's set.
[06:28:22] <ju_> roe_: http://paste.debian.net/plain/14019
[06:30:04] <sahil> ju_: is your log level at 5?
[06:31:42] <ju_> sahil: in what ?
[06:31:51] <sahil> ju_: and did you fiddle or upgrade Net::Server lately?
[06:31:54] <sahil> in amavisd-new.
[06:32:39] <ju_> yes it's debug
[06:33:01] <ju_> i check for this upgrade ...
[06:33:51] *** saurabhb has joined #postfix
[06:34:39] <sahil> ju_: what is the output of sudo grep \$log_level /usr/local/etc/amavisd.conf
[06:34:48] <sahil> or replace my path with whatever the path is to your amavisd.conf.
[06:36:19] <ju_> sahil: -rw-r--r-- 1 root root 130974 2006-10-20 01:03 libnet-server-perl_0.94-1_all.deb
[06:36:27] <sahil> wtf is that?
[06:36:49] * sahil doesnt use debian or linux
[06:36:59] <sahil> can you run that grep line and tell me the output please?
[06:38:13] <ju_> sahil: actually i have log_level setup nowhere just $syslog_priority = 'debug'
[06:38:59] <sahil> that's not good enough.
[06:39:07] <ju_> sahil: what i have sent before was the version of Net::Server on the server.
[06:39:13] <sahil> set your log level to 5 and reproduce the error and show those logs.
[06:39:29] <ju_> ok so i had this $log_level='5' ?
[06:39:36] <sahil> i don't know, did you?
[06:39:42] <sahil> what i'm saying is you SHOULD have it.
[06:39:49] <ju_> add not had
[06:40:02] <ju_> ok
[06:40:23] *** AcTiVaTe has joined #postfix
[06:42:25] <ju_> sahil: i've done this, now I'm waiting for the error to come back.
[06:45:20] <sahil> omg i
[06:45:22] <sahil> m so tired
[06:45:24] * sahil -> slep
[06:45:30] <sahil> s/slep/sleep/
[06:45:31] <sahil> good luck.
[06:45:52] <user1_> bb
[06:47:24] <ju_> thanks sahil, I think that to increase the logs will give me this answer.
[06:55:06] *** jdrake has left #postfix
[07:06:40] *** unixSnob has quit IRC
[07:15:57] <error404notfound> why do we need pop when an application that has to send and show emails is deployed on the same system as the MTA?
[07:17:48] *** jeffspeff has quit IRC
[07:17:48] <error404notfound> after the Maildir configuration how can I use mail/mutt to read emails from there?
[07:20:43] <f3ew> yes
[07:21:45] <error404notfound> f3ew: yes for?
[07:30:08] <f3ew> mutt -f Maildir/
[07:39:24] <error404notfound> f3ew: did it, using .muttrc
[07:47:30] *** jpalmer has quit IRC
[07:49:51] <error404notfound> I have installed courier on my ubuntu machine, postfix is already installed and used maildir, I want to configure courier to use pop, and then use my pop server in an application, how can I do the config stuff plus what would be the address of my pop server? suppose hostname is localhost.localdomain.com...
[07:52:54] *** Silowyi has quit IRC
[08:06:33] *** syneus has joined #postfix
[08:12:08] <kk_CHN> channel:I installed FreeBSD7 in my laptop , but the resolv.conf file is not there in /etc , so wee need to create it .why FreeBSD wont do that by default ?
[08:13:13] *** phnord has joined #postfix
[08:14:23] *** zykes- has joined #postfix
[08:14:38] <zykes-> anyone here tell me the difference in mailbox and maildir ?
[08:16:10] <kk_CHN> sorry wrong channel
[08:21:43] <error404notfound> can someone help me with :  I have installed courier on my ubuntu machine, postfix is already installed and used maildir, I want to configure courier to use pop, and then use my pop server with local user logins in an application, how can I do the config stuff plus what would be the address of my pop server? suppose hostname is localhost.localdomain.com...
[08:22:25] <f3ew> zykes- mbox is a single file, maildir is one file per message
[08:22:41] <zykes-> ok f3ew :)
[08:22:42] <f3ew> error404notfound, just install courier
[08:23:03] <zykes-> hmm, i wonder why some uses user at domain dot tld and others store in domain.tld/user
[08:23:04] <error404notfound> f3ew: did that? what is the address of my pop server?
[08:25:24] *** madrescher has joined #postfix
[08:25:38] *** amrit|wrk is now known as amrit|zzz
[08:27:34] <f3ew> error404notfound, localhost
[08:27:43] <error404notfound> f3ew: did it already :P
[08:27:48] <error404notfound> f3ew: thanks man :P
[08:29:19] *** sophokles has joined #postfix
[08:35:55] *** milligan has quit IRC
[08:57:37] *** F6F has joined #postfix
[08:59:06] *** j_s has joined #postfix
[09:02:42] *** sypher_ has quit IRC
[09:08:25] *** g0rd0n_ has joined #postfix
[09:15:13] *** gonewestcoast has joined #postfix
[09:20:18] *** shinao1 has quit IRC
[09:27:57] *** bjartis has joined #postfix
[09:28:46] <bjartis> Is there any setting or command to use to speed up mail-delivery? I've currently got 2000 mails in my queue and it's taking a long time for it to go down.
[09:30:14] <bjartis> i've set smtp maxproc to 500.
[09:30:51] *** Motoko-chan has quit IRC
[09:44:24] *** chadmaynard has quit IRC
[09:44:37] *** littlebird has joined #postfix
[09:47:51] *** rootsvr has joined #postfix
[09:50:13] *** brancaleone has joined #postfix
[09:57:54] *** war9407 has joined #postfix
[09:59:49] *** alienbrain has joined #postfix
[10:01:38] *** fbe has joined #postfix
[10:02:38] *** rootsvr has quit IRC
[10:04:26] *** madrescher has quit IRC
[10:04:30] *** madrescher has joined #postfix
[10:05:42] *** bjartis has left #postfix
[10:11:13] *** madrescher has quit IRC
[10:11:40] *** cilly has joined #postfix
[10:26:07] *** madrescher has joined #postfix
[10:45:11] *** sophokles1 has joined #postfix
[10:47:00] *** Draecos has joined #postfix
[10:51:04] *** cilly has quit IRC
[10:51:26] *** hever has joined #postfix
[10:53:03] *** cilly has joined #postfix
[10:53:45] *** Zeit|awy has joined #postfix
[10:57:52] *** rootsvr has joined #postfix
[10:58:37] *** F6F has quit IRC
[11:00:49] *** sophokles has quit IRC
[11:04:02] *** watts_ has joined #postfix
[11:07:37] *** martiancode has joined #postfix
[11:08:38] *** Jense has joined #postfix
[11:11:28] *** tundra has quit IRC
[11:13:57] *** rootsvr has quit IRC
[11:14:37] *** madrescher has quit IRC
[11:25:17] *** m0f0x_ has joined #postfix
[11:26:34] *** brancaleone has quit IRC
[11:37:24] *** m0f0x has quit IRC
[11:41:41] *** Internat has quit IRC
[11:41:49] *** brancaleone has joined #postfix
[11:42:03] *** Internat has joined #postfix
[11:45:04] *** cilly has quit IRC
[11:58:20] *** m0f0x__ has joined #postfix
[12:00:17] *** bhagat has joined #postfix
[12:10:21] *** m0f0x_ has quit IRC
[12:10:38] *** kk_CHN has quit IRC
[12:14:28] *** madrescher has joined #postfix
[12:25:07] *** sypher has joined #postfix
[12:32:34] *** rootsvr has joined #postfix
[12:33:57] *** gonewestcoast has quit IRC
[12:34:34] *** rakosh76 has joined #postfix
[12:40:02] <loompek> just a quick question...
[12:40:18] <loompek> if i'd like to forward sender's address and relay it to another server..
[12:41:33] <loompek> let's say * at domain1 dot com to * at some dot domain2.com
[12:42:39] <Signum> loompek: I assume you mean recipient addresses. In that case the transport_maps should help you.
[12:42:43] <Signum> !transport_maps
[12:42:44] <knoba> Signum: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[12:42:48] <loompek> no
[12:42:51] <loompek> sender's address
[12:43:06] <loompek> i've already got transport maps for sending to a domain
[12:43:08] <Signum> If emails come from certain addresses you want to forward them to another server?
[12:43:20] <loompek> Signum i'm configuring mms mta
[12:43:30] <loompek> i jsut got the documentation ...
[12:43:34] <Signum> mms?
[12:43:39] <loompek> multimedia services
[12:43:53] <Signum> . o O ( ??? )
[12:44:14] <loompek> i get the mail from +1234567890 at mms dot domain.com and i'd have to mask the sender
[12:44:24] <loompek> so it seems the mail is sent from
[12:44:34] <loompek> +1234567890 at mms dot mnc123.mcc123.gprs
[12:47:00] <loompek> well?
[12:47:03] <loompek> can it be done?
[12:48:05] <Signum> And the MMS software can't use proper sender addresses?
[12:48:52] <Signum> Otherwise... http://www.postfix.org/ADDRESS_REWRITING_README.html
[12:49:37] *** sypher has quit IRC
[12:50:43] *** e-head has quit IRC
[12:53:13] *** cpm has joined #postfix
[12:54:17] <loompek> unfortunately... mmsc sucks...
[12:54:55] *** e-head has joined #postfix
[12:55:09] <loompek> smtp_generic_maps = hash:/etc/postfix/generic
[12:55:11] <loompek> hmm
[12:55:15] <loompek> this seems right...
[13:01:29] *** m1n3s6 has quit IRC
[13:02:16] *** bhagat has quit IRC
[13:12:52] *** capt_rogers has joined #postfix
[13:13:24] *** g0rd0n_ has quit IRC
[13:14:07] *** capt_rogers has quit IRC
[13:14:24] *** rizi has quit IRC
[13:16:36] *** kk_CHN has joined #postfix
[13:18:05] *** rootsvr has quit IRC
[13:21:01] *** lysander has quit IRC
[13:25:13] *** lysander has joined #postfix
[13:25:17] *** lysander_ has joined #postfix
[13:25:27] *** lysander has quit IRC
[13:25:57] *** fbe has quit IRC
[13:28:10] *** shinao1 has joined #postfix
[13:28:17] *** rootsvr has joined #postfix
[13:31:40] *** ming_zym has quit IRC
[13:33:35] *** cilly has joined #postfix
[13:33:57] *** rakosh76 has quit IRC
[13:35:11] *** kk_CHN has quit IRC
[13:36:09] *** rizi has joined #postfix
[13:37:55] *** kk_CHN has joined #postfix
[13:39:40] *** kk_CHN has quit IRC
[13:40:11] *** kk_CHN has joined #postfix
[13:40:13] *** kk_CHN has quit IRC
[13:41:38] *** kk_CHN has joined #postfix
[13:43:08] *** kk_CHN has joined #postfix
[13:47:22] *** lysander_ has quit IRC
[13:47:41] *** kk_CHN has joined #postfix
[13:47:48] *** lysander has joined #postfix
[13:48:42] *** kk_CHN has quit IRC
[13:48:50] *** ju_ has quit IRC
[13:50:02] *** kk_CHN has joined #postfix
[13:50:25] *** kk_CHN has quit IRC
[13:53:19] *** kk_CHN has joined #postfix
[13:53:25] *** spy6 has joined #postfix
[13:53:29] <spy6> hi there
[13:53:30] *** kk_CHN has quit IRC
[13:54:14] <spy6> just a short question if I understood the documentation correct ... there is no way to bypass body- and header-checks under any condition?
[13:55:54] <f3ew> spy6 right
[13:56:49] <spy6> argl!
[13:56:55] <loompek> umm
[13:57:23] <loompek> what if someone sets up another smtpd... in master.cf.. and tells it not to use header and body checks...
[13:57:54] <spy6> how does that help?
[14:00:07] *** Ramattack has joined #postfix
[14:00:10] <Ramattack> Helo!!
[14:00:45] <Ramattack> does postfix temporarily suspend delivery to a server... in other way wich could be queue delay between attempts?
[14:00:53] <Ramattack> I have seen one of my postfix queue
[14:00:55] <Ramattack> and sais
[14:01:42] <Ramattack> (delivery temporarily suspended I was wondering if this is just a queue attempt delay or if postfix sais you you fail accepting mail 30 times... I stop delivering you one day... for example
[14:02:43] *** saurabhb has quit IRC
[14:03:10] <f3ew> Ramattack the first
[14:04:00] <Ramattack> just a delivery attempt delay due to normal queue proccessing
[14:04:04] <Ramattack> :) zenkz
[14:06:00] <Ramattack> time for launch
[14:06:02] <Ramattack> :) bye
[14:06:10] *** Ramattack has quit IRC
[14:07:20] *** rakosh76 has joined #postfix
[14:09:24] *** kk_CHN has joined #postfix
[14:09:46] *** kk_CHN has quit IRC
[14:11:12] *** kk_CHN has joined #postfix
[14:11:53] *** kk_CHN has quit IRC
[14:12:33] <cpm> how you feeling this afternoon f3ew?
[14:14:00] *** syneus has quit IRC
[14:14:18] *** kk_CHN has joined #postfix
[14:14:55] <f3ew> tired
[14:15:05] *** kk_CHN has quit IRC
[14:16:37] <sysmonk> f3ew: what did ya do yesterday
[14:17:09] <f3ew> worked
[14:17:33] <sysmonk> uh, yeah, that's scary and makes you tired...
[14:17:37] *** kk_CHN has joined #postfix
[14:17:58] <vice-versa> spy6: see the last two examples in http://www.postfix.org/BUILTIN_FILTER_README.html for why one may want to implement loompek's suggestion
[14:18:19] *** kk_CHN has quit IRC
[14:19:27] *** orazioz has joined #postfix
[14:19:32] *** ribasushi_ has joined #postfix
[14:20:42] <orazioz> hi all, I a create a "mailing list" with a virtual address that turn mail to some addresses. How can I change the reply-to field of the forwarded emails?
[14:21:00] <orazioz> I need to use procmail or postfix can do that?
[14:21:51] *** kk_CHN has joined #postfix
[14:21:59] *** jellis-real has joined #postfix
[14:22:31] *** kk_CHN has quit IRC
[14:24:15] *** kk_CHN has joined #postfix
[14:24:40] *** kk_CHN has quit IRC
[14:25:58] *** unixSnob has joined #postfix
[14:30:51] *** clomo has joined #postfix
[14:31:05] *** clomo has left #postfix
[14:36:17] *** ranzes has joined #postfix
[14:36:26] *** ribasushi has quit IRC
[14:40:55] <spy6> vice-versa: that only works if you can seperate per reciep-domains or something like this ... but I cant seperate it via sending mailserver/reciep/...
[14:42:46] *** abbe has joined #postfix
[14:42:49] <abbe> hi
[14:43:19] <lunaphyte_> anyone here greylisting charter?
[14:44:19] <abbe> I'm planning a mail setup for a LAN, where server is running GNU/Linux, the users won't be having any Unix account on the server. Can anyone suggest how to go about this ?
[14:44:29] <lunaphyte_> !virtual
[14:44:29] <knoba> lunaphyte_: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[14:44:45] <abbe> lunaphyte: thanks
[14:46:32] <lunaphyte_> you're welcome
[14:47:35] <orazioz> I a create a "mailing list" with a virtual address that turn mail to some addresses. How can I change the reply-to field of the forwarded emails?
[14:47:48] *** Jax has joined #postfix
[14:47:58] *** theneb has joined #postfix
[14:48:37] <theneb> Hi all, having problems with gmail sending email to my postfix server. I get Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 530 530 SMTP authentication is required. (state 14).' from gmail when it tries to send. However the mail server accepts mail from my other domains.
[14:49:31] <cpm> huh? and what has this to do with postfix?
[14:52:00] <theneb> I assume postfix is what is rejecting the mail? Or am I to look elsewhere?
[14:52:20] <lunaphyte_> why assume, when you can look at the logs?
[14:52:23] <abbe> theneb: what does your maillog says ?
[14:53:39] <abbe> theneb: i suspect Google trying to deliver mails to your relay, probably
[14:56:03] <theneb> Not getting anything out of this error, Best to look at relay somewhere then?
[14:57:34] <lunaphyte_> !logs
[14:57:35] <knoba> lunaphyte_: "logs" : by default, postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going.
[15:01:41] *** PcPixel has joined #postfix
[15:01:57] <PcPixel> g'mornin all!
[15:02:54] <sysmonk> afternoon
[15:03:05] <PcPixel> hey monk :)
[15:03:08] *** Haris1 has joined #postfix
[15:03:31] <PcPixel> sysmonk: test network is almost done.
[15:03:44] <sysmonk> s/network/envoirnment/
[15:03:50] <PcPixel> yup
[15:04:01] <PcPixel> vmware is awesome :P
[15:04:35] <sysmonk> yeah, especially when it drains all your resources
[15:04:39] <PcPixel> i've got the same set up i had before: "corporate" network with a postfix server that connects to the "internet" to another "company"
[15:04:53] <PcPixel> sysmonk: i have a dedicated VM box
[15:05:02] <PcPixel> dual core w 4GB ram
[15:05:10] <PcPixel> its sole purpose is to be a lab box. nothing more. :)
[15:05:13] <sysmonk> oh sure, and you think that's enough? :)
[15:05:28] *** error404notfound has left #postfix
[15:05:30] <PcPixel> sysmonk: its running on windows. so no. no its not enough. :P
[15:07:01] <PcPixel> once CENT gets installed, i'll be all set
[15:07:19] <cpm> 4g ? not enough.
[15:07:32] <sysmonk> yup
[15:07:33] <PcPixel> well its 32bit. not like i can add more :)
[15:07:40] <PcPixel> the mobo will go to 8
[15:07:43] <sysmonk> PcPixel: sure, you can use PAE
[15:07:54] <cpm> Ewwww!
[15:08:02] <PcPixel> cpm: the ew was for PAE?
[15:08:03] <sysmonk> cpm: he's using vmware anyway
[15:08:08] * cpm has horrible nightmarish visions of 'expanded RAM'
[15:08:09] <sysmonk> ye, pae sucks
[15:08:22] <PcPixel> cpm: im with you on that. if the OS cant natively do it. then im not attempting it
[15:08:25] <cpm> why 32 bit?
[15:08:35] <sysmonk> PcPixel: i would need a SERIOUS reason to use PAE, but i haven't found one yet ;)
[15:08:35] <PcPixel> my boss wouldnt spring for XP 64
[15:08:40] <cpm> why XP?
[15:08:46] <cpm> run XP in a vm
[15:08:47] <PcPixel> its just what the host OS is right now
[15:08:52] <cpm> get rid of it.
[15:08:55] <PcPixel> i have a VM dedicated box
[15:08:56] <PcPixel> lol
[15:09:02] <PcPixel> and go with...?
[15:09:08] <PcPixel> personally, id go with CENT
[15:09:11] <cpm> run a 64bit linux, run xp in a vm
[15:09:13] <PcPixel> but wondering what youd recomend
[15:09:17] <sysmonk> i'd go with BUCKS
[15:09:28] <cpm> I like fedora, but I'm brain damaged. CentOS is too dusty for me.
[15:09:29] <PcPixel> sysmonk: oh dear LORD its too early here for that.
[15:09:38] <PcPixel> "dusty"?
[15:09:58] <cpm> Old,
[15:10:02] <cpm> antique
[15:10:06] <sysmonk> PcPixel: ignore that, the keyword is 'brain damaged'
[15:10:07] <sysmonk> ;)
[15:10:07] <PcPixel> ??
[15:10:12] <PcPixel> they are u p to 5.2
[15:10:20] <PcPixel> i thought that was comparable to RHEL 5.x
[15:10:29] <sysmonk> PcPixel: cpm is at his 91th year of life
[15:10:30] <cpm> yeah, and 5.2 uses ancient packages, and a dusty kernel.
[15:10:31] <sysmonk> he's old, dusty
[15:10:38] <cpm> yeah, that too
[15:10:44] <PcPixel> lol
[15:10:49] <PcPixel> my boss is an RH fanatic
[15:10:57] <PcPixel> so i gotta stick with that
[15:11:00] <sysmonk> i think cpm would kill me once he'd meat me in real life ;P
[15:11:05] * PcPixel giggles
[15:11:06] <sysmonk> meet*
[15:11:09] <cpm> fedora is what centos will be in 3 years
[15:11:11] <sysmonk> but meat will do fine too
[15:11:24] <cpm> naw, I'd buy you a drink.
[15:11:25] <PcPixel> cpm: i noticed too many differences between fedora and rhel
[15:11:29] <PcPixel> thats why i went cent
[15:11:30] *** orazioz has quit IRC
[15:11:33] <sysmonk> cpm: poison?
[15:11:41] <cpm> after a fashion
[15:12:00] <cpm> PcPixel, again, fedora is what centos will be in 3 years.
[15:12:05] <cpm> except you can do it now.
[15:12:15] <PcPixel> eh. :)
[15:12:51] <PcPixel> if i mentioned the one i wanted to use, i bet i would start a real good fight lol
[15:13:20] * f3ew likes CentOS
[15:13:25] <f3ew> stable == good
[15:13:26] <cpm> PcPixel, ?
[15:13:31] <PcPixel> what the heck.. ill say it...
[15:13:37] <PcPixel> cpm: i wanted to use
[15:13:40] * PcPixel drum rolls
[15:13:44] <PcPixel> Ubuntu LTS
[15:13:52] <cpm> f3ew, how do you deal with having to have separate build environments for current tarballs?
[15:13:53] <f3ew> Just use Debian
[15:13:58] * PcPixel sits back & waits for the sparks
[15:14:14] <f3ew> cpm I don't use current tarballs, I just build my own RPMs if needed
[15:14:18] <cpm> I got some ubuntu on my shoe once. Tracked it all over the house before I noticed. What a mess
[15:14:25] <cpm> f3ew, fair enough
[15:14:26] <sysmonk> oh man, just use freebsd! :P
[15:14:40] * sysmonk adds some gas to the fire
[15:14:52] <f3ew> sysmonk, I would, if I could trust my colleagues to get it right
[15:14:58] <PcPixel> my boss actually had me look at OpenSolaris
[15:15:36] <cpm> I thought you didn't need to 'get it right', that was the beauty of it.
[15:15:40] <PcPixel> lol
[15:15:50] <PcPixel> so far, my favs are CENT (just because it isnt redhat) and ubuntu
[15:15:55] <PcPixel> debian i think i should check out again
[15:16:10] <cpm> had a roomate who was a solaris hacker by trade, she couldn't stand linux, any linux. was pretty funny. I don't blame her either.
[15:16:20] <PcPixel> i liked ubuntu for debians track record, so it logically makes sense i should try it
[15:16:26] * f3ew points cpm to puppet
[15:16:26] <cpm> run it in a vm
[15:16:43] <PcPixel> oh god, please dont get me started on VMs in production
[15:16:49] <PcPixel> its my bosses new food processor
[15:16:53] <PcPixel> he wants to virtualize EVERYTHING
[15:17:01] * f3ew likes VMs
[15:17:05] <cpm> f3ew, interesting
[15:17:10] <f3ew> PcPixel, almost always a good idea
[15:17:15] <cpm> PcPixel, don't fight it.
[15:17:16] <f3ew> reductivelabs.com
[15:17:22] <PcPixel> dont fight it?!
[15:17:30] <f3ew> hardware fails, VM .. more rarely
[15:17:35] <cpm> get good at it. It's not just the future, it's the now, and has been for a while.
[15:17:36] <PcPixel> oh no its not that
[15:17:41] <PcPixel> no im FOR it
[15:17:44] <f3ew> VM for the OS + services, storage on a SAN ...
[15:17:48] <PcPixel> my thing is, we dont have redundancy/backups in place
[15:18:01] <PcPixel> we already had one case where a VM's physical drive died
[15:18:04] <PcPixel> i lost 2 machines
[15:18:12] <PcPixel> "oh, we dont back those up"
[15:18:16] <PcPixel> 'ARE YOU INSANE?!?!'
[15:18:26] <f3ew> oops
[15:18:36] <f3ew> PcPixel, use a configuration management system
[15:18:50] <PcPixel> f3ew: if you keep making sense like this, im going to have to ask you to leavce
[15:18:52] <PcPixel> :P
[15:18:54] <f3ew> you should be able to build out a few dozen VMs in a couple of hours
[15:18:58] <f3ew> from scratch
[15:19:05] <PcPixel> f3ew:he wont let me implement one
[15:19:09] <PcPixel> ive been pushing for one
[15:19:13] <PcPixel> he doenst feel its necesary
[15:19:20] <PcPixel> same with using private IPs
[15:19:22] <PcPixel> or DHCP
[15:19:24] <PcPixel> or DNS
[15:19:29] <PcPixel> or Active Directory
[15:19:33] <f3ew> Plus, if you ever need two of a machine type, just use the same descriptions
[15:19:38] <f3ew> AIEEEEEEEEEEEEEEEEEEEEEeee
[15:19:42] <f3ew> Kill your boss?
[15:19:46] <cpm> f3ew, comments, criticisms, cliches`, concerning vmware's approach, vs kvm, other ?
[15:19:52] *** VaNNi has quit IRC
[15:20:02] <PcPixel> f3ew: ive been trying. its like hes Rasputin
[15:20:18] *** VaNNi has joined #postfix
[15:20:18] <PcPixel> f3ew: our primary name resolution system here? WINS.
[15:20:22] <f3ew> cpm don't know enough yet to judge
[15:20:30] <cpm> f3ew, k
[15:20:30] <sysmonk> woot
[15:20:32] <cpm> thax
[15:20:32] <sysmonk> wins?
[15:20:35] <sysmonk> ouch...
[15:20:36] <cpm> thanx even
[15:20:47] <PcPixel> sysmonk: yes
[15:20:48] <cpm> Wins? Why In the Name of Satan?
[15:20:51] <shasta> wins = loss :>
[15:20:57] * PcPixel hands sysmonk the duct tape to wrap around his head so it doesn't explode.
[15:21:08] <PcPixel> welcome to the admin life that is my hell.
[15:21:16] *** xnixan has quit IRC
[15:21:16] <PcPixel> hokey smokes! debian is 4 dvds?
[15:21:17] <Dominian> wtf
[15:21:18] <Dominian> WINS!?
[15:21:21] <Dominian> who set that network up?
[15:21:26] <Dominian> and do they still work for you?
[15:21:28] <PcPixel> dominian: he did.
[15:21:31] *** Tex-Twil has joined #postfix
[15:21:32] <PcPixel> dominian: he is my boss.
[15:21:32] <sysmonk> Dominian: he works for them
[15:21:39] <Dominian> dear god
[15:21:44] <Dominian> Take him out.. shoot him.
[15:21:50] * sysmonk hands a gun
[15:21:52] <Dominian> Thats like relying on NETBIOS
[15:21:54] <PcPixel> our entire network uses public IPs, but 99.9% of the machines go out a proxy to get to the internet
[15:21:56] <Dominian> YOU CAN'T
[15:22:04] <Dominian> PcPixel: uhh huh?
[15:22:07] <Dominian> that's.. insane
[15:22:11] <sysmonk> k, need to go try to boot that fu**n promise raid controller
[15:22:14] * sysmonk hates promise
[15:22:21] <PcPixel> dominian: you dont have to tell me.
[15:22:21] <Dominian> 3ware ftw
[15:22:21] * shasta promises hate
[15:22:27] <sysmonk> Dominian: yeah, 3ware ftw
[15:22:30] <Dominian> :)
[15:22:59] <sysmonk> i've 36 gib disks in it, worked 'fine'
[15:23:05] <sysmonk> untill one of the disks exploded
[15:23:09] <unixSnob> Does it make sense to install libdb3-util, when libdb4 is installed?  There is no libdb4-util.
[15:23:11] <sysmonk> now we bought 2x160 gib disks
[15:23:18] <sysmonk> and promise doesn't even want to show them to the system ;/
[15:23:18] <cpm> I'm, after a number of years, starting to get over my deep love of 3ware
[15:23:24] <sysmonk> and it cuts them to 137 gib
[15:23:37] <sysmonk> + our firmware SOMEHOW, MAGICALLY is newer than at promise website ...
[15:23:51] <sysmonk> we have 2.01.0140.01, the newest at promise website is 2.00.xxx.....
[15:24:31] <PcPixel> when i put the postfix server up, he wanted to use Linux. but there were two rewuirements for the distro "i" picked: 1. It can't be free, and 2. There has to be a company behind it.
[15:25:18] <sysmonk> PcPixel: that's one requirement, where's the second one?
[15:25:28] <PcPixel> no there were two.
[15:25:34] * sysmonk looks up
[15:25:34] <PcPixel> 1. it cant be a freely downloadable OS
[15:25:36] <sysmonk> no, that's one :)
[15:25:42] <PcPixel> 2. There m ust be a company backing it.
[15:25:55] <sysmonk> so, as i said, that ONE :P
[15:25:59] <PcPixel> oh ok
[15:26:01] <PcPixel> well it dep[ends
[15:26:02] <cpm> yeah, that's one requirement
[15:26:09] <PcPixel> ubuntu releases the same OS free or otherwise
[15:26:13] <f3ew> PcPixel, company backing it is sensible
[15:26:17] <PcPixel> redhat has 2. the one you pay for & the one thats free
[15:26:22] <unixSnob> PcPixel: debian is 4 dvds, true, but you may only use the first one.  I installed 4.0r3, and never had to insert disc 2-4
[15:26:32] <PcPixel> unix: good to know
[15:26:40] <cpm> what about disk 3?
[15:26:43] * cpm shuts up now.
[15:26:48] <PcPixel> cpm: you sir: rock.
[15:27:15] <unixSnob> PcPixel: and i'm quite curious about it, because i've installed many packages after the initial installation.  it only ever asks me for the first disc
[15:27:17] <Haris1> how much does point 2 cost?
[15:27:18] *** AcTiVaTe has quit IRC
[15:27:35] <PcPixel> haris1: red had with support ran me i think $400+
[15:27:42] <f3ew> Haris1, depends
[15:27:46] <PcPixel> i would have to go check
[15:27:52] <PcPixel> but i know it was a triple digit price tag
[15:27:58] <PcPixel> ubuntu i know is about $800
[15:29:06] <PcPixel> the linux distro is the least of my worries. i mean, as you can see; ive got bigger problems.
[15:29:22] <PcPixel> oh did i mention we dont even subnet?
[15:29:50] *** rootsvr has quit IRC
[15:30:32] <PcPixel> i apologize for being so off topic this morning. just feel like my brain wants to leap out of my body in an act of self preservation.
[15:30:50] * abbe is away: in meeting
[15:32:08] <abbe> sorry for that away message announcement
[15:32:29] <unixSnob> damn this is frustrating.. i'm on day two of trying to setup TLS (for the second time)
[15:33:28] <unixSnob> why would running '/usr/lib/ssl/misc/CA.pl -newca' result in a prompt for a filename, then termination?  I didn't appear to even try to create anything
[15:33:49] <unixSnob> s/I/It/
[15:36:19] *** sophokles1 has quit IRC
[15:36:26] *** xnixan has joined #postfix
[15:37:37] *** sophokles has joined #postfix
[15:39:38] <PcPixel> sysmonk: isnt it late over there?
[15:40:57] *** Tex-Twil has left #postfix
[15:43:02] <unixSnob> /usr/lib/ssl/misc/CA.pl -newca doesn't prompt for a password... but it did create a file for me (not the one i told it to create)
[15:43:06] <unixSnob> wtf
[15:43:13] <cpm> naw, it's early over there, he probably isn't even drinking yet.
[15:43:27] <unixSnob> what's the default password?
[15:45:20] <PcPixel> love it. just got nailed by a virus that reject_unknown_helo_something (whatever the parameter was) would have blocked.
[15:46:25] <PcPixel> the one that forces a DNS MX/A record lookup on what you are greeted with
[15:48:45] <sysmonk> PcPixel: yeah, late, 16:48
[15:50:12] <PcPixel> man
[15:50:28] <PcPixel> bosses just suck.
[15:50:35] <PcPixel> strike that. VP's suck
[15:50:46] <PcPixel> hes the one who bitched that "youre rejecting too much legitimate mail"
[15:50:59] * unixSnob considers switching to exim
[15:51:20] <lunaphyte_> go ahead
[15:52:03] <sysmonk> unixSnob: you think changing to exim will fix the lack of your openssl knowledge?
[15:52:15] <sysmonk> and that on exim you'll have to generate the certificated in some other way?
[15:52:26] <sysmonk> if so, you're wrong, but sure, go ahead
[15:53:58] <sysmonk> as far as i saw, you haven't asked ANY question about _postfix_, all your questions were about system administration at all ( installing libdb, generating ssl certificate, difference between TLS and SSL)
[15:53:58] <unixSnob> The thunderbird authors have been able to pull it off.. end users don't need to know the first thing of openssl.
[15:54:14] <unixSnob> someone in #exim is saying it's easy to setup TLS
[15:54:14] <sysmonk> are you the end user?
[15:54:17] <sysmonk> or are you a sysadmin?
[15:54:24] <sysmonk> unixSnob: yes, it is easy
[15:54:27] <lunaphyte_> i never liked that automagical perl script.
[15:54:45] <lunaphyte_> the thunderbird authors have not been able to pull anything off.
[15:54:54] <unixSnob> sysmonk: i'm an end user, who uses postfix to send mail
[15:54:57] <sysmonk> in postfix you just have to define a few variables ( paths to certs and CA's + enabling ssl )
[15:55:18] <sysmonk> unixSnob: so you're not a sysadmin?
[15:55:36] <lunaphyte_> that's like saying "i'm a patron, who cooks his own food".
[15:55:46] <f3ew> unixSnob, CA.pl gets its answers from a config file
[15:55:46] <cpm> no, he's a unixSnob, duh
[15:55:53] <f3ew> you might want to look at those
[15:55:59] *** hparker has joined #postfix
[15:56:08] <unixSnob> sysmonk: I have 15 years unix experience, and I can attest that TLS on postfix is /days/ of effort - to think otherwise means you found that rare how-to that got everything right
[15:56:10] <cpm> ssssh, it's hparker, be quiet
[15:56:15] <lunaphyte_> unixSnob: openssl is not hard necessarily, but it's not trivial either.
[15:56:20] <unixSnob> i'm looking at pages of howtos that all manage to screw one thing or another up
[15:56:37] <hparker> :-o
[15:56:53] * cpm changes his certificates every six months, and upgrades postfix every now and again, doesn't find it to be a particularly painful.
[15:57:46] <lunaphyte_> the postfix aspect of tls, in this context, is not the hard part.  it's the certificate/key generation and management that can be daunting at first.
[15:58:15] <unixSnob> f3ew: i'll check it out, because that perl script is dropping the ball for some reason
[15:58:51] *** Jax has quit IRC
[15:58:58] <f3ew> lunaphyte openssl sucks
[15:59:16] <lunaphyte_> are you a gnutls fan?
[15:59:16] <f3ew> unixSnob, search for a Apache HOWTO
[15:59:20] <f3ew> no
[15:59:33] <f3ew> the Apache HOWTOs apply for certificate generation
[15:59:51] <unixSnob> well i had this working previously (a year ago).  I first tried copying all my keys over to my new debian installation.  that didn't work
[15:59:56] <lunaphyte_> i'll agree that there are a lot of things less sucky than openssl.
[16:00:33] <sysmonk> unixSnob: not true
[16:00:40] <sysmonk> unixSnob: tls on postfix is simple
[16:00:50] <sysmonk> unixSnob: have you generated the certificate?
[16:01:09] <lunaphyte_> my certificate generator is out of gas.
[16:01:17] <lunaphyte_> i can't afford it anymore.
[16:01:24] <unixSnob> f3ew: okay, i'll check it out
[16:01:39] <sysmonk> unixSnob: do you understand that generating a ssl certificate is NOT a port of postfix?
[16:03:05] <unixSnob> sysmonk: i first tried using the certs that i had working once before on another box.. postfix couldn't use them (at least, not the way I had it configured).
[16:03:22] <PcPixel> ~5 hours to go on Debian
[16:03:31] <lunaphyte_> unixSnob: all things being equal, that really should have worked fine.
[16:03:46] <unixSnob> There are like 15 different TLS options in main.cf, and new ones keep appearing
[16:04:07] <lunaphyte_> if you still have the certificate and key, you might try that again, and let us help you with the errors postfix logs along the way.
[16:04:27] <unixSnob> lunaphyte_: well perhaps i'll keep trying that route... reusing the certs, and fiddling with the main.cf
[16:04:28] <sysmonk> unixSnob: you have to define only 3 (afair)
[16:04:34] <sysmonk> er, 4
[16:04:36] <sysmonk> 1. path to cert
[16:04:39] <lunaphyte_> unixSnob: don't get hung up on quantity.  you likely need only a small handful
[16:04:39] <sysmonk> 2. path to key
[16:04:41] <sysmonk> 3. path to ca
[16:04:45] <sysmonk> 4. ENABLE ssl
[16:05:07] * hparker hands cacert.org to lunaphyte
[16:05:30] * sysmonk is a happy user of cacert.org
[16:05:34] <lunaphyte_> hparker: you too?
[16:05:44] <PcPixel> cacert.org?
[16:05:46] <lunaphyte_> who was it the other day that lured me in there
[16:05:47] <lunaphyte_> ?
[16:05:51] <PcPixel> man its turning into an infomercial :P
[16:05:59] <sysmonk> lunaphyte_: i can grep teh logs ;)
[16:06:02] <hparker> I use it on all of my servers, and provide links for users to import keys
[16:06:11] <sysmonk> ye
[16:06:14] * cpm is also a happy cacert.org user
[16:06:18] *** netcrash has joined #postfix
[16:06:29] <sysmonk> we're thinking of making a company cacert account to generate certs to clients
[16:06:36] <lunaphyte_> i admire cacert, but atm, i don't feel it offers any practicla value over simply running my own ca.
[16:06:40] <sysmonk> cause now we're using my own account
[16:06:48] <cpm> lunaphyte_, sure it does.
[16:06:49] <lunaphyte_> *practical
[16:06:52] <PcPixel> oh so they are just a free public CA?
[16:07:12] <sysmonk> PcPixel: yeah
[16:07:21] <cpm> I'd like sysmonk to sign my keys, but I'm not sure I'd sign his
[16:07:22] <cpm> :)
[16:07:41] <sysmonk> cpm: why not? :P
[16:07:54] <cpm> :)
[16:08:01] <hparker> lunaphyte: Depends on your needs.. In house, generate your own.. Public facing use a cert provider
[16:08:29] <cpm> threat assessment needs to be considered as well.
[16:08:52] *** Draecos has left #postfix
[16:08:54] <PcPixel> http://xkcd.com/364/
[16:08:55] <sysmonk> so, cpm, why o why wouldn't you sign my keys? :P
[16:08:59] <cpm> There are downsides to self-signed that folks tend to ignore. THe more common they become (and they are very common) the more likely folks are to accept them, , , then it starts to break down.
[16:09:08] <cpm> sysmonk, I don't have any idea who you are.
[16:09:17] <lunaphyte_> using a cacert signed cert with a publicly offered service is effectively (atm) no different than a cert signed by my own ca.
[16:09:29] <cpm> lunaphyte_, how do you figure that?
[16:09:36] <sysmonk> cpm: oh, i thought that you wouldn't sign my after meeting with me and checking my id's
[16:09:49] <lunaphyte_> cacert's cert is nowhere near ubiquitous enough yet.
[16:10:01] <cpm> sysmonk, I have the feeling that you can get any id you need, for whatever you need them for.
[16:10:21] <cpm> lunaphyte_, you simply install the root certificate. Not a big deal.
[16:10:29] <lunaphyte_> same with mine
[16:10:34] <lunaphyte_> no difference.
[16:10:38] <sysmonk> cpm: i've got 100+ points in cacert.org anyway
[16:10:42] <cpm> sure there is, I have no earthly idea who you are
[16:10:45] <sysmonk> if we're talking about cacert and not gpg
[16:10:49] <hparker> lunaphyte: That goes back to getting your users to just click yes
[16:11:00] <roe_> I wonder if the pgp crowd puts a lot of demand on the fake id market
[16:11:01] <unixSnob> question for the experts - is this a decent how-to?  => http://behindmyscreen.newsvine.com/_news/2006/12/31/501615-configuringubuntu-postfix-and-gmail-in-101-easy-steps
[16:11:05] <hparker> And the bad habit that becomes
[16:11:14] <lunaphyte_> cpm: but that's you, not the typical end user, who also has no earthly idea who cacert is.
[16:11:43] <hparker> lunaphyte: Look at webmail.pcsrvc.com for an idea of how to handle it
[16:11:56] *** syneus has joined #postfix
[16:12:10] <hparker> Just an idea
[16:12:16] *** margs has quit IRC
[16:12:28] <lunaphyte_> hparker: sure, that's exactly what i do, just with my ca cert instead.
[16:13:07] <hparker> But, is your cert used anywhere else in the world?
[16:13:24] <lunaphyte_> how do you mean?
[16:14:45] <hparker> Is your cert used on any other servers other than those you control?
[16:15:02] <lunaphyte_> no
[16:15:08] <sysmonk> cpm is checking my gpg key, there'll be something interesting about it :P
[16:15:20] <hparker> There is one advantage for your users
[16:15:34] *** rootsvr has joined #postfix
[16:15:34] <hparker> sysmonk: you're in trouble now!
[16:15:44] <sysmonk> ye, i know ;/
[16:15:58] <hparker> heh
[16:15:59] <sysmonk> i think i made a mistake by giving him my gpg id ! :)
[16:16:18] <hparker> He'll have all your credentials soon
[16:16:24] <sysmonk> yeah
[16:16:59] <sysmonk> 08-06 17:16:55 -!-  idle     : 0 days 0 hours 3 mins 45 secs [signon: Wed Aug  6 13:53:14 2008]
[16:17:04] <sysmonk> he's doing something evil, i know that.
[16:17:15] <hparker> heh
[16:17:28] <jduggan> idle     : 249 days 21 hours 18 mins 37 secs [signon: Sun Nov 25 17:39:52 2007]
[16:17:40] <sysmonk> jduggan: poor guy must be dead
[16:17:42] <sysmonk> :))
[16:17:49] <sysmonk> or REALLY into IdleRPG
[16:18:47] <jduggan> :)
[16:18:58] *** valan has joined #postfix
[16:19:12] * unixSnob thinks cacert.org might be a good workaround to his broken CA.pl script
[16:19:33] <lunaphyte_> unixSnob: not really.  you 'll still have to generate a csr and key somehow.
[16:19:57] <sysmonk> lunaphyte_: generating CSR + key doesn't need CA.pl
[16:20:13] <sysmonk> (neither does creating a CA)
[16:20:45] * sysmonk generates the csr+key with openssl req -new -nodes -keyout ${DOMAIN}/${DOMAIN}.key -out ${DOMAIN}/${DOMAIN}.csr and passess those to cacert
[16:21:36] <lunaphyte_> that's my point.  he still needs to use openssl.
[16:22:11] <lunaphyte_> hparker: i guess i don't follow.  while, at the moment, my ca cert isn't used to sign certificates for other parties, there's nothing precluding me doing that if i felt so inclined.
[16:22:27] <hparker> correct
[16:22:29] <unixSnob> if i still need to work with openssl, i guess cacert.org won't help me much
[16:23:05] <hparker> Difference being is if your cert is valid anywhere else
[16:23:18] <lunaphyte_> it's as valid as cacert's is, at the moment.
[16:23:33] <hparker> unixSnob: I came in late, what is your problem?
[16:23:56] <hparker> lunaphyte: But valid no where else in the world
[16:24:10] <lunaphyte_> sure it is.
[16:24:12] <lunaphyte_> anyway, i like cacert and what they're trying to do, i'm just taking a pragmatic approach.
[16:24:14] *** crypted has joined #postfix
[16:24:20] <hparker> :P
[16:24:24] <unixSnob> hparker: CA.pl is broken, and i've run into a number of problems trying to get TLS to work... I haven't given full detail yet
[16:24:46] <crypted> Question: Can I copy configs and directories of postfix from a Mandriva install to a Ubuntu install and will they work?
[16:24:58] <hparker> unixSnob: I'd check your distro help and/or bugzie
[16:25:08] <hparker> It sould Just Work
[16:25:56] <unixSnob> hparker: distro help would know about CA.pl?  I would have thought that's a low level detailed kind of thing.. but i'll look into it
[16:25:56] <sysmonk> crypted: there might be different defaults
[16:26:12] <unixSnob> I was about to start inspecting the CA.pl file, even though i don't know perl
[16:27:24] <sysmonk> k, have a nice evening, be back in a few hours
[16:27:38] <hparker> unixSnob: Depends on what the package maintainer has done
[16:27:49] <crypted> sysmonk: which direcotries so I copy? /var/mail? /etc/mail? anything else?
[16:28:39] <hparker> anywho, time for a nap :P
[16:29:31] *** valan has left #postfix
[16:31:22] <crypted> sysmonk: ?
[16:34:37] *** zykes- has quit IRC
[16:34:37] *** spy6 has quit IRC
[16:34:37] *** higuita has quit IRC
[16:34:38] *** madrescher has quit IRC
[16:34:38] *** blackflag has quit IRC
[16:34:38] *** master_o1_master has quit IRC
[16:34:38] *** robtone_ has quit IRC
[16:34:38] *** _ruben has quit IRC
[16:34:38] *** vertigo- has quit IRC
[16:34:38] *** frato has quit IRC
[16:34:38] *** Flobbie has quit IRC
[16:34:38] *** amrit|zzz has quit IRC
[16:34:38] *** F|oFF has quit IRC
[16:34:38] *** piksi has quit IRC
[16:34:38] *** jduggan has quit IRC
[16:35:09] *** blackflag has joined #postfix
[16:37:02] *** jduggan has joined #postfix
[16:37:13] *** piksi has joined #postfix
[16:37:15] *** F|oFF has joined #postfix
[16:37:21] *** master_of_master has joined #postfix
[16:39:29] *** spy6 has joined #postfix
[16:39:29] *** madrescher has joined #postfix
[16:39:29] *** zykes- has joined #postfix
[16:39:29] *** Flobbie has joined #postfix
[16:39:29] *** robtone_ has joined #postfix
[16:39:29] *** vertigo- has joined #postfix
[16:39:29] *** higuita has joined #postfix
[16:39:29] *** _ruben has joined #postfix
[16:39:29] *** frato has joined #postfix
[16:39:29] *** amrit|zzz has joined #postfix
[16:47:27] *** tshine has joined #postfix
[16:50:51] *** bacaci has joined #postfix
[16:51:57] *** madrescher has quit IRC
[16:54:24] <bacaci> hi all, can someone help: http://dpaste.com/69766/    ???
[16:54:52] <bacaci> I'm not sure why I decided to use TLS, but I've started to and I'd like to get it working
[16:55:38] <bacaci> but if there is a workaround without it, I'd be open to any suggestions, I just need to log in a user and sent an email from the web using postfix
[16:57:42] *** jcm has joined #postfix
[16:59:39] *** VaNNi has quit IRC
[17:02:29] <Dominian> If you want to utilize webmail applications with your postfix MTA.. you will have to use IMAP.
[17:02:35] <Dominian> and postfix does not provide IMAP services
[17:03:41] *** e-head has left #postfix
[17:06:31] *** phnord has quit IRC
[17:07:48] *** morpheus08 has joined #postfix
[17:08:03] <morpheus08> heloo is possible define a postfix domani like mail3.domain.com on a server that have a name mail3.domain.com?
[17:09:47] <f3ew> yes
[17:10:20] <rob0> It's also possible to get a more useful answer if you have read some documentation before asking. :)
[17:10:24] <rob0> !basic
[17:10:25] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[17:14:08] <cpm> won't someone thinks of the $*
[17:14:40] <Dominian> wha?
[17:14:51] <Dominian> cpm: that sentence did not process well...
[17:15:02] <rob0> Consider the source.
[17:15:16] *** VaNNi has joined #postfix
[17:15:35] <Dominian> true
[17:16:41] <lunaphyte_> i heard a new term yesterday.
[17:17:17] <lunaphyte_> beard: a gay guy's wife.
[17:18:22] *** user1_ has left #postfix
[17:18:49] <Dominian> and a hussssh falls over the crowd...
[17:21:48] *** m0f0x__ has quit IRC
[17:26:03] <rob0> husssssssssssh!
[17:27:07] *** ribasushi_ has quit IRC
[17:28:46] <lunaphyte_> you'd think by now i'd have learned to just stay quiet.
[17:29:01] <jcm> hi, is there some simple way to implement a smtp proxy ?
[17:29:03] * unixSnob created a csr and key following sysmonk's example (openssl req -new -nodes -keyout local.key -out local.csr), then created a pem by running openssl req -new -x509 -nodes -out local.pem -keyout local.pem -days 3650 -- will that be adequite to use for TLS?
[17:29:12] <jcm> I'd like to have a secure smtp with login/password for users, that would filter attached pieces and place those which are toolarge on a ftp server, then add a link in the body of the message and relay it
[17:29:58] <rob0> Snob, the openssl commands can be found in the TLS_README as well.
[17:30:07] <lunaphyte_> unixSnob: give it a try and see.
[17:30:12] <lunaphyte_> sounds reasonable.
[17:31:39] <morpheus08> f3ew: why ,if i create a domain with the same name of the server, the domain folder and the user folder isn't created?
[17:31:49] <f3ew> send a mail
[17:32:09] <f3ew> jcm content_filter
[17:32:36] <rob0> Yes, that doesn't need to be a proxy.
[17:32:59] * cpm proxies rob0
[17:33:09] <morpheus08> what is  jcm content_filter?
[17:33:13] *** theneb has left #postfix
[17:34:16] <f3ew> an answer for jcm
[17:34:20] <f3ew> send a mail <=== morpheus08
[17:39:04] <unixSnob> Which of these options names the pem file that I created: smtp_tls_CAfile, smtp_tls_cert_file, smtp_tls_key_file ?
[17:39:24] <unixSnob> i hope i only need one of them, because i only have one pem file
[17:40:22] <unixSnob> hmm.. or do the all point to the same pem file?
[17:42:08] <unixSnob> One how-to shows one pem file referenced by all three options, and other how-tos show a different pem file for each option
[17:43:24] *** m0f0x has joined #postfix
[17:43:36] <rob0> "jcm content_filter" is going to be a nifty attachment stripper! :)
[17:45:55] <abbe> Can I list my destination, which is same as the $myhostname in $virtual_mailbox_domains ? I want to deliver mail to non-UNIX accounts. The domain name will be the same as the server's. It is just that recipients don't exists in passwd db.
[17:46:14] <unixSnob> how many pem files do you folks use?
[17:47:51] <abbe> And do I need to remove $myhostname from $mydestination, if I want this ?
[17:47:57] *** crypted has quit IRC
[17:48:22] <rob0> abbe, sounds like a plan.
[17:48:26] <unixSnob> ha.... booooouyaa!  TLS worked!
[17:48:35] <unixSnob> only 2 days to set it up this time
[17:48:35] * unixSnob hurls rotten eggs at authors of all the misleading how-tos out there
[17:49:42] <abbe> rob0: hmm...?
[17:53:16] *** Internat has quit IRC
[17:53:23] *** internat1 has joined #postfix
[17:54:24] <abbe> rob0: you mean, I'm correct, right ?
[17:54:24] <lunaphyte_> unixSnob: congratulations.  you have now transitioned to the stage in which the term "how-to" is perceived by you as actually saying "i did some stuff that seemed like it worked for me, but i actually don't really know for sure, because i probably didn't actually take the time to truly learn about the topic, but i decided i'd write a helpful howto anyway, which is most likely omitting certain steps that i've now forgotten about and almost cer
[17:54:49] *** e-head has joined #postfix
[17:55:12] <e-head> Hey, what sort of problems could result if you don't have a rDNS record for your SMTP server?
[17:55:21] <lunaphyte_> that being said, there are a few howtos out there that are/can be genuinely helpful.  especially provided you take them with a grain of salt, and utilize them as reference material rather than instruction.
[17:55:22] *** madrescher has joined #postfix
[17:56:10] <lunaphyte_> e-head: a mountain lion might sneak into your house through the open patio door and snatch your sleeping dog right before your very eyes.
[17:56:19] <e-head> ha
[17:56:26] <unixSnob> heh.. yeah, sounds about right
[17:56:40] <e-head> We've been having email problems with this one particular server.
[17:56:54] *** rootsvr has quit IRC
[17:57:02] <e-head> Is it typical for a SMTP server to do a rDNS check before accepting mail?
[17:57:11] <lunaphyte_> yes
[17:57:33] <e-head> And I assume it will refuse if no record is found?
[17:58:00] *** githogori has quit IRC
[17:58:35] <e-head> We use Site5, and according to them all outgoing mail goes through the servers shared IP address. They have their machines multihomed I assume to all their clients can have their own IP address.
[17:58:37] <unixSnob> well ultimately this is an area where the tools have a lot of room for improvement.  I see no reason the tools can't take the manual burden off peoples hands
[17:58:59] <e-head> edit: "assume so all"
[17:59:50] <e-head> Which begs the question... when another SMTP server does a rDNS lookup, there is no way they could return "our" hostname.
[18:00:09] <e-head> You can't have the same IP return a couple of dozen hostnames, right?
[18:00:35] <e-head> So... I guess I should change our MX record to use the hostname of their server, instead of our hostname?
[18:00:55] <lunaphyte_> http://www.news.com.au/story/0,23599,24137039-1702,00.html
[18:01:01] <lunaphyte_> how horrifying would that be?
[18:01:04] *** morpheus08 has quit IRC
[18:01:26] <roe_> the dingo ate your puppy
[18:02:57] <lunaphyte_> e-head: you can have multiple ptr records, but it's generally frowned upon.
[18:03:49] <e-head> ahh. I see.
[18:04:36] <e-head> We only have problems with the occational server, so I assume most servers don't bother with the rDNS check?
[18:06:12] <lunaphyte_> i would say most don't.  my ptr record doesn't match my a record, but i don't recall it being an issue yet.  others here might disagree though.
[18:08:22] *** Haris1 has quit IRC
[18:09:10] <PcPixel> yes
[18:09:13] <PcPixel> im running into that a lot
[18:09:17] <PcPixel> where the greeting name cant be resolveD?
[18:09:39] <lunaphyte_> that's different
[18:09:53] <PcPixel> i came into the convo late, so im just reading quick :)
[18:10:23] <lunaphyte_> saying helo with a fake hostname is inappropriate.
[18:10:34] <PcPixel> luna: a LOT of people do
[18:10:42] <lunaphyte_> indeed
[18:10:51] <lunaphyte_> and on my server, they get rejected.
[18:10:51] <PcPixel> luna: though its a decent anti-spam mechanism,
[18:10:54] *** Tykling has joined #postfix
[18:10:55] <Haris> k
[18:11:02] <Haris> Now about the transport issue for relaying
[18:11:08] <Haris> any articles on this?
[18:11:11] <PcPixel> luna: yup. same here. oh wait; they WERE until a VP insisted it was rejecting "too much legitimate mail" cause he missed 3 emails.
[18:11:16] <f3ew> !transport
[18:11:17] <knoba> f3ew: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[18:11:37] <Haris> f3ew: Well, I'm not certain about setting transport for remote domains
[18:12:15] <PcPixel> wouldnt it just be <domain> smtp[ip-of-remote-server-whotakes-mail]?
[18:12:39] <Haris> PcPixel: Are you talking about my Q?
[18:13:17] <PcPixel> yes
[18:13:26] <PcPixel> in conjunction with f3ew's !
[18:13:31] <Haris> well, you want me to build a hell of a big file for all the domais on the internet
[18:13:32] <Haris> with that
[18:13:40] <Haris> domains+
[18:13:49] <f3ew> !relayhost
[18:13:49] <knoba> f3ew: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination.
[18:13:58] <PcPixel> haris: what domains are you talking about relaying for
[18:14:22] <Haris> relay_transport (default: relay:)
[18:14:26] <PcPixel> right
[18:14:27] <PcPixel> for WHAT domains
[18:14:40] <Haris> PcPixel: relaying for the domains hosted locally, TO the ones not hosted locally
[18:14:56] <PcPixel> so a mail server you own to send out to the rest of the world?
[18:15:14] <Haris> relay_domains = $mydestination, still outside mail doesn't work
[18:15:18] <Haris> yes
[18:15:31] <PcPixel> can it look up dns records
[18:15:52] <PcPixel> and can it actually talk to the internet mail aside
[18:15:57] *** lysander has quit IRC
[18:16:16] <Haris> It is directly hooked up to the internet
[18:16:26] <Haris> with a public IP
[18:16:26] <PcPixel> and DNS is functioning as is internet traffic?
[18:16:35] <Haris> yep
[18:16:41] <PcPixel> whats your main.cf look like
[18:16:54] <cpm> don't look at it!
[18:17:02] <PcPixel> cpm: it cant be worse than mine
[18:17:04] <Haris> 29843 bytes long
[18:17:04] <PcPixel> can it?
[18:17:07] <bacaci> I keep getting this and I don't know how to fix it:
[18:17:07] <bacaci>  warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
[18:17:14] <PcPixel> a byte count doesnt help me
[18:17:16] <Haris> that how it looks like
[18:17:17] <Haris> lol
[18:17:27] <PcPixel> haris: do you want help or no
[18:17:33] <Haris> ok, hold on
[18:17:36] <unixSnob> lunaphyte_: i plan to write a how-to.. not for publication, but for my own future reference... but i know it won't be the shortest approach, because i installed things that i don't even know if i actually ended up using (like libdb3-util)
[18:18:32] <bacaci> any help?
[18:20:08] *** noneo has joined #postfix
[18:21:20] <Haris> Ok, here's the main.cf -> http://pastebin.ca/1093914
[18:23:06] <PcPixel> wow youre right. i didnt want to see that
[18:23:25] <Haris> Ok, explain
[18:23:40] <PcPixel> its very cluttered
[18:23:51] <Haris> well, did you want all the non-commented lines only
[18:23:59] <lunaphyte_> unixSnob: notes for yourself are almost always a good thing.
[18:24:08] <PcPixel> are you getting error sin the maillog?
[18:24:21] <lunaphyte_> postconf -n, not main.cf
[18:24:28] <lunaphyte_> knoba
[18:24:52] <Haris> lots of NOQUEUEs and rejects, if that's what you'r asking
[18:25:00] *** lysander has joined #postfix
[18:26:29] *** sophokles has quit IRC
[18:26:34] <Haris> if this ( relay_transport (default: relay:) ) is true and I have relay_domains = $mydestination, why the heck isn't outgoing mail working
[18:26:54] *** hever has quit IRC
[18:27:54] <PcPixel> all relay_domains are are the lists of server it accepts & relays mail in for
[18:27:56] <PcPixel> not outbound
[18:28:18] <Haris> !relay_domains
[18:28:19] <knoba> Haris: "relay_domains" : a configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter.
[18:28:40] <PcPixel> right
[18:28:42] <PcPixel> inbound
[18:28:44] <PcPixel> not outbound
[18:29:18] <Haris> that's relay to
[18:29:22] <Haris> not relay inbound
[18:29:41] <PcPixel> oh well then. good luck.
[18:29:58] *** jellis2 has joined #postfix
[18:31:23] *** mario_hn has joined #postfix
[18:32:10] <Haris> so, if that's inbound, what's outbound?
[18:32:38] <PcPixel> the world
[18:32:56] <PcPixel> it was my understanding, as i didnt implement any real restrictions, that it will relay out to anyone it can find on the internet
[18:33:04] <PcPixel> something else must be messed up in there.
[18:33:21] <PcPixel> you only put the domains into relay_domain that you are accepting mail for
[18:33:21] <bacaci> anyone help me?
[18:33:25] <mario_hn> HI guys can I have more that one always_bcc
[18:33:27] <mario_hn> ?
[18:33:56] <lunaphyte_> postconf | grep -i bcc_maps
[18:34:59] <lunaphyte_> i'm not sure about always_bcc, actually.  try it and let us know.
[18:35:07] <lunaphyte_> i bet you can.
[18:37:12] <Haris> ok, so postfix by default relays mail out to anyone?
[18:37:22] <lunaphyte_> god no.
[18:39:47] *** jellis-real has quit IRC
[18:40:02] <Haris> # The relay_domains parameter restricts what destinations this system will
[18:40:02] <Haris> # relay mail to.  See the smtpd_recipient_restrictions restriction in the
[18:40:10] <Haris> once more, is relay_domains a list of domains it will relay inbound for?
[18:40:37] <Haris> relaying to some destination, means outgoing mail
[18:41:03] <PcPixel> ok im done.
[18:41:07] <PcPixel> get a book.
[18:41:21] *** morpheus has joined #postfix
[18:41:51] <Haris> there's a big difference between the word 'to' and 'from'
[18:42:48] <PcPixel> if you were going to relay mail to the WORLD
[18:42:53] <PcPixel> then youd have to loist all the domains wouldnt you
[18:43:01] <PcPixel> relay_domains is the mail coming TO you
[18:43:07] <PcPixel> the ones YOU accept mail for
[18:43:08] <PcPixel> TO
[18:43:09] <PcPixel> YOU
[18:43:27] <Haris> what is $mydestination for, then?
[18:43:54] <Haris> if that's so, it must be for outbound mail
[18:43:59] <Haris> :p
[18:43:59] <PcPixel> buy "The Book Of Postfix" dude. Seriously.
[18:44:11] <Haris> http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_to
[18:44:24] <Haris> By default, Postfix will forward mail from strangers (clients outside authorized networks) to authorized remote destinations only. Authorized remote destinations are defined with the relay_domains configuration parameter. The default is to authorize all domains (and subdomains) of the domains listed with the mydestination parameter.
[18:44:30] <Haris> By default, Postfix will forward mail from strangers
[18:45:13] <PcPixel> you are grasping at straws.
[18:45:22] <PcPixel> you needa  better understanding of how posfix works
[18:45:33] <PcPixel> honestly. get a reference book on it like what i suggested and look at that first
[18:46:05] <Haris> by 'to you', did you mean local delivery?
[18:46:11] <morpheus> f3ew: i sent an email but no folder with name on the domain was created and the mail returned. if i create a domain with a different name from server, everything works perfectly
[18:46:17] <Haris> or is the postfix box a backup MX for?
[18:46:24] <PcPixel> haris: buy the book dude.
[18:46:27] <PcPixel> honestly.
[18:46:45] <PcPixel> it really sounds like you dont understand whats going on and youre just tossing out things.
[18:47:05] <Haris> well, if we stay on the topic, I think that should be sufficient
[18:47:40] <PcPixel> haris: to you means either local or relayed delivery.
[18:47:46] <PcPixel> however you configured your server.
[18:48:53] <morpheus> is possible define a postfix domani like mail3.domain.com on a server that have a name mail3.domain.com?
[18:49:17] <morpheus> why ,if i create a domain with the same name of the server, the domain folder and the user folder isn't created?
[18:49:19] <PcPixel> a domani?
[18:49:27] <f3ew> morpheus http://www.postfix.org/ADDRESS_CLASS_README.html is your friend
[18:49:32] <f3ew> domain
[18:49:39] <PcPixel> i know. im poking him with a stick.
[18:49:41] <PcPixel> :)
[18:57:53] <PcPixel> wow it got quiet
[19:01:47] *** brancaleone has quit IRC
[19:02:18] <morpheus> f3ew i have read a documentation but dont have read nothing to solve my problem
[19:02:27] <PcPixel> 29 minutes left on Debian!
[19:02:37] *** OneFix_Work has quit IRC
[19:02:46] <lunaphyte_> then you're permanently switching to windows?
[19:03:03] *** shinao1 has quit IRC
[19:04:04] <PcPixel> luna: lol. no. downloading the DVD images
[19:04:24] <PcPixel> 27 minutes left on the final DVD
[19:04:30] <lunaphyte_> oh.  i thought maybe it was like riding a bull.
[19:04:44] <PcPixel> i got "picked on" for using Ubuntu. someone recomended i look at Debian. so i said fine. :)
[19:05:02] <lunaphyte_> that's stupid.
[19:05:07] <PcPixel> which
[19:05:09] <roe_> PcPixel, are you on dial-up?
[19:05:14] <PcPixel> no, t1
[19:05:25] <lunaphyte_> succumbing to peer pressure.
[19:05:26] <PcPixel> im getting ~416KB/sec
[19:05:31] <PcPixel> eh not really
[19:05:35] <PcPixel> im willing to kick the tires
[19:05:39] <PcPixel> not saying ill swithc outright
[19:05:45] <PcPixel> but im alwys willing to check something out
[19:06:19] <rob0> Not me, I don't do OS shopping.
[19:06:32] <PcPixel> rob0: just find one you like & grind it into the ground? :)
[19:06:47] <rob0> yup
[19:07:09] <PcPixel> rob0: and whats your poison of choice?
[19:07:36] <rob0> If I wasn't satisfied, sure, I might look elsewhere. I use Slackware on 32-bit and slamd64 on most 64's.
[19:07:41] <lunaphyte_> actually, yeah, let me rephrase that.  picking on someone is what's stupid.
[19:07:54] <PcPixel> rob0: i tried slackware once & it frustrated the figs out of me
[19:08:03] <PcPixel> couldnt even get it to make the swap partition it wanted
[19:08:08] <PcPixel> so i threw my hands up
[19:08:17] <Haris> back
[19:09:01] <PcPixel> ok, test environment is finally back up!
[19:09:14] * cpm wishes he'd never left the slack-faith
[19:09:18] *** sekhmet has joined #postfix
[19:09:28] <Haris> ok, so back to the topic
[19:09:42] * lunaphyte_ takes off his slacks.
[19:09:50] <rob0> tmi
[19:10:02] <PcPixel> vey oy.
[19:10:40] <Haris> tmi?
[19:10:52] *** m0f0x has quit IRC
[19:11:19] <Haris> ah, I see
[19:11:45] <Haris> that's what I'v seen people say when they wanted lectures to end
[19:12:51] <PcPixel> ok i need to go for a walk. my brain feels like its melted.
[19:13:03] <Haris> I'm stuck at the transport issue
[19:13:14] <sekhmet> I've got the line "transport_maps = hash:/etc/postfix/transport" in a main.cf file, and I've been getting the following in the logs: "postfix/trivial-rewrite[11608]: fatal: open database /etc/postfix/transport.db: Invalid argument"
[19:13:26] <Haris> although I haven't worked on it since I last mentioned it
[19:13:32] <sekhmet> The .db file DOES exist, and it's been created by a "postmap transport" - the daemons aren't chrooted
[19:13:48] <sekhmet> Kind of driving me batty; I can't seem to strace the processes to see exactly what's going on under the hood
[19:13:53] *** syneus has quit IRC
[19:14:40] *** m0f0x has joined #postfix
[19:15:50] *** sigkill has joined #postfix
[19:17:20] <sigkill> Hey all, can someone confirm something.  If i have virtual_alias_maps to lookup an alias/forwarder from an sql table, if i have two rows containing the same alias, will it forward to both, or simply use the first match?
[19:18:26] <adaptr> you cannot have two rows with the same match
[19:18:53] <adaptr> and an alias is not a forward
[19:18:54] <Haris> !transport
[19:18:55] <knoba> Haris: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[19:18:59] <Haris> !transport_maps
[19:19:00] <knoba> Haris: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[19:19:43] <sigkill> sorry, badly worded
[19:20:14] <Haris> What happens when relay_domains is set to nothing?
[19:20:16] <adaptr> if you have duplicate aliases then the result is anybody's guess, but I can guarantee you that it won't use both
[19:20:18] <Haris> will mail go out?
[19:20:26] <adaptr> Haris: of course it will
[19:20:26] <sigkill> adaptr, i can simply comma seperate for more than one?
[19:20:36] <adaptr> sigkill: I don't know, never used sql maps
[19:20:39] <adaptr> tias
[19:20:48] <sigkill> ok no worries, will look further into it
[19:20:50] <Haris> adaptr: including aliases?
[19:20:57] <rob0> !address_class
[19:20:57] <knoba> rob0: Error: "address_class" is not a valid command.
[19:20:59] <rob0> !address_classes
[19:21:00] <knoba> rob0: "address_classes" : http://www.postfix.org/ADDRESS_CLASS_README.html describes how Postfix deals with different classes of addresses: local, relay, virtual alias, virtual mailbox, and Internet.
[19:21:04] <rob0> Haris: ^^
[19:21:04] <adaptr> Haris: what do aliases have to do with anything ?
[19:21:11] <Haris> well
[19:21:17] <Haris> relay_domains
[19:21:24] <adaptr> no, rephrase: aliases have nothing to do with it
[19:21:29] <Haris> Ok
[19:21:36] <rob0> He just doesn't understand the dual usage of the word, "relay".
[19:21:40] <adaptr> aliases are not "sent" - they're aliases
[19:21:49] <sekhmet> Haris: Were those 'transport' and 'transport_maps' comments directed at me, btw?  I've looked through those already
[19:21:57] <Haris> sekhmet: no
[19:22:00] <adaptr> no, he needs to read them, too :)
[19:22:14] <sekhmet> Okay, wasn't sure since I had just asked a question involving those.  Thx...
[19:22:43] <Haris> rob0: dual?
[19:23:17] <rob0> !tell Haris address_classes
[19:23:18] <Haris> you mean when a postfix box is acting as backup MX
[19:23:25] <Haris> then its dual? relaying in and out
[19:23:33] <Haris> when its a primary MX, there's only one meaning?
[19:23:46] <Haris> ok, reading that
[19:24:05] <rob0> You "relay" outbound mail for your users, but "relay_domains" is different.
[19:24:35] <adaptr> Haris: I can set postfix up as a primary MX, a backup MX,  a virtual relayer, and a mass domain hoster, and STILL never have any domain in relay_domains
[19:24:39] <rob0> !relay
[19:24:39] <knoba> rob0: Error: "relay" is not a valid command.
[19:24:43] <rob0> !relay_domains
[19:24:43] <knoba> rob0: "relay_domains" : a configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter.
[19:24:49] <rob0> !relaying
[19:24:50] <knoba> rob0: "relaying" : happens when a mail server forwards emails to another mail server. It must only be allowed for authenticated users or trusted local users so you don't get abused by spammers (see: http://www.postfix.org/SMTPD_ACCESS_README.html)
[19:26:32] *** EasilyOdd has joined #postfix
[19:26:51] <lunaphyte_> how fast do you think you could eat an entire normal size bag of chips?
[19:27:15] <Haris> I don't want to answer
[19:27:18] <Haris> this one
[19:27:59] *** amrit|zzz is now known as amrit|wrk
[19:28:16] <rob0> lunaphyte_: is this with or without slacks on?
[19:28:23] <adaptr> lunaphyte_: I never clocked it, but 5 minutes is certainly doable if you're not full
[19:28:31] <adaptr> 10 minutes, definitely
[19:28:39] <lunaphyte_> i think with slacks on would be safer.
[19:28:42] <lunaphyte_> so without.
[19:28:54] <adaptr> unless you mean WITH beverage, in which case.. erm.. 30 seconds ?
[19:29:09] <adaptr> it's only a few potatoes
[19:29:36] <lunaphyte_> do you think it would make a difference, potatoes vs. corn?
[19:30:21] <adaptr> it might
[19:30:35] <adaptr> much will depend on the seasoning in question, though
[19:30:59] <adaptr> I dare you to empty a bag of extra spicy chili with onions and cheese in 30 seconds :)
[19:31:13] <adaptr> fuck only knows what flavours they think up next
[19:31:18] <Haris> I have a non-branded pack
[19:31:22] <Haris> eat that in 30 seconds
[19:31:23] <Haris> lol
[19:31:40] <PcPixel> *Sigh* ok back
[19:31:47] <lunaphyte_> trout flavor might be cool.
[19:31:51] <adaptr> eww
[19:31:57] <adaptr> lunatic
[19:32:03] <lunaphyte_> smegma?
[19:32:24] <Haris> We ate trout on a hilly area we went. Trout did not have any taste
[19:32:38] <Haris> taste worth mentioning that is
[19:33:27] <adaptr> lunaphyte_: Lays chlamydia extra naughty
[19:33:50] <adaptr> dog breath flavour
[19:34:02] <lunaphyte_> dead hooker.
[19:34:47] <adaptr> crack or non-crack ?
[19:34:53] <PcPixel> hooker lite?
[19:35:04] <PcPixel> 1/3 less crack than the regular hooker?
[19:35:05] <lunaphyte_> oh!
[19:35:12] <lunaphyte_> afterbirth flavor!
[19:35:24] <adaptr> of course, it had to arrive sooner
[19:35:32] <lunaphyte_> plumber's crack?
[19:35:34] <PcPixel> wheeee [bzzt]
[19:36:19] <adaptr> Doritos Raw Sewage
[19:36:27] <cpm> just say no to plumbers crack
[19:36:39] <adaptr> for all you corn lovers
[19:37:27] <lunaphyte_> who the f*ck keeps going off topic in here?!
[19:37:51] <Haris> I wonder who does
[19:38:35] <lunaphyte_> let's see if knoba knows.
[19:38:39] <lunaphyte_> !offtopic
[19:38:39] <knoba> lunaphyte_: Error: "offtopic" is not a valid command.
[19:38:40] <adaptr> !topic
[19:38:41] <knoba> adaptr: "topic" : The Postfix MTA || Wiki: postfixwiki.org || On using IRC: workaround.org/moin/GettingHelpOnIrc || Bot info: workaround.org/f=postfix || post postconf -n and relevant logs to a pastebin when asking questions / check your logs / know your unix basics
[19:39:04] <adaptr> nope, corn craks and ho's not mentioned, but not prohibited either
[19:39:22] <Haris> that's the english and the american speaking
[19:39:43] *** githogori has joined #postfix
[19:39:58] <lunaphyte_> it does mention something about checking "logs" though...
[19:40:08] <lunaphyte_> that's a bit disgusting.
[19:40:41] <Haris> I wonder who lives without checking logs every few ...
[19:41:21] *** plb1 has joined #postfix
[19:41:34] <PcPixel> ok, diet mt dew in hand
[19:41:39] <PcPixel> test environment online
[19:41:56] <PcPixel> <darkwing duck>Let's get dangerous</darkwing duck>
[19:42:18] <lunaphyte_> if that's a valid html tag i'm never using a computer again.
[19:43:34] <PcPixel> "I am the terror that flaps in the night.!"
[19:44:00] <PcPixel> ok ill stop now. oh wait! new Zero Punctuation today!
[19:44:29] <sekhmet> Bah, that's fun.  Wasn't actually my server I was working on; turns out the box admin had left some ancient binaries in /usr/libexec/postfix (when the up-to-date daemons from the distro were in /usr/lib/postfix) which was causing my transport.db issue
[19:44:43] *** sigkill has quit IRC
[19:44:47] * Haris goes back to wasting time on Diablo II
[19:45:20] <Signum> Finally someone who does something decent.
[19:45:31] *** m0f0x has quit IRC
[19:46:03] <adaptr> damn I still need to get it going on wine! it is supposed to run perfectly
[19:46:18] <adaptr> I could DII *AND* IRSII !
[19:46:23] <Signum> adaptr: Worked half well here. But the video was flickering.
[19:46:26] <adaptr> think of the savings
[19:46:43] <adaptr> settig that up tonight! (never worked with wine before :))
[19:46:44] <Signum> I wished Titan Quest would run on Debian.
[19:46:56] <adaptr> I played that for half a day, and got bored
[19:47:47] <Haris> Do we have a date on Diablo III ? The gameplay looked promissing
[19:47:49] <Signum> I've played Diablo for 10 years. Sometime between year 8 and year 9 ist started to become a tad boring.
[19:47:53] <Haris> gameplay video+
[19:47:58] <Signum> Haris: Not yet. I'm eager, too.
[19:48:32] <adaptr> I haven't even seen any screenies!
[19:48:39] <adaptr> been much too hard at work
[19:48:57] <Signum> D3 *is* work.
[19:49:22] <adaptr> it will be when I get my hands on it!
[19:49:37] <Haris> D3 will make me upgrade my box, but I think it'll be worth it
[19:49:39] <adaptr> I will take a week off for...ruffle ruffle... essential system maintenance training!
[19:50:03] <adaptr> or, upgrading my X2 to a Q6600 @ 3GHz
[19:50:05] <Signum> Oh, right... upgrading the PC again? Not sure. :(
[19:50:25] <Signum> I'll buy some nitrogen and overclock to 10 GHz.
[19:51:53] *** morpheus has quit IRC
[19:52:26] <adaptr> if I can get a good Q6600 that goes to 3GHz I will have 12 :)
[19:52:26] <Haris> the environment here has *moisture* which is causing problems for my system, especially since its hood stays open all day. Plus I don't have a graphics card or a PCI-E/X slot on this box
[19:52:32] <plb1> I'm having an a problem with users who have .forward files setup. Their forwards are taking a long time to be sent on, upwards of 5~6 hours. Any ideas how to fix this?
[19:52:42] <adaptr> plb1: are they in the queue ?
[19:54:53] <plb1> adaptr: I'm looking for one in the queue now..
[19:55:17] *** xpoint has joined #postfix
[19:55:52] <adaptr> the queue will tell you why it's there
[19:56:08] <adaptr> but since user forwards are not under your control, they can contain any shit
[19:56:17] <adaptr> don't bother with them
[19:56:24] <adaptr> let the user get $clue at own expense
[19:57:16] <plb1> the .forward contain just an email address to forward the mail on
[19:58:53] <adaptr> then the log will show what happened to it
[19:58:56] <adaptr> read your logs
[19:59:46] <plb1> I am...
[20:09:39] *** olinux has joined #postfix
[20:11:09] <olinux> hey all, a friend of mine is having trouble with spam being sent from his server via some kind of exploit on his site, probably a PHP web form or similar
[20:11:27] <olinux> it's a rather large site, how can i troubleshoot this?
[20:14:00] *** rootsvr has joined #postfix
[20:14:27] <PcPixel> are you sure its coming from him
[20:14:33] <PcPixel> and someone not just spoofing hiom
[20:17:39] <olinux> he said aol is going to block him, i suppose their team (aol abuse) would recognize a spoof
[20:17:43] *** master_o1_master has joined #postfix
[20:19:41] <PcPixel> is he running postfix?
[20:20:24] *** sekhmet has left #postfix
[20:21:49] *** ayeuu has quit IRC
[20:23:03] <olinux> not sure
[20:23:17] <olinux> PcPixel, i suppose postfix or sendmail
[20:23:34] <olinux> i dont have access to  server yet
[20:23:36] *** alienbrain has quit IRC
[20:27:18] <PcPixel> well i know nothing about sendmail
[20:28:39] *** master_of_master has quit IRC
[20:28:57] <PcPixel> he needs to start with his mail logs
[20:35:57] * roe_ aggress with PcPixel
[20:36:57] <PcPixel> see if it really is leaving his system
[20:37:04] <PcPixel> if it is, work it backwards from there
[20:37:42] <PcPixel> it might help if you/he can get a complete copy of one of the messages they belive is "spam"
[20:37:53] <PcPixel> complete with header. it can help speed up your analysis
[20:41:51] *** hal1on has joined #postfix
[20:44:24] *** GoGi has joined #postfix
[20:45:54] *** rizi_ has joined #postfix
[20:46:00] *** rizi has quit IRC
[20:52:11] *** plb1 has left #postfix
[20:53:37] *** manukanu has joined #postfix
[21:07:40] *** EasilyOdd has quit IRC
[21:10:30] *** devdas has joined #postfix
[21:24:35] <jduggan> hmm, guys, i have a scenario where i want to re-write the RHS based on whether the email contains a specific header, what's the cleanest way to do this?
[21:28:01] <lunaphyte_> !header_checks
[21:28:02] <knoba> lunaphyte_: "header_checks" : a configuration parameter in the main.cf: Optional lookup tables for content inspection of primary non-MIME message headers, as specified in the header_checks(5) manual page.
[21:30:24] *** neoeinstein has joined #postfix
[21:30:41] <Spec> can someone point me to documentation to make postfix only relay mail for everyone in a specific domain?
[21:30:48] <jduggan> i didnt realise header_checks can also alter headers
[21:31:24] *** LordDicranius has joined #postfix
[21:31:35] <lunaphyte_> Spec: sure.  just do a google search for "how to be an open relay".
[21:32:04] <lunaphyte_> jduggan: well, you didn't say what you wanted to rewrite the rhs of, so i assumed.
[21:32:35] <Spec> why would allowing only one domain make it an open relay?
[21:34:21] <lunaphyte_> all i have to do is submit mail to your mta using a return-path of someuser at example dot com and it will relay for me?  that's an open relay.
[21:34:51] <Spec> but your IP would have to be reverse mappable to domain.com?
[21:34:59] <Spec> err, example.com
[21:35:21] <lunaphyte_> easy
[21:36:01] <Spec> so if i want a group of server's to use one mailserver as a relay, i have to explicitely allow each one in relay_domain?
[21:36:19] <devdas> add the IPs to mynetworks
[21:36:31] * PcPixel agrees w devdas
[21:36:36] <Spec> they are
[21:37:39] <devdas> that's enough
[21:38:00] <Spec> so cidr style is enough?
[21:38:09] <devdas> yes
[21:40:33] <Spec> so mydestination can be unset?
[21:41:13] <Spec> and if so, what should relay_domains be set to? (currently mydestination is a list of servers, and relay_domains is equal to mydestination)
[21:41:59] <devdas> the default is fine
[21:42:03] <lunaphyte_> most folks typically don't need relay_domains
[21:42:08] <devdas> See ADDRESS_CLASS_README
[21:44:08] *** cpm has quit IRC
[21:46:31] *** Filbert has quit IRC
[21:48:57] <Spec> what about getting rid of mydestination and relay_domains and mynetworks, and only use mynetworks_style=subnet ?
[21:50:23] *** pickcoder has joined #postfix
[21:51:12] <rob0> huh, are you reading these things you have been pointed to?
[21:51:27] <rob0> See also:
[21:51:30] <rob0> !basic
[21:51:30] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[21:51:34] <rob0> and
[21:51:38] <rob0> !standard
[21:51:38] <knoba> rob0: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html
[21:52:23] <pickcoder> @domain smtp:[ip of nexthop]    <- is that usable within sender_dependany_relayhost_maps? I had this working before and for some reason when I changed the hop IP it stopped working
[21:52:42] <pickcoder> and yeah.. I ran postmap
[21:53:06] <rob0> looks right to me
[21:53:29] <pickcoder> nice.. this box has been up for ~2 hours and it's already getting relay denials
[21:53:36] <pickcoder> rob0: I dunno what to do
[21:54:00] *** d0uglas has joined #postfix
[21:54:28] *** pirho has joined #postfix
[21:54:34] <pickcoder> I have another newsletter to send tomorrow and this has to be working by then
[21:54:37] <d0uglas> hi. what kind of line could i add to procmailrc to tell it to redirect whatever spamassassin thinks is spam to another address without doing anything else?
[21:55:19] <lunaphyte_> pickcoder: start faxing.
[21:56:37] <pickcoder> lunaphyte_: funny enough.. the Mainpine board causes the 8250serial driver to overload the IRQ for the board
[21:57:19] <pickcoder> supposedly a work-around is in development
[21:57:30] <pickcoder> won't be available for a couple months
[21:57:49] <rob0> Pigeons!
[21:58:23] <pickcoder> it only does that on *nix. Windows drivers work fine
[21:58:30] <lunaphyte_> typical
[21:58:50] <pickcoder> what do you expect when you build an 8250 base board that emulates a 16650 UART
[21:58:57] <pickcoder> no buffers == IRQ fun
[21:58:58] <lunaphyte_> that's exactly why i refuse to use unix.
[21:59:09] <lunaphyte_> or linux.
[21:59:21] <jduggan> so what do you run postfix on?
[21:59:28] <lunaphyte_> a dead badger.
[21:59:46] <jduggan> EUNSUPPORTED
[21:59:46] <pickcoder> squirrels in a bag are more fun to install
[22:00:07] <pickcoder> I need a vacation
[22:00:49] <pickcoder> the last "vacation" I got was 4 weeks with newborn twins
[22:01:01] <rob0> nice
[22:01:02] <pickcoder> along with "emergency" trips to the office
[22:01:19] <pickcoder> that was last Aug
[22:01:29] <pickcoder> they'll be 1-yr saturday
[22:01:37] <pickcoder> ++carseat-reversal
[22:01:56] <lunaphyte_> congrats on keeping them alive thus far.
[22:02:01] <rob0> babies are fun
[22:02:29] <pickcoder> mom does a hell of alot more work then me
[22:02:34] <pickcoder> ~than
[22:02:42] *** JoeWulf has joined #postfix
[22:02:44] <lunaphyte_> and i'm the sick freak here?  :p
[22:03:37] <pickcoder> yeah
[22:05:31] <pickcoder> hrm.. I have some blank virtuals I was playing with
[22:05:47] <pickcoder> wonder if they're screwing up the sender_dependent stuff
[22:06:36] *** riz_ has quit IRC
[22:06:54] *** tshine has quit IRC
[22:07:12] <pickcoder> nope
[22:11:22] *** felix-da-catz_zz is now known as felix-da-catz
[22:15:19] <roe_> I have an email in /var/spool/postfix/hold/ - can I somehow pull that message out of the queue and save it as a .eml?
[22:16:29] *** lysander has quit IRC
[22:17:38] *** lysander has joined #postfix
[22:19:39] <pickcoder> smtp is saying [ip] unknown service
[22:19:45] *** manukanu has quit IRC
[22:19:50] <pickcoder> @domain.com smtp:[ip]
[22:20:59] <pickcoder> ah
[22:21:03] <pickcoder> can't specify a transport
[22:21:15] <pickcoder> @domain.com <ip>  works
[22:21:21] <pickcoder> which doesn't match the transport map
[22:21:23] <PcPixel> in what file?
[22:21:29] <PcPixel> there is no @ in a transport
[22:21:39] <pickcoder> sender_dependent_relayhost_maps
[22:21:42] <PcPixel> its: domain.com protocol:[ip]
[22:21:45] *** PhilKC has joined #Postfix
[22:21:46] <pickcoder> PcPixel: that's not true
[22:21:57] <PcPixel> i thought you were talking about the transport_maps
[22:22:02] <pickcoder> same there
[22:22:05] <PcPixel> not sender dependant :)
[22:22:07] <PcPixel> really?
[22:22:08] <pickcoder> man 5 transport
[22:22:42] <PcPixel> interesting
[22:22:45] <PcPixel> good to know
[22:23:11] <pickcoder> it wasn't broken to start with...
[22:23:27] <pickcoder> I was sending to a user who's final destination was the relaying host
[22:23:33] <pickcoder> like I said.. I need a vacation
[22:24:54] <lunaphyte_> break your leg
[22:25:13] <pickcoder> I need a vacation.. not a hospital stay
[22:25:31] <lunaphyte_> heavily medicated = mental vacation!
[22:25:35] <lunaphyte_> :)
[22:26:13] <roe_> apparently just cping it from /hold/ to foo.eml doesn't work...
[22:26:35] <lunaphyte_> !postcat
[22:26:35] <knoba> lunaphyte_: "postcat" : a command for printing the contents of a mail in the queue. See "man postcat".
[22:26:50] <roe_> ah thank you
[22:27:15] *** lunaphyte_ has left #postfix
[22:27:23] *** lunaphyte_ has joined #postfix
[22:29:12] <pickcoder> apart from default_process_limit settings in master.cf is there a way to throttle by destination?
[22:29:38] <pickcoder> I've considered setting up transport for troublesome domains, but even then you can trigger 451 blocks
[22:37:06] *** devdas has quit IRC
[22:37:49] *** Motoko-chan has joined #postfix
[22:46:09] *** tshine has joined #postfix
[22:51:32] *** PcPixel has quit IRC
[22:54:29] *** unixSnob has quit IRC
[22:55:01] *** cilly has quit IRC
[22:55:22] *** ranzes has quit IRC
[22:55:44] *** mailqu has joined #postfix
[22:55:56] <mailqu> hi
[22:58:51] *** jellis2 has quit IRC
[22:59:40] <abbe> mailqu: postqueue -f
[22:59:51] <abbe> hi mailqu :)
[22:59:53] <mailqu> /quit
[22:59:58] <mailqu> :)
[23:00:30] <abbe> how many mails you're holding currently :P
[23:00:45] <mailqu> i understandf today that my knowledge of postfix was completely wrong,
[23:01:02] <abbe> hmm... wrong ?
[23:02:01] <mailqu> most common errors were done by me :) 1) misunderstanding of smtpd stages.. (order) it's a stage and not a filtering..  2) the usage of permit_mynetworks (page93 of the  book of psotfix)
[23:02:07] <mailqu> postfix..
[23:02:16] <mailqu> sorry for my bad English.
[23:03:23] <abbe> np, but I never read that, book of postfix
[23:03:33] <mailqu> " the permit_mynetworks option denotes an important boundary between clients on your internal network and client outside. Options taht appear upto and including this point apply to both internal and external clients, but those below apply to external clients only.
[23:03:49] <mailqu> this phrase was very helpful for me :)
[23:05:01] <abbe> true
[23:05:32] <pickcoder> huh?
[23:06:00] <abbe> I find postfix the most easy mta to configure, though I'm only experienced with sendmail and postfix
[23:06:01] <pickcoder> under what context
[23:06:32] <abbe> pickcoder: the variables where permit_mynetworks is included
[23:06:44] <mailqu> in smtpd_recipient_restrictions
[23:06:49] <pickcoder> ok
[23:07:12] *** madrescher has quit IRC
[23:07:51] <pickcoder> permit_mynetworks on its own denotes which IPs or IP ranges are allowed to relay outside of mydestinations
[23:09:43] *** Tykling has left #postfix
[23:09:56] <abbe> hmm... ? I think it matches, if the sender is from its own networks
[23:12:13] <pickcoder> by detault it matches base on mynetworks as defined by mynetworks_style
[23:12:32] *** LordDicranius has quit IRC
[23:12:52] <pickcoder> many distribution setups set mynetworks to localhost
[23:12:58] <pickcoder> so what you say is not true in most cases
[23:14:29] <abbe> by its own networks I mean, what postfix thinks its own network is, that could be 127.0.0.0/8
[23:14:53] <abbe> if mail-server admin doesn't trust other boxen in the LAN
[23:15:17] <pickcoder> which is "mynetworks"
[23:15:40] <abbe> yes
[23:16:10] <pickcoder> if you leave that setting out of main.cf then it will assume that all devices listed under inet_interfaces will apply to mynetworks_style
[23:16:28] <abbe> correct
[23:16:46] <abbe> ``permit_mynetworks on its own denotes which IPs or IP ranges are allowed to relay outside of mydestinations'' -- can you explain this
[23:18:14] <pickcoder> that recipient (or sender) check states that any client connected to postfix falling within mydestinations should be approved at that point in the check list
[23:18:37] <pickcoder> if it is first, then no other checks will be done on the client/sender/etc
[23:18:52] <pickcoder> ugh
[23:18:56] <pickcoder> I need a vacation
[23:19:00] <pickcoder> s/mydestinations/mynetworks
[23:19:20] <pickcoder> relaying is normally denied
[23:19:58] <pickcoder> !permit_mynetworks
[23:19:59] <knoba> pickcoder: "permit_mynetworks" : Permit the request when the client IP address matches any network or network address listed in $mynetworks. Can be used in smtpd_*_restrictions.
[23:20:39] *** j_s has quit IRC
[23:21:00] *** cilly has joined #postfix
[23:21:06] <pickcoder> if permit_mynetworks is listed before reject_unauth_destination then that enables mynetworks to relay
[23:21:13] <pickcoder> if it's listed after then no one can relay
[23:21:28] <pickcoder> well.. not without additional setup
[23:24:59] *** mario_hn has quit IRC
[23:25:13] *** tshine has quit IRC
[23:25:31] <abbe> yes, this is what I mean
[23:25:31] <abbe> you're confusing between mydestinations and mynetworks
[23:25:31] <abbe> ;P
[23:25:36] <pickcoder> sorry
[23:26:47] <abbe> okay, np
[23:32:02] *** rootsvr has quit IRC
[23:33:28] *** jcm has quit IRC
[23:37:35] *** Zblakany has joined #postfix
[23:38:12] *** master_o1_master is now known as master_of_master
[23:41:19] <bondoer> hi folks, i am trying to test the throughput of postfix on one of my servers, but the problem is that when i use smtp-source which sends 100 within 100 session i get Temporary table lookup failure probably caused by mysql which holds the user. Is it possible to leave this configuration with mysql working and then make new mechanism for checking certain user(testing user) which wont be limited by MySQL??
[23:42:32] <shasta> but that'll impact your results (:
[23:43:08] <bondoer> hmm i want to measure the throughput of postfix itself
[23:43:28] <bondoer> i dont want to establish new postfix without mysql
[23:43:36] <Trengo> you can always stick proxy: before mysql:
[23:43:38] <bondoer> was thinking of using this one
[23:43:49] <Trengo> that will keep queries down
[23:43:50] <bondoer> hmm, that will  impact my results :D
[23:44:00] <Trengo> and you can take it to production
[23:44:08] <Trengo> its not an artificial scenario
[23:44:45] <bondoer> hmm
[23:45:07] <bondoer> i somehow dont unerstand what you meant by your last two lines
[23:46:15] <Trengo> well, if you improve your queries, would you reject the improvement because it "impacts your results"?
[23:46:22] *** abbe has quit IRC
[23:46:46] <bondoer> :) okay, you got me
[23:47:17] <Trengo> so if you can "improve your results" using a proxy map, why not?
[23:49:17] <bondoer> yea you are right
[23:49:55] *** zloc_ has joined #postfix
[23:51:23] <Trengo> just remember to update your config when posting results ;)
[23:51:33] <bondoer> :)
[23:51:53] <bondoer> heh truly said, i was just reading about that proxy: i havent heard of it, i thoughg you meant some kind of smtp proxy
[23:52:00] <Trengo> no no
[23:52:18] <bondoer> i got it now, just to append proxy: before mysql: :)
[23:52:23] <Trengo> yep
[23:52:26] <Trengo> works great
[23:52:46] * pickcoder puts proxy: in front of himself to reduce workload
[23:52:52] *** zloc_ has quit IRC
[23:53:20] <bondoer> i was just wondering whether there are some disadvantages of this configuration
[23:53:36] <Trengo> also remember to set query cache in your mysql config
[23:53:44] <Trengo> that would help too
[23:53:48] <bondoer> cause for me it seems like it should be set by default
[23:54:34] <Trengo> why?
[23:54:40] <Trengo> its there if you want it
[23:54:48] <Trengo> like mysql maps
[23:54:56] <Trengo> you dont have to use them
[23:55:13] <Trengo> they dont get automagically stuck in there
[23:55:35] <bondoer> wow it really helped :), great!! :) now i will try 1000 emails :D
[23:56:11] <bondoer> no i meant, i was goin through several howtos for setting up mysql for postfix, and in neither one was mentioned this option, or i am jsut blind
[23:56:34] <Trengo> im sure one of them mentioned it, because i read about it
[23:57:02] <Trengo> you get amazing performance from postfix, especially on maildir
[23:59:35] <bondoer> i have never used this option, but i think i will use it from now, eventhough no problems with high load was reported... one never knows ;)





top