[00:01:32] *** ploploop has quit IRC
[00:10:36] *** F6F-meude has quit IRC
[00:14:41] *** _Driver_ has quit IRC
[00:17:05] *** war9407 has quit IRC
[00:25:30] *** KristianDK has quit IRC
[00:32:58] *** jonez has joined #postfix
[00:50:27] *** oliver76_ has quit IRC
[00:55:22] *** Signum has quit IRC
[00:57:03] *** Fallenou has quit IRC
[00:57:42] *** GoGi has joined #postfix
[01:09:05] *** Signum has joined #postfix
[01:10:08] *** Draecos has quit IRC
[01:26:27] *** zack23 has quit IRC
[01:28:01] *** zack23 has joined #postfix
[01:28:45] *** zack23 has quit IRC
[01:29:40] *** zack23 has joined #postfix
[01:30:25] *** zack23 has quit IRC
[01:34:32] *** Tykling has left #postfix
[01:45:31] *** WinsBandit has joined #postfix
[01:48:14] *** zack23 has joined #postfix
[01:50:39] *** WinsBandit has left #postfix
[01:53:59] *** xpoint has joined #postfix
[01:55:58] *** zack23 has quit IRC
[01:57:30] *** WinsBandit has joined #postfix
[02:00:15] *** seekwill has joined #postfix
[02:05:25] *** jeffspeff2 has joined #postfix
[02:10:47] *** zack23 has joined #postfix
[02:11:21] *** Juspion has joined #postfix
[02:12:00] *** zack23 has quit IRC
[02:14:04] *** jeffspeff2 has quit IRC
[02:14:06] *** Belboz91 has left #Postfix
[02:14:35] *** jeffspeff2 has joined #postfix
[02:14:56] *** dty has joined #postfix
[02:21:20] *** jeffspeff has quit IRC
[02:23:09] *** pfak has joined #postfix
[02:23:12] *** WinsBandit has quit IRC
[02:23:34] <pfak> What's the best way to invoke when im using virtual mailboxes?
[02:24:23] <pfak> er, invoke procmail
[02:26:33] *** nictuku has joined #postfix
[02:29:46] *** pirho has quit IRC
[02:33:14] *** GoGi has quit IRC
[02:42:31] *** jeffspeff has joined #postfix
[02:46:05] *** m0f0x has joined #postfix
[02:47:57] *** dni has joined #postfix
[02:48:49] *** zack23 has joined #postfix
[02:51:40] *** _Driver_ has joined #postfix
[02:53:41] *** zack23 has quit IRC
[02:56:09] *** jeffspeff2 has quit IRC
[03:00:24] *** KristianDK has joined #postfix
[03:06:17] *** hark has quit IRC
[03:06:20] *** hark has joined #postfix
[03:11:40] *** seekwill has quit IRC
[03:12:10] *** KristianDK has quit IRC
[03:13:09] *** jonez has quit IRC
[03:14:42] *** jonez has joined #postfix
[03:16:15] *** dni has quit IRC
[03:35:48] *** nictuku has quit IRC
[03:36:06] *** nictuku has joined #postfix
[03:45:09] *** zack23 has joined #postfix
[03:52:35] *** higuita has joined #postfix
[03:58:06] *** zack23 has quit IRC
[03:59:23] *** mavrick61 has quit IRC
[04:00:30] *** mavrick61 has joined #postfix
[04:02:23] *** zack23 has joined #postfix
[04:03:12] <zack23> Is it normal for Postfix to have open 16 postgres connections (I have virtual tables in postgres)
[04:09:46] *** keffer has quit IRC
[04:11:04] <philip_> root@gehege:~# lsof -Pni |grep 5432 |grep postgres |wc -l
[04:11:04] <philip_> 17
[04:11:08] <philip_> apparently so
[04:13:20] *** keffer has joined #postfix
[04:16:33] *** cilly has joined #postfix
[04:25:06] *** m1n3s6 has joined #postfix
[04:26:46] *** Juspion has quit IRC
[04:37:45] *** seekwill has joined #postfix
[04:43:17] *** zack23 has quit IRC
[04:54:50] *** activate_ has joined #postfix
[04:58:25] *** AcTiVaTe has quit IRC
[05:12:19] *** activate_ has quit IRC
[05:17:08] *** goldfischli has joined #postfix
[05:18:38] *** AcTiVaTe has joined #postfix
[05:30:31] *** jsoft has joined #postfix
[05:33:11] *** goldfisc1li has quit IRC
[05:45:55] *** hark has quit IRC
[05:45:59] *** hark has joined #postfix
[05:54:33] *** xnixan has quit IRC
[05:55:57] *** felix-da-catz is now known as felix-da-catz_zz
[06:09:08] *** cilly has quit IRC
[06:09:44] *** cilly has joined #postfix
[06:24:46] *** xpoint has quit IRC
[06:27:51] *** xpoint has joined #postfix
[06:27:53] *** kk_CHN has joined #postfix
[06:31:46] *** m0f0x has quit IRC
[06:38:51] *** _Driver_ has quit IRC
[07:03:12] *** AcTiVaTe has quit IRC
[07:03:38] *** AcTiVaTe has joined #postfix
[07:29:38] *** sparkleytone has quit IRC
[07:34:18] *** m1n3s6 has quit IRC
[07:36:57] *** Dewi has quit IRC
[07:37:24] *** shinao1 has joined #postfix
[07:40:02] *** seekwill has quit IRC
[07:59:33] *** Tykling has joined #postfix
[08:00:41] *** Kako_ is now known as Kako
[08:04:17] *** Zeit|awy_ has quit IRC
[08:08:30] *** Kako has quit IRC
[08:08:40] *** toytoy has quit IRC
[08:08:55] *** Kako__ has joined #postfix
[08:09:00] *** Kako__ is now known as Kako
[08:13:04] *** jsoft has quit IRC
[08:15:23] *** Kako has quit IRC
[08:15:54] *** Kako has joined #postfix
[08:18:28] *** bhagat has joined #postfix
[08:28:58] *** noetik has joined #postfix
[08:33:11] *** f3ew has joined #postfix
[08:47:33] *** shinao1 has quit IRC
[08:48:56] *** littlebird is now known as chadmaynard
[08:50:02] *** sophokles has joined #postfix
[09:15:08] *** j_s has joined #postfix
[09:16:45] *** jsoft has joined #postfix
[09:18:24] <DGnome> Hi! I'm having problems setting up a split domain configuration with postfix, what exactly should my virtual_alias_maps and transport_maps contain?
[09:20:02] <f3ew> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#some_local
[09:21:54] *** sophokles has quit IRC
[09:25:07] *** sophokles has joined #postfix
[09:31:50] <DGnome> f3ew: so i should have virtual_alias_maps contain "user user at example dot com" and transport_maps "user at example dot com smtp:mail2.example.com" ? atleast it seems to work...
[09:33:48] *** Zelest has quit IRC
[09:47:51] *** noetik has quit IRC
[09:50:24] <f3ew> yes
[09:55:25] *** F6F has joined #postfix
[09:56:20] *** sahil has quit IRC
[09:57:24] *** sypher has joined #postfix
[09:58:23] *** xnixan has joined #postfix
[09:58:41] *** war9407 has joined #postfix
[10:17:38] *** Zeit|awy has joined #postfix
[10:19:18] *** madrescher has joined #postfix
[10:23:22] *** alienbrain has joined #postfix
[10:26:21] *** jsoft has quit IRC
[10:27:07] *** Zelest has joined #postfix
[10:28:50] *** brancaleone has joined #postfix
[10:29:17] *** xpoint has quit IRC
[10:31:35] *** kernel has joined #postfix
[10:31:44] *** kernel is now known as jgreig
[10:32:16] <jgreig> hey guys, is there an option in postfix to turn off the successful delivery emails after an email has been deferred?
[10:34:37] <f3ew> jgreig, that shouldn't be enabled by default
[10:35:27] <jgreig> we had downtime over the weekend, during this time a few of us sent emails via our mail gateway which gave us successful emails once things came back up
[10:38:07] <_ruben> which is expected behaviour of decent mail servers
[10:40:00] <jduggan_> _ruben: some people dont want customers etc knowing that mails were deferred
[10:41:44] <_ruben> *confused*
[10:49:56] *** kiliko has joined #postfix
[10:50:17] *** xnixan has quit IRC
[10:51:44] <jgreig> basically, we were down over the weekend.  we're not the only people that send through this server
[10:52:12] <jgreig> a number of people during this time maybe have sent through this server or just prior to things going down
[10:52:25] <jgreig> we'd rather them not receive 'successful delivery' notifications
[11:03:35] *** Bogaurd_ has joined #postfix
[11:04:41] *** Bogaurd has quit IRC
[11:12:49] *** kiliko has quit IRC
[11:16:10] *** _Driver_ has joined #postfix
[11:19:32] *** noetik has joined #postfix
[11:25:49] *** Bogaurd_ has quit IRC
[11:42:30] *** noetik has quit IRC
[11:43:29] *** sypher has quit IRC
[11:46:08] *** AcTiVaTe has quit IRC
[11:51:28] *** alienbrain has quit IRC
[11:51:47] *** alienbrain has joined #postfix
[11:54:05] *** Jense has joined #postfix
[11:56:21] *** VivekVC has joined #postfix
[12:04:10] *** _Driver_ has quit IRC
[12:24:15] *** Fallenou has joined #postfix
[12:25:02] *** kk_CHN has quit IRC
[12:26:10] *** _Driver_ has joined #postfix
[12:31:30] *** cpm has joined #postfix
[12:43:15] *** xpoint has joined #postfix
[13:18:38] *** madrescher1 has joined #postfix
[13:19:06] *** karrier has joined #Postfix
[13:19:20] *** madrescher has quit IRC
[13:22:21] <karrier> hi, anybody knows why when  i send a message with a webmail locally installed postfix logs delivered and remove line, but if I use a client in my desktop only shows the removed line?
[13:22:54] <karrier> I means the bounce message
[13:22:56] <f3ew> your logging is broken?
[13:24:02] <karrier> no it is working with smtpd -v in master.cf and works well
[13:24:14] *** xnixan has joined #postfix
[13:30:11] *** idle-boy is now known as fugitive
[13:33:42] *** nictuku has quit IRC
[13:37:52] *** brancaleone has quit IRC
[13:39:47] *** Pronco has joined #postfix
[13:39:52] <Pronco>  My evolution mail client gives me an input / output error when i try to access omy IMAP
[13:44:54] * shasta encourages Pronco to read the channel name again
[13:45:21] <sysmonk> shasta: woot about it? ;)
[13:45:41] *** Magic2 has joined #postfix
[13:50:28] *** karrier has quit IRC
[14:01:16] *** PcPixel has joined #postfix
[14:01:36] *** milligan_ has joined #postfix
[14:02:05] <PcPixel> I have a check in my postfix server that doesnt permit outside senders to use my domain as an inbound email address. however, this morning I got a spam with this in the header: From: VIAGRA INC <admins at qvii dot com>
[14:02:18] <PcPixel> how is it this guy managed to squeak through? :)
[14:02:27] <milligan_> I have a postfix server with virtual users. I want to move the SMTP job to another server, to offload the receiving server a bit. Is there any simple way of exporting valid user accounts? will exporting each mailbox from the db, to a txt file, and running postmap on that file be sufficient?
[14:02:51] <roe_> milligan_, that is one way to do it
[14:03:16] <roe_> is this new server going to be on the same lan?
[14:03:23] <milligan_> yeah
[14:03:36] <milligan_> Just have the SMTP server do its lookups on the receiving servers db?
[14:03:40] <roe_> why not let it connect to the db?
[14:03:44] <milligan_> yeah.
[14:04:21] <milligan_> Thought about that, but this is also going to be an SMTP server for some exchange users aswell, so I think I'll have to generate txt file and do the postmap on it.
[14:04:41] <roe_> oh exchange, how I love the
[14:05:47] <milligan_> hehe
[14:05:50] <milligan_> tell me 'bout it.
[14:06:45] * PcPixel prefers Kerio ro Exchange, but thats a diff topic :P
[14:07:08] <milligan_> roe_, so, how would I also export passwords? I want the smtp server to require authentication.
[14:07:22] <roe_> from exchange?
[14:07:34] <roe_> or from the receiving mail server?
[14:07:51] <milligan_> receiving.
[14:08:10] <milligan_> If I go for the postmap solution, I'd need a textfile with usernames and passwords, right ?
[14:08:17] <roe_> aye
[14:08:32] <milligan_> what's the format?
[14:08:42] <milligan_> email at domain dot tld <tab> password <tab> OK
[14:08:43] <milligan_> ?
[14:08:48] <roe_> someone stop me when I am wrong...
[14:09:19] <roe_> postmap creates a berkelydb for you, which supports a data pair <field one> <field two>
[14:09:41] <roe_> it creates a berkleydb I think only if you have hash:.. in main.cf
[14:09:44] *** AcTiVaTe has joined #postfix
[14:10:08] <roe_> there are other options available to you, I do not know how many... maybe the bot does
[14:10:09] <roe_> !postmap
[14:10:10] <knoba> roe_: "postmap" : a command to 'compile' text files to hash databases. Example: a file transport will be converted to transport.db by running 'postmap transport'. Your main.cf will contain something like transport_maps = hash:/etc/postfix/transport (without the '.db')
[14:10:30] <roe_> I guess I was mostly correct...
[14:10:41] <milligan_> right
[14:10:49] <milligan_> so, user at domain dot tld <space> user_password
[14:10:57] <milligan_> postmap on that file, and I should be good to go on authentication
[14:11:36] <milligan_> question that arises then, is that passwords are hashed in the db. How do I extract them ? :P
[14:11:42] <roe_> the only downside is you need to know everyone's password, and keep a plain text file with all of those passwords there
[14:12:06] <roe_> you can't
[14:12:11] <milligan_> hm
[14:12:12] *** Draecos has joined #postfix
[14:12:54] <roe_> you could probably brute force them in a 10-800years, depending on the computing power and type of hash
[14:13:07] <roe_> but that isn't much help
[14:13:10] <milligan_> maybe I'll buy a new monstermachine that can crack them all
[14:13:18] <milligan_> I s'pose you're right.
[14:13:39] <milligan_> I guess I'll have one postmap hash file, and do the rest of the lookups directly to the db.
[14:13:47] <AcTiVaTe> When having email troubles I usually just change the pwd and then have the user change it back.
[14:13:55] <roe_> is the active directory server also on your lan
[14:13:56] <milligan_> that way I can postmap the exchange wankers, and query the db directly for smtp authentication.
[14:14:56] <PcPixel> LDAP would be my only guess
[14:15:09] <milligan_> yeah, it is afaik. I'm not the one administering it, luckily. I'm just making a gateway that'll bind them all together.
[14:15:13] <milligan_> LDAP is not an option.
[14:15:19] <PcPixel> didnt think it would be
[14:15:27] <roe_> I've only ever maintained a berkleydb for incoming mail going to postfix, but I think you can get postfix to connect to AD through ldap, not sure if all your users of exchange are AD users but that might be a better route
[14:15:45] <PcPixel> roe_: that was my thought, which was why i pitched ldap. but he says its a no go.
[14:15:56] <PcPixel> i agree, i really would be hesitant to do ldap on an internet facing machine
[14:16:14] <roe_> milligan_, I would remove the word "luckily" from your above statement :)
[14:16:58] <PcPixel> ive got a check that if you connect from outside my mail server, you cant use our addresses as "from". how is it this mail message got through? http://pastebin.com/d301f9686
[14:17:00] <roe_> it would only be ldap lookups, the ldap server (AD) isn't world facing, or at least shouldn't be
[14:17:21] <PcPixel> roe_: correct, but if the mail server gets hacked and is confiogured to do AD lookups
[14:17:24] <PcPixel> youre boned
[14:17:36] <lunaphyte_> why?
[14:17:53] <PcPixel> if i can comprimise the mail server i can then query the AD for whatever id like
[14:17:56] <milligan_> roe_, combining a berkleydb lookup and a db lookup is possible, isn't it ?
[14:17:58] <roe_> read only ldap access isn't the worst of the problems
[14:18:00] <lunaphyte_> so?
[14:18:12] <lunaphyte_> that has nothing to do with postfix.
[14:18:12] <PcPixel> i guess it just depends on your paranoia level
[14:18:21] <PcPixel> ok
[14:18:23] * PcPixel drops it
[14:18:48] <roe_> milligan_, I believe you can configure multiple authentication dbs for postfix to check but I haven't done it
[14:19:28] <lunaphyte_> PcPixel: show logs of delivery of that message, and your header check
[14:19:30] <roe_> PcPixel, I'm assuming the qvii.com is your domain?
[14:19:32] *** jpalmer has quit IRC
[14:19:49] <PcPixel> roe_: yes
[14:19:55] <PcPixel> ok gimme one sec and ill get those up
[14:20:12] <PcPixel> (i just tried the check on my system from an outside machine & it worked. the check blocked it)
[14:20:15] <roe_> it got close to 80points thoust :)
[14:20:29] <roe_> s/thoust/though
[14:20:40] <PcPixel> no
[14:20:43] <PcPixel> lol
[14:20:44] <roe_> oh nose, -80
[14:20:46] <PcPixel> it got a negative score
[14:20:47] <PcPixel> :)
[14:21:53] <lunaphyte_> milligan_: look into the ldap plugins for sasl.
[14:23:23] <PcPixel> here you go: http://pastebin.com/d9b32d34
[14:23:25] <PcPixel> those are the rules
[14:23:30] <PcPixel> now i gotta find it in the log
[14:24:50] <lunaphyte_> qvigstad.no isn't in your list.
[14:25:05] <PcPixel> here is the recipient: http://pastebin.com/db752968
[14:25:30] <PcPixel> luna: to the Return-Path shorts out the From check?
[14:25:33] <PcPixel> so rather
[14:25:40] <roe_> yup, lunaphyte is correct and with the pastebin you just pasted it should be clearer
[14:25:43] <lunaphyte_> you aren't checking From:
[14:27:00] <lunaphyte_> hmm, that gives me an idea.
[14:27:19] <roe_> that from the is body from is it not?
[14:27:20] <PcPixel> im confused then.. it says that check_sender_Access checks for things specified in: MAIL FROM:
[14:27:26] <lunaphyte_> indeed.
[14:27:35] <PcPixel> so if the mail was from admins at qvii dot com
[14:27:46] <PcPixel> then what happened?
[14:27:54] <roe_> PcPixel, look at line 3: http://pastebin.com/db752968
[14:27:54] <lunaphyte_> nope, palg at qvigstad dot no
[14:28:29] <roe_> from:<blah at pvigstad dot no>
[14:28:29] <PcPixel> aha! yes you are right. thats the first time i actually read that log
[14:28:40] <PcPixel> dang it
[14:28:40] <PcPixel> lol
[14:28:43] <PcPixel> ok so the check works
[14:28:45] <PcPixel> they just outsparted it
[14:28:48] <sysmonk> posting logs before reading them sucks :)
[14:28:48] <PcPixel> smarted
[14:28:54] <PcPixel> sysmonk: you know it lo
[14:28:55] <PcPixel> lol
[14:29:08] <lunaphyte_> to also catch what you're asking about you will need to use header_checks
[14:29:26] <PcPixel> luna: oh?
[14:29:28] <lunaphyte_> in addition to what you alraedy have, that is.
[14:29:33] <lunaphyte_> err, *already
[14:29:35] <PcPixel> im using them now, i would probably have to think of how
[14:29:43] <PcPixel> im still having my morning coffee lo,
[14:29:44] <PcPixel> lol
[14:30:01] <sysmonk> lunaphyte_: dunno if it's possible in this case
[14:30:03] <roe_> the the "return-path" in the header guaranteed to be the address used in the smtp communication?
[14:30:16] <PcPixel> yeah, how would you be able to code that
[14:30:23] <PcPixel> cause that would be ideal lol
[14:30:29] <sysmonk> lunaphyte_: header_checks are done on cleanup, and you can't control them by ip ;/
[14:30:29] <PcPixel> but..... how.
[14:30:51] <sysmonk> that is, you can't tell to check headers if user is not authenticated, and not check if he is
[14:31:02] <roe_> I always drop back to the log to confirm what email address was declared in MAIL FROM: but if I could rely on the return-path header it would make my life easier
[14:31:08] <sysmonk> header_checks are always done (that is, if you enabled them :P )
[14:31:57] <PcPixel> roe_: well wait
[14:31:59] *** Tex-Twil has joined #postfix
[14:32:00] <PcPixel> roie)_: maybe you could
[14:32:08] <PcPixel> no wait damn
[14:32:14] <PcPixel> cause you cant tell ti which side of the server its on
[14:32:19] *** Tex-Twil has left #postfix
[14:32:23] <PcPixel> header_Checks are for all mail correct?
[14:32:30] <sysmonk> correct
[14:32:35] <PcPixel> thats the rub
[14:32:52] <PcPixel> cauwse otherwise, just regexp for your domains in return path & bam
[14:33:00] <PcPixel> but that shorts out all your outgoing
[14:33:39] *** toytoy has joined #postfix
[14:33:46] <lunaphyte_> yeah, if he wants to be selective, he'd have to be a bit more creative.
[14:34:09] <PcPixel> first idea that pops to mind is to split the servers apart. have a dedicated out and dedicated in
[14:34:16] <PcPixel> then its a non isssue
[14:34:21] <lunaphyte_> either unique instances of smtpd, or maybe? address classes.
[14:34:25] <PcPixel> brb, service call
[14:34:42] <sysmonk> PcPixel: having dedicated in and outs is teh right way anyway
[14:34:46] <sysmonk> if you don't have it, then you should :)
[14:35:06] <sysmonk> lunaphyte_: address classess won't help too
[14:35:51] <roe_> sysmonk, you are of the school of an out.domain.com and an in.domain.com?
[14:36:06] <milligan_> It's the smtpd_sasl_type = setting that defines what kind of authentication is used to allow a user to send email, right ?
[14:36:54] <milligan_> btw, my entire exchange problem is no more. I was told to leave them alone :)
[14:37:01] <sysmonk> roe_: i'm of the school Seperate mail servers for incoming and outgoing email Kung Fu
[14:37:04] <sysmonk> ;)
[14:38:16] <sysmonk> roe_: ofcorse, if you have 10 mailboxes then you don't care
[14:38:21] *** Pazzo has joined #postfix
[14:40:12] <roe_> we are growing a virtual environment for our client to host caldav, web, mail, webdav etc... we chose to run postfix on each of their vservers and forward to one gateway, that gateway is also their mx record,
[14:40:48] <roe_> we could have gone the route of virtual services instead of virtual machines, but then ssl gets tricky
[14:47:58] *** Captain has joined #postfix
[14:48:35] <PcPixel> sysmonk: we currently only have 1 for both
[14:49:28] <PcPixel> though am i right, that if you had a dedicated inbound that you could do that mail header check with a regexp for your domains?
[14:54:52] <milligan_> So, was I right in my assumption? smtpd_sasl_type is the setting that defines what kind of authentication I want to use to verify users that can send email through my server ?
[15:00:07] <sysmonk> milligan_: define 'what type'
[15:00:20] <lunaphyte_> milligan_: that's to specify which sasl implementation - e.g. cyrus or dovecot.
[15:00:20] <sysmonk> smtpd_sasl_type defines which sasl lib to use ( cyrus or dovecot )
[15:00:23] <sysmonk> but not antyhing else
[15:00:36] <lunaphyte_> you need to look within sasl itself, not postfix.
[15:00:59] <milligan_> sysmonk, well, I want the server to check for valid users in a database. I could use dovecot to verify valid users, and allow smtp, right ?
[15:02:18] <PcPixel> ugfh, gotta reboot
[15:02:20] *** PcPixel has quit IRC
[15:02:35] <lunaphyte_> postfix just passes user/pass to sasl.  sasl does the dirty work and tells postfix yes or no.
[15:03:30] <lunaphyte_> (the short version, anyway).
[15:04:21] <milligan_> lunaphyte, so in an even shorter manner, "yes" :)
[15:05:09] <lunaphyte_> or, yet even shorter, 1. :p
[15:06:22] <milligan_> awesome. cheers.
[15:08:56] *** PcPixel has joined #postfix
[15:09:03] <PcPixel> back. what'd i miss :)
[15:11:44] *** PcPixel has quit IRC
[15:13:30] *** toytoy has quit IRC
[15:14:20] <milligan_> lunaphyte gave us a hot stripdance
[15:16:04] *** ryan|work has quit IRC
[15:17:18] *** Skorp has joined #postfix
[15:17:32] <Skorp> hi, the pop3 email adressess on my server go through procmail, but the forwarderd emails dont, how can i cofigure postfix that send all emails through the prcomail / SA
[15:19:30] *** uniwiz has joined #postfix
[15:19:45] *** PcPixel has joined #postfix
[15:21:08] <uniwiz> Is there a way to get the server reply code directly from the remote mta when using reject_unverified_recipient to check if users exist on that remote mta?
[15:23:28] *** mgeary has joined #postfix
[15:23:32] <mgeary> hi folks
[15:24:33] <mgeary> hey, is it possible to have my smtp listen to both port 25 AND some non-standard port? I've got a co-worker trying to send mail from a hotel, and they're blocking port 25, but i don't want to mess up our in-house workers
[15:25:16] <PcPixel> ...they are running a server in the hotel?
[15:25:41] <mgeary> no the hotel is providing wifi, but they're blocking outgoing mail that's not going through their own isp
[15:26:23] <uniwiz> so he should use webmail then
[15:26:35] <lunaphyte_> !submission
[15:26:35] <knoba> lunaphyte_: "submission" : I am knoba! Yield to my power and authority mortal
[15:26:38] <mgeary> so you don't know if it's possible to do what i'm asking?
[15:26:38] <lunaphyte_> bah
[15:26:48] <lunaphyte_> mgeary: use the submission port.
[15:27:07] <mgeary> that's a config setting?
[15:27:12] <lunaphyte_> indeed.
[15:27:19] <lunaphyte_> you should be using it anyway, hotel or not.
[15:28:05] <mgeary> hrm. searching in main and master configs for "submission". not finding anything useful
[15:28:45] <lunaphyte_> look closer.
[15:28:45] <lunaphyte_> grep -i submission master.cf
[15:29:19] <mgeary> ah, up in the inet stuff
[15:29:46] <mgeary> http://rackerhacker.com/2007/07/04/enable-submission-port-587-in-postfix/
[15:29:59] <mgeary> ^^ so i just need to uncomment that line? that's it?
[15:30:12] <lunaphyte_> well, more or less.
[15:30:30] <lunaphyte_> you'll also need a small child to sacrifice.
[15:30:35] <mgeary> got that
[15:30:40] <mgeary> that's the easy part
[15:30:48] <mgeary> ;)
[15:30:48] <lunaphyte_> preferably innocent, as well.
[15:30:53] <mgeary> oh. dang
[15:31:02] <mgeary> there's always SOMETHING
[15:32:47] <mgeary> testing that now....
[15:34:40] <Bejgli> lol
[15:34:45] <Bejgli> lunaphyte_: :D
[15:43:43] *** jpalmer has joined #postfix
[15:46:40] <mgeary> hrm. port 587 is still causing some issues. can anyone recomment a decent OSS webmail solution? I've tried SquirrelMail, but wasn't very impressed...
[15:49:20] *** fugitive is now known as idle-boy
[15:50:16] <lunaphyte_> i like roundcube.
[15:50:37] <milligan_> roundcube is nice, but squirrelmail is nice if you splash the 10-15 bucks a skin from nutsmail.org costs.
[15:51:25] <mgeary> anyone know of any issues running roundcube on OS X?
[15:51:38] <lunaphyte_> tias
[15:52:13] <mgeary> tias-ing ;)
[15:57:40] <mgeary> ah, my co-worker entered port 58, not 587. it's all set now. Thanks, folks!
[15:57:41] *** Tinozaure is now known as _Tino
[15:57:43] *** mgeary has left #postfix
[15:58:20] *** madrescher1 has quit IRC
[15:59:25] *** madrescher has joined #postfix
[16:03:54] *** Pronco has left #postfix
[16:07:23] *** nexxus`off has joined #postfix
[16:08:14] *** zack23 has joined #postfix
[16:08:48] <zack23> I have a domain, domain.com for example, but for some reason, postfix thinks it's domain.domain.com - how can I change this? I cannot find anyplace to change this. This is causing errors when sending mail to the outside world
[16:09:52] <roe_> I think...
[16:09:56] <roe_> !mydomain
[16:09:57] <knoba> roe_: "mydomain" : a configuration parameter in the main.cf: The internet domain name of this mail system. The default is to use $myhostname minus the first component. $mydomain is used as a default value for many other configuration parameters.
[16:11:14] <nexxus`off> hmm i did the ispmail thing on workaround.org, I have an alias up test@.. to another address of that virtual domain, but when I try to send to test@.. I always get User unknown in virtual mailbox table, any ideas?
[16:11:56] <zack23> roe_: Yeah, mydomain is domain.com
[16:11:56] <nexxus`off> i double checked main.cf I don't think I'm missing sth hmhm
[16:12:27] <zack23> It must be from gethostname() - if so where would it read that from...I have done domain -n domain.com
[16:16:58] <nexxus`off> omg I got it
[16:16:58] <nexxus`off> nvm
[16:17:19] <nexxus`off> my webinterface for aliases messed it up ^^
[16:22:37] *** felix-da-catz_zz is now known as felix-da-catz
[16:32:37] *** _ruben has quit IRC
[16:32:48] *** _ruben has joined #postfix
[16:39:40] *** Jax has joined #postfix
[16:42:40] *** Jax has quit IRC
[16:44:05] *** alienbrain has quit IRC
[16:45:04] *** uniwiz has quit IRC
[16:46:21] *** ming_zym has joined #postfix
[16:47:11] *** Muhammad has joined #postfix
[16:47:25] *** nexxus`off has quit IRC
[16:53:53] *** bhagat has quit IRC
[17:04:59] *** havvg has joined #postfix
[17:08:22] *** KaV has joined #postfix
[17:08:38] *** KaV has quit IRC
[17:21:59] <zack23> I'm getting a "inetd[4130]: getpwnam: identd: No such user" and " /usr/sbin/identd: exit status 1", I think, when sending mail from the server using Postfix - the mail is still sent - any ideas?
[17:22:43] *** sophokles1 has joined #postfix
[17:23:33] <f3ew> why is inetd being invoked?
[17:24:37] <zack23> I don't even know if it's postfix - how can I find out? It happened when I send outgoing mail. I have postfix user and spamd
[17:24:56] *** hparker has joined #postfix
[17:26:24] <zack23> and "ident/tcp server failing (looping), service terminated for 10 min"
[17:28:04] <zack23> ahh "Once the limit is reached, the service will be reenabled automatically in 10 minutes" -> inetd
[17:29:02] <zack23> I don't know what it is
[17:29:23] <lunaphyte_> inetd, or identd?
[17:29:41] *** Muhammad has quit IRC
[17:29:56] <zack23> inetd
[17:30:09] <zack23> "inetd[2898]: /usr/sbin/identd: exit status 1"
[17:30:17] *** Magic2 has quit IRC
[17:30:43] <zack23> could it be the max number of SMTP connections occurred or does Postfix not use inetd?
[17:31:52] <zack23> in syslogd, the last thing that happens before that happens (exact same time) is "Aug 11 10:20:03 hostname postfix/qmgr[2952]: 1801F36AE1: from=<user at domain dot com>, size=303, nrcpt=1 (queue active)"
[17:33:42] *** madrescher has quit IRC
[17:35:43] <zack23> do I need an identd user?
[17:39:09] *** sophokles has quit IRC
[17:39:35] <f3ew> no
[17:39:38] <f3ew> turn it off
[17:40:41] *** Skorp has left #postfix
[17:43:51] *** munga_ has joined #postfix
[17:48:11] <munga_> Hello. How can I rewrite the sender for $user at $host dot localnet.org to $user-$host at public dot domain.net ? I send all emails from a cluster of machine of localnet.org to a hub that should be then change the sender (from) and send everything to root at public dot domain.org ...
[17:49:53] <munga_> The second part is easy with a virtual map... for example. I'm a bit confused on how to rewrite the from ...
[17:52:45] *** hever has joined #postfix
[17:56:21] *** toytoy has joined #postfix
[17:59:53] *** ming_zym has quit IRC
[18:04:10] *** havvg has quit IRC
[18:04:19] <zack23> are there any good docs on getting maildrop working with postfix's virtual users? I've converted from Qmail and have virtual users going with Postgres and Dovecot and things work fine.
[18:07:16] *** m0f0x has joined #postfix
[18:09:06] *** jeeter522 has joined #postfix
[18:09:21] <riz_> zack23 do you alredy read http://www.postfixvirtual.net/postfixconf.html#couriermaildrop ?
[18:09:28] <jeeter522> whats the easiest way to forward 1 users mail off to another mail server (local) within postfix?
[18:09:55] <riz_> jeeter522 using alias?
[18:11:21] *** Jense has quit IRC
[18:12:30] <jeeter522> within the hash file, how would i set that up?  ' user1:    192.168.1.1 ' ?
[18:14:48] <zack23> riz_: Yes, I read that and maildrop works fine for system users, just not for virtual users
[18:15:17] <jeeter522> riz_ : not sure alias is what im looking for, i have about 100 users on a postfix/dovecot setup, i need to take 1 user, and forward all his mail to an exchange server (same internal network, same email address on both boxes)
[18:15:35] *** sophokles1 has quit IRC
[18:16:02] <riz_> zack23 just one minute please.
[18:16:12] <zack23> riz_: thank you
[18:16:44] *** ming_zym has joined #postfix
[18:17:36] <riz_> jeeter522 so? you could add (for example) root:  <your_exchange_server> and after postalias /etc/postfix/virtual_alias
[18:17:54] <riz_> jeeter522 or /etc/postfix/alias
[18:18:12] <riz_> jeeter522 depends from your postfix configuration.
[18:22:57] <riz_> zack23 I'm reading http://www.postfix.org/MAILDROP_README.html
[18:24:19] *** Jense has joined #postfix
[18:27:00] *** githogori has quit IRC
[18:27:42] <zack23> riz_: hmm, I'm using Postgres as a backend and now I am getting this when I put in the config: (user unknown. Command output: Invalid user specified. )
[18:28:08] <zack23> I put in maildrop_destination_recipient_limit = 1 and virtual_transport = maildrop and in master.cf, I commented out the maildrop pipe command
[18:29:40] <riz_> zack23 do you store your user in a Postgres database?
[18:29:47] <zack23> riz_: yes
[18:30:11] <zack23> how do I tell it the virtual_mailbox_maps (I'm figuring that's what's wrong)
[18:30:49] <riz_> zack23 the master.cf looks good?
[18:31:24] <zack23> I just commented out maildrop  unix  -       n       n       -       -       pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
[18:31:30] <zack23> (two lines)
[18:31:34] *** tshine has quit IRC
[18:32:25] <zack23> somehow it doesn't find the user - or Postfix isn't passing the userinfo to maildrop?
[18:33:00] <zack23> I probably need another config file for postgres eh?
[18:33:27] <riz_> zack23 I'm not sure about it but probabily yes...
[18:34:12] *** pitakill has joined #postfix
[18:34:22] *** pickcoder has joined #postfix
[18:34:41] <jeeter522> riz: i have added user:     192.168.1.50   (the ip of my exch server) , no go, postfix is looking to think the IP is a mailbox
[18:34:55] <jeeter522> do i need to use the < > brackets in order for it to realize it is something other than a box?
[18:38:54] <zack23> ah same thing.. user invalid
[18:44:55] <riz_> jeeter522 try with forward: echo yourexchangeserver at account dot com > /home/<someuser>/.forward && chmod o+r/home/<someuser>/.forward In this way each mail received by <someuser> will be forwarded to your exchange server.
[18:46:26] <riz_> zack23 sorry, but I can't try now for helping you because I don't have a postgres db for proposal test
[18:46:27] * pickcoder grumbles
[18:48:04] <zack23> does maildrop have to be configured with auth-lib or is postgres taking care of all that?
[18:48:26] <jeeter522> riz : The ip doesnt have an @domain.com , its the same exact domain.com on both servers, if i use that .forward its going to try and forward mail to the same MX record, which is back to my domain
[18:48:49] *** ninext has joined #postfix
[18:48:53] <jeeter522> i just need it to take the email for that specific user once postfix accepts it, and forward it over to another mailserver on the same LAN
[18:51:18] <jeeter522> I need postfix to acknowledge there is an account on the linux server, and look past that and forward it on to the exchange server on the same subnet, every option ive found looks like it wants to forward to another local user
[18:51:32] <ninext> hallo
[18:52:56] <ninext> can you help me to switch from postfix local user db to virtual (not mysql) db??
[18:54:50] <rob0> Why switch?
[18:55:10] *** noetik has joined #postfix
[18:55:38] * cpm switches rob0
[18:55:59] <ninext> I need not to create a local user for each mail account  ...
[18:56:04] * rob0 liked it better before the switch
[18:56:20] <Dominian> imho, with virtual, always nice to use mysql.
[18:56:26] <Dominian> makes administrator a lot easier imo
[18:56:30] <Dominian> administration that is
[18:56:37] * cpm switches rob0  back
[18:56:41] <cpm> Always happy to please.
[18:56:48] <rob0> yeah sure ... then you need to create a virtual user for each account
[18:56:55] <rob0> oh thanks cpm!
[18:57:24] <riz_> jeeter522 yes, postfix try to send to local user. It's normal. Don't know if there is the possibility to forwarded remotely using alias (maybe yes)
[18:57:28] <Dominian> rob0: eh.. postfixadmin ftw
[18:57:32] *** noetik has quit IRC
[18:57:40] * cpm chokes
[18:57:48] <pickcoder> jeeter522: just setup a remote aliase
[18:57:52] <pickcoder> alias
[18:57:56] <rob0> Well, I guess you saw, he set the requirement as "not mysql".
[18:58:09] <pickcoder> blah: blah2 at anotherdomain dot com
[18:58:16] <pickcoder> if it's the same domain then consider transports
[18:58:19] <pickcoder> !transport
[18:58:19] <knoba> pickcoder: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[18:58:25] <pickcoder> use transport_maps
[18:58:31] <jeeter522> ahh i see
[18:58:43] <pickcoder> blah@ smtp:[myotherip]
[18:58:45] <jeeter522> so smtp: [exc.ang.ge.box]
[18:58:51] <jeeter522> right
[18:58:52] <pickcoder> yes
[18:58:58] <jeeter522> oh, but use his email ?
[18:59:04] <jeeter522> user@ smtp:[myotherip] ?
[18:59:12] <pickcoder> man 5 transport
[18:59:14] <pickcoder> or use that link
[18:59:20] <pickcoder> the transport matching info is there
[18:59:20] <jeeter522> ty
[18:59:35] <ninext> I'm already uso this mail server with local user .... cam I do this change without a long stop??
[19:00:25] <riz_> jeeter522 before I said: jeeter522 so? you could add (for example) root:  <your_exchange_server> and after postalias /etc/postfix/virtual_alias Obviously if you want to send remote you need to specify the user as pickcoder as suggest..
[19:01:07] <pickcoder> ninext: the local transport can be appended (or replaced) with external alias_maps
[19:01:37] <pickcoder> !alias:maps
[19:01:37] <knoba> pickcoder: Error: "alias:maps" is not a valid command.
[19:01:41] <pickcoder> !alias_maps
[19:01:42] <knoba> pickcoder: "alias_maps" : a configuration parameter in the main.cf: The alias databases that are used for local(8) delivery. See aliases(5) for syntax details.
[19:02:09] <rob0> My opinion is that ninext is solving a problem which doesn't exist, or maybe solving the wrong problem.
[19:02:36] <pickcoder> well, I have to wonder where the mail is going to do with no local users
[19:02:48] <pickcoder> and without virtuals
[19:02:56] <rob0> Sure, mysql people like having users in a DB, and sure, you can do it with flat files. But why?
[19:02:59] <pickcoder> s/do/go
[19:03:23] <pickcoder> oh nevermind... mysql was stated
[19:03:41] <pickcoder> ninext: you can add virtuals without messing with local
[19:03:45] <pickcoder> !virtual
[19:03:45] <knoba> pickcoder: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[19:03:54] <pickcoder> !mysql
[19:03:55] <knoba> pickcoder: "mysql" : http://www.postfix.org/MYSQL_README.html is helpful in configuring postfix to talk to a mysql server.
[19:04:33] <PcPixel> grrr. freaking sender_access malfunctioning....
[19:04:35] <rob0> My favorite means of multiple domains with namespace separation is to use virtual alias domains with local(8) delivery.
[19:05:23] <ninext> Thank you. Now I read it ...
[19:05:32] <pickcoder> rob0: unless you don't have control over who stores the mail
[19:12:49] <jeeter522> pickcoder : worked like a charm, thanks
[19:13:16] *** jeeter522 has left #postfix
[19:13:47] *** toytoy has quit IRC
[19:15:09] *** Pazzo has quit IRC
[19:17:10] *** pulsar has quit IRC
[19:23:55] *** rcsu has joined #postfix
[19:24:07] *** amrit is now known as amrit|wrk
[19:28:03] *** xpoint has quit IRC
[19:36:33] *** ninext has quit IRC
[19:37:38] *** tuxinator has joined #postfix
[19:38:39] <tuxinator> hi all
[19:39:03] <tuxinator> why if i run procmail as filter command new maildir mails are owned by root?
[19:39:14] *** seekwill has joined #postfix
[19:39:20] *** hark has quit IRC
[19:39:59] *** hark has joined #postfix
[19:40:03] *** derrick has joined #postfix
[19:40:40] <tuxinator> is that a procmail or a postfix issue? configuration problem?
[19:40:58] *** ming_zym has quit IRC
[19:41:30] *** Draecos_ has joined #postfix
[19:48:21] <sysmonk> must be procmail, postfix is afraid of root privs and tries not to use them at all
[19:48:49] <rob0> wtf? How could procmail be running as root?
[19:49:00] <sysmonk> rob0: suid?
[19:50:04] *** Draecos has quit IRC
[19:57:42] *** githogori has joined #postfix
[20:01:24] *** Niemi_ has joined #postfix
[20:13:15] *** Motoko-chan has joined #postfix
[20:18:49] *** master_of_master has joined #postfix
[20:23:25] *** darkphader has joined #postfix
[20:28:00] *** m0f0x_ has joined #postfix
[20:30:28] *** master_o1_master has quit IRC
[20:31:04] <munga_> I want to relay all my users to a mail hub. My problem is that if I send an email to a local user without a fqdn, this is relayed locally... how can I force postifx to send it to the relay host in all cases ?
[20:31:05] <PcPixel> sysmonk: looks like im back to a single class again lol
[20:31:25] <sysmonk> congrats :)
[20:31:33] <sysmonk> easier to debug later
[20:33:35] <sysmonk> PcPixel: you're still not fired from your company?
[20:34:42] <shasta> munga, postconf mydestination
[20:38:20] *** tshine has joined #postfix
[20:38:44] *** viimrles has quit IRC
[20:38:48] *** m0f0x has quit IRC
[20:39:50] *** cssbkgn has joined #postfix
[20:40:43] <PcPixel> sysmonk: no lol
[20:41:30] * sysmonk should add PcPixel to linkedin and watch when pcpixel will get fired
[20:44:42] <PcPixel> lol
[20:44:42] <PcPixel> nah
[20:44:56] <PcPixel> though i have people annoyed im deploying network based spam filtering over like spamassasin
[20:46:18] <Motoko-chan> lol
[20:46:38] <Motoko-chan> munga_, look at postfix's mapping capabilities.
[20:46:47] <Motoko-chan> Or use an actual proper fqdn.
[20:47:39] <derrick> hmm, i'm going insane.  i'm setting up a pair of in/out relays.  from the perspective of inside i want them to be the smart hosts for outbound relay.  i can't seem to get anything listed under mynetworks to be able to relay out unless it's listed in the relay_domains
[20:48:01] <derrick> i thought relay_domains was for my allowed in-bound relaying, not outbound?
[20:48:02] *** hparker has quit IRC
[20:48:32] <derrick> i can send outbound mail from the relays them selves, just not clients behind them
[20:49:15] <sysmonk> derrick: 'draw' a whole path from client to i.e. gmail
[20:49:19] <sysmonk> and where the mail 'stucks'
[20:49:48] <pickcoder> when an alias command is run it's run as postfix, right?
[20:50:15] <derrick> client --privip--> relay(private ip) --mx lookup--> (nat happens) handoff to outside mx
[20:50:33] <derrick> the client gets rejected from the relay during the rcpt to: remote domain
[20:50:45] <derrick> it gets a relay denied fromt he rcpt to:
[20:51:32] <shasta> !relay_denied
[20:51:33] <knoba> shasta: "relay_denied" : \"554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER_ADDRESS> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>\": This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).
[20:51:33] <sysmonk> derrick: logs
[20:51:38] <sysmonk> ah, relay denied...
[20:51:46] <sysmonk> does 'relay' server has them in mynetworks?
[20:51:56] <sysmonk> knoba was faster ;/
[20:51:58] <derrick> yup, i have it as a /16
[20:52:13] <derrick> i tried listing a specific host ip from the one i'm debugging from, still no luck
[20:52:31] <sysmonk> derrick: did you restart postfix?
[20:52:48] <derrick> i've been doing reloads....i'll be peeved if a restart fixes it :)  let me try
[20:52:53] <sysmonk> postconf -n and pastebin it, with teh logs which have the relay denied ( don't mungle the ip's _please_)
[20:53:53] <derrick> does this chan have a public pastebin?
[20:54:01] <sysmonk> derrick: use any
[20:54:09] <derrick> k, and thanks for your time and eyeballs :)
[20:54:20] <sysmonk> s/eye//
[20:54:39] <derrick> and your father's balls for making you
[20:54:50] * sysmonk dislikes my father, but sure, thanks
[20:54:50] <sysmonk> ;)
[20:55:09] *** toytoy has joined #postfix
[21:01:35] * pickcoder is having a hard time getting oo.org to convert files under an alias command
[21:02:31] *** PcPixel has quit IRC
[21:02:32] <sysmonk> what's the prob pickcoder ?
[21:04:40] <pickcoder> the symptoms are:
[21:04:49] <pickcoder> my oo2pdf script hands
[21:04:54] *** hark has quit IRC
[21:04:56] <pickcoder> it executes a macro in oo.org
[21:05:24] <pickcoder> the files come from a perl module that explodes mime parts
[21:05:33] <pickcoder> they're 700 nobody.nobdy
[21:05:44] <pickcoder> chmod doesn't work in the alias command script
[21:05:57] <pickcoder> s/hands/hangs
[21:07:47] <sysmonk> pickcoder: doesn't your script have something called 'debuging'?
[21:07:53] <sysmonk> like, error messages?
[21:07:53] <sysmonk> ;)
[21:08:16] <derrick> sysmonk: i put some txt files at  http://blinky-lights.org/postfix/    i think it's from the smtpd_recipient_restrictions but the permit_mynetworks should override it?
[21:08:16] <pickcoder> it's a lot more complicated than that
[21:08:18] <sysmonk> or atleast: id > /tmp/i_wanna_know_what_user_runs_this_script
[21:08:41] <pickcoder> I'll figure it out at some point
[21:09:03] <pickcoder> I have to restart postfix everytime I run a test
[21:09:08] <pickcoder> to release zombies
[21:09:54] *** jonez has quit IRC
[21:10:22] <sysmonk> derrick: simple. hash doesn't support cidr's
[21:10:32] <sysmonk> derrick: use cidr:/etc/postfix/networks
[21:10:49] <shasta> or just /etc/postfix/networks
[21:10:53] <shasta> should be fine too
[21:10:57] <sysmonk> ye
[21:11:01] <shasta> (it's then replaced by the contents of that file)
[21:11:02] <derrick> doh!  i had them in the main.cf originally...i will try it again
[21:11:33] <shasta> (well, with /etc/postfix/networks you should remove the OKs from that file, just list of networks)
[21:11:41] <derrick> understood
[21:12:25] *** unsolo_ has joined #postfix
[21:12:29] <unsolo_> hi guys
[21:12:47] <unsolo_> im having a small issue with mails getting bounced by my server
[21:12:54] <unsolo_> anyone that could take a look and help me
[21:13:06] <sysmonk> depends for how much $$$
[21:13:10] * sysmonk joking
[21:13:20] <unsolo_> hehe
[21:13:26] <sysmonk> unsolo_: just post the problem, we can't know if we're able to help without knowing the issue
[21:13:32] <unsolo_> well its from what i can tell only happening on one of the servers
[21:13:44] <unsolo_> its two servers that are virtual
[21:13:48] <unsolo_> http://rafb.net/p/Jjbm5j98.html
[21:14:20] <derrick> wow, that did it.    one thing to note, i tried specifying this one host's ip  like  mynetwork = 172.27.100.25\n mynetwork=hash:/etc/postfix/networks   hoping it'd append both.  i guess when it got to the hash it just blew chunks
[21:14:35] <derrick> thanks for the fresh set of eyes
[21:14:57] <shasta> derrick, you can't have option=value multiple times in main.cf
[21:15:13] <shasta> well, actually you can, but the last one will be the only one taken into account
[21:15:14] <derrick> ahh, i saw a config that did list that so i assumed it was valid
[21:15:17] <sysmonk> unsolo_: is 2i.net one of your servers?
[21:15:21] <shasta> (if my memory serves me well)
[21:15:44] <shasta> ok, I was right
[21:15:59] <shasta> derrick, man 5 postconf -- When the same parameter is defined multiple times, only the last instance is remembered.
[21:16:01] <unsolo_> sysmonk: not that i know of.
[21:16:15] <unsolo_> :)
[21:16:25] <unsolo_> so where is the message bounced
[21:16:28] <unsolo_> ?
[21:16:55] <sysmonk> unsolo_: oh, the question is 'where' is it bounced?
[21:16:59] <sysmonk> or 'why is it bounced'?
[21:17:04] <shasta> at 2i.net[212.68.196.178]
[21:17:36] <sysmonk> shasta: you know the question already?
[21:17:42] <unsolo_> so aparently there is another server not recieving it
[21:17:46] <shasta> [21:16:29] < unsolo_> so where is the message bounced
[21:17:52] <shasta> sysmonk, i just read :P
[21:18:14] <sysmonk> shasta: yeah, i thought that's kinda ... answered in the log :)
[21:18:24] <unsolo_> hmm
[21:18:32] <shasta> sysmonk, it is, but hey, now we're looking smart! ;)
[21:18:38] <sysmonk> shasta: :P
[21:18:40] <unsolo_> long time since i have read this log but it seems the problem is not on "my" servers
[21:18:42] <sysmonk> shasta: nah, you only :P
[21:18:53] <sysmonk> unsolo_: yes
[21:20:35] <unsolo_> it appers that the recieving server does not allow the "sender" to drop the mail to it right
[21:21:43] <unsolo_> well more the "user" trying to send to it like that.
[21:23:02] <unsolo_> Any ideas as to why
[21:23:11] <unsolo_> could the problem be on my servers
[21:23:23] <unsolo_> virtual server issue of some sorts perhaps
[21:24:02] *** PcPixel has joined #postfix
[21:24:08] <PcPixel> sysmonk: now nothing works. woohoo!
[21:24:24] <unsolo_> nah from what i can read i should blame 2i.net i think.,.
[21:25:33] <sysmonk> PcPixel: woohoo, did you find a new job already?
[21:25:42] <PcPixel> sysmonk: i wish
[21:25:49] <PcPixel> but it doesnt matter now, im in the Virtual plkayground now
[21:26:00] <sysmonk> doh, that sucks :(
[21:26:05] * sysmonk was already happy
[21:26:09] <unsolo_> sysmonk: thanks for the input
[21:26:23] <sysmonk> i almost clicked the damn 'send resumee' button
[21:26:26] <sysmonk> unsolo_: np
[21:26:30] <unsolo_> guess the user should call 2i.net and ask why they wont recieve mails from him :)
[21:26:32] <sysmonk> unsolo_: 99.99$
[21:26:40] <unsolo_> sure thing
[21:27:04] <unsolo_> now - taxes etc etc for hireing you thats 25$
[21:27:10] <sysmonk> don't forget to donate to freenode, #postfix, postfix, and Signum  ( for knoba )
[21:27:34] <sysmonk> unsolo_: uh, next time i'll just say something stupid like 'just rm -fr /etc/postfix' :P
[21:27:41] <shasta> sysmonk, see? i was supposed to be the smart-looking one, but you got all the credit... and cash. :-P
[21:27:57] <sysmonk> shasta: $_$ did i hear ca$h?
[21:28:17] <shasta> sysmonk, do you have some irc-to-speech there? :-P
[21:28:26] <PcPixel> man this blows. it was all working befoer lol
[21:28:33] <PcPixel> i added something that broke it all.wah!
[21:28:35] <PcPixel> ah well
[21:28:36] <PcPixel> :)
[21:28:50] <sysmonk> shasta: nah, hate those things :)
[21:29:11] <sysmonk> PcPixel: you DID make the backups, right? ;)
[21:29:18] <PcPixel> sysmonk: its on my fake box
[21:29:21] <sysmonk> if you don't know what you're doing - do backups
[21:29:24] <sysmonk> if you do know - do them too
[21:29:25] <sysmonk> ;)
[21:29:26] <PcPixel> sysmonk: and i beleicve i did
[21:29:29] <sysmonk> so what?
[21:29:38] <PcPixel> im affecting nobody but me
[21:30:13] <sysmonk> PcPixel: yeah. and the time you spent doing specificaly this configuration :)
[21:30:18] <sysmonk> although you're just learning, so sure
[21:30:21] <shasta> PcPixel, you're missing all the fun then :P
[21:30:24] <PcPixel> correct. thats how im looking at it
[21:30:29] <sysmonk> re-doing it for the 54-th time is nice too
[21:30:29] <PcPixel> and no, the backup didnt run
[21:30:38] <PcPixel> i have a main.cf backed up but that one is broken as well
[21:30:47] <PcPixel> oh wait no
[21:30:49] <PcPixel> theres the default one
[21:30:51] <PcPixel> perfect
[21:30:56] <sysmonk> 'default' one
[21:31:10] <sysmonk> great. that's "real backups" :)
[21:31:17] <unsolo_> sysmonk: i leave that part to the guys paying me in hardware to donate to you but i will make sure to pass it on ..
[21:31:39] *** hparker has joined #postfix
[21:31:42] <sysmonk> unsolo_: nah, donate me a job :)
[21:31:56] <sysmonk> and if you want to donate money, donate to 'postfix' or freenode
[21:32:06] <unsolo_> ok
[21:32:13] <sysmonk> although #postfix beer-fond would be great too :PP
[21:32:42] *** Filbert has quit IRC
[21:32:50] <unsolo_> hehe
[21:35:20] *** xdie has joined #postfix
[21:36:19] <PcPixel> sysmonk: yes its weird. for some reason it wasnt processing any restrictions at all. no matter what i put in
[21:40:09] <pickcoder> if you donate to freenode you can get a supporter cloak
[21:41:31] <sysmonk> yeah, right
[21:41:44] * sysmonk supports freenode with a server and has the default cloak
[21:41:44] <sysmonk> ;P
[21:41:58] <sysmonk> but pickcoder is right, if you donate and ask for a supporter cloak you'll get one
[21:43:45] *** cpm has quit IRC
[21:44:50] * pickcoder would support with paypal but it's frozen
[21:45:20] <sysmonk> sadly enough i don't have much money to be able to support freenode, so i support it with a server
[21:45:33] <sysmonk> or any other way
[21:45:42] <ek> You help quite a bit.
[21:45:46] <ek> That has to count for something. :)
[21:46:07] *** toytoy has quit IRC
[21:46:32] <pickcoder> I'd offer a server but I don't have enough bandwidth
[21:47:13] <sysmonk> it's just a local leaf so it doesn't eat much bandwidth
[21:47:20] <ek> pickcoder: Well, sysmonk just happens to have a NOC in his closet...
[21:47:25] <sysmonk> + i use my companies DC
[21:47:29] <ek> Haha.
[21:47:32] <pickcoder> nice
[21:47:41] <pickcoder> can I host a remote backup there?
[21:47:42] <pickcoder> :)
[21:47:53] <sysmonk> pickcoder: :P
[21:47:59] *** rcsu has quit IRC
[21:48:25] <sysmonk> pickcoder: sadly enough the freenodes server i run has about half tb of disk space, and it's not used at all :)
[21:48:55] <PcPixel> ok good, they work again lol
[21:49:07] <sysmonk> PcPixel: congrats ;)
[21:50:58] <PcPixel> sysmonk: whats your take on network level spam control versus say spamassasin
[21:51:23] <PcPixel> i got into a big argument with my friend over it. im using his server to test out external checks and he doesnt have a PTR record available. so reject_unknown_client cooks him
[21:51:25] <sysmonk> PcPixel: network level ? like what?
[21:51:40] <PcPixel> his attitude is you should do mail level (like spamassasin) filtering only
[21:51:51] <pickcoder> that's B/S
[21:51:51] * sysmonk is for network level too
[21:51:54] <derrick> that's a bad attitude
[21:52:02] <PcPixel> whereas i push more down to the mail server itself
[21:52:08] <derrick> you need netlevel (rbls) workign dns/ptr, and filtering...
[21:52:08] <PcPixel> like reject_unknown_client
[21:52:29] <sysmonk> PcPixel: a mail server without ptr just shows that it doesn't have an administrator
[21:52:40] <pickcoder> or it's a bot
[21:52:50] <sysmonk> pickcoder: same thing :)
[21:52:55] <pickcoder> not always
[21:52:56] <pickcoder> heh
[21:52:57] <sysmonk> it's not administered, that's all
[21:53:04] <pickcoder> set-it-and-forget-it mentality
[21:53:07] <sysmonk> pickcoder: to me it's the same - it's not controlled
[21:53:16] <sysmonk> if it's not controlled - i don't want to talk to it
[21:53:41] <PcPixel> lol
[21:53:42] <PcPixel> i agree w you
[21:54:48] <sysmonk> although, if you're talking about 'outgoing' mails ( i.e. you relay your clients mail outside ) then rbls/ptr's are not the solution at all
[21:54:51] <pickcoder> If self-hosters knew what they were doing a few years ago, then ISPs wouldn't be blocking port 25
[21:54:55] <sysmonk> they're even discouraged
[21:55:16] <PcPixel> yeah i know
[21:55:31] <PcPixel> his issue is spomething about his ip falls in some weird subnet and his ISP wont do a reverse for him
[21:55:34] <sysmonk> that's another thing why it's good to have seperate in/outs
[21:55:53] <pickcoder> PcPixel: too bad..IMO
[21:55:55] <pickcoder> get a real ISP
[21:55:56] <sysmonk> PcPixel: change the isp.
[21:56:02] <pickcoder> or pay for a real connection
[21:56:12] <sysmonk> pickcoder: == change the isp
[21:56:12] <sysmonk> ;)
[21:56:27] <pickcoder> you may not have to change
[21:56:31] <pickcoder> just upgrade the service
[21:56:55] <sysmonk> dunno, if isp can't make a ptr... that's sad
[21:57:07] <sysmonk> they could _at least_ make a 'generic' ptr
[21:57:28] <sysmonk> but if they can't make any ptr - then that's really sad, and i don't think upgrading would help much ;/
[21:57:40] <pickcoder> could it be they're renting it
[21:57:50] <PcPixel> thats ewhat i said
[21:57:54] <sysmonk> what does it cost to make a ptr entry? a NS record in RIPE, and a zone in your dns servers.
[21:58:13] <sysmonk> pickcoder: um, what?
[21:58:38] <sysmonk> i mean, renting what?
[21:58:40] <pickcoder> the additional connections
[21:58:44] <sysmonk> ip class?
[21:58:46] <pickcoder> yeah
[21:59:31] <sysmonk> pickcoder: and, even if they do, that's a bad rent if they can't control ns records / ptr's
[22:00:03] <sysmonk> a good provider would atleast make sure to be able to do that, OR (even better) would ask ripe/whatever for additional IP class
[22:00:10] <pickcoder> well if they're sharing it with a bunch of other ISPs then maybe the landlord doesn't want a bunch of different PTRs on it
[22:00:15] <sysmonk> which isn't a scary thing to do
[22:00:34] <PcPixel> ersysmonk: oh yeah, and that me asking peopel to configure their servers properly is bad because "some might not be able to"
[22:00:36] <sysmonk> pickcoder: we're back to "change the isp" :)
[22:00:40] <pickcoder> heh
[22:00:41] <PcPixel> um; its their systems. how cant they
[22:00:50] <sysmonk> if you use such an ISP which doesn't have it's own IP class, then change the isp :)
[22:01:13] <sysmonk> erPcPixer: ye
[22:01:28] <PcPixel> ah well
[22:01:29] <PcPixel> :)
[22:05:43] *** JoeWulf has joined #postfix
[22:06:34] *** programm3rq has joined #postfix
[22:06:53] <PcPixel> sysmonk:ok, even with everything in one class the order is getting tightened & cleaned up
[22:08:04] *** dty0 has joined #postfix
[22:08:38] <programm3rq> So our mail server is set up to honor spf policy-- it rejects messages coming from an illegal host. Someone has a forward set up. They have an ieee.org account that forwards to their account on our mailserver. We get a HELO from ieee's mailserver, which isn't allowed by example.com's spf policy, so it gets rejected.
[22:09:03] <programm3rq> Is this behavior normal for spf policy enforcers?
[22:10:18] * seekwill hugs spf
[22:11:18] *** zchef2k has joined #postfix
[22:11:30] <programm3rq> I like it too
[22:11:30] <zchef2k> hey all
[22:11:43] <programm3rq> but I have a (L)user whining to me about his forward not working.
[22:12:41] <sysmonk> programm3rq: yes, it's "normal" behavior
[22:12:47] <sysmonk> it's one of the minuses of spf ;/
[22:13:17] <seekwill> programm3rq: Just tell him he can't do that
[22:13:30] <programm3rq> k
[22:14:24] <seekwill> Does Postfix support sieve rule/actions?
[22:14:41] <seekwill> So like in this case, make an exception?
[22:15:09] <kreg_work> what are the assumed mailbox addresses?   support, abuse, info.... ?
[22:15:11] *** Joe_Wulf has quit IRC
[22:15:15] <sysmonk> seekwill: postfix and sieve are different things
[22:15:24] <sysmonk> seekwill: you can "support" sieve with cyrus i.e.
[22:15:31] <seekwill> sysmonk: Does postfix have any kind of language to make custom rules?
[22:15:32] <sysmonk> that is, cyrus supports sieve, and you use cyrus as a lda
[22:15:32] <PcPixel> why would you use both reject_unauth_destination and reject_unknown_recipient_domain
[22:15:46] <sysmonk> seekwill: postfix is an MTA, not a filtering system
[22:15:48] <PcPixel> i seems like unauth_dest would cover unknown_Recipient
[22:16:09] <seekwill> sysmonk: Well, in cases like this, you only want to apply spf to certain conditions
[22:16:39] <sysmonk> PcPixel: different things
[22:16:49] <PcPixel> well right i know that
[22:16:59] <PcPixel> but unknown_Recipient_domain is for a domain w no MX A record
[22:17:22] <PcPixel> but if you are already using reject_unauth_destinaion, if you arent the final destination even if its invalid what would it matter
[22:17:36] <PcPixel> it just seems redundant
[22:17:40] <sysmonk> PcPixel: no.
[22:17:47] <sysmonk> !reject_unauth_destination
[22:17:47] <knoba> sysmonk: Error: "reject_unauth_destination" is not a valid command.
[22:18:00] <sysmonk> damn it :) read on the postconf manual :)
[22:18:06] <PcPixel> i have the book
[22:18:09] <PcPixel> oreilly
[22:18:22] <seekwill> If it's in print, it's never wrong
[22:18:25] <sysmonk> seekwill: yes, but postfix is an mta. it's not a filtering system. if you want more advanced filtering - use amavisd and friends
[22:18:29] <sysmonk> amavisd is able to check spf
[22:18:39] <seekwill> ah ok
[22:18:41] <sysmonk> amavisd is able to do that in 'some' situations or whatever
[22:18:48] *** munga_ has quit IRC
[22:19:11] <PcPixel> reject_unknown_recipient_domain - reject a request if domain in RCPT TO doesnt have an MX or A
[22:19:38] <PcPixel> reject_unauth_dest - reject request if postfix system isnt the final resolved dest for an address or relay
[22:20:00] <PcPixel> iit just seems like it covers that
[22:20:29] <vice-versa> you seem fixated on inbound mail
[22:21:03] <PcPixel> oh yeah
[22:21:03] <PcPixel> duh
[22:21:07] <PcPixel> thank you vice
[22:21:10] <vice-versa> np
[22:21:18] <PcPixel> ok yes then that makes sense to me
[22:23:36] <PcPixel> yup, that makes perfect sense now
[22:23:39] <PcPixel> same with sender
[22:23:53] * PcPixel 's brain is getting tired lol
[22:25:02] <PcPixel> sysmonk: im breaking the restrictions down into groups like the other restrictions so i can see what each does but im separating thim by comments
[22:25:20] <zack23> does maildrop not create the Maildir folders, ie. one for .spam, automatically?
[22:26:12] *** neoeinstein has joined #postfix
[22:26:22] *** dty has quit IRC
[22:29:23] *** neoeinstein_ has joined #postfix
[22:29:23] *** neoeinstein has quit IRC
[22:31:19] *** neoeinstein_ has quit IRC
[22:31:31] *** neoeinstein has joined #postfix
[22:32:39] *** neoeinstein has quit IRC
[22:32:49] *** neoeinstein has joined #postfix
[22:33:24] *** neoeinstein has quit IRC
[22:42:22] <PcPixel> ok, on my test system I have reject_unknown_recipient_domain before reject_unauth_destination . If I send to: <me at invalid dot domain> i get a Relay access denied error
[22:42:28] <PcPixel> shouldnt i get the unknown domain error?
[22:43:22] <programm3rq> so I have example.com. I give my servers and hosts actual hostnames. My mail/web/other server that hosts everything is abc.example.com. example.com is a CNAME to abc.example.com. When I send mail From: user at example dot com, it always shows up as From: user at abc dot example.com in the headers when it gets to its destination.
[22:43:32] <programm3rq> Should I change example.com to a duplicate A record?
[22:43:46] <programm3rq> so example.com and abc.example.com both point to the same ip?
[22:45:31] <PcPixel> do you have both myhostname and mydomain set?
[22:45:33] *** stegbth has joined #postfix
[22:45:47] <stegbth> good evening
[22:46:15] *** Hurup has joined #postfix
[22:46:22] <Hurup> Hey all
[22:46:35] <stegbth> hi hurup
[22:47:34] <Hurup> I'm having some problem regarding postfix/courier ...
[22:48:25] <programm3rq> PcPixel: this happens no matter what mailserver I use, but I believe I do have both of those set in my postfix config.
[22:48:42] <PcPixel> prog: set only one
[22:48:51] <PcPixel> dont set it twice it can cause problems
[22:48:58] <programm3rq> let me double check
[22:48:59] <PcPixel> prog: what is myorigin set to
[22:49:16] <programm3rq> My question is more about DNS than postfix...
[22:49:27] <Hurup> I'm getting Unable to establish a secure connection to mail.example.dk because the root certificate is not installed
[22:49:34] <programm3rq> this happens even if I use the mail server at school that they force me to use.
[22:49:38] <PcPixel> the problem you are seeing looks more postfix than dns
[22:49:47] <programm3rq> but I'm not using postfix in every case.
[22:49:55] <programm3rq> so changing my config won't matter
[22:50:05] <PcPixel> then i have no idea.
[22:50:31] <programm3rq> I've checked a few other domains, and the base domain so far is an A record.
[22:50:40] <programm3rq> I haven't found any other domains where it is a CNAME
[22:50:44] *** PcPixel has quit IRC
[22:50:45] <programm3rq> the reverse almost never matches
[22:51:09] *** pirho has joined #postfix
[22:52:32] *** Draecos__ has joined #postfix
[22:52:41] <Hurup> Never mind i think i got a guide: http://unix.stadia.fi/~pkoistin/postfix/postfix-tls-cacert.shtml
[22:53:22] <sysmonk> programm3rq: myorigin is responsible for @domain
[22:53:24] <rob0> example.com CANNOT BE a CNAME pointing to a name underneath it. Because then there would be NS and SOA records, which cannot coexist with a CNAME.
[22:53:36] <sysmonk> and having example.com cname to abc.example.com ...
[22:53:38] <sysmonk> how can that work?
[22:53:46] <rob0> it doesn't.
[22:53:49] <sysmonk> rob0: yeah, that's what i'm talking about
[22:54:19] <rob0> I think old BIND 4 and maybe 8 allowed it, but it's broken.
[22:54:29] <rob0> BIND 9 does not allow it.
[22:54:32] <sysmonk> ye
[22:54:57] *** cilly has quit IRC
[22:59:41] *** Draecos_ has quit IRC
[23:01:20] *** cilly has joined #postfix
[23:04:41] *** xdie has quit IRC
[23:05:15] *** Motoko-chan has quit IRC
[23:07:24] *** Hurup has quit IRC
[23:09:35] *** alienbrain has joined #postfix
[23:20:02] *** Niemi_ has quit IRC
[23:22:51] *** darkphader has quit IRC
[23:23:09] *** darkphader has joined #postfix
[23:23:54] *** darkphader has quit IRC
[23:24:26] *** jeev_ has joined #postfix
[23:24:29] *** jeev has quit IRC
[23:24:36] *** jeev_ is now known as jeev
[23:27:48] *** toytoy has joined #postfix
[23:29:22] *** toytoy has quit IRC
[23:29:36] *** skyweb has joined #postfix
[23:39:22] *** darkphader has joined #postfix
[23:50:59] *** j_s has quit IRC
[23:52:49] <zack23> does anyone know if maildrop automatically created Maildir directories? ie. spam ?
[23:54:13] *** zack23_ has joined #postfix
[23:54:37] *** zack23 has quit IRC
[23:55:04] *** zack23 has joined #postfix
[23:59:49] <skyweb> zack23: i suppose that maildrop create it





top