[00:00:02] <Knoedel2> how many mails do you transfer sysmonk ?
[00:00:18] <sysmonk> and if some client remember that he didn't get an email 4 months ago .... i hate decompressing them :)
[00:00:30] *** F6F has quit IRC
[00:00:33] <seekwill> sysmonk: That's what I had to do!
[00:01:11] <sysmonk> Knoedel2: on that box ? um, 1-2 mills / day
[00:01:29] <Knoedel2> wow
[00:01:33] <sysmonk> but with all those FILTER's and shit it takes more space
[00:01:45] <sysmonk> (those logs don't include amavisd output)
[00:01:52] <Knoedel2> spreaded on how much servers ?
[00:01:54] <sysmonk> my amavisd stuff are on seperate boxes
[00:01:59] <sysmonk> Knoedel2: that's one
[00:02:45] <sysmonk> one hardware, but it has another jail instance runing with similiar mail bandwidth
[00:03:12] <sysmonk> and had my outgoing smtp jail runing before, but that one got a bit busy so i've migrated it to another box
[00:03:34] <Knoedel2> can i ask you on what hardware you can handle so much mails ?
[00:03:37] <sysmonk> (outgoing smtp happened to include pop3/imap proxy)
[00:03:44] <Knoedel2> puhh
[00:03:55] <Knoedel2> double quad !? ;)
[00:03:56] <sysmonk> Knoedel2: old ones :)
[00:04:07] * sysmonk goes to check the hardware
[00:04:09] <seekwill> 1-2M messages per day isn't that much...
[00:04:21] <Knoedel2> seekwill u have more ?
[00:04:24] <sysmonk> not so old :P
[00:04:25] <sysmonk> CPU: Intel(R) XEON(TM) CPU 2.40GHz (2392.95-MHz 686-class CPU)
[00:04:31] <sysmonk> real memory  = 1073676288 (1048512K bytes)
[00:04:31] <seekwill> Knoedel2: Yes
[00:04:46] <seekwill> Only 1GB?
[00:04:48] <Knoedel2> how mucj ?
[00:04:50] <sysmonk> yeah
[00:05:09] <sysmonk> that's why i've moved out the outgoing instance + pop3/imap proxy
[00:05:18] <sysmonk> pop3/imap proxy ate all ram ;/
[00:05:20] <seekwill> Upgarde the RAM!
[00:05:21] <sysmonk> (perdition)
[00:05:24] <Knoedel2> unbeliveable
[00:05:31] <Knoedel2> and the amavis server ?
[00:05:38] <sysmonk> Knoedel2: amavis servers are better
[00:05:41] <sysmonk> lemme check
[00:06:27] <sysmonk> CPU: Intel(R) Xeon(R) CPU           E5310  @ 1.60GHz (1595.93-MHz K8-class CPU)
[00:06:34] <sysmonk> that's 2 cpu's with 4 cores each
[00:06:40] <sysmonk> usable memory = 2134605824 (2035 MB)
[00:06:54] <sysmonk> (yeah, punch me in the head)
[00:07:14] <Knoedel2> i thought always i need more hardware to handle this amount
[00:07:17] <sysmonk> and 15k rpm disks
[00:07:46] <sysmonk> Knoedel2: there are 2 amavisd boxes ( load balances + failovered )
[00:07:53] <sysmonk> so 16 cores total for em
[00:08:02] *** cilly has quit IRC
[00:08:07] <sysmonk> but ram is low ;/
[00:08:13] <seekwill> Goodness! You starve your boxes of RAM!?!?!
[00:08:26] <sysmonk> seekwill: kick my boss
[00:08:26] <seekwill> 16 cores sharing 2GB?!?!?!
[00:08:33] <seekwill> I'll fire him!
[00:08:41] <sysmonk> seekwill: no, 8 cores 2gb
[00:09:04] <sysmonk> it's really insane considering ram is cheap now
[00:09:07] <sysmonk> nowadays*
[00:09:42] <seekwill> Yeah
[00:09:55] <Knoedel2> a little question. my mailgateway are receiving and scanning mails then he should forward to a exchange,ldap,lotus etc (without haveing local accounts). How can i say postfix to create virtual_? with different ip's or tranports to deliver.
[00:09:56] <sysmonk> with more ram i could make a ramdisk for amavisd and friends
[00:10:08] <sysmonk> and with a ramdisk maybe even one server could handle all the bandwidth
[00:10:15] *** cilly has joined #postfix
[00:10:15] <Knoedel2> !virtual_maps_alias
[00:10:16] <knoba> Knoedel2: Error: "virtual_maps_alias" is not a valid command.
[00:10:20] <sysmonk> currently it still handles it, but it starts queueing up
[00:10:44] <sysmonk> Knoedel2: dynamically?
[00:11:03] <sysmonk> you can add transports to master.cf with different smtp_bind_address
[00:11:10] <sysmonk> and use those transports in your transport_maps
[00:11:13] <sysmonk> but not dynamically
[00:11:14] <Knoedel2> i mean user1 at domain1 dot de relay to ip or hastname
[00:11:19] <sysmonk> ahhhh
[00:11:21] <Knoedel2> user2 at domain3 dot de relay to ip or hastname
[00:11:28] <sysmonk> then user user1 at domain1 dot de smtp:[ip]
[00:11:31] *** adaptr has quit IRC
[00:11:31] <Knoedel2> without having local accounts
[00:11:37] <sysmonk> user2 at domain3 dot de smtp:[otherip]
[00:11:42] <Knoedel2> with what command in main.cf ?
[00:11:46] *** adaptr has joined #postfix
[00:11:49] <sysmonk> transport_maps
[00:11:52] <sysmonk> !transport_maps
[00:11:53] <knoba> sysmonk: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[00:12:11] <Knoedel2> i think its better to use mysql to handle this
[00:12:20] <sysmonk> sure, whatever you want
[00:12:26] <Knoedel2> thanks m8
[00:12:27] <sysmonk> my first answer wasn't about transport_maps
[00:12:44] <sysmonk> i thought you want to use different address for outgoing connections to different domains
[00:12:55] <Knoedel2> i'll tell you what i'm trying to realise:
[00:13:00] <sysmonk> nah, don't
[00:13:03] <Knoedel2> ok
[00:13:06] <Knoedel2> ^^
[00:13:10] <sysmonk> i'll be going to sleep soon :)
[00:13:15] <sysmonk> 1:13 am here
[00:13:25] <Knoedel2> here 00:13
[00:13:30] <sysmonk> some vodka + hard day + have to be at work at 8:30
[00:13:36] <sysmonk> + studies
[00:15:49] <Knoedel2> oki good night
[00:19:32] <googlah> sysmonk: russia? :p
[00:19:33] *** Ryushin has quit IRC
[00:19:46] <sysmonk> googlah: lithuania :)
[00:20:14] <googlah> just noticed... that postfix both log to /var/log/mail.log and /var/log/syslog. the same things.. can I have it to log only to mail.log?
[00:20:29] <sysmonk> googlah: not postfix issue. postfix doesn't log to files
[00:20:32] <sysmonk> it logs to syslog
[00:20:37] <sysmonk> and everything else is managed by syslog
[00:20:41] <googlah> sysmonk: cool
[00:20:44] <sysmonk> so, go configure your syslog! :)
[00:21:00] <googlah> where's syslog configuration? lol. I have debian
[00:21:33] *** felix-da-catz is now known as felix-da-catz_zz
[00:21:34] <googlah> so it is syslog, which makes it to write 2 files?
[00:21:45] <sysmonk> yes
[00:21:55] <sysmonk> i don't use lunix, and especially debian
[00:22:04] <sysmonk> i'd only wouldn't mind to use lesbian lunix
[00:22:08] <sysmonk> and it's pretty porn-get
[00:22:19] <sysmonk> googlah: on freebsd, it's configured by /etc/syslog.conf
[00:22:42] <sysmonk> and on lunix - depends on your syslog daemon. some lunixes use syslogng
[00:22:49] <sysmonk> other use good old syslogd
[00:25:25] <googlah> Yeah, found /etc/syslog.conf by now. but couldn't really see where to begin.. as there is many mails, it is probably better to just write to /var/log/mail.log
[00:26:00] <OneFix_Work> Is there a prefered way to block relaying of messages to external domains?
[00:26:19] <sysmonk> OneFix_Work: um, like from your authorized users?
[00:26:22] <sysmonk> or as in 'open relay' ?
[00:26:39] <OneFix_Work> For instance, I want to block all messages destined to "badguy at gmail dot com
[00:27:05] <OneFix_Work> From authorized user
[00:27:10] *** stonith has joined #postfix
[00:27:19] <Knoedel2> hm something else, i'm using content_filter amavis with different ports with different policy-banks
[00:27:19] *** cheetahw26 has quit IRC
[00:28:05] <Knoedel2> so if i use transport maps is amavis then still active ?
[00:28:18] <sysmonk> OneFix_Work: smtpd_recipient_restrictions + check_recipient_access
[00:28:21] <Knoedel2> cause i'm filtering over restricion_classes
[00:28:29] <sysmonk> and put that before any permit_mynetworks or permit_sasl_authenticated
[00:43:46] *** cheetahw26 has joined #postfix
[00:43:46] *** war9407 has quit IRC
[00:54:33] *** seekwill has quit IRC
[01:05:08] *** adaptr has quit IRC
[01:05:19] *** adaptr has joined #postfix
[01:08:11] *** Gnuyen has quit IRC
[01:11:08] *** Knoedel2 has quit IRC
[01:22:19] *** madrescher has quit IRC
[01:23:41] <magyar> ola
[01:24:38] *** Zblakany has quit IRC
[01:25:31] *** Haris has joined #postfix
[01:27:47] *** kaynine has joined #postfix
[01:29:36] <kaynine> Hi all; I'm reviewing my 2+yr.old server config, including SSL and Postfix; I come here with the question of the best (client friendly) place to store the self-signed CA cert.
[01:31:07] <kaynine> Options: a) in _tls_CAfile; b) in CApath; c) appended to $.._tls_cert_file
[01:33:11] <kaynine> hobby server; _tls_security_level = may
[01:42:43] *** bitfrost has joined #postfix
[01:43:08] <bitfrost> Hi, please can somebody help me
[01:43:13] <bitfrost> I got this error
[01:44:45] *** seekwill has joined #postfix
[01:47:11] <bitfrost> warning: maildir access problem for UID/GID=501/501: create maildir file
[01:47:57] *** pirho has quit IRC
[01:54:35] <vice-versa> bitfrost: looks like you need to update the virtual_gid_maps and virtual_uid_maps to match the fs owner:group of your mail spool or vice-versa
[01:55:12] <bitfrost> Ok Thanks how do I do that?
[01:55:40] 
[01:55:45] <bitfrost> work sorry
[01:56:44] <vice-versa> hard to say, your configuration is somewhat of a mystery at this point
[01:57:55] <vice-versa> a pastebin of postconf -n and some relevant log excerpts would shed some more light on the situation
[01:58:03] <vice-versa> !pastebin
[01:58:04] <knoba> vice-versa: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.
[02:00:46] *** pulse00 has joined #postfix
[02:03:38] *** cilly has quit IRC
[02:05:48] *** bitfrost has quit IRC
[02:18:28] *** stonith has quit IRC
[02:22:12] *** pitakill has joined #postfix
[02:23:32] *** pulse00 has quit IRC
[02:26:51] *** mhearne has joined #postfix
[02:28:06] *** mhearne has left #postfix
[02:29:57] *** ek has quit IRC
[02:30:37] *** cheetahw26_ has joined #postfix
[02:30:46] *** bitfrost has joined #postfix
[02:36:22] *** ek has joined #Postfix
[02:42:01] *** githogori has quit IRC
[02:43:08] *** bitfrost_ has joined #postfix
[02:43:15] *** bitfrost has quit IRC
[02:43:45] *** bitfrost_ has quit IRC
[02:48:23] *** cheetahw26 has quit IRC
[02:54:08] *** Fallenou has quit IRC
[03:04:09] *** ming_zym has joined #postfix
[03:19:43] *** nphase_ has joined #postfix
[03:30:22] *** nphase_ has quit IRC
[03:41:50] *** adaptr has quit IRC
[03:42:02] *** adaptr has joined #postfix
[03:55:32] *** mavrick61 has quit IRC
[03:56:38] *** mavrick61 has joined #postfix
[03:57:05] *** Motoko-chan has joined #postfix
[04:00:15] *** cilly has joined #postfix
[04:05:07] *** bitfrost has joined #postfix
[04:06:21] <bitfrost> Hi
[04:06:32] <bitfrost> vice-versa
[04:06:43] <bitfrost> I get rid of the problem
[04:07:14] 
[04:07:22] <bitfrost> I need to do manually
[04:08:12] <vice-versa> you can have postfix create the maildir structure
[04:09:24] <bitfrost> o really how I will do that?
[04:10:44] <vice-versa> whenever we create a new account we send a "Welcome to the mail system" message to said account which creates the maildir structure
[04:11:39] <bitfrost> yes I made the parameter
[04:11:41] <bitfrost> here
[04:11:42] <bitfrost> http://paste.debian.net/16279/
[04:11:46] <bitfrost> is my config
[04:12:21] <bitfrost> but when I try to add users form webmin I get the Permission Denied on /home/user/Maildir directory
[04:12:33] <bitfrost> even that dirctory does not create
[04:13:19] *** magyar has quit IRC
[04:16:19] <bitfrost> am I missing something? I already RTFM
[04:16:42] <vice-versa> try this, create a new user, then echo 'Welcome to the mail system' | sendmail -f postmaster at yourdomain dot com.ec NewUserName
[04:17:18] <vice-versa> see if your maildir structure is created and the new message is delivered
[04:17:38] *** cheetahw26__ has joined #postfix
[04:17:47] <vice-versa> change yourdomain.com.ec NewUserName accordingly
[04:17:49] *** cheetahw26__ is now known as cheetahw26
[04:17:58] *** stegbth has quit IRC
[04:19:48] *** stegbth has joined #postfix
[04:32:14] *** kaynine has left #postfix
[04:34:11] <bitfrost> ok I will try it
[04:35:01] *** cheetahw26_ has quit IRC
[04:35:05] *** adaptr has quit IRC
[04:35:18] *** adaptr has joined #postfix
[04:36:34] *** adaptr has quit IRC
[04:38:40] <bitfrost> arrghhh i got this error
[04:39:32] <bitfrost> ep  2 21:25:43 mail postfix/local[18905]: 93A1F720136: to=<sistemas at mydomain dot com.ec>, orig_to=<sistemas>, relay=local, delay=0.03, delays=0.02/0/0/0.01, dsn=5.2.0, status=bounced (maildir delivery failed: create maildir file /home/sistemas/Maildir/tmp/1220408743.P18905.mydomain.com.ec: Permission denied)
[04:40:18] *** adaptr has joined #postfix
[04:42:37] *** googlah has quit IRC
[04:43:35] *** PhilKC_ has joined #Postfix
[04:46:00] <vice-versa> bitfrost: let's see grep ^local /etc/postfix/master.cf
[04:48:19] <bitfrost> vice-versa, here it is http://paste.debian.net/16280/
[04:48:29] <bitfrost> it is the defualt system config
[04:48:36] <bitfrost> sorry default
[04:49:34] <vice-versa> well local isn't chrooted
[04:51:30] <bitfrost> yes that problem I managed to look in google too, but that is not my case is a much complicated one
[04:51:52] <bitfrost> thanks for your help I is greatly a appreciated
[04:52:15] <vice-versa> so there is currently no maildir structure in /home/sistemas/Maildir/  correct?
[04:52:52] *** PhilKC has quit IRC
[04:58:08] *** Gnuyen has joined #postfix
[04:59:25] *** cilly has quit IRC
[05:16:51] *** goldfisc1li has joined #postfix
[05:20:24] *** bitfrost has quit IRC
[05:21:00] *** majikman has quit IRC
[05:21:48] *** majikman has joined #postfix
[05:22:23] *** googlah has joined #Postfix
[05:22:31] *** dahse has joined #postfix
[05:27:03] *** dahse has left #postfix
[05:27:08] <googlah> Let's say I have 2 different forums on two domains. forum1.com and forum2.com. I've set "forum1.com" in /etc/mailname. And that makes the activation mail from forum2, as forum1. What do I need to change, so it comes from the appropiate domain? hope somebody can help
[05:30:00] *** Broken|work_ has joined #postfix
[05:32:23] *** goldfischli has quit IRC
[05:36:15] *** cheetahw26 has quit IRC
[05:41:20] *** ming_zym has quit IRC
[05:47:02] *** ming_zym has joined #postfix
[05:47:26] *** Broken|work has quit IRC
[06:04:09] *** rgk has quit IRC
[06:17:50] *** PhilKC_ has quit IRC
[06:28:08] *** pitakill has quit IRC
[06:38:14] *** ek has quit IRC
[06:42:14] *** ek has joined #Postfix
[06:42:57] <jonez> greetings
[06:43:39] <jonez> googlah: that would depend on the forum software.
[06:47:32] *** amrit|wrk is now known as amrit
[06:49:10] *** chmac has joined #postfix
[06:49:33] <chmac> I'm using postfix as a secondary mx. I'd also like to use it as a primary mx for a few domains where the mail is forwarded to another email address.
[06:49:44] <chmac> Do I need to set up virtual hosting for that, or is there another method?
[06:50:11] <chmac> If I add a virtual_alias_maps parameter to /etc/main.cf will I also need to add a virtual_mailbox_base parameter?
[06:52:17] <seekwill> Ask amrit. He knows.
[06:56:37] <f3ew> chmac, if you aren't rewriting the addresses use relay_domains and relay_recipient_maps
[06:56:55] <f3ew> see http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup
[06:58:49] <chmac> f3ew: Interesting, thanks. Can I use " at domain dot com forward at domain2 dot com" in the relay_recipient_maps file?
[07:02:05] <f3ew> @example.com OK
[07:02:23] <chmac> f3ew: How do I get postfix to forward to blah at gmail dot com ?
[07:02:33] <f3ew> !transport_maps
[07:02:34] <knoba> f3ew: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[07:04:18] <chmac> f3ew: I'm thinking I need virtual_alias_domains and then virtual_alias_maps ?
[07:04:34] <chmac> I host a few domains which are all forwarded to a single email, the rest is only straightforward backup mx stuff
[07:13:56] * amrit kicks seekwill
[07:15:00] <chmac> Ok, I seem to have it working now
[07:15:36] <chmac> I have the domain listed in relay_domains, then virtual_alias_domains as "domain virtual" and finally virtual_alias_maps as "@domain destination at gmail dot com"
[07:15:42] <chmac> It seems to be routing correctly :)
[07:15:59] <chmac> Log shows the message was relayed, although it hasn't arrived yet...
[07:16:10] * thumbs kicks seekwill
[07:16:35] *** boink__ has joined #postfix
[07:17:06] <chmac> Ok, mail has arrived, all is well :)
[07:17:13] <f3ew> don'r list in relay_domains then
[07:17:39] *** Tempoe has joined #postfix
[07:23:16] <seekwill> No love :(
[07:28:18] <Tempoe> Hello there, anybody know how I can fix this error? http://www.servut.us/pastebin/plain/c1ep
[07:28:31] <Tempoe> So this mean I can receive mail but cant send
[07:28:47] *** raz has quit IRC
[07:28:47] *** boink__ is now known as raz
[07:58:09] *** Zblakany has joined #postfix
[08:11:31] *** phnord has joined #postfix
[08:15:44] *** ramy has quit IRC
[08:28:51] *** Filbert has quit IRC
[08:40:48] *** Filbert has joined #postfix
[08:42:45] *** Knoedel2 has joined #postfix
[08:43:58] <Knoedel2> hi all
[08:44:58] *** sophokles has joined #postfix
[08:54:21] *** chadmaynard has joined #postfix
[09:00:23] *** rootsvr has joined #postfix
[09:02:27] *** amrit is now known as amrit|zzz
[09:14:25] *** drindt has joined #postfix
[09:18:47] *** boink__ has joined #postfix
[09:30:23] *** chmac has quit IRC
[09:31:03] *** raz has quit IRC
[09:31:04] *** boink__ is now known as raz
[09:35:59] *** brancaleone has joined #postfix
[09:40:25] *** rootsvr has quit IRC
[09:40:34] *** Zblakany has quit IRC
[09:47:29] *** seekwill has quit IRC
[09:48:08] *** brancaleone has quit IRC
[09:58:31] *** war9407 has joined #postfix
[09:58:42] *** madduck has joined #postfix
[09:58:56] <madduck> so how do I add an IPv6 address to permit_mx_backup_networks?
[09:59:07] <madduck> postfix/smtpd[32082]: fatal: dict_open: unsupported dictionary type: [2001:  Is the postfix-[2001 package installed?
[09:59:12] <madduck> same without the [
[10:00:27] <madduck> i think this is a bug
[10:01:02] <madduck> more specifically, it is a bug that b.mx.madduck.net now refuses to relay for domains hosted by a.mx.madduck.net, because it seems to be checking only the IPv6 address against permit_mx_backup_networks
[10:01:12] <madduck> which I hadn't put in there yet
[10:02:46] <Roobarb> have you enabled ipv6?
[10:02:54] <madduck> of course. :)
[10:02:57] *** pie` has joined #postfix
[10:02:57] *** razym has quit IRC
[10:03:13] <madduck> and it works. :)
[10:03:18] <Roobarb> I mean in postfix: "inet_protocols = ipv4, ipv6"
[10:03:25] <madduck> i have all, but yes
[10:03:28] <Roobarb> ok
[10:03:43] <madduck> and i have verified that it works
[10:03:58] <madduck> it's just the permit_mx_backup_networks that doesn't do ipv6 addresses it seems
[10:04:25] <Roobarb> I can't see anything listed in the ipv6 postfix docs about that setting
[10:04:43] <madduck> nope, which means it should be supported, right?
[10:04:47] <f3ew> http://www.postfix.org/IPV6_README.html#limitations
[10:04:56] <f3ew> Hmmm
[10:05:07] <f3ew> It should work anywhere an IP address is allowed
[10:05:26] <Roobarb> madduck: what's your permit_mx_backup_networks set to?
[10:05:48] <madduck> permit_mx_backup_networks = 1.2.3.4, 5.6.7.8, [2001:6f8:128a::1]/128, 2.3.4.5, 6.7.8.9
[10:06:24] <f3ew> you probably want to poke Wietse about this
[10:06:29] <Roobarb> shouldn't that be [2001:06f8:128a::1]/128 ?
[10:06:33] * madduck is writing a mail to the list.
[10:06:42] <madduck> Roobarb: isn't it?
[10:06:53] <madduck> oh, the 0?
[10:06:55] <madduck> no way!
[10:07:28] <sysmonk> i don't remember that being a requirement
[10:07:29] <f3ew> Postfix IPv6 address syntax is a little tricky, because there are a few places where you must enclose an IPv6 address inside "[]" characters, and a few places where you must not.
[10:07:32] <f3ew> Hmmmm
[10:07:34] <sysmonk> should work well without the 0
[10:08:10] <Roobarb> I've never used ipv6, so I'm just speculating
[10:08:16] <f3ew> Can you try without the []?
[10:08:26] *** _ruben has quit IRC
[10:08:30] <Roobarb> using [] is a documented requirement
[10:08:41] <madduck> f3ew: 03 09:01 < madduck> same without the [
[10:08:43] *** _ruben has joined #postfix
[10:08:44] <f3ew> I just quoted the README
[10:08:53] <f3ew> ah, right
[10:08:57] <f3ew> list then
[10:09:08] <Roobarb> try using   [IPV6:xxx:xxx:xxx::1]
[10:09:10] <f3ew> That's something Wietse needs to work on
[10:10:45] <madduck> postfix/smtpd[4250]: fatal: dict_open: unsupported dictionary type: [IPv6:  Is the postfix-[IPv6 package installed?
[10:10:52] <Roobarb> ah
[10:11:00] <Roobarb> well thats a different error?
[10:11:09] <madduck> no, same problem.
[10:11:26] <Roobarb> are you able to use other ipv6 features within postfix?
[10:11:32] <madduck> yes
[10:11:39] <f3ew> It's a bug
[10:11:41] <Roobarb> then I think you're right on it being a bug
[10:12:08] <Roobarb> although if I were you I'd test with the current latest version of postfix first
[10:12:53] <madduck> i can't
[10:13:19] <Roobarb> not even in vmware?
[10:14:34] <sysmonk> what version are you runing now madduck ?
[10:14:50] <madduck> 2.5.2-2lenny1
[10:15:02] <sysmonk> quite new
[10:15:11] <Roobarb> well this is odd
[10:15:14] <madduck> ha! it's debian, what did you expect? :)
[10:15:22] <Roobarb> postconf -e "permit_mx_backup_networks = 1.2.3.4, 5.6.7.8, [2001:6f8:128a::1]/128, 2.3.4.5, 6.7.8.9"
[10:15:28] <Roobarb> that works here after a restart
[10:15:39] <madduck> now try to connect to smtpd
[10:15:43] <Roobarb> and I'm only running 2.5.1
[10:16:14] <Roobarb> just telnet to port 25 ?
[10:16:17] <madduck> i get http://scratch.madduck.net/.tmp__vit.knyCreaU
[10:16:20] <madduck> Roobarb: yes
[10:16:33] <Roobarb> no errors
[10:16:51] <f3ew> you get the greeting string?
[10:16:56] <Roobarb> yes
[10:17:05] <madduck> hm....
[10:17:08] <f3ew> madduck, compile Postfix from source?
[10:18:35] <madduck> Roobarb: can you try to add permit_mx_backup to smtpd_recipient_restrictions?
[10:18:59] *** Saviq has joined #postfix
[10:19:36] <Saviq> hi guys, is there an easy way to grab all mails coming to a postfix smtp and forward them to only one e-mail?
[10:19:54] <Saviq> so that when testing no mail would go outside?
[10:20:09] <Saviq> regardless of the original mail to / cc / bcc headers
[10:20:32] <Roobarb> still works, with "smtpd_recipient_restrictions = permit_mx_backup, reject_unauth_destination, permit"
[10:20:41] <madduck> ouch.
[10:21:00] <madduck> Saviq: you could set always_bcc and discard all mail?
[10:21:04] <Roobarb> do you have to do anything other than "telnet localhost 25" ?
[10:21:21] <Saviq> madduck: yes, that could work
[10:21:23] <Roobarb> Saviq: *_alias_maps
[10:22:23] <madduck> Roobarb: nope, that's what triggers it here. well i am using swaks...
[10:22:33] <Roobarb> ?
[10:23:08] <madduck> nevermind, it's happening on connect
[10:24:21] <f3ew> Debian bug
[10:24:42] <madduck> :((
[10:24:50] <sysmonk> madduck: btw, swaks ftw :
[10:24:50] <sysmonk> :)
[10:25:00] <madduck> yeah!
[10:25:24] <sysmonk> army knife for mailing smtp stuff ;)
[10:25:34] <f3ew> swaks?
[10:25:37] <sysmonk> yeah
[10:25:37] <vice-versa> Saviq: defer_transports = smtp  may be a possible option
[10:27:02] <f3ew> ah
[10:27:28] <Saviq> vice-versa: how would I discard the deferred mail, then?
[10:27:49] <vice-versa> postsuper
[10:28:37] <Saviq> thanks
[10:34:11] *** alienbrain has joined #postfix
[10:37:32] *** Vivek has joined #postfix
[10:38:48] <madduck> Roobarb: may I mention you by name in the list mail I am about to send out? which OS do you run 2.5.1 on?
[10:39:02] <Roobarb> Mandriva 2008.1
[10:39:07] <Roobarb> stock RPM's
[10:39:09] <madduck> is that a yes? :)
[10:39:18] <Roobarb> if you wish :)
[10:42:06] *** q^ has joined #postfix
[10:42:10] <q^> hi
[10:42:36] <q^> i have installed postfix on debian , but i don't know how to create users any ideea ? (thanks)
[10:42:49] <Roobarb> useradd fred && passwd fred
[10:43:53] <q^> i have a user , but when i try to login into squirelmail web interface login failed
[10:44:03] <Roobarb> check your web logs
[10:44:20] <Roobarb> and mai logs
[10:44:23] <Roobarb> *mail
[10:44:29] <Roobarb> looking for authentication failures
[10:44:55] *** Motoko-chan has quit IRC
[10:45:13] *** Saviq has left #postfix
[10:46:06] <Knoedel2> !virtual_domain_maps
[10:46:06] <knoba> Knoedel2: Error: "virtual_domain_maps" is not a valid command.
[10:46:11] <Knoedel2> !virtual_domain_map
[10:46:11] <knoba> Knoedel2: Error: "virtual_domain_map" is not a valid command.
[10:46:39] <Knoedel2> !virtual_alias_domains
[10:46:40] <knoba> Knoedel2: "virtual_alias_domains" : a configuration parameter in the main.cf: Optional list of names of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains.
[10:49:43] <q^> Roobarb> in /var/log/ nothing abt squirelmail
[10:51:10] <q^> Sep  3 04:49:14 grovecommsltd postfix/smtpd[5259]: warning: SASL authentication problem: unable to open Berkeley db /etc/sas$
[10:51:10] <q^> Sep  3 04:49:14 grovecommsltd postfix/smtpd[5259]: warning: SASL authentication failure: no secret in database
[10:51:41] <Roobarb> that looks fairly fundamental
[10:52:33] <q^> to me isn't saying to much
[10:52:47] <Roobarb> unable to open Berkeley db /etc/sas$
[10:52:54] <Roobarb> thats the key thing
[10:53:11] <Roobarb> can you pastebin "postconf -n" output somewhere?
[10:53:39] <q^> yes
[10:54:33] <q^> http://www.pastebin.ca/1192355
[10:57:45] <Roobarb> ok, you haven't explicitly specified smtpd_sasl_type so its using the default for cyrus; is that correct?
[10:58:51] *** madduck has left #postfix
[10:58:57] <Roobarb> you may want to look in your system logs to see if Cyrus is logging anything
[10:59:28] <q^> no, dovecot
[10:59:52] <Roobarb> ah
[11:00:37] <Roobarb> you need to set smtpd_sasl_type = dovecot
[11:00:56] <Roobarb> which, incedentally is what I use
[11:01:36] <Roobarb> have you configured dovecot to work with postfix?
[11:01:39] <q^> :) , main.cf
[11:03:02] <q^> i have followed the steps from here http://www.debianadmin.com/debian-mail-server-setup-with-postfix-dovecot-sasl-squirrel-mail.html
[11:07:33] <q^> it works now..
[11:08:19] <q^> why i don't understand why i have to add valid system users for email accounts ? can i set nologin on them?
[11:09:43] <Roobarb> this is why you'd use a virtual user system of some form
[11:09:51] <Roobarb> although I prefer to use system accounts myself
[11:10:24] <Roobarb> you should be able to set /bin/false or something as their shell
[11:10:28] <q^> what i have to do in order to use virtual user system
[11:10:58] <Roobarb> http://www.postfix.org/VIRTUAL_README.html
[11:11:09] <q^> aaa ok:) thanks
[11:11:16] <f3ew> workaround.org
[11:20:32] <Knoedel2> Recipient address rejected: User unknown in
[11:20:32] <Knoedel2>     virtual alias table
[11:20:34] <Knoedel2> hm
[11:21:11] <Knoedel2> i've made only virtual_alias_domains set there @domain.de Description
[11:21:20] *** tshine has quit IRC
[11:21:24] <Knoedel2> so with @ he should catch-all right ?
[11:21:48] <Roobarb> yes
[11:21:57] <Roobarb> did you postmap that file?
[11:23:10] <Knoedel2> yes
[11:23:14] <Roobarb> rewind; virtual_alias_domains should just have a list of your domains in it. virtual_alias_maps = hash:/<file>     should be where you put the @domain.com catchall
[11:23:39] <Knoedel2> only domains without desciption field?
[11:25:42] <Roobarb> postconf -e "virtual_alias_domains = example.com"; postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"; echo " at example dot com catchall" > /etc/postfix/virtual; postmap /etc/postfix/virtual; postfix reload;
[11:25:59] <Roobarb> all mail to example.com should go to user catchall
[11:37:05] *** michauk_ has joined #postfix
[11:37:28] *** tshine has joined #postfix
[11:37:45] *** tshine has quit IRC
[11:37:59] *** tshine has joined #postfix
[11:38:18] <michauk_> hi there, a question about mailbox_size_limit: when using maildir structures (not mboxes), the doc says "The maximal size of any local(8) individual mailbox or maildir file, or zero (no limit). In fact, this limits the size of any file that is written to upon local delivery". So I guess for maildirs, this limitation is generally overridden by message_size_limit, am I right ?
[11:38:52] <michauk_> as it doesn't calculate the directory size
[11:39:05] <Knoedel2> Roobarb this works, but why he dont use transport_maps after amavis is finished with scanning
[11:39:05] *** Klian has joined #postfix
[11:40:08] <Klian> hi
[11:40:29] <Knoedel2> do i need to use virtual_alias_domains or is it enough if i only use transport_maps ?
[11:45:43] <Roobarb> michauk_: I'd guess so, yes
[11:47:12] *** pirho has joined #postfix
[11:47:13] *** spreeuw has joined #postfix
[11:48:54] <spreeuw> hello does "body_checks = regexp:/etc/postfix/body_checks" require postmap regeneration?
[11:49:02] <spreeuw> and is it always active?
[11:49:22] <spreeuw> or do I have to hang it into a section specifically?
[11:49:24] <Roobarb> http://www.postfix.org/header_checks.5.html
[11:50:28] <spreeuw> Roobarb: so is it just a declaration, that needs to be applied elsewhere?
[11:50:51] <spreeuw> it's not working after db creation, restart
[11:50:57] <spreeuw> with a simple testword regexp
[11:52:50] <spreeuw> so I'm thinking something preceding is overruling it
[11:53:10] <spreeuw> it works ok when I use a postmap test
[11:53:20] <Roobarb> hmm
[11:53:27] <spreeuw> but not when mailing through the server
[11:53:48] <Roobarb> you don't have something in master.cf to explicitly set it to null?
[11:54:33] <spreeuw> set what to 0?
[11:54:44] <spreeuw> which service is this?
[11:55:40] <spreeuw> I do have this PITA maia amavis thing
[11:55:46] <spreeuw> but that comes way at the end
[11:57:03] <q^> Roobarb is working to send emails .. but i'm not receving nothing
[11:57:16] <Roobarb> q^: check your mail logs
[11:57:36] <q^> http://www.pastebin.ca/1192384
[11:58:35] <Roobarb> postconf -n ?
[11:59:47] <q^> http://www.pastebin.ca/1192387
[12:01:43] <q^> ?
[12:04:09] <Roobarb> sorry, afk a moment
[12:05:04] <Roobarb> q^: is "stuart" a local system account?
[12:05:20] *** Fallenou has joined #postfix
[12:06:46] <q^> Roobarb yes
[12:07:25] <Roobarb> hmm
[12:08:13] <q^> i made the settings on outlook for user stuart and it keeps asking for password
[12:08:24] <q^> i type in the pass no effect, asks again for pass
[12:10:07] *** cpm has joined #postfix
[12:11:02] <Roobarb> again, check your logs
[12:11:15] <Roobarb> something somewhere will tell you whats wrong
[12:11:42] <spreeuw> thanks for the hint roobarb
[12:11:52] <spreeuw> it was nulled in master.cf
[12:11:56] <Roobarb> ah :)
[12:12:08] <Roobarb> working now?
[12:12:18] <spreeuw> that file always looks so complex
[12:12:44] <spreeuw> I think they disabled it because they use amavis-new-amaia for it
[12:13:05] <Roobarb> possibly
[12:14:44] <spreeuw> but, so it's not necessary to regenerate .db's from regexp files?
[12:14:57] <spreeuw> or does reload do this automatically?
[12:15:03] *** xemacs has quit IRC
[12:15:32] <Roobarb> .db's are generated using postmap
[12:15:53] <spreeuw> is postmap triggered by postfix reload?
[12:16:12] <Roobarb> as to whether a regexp one needs generating, I don't know but you can find out by adding/removing a rule and seeing if it changes anything without generating a .db
[12:16:18] <Roobarb> no, its a manual step
[12:17:50] *** xemacs has joined #postfix
[12:20:17] <spreeuw> aight, so it's not needed
[12:22:22] *** madrescher has joined #postfix
[12:25:39] *** tibyke has joined #postfix
[12:33:13] *** c00l2sv has joined #postfix
[12:35:12] *** denis_ has joined #postfix
[12:38:33] *** aron is now known as Aron
[12:39:46] *** stegbth has left #postfix
[12:39:47] *** stegbth has joined #postfix
[12:40:03] <stegbth> hello everybody
[12:41:34] <tibyke> lo
[12:41:57] *** q^ has quit IRC
[12:41:59] *** q^ has joined #postfix
[12:42:35] <stegbth> is it possible to include header_checks and body_checks in smtpd_sender_restrictions ?
[12:42:47] <f3ew> no
[12:43:07] <stegbth> f3ew: is this for me?
[12:43:56] <sysmonk> yes
[12:44:18] <sysmonk> body/header checks are done on cleanup, not on smtp stage
[12:44:47] *** asda has joined #postfix
[12:45:01] <stegbth> then i dont understand the backscatter_readme http://www.postfix.org/BACKSCATTER_README.html
[12:45:22] <sysmonk> header/body checks are applied to _all_ mail
[12:45:40] <stegbth> cause there are test's for "forged domain name in Message-ID"
[12:45:47] <sysmonk> you can't "put" them into smtpd_sender_restrictions, nor recipient_restrictions
[12:45:51] <sysmonk> they're applied to all mails
[12:46:17] <stegbth> cause thunderbird creates the message id, with @domainname.de
[12:46:35] <sysmonk> nevermind, i don't like speaking with myself.
[12:47:12] <stegbth> sysmonk: sorry, i thought you speak with me ;)
[12:49:08] <sysmonk> i did, but you didn't
[12:49:17] <sysmonk> you're just talking without listening what i'm telling
[12:49:19] <sysmonk> anyway, afk
[12:49:49] *** F6F has joined #postfix
[12:51:43] <stegbth> no, i know *_checks are not possible in smtpd_*_restrictions, but then i dont understand vietse's README
[12:52:56] <stegbth> cause then in many, many time's the shown up checks's wont work, cause as i know it the mua's job to create the message-id, but thunderbird create's it always with id at domainname dot tld
[12:58:24] *** nibbler has joined #postfix
[12:58:27] <nibbler> hi.
[12:58:55] <nibbler> what does "(authenticated bits=0)" in the Received: Header mean?
[12:59:27] *** tm-30740-exa has quit IRC
[13:01:41] *** q^ has quit IRC
[13:02:31] *** spy6 has quit IRC
[13:05:45] *** spy6 has joined #postfix
[13:07:28] *** tm-30740-exa has joined #postfix
[13:09:45] *** madduck has joined #postfix
[13:09:48] <madduck> postfix/smtp[5525]: 414844074DD: to=<postfix-users at postfix dot org>, relay=mail.cloud9.net[168.100.1.4]:25, delay=7.8, delays=6.8/0.01/0.59/0.41, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 73B60FD92D)
[13:09:55] <madduck> any readon why in 2 hours, this mail has not been archived?
[13:09:59] <madduck> reason even.
[13:10:20] <madduck> <20080903085540.GA30613 at lapse dot rw.madduck.net>
[13:13:35] <Roobarb> held in a release queue maybe?
[13:14:01] <madduck> why would cloud9.net do that?
[13:14:16] <Roobarb> thats where the lists are hosted
[13:14:21] <Roobarb> as to why, I have no idea
[13:15:06] *** ming_zym has quit IRC
[13:15:46] *** kl has joined #postfix
[13:16:10] *** asda has quit IRC
[13:19:38] <cpm> madduck, perhaps you need to ask the moderator of that list, rather than this channel, which can't possibly have any earthly idea.
[13:20:04] <madduck> perhaps...
[13:20:23] <madduck> but I am subscribed to the list and never had a problem postfinx to p-u, and maybe the moderator is here. :)
[13:20:25] <cpm> as far as postfix can take it, it's been taken, with that  status=sent (250
[13:20:46] <cpm> well, maybe the moderator is here. But it's not very likely.
[13:21:43] <kl> my postfix isn't working and i don't understand why..
[13:22:18] <kl> it keeps asking for logon password and even if i type it will ask again and again..
[13:22:34] <Roobarb> check your logs
[13:22:51] <cpm> madduck, what was the subject?
[13:23:55] <madduck> "permit_mx_backup_networks and IPv6"
[13:24:06] <madduck> http://scratch.madduck.net/.tmp__mutt-lapse-1000-11549-62
[13:24:08] <xemacs> how can i get postfix to request passwords in "crypt" format via sasl?
[13:25:04] <madduck> cpm: oh wait... I actually used madduck at debian dot org, which *isn't* subscribed.
[13:25:15] <madduck> i'll repost from my actual address. doh!
[13:25:26] <madduck> still curious that it just gets dropped
[13:25:45] <cpm> it probably gets held for moderation.
[13:25:58] <madduck> i'll wait a day then
[13:26:08] <kl> Roobarb and i don't know what is wrong  http://www.pastebin.ca/1192437
[13:26:14] <cpm> if you are not subscribed, it will be rejected/discarded
[13:26:20] <madduck> ok
[13:26:57] <cpm> probably discarded, getting into arguments with folks who aren't subscribed over the validity of their posts is something only a very patient moderator is up for.
[13:26:58] <madduck> resent
[13:27:01] *** nibbler has left #postfix
[13:27:17] *** kl is now known as Q^-
[13:27:21] <madduck> thanks for helping me figure this out. :)
[13:27:27] <Roobarb> kl: do you have the error and warning logs from the same time period?
[13:27:48] <Q^-> yes
[13:29:40] <Knoedel2> !relay_domains
[13:29:40] <knoba> Knoedel2: "relay_domains" : A configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will receive mail for and will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter. See also !address_classes
[13:29:42] <Q^-> those are the logs for the same period when i've tried to connect to outlook and sendmail
[13:30:03] <Roobarb> Q^-: are you going to share those logs?
[13:30:04] <Knoedel2> is there a command for virtual relay domains ?
[13:30:28] <madduck> what are virtual relay domains?
[13:30:32] <Roobarb> theres no such thing as a virtual relay_domain
[13:33:27] <Q^-> http://www.pastebin.ca/1192437  this is what i have in /var/log/mail.log
[13:33:39] <Q^-> what other logs you want me to look in?
[13:35:06] <Roobarb> I was assuming you had separate logs for info/error/warning
[13:35:33] <Roobarb> you're having an authentication failure
[13:35:37] *** madduck has left #postfix
[13:35:51] <Roobarb> if I remember, you're trying to use dovecot sasl ?
[13:36:02] <Q^-> http://www.pastebin.ca/1192444
[13:36:09] <Q^-> yes
[13:37:27] <Roobarb> I have this in my dovecot.conf, replacing the existing "auth default" block: http://www.pastebin.ca/1192447
[13:37:29] *** randra has joined #postfix
[13:38:02] <Roobarb> in main.cf, I also set the following:
[13:38:04] <Roobarb> smtpd_sasl_type = dovecot
[13:38:04] <Roobarb> smtpd_sasl_path = private/auth
[13:38:04] <Roobarb> smtpd_sasl_auth_enable = yes
[13:39:44] *** madduck has joined #postfix
[13:39:58] <madduck> so port 587 is like 25 except it requires authentication, right?
[13:40:06] <Roobarb> madduck: your email has hit the list
[13:40:17] <madduck> so "swaks -p 587 -s seamus.madduck.net -t madduck at madduck dot net" should not work
[13:40:20] <madduck> Roobarb: i saw, thanks.
[13:40:25] <Q^-> Roobarb so what i have to do??
[13:40:36] <Roobarb> madduck: master.cf includes additional setting to enforce authentication on that port
[13:40:54] <Roobarb> Q^-: what do you think you have to do?
[13:41:21] <Roobarb> Q^-: I've just told you the settings in both dovecot and postfix, that I use for SASL auth that work...
[13:41:49] <Roobarb> Q^-: I suggest you ensure that you are using the same settings, then try again
[13:41:57] <Q^-> ok , thanks
[13:43:43] <Q^-> Roobarb in main.cf i have those 3 lines with smtpd
[13:43:52] <Roobarb> ok
[13:44:07] <Roobarb> I suspect /etc/dovecot.conf is more in need of changing
[13:44:12] <madduck> wtf? so port 587 is just like port 25 without any requirements that wouldn't make it usable to spammers
[13:44:30] <madduck> so it's only a matter of months/years until ISPs will block 587 too, because spammers started to use that
[13:44:46] <madduck> http://xml.resource.org/public/rfc/html/rfc2476.html
[13:44:49] <sysmonk> woot?
[13:44:54] <Roobarb> madduck: the submission port requires you to authenticate to the server before you can relay mail.
[13:44:56] <sysmonk> madduck: what are you talking about?
[13:44:59] <sysmonk> 587 is submission with auth
[13:45:01] <sysmonk> yeah
[13:45:03] <madduck> Roobarb: no it doesn't.
[13:45:07] <sysmonk> yes it does
[13:45:07] <madduck> not according to the rfc
[13:45:14] <sysmonk> ah
[13:45:15] <Roobarb> I fail to see how a spammer _without an account_ can send mail through your server
[13:45:17] <madduck> and also, postfix doesn't implement it as such
[13:45:24] <madduck> postfix requires TLS sure
[13:45:28] <madduck> and turns on SASL
[13:45:32] <madduck> but otherwise it's just a plain smtpd
[13:45:45] <sysmonk> postfix doesn't have open relay by default
[13:45:55] <madduck> that's not the issue
[13:45:55] <Roobarb> submission inet n       -       n       -       -       smtpd
[13:45:55] <Roobarb>   -o smtpd_enforce_tls=yes
[13:45:55] <Roobarb>   -o smtpd_sasl_auth_enable=yes
[13:45:55] <Roobarb>   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
[13:45:58] <sysmonk> so spammers can't use your server to send spam, nor on 25 nor on 587
[13:45:59] <Roobarb> note the last line
[13:46:14] <Q^-> Roobarb i have also in there dove.conf that lines with auth default
[13:46:31] <madduck> Roobarb: you sure you didn't add that yourself?
[13:46:52] <madduck> i have that for 465, but not 587 in the orig master.cf
[13:46:55] <Roobarb> madduck: i didn't, but that doesn't mean my vendor didn't add it for me
[13:47:24] <sysmonk> it didn't
[13:47:28] <sysmonk> atleast mine didn't
[13:47:45] <Q^-> Roobarb http://www.pastebin.ca/1192453
[13:49:25] <Roobarb> Q^-: well, I followed http://www.postfix.org/SASL_README.html#server_dovecot
[13:49:44] <Roobarb> Q^-: although I can't immediatly see anything wrong with your config
[13:49:57] <Roobarb> Q^-: are you running postfix chrooted?
[13:51:40] <Q^-> no
[13:51:52] * cpm sighs
[13:52:25] <sysmonk> ho cpm
[13:52:38] <Roobarb> Q^-: can you check your mail via imap to the dovecot server?
[13:52:43] <madduck> so you cannot pass smtpd_client_restriction=check_ccert_access ... to smtpd/submission
[13:52:49] <madduck> since you need whitespace to pass it the table
[13:52:53] <Roobarb> that'll check whether dovecot can actually authenticate
[13:52:59] <madduck> which means you cannot make submission authenticate on client certs
[13:53:05] <madduck> unless you tweak main.cf
[13:53:08] <madduck> which is horrid
[13:53:10] <Q^-> Roobarb how do i do that?
[13:53:20] <Roobarb> point a mail client at it
[13:53:31] <sysmonk> madduck: make that a default in main.cf and unset it in master.cf for smtpd
[13:53:58] <madduck> sysmonk: my default in main.cf is 10 lines long and does client access checking, greylisting dialups, RBL
[13:54:04] <madduck> I am not going to specify all that in master.cf
[13:54:21] <sysmonk> madduck: another way
[13:54:21] <madduck> i suppose I can add a smtpd_restriction_classes
[13:54:23] <madduck> though
[13:54:27] <sysmonk> madduck: add a restriction class
[13:54:34] <sysmonk> and use that in master.cf for submission
[13:54:42] <sysmonk> yeah
[13:55:28] <madduck> that should work nicely
[13:56:49] <madduck> \o/
[13:57:48] <Q^-> Roobarb if i try to send email from imap it is sending , but if i try to receive all the emails return to sender
[13:58:01] <Roobarb> you don't _send_ mail through imap
[13:58:10] *** rootsvr has joined #postfix
[13:58:22] <sysmonk> Roobarb: you don't?!
[13:58:58] <cpm> You can actually, depending on the imap server. Some allow outbox service. Courier does for instance.
[13:59:18] *** mark-use has joined #postfix
[13:59:42] <sysmonk> i wonder how clients support that
[13:59:49] <Roobarb> *generally* you don't
[14:00:17] <cpm> http://www.inter7.com/courierimap/INSTALL.html#imapsend
[14:00:38] <Q^-> Roobarb> mate i don't know what to do anymore
[14:00:56] <cpm> sysmonk, client support doesn't mean much. You just create the folder, define it in the imapd conf file, and subscribe to it. done.
[14:01:14] <cpm> I think some other imap servers have a similar feature.
[14:01:25] <cpm> But it's not very common that folks use it.
[14:01:55] <Q^-> Roobarb it worked to send ! but it rejectes all the emails that point to my mail server
[14:02:20] <Roobarb> Q^-: I think you're missing the point of what I'm asking you to do here
[14:02:38] <Roobarb> Q^-: can you use a mail client (eg: thunderbird) to login to your imap server ?
[14:03:03] <Roobarb> Q^-: since this will be using the same username/password as you'd be using in smtp-auth
[14:03:46] <sysmonk> cpm: yeah, i've already read the link
[14:04:27] <cpm> first courier imap server I implemented, I set this service up, but it confuses users, so I no longer bother.
[14:04:38] <Q^-> Roobarb can you give me an examples of settings what i have to make for outlook for example .. to see if i did them ok
[14:05:29] <Roobarb> just tell it to look at an IMAP server, and give it the IP Address of your server
[14:05:48] <Roobarb> the fact you have trouble with that concept is troubling
[14:06:21] * cpm finds that troubling troubles are troubling
[14:06:37] <Q^-> i made a new identity , i choose imap , type imap sever: 82.76.110.166 smtp: 82.76.110.166 typed the user the pass and my account requires auth as incoming
[14:07:11] <Q^-> this is what i did , and sent an email to yahoo
[14:07:29] <Q^-> anything wrong in here?
[14:07:30] <thumbs> you'd have to make sure a smtpd is running on 82.76.110.166
[14:07:53] <thumbs> and see if it requires authentication or not.
[14:08:22] <Roobarb> Q^-: I didn't ask you to send any email, just login to it via IMAP.
[14:08:29] <Q^-> grovecommsltd:/etc/dovecot# ps -aux |grep smtpd
[14:08:29] <Q^-> root     11967  0.0  0.1   2844   708 pts/3    S+   08:08   0:00 grep smtpd
[14:08:34] <Roobarb> Q^-: do you get a login failure or not?
[14:08:48] <Q^-> when i press send receive?
[14:08:49] <thumbs> Q^-: huh not 'smtpd' literally. Jeebus.
[14:09:05] <Roobarb> Q^-: yes
[14:09:25] <Q^-> no
[14:09:28] * thumbs checks to see if Q^- has a brain
[14:09:44] <Roobarb> Q^-: ok, then that suggests dovecot is working properly
[14:10:03] <Q^-> ok, what next then?
[14:10:20] *** havvg has joined #postfix
[14:11:49] <Roobarb> Q^-: although humor me for a moment:   type the following at the commandline:    echo "test" | mail -s "testing" <user>         where <user> is the user you're connecting to imap as
[14:12:02] <Roobarb> then see if there is a message in your inbox
[14:13:03] <Q^-> grovecommsltd:/etc/dovecot# echo "test" | mail -s "testing" <Catalin>
[14:13:14] <Roobarb> without the <>
[14:13:39] <Roobarb> and use lowercase for the username
[14:13:40] <Q^-> yes it came
[14:13:42] <Roobarb> ok
[14:15:45] <Roobarb> Q^-: does /var/spool/postfix/private/auth exist?
[14:17:33] <Q^-> yes
[14:18:28] *** cilly has joined #postfix
[14:19:44] *** _bt has quit IRC
[14:19:48] <Q^-> what else?
[14:20:43] <Roobarb> one second
[14:21:07] <Q^-> ok
[14:21:25] *** Nockian has quit IRC
[14:21:54] <Roobarb> Q^-: ok, lets try this from the commandline
[14:22:16] <Roobarb> Q^-: perl -MMIME::Base64 -e 'print encode_base64("\0USERNAME0PASSWORD");
[14:22:32] <Roobarb> Q^-: run that, changing the words USERNAME and PASSWORD to whatever you use
[14:22:43] <Roobarb> Q^-: you'll get a string of ascii as output
[14:24:07] <Q^-> ok
[14:24:27] <Q^-> with that 0 in the middle ?
[14:24:42] <Knoedel2> !relay_recipient_maps
[14:24:42] <knoba> Knoedel2: "relay_recipient_maps" : a configuration parameter in the main.cf: Optional lookup tables with all valid addresses in the domains that match $relay_domains. Specify @domain as a wild-card for domains that do not have a valid recipient list.
[14:24:54] <Roobarb> Q^-: yes, with the 0
[14:25:13] <Roobarb> Q^-: we're following http://www.postfix.org/SASL_README.html#server_test
[14:25:38] <Roobarb> Q^-: so if you type the bits in bold, changing the AUTH PLAIN ...  string to whatever that perl command gives you
[14:25:53] *** mark-use_ has joined #postfix
[14:26:03] <Q^-> after running perl comm AENhdGFsaW4wMURpZ2l0ZWNoMg==
[14:26:48] <Roobarb> I do wish you hadn't pasted that
[14:26:55] <Roobarb> you should change your password now
[14:28:13] <Q^-> done..
[14:29:06] <Q^-> what now ?
[14:29:52] <Q^-> what do you mean by  so if you type the bits in bold, changing the AUTH PLAIN ...  string to whatever that perl command gives you
[14:30:57] <Roobarb> Q^-: instead of "AUTH PLAIN AHRlc3QAdGVzdHBhc3M=" as given in the example, change the last string to the output of the perl command you ran (assuming you re-ran it with your new password)
[14:31:53] <Roobarb> afk 10 mins
[14:32:52] *** Zeit|awy_ has quit IRC
[14:36:19] *** mark-use has quit IRC
[14:36:23] *** mark-use_ is now known as mark-use
[14:37:27] <Q^-> 535 5.7.0 Error: authentication failed:
[14:45:02] <Roobarb> ok
[14:45:22] <Roobarb> what entries in your mail.log do you see for that connection ?
[14:54:38] <Q^-> i have saslpasswd2 Catalin
[14:54:42] <Q^-> typed a password
[14:54:50] <Q^-> and email is working now
[14:54:56] <Q^-> i can send and receive emails
[14:55:07] <Q^-> for domain grovecommsltd.co.uk
[14:55:42] <Q^-> no i need to add another domain
[14:56:10] <Roobarb> odd
[14:56:27] <Roobarb> that implies dovecot is configured to look elsewhere than /etc/passwd
[14:56:45] <Q^-> where?
[14:58:28] <Q^-> where should i look ?
[14:58:37] <Q^-> in dovecot.conf
[15:00:20] *** rootsvr has quit IRC
[15:00:34] <Q^-> Roobarb ??
[15:03:02] <Roobarb> one moment (I'm actually at work)
[15:03:48] <Q^-> thanks for your help till now!, no probs
[15:04:21] <Roobarb> pastebin your master.cf for me
[15:04:51] <Roobarb> madduck: I assume you've seen Wietse's reply?
[15:09:29] *** _bt has joined #postfix
[15:09:39] <Q^-> ok
[15:11:45] <Q^-> http://www.pastebin.ca/1192507
[15:12:01] <Roobarb> so you ARE running chrooted
[15:13:01] <Q^-> aaa, i guess
[15:13:47] *** HNSZ has joined #postfix
[15:13:59] <Roobarb> the issue is almost certainly related to postfic not connecting to the correct socket
[15:14:29] <HNSZ> Hello, I need to know where (in what script ) postfix creates the homedir.
[15:14:49] <Q^-> Roobarb so.. what next ?
[15:15:31] <Roobarb> Q^-: hmm, actually no
[15:15:44] <Roobarb> it would have complained about a missing socket by now
[15:16:00] <sysmonk> now, you remove dovecot and install cyrus
[15:16:01] <sysmonk> :)
[15:16:09] <Roobarb> and /var/spool/postfix/private/auth, as specified in dovecot.conf, is under the chrrot
[15:16:14] <lunaphyte_> HNSZ: not from within a script.
[15:16:18] *** alienbrain has quit IRC
[15:16:33] <Roobarb> sysmonk: i don't get why this is a problem; "it works for me"
[15:16:50] <sysmonk> Roobarb: hehe
[15:16:57] <sysmonk> i've didn't read the discussion
[15:17:07] <sysmonk> i've just saw that you're doing it for a few hours already
[15:17:35] <Roobarb> basically he has the same configs as I do, yet smtp-auth doesn't seem to work for him
[15:18:30] <Roobarb> Q^-: my last suggestion is to take postfix out of the chroot and try again; in master.cf change every "-" in the chroot column to a "n"
[15:18:34] <Roobarb> and restart postfix
[15:19:00] <lunaphyte_> i even tried scrolling back to see what problem he was trying to solve, but it went on too far.
[15:19:51] <Q^-> the problem is that i can't authentificate
[15:20:10] <lunaphyte_> authenticate :p
[15:20:11] <lunaphyte_> ?
[15:20:16] <Roobarb> that too
[15:20:32] <Q^-> but if I do this saslpasswd2 username , and set a password for that username it will work
[15:20:43] <lunaphyte_> "authenticate" is a bit ambiguous.
[15:20:47] <lunaphyte_> authenticate what?
[15:20:50] <sysmonk> isn't saslpasswd2 cyrus stuff?
[15:20:56] <lunaphyte_> yes
[15:21:02] <sysmonk> or dovecot has one too?
[15:21:11] <sysmonk> and isn't he playing with dovecot now?
[15:21:15] <Q^->   It appears that you are using Simple Authentication and Security Layer (SASL) framework for authentication and data security in Internet protocols. Cyrus SASL is a free and portable SASL library and it is used for SMTP authentication.
[15:21:36] <sysmonk> Q^-: so, are you using cyrus or dovecot?!
[15:21:46] <sysmonk> cause all i've saw here was talking about dovecot
[15:21:51] <sysmonk> and saslpasswd2 is cyrus
[15:22:02] <Roobarb> this is whats confusing me
[15:22:21] <sysmonk> Q^-: postconf -a && postconf -n && pastebin it
[15:22:26] <Q^-> ok
[15:22:44] <e_> hm.. is there something like sendmails -bt / 3,0 email@address thing? to test routing directinos?
[15:23:05] <Q^-> grovecommsltd:/etc/postfix# postconf -a  ---->>  cyrus dovecot
[15:23:59] <HNSZ> lunaphyte_: HNSZ: not from within a script. A dir is created on recieving the first mail. Do you know where it's done?
[15:24:12] *** capt_rogers has joined #postfix
[15:24:51] <Q^-> http://pastebin.ca/1192518
[15:25:35] <Roobarb> try this:  postconf -e "smtpd_sasl_local_domain ="
[15:25:43] <Roobarb> its the one thing I don't do
[15:26:14] <sysmonk> Q^-: pastebin master.cf
[15:26:22] *** denis_ has quit IRC
[15:26:32] <Roobarb> I wonder if postfix is adding a realm when dovecot doesn't expect one
[15:27:17] <Roobarb> HNSZ: please keep questions on channel
[15:27:40] <Q^-> http://pastebin.ca/1192519
[15:28:03] <lunaphyte_> HNSZ: deep within the bowels of local(8) or virtual(8)
[15:28:04] <sysmonk> Q^-: have you stopped and started postfix?
[15:29:37] <HNSZ> lunaphyte_: Thanks ^_
[15:30:40] <lunaphyte_> np
[15:36:26] <Q^-> yes
[15:38:11] <sysmonk> and you can approve that setting a password to 'abc' with saslpasswd2 and trying to auth with that password works?
[15:38:20] <Q^-> yes
[15:38:28] *** mrglinux has joined #postfix
[15:38:54] <sysmonk> Q^-: change the password to abc then, and show me the logs ( postfix && telnet )
[15:39:56] <mrglinux> I have postfix mail service on my server and each mail send to yahoo mail goes to bulk does it problem refers to postfix config or it's another problem ?
[15:40:18] <sysmonk> !yahoo
[15:40:19] <knoba> sysmonk: Error: "yahoo" is not a valid command.
[15:40:22] <Roobarb> mrglinux: your IP Address is probably marked as sending spam
[15:40:26] <lunaphyte_> ask yahoo
[15:41:10] <mrglinux> ?Roobarb does yahoo mark it ?
[15:41:19] <Roobarb> ask them
[15:42:25] <Q^-> i have done another user i could send emails , but couldn't receive
[15:43:05] <Q^-> returned to sender
[15:43:28] *** tore has quit IRC
[15:43:56] <mrglinux> and how many mail I can add in To or cc and another field .. does it refer to mail service?
[15:44:54] *** madrescher has quit IRC
[15:46:45] *** cilly has quit IRC
[15:47:19] <Q^-> 535 5.7.0 Error: authentication failed: with telnet
[15:48:00] <Q^-> how can i remove postfix dovecot and install everything again/
[15:48:08] <lunaphyte_> rm -rf /
[15:48:17] <sysmonk> 09-03 16:48:14 -!- #postfix You need to be a channel operator to do that
[15:48:19] <sysmonk> blah
[15:48:24] <sysmonk> http://www.postfix.org/announcements/20080902.html
[15:48:29] <Q^-> yeah rm -rf /
[15:48:32] <sysmonk> saw it only now, but i'm not affected
[15:49:08] <madduck> Roobarb: yes, thanks
[15:49:20] <Q^-> commen guys what can i do??
[15:49:23] *** tore has joined #postfix
[15:49:46] <sysmonk> it's your distro specific task Q^-
[15:50:01] *** tore has quit IRC
[15:50:58] *** tore has joined #postfix
[15:51:11] <Q^-> debian
[15:51:14] <lunaphyte_> why on earth would you remove everything and start over anyway?
[15:51:23] <lunaphyte_> how is that going to help you learn anything?
[15:51:30] <sysmonk> lunaphyte_: windows way of administration
[15:51:34] <Q^-> because it's not working
[15:51:36] <lunaphyte_> that's a windows's admin attitude.
[15:51:40] <Q^-> better install qmailk
[15:51:41] <lunaphyte_> sysmonk:  ;)
[15:51:42] <Q^-> qmail
[15:51:52] <lunaphyte_> Q^ so fix it.
[15:52:16] <Q^-> i don't know how to fix it , if i did i would have done it till now
[15:52:27] <sysmonk> !hare_krishna
[15:52:27] <knoba> sysmonk: "hare_krishna" : Rumor has it that Hare Krishna means hire a consultant in Hindi.
[15:52:27] <sysmonk> ;)
[15:52:42] <Dominian> Yeah.. install qmail.. take execederin.. you'll need it.
[15:52:50] <lunaphyte_> yes - you have to _figure it out_
[15:57:03] *** jwit_ is now known as jwit
[15:57:09] <HNSZ> Why don't we all just_get_a-long_
[15:58:05] *** Nockian has joined #postfix
[16:01:26] <e_> hm.. is there a way to halt postfix delivery? like, failing temporarily?
[16:01:29] *** rootsvr has joined #postfix
[16:04:52] <sysmonk> e_: defer_transports
[16:04:58] <sysmonk> !defer_transports
[16:04:58] <knoba> sysmonk: "defer_transports" : a configuration parameter in the main.cf: The names of message delivery transports that should not be delivered to unless someone issues "sendmail -q" or equivalent. Specify zero or more names of mail delivery transports names that appear in the first field of master.cf).
[16:05:13] *** capt_rogers has quit IRC
[16:06:59] <e_> sysmonk: mhh.. mail will still be accepted though, right?
[16:09:02] <Roobarb> e_: hence the use of the word "delivery"
[16:09:11] *** madduck has left #postfix
[16:09:41] <sysmonk> e_: yes. you don't want it to be accepted - run postfix stop
[16:09:56] *** mark-use has quit IRC
[16:10:14] *** mark-use has joined #postfix
[16:10:14] <e_> sysmonk: mh, but that means client won't be able to connect.. i'd like to have postfix generate a temporary error..
[16:11:12] <sysmonk> e_: you can always make an access map with a reject whatever you want
[16:11:24] <sysmonk> 4XX text 5XX text
[16:11:27] <e_> mh.. okay
[16:11:32] <sysmonk> look at access(5)
[16:11:34] <e_> i'll try that then
[16:13:14] *** HNSZ has quit IRC
[16:14:09] *** seekwill has joined #postfix
[16:17:53] *** Vivek has quit IRC
[16:18:04] *** rootsvr has quit IRC
[16:20:32] *** simmy has joined #postfix
[16:22:53] <Knoedel2> !check_sender_access
[16:22:54] <knoba> Knoedel2: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.
[16:28:33] *** danbeck has joined #postfix
[16:29:34] *** spy6 has quit IRC
[16:31:41] *** felix-da-catz_zz is now known as felix-da-catz
[16:33:38] *** Zblakany has joined #postfix
[16:33:55] <Q^-> still not working same shit
[16:34:12] <Q^-> i can send , can't receive
[16:39:49] *** martiancode has joined #postfix
[16:40:01] *** cilly has joined #postfix
[16:43:53] *** _Driver_ has quit IRC
[16:45:55] *** spy6 has joined #postfix
[16:47:17] *** AcTiVaTe has quit IRC
[16:51:00] *** mirrorcolor has quit IRC
[16:57:14] *** bitfrost has joined #postfix
[17:01:07] *** Knoedel2 has quit IRC
[17:08:55] *** keffer has quit IRC
[17:14:47] <magyar_> sysmonk, i got an issue with smtp_bind_address and amavis
[17:15:06] <magyar_> amavis is erroring out with ACCESS DENIED
[17:16:19] *** Q^- has quit IRC
[17:18:05] <Dominian> why is it that people who use amavis seem tot hink that #postfix is the place to complain? ;)
[17:19:46] <Nockian> because #amavis is dead
[17:20:11] <seekwill> So my car doesn't start. I don't know why. :(  I asked in ##cars but no one was there.
[17:21:53] <Dominian> not my fault that #amavis is dead.. try the mailing lists ;)
[17:21:57] <Nockian> probably the starter, the battery, or the starter solenoid :)
[17:22:17] <Dominian> Or its out of gas
[17:22:21] <Dominian> or he doesn' treally own a car
[17:23:37] *** mrglinux has quit IRC
[17:23:53] <seekwill> :P
[17:24:33] *** pitakill has joined #postfix
[17:29:26] *** Nockian has quit IRC
[17:36:59] <rob0> magyar_, someone (who shall remain nameless) tattled on you
[17:37:43] *** Tykling has joined #postfix
[17:37:47] <rob0> xx:40:58 < magyar_> thank g rob0 isnt here to see this, i would be on permanent ignore list
[17:40:46] <magyar_> rob0, you know how people are, I belive in nothing what i hear and half of what I see.
[17:41:03] <rob0> :)
[17:42:16] * rob0 just did a 1600km road trip, much of it in the dark and pouring rain (ex-hurricane Gustav)
[17:44:20] <magyar_> ouch
[17:45:49] *** rootsvr has joined #postfix
[17:48:44] <sysmonk> magyar_: make amavis connections use another smtp_bind_address (i.e. localhost ) or make your amavis accept your outgoing ip
[17:49:29] * seekwill makes sysmonk accept his outgoing I{
[17:49:38] <seekwill> IP as well
[17:50:37] <bitfrost> Hi, vice-versa
[17:50:59] <bitfrost> sorry about i get disconnected because my battery went dead
[17:51:22] <bitfrost> and it was time to sleep hehehee
[17:51:34] <sysmonk> seekwill: i'm tolerant, i accept everybody
[17:51:34] <sysmonk> ;)
[17:51:38] <seekwill> heh
[17:51:54] <vice-versa> bitfrost: hey, np
[17:51:58] <bitfrost> about your question, yes there is no folder called Maildir in /home/sistemas
[17:54:53] <vice-versa> what are the permissions on /home and /home/sistemas
[17:55:59] *** pie` has quit IRC
[17:56:06] *** Aron is now known as aron
[17:56:07] *** razym has joined #postfix
[17:56:35] *** _Driver_ has joined #postfix
[17:57:10] <bitfrost> drwxr-xr-x  3 sistemas       4,0K sep  2 21:24 sistemas
[17:57:41] <sysmonk> o_o
[17:57:45] <sysmonk> something missing in this output...
[17:57:47] <sysmonk> like.... group ...
[17:57:53] <sysmonk> o_O
[17:57:59] <bitfrost> drwxr-xr-x  14 root  4,0K sep  2 21:24 home
[17:58:47] *** HenZo has joined #postfix
[17:59:26] <sysmonk> am i stupid, or is the output mungled in some way ?
[17:59:47] *** rootsvr has quit IRC
[18:00:04] <bitfrost> Hi sysmonk are you asking about my output
[18:00:08] <bitfrost> it is ls -loah
[18:01:20] <vice-versa> lose the oah
[18:01:52] <ek> Aye.
[18:01:57] <magyar_> sysmonk, multiple smtp_bind_addresses ?
[18:02:05] <bitfrost> drwxr-xr-x 3 sistemas       sistemas       4096 sep  2 21:24 sistemas
[18:02:25] <sysmonk> magyar_: how are you giving your spam to amavisd?
[18:02:29] <sysmonk> via content_filter?
[18:02:46] <magyar_> yeap
[18:02:50] <bitfrost> drwx------ 4 salmorcu       salmorcu       4096 sep  2 23:01 salmorcu
[18:02:50] <bitfrost> drwxr-xr-x 3 sistemas       sistemas       4096 sep  2 21:24 sistemas
[18:02:56] <sysmonk> magyar_: how your content_filter line looks like?
[18:03:16] <bitfrost> It is weired because salmorcu it works fine
[18:03:29] <magyar_> sysmonk, content_filter = smtp-amavis:[127.0.0.1]:10024
[18:03:54] <bitfrost> when I send the mail you told me to vice-versa it works on that account, but that account I manually add it not from webmin
[18:03:56] <sysmonk> magyar_: now you can edit your master.cf and give some other smtp_bind_address to 'smtp-amavis' transport
[18:04:23] *** Klian has quit IRC
[18:04:42] *** sophokles has quit IRC
[18:05:37] <vice-versa> bitfrost: change the permissions on sistemas to match salmorcu
[18:09:33] *** phnord has quit IRC
[18:18:40] *** havvg has quit IRC
[18:22:44] *** bitfrost has quit IRC
[18:22:44] *** j_s has joined #postfix
[18:26:30] *** Zeit|awy has joined #postfix
[18:28:58] *** carl- has joined #postfix
[18:36:19] <HenZo> I have an application that sends e-mail through our mail relay server running Postfix-2.2.9, but for some reason the application is saying it receives a SMTP 501 error and fails to send. On the mail server, the logs only show the app connecting and then immediately disconnecting. No errors at all.
[18:37:01] <seekwill> Does it say anything else besides 501? Try running a tcpdump
[18:37:10] <HenZo> The 501 error message in the application lead me to believe it had something to do with a malformed header or some other syntax problem in the way the mail was crafted, but I'm sort of confused why I wouldn't see anything else in my logs on the mail server.
[18:38:12] <HenZo> I haven't had a chance to run a tcpdump yet, trying to figure this out in the meantime as I wait for the application person to test again.
[18:38:35] <seekwill> Try manually telnetting as the app
[18:38:46] <seekwill> Pretend to be the app
[18:38:49] <seekwill> Be one with the app
[18:38:56] <sysmonk> haha ;)
[18:39:01] <sysmonk> or look at the logs ;)
[18:39:10] <seekwill> Logs are overrated
[18:39:14] <sysmonk> should have atleast some info to begin with
[18:39:14] <seekwill> They NEVER say anything good
[18:43:12] * cpm helped build a house with logs. They are really handy.
[18:43:12] <HenZo> I can telnet manually from the application server to the mail server and send an email just fine.
[18:43:38] <HenZo> And as I already mentioned, the postfix logs are not helpful - they just show a connect followed immediately by a disconnect.
[18:43:48] <HenZo> The application log just says SMTP error 501.
[18:43:54] <seekwill> Bad application
[18:44:01] <HenZo> Agreed. :)
[18:44:08] <magyar_> sysmonk, hmm, I did add the option of "-o smtp_bind_address="in master but still not working
[18:45:42] <sysmonk> magyar_: logs and shit as always please :)
[18:47:33] <HenZo> I should mention that prior to this Postfix server, we had a Tumbleweed mail relay up and this application could send through that just fine. My guess is Tumbleweed is more lenient in checking the message properties and just let it slide.
[18:51:38] *** chadmaynard has quit IRC
[18:55:11] *** chadmaynard has joined #postfix
[18:58:12] *** madrescher has joined #postfix
[19:04:04] *** martianc1de has joined #postfix
[19:06:11] *** keffer has joined #postfix
[19:11:12] *** _Driver_ has quit IRC
[19:12:12] <sysmonk> yay, russian quit messages on freenode ;)
[19:12:23] <seekwill> All I see are D's
[19:12:44] <sysmonk> DDDD DDDDD DDD DD DD DDDDDDDDDD
[19:13:16] *** internat1 has joined #postfix
[19:13:19] <sysmonk> DD?
[19:13:31] *** Internat has quit IRC
[19:13:34] <seekwill> Similar
[19:14:56] *** martiancode has quit IRC
[19:14:56] *** Knoedel2 has joined #postfix
[19:15:50] <rob0> oh my
[19:16:23] <rob0> guys, keep your fantasies to yourself!
[19:16:59] *** syntaxx has joined #postfix
[19:17:39] <sysmonk> we wanna share em!
[19:17:45] <syntaxx> hi, im having a little problem using mail in php.. im using postfix as my mta but when i tried to send mail using php function mail it doesnt show a maillog any idea?
[19:17:47] <cpm> DD DDDD DDDDDDD DD:)
[19:17:56] <sysmonk> you must be tolerant!
[19:18:07] <sysmonk> if you tolerate gays and lesbians, then tolerate us too!
[19:18:15] <sysmonk> cpm: hah, nice one :P
[19:18:24] <Knoedel2> re
[19:18:43] <cpm> ??-??????
[19:18:50] <sysmonk> cpm: woooow :)
[19:18:52] <sysmonk> cpm: you rule :P
[19:18:59] <Knoedel2> can someone paste my a very good policyd.cond and policyd-weight.conf ;)
[19:19:03] <sysmonk> syntaxx: try issuing echo 'blah' | mail somewhere
[19:19:08] <sysmonk> and see if you see anything in the logs
[19:19:23] <syntaxx> sysmonk: trying in cli works perfectly
[19:19:34] <sysmonk> syntaxx: as root? or as user?
[19:19:51] <syntaxx> sysmonk: root
[19:20:17] <cpm> ? ???????? ??? ?????????
[19:20:39] <sysmonk> cpm: what's ended?
[19:20:44] <cpm> the discussion
[19:20:48] <sysmonk> oh
[19:20:56] <cpm> it's the best I could come up with.
[19:21:03] <cpm> I really wished I knew the language.
[19:21:06] <sysmonk> syntaxx: so, what's about trying it out as a normal user?
[19:22:14] <syntaxx> sysmonk: as user it shows in a maillog
[19:23:05] <sysmonk> so, postfix works
[19:23:14] <sysmonk> now the question is - what's wrong in php ;)
[19:25:15] *** tombar has joined #postfix
[19:27:20] *** _Driver_ has joined #postfix
[19:28:23] *** martianc1de has quit IRC
[19:30:40] <rob0> !no_logs
[19:30:41] <knoba> rob0: "no_logs" : Nothing in your Postfix logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question.
[19:31:06] *** cilly has quit IRC
[19:31:13] <rob0> in the case of PHP mail() it might mean some other sendmail(1) is being invoked.
[19:32:19] *** carl__ has joined #postfix
[19:35:11] <vice-versa> or the php.ini sendmail_path parameter is incorrect
[19:37:19] *** amrit|zzz is now known as amrit|wrk
[19:40:14] *** Klian has joined #postfix
[19:42:20] *** jelly has quit IRC
[19:42:34] *** syntaxx has quit IRC
[19:43:38] *** _Driver_ has quit IRC
[19:48:58] *** carl- has quit IRC
[19:49:52] *** carl__ has quit IRC
[19:50:52] *** _Driver_ has joined #postfix
[19:51:52] *** _Driver_ has quit IRC
[19:58:46] <Knoedel2> what sould i better use policyd 1.x version or the new cluebringer ?
[20:00:02] *** carl- has joined #postfix
[20:03:13] *** jelly has joined #postfix
[20:04:01] *** tombar has quit IRC
[20:05:15] *** tombar has joined #postfix
[20:20:48] *** douji has joined #postfix
[20:24:12] *** szogoon has joined #postfix
[20:24:33] <szogoon> hi ;]
[20:24:55] <szogoon> got one question of SASL
[20:25:35] <szogoon> how to configure smtpd_recipient_restrictions
[20:26:06] <szogoon> to have situation like that
[20:27:08] <szogoon> brb
[20:29:14] <szogoon> if i wan't to send mail from my box to outside - then i have to auth
[20:29:34] <szogoon> if i wan't to send mail from my box to same domain - then i have to auth
[20:30:10] <szogoon> no i have configured smtpd_recipient_restrictions like permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
[20:30:34] <szogoon> but mails from my box to my domain doesn't have to be authenticated
[20:37:33] <vice-versa> makes sense
[20:39:54] <szogoon> how to conf smtpd_recipient_restrictions to mails from domain.com to domain.com were authenticated ?
[20:42:24] *** boink__ has joined #postfix
[20:42:28] *** _Driver_ has joined #postfix
[20:42:45] <vice-versa> szogoon: you don't want to accept ANY mail to your domain unless the user has authenticated?
[20:43:08] <szogoon> no
[20:43:48] <szogoon> i want other MTA to send mails to my domain
[20:43:48] <rob0> What does "mails from domain.com" mean?
[20:44:09] <szogoon> rob0: from my domain to my domain
[20:44:39] <szogoon> for example i have postfix with domain called domain.com
[20:45:03] <szogoon> and mails from gmail.com to domain.com don't have to authenticate
[20:45:25] <szogoon> but mails from domain.com to domain.com shuld be authenticated
[20:45:42] <szogoon> client shuld be authenticated :)
[20:45:44] <szogoon> not mails :)
[20:45:50] <szogoon> but You know what i mean...
[20:46:31] <jelly> szogoon: what if your user is using some other (his ISP's) smtp server to send mail?
[20:46:50] <jelly> ... and the recipient is also on your domain?
[20:46:53] *** mark-use has quit IRC
[20:48:30] *** havvg has joined #postfix
[20:48:34] <szogoon> jelly - if he could send that mail - then ISP's MTA is open relay
[20:48:42] <szogoon> or i don't understand You :)
[20:49:15] <jelly> nope, because ISPs usually accept mail from their own users (their own IP range)
[20:49:38] *** Gnuyen has quit IRC
[20:49:57] <szogoon> jelly - so, You write about mail from other domain to domain.com
[20:50:00] <szogoon> yes ?
[20:50:13] <jelly> the sender has From: foo@your-domain, but the mail comes to your server via some other smtp server
[20:50:14] *** pitakill has quit IRC
[20:50:19] *** jonez has quit IRC
[20:50:48] <jelly> do you want to refuse it?
[20:51:09] <lunaphyte_> i want to refuse it all
[20:51:12] <szogoon> i don't know ISP in my country which has smtp conf like that
[20:51:44] <jelly> szogoon: almost all ISPs accept all mail coming from their IP range
[20:51:52] <szogoon> lol
[20:52:08] <szogoon> where r U from ?
[20:52:21] <jelly> .hr, but it doesn't matter, really
[20:52:46] <szogoon> it does
[20:52:50] <szogoon> as i said...
[20:52:53] <szogoon> in my country
[20:52:54] <szogoon> ;)
[20:53:05] <lunaphyte_> the bulk these days require auth, even from ips that they considers "theirs".
[20:53:11] <szogoon> biggest ISP is Telekomunikacja Polska
[20:53:37] <rob0> No I do not know what "mails from domain.com" means, which is why I asked, and I still don't think it was answered. From client hosts with domain.com rDNS?
[20:53:46] <jelly> lunaphyte_: mh, that would require a change of config on the users' side
[20:53:56] <lunaphyte_> indeed.
[20:54:00] <szogoon> and Telekomunikacja doesn't have any smtp server for their clients
[20:54:24] <jelly> szogoon: that's actually a smart way to deal with smtp.
[20:54:27] <szogoon> rob0: it's not about rdns
[20:54:27] *** raz has quit IRC
[20:54:27] *** boink__ is now known as raz
[20:55:21] <szogoon> rob0: for example i administrate postfix with domain called: domain.com
[20:55:22] <jelly> dreamhost.com _recommends_ their users to not use their foo at dreamhost dot com, but open a gmail account :-)
[20:56:06] <seekwill> I wish I had domain.com
[20:56:09] <seekwill> And example.com
[20:56:10] <szogoon> rob0: and i would like users to authenticate when they want to send mail do other guy in domain.com
[20:56:22] <seekwill> jelly: Why?
[20:56:33] <rob0> Domain.com is worth some money, I bet.
[20:56:45] <jelly> seekwill: less work for them?
[20:57:31] <seekwill> jelly: oh
[20:57:31] <jelly> seekwill: creating and maintaining a decent mail server is a rather non-profitable pita
[20:57:43] <vice-versa> based on the amount of spam flowing out of Poland there must be plenty of open relays, so I guess Telekomunikacja didn't feel the need was there to justify providing smtp :)
[20:57:48] <seekwill> jelly: Depends... :)
[20:58:10] <szogoon> vice-versa: lol
[20:58:25] <jelly> seekwill: well then do you have an opening? :-)
[20:58:35] <szogoon> so: nobody understand my problem :)
[20:58:43] <seekwill> jelly: Are you a C programmer?
[20:58:53] <szogoon> or nobody know how to fix it ;]
[20:58:57] <jelly> seekwill: eh, not really :-)
[20:59:08] <seekwill> jelly: Ah oh well. We're looking for C engineers :)
[20:59:15] <rob0> One problem might be that you're using domain.com when you meant example.com
[20:59:33] <seekwill> What about foo.com?
[20:59:40] <rob0> Another problem is that you don't seem to understand the issue well enough to explain what you want to do.
[20:59:48] *** tombar has quit IRC
[21:00:13] <spreeuw> they more often do than dont
[21:00:17] <rob0> Your users will only relay if authenticated or in mynetworks.
[21:00:18] <szogoon> rob0: my english is poor, and i think that's the point
[21:00:21] <spreeuw> oops was scrolled up
[21:01:40] <szogoon> rob0: i would like my users to authenticate
[21:01:56] <szogoon> wherever they send their mails
[21:02:33] <szogoon> even when they send to other users of the same server
[21:02:58] <lunaphyte_> sounds like he wants to require auth for mynetworks, regardless of destination, but not require auth for connections outside of mynetworks as long as the destination is a domain postfix is configured to accept mail for.
[21:03:51] <szogoon> mynetworks is set to 127.0.0.1, and leave mynetworks
[21:04:20] <rob0> so then users will have to auth, what exactly is the problem?
[21:04:21] <jelly> szogoon: so how will you know who are your users, if they don't auth?
[21:04:44] <jelly> szogoon: I mean anyone can send mail to your domain without auth.
[21:04:53] <lunaphyte_> they won't have to auth if the destination isn't unknown then.
[21:05:15] <lunaphyte_> szogoon: use submission, and require auth for everyone.
[21:05:22] <lunaphyte_> *for every connection.
[21:05:54] *** drindt has quit IRC
[21:06:06] <lunaphyte_> don't accept mail from your users on port 25, and direct them to use the submission port (which they should be doing anyway).
[21:06:52] <szogoon> now i have smtpd_recipient_restrictions configured like that = permit_mynetworks, permit_sasl_authenticated, reject_unath_destination
[21:07:01] <szogoon> everything seems to be ok...
[21:07:31] <szogoon> when i send mail to world, then i have to auth
[21:07:41] <szogoon> world can send mail to me
[21:08:31] <randra> sals2 it`s same cyrus sals 2.1  ?
[21:08:44] <lunaphyte_> salsa
[21:08:47] <jelly> yum
[21:09:06] <randra> sasl =P
[21:09:12] <vice-versa> szogoon: huh?, those restrictions are exactly the same as the ones you showed us previously
[21:09:26] <szogoon> yes
[21:09:54] <szogoon> previously i also wrote that i have configured like that
[21:10:12] <jelly> szogoon: but now if anyone connects and send mail from:<foo@your-domain> rcpt to:<bar@your-domain>, that works too?
[21:10:24] <lunaphyte_> szogoon: i gave you a solution.
[21:10:34] <szogoon> then You don't have to auth
[21:10:36] <lunaphyte_> randra: yes
[21:10:50] <szogoon> what is submission ?
[21:10:52] <randra> lunaphyte_ Tks
[21:11:05] <lunaphyte_> szogoon: giyf :)
[21:11:29] <jelly> giyf is suspiciously close to gfy
[21:11:40] <lunaphyte_> ha
[21:12:03] <lunaphyte_> well, in a sense, it means both. :p
[21:13:44] <szogoon> it's the only way ? that submission ?
[21:14:14] <lunaphyte_> there is rarely only one way to do something, but it's the way i would do it, and imo, the right way.
[21:14:56] *** githogori has joined #postfix
[21:15:04] <lunaphyte_> conversations between muas and mtas should be happening using port 587 regardless of what your particular desires might be anyway.
[21:20:07] * cpm heartily agrees
[21:21:12] <cpm> http://www.maawg.org/port25 read it, learn it, do it.
[21:25:22] *** ramy has joined #postfix
[21:28:28] *** felix-da-catz is now known as felix-da-catz_zz
[21:28:50] *** Nockian has joined #postfix
[21:29:44] *** manguz has joined #postfix
[21:31:35] <szogoon> rob0: did U understand my problem ?
[21:31:37] *** Internat has joined #postfix
[21:31:44] *** internat1 has quit IRC
[21:32:04] <manguz> hello, good afternoom, please how can i restrict some users, allow them only to send mails TO $mydomain, (but only some users,)
[21:33:13] *** Klian has quit IRC
[21:33:55] <szogoon> trzeba zaraz isc spac :|
[21:34:12] *** JC has joined #postfix
[21:34:16] <JC> hello
[21:34:19] <sysmonk> trzeba trzeba
[21:34:25] <sysmonk> but speak english please :)
[21:34:42] <szogoon> :)
[21:34:54] <JC> i think my server is a victim of backscatter
[21:35:03] <JC> any idee how to resolve?
[21:36:18] <manguz> JC look in google for "backscatter howto"
[21:36:26] <sysmonk> !backscatter
[21:36:27] <knoba> sysmonk: "backscatter" : http://www.postfix.org/BACKSCATTER_README.html
[21:36:29] <sysmonk> manguz: that one? :)
[21:36:49] <JC> yes
[21:37:09] <szogoon> the easiest way is rdns
[21:37:22] <manguz> uea
[21:37:29] <JC> alots of mail trying to send but rejected from host is my own dns name
[21:37:31] <sysmonk> szogoon: not really
[21:37:32] <JC> uea
[21:37:38] <JC> ?
[21:37:49] <sysmonk> JC: i think he tried to type 'yes'
[21:38:11] <sysmonk> y=>u = 1 key, s=>a = 1 key
[21:38:16] <JC> o
[21:38:32] <JC> lol
[21:38:54] <JC> how would rdns fix this
[21:39:13] <szogoon> read backscatter on wikipedia
[21:39:21] <JC> thanks
[21:39:33] <JC> anyway has anybody tried using nolisting
[21:39:35] <manguz> , please how can i restrict some users, allowing them only to send mails TO $mydomain, (but only some users,)
[21:40:38] <szogoon> ok, i will go now
[21:40:55] <szogoon> goodnight, dobranoc, dobrounoc, gutenacht ;]
[21:41:32] *** szogoon has left #postfix
[21:45:42] *** randra has quit IRC
[21:46:24] *** jonez has joined #postfix
[21:51:10] *** internat1 has joined #postfix
[21:54:42] *** cpm has quit IRC
[21:54:42] *** JC has quit IRC
[21:54:57] *** anv has joined #postfix
[21:55:15] <anv> Hi
[21:55:50] <anv> I'm having troubles with postfix logs
[21:56:04] <anv> Sep  3 21:52:23 pegasus postfix/pipe[4269]: 1E567382096: to=<mayton at workteam dot com>, orig_to=<info at workteam dot com>, relay=dovecot, delay=10278, delays=10278/0.01/0/0.08, dsn=4.3.0, status=deferred (temporary failure. Command output: Can't open log file /var/log/mail/errors.log: Permission denied )
[21:56:19] <HenZo> Hi again. For anyone who heard my problem earlier, I've tracked it a little further and found "didn't use HELO protocol" is the problem here. Is there a way to disable that check in Postfix?
[21:56:34] <sysmonk> anv: not postfix log problem
[21:56:34] <anv> the problem is that the logs have 600 permisions
[21:56:41] <anv> and are owned by root.root
[21:56:44] <sysmonk> anv: it's dovecot problem
[21:57:01] *** Pretoriab has joined #postfix
[21:57:01] <sysmonk> anv: postfix delivers to transport 'dovecot' which runs something, WHICH does the loging
[21:57:19] <sysmonk> it's not postfix that tries to log there, it's dovecot
[21:57:24] <anv> sysmonk: ok. I'll try it in dovecot list
[21:58:36] *** ftp3 has joined #postfix
[21:59:51] <anv> but ... if dovecot is running as root ?
[22:00:03] <anv> why can't write in the log ?
[22:00:07] <HenZo> P.S.  smtpd_helo_required = no (left as default)
[22:00:33] <sysmonk> anv postfix invokes dovecot transport
[22:00:37] <sysmonk> and that does the logging
[22:01:07] <sysmonk> maybe it invokes it with wrong privs, but it sure won't do that with root:root
[22:01:12] <sysmonk> so you still need fixing
[22:01:18] <sysmonk> oh, unless the transport is suided...
[22:01:26] <sysmonk> s/is/should be/
[22:01:55] *** JC has joined #postfix
[22:02:56] <anv> no, in isn't
[22:03:14] *** douji has quit IRC
[22:04:04] *** HenZo has quit IRC
[22:04:22] <JC> anybody tried using nolisting??
[22:04:58] *** cilly has joined #postfix
[22:05:36] *** rwmx has joined #postfix
[22:05:38] <sysmonk> Signum: hmmm
[22:05:41] <sysmonk> !factoids
[22:05:42] <knoba> sysmonk: Error: "factoids" is not a valid command.
[22:05:44] <sysmonk> !knoba
[22:05:44] <knoba> sysmonk: "knoba" : an informational bot in this channel (see http://workaround.org/f=postfix)
[22:06:41] <sysmonk> !anyone
[22:06:42] <knoba> sysmonk: "anyone" : Please do not ask if anyone uses someprogram. Instead ask your real question.
[22:06:45] <sysmonk> JC: ^^
[22:06:48] *** mosez has quit IRC
[22:07:14] <anv>  sysmonk: you are  rigth.  i'll try changing user in master.cf dovecot line ... and the error has gone. Now I have a different error. (unknown mail transport error)
[22:07:44] <sysmonk> congrats, you changed something wrong ;)
[22:07:52] <sysmonk> you've broken it even more :)
[22:08:11] *** Haris has quit IRC
[22:08:18] <seekwill> sysmonk: all your fault
[22:08:22] *** Haris_ has joined #postfix
[22:08:23] *** Internat has quit IRC
[22:08:25] <Signum> sysmonk: It's from my dark ages when I tried PHP :)
[22:08:32] *** Haris_ is now known as Haris
[22:08:33] <sysmonk> Signum: ah :)
[22:08:46] <sysmonk> i accidentally stepd over it while looking for factoids page :)
[22:09:00] <sysmonk> that is, trying to go there directly :)
[22:09:17] *** mosez has joined #postfix
[22:09:58] <Signum> sysmonk: Yeah. My current script is at least written in Python and queries the supybot sqlite database.
[22:10:06] *** internat1 has quit IRC
[22:10:20] <sysmonk> yeah, that must suck hard
[22:10:21] <sysmonk> :P
[22:10:25] <Signum> sysmonk: PHP was as much a fault as the relationship with my first girlfriend who decided to turn lesbian later
[22:10:27] * sysmonk is not python/ruby lover
[22:10:43] <sysmonk> Signum: it wasn't ( the lesbian stuff )
[22:10:45] <Signum> sysmonk: Python is pretty okay. Readable at least.
[22:11:15] <Signum> sysmonk: PHP is an abbreviation for "SQL injection and applied insecurity" in some foreign language
[22:11:22] *** ghriehggnoeezoiz has joined #postfix
[22:11:32] *** ghriehggnoeezoiz has left #postfix
[22:11:37] * Signum needs a titan quest break
[22:11:45] <sysmonk> Signum: i go with perl and sometimes php
[22:12:17] <sysmonk> and knowing php in my profession is a must
[22:12:45] <sysmonk> hosting servers suck, but their clients suck more with their sucky sucky cms'es
[22:13:13] <sysmonk> sometimes i feal that i know php and mysql more than guys who write those cms'es and design databases for them
[22:14:26] <jelly> (and it's likely true)
[22:15:46] *** zoxie has joined #postfix
[22:15:53] <sysmonk> but they get paid more ;(
[22:16:15] *** rwmx has quit IRC
[22:22:03] <ftp3> I am getting this in my warning log: service "smtp" (25) has reached its process limit "20": new clients may experience noticeable delays  <-- is it possible to limit each ip to a certain number of connections?
[22:22:22] <JC> yes
[22:22:34] *** xming has quit IRC
[22:22:44] *** hparker has joined #postfix
[22:22:44] <JC> http://www.policyd.org/
[22:22:49] <JC> try that
[22:22:51] <ftp3> thank you, reading
[22:23:17] <JC> check the features page
[22:24:05] *** tshine has left #postfix
[22:24:15] <ftp3> JC, we use postgrey.. will that work with it?
[22:24:17] <JC> so nice Throttling features
[22:24:43] <anv> sysmonk:
[22:24:47] <anv>  i'm solved it
[22:24:49] <JC> mmm,,not sure
[22:24:51] <anv> in dovecot.conf i was removed the line:
[22:24:55] <anv> syslog_facility = mail
[22:24:56] <JC> dont think so
[22:25:07] <anv> and added the lines:
[22:25:08] <anv> log_path = /var/log/mail/errors.log
[22:25:08] <anv> info_log_path = /var/log/mail/info.log
[22:25:08] <anv> now, i'll rollback this and everithing is working
[22:25:08] <anv> thanks
[22:25:54] <JC> you dont have to use the greylisting feaure of policyd
[22:26:04] *** ^chadmaynard has joined #postfix
[22:26:08] <JC> use postgrey its better anyway
[22:26:16] *** spy6 is now known as spion
[22:26:58] *** j_s has quit IRC
[22:27:36] <ftp3> JC, yeah, i just have to much email being sent.. thank you
[22:28:22] <JC> cool
[22:28:23] <JC> lol
[22:28:53] *** anv has left #postfix
[22:29:40] *** havvg has quit IRC
[22:30:32] *** spion has quit IRC
[22:30:37] *** spy6 has joined #postfix
[22:33:05] *** xming has joined #postfix
[22:33:24] *** JC has left #postfix
[22:38:05] *** radius has quit IRC
[22:40:11] *** JC has joined #postfix
[22:40:26] <JC> hi i have a big problem with my postfix install
[22:40:58] <JC> i am not sure of its a NDR attack or the server is a victim of backscatter
[22:42:22] <JC> i setup a postfix server even before any mx record were pointed the server tried to send out email from its own hostname (mail.domain.com to alots of yahoo accounts)
[22:42:51] <JC> all these mails are rejected
[22:43:05] <JC> but kills my servers performance
[22:43:07] *** chadmaynard has quit IRC
[22:43:24] *** Internat has joined #postfix
[22:43:59] <JC> is there a way i can send a screenshot for you guys to see
[22:44:10] <JC> of my log
[22:46:13] <spreeuw> lol
[22:46:17] <spreeuw> use a pastebin
[22:46:19] <vice-versa> screenshot?
[22:46:24] <spreeuw> to copy paste text
[22:46:27] <vice-versa> !pastebin
[22:46:28] <knoba> vice-versa: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.
[22:49:42] <seekwill> haha.... we had a customer who sent us a screen shot of an ifconfig... it was funny
[22:50:01] *** carl- has quit IRC
[22:51:29] *** cilly has quit IRC
[22:53:16] *** cilly has joined #postfix
[22:54:09] *** stegbth has quit IRC
[22:54:46] <JC> lol my log file is 70mb one day
[22:55:40] <vice-versa> well we don't want the whole freaking log, just the relevant bits
[22:55:53] <seekwill> JC: My logs are... 1.8GB :(
[22:58:11] <JC> sheeet
[22:58:15] <JC> thats big
[22:58:21] <JC> http://pastebin.com/m4a4bd99e
[22:58:35] <JC> cant post more pastebin thinks it spam
[22:58:58] <JC> that one and that one continues for like 100 lines
[22:59:05] <JC> note the from address
[22:59:21] <JC> thats name dns hostname on the internet
[22:59:32] <JC> Note the from address
[23:02:16] <JC> http://pastebin.com/m14706105
[23:03:07] <JC> hell i dont know what do you
[23:03:14] <JC> thanks for looking
[23:03:45] <vice-versa> ok, so a bot, script or ahole from China is trying to relay via your mta, it was rejected so I don't see what the issue is?
[23:04:10] <JC> killing my mail server
[23:04:40] *** tshine has joined #postfix
[23:04:46] <JC> that 2 or 3 entries in realtime it looks like code been compiled if i tail the log
[23:05:02] *** Pretoriab has quit IRC
[23:05:07] <JC> how can i stop this change my ip??
[23:05:21] <JC> someone said change my dns name
[23:09:49] *** martiancode has joined #postfix
[23:10:27] <vice-versa> wbs-196-2-98-160.wbs.co.za is the PTR for your ip, which is usually assigned by your service provider or whomever maintains the route
[23:10:49] *** martiancode is now known as martianixor
[23:12:19] *** JC has quit IRC
[23:12:56] *** JC has joined #postfix
[23:13:28] <JC> can you help me vice-versa? is there anything i can do
[23:13:55] <vice-versa> it's obviously a bot net that just wandered across your address and found smtp and is now trying unsuccessfully to relay through your server with the ptr record as the sender domain
[23:14:28] <JC> so i must change my ip?
[23:14:35] *** manguz has left #postfix
[23:14:46] <seekwill> You can't just wait it out?
[23:15:05] <JC> its been 2 weeks
[23:15:23] <JC> its killing me
[23:15:46] <vice-versa> you could try parsing the logs to get an idea of how many ip addresses are involved, if it's not too many you could drop them at the firewall
[23:15:46] <seekwill> I'd block those IPs then
[23:15:47] <JC> of wil the bot give up
[23:16:11] <seekwill> BOTS FIGHT TO THE DEATH!
[23:16:18] <JC> lol
[23:17:13] <vice-versa> seems a waste of their resources to keep trying if they're unsuccessful though
[23:17:45] <JC> but if i change my ip it will go away?
[23:18:00] <JC> i wish there was a quick fix
[23:18:11] <vice-versa> what are you going to change it to?
[23:18:12] <JC> maybe nolisting?
[23:18:29] <JC> get i different ip from my isp
[23:18:38] <JC> change my ptr
[23:19:41] <JC> i must say and this is off the topic but i hate ISA server
[23:20:14] <JC> its diffent ips each ip
[23:20:18] <vice-versa> two weeks sounds more like retaliation, or I guess it could be a really dumb bot net, if the former you'll be found again soon enough
[23:20:24] <JC> cant block ips
[23:20:37] *** Knoedel2 has quit IRC
[23:21:32] <JC> its been that long
[23:23:01] <JC> i guess i am stuck then
[23:23:08] <vice-versa> are your mail queues full of undeliverable mail by any chance?
[23:23:48] <JC> yes but thats legit mail check it
[23:24:06] <JC> no NRD's
[23:24:38] <vice-versa> how many?
[23:24:47] <JC> my mail times out because of this
[23:24:57] <JC> at the moment 188
[23:26:49] <JC> it seems that the hosts connecting changes from day to day but helo command says the same each time
[23:26:54] *** cheetahw26 has joined #postfix
[23:27:10] <JC> theres new host everyday
[23:27:14] <cheetahw26> what do i have to do after i change the cert & key in my postfix config...
[23:27:17] <cheetahw26> just restart ?
[23:27:23] <cheetahw26> i entered the new info in main.cf
[23:27:33] <JC> postfix reload
[23:27:49] <JC> restarts postfix
[23:28:00] <sysmonk> no
[23:28:04] <sysmonk> postfix reload RELOADS postfix
[23:28:07] <sysmonk> reload != restart
[23:28:11] <sysmonk> reaaaaallly different stuff
[23:28:32] <cheetahw26> im getting errors when trying to connect now.. 800ccc0e
[23:28:46] <cheetahw26> i think its because i changed certs..
[23:29:01] <JC> sorry reload
[23:30:25] <cheetahw26> warning: SASL: Connect to private/auth failed: Connection refused
[23:30:31] <cheetahw26> why all of a sudden ?
[23:30:38] <cheetahw26> maybe i am putting them in the wrong loc?
[23:31:07] *** Jax has joined #postfix
[23:31:51] *** radius has joined #postfix
[23:31:55] *** rootsvr has joined #postfix
[23:33:39] *** Gnuyen has joined #postfix
[23:33:48] <cheetahw26> the auth file is there, what are the permissions supposed to be ?
[23:37:54] <dragonheart> ug+rw (depends what your group is on it though and whiether the postfix user can access it. may need to add postix to a dovecot(?) group
[23:38:16] <dragonheart> anyway - work time - i'm off
[23:38:27] *** adaptr has quit IRC
[23:38:39] *** adaptr has joined #postfix
[23:41:37] *** Flimzy has joined #Postfix
[23:42:33] <Flimzy> Is it supported to have multiple transport_maps settings?
[23:43:09] <sysmonk> multiple settings - no
[23:43:11] <sysmonk> multiple maps - yes
[23:43:25] <sysmonk> transport_maps = hash:/one, hash:/two and etc
[23:47:03] *** Fallenou has quit IRC
[23:47:11] *** rootsvr has quit IRC
[23:48:35] <Flimzy> Perfect, that's what I needed.  Thanks.
[23:51:09] <cheetahw26> plleeww... the issue was with dovecot..
[23:51:24] <cheetahw26> once i rm the auth file and started dovecot, it got recreated and now no problem...
[23:51:33] <sysmonk> heh, too much dovecot issues today here :)
[23:51:48] <cheetahw26> wow... i got nervous.. and setup like 6 backup mx's pointed to google apps and setup service there.. in less than 3 min :)
[23:52:04] *** Gnuyen has quit IRC
[23:52:13] <sysmonk> backup mx'es wouldn't help
[23:52:22] <sysmonk> it's auth, not relaying
[23:52:34] <sysmonk> MUA's don't care about backup mx'es
[23:52:36] <cheetahw26> i shouldn't have lost anything, i think i was only down for 1 hour... if postfix is not working properly, will most mail server retry or just fail with ndr back to sender ?
[23:52:42] <sysmonk> and smtp servers - they don't use auth
[23:53:02] <sysmonk> cheetahw26: SMTP tells to retry
[23:53:07] <cheetahw26> backup mxs caught emails for my domain, because postfix wasnt working... i tested and google apps received no problem
[23:53:08] <sysmonk> 95% of them retry
[23:53:18] <cheetahw26> thats what i thought... cool
[23:53:19] <sysmonk> UNLESS your server replies with perm reject
[23:53:37] <cheetahw26> hmm... should i break it and test again ?  :)
[23:53:46] <cheetahw26> how else could i find out, what my config is set to do ?
[23:53:57] <sysmonk> cheetahw26: you can always break it on another port :)
[23:54:07] <sysmonk> you don't have  to do testing on 25 :)
[23:57:39] *** Klian has joined #postfix





top