[00:00:32] *** jsoftw has joined #postfix
[00:00:51] <jsoftw> Which greylisting/anti spam gizmo policy daemon is the most win ?
[00:07:26] *** adnc has quit IRC
[00:08:32] *** echelon has left #postfix
[00:11:00] *** cilly has joined #postfix
[00:16:25] *** cilly has quit IRC
[00:19:29] <gpled> jsoftw: well, greylisting does not do much for stopping the spammers that try and spam me.  they have long ago, fixed their smtp
[00:20:17] <jsoftw> strange. very effective here.
[00:20:59] <gpled> jsoftw: you do not have sophistecated spammers
[00:21:23] <gpled> spam assassin catches anything that gets through postfix
[00:23:22] <gpled> i find reject_unknown_client stops much of my spam
[00:25:45] <gpled> wish hotmail would clamp down on the spam from their network
[00:26:15] <xpoint> gpled, +1
[00:26:50] <xpoint> spamassasing whitelist_auth specifik non spamming users from there
[00:27:04] *** gcleric has quit IRC
[00:28:00] <xpoint> do not whitelist @hotmail.com by default
[00:28:05] <higuita> jsoftw: i use postgrey and works fine
[00:28:49] *** gpled has left #postfix
[00:29:08] <xpoint> higuita, not true, there is a number of servers that change senders pr attempt or change ip pr attempt, but yes this is there clueless admins
[00:29:09] <higuita> gpled: my greylist filters about 80% of the spam (most would be stopped by spamassassin, but this way the cpu doesnt work more)
[00:29:14] *** cilly has joined #postfix
[00:30:23] <higuita> change senders, i never saw that, change IPs, i whitelist then if really needs, most of the time, autowhitelist will take care of that with time
[00:31:19] <higuita> with time, all the multi server ...err.. server will be added to the whitelist, because they are ISP/big companies, so several users use then
[00:31:47] <higuita> but i also manually whitelist some (so i dont have to wait for the auto-whitelist)
[00:32:01] <xpoint> higuita, cloud9.net do it right, hope more admins learn from it
[00:35:48] *** alester has quit IRC
[00:40:10] *** sol has joined #postfix
[00:40:12] <sol> 'ello :)
[00:40:58] <sol> we have some internal e-mail addresses like staff@ etc...that we don't want external people e-mailing to.  what should I look for, to block any outside mail to these specific addresses?
[00:41:42] <shasta> restriction classes
[00:42:05] <sol> k
[00:42:06] <sol> thanks
[00:42:28] <shasta> sol, http://www.postfix.org/faq.html#internal-list
[00:42:38] <sol> I found RESTRICTION_CLASS_README.html :)
[00:42:41] <sol> seems to cover it all
[00:42:50] <sol> i might have already done it, i just cant recall
[00:43:08] <sol> mrm apparently n ot :)
[00:45:46] <sol> hrmm subject to spoofing :/
[00:52:14] *** pirho has quit IRC
[00:52:41] *** warnk has left #postfix
[01:03:49] *** war9407 has quit IRC
[01:06:57] *** serialthrilla has joined #postfix
[01:07:16] <serialthrilla> what's the recommended proxy for a before-queue filter to work with spamassassin?
[01:11:26] <sol> I use sqlgrey
[01:11:36] <sol> but it's not the greatest.  policyd is pretty popular
[01:11:50] <sol> assuming I'm understanding your question correctly :)
[01:12:22] <sol> I do sqlgrey -> spamassassin -> spamhaus
[01:12:26] <sysmonk> serialthrilla: amavis might be the choice
[01:12:32] <sol> oh :D
[01:12:36] <sol> then that would be a no
[01:12:56] *** brancaleone has quit IRC
[01:12:59] <sol> I use amavisd-new
[01:14:55] <sysmonk> sol: he asked for before-queue filtering
[01:15:00] <sysmonk> that's the main keyword of the question
[01:15:13] <sol> I'm not too familiar with the terminology :)
[01:15:19] <sol> I thought he just meant before spamassassin
[01:15:50] <sysmonk> no, before-queue and after-queue are 2 different methods
[01:15:53] <sysmonk> !before_queue
[01:15:54] <knoba> sysmonk: Error: "before_queue" is not a valid command.
[01:15:57] <sysmonk> damn
[01:16:17] <sysmonk> before queue is smtpd_proxy_* stuff, after queue is content_filter stuff
[01:16:44] <serialthrilla> ty all, i'm trying out amavisd-new, are there any worthy competitors?
[01:16:56] <growltiger> nope
[01:17:15] <sysmonk> 100 thousand chineese might be a nice competitor
[01:17:25] <sysmonk> you could have 100k concurrent connections
[01:19:06] *** ribasushi has quit IRC
[01:21:24] <serialthrilla> ty
[01:24:04] *** F6F has quit IRC
[01:34:40] *** Tykling has joined #postfix
[01:41:58] <jsoftw> higuita: with postgrey, does it work well with larger MX's ? Ie, yahoo, google, how they have multiple outgoing servers, and once a 451 get's given, it puts the mail on another MX which then trys again?
[01:43:32] *** magyar has quit IRC
[01:46:02] <sol> interesting :)
[01:46:09] <sol> alright, ill bbl thanks :D
[01:46:09] *** sol has quit IRC
[01:47:36] <higuita> jsoftw: mta221.mail.re2.yahoo.com (10)
[01:47:38] <higuita> mta312.mail.re4.yahoo.com (5)
[01:47:40] <higuita> mta221.mail.re4.yahoo.com (9)
[01:47:42] <higuita> mta253.mail.re4.yahoo.com (15)
[01:47:44] <higuita> all auto-whitelist
[01:50:41] <higuita> start using the greylist without rejecting (learn mode) and leave it for some weeks
[01:51:01] <higuita> if you can, ask friends to send you several emails from several sources
[01:51:20] <higuita> this will help alot the auto-whitelist to kick in
[01:53:23] <higuita> and of course, you can manually add new whitelists for those servers you want
[02:02:26] <higuita> in learn mode, you can lower a bit the number of emails for the auto-whitelist, but the lower, the higher probability of whitelist spammers
[02:06:53] *** bio___ has quit IRC
[02:07:04] *** bio___ has joined #postfix
[02:08:35] *** neurodamage has joined #postfix
[02:08:47] <neurodamage> is there a good tutorial on using postfix with a mysql database for emails?
[02:08:59] <neurodamage> for everything essentially, users, emails, domain maps, etc...
[02:13:23] *** cilly has quit IRC
[02:24:13] *** tuxwet has joined #postfix
[02:30:33] *** tuxwet has quit IRC
[02:36:53] <serialthrilla> how do you mark everything as spam for debugging? i did it before but i can't find how now
[02:37:01] <serialthrilla> er, with spamassassin
[02:37:20] <serialthrilla> i asked there but no response so thought i'd try here
[02:37:55] *** chadmaynard has joined #postfix
[02:49:16] <neurodamage> spamc is missing on my debian system, does that sound right to anyone
[03:09:57] *** chadmaynard has quit IRC
[03:26:18] *** serialthrilla has quit IRC
[03:46:03] *** githogori has quit IRC
[03:52:41] *** mavrick61 has quit IRC
[03:53:32] *** ming_zym has joined #postfix
[03:53:48] *** mavrick61 has joined #postfix
[04:19:31] *** Tykling has left #postfix
[04:30:36] *** pitakill has quit IRC
[04:38:23] *** magyar has joined #postfix
[04:39:35] <jsoftw> Yes.
[04:39:36] <jsoftw> No.
[04:39:47] <jsoftw> apt-get install something
[04:39:56] <jsoftw> p5-spamassassin or something
[04:56:27] *** tomocha6 has quit IRC
[05:16:13] *** goldfischli has joined #postfix
[05:32:21] *** xpoint has quit IRC
[05:32:40] *** goldfisc1li has quit IRC
[05:43:09] *** bhagat has joined #postfix
[06:07:51] *** k-man has quit IRC
[06:08:54] *** serialthrilla has joined #postfix
[06:13:03] <jsoftw> http://www.policyd.org/features.html <-- anyone using that?
[06:13:10] <jsoftw> http://www.policyd.org/v2/ <-- anyone using that?
[06:13:11] <jsoftw> I mean
[06:13:27] <serialthrilla> what's the difference between the relay: and smtp: transport?
[06:14:03] <serialthrilla> nvm
[06:14:05] <serialthrilla> it just came to me lol
[06:21:01] *** saurabhb has joined #postfix
[06:29:08] *** chadmaynard has joined #postfix
[06:30:50] *** m0f0x has quit IRC
[06:36:28] *** chadmaynard has quit IRC
[06:58:29] *** tomocha6 has joined #postfix
[07:14:27] *** jsoftw has quit IRC
[07:16:10] *** madrescher has joined #postfix
[07:37:18] <jeev> saslauthd is devil
[07:37:52] *** bhagat has quit IRC
[07:48:00] *** tomocha6 has quit IRC
[07:57:28] *** Knoedel2 has joined #postfix
[07:59:04] *** serialthrilla has quit IRC
[08:03:50] *** tomocha6 has joined #postfix
[08:23:04] *** hparker has quit IRC
[08:24:26] *** bhagat has joined #postfix
[08:24:32] *** madrescher has quit IRC
[08:26:12] *** sophokles has joined #postfix
[08:34:44] *** sophokles1 has joined #postfix
[08:41:53] *** weedar has joined #postfix
[08:43:46] *** chadmaynard has joined #postfix
[08:44:33] *** seekwill has quit IRC
[08:47:57] *** MrNaz has quit IRC
[08:51:03] *** sophokles has quit IRC
[08:59:50] *** MrNaz has joined #postfix
[09:05:27] *** phnord has joined #postfix
[09:08:34] *** szaszka has quit IRC
[09:10:18] *** githogori has joined #postfix
[09:24:36] *** _zsh has joined #postfix
[09:36:44] *** msshams has joined #postfix
[09:39:24] <msshams> we have many domains in postfix mailserver. we want each domain has a master account that anyone with that account can create new user for own domain. similar qmailadmin and vqadmin. can you tell me that can i do it with postfix?
[09:42:22] <sysmonk> if there's qmailadmin for qmail
[09:42:31] <sysmonk> then what's your idea about the name for such software for postfix?
[09:49:13] <msshams> sysmonk: what?
[09:49:22] *** tshine has quit IRC
[09:49:29] *** Thorn__ has joined #postfix
[09:49:48] <sysmonk> msshams: do you see a pattern in "qmailadmin" name?
[09:50:00] <sysmonk> how'd you call a software which would do the same, but for postfix?
[09:50:38] <msshams> sysmonk: if i know, i didn't ask it.
[09:51:02] *** Thorn__ is now known as Thorn
[09:51:17] <sysmonk> oh my, try to scratch your head
[09:51:19] <sysmonk> atleast for a second
[09:51:26] <sysmonk> *qmail*admin
[09:51:33] <sysmonk> how'd you call the same software but for postfix?!
[09:51:44] <msshams> postfixadmin?
[09:51:49] <sysmonk> congrats
[09:52:34] <msshams> can't you say it at first?
[09:52:52] <msshams> sysmonk: thank you my friend
[09:52:54] <sysmonk> can't you think that out yourself and atleast try to search the web before coming here and asking?
[09:53:05] <sysmonk> and if you can't find - only then come here
[09:53:51] <msshams> sysmonk: okey. thank you
[09:55:20] <f3ew> !web
[09:55:21] <knoba> f3ew: Error: "web" is not a valid command.
[09:57:00] *** tshine has joined #postfix
[09:58:00] *** war9407 has joined #postfix
[10:09:24] *** Thorn_ has quit IRC
[10:12:02] *** Internat has quit IRC
[10:12:54] *** aron is now known as Aron
[10:14:30] *** rcsu has joined #postfix
[10:18:51] *** drindt has joined #postfix
[10:33:04] *** Fallenou has joined #postfix
[10:40:28] *** Internat has joined #postfix
[10:41:07] *** szaszka has joined #postfix
[10:54:27] <Roobarb> can anyone suggest how I'd be able to reject destination addresses (on a domain I relay) that have a certain string in the address part?
[10:54:37] <Roobarb> eg *foo* at example dot com
[10:57:01] *** donatilo has joined #postfix
[10:57:06] *** mark-use has joined #postfix
[10:58:15] <sysmonk> regexp
[11:05:04] <Roobarb> sysmonk: can you expand on that?
[11:05:25] <sysmonk> Roobarb: can you expand on your question?
[11:05:38] <sysmonk> is it a sender address? is it a recpient address?
[11:05:55] <sysmonk> should it match only the left part ( i.e. USER at example dot com )
[11:06:00] <sysmonk> or should it match the domain part too?
[11:06:39] *** k-man_ has quit IRC
[11:07:02] *** k-man_ has joined #postfix
[11:07:30] <sysmonk> should it match the envelope or headers or what?
[11:07:39] <sysmonk> see, i have questions too! :)
[11:08:30] <f3ew> !regexp
[11:08:32] <knoba> f3ew: Error: "regexp" is not a valid command.
[11:08:35] <f3ew> !pcre
[11:08:36] <knoba> f3ew: "pcre" : Perl-compatible regular expressions (pcre:) support in Postfix: http://www.postfix.org/PCRE_README.html
[11:09:17] <Roobarb> sysmonk: a destination (recipient) address
[11:09:30] <Roobarb> I only care about the USER part
[11:09:49] <Roobarb> and I suspect I need it to look at the envelope too
[11:11:05] *** Trengo has joined #postfix
[11:14:27] <sysmonk> regexp map in smtpd_recipient_restrictions with /something.*@/ REJECT
[11:14:37] <sysmonk> or pcre
[11:14:41] <sysmonk> look at the link f3ew gave
[11:14:52] <Roobarb> ok
[11:19:28] *** _zsh has quit IRC
[11:24:46] *** hever has joined #postfix
[11:37:11] *** _zsh has joined #postfix
[11:39:37] *** orzel has joined #postfix
[11:42:15] *** madrescher has joined #postfix
[11:45:33] *** pirho has joined #postfix
[11:55:09] *** denis_ has joined #postfix
[12:09:23] *** amrit|wrk is now known as amrit|zzz
[12:17:57] *** cpm has joined #postfix
[12:31:51] *** F6F has joined #postfix
[12:35:30] <rcsu> !pcre
[12:35:32] <knoba> rcsu: "pcre" : Perl-compatible regular expressions (pcre:) support in Postfix: http://www.postfix.org/PCRE_README.html
[12:36:04] *** Thorn has quit IRC
[12:38:49] *** cilly has joined #postfix
[12:51:11] *** Thorn has joined #postfix
[12:51:25] *** sophokles1 has quit IRC
[12:51:58] *** sophokles has joined #postfix
[12:56:54] *** ming_zym has quit IRC
[12:59:36] *** _zsh_ has joined #postfix
[13:12:01] *** _zsh has quit IRC
[13:13:30] *** randra has joined #postfix
[13:37:44] *** madrescher has quit IRC
[13:55:34] *** saurabhb has quit IRC
[13:55:38] *** msshams has quit IRC
[13:56:29] *** wolram has quit IRC
[13:57:44] *** ultrav1olet has joined #postfix
[13:58:03] <ultrav1olet> what does a message "(Queued mail for delivery)" mean?
[13:58:55] <ultrav1olet> when our SMTP server sends message to a remote SMTP server
[14:00:40] <Trengo> it accepted your mail, to deliver it to recipient
[14:00:54] <Trengo> it wasnt delivered yet, but waiting in queue
[14:01:21] *** mark-use has quit IRC
[14:01:48] *** hever has quit IRC
[14:02:35] <sysmonk> Trengo: that also depends, you can tell "delivered" as in "delivered to a remote host"
[14:03:02] <sysmonk> so if it's his postfix saying so - it means his postfix queued the mail, if it's remote host saying so - it means it's delivered to the remote host queue, the later can't be tracked
[14:03:17] *** Juspion has joined #postfix
[14:05:17] <Trengo> some will even say it was delivered ;)
[14:06:34] *** Ramattack has joined #postfix
[14:06:37] <Ramattack> Hi mates!
[14:06:39] <Ramattack> this is a bit urgent
[14:06:46] <Ramattack> I have changed postfix queue dir and now sais
[14:06:48] <Ramattack> scan_dir_push: open directory defer: No such file or directory
[14:06:54] <Ramattack> postsuper sais this
[14:07:00] <Ramattack> how could I recreate queue dir?
[14:08:08] *** Juspion has quit IRC
[14:13:02] *** bhagat has quit IRC
[14:15:22] <sysmonk> post-install
[14:15:34] *** mark-use has joined #postfix
[14:16:09] <sysmonk> !postfix-install
[14:16:10] <knoba> sysmonk: Error: "postfix-install" is not a valid command.
[14:16:11] * cpm post-installs sysmonk
[14:16:12] <sysmonk> !post-install
[14:16:13] <knoba> sysmonk: Error: "post-install" is not a valid command.
[14:16:16] <sysmonk> !cpm
[14:16:17] <knoba> sysmonk: "cpm" : an operating system originally created for Intel 8080/85 based microcomputers
[14:16:19] <sysmonk> here it is ^^
[14:16:29] <sysmonk> ;P
[14:17:18] <philip_> is anyone of you guys an english (us or uk) native speaker?
[14:17:50] <sysmonk> philip_: why are you asking?
[14:20:29] <lunaphyte_> philip_: i would imagine some of us are, yes.
[14:21:35] <ultrav1olet> Trengo: OK, here's a full maillog message:
[14:22:15] <ultrav1olet> Sep 16 12:24:55 ikar postfix/smtp[24856]: 88ED12480D1: to=<Julia.Kotova at odnoklassniki dot ru>, relay=mail.odnoklassniki.ru[217.106.230.190]:25, delay=1.3, delays=0.19/0/0.36/0.8, dsn=2.6.0, status=sent (250 2.6.0 <48CF5279.60601 at myhost dot com> Queued mail for delivery)
[14:22:29] <ultrav1olet> I can't seem to understand if it got delivered or not
[14:23:05] <philip_> sysmonk: i need help with a judgment about something
[14:23:30] <ultrav1olet> . /var/spool/postfix doesn't have any traces of deferred e-mails to that address or host, yet a person from our company says the mail hasn't been delivered
[14:24:11] <ultrav1olet> I'm confused
[14:24:20] <sysmonk> philip_: like... what?
[14:24:33] <philip_> sysmonk: are you a native speaker?
[14:24:34] <sysmonk> and by the way, no, i'm not a native english/uk speaker
[14:24:53] <philip_> damn
[14:25:07] <sysmonk> philip_: but as lunaphyte_ said, some of us are
[14:25:09] <ultrav1olet> anyone?
[14:25:10] <sysmonk> so just tell the problem
[14:25:16] <philip_> well, i'm thinking about a name for a software, and i'd like to know if it would be "goo"
[14:25:19] <philip_> good
[14:25:24] <philip_> i'd rather ask privately
[14:25:38] <sysmonk> no no, ask here, i have my domain registration window opened already
[14:25:39] <lunaphyte_> philip_: why would you rather ask privately?
[14:25:40] <sysmonk> ;)))
[14:25:44] <lunaphyte_> heh
[14:25:47] <philip_> lunaphyte_: logbots
[14:26:05] <philip_> the software perhaps wouldn't be considered legal in all jurisdictions ;)
[14:26:06] <lunaphyte_> i see.
[14:27:01] <sysmonk> hmmm, porn-get is already taken, so you can't use that one
[14:27:01] <sysmonk> ;))
[14:27:06] <philip_> haha
[14:27:08] <philip_> :))
[14:27:13] <ultrav1olet> guys!
[14:27:27] <sysmonk> philip_: is that software somehow related to postfix/mail ?
[14:27:39] <philip_> no, and i'm sorry for being offtopic
[14:27:53] <philip_> but #uk and #english are under a reign of morons
[14:28:23] <sysmonk> ultrav1olet: describe your problem, pastebin the logs and postconf -n and stuff like that
[14:28:34] <ultrav1olet> sysmonk: OK
[14:28:36] <philip_> i'll stop talking about it now, if anyone bothers to help me, please privmsg me
[14:28:56] <sysmonk> philip_: i can only bother you about asking what kind of software it is :P
[14:29:17] <rob0> You mean native English as in UK, or is USA good enough?
[14:29:27] <rob0> ah, I see
[14:30:23] <philip_> uk, usa, singapore all good :)
[14:30:57] <rob0> ok, fire away
[14:31:07] * rob0 wonders if he'll regret that
[14:31:10] <rob0> :)
[14:32:23] <Trengo> ultrav1olet i suppose you can ask the postmaster at odnoklassniki.ru what happened to ID 48CF5279.60601 at myhost dot com
[14:32:38] * cpm fires away at rob0, wondering if he regrets the invitation
[14:33:15] *** dft has quit IRC
[14:34:04] <ultrav1olet> Trengo: so the message was in fact delivered?
[14:36:57] *** Tykling has joined #postfix
[14:37:01] <Trengo> ultrav1olet we can't tell
[14:37:09] <Trengo> we know the other server accepted it
[14:37:36] <Trengo> but it could bounce or be forwarded somewhere else
[14:38:14] <ultrav1olet> Trengo: I just need to know if a remote MX SMTP accepted them. You told me it did, so I'm quite happy
[14:38:43] <Trengo> ultrav1olet it did, its in the log you showed
[14:38:49] <ultrav1olet> I don't give a f*** what happened to them afterwards ;-)
[14:39:11] <Trengo> like i said, you can give them a call and find out ;)
[14:39:12] <ultrav1olet> I was a bit confused by the word "Queued"
[14:39:20] <Trengo> and rub it on your user's face
[14:39:40] <ultrav1olet> :))) It's a bit ambiguous
[14:39:58] <Trengo> well, if it wasnt delivered immediately, most likely was put on queue for deliver
[14:40:14] <Trengo> and no, im not a native english speaker either :D
[14:40:34] <ultrav1olet> like Postfix: "Hay, dude, I've put your e-mail into my processing queue but haven't decided what to do next"
[14:40:59] <ultrav1olet> I'm terribly confused by your words
[14:41:18] <ultrav1olet> now
[14:41:34] *** Tex-Twil has joined #postfix
[14:41:38] <Roobarb> "250 2.6.0 <48CF5279.60601 at myhost dot com> Queued mail for delivery"
[14:41:53] *** Tex-Twil has left #postfix
[14:42:01] <Trengo> well, the user is valid
[14:42:06] <Trengo> so it accepts it
[14:42:07] <Roobarb> this si the remote server saying its accepted the messageg, and has placed it in its queue for further processing.
[14:42:24] <Roobarb> nothing magical
[14:42:33] <Trengo> but before it is delivered, another big mail that was on queue gets delivered to mailbox and exceeds quota
[14:42:53] <Trengo> your message was queued but cannot be delivered
[14:43:00] <Trengo> so you see it can bounce
[14:43:40] <Trengo> i think it can even be forwarded to another machine if you have some sort of routing somewhere else
[14:43:46] <Trengo> not sure about that
[14:51:45] *** jpalmer has quit IRC
[14:54:29] <Ramattack> I'll search for it a bit later
[14:54:33] <Ramattack> thanks for all mates
[14:54:35] <Ramattack> bye!!!
[14:54:41] *** Ramattack has quit IRC
[15:04:02] <ultrav1olet> thanks
[15:04:03] *** ultrav1olet has left #postfix
[15:07:51] *** Tykling has left #postfix
[15:11:56] *** Tykling has joined #postfix
[15:21:10] *** Jax has joined #postfix
[15:21:13] *** Spec has quit IRC
[15:21:35] *** x-spec-t has joined #postfix
[15:33:06] <anoncos> Well hello everyone
[15:34:15] *** donatilo has left #postfix
[15:37:34] *** noneo_ has joined #postfix
[15:40:05] *** noneo has quit IRC
[15:44:53] *** TeraHertz has joined #postfix
[15:45:37] *** hparker has joined #postfix
[15:47:29] <k-man_> should all the files in /etc/postfix be owned by the postfix user?
[15:47:39] <k-man_> or at least readable by the postfix user?
[15:47:44] <sysmonk> readable - yes
[15:47:49] <sysmonk> pwn3d - no
[15:49:24] <k-man_> sysmonk, so... they could be owned by user postfix:root and chmoded to 640?
[15:49:37] <sysmonk> sure
[15:53:33] <anoncos> So... I don't know if I should be asking this here, if it will piss anyone off or whatever... but, would anyone like to trade being secondary MXs / backups?
[15:53:34] *** _zsh_ has quit IRC
[15:53:56] <sysmonk> anoncos: backup mx'es generally suck a bit
[15:54:11] <anoncos> Hmmm... why, pray tell?
[15:54:14] <Dominian> If done properly that's not so :P
[15:54:19] <sysmonk> anoncos: ask your ISP, some isp's offer backupmx service
[15:54:39] <sysmonk> Dominian: do you think his offer is something which would be done properly ?
[15:54:42] <sysmonk> i don't think so
[15:54:46] <anoncos> I can't... my ISP isn't really my own.  It's the guy I lease this condo from.
[15:54:53] <sysmonk> if you're the owner of both primary and backup mx - yes
[15:55:00] <sysmonk> you can replicate the user database and etc
[15:55:15] <Dominian> sysmonk: no
[15:57:02] *** chadmaynard has quit IRC
[15:58:27] <lunaphyte_> no one uses backup mxes anymore.
[15:59:38] *** tshine has quit IRC
[16:01:00] *** avegas has joined #postfix
[16:01:07] <anoncos> lunaphyte_: Why not?
[16:01:23] <avegas> <timezone appropriate greetings> hackers
[16:01:27] <Dominian> lunaphyte_: er.. come again?
[16:01:42] <Dominian> I do backup mx services for two domains
[16:01:53] <Dominian> although the two I do backup mx for are friends
[16:01:57] <Dominian> heh
[16:02:10] <avegas> can anybody point me at a good document on the pragmatics of actually sending email for legit purposes? Things like getting whitelisted by major ISPs and the likes?
[16:02:11] <djerem> but is it safe to have a primary mx without backup mx?
[16:02:18] *** danbeck has joined #postfix
[16:02:19] <sysmonk> djerem: why not?
[16:02:47] <sysmonk> djerem: servers will queue the mail for a few days before bouncing it back to the user with a non-delivery
[16:03:03] <sysmonk> so ... if you can't fix your server in a  few days, then you have a bigger trouble
[16:03:09] <djerem> :)
[16:03:20] <Dominian> djerem: I do backup mx for a friend because he hosts his email on his home connection ;) and its Comcast.. so it goes down.. a LOT hehe
[16:03:42] <Nockian> if you don't have at least one backup mx, you're a moron.
[16:04:10] <sysmonk> if you have atleast one backup mx which isn't configured good - you're a bigger moron
[16:04:10] <djerem> Dominian: I host my email on my home connection too, and have a backup mx from a friend too...
[16:04:13] <sysmonk> ;P
[16:04:17] <Dominian> heh
[16:04:29] <Dominian> sysmonk: hey now! my backup mx services are perfect :P
[16:04:36] <anoncos> Dominian and djerem:  that's what I'm looking for... someone to trade backup MXs with.
[16:04:36] <sysmonk> oh suuuure they are
[16:04:43] <Dominian> sysmonk: hehe
[16:04:51] <djerem> sysmonk: so for you having a backup mx is usually "synonym" for more troubles?
[16:04:53] <Dominian> anoncos: Unfortunately, I don't do backup mx outside of the two domains i have
[16:05:00] <anoncos> Ahh...
[16:05:16] <anoncos> How easy is it to set up a backup MX with Postfix?
[16:05:29] <sysmonk> djerem: right
[16:05:47] <sysmonk> djerem: i'd better have another front-end mx
[16:05:59] <sysmonk> but sure, for _home_ use it's nice
[16:06:08] <sysmonk> especially if you don't have a good connectivity
[16:07:28] <djerem> sysmonk: ok, for home that's fine (that's my case :p) ; by the way, what is "another front-end mx"...?
[16:07:34] <anoncos> So, someone sends me an email while my server is down for an hour... do they get a bounce notice?
[16:07:40] <sysmonk> djerem: one backend, two mx'es
[16:07:49] <sysmonk> anoncos: no
[16:08:05] <Nockian> anoncos: they shouldn't, it depends on how they have their mail server configured
[16:08:07] <sysmonk> anoncos: their smtp server will queue the mail for some period of time
[16:08:16] *** avegas has quit IRC
[16:08:27] <sysmonk> sure, there are some broken servers which don't do that ;)
[16:09:23] <djerem> sysmonk: sorry, stupid question again, what's a backend? and two mx'es with the same "priority" you mean?
[16:09:30] <cpm> yeah, but who cares?
[16:09:51] <Nockian> there are no stupid questions... only inquisitive idiots :)
[16:10:06] <lunaphyte_> what is the point of a backup mx?
[16:10:21] <cpm> to harvest more spam?
[16:10:27] <cpm> to end run your filters?
[16:10:32] <sysmonk> djerem: two mx'es with equal priority is 2 mx'es with equal priority :)
[16:10:45] <sysmonk> djerem: one time the mail will get into one mx, second time - into the second mx and etc
[16:10:56] <djerem> ok
[16:10:58] <sysmonk> djerem: and they share the same storage(backend) for storing mail
[16:11:05] <sysmonk> cpm++ :)
[16:11:18] <lunaphyte_> cpm: exactly.
[16:11:19] <djerem> sysmonk: ok :)
[16:11:39] <sysmonk> djerem: if youre storage will go down, you'll have your frontend's acting as "backup mxes"
[16:11:51] <sysmonk> they'll queue the mail untill storage will be available
[16:11:52] <lunaphyte_> you can't even assume that both mxes will get equal share.
[16:11:52] *** weedar has quit IRC
[16:12:20] <anoncos> sysmonk: Where does the choice of MX get randomized?
[16:12:26] <djerem> sysmonk: ok I see, thanks :)
[16:12:27] <anoncos> Surely not in DNS
[16:12:32] <sysmonk> anoncos: DNS, equal priority
[16:12:34] <lunaphyte_> indeed.
[16:12:36] <sysmonk> surely in it
[16:12:40] <anoncos> Wow...
[16:12:50] <anoncos> Didn't know that was a feature of DNS
[16:12:56] <lunaphyte_> no, not equal priority.  random priority.
[16:13:05] <sysmonk> anoncos: round-robin stuff
[16:13:05] <lunaphyte_> it's not a feature.
[16:13:21] <anoncos> Hmm.  Interesting.
[16:13:27] <sysmonk> lunaphyte_: equal priority MX entries, not equally-loaded-servers
[16:13:38] <lunaphyte_> it's a behavior that people misinterpret as a feature and inevitably end up mis-using.
[16:13:50] <anoncos> lol lunaphyte_... what is it then, a bug?  :P
[16:13:51] <lunaphyte_> sysmonk: right.
[16:14:09] <lunaphyte_> no, just an outcome.
[16:14:15] <djerem> sysmonk: and you said earlier that a backup mx can be usefull for a home connexion, why? :)
[16:14:30] <sysmonk> djerem: dynamic ip's? :)
[16:14:44] <sysmonk> djerem: bad connectivity, etc
[16:15:07] <sysmonk> anoncos: i think lunaphyte_ wants to say that equal priority mx entries don't mean that both mx'es will get the same amount of email and load
[16:15:20] <lunaphyte_> right
[16:15:54] <vice-versa> I seen an interesting approach to backup MXs a few months back, while the primary was available it acted as a Nolisting, when the primary was down it would become available as a backup mx
[16:16:25] <sysmonk> vice-versa: nolisting?
[16:16:39] <vice-versa> yeah, fake mx
[16:16:50] <vice-versa> http://en.wikipedia.org/wiki/Nolisting
[16:16:52] <djerem> sysmonk: so it's usefull when you primary mx will be "regulary" offline?
[16:17:11] <sysmonk> djerem: um, yup
[16:17:28] <sysmonk> vice-versa: but... um
[16:17:31] <brd> dns loadbalancing gives something like a 70/30 split
[16:17:39] <jelly> hm, /msg knoba tutorial doesn't work as expected
[16:17:39] <sysmonk> vice-versa: it should take quite some time to update the dns entries on all the servers
[16:17:47] <sysmonk> unless it has a low ttl on those records
[16:17:59] <lunaphyte_> that just seems bizarre.
[16:18:07] <vice-versa> sysmonk: no
[16:18:09] <sysmonk> but that doesn't save the world too (points to microsoft products which cache that stuff a lot)
[16:18:31] <lunaphyte_> if you have an mx that's "regularly offline", then you should be solving *that* problem, not trying to run some weird backup mx setup.
[16:19:00] <sysmonk> lunaphyte_: regullary offline imho in this case means 'bad connectivity at home, but still want to have a mail server at home'
[16:19:03] <sysmonk> ;)
[16:19:18] <sysmonk> brd: yeah, but you can 'work around' that with firewall load balancing
[16:19:45] <sysmonk> but still, one mail 10kb in size isn't equal to one mail 10mb in size
[16:19:50] <vice-versa> sysmonk: while the primary is up the backup mx simple does not have 25 available
[16:19:51] <djerem> sysmonk: hum, thanks. I think I'm going to remove my backup mx as my primary mx is only offline for a few minutes every thre months
[16:20:03] <sysmonk> one mail with 200 recipients isn't equal to one mail with 1 recipient
[16:20:03] <jelly> how can I convince knoba to give me its command set, its factoid list, or a single factoid ove private /msg
[16:20:12] <jelly> I don't want to
[16:20:15] <jelly> !tutorial
[16:20:19] <lunaphyte_> look at /topic
[16:20:23] <jelly> on the channel
[16:20:26] <cpm> !topic
[16:20:27] <knoba> cpm: "topic" : The Postfix MTA || Wiki: postfixwiki.org || On using IRC: workaround.org/moin/GettingHelpOnIrc || Bot info: workaround.org/f=postfix || post postconf -n and relevant logs to a pastebin when asking questions / check your logs / know your unix basics || http://code.google.com/p/mail-trends/ || Channel log: http://echelog.matzon.dk/?postfix || http://permalink.gmane.org/gmane.mail.postfix.announce/110
[16:20:28] <brd> sysmonk: right, I do it at $REALJOB and just have two IPs CARPed between two machines so I get some split and redundancy
[16:20:30] <sysmonk> vice-versa: ah
[16:20:38] <brd> sysmonk: firewalls are $$$$$
[16:20:45] <cpm> see bot info link
[16:20:45] <sysmonk> vice-versa: that's something like heartbeat and friends
[16:20:53] <jelly> thanks.
[16:20:56] <cpm> yw
[16:21:00] <sysmonk> brd: by firewall i refer to carp/pf :)
[16:21:16] <brd> sysmonk: yeah, I wish.. here they want to drop like $40k
[16:21:19] <sysmonk> brd: i don't use hardware firewalls and loadbalancers
[16:21:41] <sysmonk> no money and no experience in hardware ones
[16:22:11] *** gutocarvalho has joined #postfix
[16:22:20] <brd> sysmonk: we have lots of money, we just don't spend it frivously.. though my previous statement might invalidate this one ;)
[16:22:30] <sysmonk> hehe
[16:23:01] <sysmonk> i won't be bitching about my company this time, i'm already tired of that :P
[16:23:17] <sysmonk> it's just that i want a new job, current one starts sucking a lot
[16:23:33] <vice-versa> sysmonk: the admin that told me about this approach admins many servers in the Miami Florida area, where 2/3 week outages are not unheard of because of hurricane damage to vital infrastructures. He said it works quite well
[16:23:54] <sysmonk> vice-versa: yeah
[16:24:11] <sysmonk> vice-versa: as we don't have any disasters here it's not often here
[16:24:12] <brd> sysmonk: I know what you mean.. I think that they just want to throw money at the problem so we can get PCI certified :(
[16:24:29] <sysmonk> no hurricanes, no earthquakes
[16:24:40] <vice-versa> war? ;)
[16:24:43] <brd> see... the thing I don't get about "vital infrastructure" is why it is so often in places that are prone to disaster
[16:25:11] <sysmonk> vice-versa: atleast not yet
[16:25:40] <brd> (and only in those places..)
[16:26:06] <brd> sorry, I'll stop ranting
[16:26:16] <sysmonk> hehe no, no problem about that
[16:26:25] <sysmonk> i'm crying much here abuot my job too ;P
[16:26:27] <vice-versa> brd: why is anything in places that are prone to disaster?
[16:27:09] <brd> vice-versa: good point, I always wonder about the people that moved back to New Orleans....
[16:28:45] <cpm> vice-versa, what place is not prone to disaster?
[16:29:18] *** Roman123 has joined #postfix
[16:29:56] <brd> I guess that is why putting a DC in the middle of the US costs more.. I live in Denver and space inside datacenters is cheap, but BW is spendy
[16:30:15] <vice-versa> brd: one thing most of those places have in common, they are near large bodies of water, historically needed for shipping
[16:30:26] <brd> right
[16:36:58] *** goldfischli has quit IRC
[16:38:42] *** xpoint has joined #postfix
[16:39:46] *** dft has joined #postfix
[16:40:38] *** tom_wifi has joined #postfix
[16:42:30] <dft> has anyone run into the following dbl MIME error in the header?
[16:42:31] <dft> http://pastebin.com/d92a1064
[16:43:04] <dft> the sender is legitimate and we need to allow these msg's in.  Whitelisting doesn't seem to be enough
[16:44:17] <vice-versa> body_checks?
[16:47:25] *** drindt has quit IRC
[16:50:14] *** tobias has joined #postfix
[16:51:25] <tobias> I'm seeing a lot of NOQUEUE: rejects in my log due to unknown user.  these are usually followed by a "lost connection after DATA" line.  is that correct behavior?
[16:52:06] <tobias> googling the 2nd line suggest it might have other causes, so i don't want to ignore it in my logfile analyzer altogether
[16:52:48] <f3ew> tobias spam
[16:53:07] <vice-versa> from zombies most likely
[16:53:39] <tobias> so it is safe to ignore that line?
[16:53:44] <brd> ZOMBIE SPAM
[16:53:47] *** jwit has quit IRC
[16:54:05] <brd> ~/o we all just wanna eat your brains o/~
[16:54:31] <vice-versa> lol, I was thinking the same thing :)
[16:55:15] <brd> :D
[16:57:25] *** m0f0x has joined #postfix
[16:57:38] <f3ew> tobias yes
[16:58:34] *** denis_ has quit IRC
[16:58:45] *** Knoedel2 has quit IRC
[16:58:52] *** Aron is now known as aron
[17:00:11] *** gpled has joined #postfix
[17:01:51] *** neurosys has joined #postfix
[17:03:22] <neurosys> for some reason, when i connect to postfix to send mail, i get a strange lag. It connects, but postfix (or the something else?) doesnt accept it and the client disconnects. Then it tries again, and connects fine. Making it 45-120 secs. to send an email. ANy ideas on the cause?
[17:05:02] *** danbeck has quit IRC
[17:05:11] <tobias> f3ew vice-versa brd: thanks!
[17:06:53] *** pitakill has joined #postfix
[17:08:32] <gpled> neurosys: how are you connecting to postfix?
[17:10:07] <neurosys> Imaps
[17:11:03] <gpled> can you post your test line?
[17:11:10] <neurosys> From inside the lan however.. it goes mighty quickly. Think it has to do with a DNS resolv issue?
[17:11:13] <neurosys> k
[17:11:33] <neurosys> Sep 17 11:01:01 sheltercorp postfix/smtpd[6167]: connect from unknown[166.195.182.124]
[17:11:33] <neurosys> Sep 17 11:01:18 sheltercorp postfix/smtpd[6167]: lost connection after UNKNOWN from unknown[166.195.182.124]
[17:11:33] <neurosys> Sep 17 11:01:18 sheltercorp postfix/smtpd[6167]: disconnect from unknown[166.195.182.124]
[17:11:54] <neurosys> Then it logs the same 1st 2 lines, and connects successfully about 1 min later
[17:12:10] <neurosys> Sep 17 11:06:02 sheltercorp postfix/smtpd[6477]: connect from unknown[166.194.90.146]
[17:12:10] <neurosys> Sep 17 11:06:06 sheltercorp postfix/smtpd[6477]: setting up TLS connection from unknown[166.194.90.146]
[17:12:10] <neurosys> Sep 17 11:06:06 sheltercorp postfix/smtpd[6477]: Anonymous TLS connection established from unknown[166.194.90.146]: TLSv1 with cipher AES128-SHA (128/128 bits)
[17:12:32] <neurosys> wow. or about 5 mins later :P
[17:14:19] <gpled> what command are you using from the client side?
[17:14:20] *** tshine has joined #postfix
[17:16:01] *** danbeck has joined #postfix
[17:18:30] <dft> vice-versa: it's amavisd-new complaining about the duplicate MIME-Version fields in the header so I don't think header/body_checks will fix it
[17:24:53] *** cmatheso1 has joined #postfix
[17:24:58] <vice-versa> wasn't suggesting a fix, just wondered if that was what you were using
[17:25:43] *** Jax has quit IRC
[17:25:50] <dft> ic, np
[17:26:42] <dft> amavisd-new does checks against header structure, so I will have to dig there
[17:27:33] <vice-versa> why can't you whitelist the sending host?
[17:27:34] <neurosys> gpled:  ? dont understand. Which command? Its a thunderbird client connecting on port 993
[17:27:46] <dft> tried that
[17:27:53] <vice-versa> how?
[17:28:13] <dft> adding the sending domain to white.lst
[17:28:38] <dft> and the maillog shows the sender domain as whitelisted too
[17:28:46] <vice-versa> is that amavis specific?
[17:29:19] <dft> but because the sending smtp client has munged up the header with two instances of MIME-Version the check_header_validity of amavisd fails
[17:29:26] <dft> and quarantines the msg
[17:31:09] <gpled> neurosys: how do you have your postfix server listed in thunderbird?
[17:31:28] <neurosys> imaps, with ssl conenctions
[17:31:58] <gpled> neurosys: what ip or hostname?
[17:32:07] <neurosys> mail.vinixtech.com
[17:32:17] <neurosys> mail is mx to vinixtech.com
[17:33:36] <gpled> neurosys: where where you getting 166.195.182.124 and 166.194.90.146 from?
[17:33:58] <gpled> mail.vinixtech.com has address 67.32.132.60
[17:34:08] <neurosys> gpled:  Its comming from an remote client.
[17:34:23] <neurosys> gpled:  att provider
[17:35:27] <gpled> what does it say, when you connect?
[17:35:40] <neurosys> It just hangs...
[17:36:25] <neurosys> continues to try, and finally goes after a bit
[17:36:28] <gpled> what does it say in the server log?
[17:37:38] <neurosys> What i posted above,
[17:38:01] *** jpalmer has joined #postfix
[17:38:08] <neurosys> The reason for the different ip's i due to the 3g connection i would imagin
[17:38:20] *** szaszka has quit IRC
[17:38:27] <neurosys> maybe a dhcp lease renew
[17:39:11] <gpled> your server is at 67.32.132.60,  and you are at 166.194~195 ?
[17:39:35] <neurosys> correct
[17:39:46] <gpled> what is your ip address right now?
[17:40:24] <neurosys> for the client? or from where Im ircing?
[17:40:39] <neurosys> Im on a LAN behind 67.32.132.60
[17:41:03] <gpled> from where you are trying to connect to 67.32.132.60
[17:41:26] <gpled> where thunderbird is
[17:42:40] <neurosys> atm it's 32.162.76.67
[17:43:07] <neurosys> Sep 17 11:44:56 sheltercorp postfix/smtpd[9016]: disconnect from unknown[32.162.76.67]
[17:43:21] *** Roman123 has quit IRC
[17:44:42] <neurosys> hanging.......
[17:45:10] <neurosys> Actually...
[17:45:20] <neurosys> I'm wrong.
[17:45:31] <neurosys> THAT time, it went through right away. too strange
[17:46:33] <neurosys> Like it "woke up"
[17:46:37] <neurosys> :(
[17:46:58] <gpled> neurosys: your doing this through a cell phone connection?
[17:47:08] <neurosys> gpled:  yep
[17:47:19] <gpled> bet thats your trouble right there
[17:47:21] <neurosys> But it has happened on regular lines as well.
[17:47:34] <neurosys> And it doesnt happen with other mail systems.
[17:47:52] <neurosys> tried gmail and an independant host.
[17:48:00] <neurosys> both go thru quickly
[17:48:13] <gpled> looks like your server that postfix is on, is having dns issues too
[17:48:13] *** Tykling has left #postfix
[17:48:43] <neurosys> gpled:  resolve issues?
[17:49:55] <gpled> wait, that might be your cell provider, they do not have a revers for your ip
[17:50:18] <neurosys> gpled:  then why would other mail systems have no hiccups?
[17:50:29] <neurosys> gpled:  Is it a configuration in my postfix box?
[17:51:17] <neurosys> And why would it work "sometimes", most often when making the inital connect?
[17:51:22] <neurosys> cache issue?
[17:54:31] *** jwit has joined #postfix
[17:56:10] *** f3ew has quit IRC
[17:58:55] <sysmonk> !howto
[17:58:57] <knoba> sysmonk: Error: "howto" is not a valid command.
[17:59:03] <sysmonk> !how-to
[17:59:04] <knoba> sysmonk: Error: "how-to" is not a valid command.
[17:59:07] <sysmonk> ;/
[17:59:09] <sysmonk> !fish
[17:59:09] <knoba> sysmonk: "fish" : Give an admin a fish and you feed them for a day. Teach an admin to fish and you feed them for a life. -- All new anglers, please see the following channel factoids, !tutorial !docs !basic !standard !faq !manuals !logs !debug !smtpd!=smtp
[17:59:41] <sysmonk> !tutorial
[17:59:41] <knoba> sysmonk: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their mail server without reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to look for hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.
[18:02:21] *** c00l2sv has quit IRC
[18:02:59] <neurosys> wow sysmonk :(
[18:03:08] <neurosys> back to fbsd we go eh?
[18:03:24] <sysmonk> neurosys: um, what? :)
[18:03:37] *** hparker has quit IRC
[18:03:40] <brd> back? why would you need to go back? ;)
[18:03:47] <neurosys> hehe
[18:03:50] <sysmonk> we're there
[18:03:56] <sysmonk> we didn't move out of it :P
[18:04:00] <brd> exactly :)
[18:04:29] *** phnord has quit IRC
[18:05:06] * sysmonk should count some day how much people here use freebsd :)
[18:05:43] <xpoint> 1
[18:05:48] * neurosys dreams of freebsd....
[18:06:04] <xpoint> 2
[18:06:06] <xpoint> :)
[18:06:47] * sysmonk executes jot 200 1 200
[18:06:55] <sysmonk> that should be /exec -o jot 200 1 200
[18:06:56] <sysmonk> ;))
[18:07:15] <xpoint> with gives PI ? :)
[18:07:57] <sysmonk> nah, you lunix guys won't understand it
[18:08:07] <sysmonk> you reinvent the wheel and create 'seq'
[18:08:26] <sysmonk> although jot is there since 4.2BSD
[18:11:10] <lunaphyte_> jot took me longer to figure out how to use than seq.
[18:15:29] *** tom_wifi has quit IRC
[18:16:40] *** j_s has joined #postfix
[18:17:03] <dft> I haven't used freebsd in sometime now.
[18:17:31] <dft> it was/has been always better in many ways than linux
[18:18:08] * sysmonk changes the channel topic to 'Welcome FreeBSD users. postfix channel moved to ##postfix-no-offtopic'
[18:18:12] <sysmonk> ;))
[18:18:17] <neurosys> teehee
[18:18:57] <dft> nice
[18:19:10] *** mark-use has quit IRC
[18:19:43] <brd> lol
[18:19:56] * dft is sadly out of touch with freebsd these days
[18:20:08] <dft> perhaps I need a course correction
[18:21:53] <neurosys> gpled:  well.. i found amavis & postfix using the old main hostname, updated it. rebooted, and seems to work fine now.
[18:21:54] <brd> lots of nice things happening in FreeBSD these days :)
[18:22:36] <neurosys> The only linux i can bare to use is slack.
[18:22:48] <neurosys> and i havent used in in almost a decade.
[18:22:54] <sysmonk> there are lots of slackers here too
[18:23:05] <sysmonk> and yeah, slack was my last distro before i completely moved to freebsd
[18:23:21] <sysmonk> i think slack 9.0 was my last one
[18:23:25] <sysmonk> or was it 9.1, don't remember
[18:26:41] <dft> I forget why I moved over to linux at home
[18:26:49] <dft> I like ubuntu for workstations
[18:27:19] <dft> out of necessity of work policies I am forced to use redscat based distros
[18:28:14] <dft> anyways, on topic
[18:28:52] <dft> I ended up removing "MIME Version" from the list of duplicate fields checked in amavisd
[18:30:15] <xpoint> dft, could make it CaSE inSensitive
[18:30:51] <xpoint> but fix the bad client would be better
[18:31:57] <dft> xpoint: I agree with the fixing the client, but it's an outside user not under my domain..muahaha
[18:32:23] <xpoint> dft, fire him :)
[18:35:51] *** chadmaynard has joined #postfix
[18:40:26] <brd> by fix you mean dispatch a team of ninjas?
[18:44:49] *** chadmaynard has quit IRC
[18:47:47] *** githogori has quit IRC
[18:50:01] *** neurosys has quit IRC
[18:50:54] *** hever has joined #postfix
[18:54:57] *** orzel has left #postfix
[18:56:59] *** GoGi has joined #postfix
[19:01:04] *** growltiger_ has joined #postfix
[19:02:07] *** brancaleone has joined #postfix
[19:03:41] *** Severed_Head_Of_ has joined #postfix
[19:06:56] *** noneo has joined #postfix
[19:10:53] *** growltiger has quit IRC
[19:12:12] *** cpm has quit IRC
[19:18:16] *** noneo_ has quit IRC
[19:18:48] *** growltiger_ has quit IRC
[19:19:30] *** growltiger has joined #postfix
[19:30:54] *** amrit|zzz is now known as amrit|wrk
[19:33:44] *** Severed_Head_Of_ has quit IRC
[19:36:27] <gpled> is there a command i can use to show server configuration errors?
[19:45:07] *** Zeit|awy has joined #postfix
[19:46:41] *** BuenGenio has joined #postfix
[19:47:01] <BuenGenio> bon soir vodka lovers!
[19:47:14] *** netcrash has joined #postfix
[19:47:19] <BuenGenio> only on #Postfix. (tm)
[19:49:56] <sysmonk> BuenGenio: heil :)
[19:50:12] <BuenGenio> what language was that?
[19:50:15] <BuenGenio> looks perl-ish...
[19:50:19] <BuenGenio> :D
[19:50:37] <BuenGenio> was just trying to hack on virtualmin to CRUD email users from a database...
[19:50:42] <BuenGenio> jesus, it looks scary
[19:51:03] <BuenGenio> (God: don't use my name in vain, goddamit!)
[19:51:07] <BuenGenio> sorry...
[19:51:11] <BuenGenio> :P
[19:52:25] <BuenGenio> perl looks horrible
[19:53:35] <BuenGenio> I think Larry Wall's inspiration and notable influence during development of perl was, in fact, brainfsck
[19:53:53] * sysmonk loves perl
[19:54:18] <BuenGenio> sysmonk, have you ever used webmin?
[19:54:30] <sysmonk> web... what?! :)
[19:54:34] <sysmonk> used as in really used - no
[19:54:37] <sysmonk> used as in seen - yes
[19:54:44] <BuenGenio> it's quite great actually!
[19:54:48] <BuenGenio> written in perl too :)
[19:55:03] <sysmonk> i don't like web interfaces for system administration
[19:55:11] <sysmonk> for whole system administration atleast
[19:55:17] <sysmonk> i hate when i can't override something
[19:55:22] <sysmonk> and web based stuff overwrites that
[19:55:23] <BuenGenio> the fact that it comes with many a linux distro is quite notable though
[19:55:28] <BuenGenio> yes
[19:55:36] <BuenGenio> i agree regarding overwriting, etc..
[19:55:54] <sysmonk> BuenGenio: i know my system well enough to manage it myself without any webmins
[19:56:05] <BuenGenio> the good thing is that popular distros actually take care in ensuring compatibility with webmail
[19:56:10] <BuenGenio> s/webmail/webmin
[19:56:16] <BuenGenio> at least Mandriva
[19:56:36] <BuenGenio> sysmonk, that's my ultimate inspiration as well
[19:56:48] <BuenGenio> and don't exactly suck at managing the system via shell
[19:57:01] <BuenGenio> you know, the fundamental system, as it were
[19:57:40] <BuenGenio> but, for example, if you need to make many changes at the same time, this kind of tools does come in handy
[19:57:54] <BuenGenio> for example, managing user accounts for a virtual domain
[19:58:13] <BuenGenio> creating virtual ssh/ftp/email users
[19:58:21] <BuenGenio> it is handy
[19:59:00] <sysmonk> BuenGenio: doing that via shell is faster... atleast for me
[19:59:01] <BuenGenio> because, during the day, if you can save 15 minutes of your time, it is a noticeable difference
[19:59:03] <sysmonk> much faster
[19:59:08] <sysmonk> and much more flexible
[19:59:33] <sysmonk> anyway, that's really oftopic
[19:59:40] <sysmonk> too much offtopic here today
[19:59:46] <BuenGenio> sysmonk, ok, but what when you are asked to set different options/quotas for each particular type of account
[19:59:52] <BuenGenio> ok, sorry
[19:59:56] <BuenGenio> i'm just in a chatty mood
[20:00:05] <gpled> what version of perl do you use?
[20:00:17] <sysmonk> gpled: 5.8.8
[20:00:34] <BuenGenio> i agree though, that care should be taken to preserve the "original" #postfix taste! :)
[20:00:55] <BuenGenio> 5.10.0
[20:01:23] *** denis has joined #postfix
[20:01:36] <gpled> why not 5.10, it almost a year old
[20:02:01] <BuenGenio> gpled, as they say - don't fix it if it ain't brake :)
[20:02:15] <BuenGenio> (I know it should be broken really ) :)
[20:07:46] *** hever has quit IRC
[20:07:57] *** BuenGenio_ has joined #postfix
[20:20:23] <gpled> http://pastebin.com/d175fcb28
[20:20:43] <gpled> trying to get smtpd_restriction_classes working
[20:20:48] <gpled> see anything wrong?
[20:21:10] <gpled> other at example dot com throws system errors
[20:21:46] <gpled> throws 451 Server configuration error
[20:27:22] *** BuenGenio has quit IRC
[20:30:43] *** brancaleone has quit IRC
[20:35:00] *** redduck666 has joined #postfix
[20:37:59] *** redduck666 has left #postfix
[20:43:38] *** iamlindoro_ has joined #postfix
[20:46:09] <iamlindoro_> Hi guys-- I am switching from one postfix server to a new one, and need to make the DNS switch.  I'd like to set the existing server to forward all mail to the new server while the change propogates-- If this is possible, can someone give me a hint on what to search for in the wiki/google?
[20:46:33] <iamlindoro_> Idea being to make the change transparent to my users
[20:47:21] <brd> depends, just incoming mail from other mail servers?
[20:47:27] <iamlindoro_> yep
[20:47:37] <brd> oh, then just shut it off and make the switch
[20:47:46] <brd> mail will handle it
[20:47:56] <iamlindoro_> ah, I see what you're saying, then some will just get delayed
[20:48:03] <brd> yeah
[20:48:16] <iamlindoro_> makes sense
[20:48:18] <iamlindoro_> thanks
[20:48:36] <brd> you can lower the TTL of the record to 5min and let it sit for a few hours (or how long the TTL is currently..)
[20:49:04] <iamlindoro_> yeah, it's like 1 Hr, so that kind of delay wouldn't be the end of the world
[20:49:14] <brd> yeah
[20:53:10] *** chadmaynard has joined #postfix
[20:53:16] *** githogori has joined #postfix
[20:54:25] *** devdas has joined #postfix
[20:57:45] *** chadmaynard has quit IRC
[21:03:17] *** pitakill has quit IRC
[21:03:46] *** Knoedel2 has joined #postfix
[21:06:43] <Knoedel2> how can i define postfix to get mails only from one ip
[21:06:45] *** radius has left #postfix
[21:07:01] <Knoedel2> check_client_access ?
[21:07:06] <Knoedel2> !check_client_access
[21:07:07] <knoba> Knoedel2: "check_client_access" : Search the named access database for the client name, parent domains, client address, or networks obtained by stripping least significant octets. Reject if the result is REJECT or [45]XX text . Permit otherwise
[21:07:13] <dft> Knoedel2: mynetworks or myhosts
[21:07:21] <dft> in main.cf
[21:09:30] <Knoedel2> hmm there are the domains
[21:10:42] *** klasikahl has joined #postfix
[21:11:00] <klasikahl> can i pass multiple arugments to relayhost/
[21:11:00] <Knoedel2> maybe only mynetworks ?
[21:11:11] <klasikahl> effectively "load balancing" outoging mail?
[21:11:27] <Knoedel2> you need to use bind
[21:11:35] <Knoedel2> klasikahl
[21:11:42] <devdas> klasikahl: a relayhost with two A records
[21:11:46] <devdas> or multiple A records
[21:11:51] <devdas> or use the MX
[21:11:52] <dft> Knoedel2: use mynetworks
[21:12:20] <klasikahl> ah :\.  that's doable i suppose.  i only need to balance outgoing mail so i guess i'll just set up a domain with equally weighted MXs
[21:12:22] <klasikahl> thanks :)
[21:13:29] <Knoedel2> smtpd_recipient_restrictions = permit_mynetworks, reject
[21:13:37] <Knoedel2> this should be enough right ?
[21:13:41] <dft> Knoedel2: that works
[21:13:52] <Knoedel2> thanks dft
[21:13:55] <Knoedel2> i'll try
[21:13:57] <dft> we use some more strict restrictions but that's a start
[21:15:55] *** GoGi has quit IRC
[21:20:03] *** felix-da-catz_zz is now known as felix-da-catz
[21:22:00] *** teddymills has joined #postfix
[21:23:42] *** goldfischli has joined #postfix
[21:23:57] *** melayenco has joined #postfix
[21:28:54] *** pirho has quit IRC
[21:29:12] <Knoedel2> what do you use dft ?
[21:29:44] *** pirho has joined #postfix
[21:31:28] <dft> Knoedel: one sec
[21:32:05] <neurodamage> I'm getting a lot of resource errors when spamc is trying to send emails, any ideas ?
[21:32:41] <dft> Knoedel: http://pastebin.com/dbe0b91f
[21:34:35] *** SidGBF has joined #PostFix
[21:34:43] <SidGBF> http://paste.debian.net/17466/ What's this error?
[21:35:09] <Dominian> !sasl
[21:35:10] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[21:35:23] *** danbeck has quit IRC
[21:37:27] *** Zelest has quit IRC
[21:37:30] <SidGBF> http://paste.debian.net/17467/
[21:38:40] <Dominian> are you requiring SASL authentication on port 25 or something?
[21:38:44] <Dominian> becauase that's what it looks ilke to me
[21:41:11] <SidGBF> Dominian: it's supposed to not do it... checking
[21:44:55] <Dominian> well its something you've set in master.cf to require that is my guess
[21:45:01] <Dominian> but don't have time to go through the process.. still at work
[21:45:55] <SidGBF> mmm... thanks for the tip!
[21:46:11] <Dominian> no problem..
[21:48:45] <Knoedel2> dft thats with uce protection, i needed only from one ip
[21:49:06] <Knoedel2> mynetworks and this smtpd_recipient_restrictions = permit_mynetworks, reject works fine
[21:51:09] *** felix-da-catz is now known as felix-da-catz_zz
[22:03:51] *** BuenGenio has joined #postfix
[22:04:05] *** danbeck has joined #postfix
[22:05:30] *** BuenGenio__ has joined #postfix
[22:06:46] *** iamlindoro_ has left #postfix
[22:07:38] *** seekwill has joined #postfix
[22:08:50] *** roger has joined #postfix
[22:08:53] <roger> Hallo
[22:09:07] <roger> can I send mail to a spam filter on anotehr server and get it back?
[22:09:15] *** randra has quit IRC
[22:09:34] <sysmonk> yes, if you own them and configure them properly
[22:12:06] <roger> Any HOW-TOs on what is needed for proper configuration?
[22:12:23] <roger> also would I need an MTA on the spam-filter server as well?
[22:13:00] <seekwill> sysmonk: I'm not going to subscribe to it anymore, so you can kill that vm
[22:13:57] <sysmonk> seekwill: are you sure? i won't be able to terorize you anymore then ;/
[22:14:15] <sysmonk> roger: no, no mta on spam filter server, and no, i don't know any howtos
[22:14:25] <roger> sysmonk: thanks
[22:14:45] <seekwill> sysmonk: Yeah, it's ok. I decided not to pay the $250 for the season
[22:14:56] <devdas> heh
[22:15:17] <sysmonk> seekwill: damn :(
[22:15:32] <seekwill> sysmonk: It was awesome though! :)
[22:15:34] <seekwill> Thanks!
[22:15:36] <sysmonk> np
[22:16:10] <devdas> hmmm?
[22:16:56] <sysmonk> etc/rc.d/jail stop seekwill
[22:16:57] <sysmonk> Stopping jails: seekwill.
[22:17:00] <sysmonk> by by seekwill :P
[22:17:07] <sysmonk> bye bye*
[22:17:53] <sysmonk> devdas: seekwill watched pron over my network so that USA law's couldn't catch him
[22:17:57] <sysmonk> i have logs of that
[22:19:05] <roger> USA has Laws?
[22:19:09] <roger> Well
[22:19:12] <roger> Enforced laws?
[22:20:20] <devdas> I should just oputsource my mail hosting
[22:20:24] <devdas> outsource
[22:20:33] <sysmonk> devdas: why?
[22:20:49] <devdas> ETOOMUCHSPAM
[22:21:08] <sysmonk> hehe
[22:21:13] *** gpled has left #postfix
[22:21:34] * devdas shrugs
[22:21:51] <devdas> If things go well, I'll be responsible for nuking half a dozen top spammers
[22:21:57] <sysmonk> how much mailboxes do you have btw?
[22:22:35] <devdas> FOr myself? One
[22:22:41] *** BuenGenio_ has quit IRC
[22:22:45] <sysmonk> hehe, not for yourself
[22:22:52] <devdas> at work?
[22:22:53] <sysmonk> hosted at your place
[22:22:58] <devdas> Slightly over 100K
[22:23:00] <sysmonk> managed by your company
[22:23:03] <sysmonk> or what should i call it
[22:23:20] <sysmonk> devdas: and how much mails / day ( before or after antispam)
[22:23:37] <devdas> Haven't seen it in quite some time
[22:24:02] <devdas> but about 250K messages in, 95% rejection at the edge
[22:24:14] *** rcsu has quit IRC
[22:24:31] <sysmonk> 250 after rejection, right?
[22:24:49] *** BuenGenio has quit IRC
[22:25:17] <sysmonk> and, afair, you're not using any anti-uce stuff except postfix generic things, or am i wrong?
[22:25:19] *** c00l2sv has joined #postfix
[22:25:20] <devdas> 250K pre
[22:25:25] <sysmonk> 250K pre?!
[22:25:27] <sysmonk> per day?
[22:25:30] <devdas> just the !cheatsheet stuff
[22:25:33] <devdas> yes
[22:25:39] <sysmonk> for 100k+ mailboxes?!
[22:25:54] * sysmonk does the counting
[22:25:56] <devdas> A lot of them don't use us for antispam services
[22:26:06] <devdas> we just host mail
[22:26:18] <devdas> so I don't have the staistics on those
[22:26:22] <devdas> statistics
[22:26:23] <sysmonk> i mean 250K mails per day for 100k+ mailboxes is LOW
[22:26:29] <sysmonk> unreallistically low
[22:26:39] <sysmonk> ohhh
[22:26:41] <devdas> yeah, but you forget that this isn't all my mail
[22:26:51] <sysmonk> yeah i get it now
[22:26:54] <devdas> I have 15 boxes not reporting statistics
[22:27:08] *** hparker has joined #postfix
[22:27:27] <sysmonk> 15 out ouf ... ?
[22:28:06] <devdas> 15
[22:28:26] <sysmonk> no, you said 15 boxes not reporting statistics
[22:28:32] <sysmonk> but you do have some kind of statistics
[22:28:34] <devdas> I only count the two antispam boxes handling mail for all users on those boxes
[22:28:38] <sysmonk> so there should be atleast 15+1 boxes ;)
[22:28:46] <sysmonk> ah
[22:28:48] <devdas> if it hits directly, I don't control it at all
[22:28:50] <sysmonk> so 17
[22:29:24] <sysmonk> quite a lot of boxes
[22:29:39] <devdas> there's a few more
[22:29:51] <devdas> but we don't really count those
[22:30:46] <sysmonk> those are physical boxes or vps ?
[22:34:53] <devdas> Physical
[22:34:55] <devdas> no VPS
[22:41:57] *** cilly has quit IRC
[22:42:05] *** kreg has joined #postfix
[22:44:29] *** cilly has joined #postfix
[22:44:50] *** SidGBF has quit IRC
[22:45:12] *** brancaleone has joined #postfix
[22:45:48] *** GuajiroBlanco has joined #postfix
[22:48:23] *** teddymills has quit IRC
[22:49:08] *** gutocarvalho has quit IRC
[22:54:28] *** Zblakany has joined #postfix
[22:56:20] *** Zblakany has quit IRC
[22:57:30] *** neurosys has joined #postfix
[22:59:45] *** Zblakany has joined #postfix
[23:01:46] *** BuenGenio has joined #postfix
[23:05:12] *** roger has quit IRC
[23:10:00] *** adnc has joined #postfix
[23:10:29] <adnc> hello, is "550 User unknown" the same as permit mynetworks,reject
[23:10:30] <adnc> the same
[23:10:47] <Dominian> what
[23:10:52] *** Zblakany has quit IRC
[23:10:52] <GuajiroBlanco> o.O
[23:11:05] <Dominian> No.. 550 means the user wasn't found in the mail system..
[23:11:14] <adnc> for check_recipient_access
[23:11:24] <Dominian> eh
[23:11:45] <adnc> the file directed by check_recipient_access, which contains addresses to be rejected
[23:12:11] <adnc> the right side describes how they are handled
[23:12:36] <Dominian> umm ok
[23:12:42] <adnc> and i've one containing 550 User unknown. but still i can send from internal domains
[23:12:53] <Dominian> makes sense.
[23:13:08] <adnc> which is ok. but i also wanted to have some adresses to not receive from nowhere
[23:13:16] <adnc> like uucp at mydomain dot tld etc.
[23:13:27] <adnc> so i was looking what i would need todo and understand this
[23:16:03] *** neurosys0 has joined #postfix
[23:16:10] *** madrescher has joined #postfix
[23:17:11] <Knoedel2> http://www.ironport.com/products/ironport_encryption.html -> how is this working ?
[23:17:19] <Knoedel2> with dkim, openpgp !?
[23:18:39] *** BuenGenio__ has quit IRC
[23:19:14] *** szaszka has joined #postfix
[23:20:07] <adnc> Dominian: do idea?
[23:20:23] <Dominian> no idea
[23:20:31] <Dominian> not my setup.. not sure what the config is and I don't see any logs
[23:20:41] <Dominian> and I'm getting ready to head home so don't really have time to get into the troubleshooting
[23:21:37] *** denis has quit IRC
[23:21:58] *** j_s has quit IRC
[23:22:28] *** m0f0x has quit IRC
[23:23:20] <adnc> Dominian: all i want is to restrict from beeing able to send to address like uucp,spamassassin, etc. restrict from receiving for systemusers
[23:23:59] <seekwill> Knoedel2: ?
[23:24:07] <devdas> http://home.xnet.com/~raven/Sysadmin/ASR.Posts.html
[23:24:49] *** neurosys has quit IRC
[23:24:58] *** neurosys0 is now known as neurosys
[23:25:27] <Dominian> adnc: why?
[23:25:31] <brd> devdas: heheheh
[23:25:40] <Dominian> adnc: if the users don't exist on the system.. then why worry about rejecting something that doesn't exist?
[23:25:56] <adnc> Dominian: the users exist of course
[23:26:00] <Dominian> the sending server will get an 5xx error anyway for "user uknown"
[23:26:06] <Dominian> adnc: ok
[23:26:11] <Dominian> so why restrict sending to them?
[23:26:21] <Dominian> why do they even have email accounts?
[23:26:31] <Dominian> or are all of your email users system accounts?
[23:26:32] <adnc> i do have system users which do not have a home directory
[23:26:40] <adnc> Dominian: they dont have email accounts
[23:26:41] <Dominian> that explains it
[23:26:45] <Dominian> er.
[23:26:45] <Dominian> ok
[23:26:50] <Dominian> if they don't have email accounts.. why worry? :)
[23:26:52] <adnc> but when someone sends an email to these addresses
[23:26:53] <seekwill> Knoedel2: Maybe TLS
[23:27:12] <adnc> it gets into /var/mail/systemuser
[23:28:01] <adnc> Dominian: i dont know how you manage but severeal service here do have there own username, like UUCP, like lpr, like spamd, like dovecot , like mysql etc. etc.
[23:28:17] <adnc> all i want is to do not accept mail for these users
[23:28:53] <adnc> to complicated, isnt it?
[23:30:26] <Verilium> adnc:  Point the files in /var/mail to /dev/null? :)
[23:30:38] <adnc> Verilium: do you solve it like this?
[23:30:55] <Verilium> If you're worried about those mails taking space, it's a way to solve it. ;P
[23:31:09] <adnc> how do you solve it?
[23:32:39] <Verilium> adnc:  http://groups.google.com/group/mailing.postfix.users/msg/d3bef7d942bbaab8
[23:32:41] <Verilium> ...perhaps?
[23:33:10] <Verilium> If you want a specific reponse such as a 550 you mentionned, perhaps that would be the method you need.
[23:33:27] <adnc> Verilium: thank you. i'll read it
[23:33:38] <Verilium> I just googled real quick for 'postfix block users'.
[23:33:58] <adnc> but i wonder. it seems that noone here cares about there systemusers
[23:34:00] <Verilium> I understand what you want to do, but I haven't had the need, so I'm not quite sure.
[23:34:09] <adnc> i see
[23:34:24] <Verilium> I actually probly have thought about that a long time back, no idea what my conclusion was, heh..
[23:34:53] <Verilium> adnc:  Ah yes, actually, usually, I just forward those system users to root@ via aliases or so.
[23:35:41] *** no_maam has quit IRC
[23:35:44] <Verilium> Else aliased the system user to /dev/null.  Don't think I ever 'really' had a need to 'nicely' block it off and reply back with a 550.
[23:36:09] <adnc> Verilium: i did read that mail. I use this to restrict recipients like all at mydomain dot tld
[23:36:26] <adnc> and from mynetwork it is still possible to send to this address
[23:37:10] <Trengo> adnc man 5 access ?
[23:37:18] <Trengo> see the example
[23:37:42] <Trengo> perhaps nobody@ REJECT would work for you?
[23:40:56] *** TeraHertz has quit IRC
[23:41:56] *** BuenGenio has quit IRC
[23:44:45] *** brancaleone has quit IRC
[23:49:17] *** Knoedel2 has quit IRC
[23:51:41] *** devdas has quit IRC
[23:52:20] *** GuajiroBlanco has quit IRC
[23:53:16] *** netcrash has quit IRC
[23:55:08] *** linkslice has quit IRC





top