[00:00:01] <pickcoder> kexman: what kind of volume are you seeing
[00:00:17] <kexman> volume ?
[00:00:20] <pickcoder> amavisd helps bridge all the components together easier
[00:00:21] <kexman> mail volume ?
[00:00:24] <pickcoder> spam vol
[00:00:29] <kexman> pickcoder: i have no idea :)
[00:00:39] <kexman> never set up a working postfix / mailserver in my life :)
[00:00:43] <kexman> but trying to do my best :P
[00:00:57] <pickcoder> use spamhaus's zen RBL and see how many blocks you get
[00:00:59] <kexman> and i want it to be able to handle mass mails
[00:01:24] <pickcoder> !cheatsheet
[00:01:25] <knoba> pickcoder: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[00:01:37] <pickcoder> xen..
[00:01:49] <kexman> pickcoder: currently i have a a postfix + dovecot + postfixadmin setup
[00:01:50] <pickcoder> hrm
[00:01:52] <pickcoder> zen...
[00:02:07] <kexman> would it be hard to implrement an amavisd-new + spamassasin setup into this setup :)
[00:02:25] <pickcoder> I don't use postfixadmin
[00:03:23] <pickcoder> kexman: is your domain pretty private or is it advertised?
[00:03:45] <kexman> pickcoder: it will be advertised :)
[00:03:55] <pickcoder> dynamic/static IP?
[00:04:16] <kexman> static
[00:05:01] <pickcoder> I don't think you'll have a hard time setting up amavis since you have to do some of it manually
[00:05:04] <pickcoder> what distro?
[00:05:31] <kexman> gentoo
[00:05:45] <pickcoder> ok then I guess you may have to do a lot of it manually
[00:05:50] <kexman> :)
[00:05:54] *** eanxgeek has quit IRC
[00:06:12] <pickcoder> amavis affects content_filter and master.cf
[00:06:18] <pickcoder> everything else plugs into amavis
[00:06:36] *** eanxgeek has joined #postfix
[00:07:06] <pickcoder> IMO clamav is pretty worthless if you're looking for near 0-day detection
[00:07:19] <pickcoder> I'm personally looking at getting a commercial Sophos subscription
[00:07:50] *** gonewestcoast has joined #postfix
[00:07:55] <kexman> hmm
[00:08:03] <kexman> well i heared about clamav not being the best of the best :)
[00:08:09] <kexman> so okay lets forget about clamav
[00:08:17] <pickcoder> brand new stuff is getting caught by blocking various MIME types and file extensions
[00:08:29] <jp-> it's not, but remember, people like to "click stuff"
[00:08:41] <kexman> jp-: i know :)
[00:08:44] <pickcoder> 99% of the "viruses" are phishing ads caught by s/A
[00:08:53] <kexman> what is S/A
[00:08:57] <pickcoder> spamassassin
[00:09:02] <kexman> aaa
[00:09:03] <kexman> okay
[00:09:20] <jp-> clamav and spamassassin have served our business email well
[00:09:29] <pickcoder> jp-: same here
[00:09:34] <pickcoder> when tweaked appropriately
[00:09:43] <pickcoder> else it's a nice sifter
[00:09:56] <pickcoder> that wastes memory
[00:10:01] <kexman> i never used contect_filter
[00:10:13] <kexman> hehe :)
[00:10:23] <pickcoder> example: content_filter = smtp-amavis:[127.0.0.1]:10024
[00:10:24] <kexman> i had to tweak my master.cf to use dovecot sasls
[00:10:55] <kexman> postconf | grep -i content_
[00:10:55] <kexman> content_filter =
[00:11:24] <xpoint> postfinger | grep -i content
[00:12:02] <pickcoder> postfinger?
[00:12:36] <xpoint> if you dont know you dont have it :)
[00:12:43] <pickcoder> kexman: what kind of mass mail?
[00:12:51] <kexman> :P
[00:12:53] <kexman> Sep 20 00:45:28 mobile postfix/smtp[11548]: 8156A684001: to=<zso at tux01 dot nullpoint.eu>, relay=none, delay=33936, delays=33936/0.04/0.01/0, dsn=4.4.1, status=deferred (connect to tux01.nullpoint.eu[192.168.5.100]:25: Connection refused)
[00:12:55] <pickcoder> xpoint: thanks for pointing that out
[00:13:28] <pickcoder> now I feel like I'm missing something fun
[00:14:25] <xpoint> kexman, why do tux01.nullpoint.eu not like your ip ? :)
[00:14:41] <kexman> xpoint: that doesnt has no smtp on it
[00:14:47] <kexman> its totally internet
[00:14:51] <kexman> internal
[00:15:20] <xpoint> good point in use public hostnames for this
[00:15:29] <kexman> xpoint: question is if people send to a non "mail" host ... what will happen ?
[00:15:47] <xpoint> you see it above
[00:16:07] <kexman> xpoint: couldnt a user simply ddos my server trying to send mail to hosts that dont have valid mail ...
[00:16:21] <xpoint> its missing check_mx_access tules
[00:16:32] <xpoint> rules even
[00:16:53] <xpoint> kexman, you may try me :)
[00:16:56] *** layla has joined #postfix
[00:17:00] <kexman> xpoint: aha
[00:17:10] <layla> hello
[00:17:12] <kexman> xpoint: i never used that
[00:17:32] <xpoint> kexman, newer ACCEPT mails you cant bounce to !
[00:17:37] <layla> i have a problem with postfix can i everybody help me
[00:17:38] 
[00:18:46] <layla> please
[00:19:03] <kexman> xpoint: what does that mean ? :)
[00:19:10] <kexman> what does it mean to bounce too ?
[00:19:20] <kexman> do i need to have some domains in any list ?
[00:19:30] <kexman> or what option do i need to add for that to work ?
[00:19:34] <pickcoder> layla: no one can help you unless you ask a question other than "can anyone help me"
[00:20:47] <xpoint> kexman, google check_sender_mx_access
[00:20:53] <kexman> xpoint: that is all i need ?
[00:20:54] <layla> pickcoder, ok dont angry with me
[00:21:12] <kexman> what about these bounces you are talking about ? all realated to check_sender_mx_access
[00:21:16] <kexman> wait sender ? :)
[00:21:27] <xpoint> kexman, if mx host resolves back to rfc1918 reject
[00:22:06] <kexman> xpoint: but "sender" isnt that "me" the sender using "thunderbird" client ?
[00:22:25] <layla> I set postfix command when an e-mail and doing what sends 25 telnet localhost smoothly to gmail for example, but when I do so through evolution or the bounces I thunderbird
[00:22:28] <xpoint> unrelayred
[00:22:35] *** gonewestcoast has quit IRC
[00:22:53] <xpoint> thunderbird is mostly client, that can smtp auth
[00:24:40] <kexman> check_sender_mx_access type:table
[00:24:49] <kexman> xpoint: for that option i need to use a table
[00:24:54] <xpoint> layla, setup smtp auth to gmail
[00:25:18] <xpoint> kexman, cidr is your friend there
[00:25:49] <xpoint> 192.168.0.0/16 REJECT rfc1918 networking in mx
[00:26:10] *** pickcoder has quit IRC
[00:26:26] <xpoint> check_sender_mx_access cidr:/etc/postfix/rfc1918
[00:26:30] <kexman> xpoint: baaah you dont get it
[00:26:40] <kexman> its not that i will be using 192.168.0.0/16
[00:26:46] <xpoint> kexman, but its you that have a problem :)
[00:26:48] <kexman> pretent that you didnt saw that private ip
[00:27:39] <layla> xpoint, i dont understand
[00:27:54] <kexman> xpoint: that was just a setup i was testing
[00:28:01] <kexman> tomorrow im testing elsewhere
[00:28:03] <kexman> probably :)
[00:28:19] <xpoint> layla, google is there own localhost, so do not say helo localhost
[00:29:04] <layla> I set up a server with postfix mysql and cyrus, when sending mails via telnet outside the LAN will send correctly, but with a postal customer returns me wrong
[00:29:30] <kexman> xpoint: man im lost again :)
[00:29:31] <kexman> hehe
[00:29:38] <kexman> happens to me alot around mail :) hehehe
[00:29:41] <xpoint> layla, then he need smtp auth to your server
[00:29:59] <xpoint> kexman, stop useing postfix then :)
[00:30:19] <kexman> xpoint: hehh :) nope
[00:30:21] <kexman> i wont do that
[00:30:33] <kexman> xpoint: i just need to read up (alot) some more about it :)
[00:30:34] <xpoint> kexman, will you listen then ?
[00:30:34] <kexman> hehe
[00:30:39] <kexman> xpoint: okay
[00:30:43] <kexman> I am listening :)
[00:30:53] <kexman> xpoint: setup :
[00:30:59] <kexman> postfix on server1.com
[00:31:38] <kexman> user wants to send mail to existingdomain.com (host -t MX existingdomain.com has no MX record) ip of existingdomain.com = 1.2.3.4
[00:31:48] <kexman> postfix will try to send mail to 1.2.3.4 port :25
[00:31:49] <kexman> right ?
[00:32:20] <layla> xpoint, and the set from main.cf to SMTP auth?, but not as
[00:32:35] <xpoint> yes missing mx records is not a fault, mx is only needed when mail server is on another ip then the webserver is for the domain
[00:33:53] <xpoint> kexman, i can sen mail to you from outside to root at [1 dot 2.3.4] :)
[00:33:54] <kexman> xpoint: exactly
[00:34:18] <kexman> xpoint: no you cant if i dont have a mailserver set up on 1.2.3.4 :)
[00:34:22] <kexman> right ?
[00:34:28] <xpoint> bingo
[00:34:59] <xpoint> postfix accept that form, was my point :)
[00:35:04] <kexman> xpoint: so how will postfix identify this ? and wont try to send the mail over 1trizillion times. or better question : how many times will postfix try to send to 1.2.3.4 until it gives up ?
[00:35:27] <kexman> xpoint: so its basic good working how it should work condition ?
[00:35:40] <kexman> xpoint: how long will postfix try to send the mail ?
[00:35:40] <xpoint> 1 million times until 5d old, then it bounces local
[00:36:11] <kexman> bounces local ? hmm what does that mean ? it will try to send to postmaster at localhost dot domain.com ?
[00:36:29] <xpoint> no from that smtp auth sender :)
[00:36:32] <kexman> xpoint: so that is basic configuration (good config) ... it trys it for 5 days ? :)
[00:36:39] <kexman> xpoint: so it bounces back to the sender
[00:36:45] <layla> xpoint, and the set from main.cf to SMTP auth?
[00:36:57] <xpoint> !sasl
[00:36:58] <knoba> xpoint: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[00:37:25] <xpoint> kexman, yes what do you expect it to do ?
[00:37:34] *** rcsu has quit IRC
[00:38:33] <xpoint> kexman, postconf -d | grep 5d
[00:38:56] <kexman> bounce_queue_lifetime = 5d
[00:38:56] <kexman> maximal_queue_lifetime = 5d
[00:39:07] <kexman> bounce means "send" ? :)
[00:39:09] <xpoint> kexman, but do not change anything you do not need to change
[00:39:22] * kexman is yet to get familiar with things in the mail world :)
[00:39:42] <kexman> xpoint: soooo cant mail que grow to enourmouse sizes ? :)
[00:39:50] <kexman> take alot of bandwidth ? :)
[00:39:53] <xpoint> nope
[00:40:08] <kexman> mail que mails sizes i meant
[00:40:10] <xpoint> postfix is smarter then just accept crap
[00:40:16] <layla> i dont understand
[00:40:24] <kexman> que = big = alots of retrys = lots of traffic + lots of bandwith taken ?
[00:40:39] <kexman> xpoint: huh ? what do you mean postfix is smarter then just accept crap ???
[00:40:40] <xpoint> kexman, no still
[00:40:49] <kexman> what wont it accept ?
[00:41:19] <xpoint> if your queue is full it will stop accept more mails, until it can have new mails
[00:42:05] <xpoint> kexman, did you install on a 1M harddisk ? :)
[00:42:33] <kexman> no :)
[00:42:45] <kexman> hmm so how big can the que grow ?
[00:42:46] 
[00:43:01] <kexman> xpoint: so que full = i cant send new mail using my postfix mailserver ?
[00:43:15] <xpoint> yes
[00:43:25] <kexman> and the mail server wont accept new emails until que gets "not full " :)
[00:43:28] <kexman> uhum
[00:43:35] <xpoint> yes
[00:43:51] <kexman> xpoint: so where can i see the que size ?
[00:43:52] <xpoint> kexman, you are learning fast ? :)
[00:43:58] <kexman> xpoint: hehe :) trying to :)
[00:44:03] <xpoint> df -h
[00:44:12] <kexman> got plenty of space left :)
[00:44:38] <kexman> cant find anything about que size limit with : postconf | grep -i que
[00:44:44] <xpoint> so you now got plenty of money to other hardware extensions :)
[00:45:05] <kexman> xpoint: hehe :)
[00:45:11] <xpoint> kexman, damm will you listen ?
[00:45:17] <kexman> aaahaaa
[00:45:20] <kexman> i got it :)
[00:45:21] *** layla has quit IRC
[00:45:25] <kexman> que = df -h ? :)
[00:45:33] <kexman> or something around it
[00:45:53] <xpoint> postfix is dynamic, if you give it 10000 Etabyte it can use it
[00:46:01] <kexman> hehe
[00:46:07] <kexman> now that's the joke of the month :) really
[00:46:11] <kexman> i bet its true :)
[00:46:16] <kexman> but i am still laughing :)
[00:46:23] <kexman> thus its a joke for me :) ... a never mind :)
[00:46:25] <xpoint> but 1000M byte wont stop it working still
[00:46:25] <kexman> i get it
[00:46:29] <kexman> aha
[00:46:33] <kexman> que = dinamic
[00:46:41] <kexman> i mean que size limit
[00:46:46] <kexman> full que = dynamic
[00:47:30] <kexman> so back to the start .... i need to set up postfix so it cant send mail to RFC 1918 ?
[00:47:47] <xpoint> no
[00:47:53] <kexman> so if a bad dns record point domain.com to RFC 1918 then it wont send it ?
[00:48:05] <xpoint> still no
[00:48:39] <xpoint> i do not check recipient on rfc1918
[00:49:04] <kexman> so what where you talking about when you where tlaking about rfc1918 ?  i still dont get that part
[00:49:15] <xpoint> (i can always send to rfc1918 is my goal) :=)
[00:49:33] <kexman> uff :)
[00:49:45] *** nh2 has quit IRC
[00:49:47] <kexman> http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt reading that meanwhile
[00:49:53] <xpoint> but senders cant use rfc1918 mx records !
[00:50:34] <xpoint> kexman, shourt, do not accept mails you cant bounce
[00:53:25] <kexman> aaaa my head :)
[00:53:32] <kexman> xpoint: i need to re -read this
[00:54:03] <kexman> ahaaaaaa
[00:54:19] <kexman> so if domain.com-s mx record points to rfc1918 then i shouldnt be able to use it ?
[00:54:23] <kexman> or what ?
[00:54:27] <xpoint> olso its good to check that mx records is routeble so you can telnet back to them
[00:54:39] <kexman> i dont really seem to understand what do yo mean by dont accept mails you cant bounce
[00:55:27] <xpoint> one more time: if senders domain mx point to rfc1918 ip range where do you want to bounce it to then ?
[00:56:40] *** seekwill has joined #postfix
[00:58:03] *** war9407 has quit IRC
[00:58:55] <xpoint> olso read rfc1700
[00:58:57] <kexman> xpoint: thrash :)
[00:59:14] <imm> is there a way to configure postfix/procmail to deliver mail for a .forward file not owned by the account that contains it? i.e., avoid the 'bad uid' warning? the logs make it seem like the message is being delivered anyway, but it doesn't work.
[00:59:15] <xpoint> nope reject before you get a problem
[00:59:20] <kexman> aha
[00:59:35] <kexman> reject_if_mx_points_to_rfc1918 right ? :)
[00:59:36] *** F6F has quit IRC
[00:59:55] <kexman> xpoint: what if domain doesnt has an mx but itself point to rfs1918 ?
[01:00:00] <kexman> its almost the same
[01:00:02] <kexman> isnt it ?
[01:00:04] <xpoint> kexman, you got it finaly
[01:00:12] <kexman> xpoint: i get it slow :)
[01:00:15] <kexman> cognac slows my mind :P
[01:00:30] *** tomocha6 has quit IRC
[01:00:34] <kexman> *Cogniac* to be more certain :P
[01:00:44] <xpoint> but just sender, not recipient
[01:02:27] <kexman> xpoint: yes yes. but would the same reject/option work on mx that point to rfc1918 and the domain that has no mx and points to rfc1918
[01:02:34] <kexman> or its a stupid question/trivial ? :)
[01:02:48] <xpoint> last one
[01:03:27] <kexman> xpoint: thanks
[01:03:35] <kexman> now i just need to find that option :)
[01:03:50] <xpoint> check_sender__mx_access
[01:03:54] <xpoint> check_sender_mx_access
[01:04:04] <kexman> but that requiers a table
[01:04:10] <kexman> which i do not know how to set up
[01:05:28] <kexman> xpoint: baaah sender ? :) ufff i am confused again . send is me who auths to the smtp server . and sender is also the one who sends mail to me . right ?
[01:05:55] <kexman> so we want to block senders (mails) that come from rfc1918 ? am i right ?
[01:05:59] <kexman> did i get it right ?
[01:06:38] <xpoint> no its not block users that is on lan
[01:07:02] <kexman> :((( ahahaha
[01:07:12] <xpoint> lan users can olso be on microsoft.com domain
[01:09:21] <kexman> xpoint: so i want to block what ?
[01:09:28] <kexman> i dont understand anymore
[01:09:38] <kexman> maybe i should get some sleep :)
[01:09:51] * kexman is considering sleep over stupid questions :))
[01:10:31] <xpoint> 42
[01:10:38] <kexman> :)
[01:10:51] <xpoint> there is no stupid questions
[01:11:18] <xpoint> only stupid answers
[01:11:30] <kexman> yihh
[01:11:32] <kexman> :)
[01:15:28] <kexman> xpoint: is there any book you recommend ?
[01:15:41] <xpoint> nope
[01:15:53] <kexman> i was looking at that but its from 2003 december . http://oreilly.com/catalog/9780596002121/index.html
[01:15:56] <xpoint> ask if there is a homepage i recommend
[01:16:05] <kexman> xpoint:  is ther a homepage you recommend ? :D
[01:16:11] <xpoint> yes
[01:16:20] <xpoint> localhost
[01:16:22] <xpoint> :)
[01:16:23] <kexman> hehe :)
[01:16:36] <xpoint> see topic
[01:17:22] <kexman> postfix://localhost/magiclearningdocs.mail.fix.post :)
[01:18:13] <kexman> ill do my best
[01:18:22] <kexman> xpoint: thanks for helping me out
[01:18:34] <kexman> i think im gonna go rest a bit now. feeling tired
[01:18:41] <xpoint> kexman, if you go to amazon remember this olso http://oreilly.com/catalog/9781593270018/?CMP=AFC-ak_book&ATT=Book+of+Postfix
[01:18:52] <kexman> aa yes that was also recommended
[01:19:12] <kexman> i think im gonna get that one if im gonna get one. that was recommended by alot of quality people
[01:19:39] <xpoint> i have them both
[01:19:39] *** siebo has joined #postfix
[01:20:22] <siebo> hi, can someone point me towards docs for adding a new alias/forward?
[01:20:26] <xpoint> just being a bit old now for the latest postfix releases, but things in the books still works
[01:20:55] <siebo>  /etc/aliases?
[01:21:25] <kexman> xpoint: for a moment i tought you are talking about yourself :P :"being a bit old" :))
[01:21:41] <siebo> the entries there seem to be domain agnostic
[01:22:05] <siebo> I'd like to alias user at domain dot org --> user at someotherhost dot com
[01:22:13] <siebo> how does one do that?
[01:22:17] <kexman> siebo: i think that depends on your setup
[01:22:29] <siebo> kexman: vanilla ubuntu thus far
[01:22:48] <siebo> is there something I have to do to make postfix aware that I am pointing domains at it?
[01:22:49] <kexman> siebo: well you have to dig into main.cf
[01:22:57] <kexman> and find out how your postfix uses your mail
[01:22:58] <kexman> i mean handles
[01:23:00] <xpoint> siebo, add it to virtual_alias
[01:23:23] <kexman> xpoint: wait i think he is trying to redirect to some other host
[01:23:37] <kexman> xpoint: you are saying : add a virtual for domain.org ?
[01:23:46] <xpoint> nope
[01:24:04] <xpoint> !virtual_alias
[01:24:05] <knoba> xpoint: "virtual_alias" : ... Mail loops back to myself means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains
[01:24:22] <xpoint> !alias
[01:24:22] <knoba> xpoint: "alias" : ITYM !alias_maps
[01:24:28] <kexman> !alias_maps
[01:24:29] <knoba> kexman: "alias_maps" : a configuration parameter in the main.cf: The alias databases that are used for local(8) delivery. See aliases(5) for syntax details.
[01:24:30] <xpoint> !alias_maps
[01:24:30] <knoba> xpoint: "alias_maps" : a configuration parameter in the main.cf: The alias databases that are used for local(8) delivery. See aliases(5) for syntax details.
[01:24:34] <kexman> i was faster :P
[01:24:57] <xpoint> remember alias_maps is for local user, so recipient is local !
[01:25:00] <siebo> kexman: xpoint: cool thanks!!
[01:25:13] <kexman> xpoint: you have alot of fans :)
[01:25:20] * kexman out to sleep
[01:25:23] <kexman> see ya later
[01:25:23] <xpoint> but virtual_alias is not local thats the point :)
[01:25:55] <siebo> my main.cf doesn't have a 'virtual_alias' property, should I add one?
[01:26:03] <xpoint> yes
[01:26:06] <kexman> siebo: welcome to the world of postfix :)
[01:26:19] <kexman> xpoint: msg really bothers you that much or your just lazy to read it ? :P
[01:26:28] *** githogori has quit IRC
[01:26:37] <xpoint> kexman, i get enough spam here
[01:26:42] <siebo> so point that to a file, similar to /etc/aliases
[01:26:51] <siebo> except I can use full e-mail addresses?
[01:26:58] <siebo> is that right?
[01:27:03] <kexman> okay. sorry for the mess i did here
[01:27:04] <xpoint> siebo, yes, but there is one single diff
[01:27:16] <kexman> see you later guys
[01:27:18] <xpoint> syntax is not equal
[01:27:57] <xpoint> siebo, foo at example dot com bar at example dot net
[01:28:07] <xpoint> postmap it
[01:28:44] <xpoint> postmap -q foo at example dot com hash:/etc/postfix/virtual_alias_maps
[01:32:22] <siebo> seems like I somehow need to instantiate this db file first...
[01:32:34] <siebo> I tried just using touch, but it seems to not like the format
[01:32:41] <siebo> postmap: fatal: open database /etc/virtual_aliases.db: Bad file descriptor
[01:35:48] <xpoint> cd /etc/postfix
[01:36:05] <xpoint> touch virtual_aliases
[01:36:11] <xpoint> edit this file
[01:36:22] <xpoint> postmap virtual_aliases
[01:36:27] <xpoint> test
[01:36:54] <xpoint> postmap -q foo hash:/etc/postfix/virtual_aliases
[01:40:26] <siebo> xpoint: ok, I did that, and when I do the last part (with my mapped address where the foo is) I get no errors
[01:40:33] <siebo> but should I get the mapping?
[01:40:45] <siebo> on standardout?
[01:41:53] <siebo> or do I need to restart postfix to get it to re-parse main.cf?
[01:42:26] <xpoint> yes you need to make it work before postfix can use it
[01:42:37] <siebo> postfix reload?
[01:42:54] <xpoint> if no output in stdout no match in the maps
[01:43:24] <xpoint> first check that the maps works
[01:44:12] <siebo> with: postmap -q foo hash:/etc/postfix/virtual_aliases ?
[01:44:33] <xpoint> when it works it should display recipient to deliver to
[01:45:16] *** Daviey has joined #postfix
[01:46:05] <siebo> ah, there we go, I had a typo in my config :)
[01:48:36] <siebo> so, postmap returns the mapped address, but the server doesn't seem to be forwarding...
[01:51:29] <siebo> i.e. it doesn't show up at the aliased address...
[01:52:19] <siebo> and I know that the MTA is sending mail properly for other processes on the machine (such as zope, my app server...)
[01:54:09] <siebo> could an empty relayhost parameter be causing this problem?
[01:54:11] <siebo> I have
[01:54:12] <siebo> relayhost =
[01:54:18] <siebo> in my main.cf
[01:55:43] <xpoint> yes remove it
[01:56:03] <xpoint> but its unrelayted to the alias
[01:58:47] <siebo> ok, I commented that bit out and restarted, but still not action
[01:58:53] <siebo> where do the logs live?
[01:59:05] <siebo> I tried /var/log/postfix, but nothing there...
[01:59:52] <xpoint> its where your syslog say it should be
[02:00:06] <oblio_> so my postfix is queueing and queueing only, and it's baffling me
[02:00:10] <xpoint> postfix uses syslog
[02:00:12] <oblio_> for all incoming mail
[02:00:24] <siebo> ah, just found /var/log/mail.log
[02:00:28] <oblio_> there are no errors anywhere, just a building queue
[02:00:47] <oblio_> it doesnt give a reason for its decision to queue
[02:01:30] <siebo> there is an error about
[02:01:31] <siebo> zentraal postfix/smtpd[7846]: NOQUEUE: reject: RCPT from a.mx.highspeedrails.com[72.249.122.111]: 554 5.7.1 <david at siedbands dot org>: Relay access denied; from=<technique at oceanicsky dot com> to=<david at siedbands dot org> proto=ESMTP helo=<portland.highspeedrails.com>
[02:06:24] *** gonewestcoast has joined #postfix
[02:07:13] *** pitakill has joined #postfix
[02:08:24] <siebo> well, maybe I'll get some sleep and try to tackle this problem tomorrow when I'm rested
[02:08:33] <siebo> xpoint: thanks for the help :)
[02:09:45] <sahil> siebo: the error is so clear!
[02:10:03] <siebo> sahil: ?
[02:10:34] <vice-versa> !tell siebo relay_denied
[02:10:42] <siebo> do I need to set: virtual_alias_domains ?
[02:10:43] <knoba> siebo: -> "relay_denied" : \"554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER_ADDRESS> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>\": This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).
[02:18:56] <oblio_> hi any thoughts no this
[02:18:58] <oblio_> log message
[02:19:12] *** siebo has quit IRC
[02:19:35] <oblio_> *on this ^^
[02:20:28] <oblio_> all my messages are just queueing
[02:28:00] <xpoint> Sieg, no virtual_alias_domains is not needed for what you need
[02:28:12] <xpoint> ups wroung nick
[03:15:49] *** knoba has quit IRC
[03:15:54] <sahil> oblio_: grep local /path/to/your/master.cf
[03:15:55] *** knoba` has joined #postfix
[03:16:15] <oblio_> local     unix  -       n       n       -       -       local -o local_recipient_maps=
[03:16:41] <oblio_> sahil: ^^
[03:17:45] *** knoba` is now known as knoba
[03:19:21] <sahil> do you have a paste of postconf -n and master.cf somewhere?
[03:19:31] <oblio_> nope but i can
[03:20:04] <sahil> go for it.
[03:20:24] <sahil> and show some more logs before and after the one you paste above.
[03:20:29] <sahil> (in the paste, not in the channel)
[03:24:10] *** pitakill has quit IRC
[03:28:23] <sahil> you might do well to append -v to the local line in master.cf and see wth it's really doing.
[03:34:00] <oblio_> sahil: do you know what that option is thats specified?
[03:34:02] <oblio_> loacl_recipient_maps
[03:34:04] <oblio_> which has no value
[03:34:07] <oblio_>  =''
[03:34:59] <sahil> what
[03:35:03] <oblio_> sorry im stupid
[03:35:05] <oblio_> :-)
[03:35:06] <sahil> no i mean the "local" line in your master.cf
[03:35:11] <oblio_> i just realised that was from another line
[03:35:12] <sahil> you need to increase verbosity.
[03:35:13] <oblio_> from the grep
[03:35:13] <oblio_> yes
[03:36:48] <sahil> also get rid of maildrop
[03:36:50] <sahil> comment it out
[03:39:09] <oblio_> it will revert to internal delivery?
[03:39:25] <oblio_> we have aliases in ldap
[03:39:28] <oblio_> which is why we use it
[03:44:52] *** BenB has joined #postfix
[03:52:04] *** mavrick61 has quit IRC
[03:52:55] *** Tinozaure is now known as _Tino
[03:53:05] *** _Tino is now known as Tinozaure
[03:53:12] *** mavrick61 has joined #postfix
[03:58:47] <BenB> "unsupported dictionary type: regexps:  Is the postfix-regexps package installed?"
[03:58:54] <BenB> this is on ubuntu
[04:00:03] <BenB> which package do I have to install? postfix-pcre is installed.
[04:01:51] <BenB> nevermind
[04:03:26] *** Haris1 has quit IRC
[04:03:50] <BenB> I am fighting with the following problem: virtual lists "foobar at example dot com   foo", and foo is a local user (and has an entry in /etc/aliases, too), but gets expanded to foo@$mydomain.
[04:04:51] <BenB> of course, that doesn't exist, giving me "(User unknown in virtual alias table)".
[04:05:33] <BenB> that error is listed in the FAQ, but the FAQ tells me to add that addess to virtual_maps. that's not what I want, though, I want it to be delivered to the local user or alias
[04:06:16] <BenB> append_dot_mydomain is off
[04:07:59] <BenB> at, I needed to turn off append_at_myorigin
[04:08:09] <BenB> that solved that problem.
[04:08:25] <BenB> however, the docs says: "this feature is enabled by default and must not be turned off. Postfix does not support domain-less addresses. "
[04:09:11] *** Haris1 has joined #postfix
[04:09:32] <BenB> also, I didn't see this behaviour in another installation. there, append_at_myorigin is on (default) and it works as wanted anyways, so I must have some other config variable wrong.
[04:11:09] <BenB> ah, myorigin was different. in the working installation, it matches the hostname, in my new config, it matched the domain
[04:13:56] <sahil> BenB: your origin is your hostname; not your domain.  unless, of course, your hostname == your domain.
[04:15:00] <BenB> yes. all these params mydomain, myorigin, mydestination, myhostname, /etc/mailname, plus the virtual domains, are a bit confusing.
[04:15:21] <sahil> perhaps, but all very well documented to allay confusion. :P
[04:16:54] *** mirrorcolor has joined #postfix
[04:16:57] <BenB> furthermore, mydestination needs to contain $myhostname, or I get "loops back to myself" errors
[04:17:05] <sahil> yes, obviously.
[04:17:12] <BenB> not at all :)
[04:17:39] <sahil> that's also why mydestination, by default, includes $myhostname.
[04:17:40] <lunaphyte> only if you've put that hostname in dns w/ and mx record.
[04:18:20] <lunaphyte> it's weird.  people seem to prefer to start mid stream when it comes to setting up a mail server.
[04:18:27] <BenB> lunaphyte: no, $myhostname has no MX record in DNS
[04:18:31] <oblio_> is there a way to manually inject mail into local?
[04:19:00] <BenB> lunaphyte: yes... the reason in this case is that I move the server from one installation to another. You'd think that would be a no-brainer...
[04:19:03] <sahil> oblio_: n/m.  you need to append -v to your master.cf as previously suggested to (hopefully) get a clue about why it's fatal.
[04:19:29] <sahil> BenB: hey, you're almost there. :)  just don't throw this new postfix installation into production until you work out the kinks!
[04:19:29] <oblio_> yeah we have
[04:19:33] <oblio_> to both qmgr and local
[04:19:37] <sahil> oblio_: and nada? =/
[04:19:39] <oblio_> yeah
[04:19:46] <oblio_> nada
[04:19:48] <sahil> might be time to read DEBUG_README and put a trace on there.
[04:20:06] <BenB> sahil: no, not almost there. I haven't even started with spamassassin.
[04:20:18] <BenB> sahil: thanks for the encouragement, though :)
[04:20:26] <sahil> BenB: +1 for amavisd-new + sa + clamd (with clamscan as a backup).  it's *great*.
[04:20:28] <lunaphyte> no pain, no gain
[04:20:44] <lunaphyte> you get what you put in.
[04:20:55] <lunaphyte> every dog has it's day.
[04:21:02] <sahil> BenB: and do make sure to use some less-intensive (but generally high-hit-ratio) Postfix-level checks before passing mail onto content filters.
[04:21:05] <sahil> lunaphyte: omg, cliche day!
[04:21:15] <lunaphyte> err, wait, that last one's wrong :p
[04:21:18] <sahil> and hopefully you get more than what you put in!
[04:21:18] <BenB> sahil: I tried to avoid such excessive amounts of daemons and processes, and need to filter before accept, and decided on spamd and milter
[04:21:22] <sahil> s/it's/its
[04:21:55] <sahil> BenB: i think your understand of how amavisd works (and integrates with) SA + clamav is seriously flawed.
[04:21:56] <lunaphyte> indeed
[04:22:06] <BenB> sahil: could be.
[04:22:23] <lunaphyte> must be late.  i'm normally a grammar nazi.
[04:22:27] <sahil> lunaphyte: heh
[04:23:06] <sahil> BenB: to each his own, but seriously give amavisd-new another look.  you'll increase flexibility manifold, imho.
[04:23:30] <lunaphyte> damn it.
[04:23:49] <BenB> sahil: yes, thanks... I'll look into that another day, it's already ... oh boy, 4:30AM here
[04:24:03] <lunaphyte> i almost made it the entire day without knowing it was "international talk like a pirate day".
[04:24:28] <sahil> BenB: ah, france!
[04:24:29] <BenB> lunaphyte: now I had a problem with your grammar
[04:24:50] <lunaphyte> how's that?
[04:25:23] <BenB> I read international-talk like-a-pirate day instead of international talk-like-a-pirate day
[04:26:52] <lunaphyte> i would never give a stupid phrase like that satisfaction of holding it to any sort of grammatical standard.
[04:27:10] <BenB> bad excuse, try again
[04:28:15] <sahil> this is #postfix; take it to #grammar, bitches.
[04:34:02] <lunaphyte> there is no better justification than that.
[04:36:50] *** joeyo has joined #postfix
[04:46:31] <BenB> http://workaround.org/moin/GettingHelpOnIrc is nice. short, important things covered, to the point.
[04:47:19] <BenB> (following the document :-) ):
[04:48:53] <BenB> so, the problem is resolved. It was not appent_at_myorigin, that can stay yes, but I have to set myorigin to $myhostname (or /etc/mailname on debian), i.e. the default, and $mydestinations need to include $myhostname, too.
[04:49:19] <BenB> that allows me to use local accounts as target in virtual and and source in aliases
[04:52:50] <BenB> too bad unix has no concept of my domain. /etc/hostname is just "foo", but there's nothing telling "dc.example.com" system-wide.
[04:52:59] <BenB> if that existed, mydomain could have the right default value
[04:54:36] <BenB> sahil: I have to say, though, the documentation on mydomain this is not clear.
[04:55:12] <BenB> sahil: if I have a server with hostname eddy.dc.example.com, and it is responsible for all mail to example.com, is mydomain dc.example.com or example.com?
[04:55:26] <BenB> http://www.postfix.org/postconf.5.html#mydomain
[04:58:01] <lunaphyte> hostname should contain the fqdn.
[04:58:04] <BenB> note that foobar at dc dot example.com does not exist.
[04:58:13] <BenB> lunaphyte: yeah, that's clear
[04:58:55] *** growltiger_ has joined #postfix
[04:59:26] <lunaphyte> rather - /etc/hostname is intended to contain the fqdn.
[04:59:54] <BenB> lunaphyte: yes, but that wasn't my question. I wonder what mydomain and myorigin should contain
[05:00:33] <BenB> (actually, I only wonder about mydomain . myorigin seems to be example.com)
[05:00:59] <lunaphyte> whatever's appropriate.  either is legitimate.
[05:01:29] <BenB> lunaphyte: well, situation see above.
[05:01:31] <lunaphyte> if there's dns delegation involved, i think my inclination would be to use the former.
[05:03:31] *** goldfisc1li has joined #postfix
[05:04:20] <BenB> lunaphyte: can you define "dns delegation" (do you mean whether there's an MX for dc.example.com? no, there's not) and "former"?
[05:05:33] <BenB> OK, thus works:
[05:05:39] <BenB> myhostname = mail.server.beonex.com                                             mydomain = beonex.com
[05:05:49] <lunaphyte> you stated above that /etc/hostname contains only "foo".  what i was getting at, with my earlier comment about /etc/hostname containing the fqdn of the computer, was that if you put the fqdn in that file you might solve your problem.
[05:06:39] <BenB> with mydestination (includes $myhostname and localhost.$mydomain) and myorigin (=$mydomain) at the defaults
[05:06:51] <lunaphyte> dns delegation means that a subdomain has been delegated to some other nameserver by the parent.
[05:07:03] *** growltiger has quit IRC
[05:07:14] <BenB> lunaphyte: oh, sorry, I misread you in the beginning. I read /etc/mailname instead of /etc/hostname.
[05:08:23] <lunaphyte> the value returned for myhostname (whether obtained via gethostname() or explicitly defined) should generally match the ptr record for the ip address of the computer running postfix.
[05:08:49] <BenB> yes, that is the case.
[05:09:27] <BenB> you can't do that, though, if you have an uncooperative provider, like most DSL providers.
[05:09:42] <lunaphyte> additionally, if the computer's os is properly configured, it won't be necessary to explicitly define it in main.cf
[05:10:05] <lunaphyte> indeed, that's a legitimate exception.
[05:11:15] <BenB> lunaphyte: yes... the reason why I misunderstood /etc/hostname, though, is that the installation routines of the distros, ubuntu in this case, do *not* configure it "properly".
[05:11:34] <BenB> lunaphyte: the ubuntu installer specifically asks for the hostname without domain, and puts that in /etc/hostname
[05:11:53] <lunaphyte> yeah, i recall that.  it's unfortunate.
[05:12:13] <BenB> lunaphyte: you're sure that /etc/hostname/ shall contain a domain?
[05:12:56] <BenB> (lots of services use that and thus lots of things can go wrong if I get this wrong)
[05:14:38] <lunaphyte> you can get away with either approach.  i debated this with myself some time ago and decided that there was a distressing lack of clarity/concensus on the topic and eventually settled on the fqdn, but am not happy with the decision.
[05:14:52] <BenB> nod
[05:15:11] <BenB> not happy why? because you're not sure or because some things break?
[05:15:13] *** Thorn has quit IRC
[05:16:15] *** Thorn has joined #postfix
[05:16:26] <lunaphyte> no, nothing breaks, because i make it a point to make sure it works, just like anyone would.  not happy because my confidence in the decision is lower than i'd like.
[05:16:39] <BenB> lunaphyte: I see.
[05:17:25] <lunaphyte> that being said, even as i sit here and say this, i'm looking at different servers of mine and some have the unqualified hostname while others have the fqdn.
[05:17:29] <BenB> FWIW, ssh-keygen works better this way. the unqualified "benb@eddy" always annoyed me, now I get benb at eddy dot dc.example.com as name for the key in id_dsa.pub
[05:18:44] <lunaphyte> thinking about it a bit more, as i recall, there was some aspect that was related to whether a computer could look up it's own name in dns or not.
[05:18:54] *** goldfischli has quit IRC
[05:19:37] <BenB> lunaphyte: you want to have both eddy and eddy.dc.example.com in /etc/hosts
[05:19:53] <BenB> e.g. 127.0.0.1   eddy eddy.dc.example.com
[05:20:31] <lunaphyte> actually, i prefer to have virtually nothing in /etc/hosts.  it minimizes the locations where conflicting information can come from.
[05:21:10] <lunaphyte> at
[05:21:16] <BenB> same here. but that seems to be the exception. I had problems when that was not there. specifically, SSH logins are much slower then, probably because they go via DNS to look up their own hostname and that may fail.
[05:21:47] <BenB> so, my /etc/hosts has only the various localhosts and the hostname as mentioned.
[05:22:19] <lunaphyte> things like ssh only choke if a bogus resolver has been specified in resolv.conf.
[05:23:11] <BenB> well, "bogus" is relative. it was a cache, but doesn't necessarily know itself. anyways, using external sources for my hostname, in the context of SSH, makes me feel uneasy.
[05:23:38] <BenB> and /etc/hosts is definitely faster, given how often the own host is needed. anyways, I found this to be the best setup.
[05:24:08] <lunaphyte> /etc/hosts is for people who don't know how to do dns.
[05:24:28] <Motoko-chan> Or for those that need to override for certain reasons.
[05:24:30] <BenB> yes, I understand that. with the exception of localhost. and my own hostname is a variant of that.
[05:24:44] <lunaphyte> /etc/hosts is to name resolution as training wheels are to riding a bike :)
[05:25:15] <lunaphyte> Motoko-chan: sure, there are always exceptions.
[05:25:28] *** syllogism has quit IRC
[05:25:43] *** syllogism has joined #postfix
[05:26:30] <BenB> lunaphyte: you don't use your bike to go to your fridge, though, do you? :)
[05:26:41] * BenB shuts up now
[05:27:34] <lunaphyte> if there was a framework and a facility for efficiently doing it, i would.
[05:27:41] <lunaphyte> (nice try though) :)
[05:27:51] <Motoko-chan> BenB, that sounds cool.
[05:27:58] <Motoko-chan> Kinda like the beer throwing robot.
[05:28:31] <lunaphyte> BenB: is your first name really ben, and your last initial really b?
[05:30:26] <Motoko-chan> Maybe his first initial is B and his last name is enB.
[05:30:41] <lunaphyte> heh
[05:31:00] *** syllogism has quit IRC
[05:32:10] *** syllogism has joined #postfix
[05:34:58] <BenB> Motoko-chan: you got it.
[05:35:05] <BenB> lunaphyte: yes.
[05:35:32] <BenB> lunaphyte: I'n not an 31337 phreak, I know.
[05:35:41] <lunaphyte> it's a bit surreal - i feel like i'm talking to myself.  i happen to share the same first name and last initial.
[05:36:14] <BenB> lunaphyte: huch. your legal name is really "Ben" or "Benjamin"?
[05:36:34] <lunaphyte> benjamin
[05:36:47] <BenB> lunaphyte: anyways, must feel strange, yes. I know how it feels when somebody has the nick "Ben".
[05:38:08] *** lunaphyte is now known as btb
[05:38:15] <btb> heh
[05:38:24] <btb> i wonder if this nick is owned
[05:38:44] <BenB> btb: must be, otherwise I'd have grabbed it years ago :)
[05:39:21] <BenB> btb: yes, registered and currently in use
[05:39:35] <btb> please don't tell me your middle initial is t
[05:39:43] <BenB> btb: lol
[05:39:46] <BenB> no, it's not.
[05:39:56] <BenB> I'm just Ben Bucksch.
[05:45:30] *** bugz__ has quit IRC
[05:45:35] *** dh__ has joined #postfix
[05:45:37] *** gonewestcoast has quit IRC
[05:47:21] *** btb is now known as btb_
[05:51:53] *** btb_ is now known as lunaphyte
[05:52:54] *** Daviey has quit IRC
[05:53:56] *** dh has quit IRC
[05:54:10] *** _bugz_ has joined #postfix
[05:59:03] *** lunaphyte is now known as btb
[06:01:49] <btb> now it's registered and in use :) .  it wasn't before.
[06:09:10] <BenB> btb: maybe I should go and register all free 3-letter nicks, like the domain grabbers did. and nicks are free!
[06:09:34] <BenB> em, offtopic. /me warns himself
[06:10:33] <btb> eh, we don't mind "offtopic" so much here, unless there are a lot of people busy trying to get help.
[06:11:27] *** btb is now known as lunaphyte
[06:13:08] <BenB> lunaphyte: ok, ontopic, but phreaky question: can I forward mail to an smtp on a port not 25?
[06:13:55] <BenB> (what I want to do is to have an outer SMTP MX which accepts mail from the internet, checks it, and then sends it to an internal mail server which has the imap server.
[06:14:30] <BenB> sure, I could use lmtp, but smtp seems simpler and a better match - I want additional checks in the inside host)
[06:15:17] <BenB> lunaphyte: so, is there any way to make postfix, when acting as smtp client, contact the remote host on a port != 25 ?
[06:15:24] *** xpoint has quit IRC
[06:18:54] <lunaphyte> sure
[06:18:57] <lunaphyte> !examples
[06:18:58] <knoba> lunaphyte: "examples" : http://www.postfix.org/STANDARD_CONFIGURATION_README.html
[06:19:26] <lunaphyte> !firewall
[06:19:27] <knoba> lunaphyte: Error: "firewall" is not a valid command.
[06:19:38] <lunaphyte> !gateway
[06:19:38] <knoba> lunaphyte: Error: "gateway" is not a valid command.
[06:19:49] <lunaphyte> hmm.  well, see the section on firewall/gateway
[06:20:32] <lunaphyte> the transport map is where you would specify an explicit port, if desired.
[06:20:44] <lunaphyte> i'm off for now.  good luck.
[06:21:11] <BenB> lunaphyte: thanks, bye Ben T. B. :)
[06:28:06] *** hparker has quit IRC
[06:47:09] *** JT has quit IRC
[06:50:52] <BenB> relayhost: internalmachine:1234 (where 1234 is the port and internalmachine is the hostname) seems to be correct
[06:51:08] <BenB> "relayhost = ...", rather
[06:58:10] *** growltiger has joined #postfix
[07:11:25] *** growltiger_ has quit IRC
[07:31:14] *** growltiger_ has joined #postfix
[07:31:48] *** seekwill has quit IRC
[07:36:45] <BenB> no, that's not it and I'm stuck.
[07:37:14] <BenB> I have a virtual table with various addresses, and many of them go to a single user, let's call him "ben"
[07:39:29] <BenB> then, in aliases, I tell where the mail for "ben" should go, e.g. to "foobar at example dot com" or local account "zed". one minor problem is that this causes postfix to deliver mail to localhost, while I want the resolving to happen directly from the address in virtual to "foobar at example dot com", without local delivery to "ben" and another postfix process.
[07:40:29] *** growltiger has quit IRC
[07:40:44] <BenB> worse, yet, I can't get the relay right. I want all mail for ben to be forwarded via SMTP to an internal host fred, port 3412. however, all other accounts should still be forwarded directly.
[07:41:58] <BenB> e.g. if there's also a mary at lastname dot org virtual address, and she wants her mail to go to her at yahoo dot com, I don't want that mail to go to the relayhost, but delivered/forwarded directly
[07:43:08] <BenB> I don't know how to achieve that. I tried "relayhost = fred:1234", and that works, but forwards all mail to that relay, also mary's. if I put relay_domains = example.com in there, so that only fred's mail goes to the relay, that seems to have no effect.
[07:43:32] *** higuita has quit IRC
[07:43:41] <BenB> s/fred/ben/
[07:43:47] <sysmonk> BenB: the sending to other port for ONE user - use transport_maps
[07:44:02] <sysmonk> i.e. ben at example dot com smtp:someotherserver:1234
[07:44:03] <BenB> Ideally, I would just say, in /etc/aliases: "ben : ben@fred:1234", where 1234 is the SMTP port
[07:44:07] *** higuita has joined #postfix
[07:44:27] <sysmonk> BenB: and try to fix one problem at a time
[07:44:27] <BenB> sysmonk: that's exactly what I tried last. it does not work, it doesn't like the port syntax.
[07:44:30] <sysmonk> not bunch of them
[07:44:40] <sysmonk> BenB: it should
[07:44:46] <sysmonk> BenB: show us the line you used
[07:45:04] *** higuita has quit IRC
[07:45:25] *** higuita has joined #postfix
[07:45:41] <BenB> I tried smtp:[localhost:1234], smtp:localhost:1234, but I'll try the latter again
[07:46:18] <sysmonk> the correct one is smtp:localhost:1234
[07:46:50] <sysmonk> + don't forget to postmap the file
[07:46:52] <sysmonk> and reload postfix
[07:47:38] <BenB> did all that.
[07:48:01] <sysmonk> then do it again and show us the error
[07:48:07] <sysmonk> just don't paste to the channel :) use a pastebin ;)
[07:48:10] <BenB> to=<ben at fred dot ec.example.com>, orig_to=<ben at example dot com>, relay=none, delay=0.18, delays=0/0.02/0.17/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=localhost type=AAAA: Host not found)
[07:48:30] <sysmonk> type=AAAA
[07:48:35] <sysmonk> it tries to use ipv6 to deliver
[07:48:58] <BenB> well, that should be fine (even better), the port is open on ipv4 and ipv6
[07:49:13] <sysmonk> yes, but is localhost mapped to ipv6 localhost ip ?
[07:49:28] <sysmonk> that is ::1
[07:49:58] <BenB> ip6-localhost is, and I changed transport to that, but still doesn't find it
[07:50:31] <sysmonk> BenB: show the error with the new host again
[07:50:49] <BenB> Host or domain name not found. Name service error for name=ip6-localhost type=AAAA: Host not found
[07:50:58] <BenB> ::1     ip6-localhost ip6-loopback
[07:51:06] <BenB> (the latter in /etc/hosts
[07:51:13] <sysmonk> and what about dns settings in postfix?
[07:51:23] <BenB> which one?
[07:52:06] <sysmonk> disable_dns_lookups
[07:52:33] <BenB> disable_dns_lookups = no
[07:52:55] <sysmonk> set it to yes
[07:53:00] <BenB> the following transport line seems to work: volte.plan.bucksch.org  smtp:::1:3025
[07:53:22] <sysmonk> should be smtp:[::1]:3025
[07:53:23] <BenB> sysmonk: wouldn't that break normal mail sending?
[07:53:38] <sysmonk> BenB: it would start using the servers dns routines
[07:53:44] <sysmonk> and also looking in /etc/hosts
[07:54:03] <BenB> oh! postfix does its own DNS routines, not those of the OS?
[07:54:08] <sysmonk> right
[07:54:12] <sysmonk> !disable_dns_lookups
[07:54:13] <knoba> sysmonk: "disable_dns_lookups" : a configuration parameter in the main.cf: Disable DNS lookups in the Postfix SMTP and LMTP clients. When disabled, hosts are looked up with the gethostbyname() system library routine which normally also looks in /etc/hosts.
[07:54:26] <sysmonk> note the 'when disabled' part
[07:54:44] <BenB> that's why I had the same problem in relayhost spec. it seems postfix' internal lookup is broken for either IPv6 or /etc/hosts.
[07:54:55] <sysmonk> it's not
[07:55:04] <sysmonk> it uses the dns servers to lookup
[07:55:11] <sysmonk> and your dns servers don't have localhost
[07:55:18] <BenB> sysmonk: well, not using /etc/hosts for name resolution *is* a bug
[07:55:19] <sysmonk> i.e. dig aaaa localhost
[07:55:31] <sysmonk> should fail
[07:56:12] <sysmonk> BenB: well, it's not. it uses dns to resolve clients names. if you don't want to do that - you can disable dns lookups
[07:56:14] <BenB> right - localhost should not be in DNS, it's in /etc/hosts. and I may well add other names there. I just assume that everything uses that.
[07:56:23] <BenB> sysmonk: well, that's broken by default.
[07:56:34] <sysmonk> BenB: it's not
[07:56:43] <sysmonk> if you don't like the defaults - change them
[07:56:47] <BenB> I rightfully assume that /etc/hosts is used by everything. every other application uses it.
[07:56:49] <sysmonk> you are left with the option to change it
[07:57:07] <sysmonk> not every :)
[07:57:12] <BenB> and as you can see, it breaks for obvious still like localhost
[07:57:37] <BenB> and it would when I add hosts to /etc/hosts and wonder why they don't get used.
[07:57:40] <sysmonk> anyway, if you don't like it and you THINK it's broken - you can mail postfix-users@
[07:57:55] <sysmonk> Wietse, the main developer and creator of postfix reads the list very often
[07:57:55] <BenB> sysmonk: it's not me thinking, it's unix conventions.
[07:58:05] <sysmonk> i've told you what to do
[07:58:11] <sysmonk> i'm not into talking about it
[07:58:23] <BenB> anyways, that wasn't the main problem (just a factor that made my problem harder and more confusing)
[07:58:31] <sysmonk> i'm not the developer so i'll shut up
[07:58:34] <BenB> thanks for pointing me to it.
[07:59:02] *** gonewestcoast has joined #postfix
[08:02:54] <BenB> sysmonk: yes, "smtp:[::1]:3025" also works. so, "smtp:[::1]:3025", "smtp:::1:3025" (funny enough) and "smtp:ip6-localhost:3025" (with disable_dns_lookups=yes, and going to 127.0.0.1 ipv4, not ::1 ipv6 apparently) all work
[08:03:40] <sysmonk> BenB: [] turns off the mx lookups
[08:03:52] <BenB> ah, right, I remember
[08:04:14] <sysmonk> and uf, i wouldn't like to use the smtp:::1...
[08:04:24] <sysmonk> it's confusing + chances are that it might change in the future
[08:07:02] *** gonewestcoast has quit IRC
[08:07:46] <BenB> "smtp:[::1]:3025" should be fine, though, no?
[08:07:56] <sysmonk> yes
[08:08:49] <BenB> seems like yahoo doesn't like me: "connect to yahoo.com[206.190.60.37]:25: Connection timed out" :-/
[08:09:07] <sysmonk> oh, yahoo does lots of throttling
[08:09:08] <BenB> sysmonk: works now, as far as I can see - mail for that one recipient is forwarded, others are   delivered directly.
[08:09:23] <BenB> sysmonk: so, that's normal. ok.
[08:09:24] <sysmonk> but it should atleast open a socket and give you a smtp respons about it
[08:09:57] <BenB> not seeing that
[08:10:00] <sysmonk> mhm
[08:10:15] <sysmonk> maybe it changed it behaiviour or some of their servers are down right now
[08:10:50] <sysmonk> err wait
[08:11:00] <sysmonk> you're sending to yahoo.com as a yahoo.com
[08:11:06] <sysmonk> not to their mx'es
[08:11:08] <BenB> or it doesn't like forwarders: B3F39303C57C: to=<actualaccount at yahoo dot com>, orig_to=<my at last dot name>, relay=none, delay=60, delays=0.02/0/60/0, dsn=4.4.1, status=deferred (connect to yahoo.com[206.190.60.37]:25: Connection timed out)
[08:11:31] <BenB> sysmonk: because of that disable_dns?
[08:12:01] <sysmonk> yup, must be it
[08:12:22] <BenB> yes, disabled it, now works.
[08:12:27] <sysmonk> gethostbyname doesn't lookup mx'es
[08:12:47] <BenB> I *did* think that "disable_dns_lookups" does not sound thge right thing to do :)
[08:12:51] <BenB> yes, figured
[08:13:04] <sysmonk> BenB: it depends
[08:13:17] <BenB> sysmonk: obviously.
[08:13:19] <sysmonk> i.e. you can have your 'lookuphosts' transport and have disable_dns_lookups in it
[08:13:32] <sysmonk> or whatever
[08:13:43] <sysmonk> i disable dns lookups when delivering to my antispam servers
[08:13:48] <BenB> sysmonk: but the right behavious is, IMHO, to check /etc/hosts first, then MX in DNS, then A/AAAA in DNS.
[08:13:54] <BenB> but whatever
[08:14:06] <sysmonk> BenB: echo "your thoughts" | mail postfix-users at postfix dot org
[08:14:13] <sysmonk> not > sysmonk
[08:14:23] <BenB> sysmonk: I don't think you want me to do just that
[08:14:42] <sysmonk> i don't think i want to listen to 'i think it should be...'
[08:15:28] <sysmonk> i'm not a developer so if you're going to tell me your thought about it - they'll go straight to /dev/null
[08:15:43] <sysmonk> they won't be considered to be implemented/fixed in postfix :)
[08:17:56] <BenB> heh, ok :)
[08:18:05] <BenB> thanks for the help, though!
[08:18:12] <BenB> it now seems to all work
[08:18:25] <BenB> just the minor thing is left, mentioned earlier
[08:18:35] <sysmonk> oh you mentioned too much stuff earlier
[08:18:41] <sysmonk> that's why i said one problem at a time :)
[08:18:55] <BenB> I have a virtual table with various addresses, and many of them go to a single user, let's call him "ben" in aliases, I tell where the mail for "ben" should go, e.g. to "foobar at example dot com" or local account "zed". one minor problem is that this causes postfix to deliver mail to localhost, while I want the resolving to happen directly from the address in virtual to "foobar at example dot com", without local delivery to "ben" and another
[08:18:56] <BenB> postfix process.
[08:19:39] *** madrescher has joined #postfix
[08:19:41] <sysmonk> er
[08:19:47] <sysmonk> can you show that in 'log' format ? :P
[08:19:51] <sysmonk> i'll understand it better that way
[08:19:52] <sysmonk> ;)
[08:20:03] <BenB> heh, I can show in received: format
[08:20:17] <sysmonk> hm... ok
[08:20:21] <BenB> if I may query you (I don't want to publish)
[08:20:34] <sysmonk> ok
[08:37:37] *** dh__ is now known as dh
[08:51:39] *** BartVB has joined #postfix
[08:52:46] *** j_s has joined #postfix
[08:58:25] *** githogori has joined #postfix
[09:35:04] *** carl- has joined #postfix
[09:43:24] *** BenB has quit IRC
[09:51:29] *** omry has quit IRC
[09:57:39] *** war9407 has joined #postfix
[10:02:55] *** denis has joined #postfix
[10:07:11] *** growltiger has joined #postfix
[10:08:24] *** rcsu has joined #postfix
[10:20:26] *** growltiger_ has quit IRC
[10:34:45] *** Zelest has quit IRC
[10:36:02] *** growltiger_ has joined #postfix
[10:41:15] *** Zeit|awy_ has quit IRC
[10:44:58] *** deftunix has joined #postfix
[10:47:58] *** growltiger has quit IRC
[11:12:16] *** seekwill has joined #postfix
[11:13:04] *** sophokles has joined #postfix
[11:31:51] *** JT has joined #postfix
[11:36:40] *** seekwill has quit IRC
[11:43:09] *** Tykling has joined #postfix
[11:44:35] *** growltiger has joined #postfix
[11:50:02] *** deftunix_ has joined #postfix
[11:53:31] *** growltiger_ has quit IRC
[11:57:49] *** deftunix has quit IRC
[11:59:09] *** nico66 has joined #postfix
[12:01:41] *** nico66 has left #postfix
[12:05:12] *** Fallenou has joined #postfix
[12:33:56] *** pirho has joined #postfix
[12:54:38] *** Zeit|awy has joined #postfix
[13:04:41] *** deftunix_ has quit IRC
[13:10:12] *** deftunix has joined #postfix
[13:29:49] *** denis has quit IRC
[13:31:05] *** hever has joined #postfix
[13:42:18] *** mark-use has joined #postfix
[13:46:07] *** hever has quit IRC
[13:47:02] *** Tykling has left #postfix
[13:48:27] *** jp- has quit IRC
[13:56:31] *** denis has joined #postfix
[14:05:14] *** netcrash has joined #postfix
[14:08:24] <denis> hi
[14:08:37] <denis> I would temporarily delegate part of the heavy work (verification, postgrey, antivirus antispam) to another postfix server.
[14:08:51] <denis> Looking documentation, i think that simply changing the mx field of each zones (to mx.newmachine.tld)
[14:09:01] <denis> And on the new server, creating config like this:
[14:09:17] <denis> relay_domains = hash:/etc/postfix/relay_domains (with the list of domains to accept)
[14:09:27] <denis> transport_maps = hash:/etc/postfix/transport (with for each domain, the name of the server that receives the final message)
[14:09:34] <denis> This seems correct?
[14:10:00] *** _matt has joined #postfix
[14:11:45] *** _matt is now known as matt_
[14:12:21] *** Zelest has joined #postfix
[14:24:30] *** hparker has joined #postfix
[14:30:39] <vice-versa> denis: more or less, you'll also want the gateway to have a valid list of recipients
[14:36:12] <denis> vice-versa, Not necessarily: the server that receives the final message can reject recipients who are not valid
[14:38:06] <vice-versa> so what happens then?
[14:42:25] *** Thorn has quit IRC
[14:43:38] *** Thorn has joined #postfix
[14:45:11] *** Daviey has joined #postfix
[14:51:09] <denis> the newmachine send a Undelivered Mail Returned to Sender
[14:59:39] <vice-versa> denis: that works great in a perfect world
[15:00:10] <denis> cool ;)
[15:03:35] <vice-versa> however, for most of use the world isn't perfect and there is this thing we like to call backscatter that we all despise being on the receiving end of
[15:03:58] <vice-versa> !backscatter
[15:03:59] <knoba> vice-versa: "backscatter" : http://www.postfix.org/BACKSCATTER_README.html
[15:04:39] *** BuenGenio has joined #postfix
[15:05:20] <BuenGenio> mordor, evening, afternoon
[15:05:34] <BuenGenio> is it possible to specify various addresses for one alias?
[15:05:47] <BuenGenio> (trying to set up a group alias)
[15:06:38] <Verilium> Of course, just seperate them with commas.
[15:07:18] <Verilium> BuenGenio:  man 5 aliases
[15:07:57] <Verilium> Or check out man 5 virtual, if you're doing this for virtual..
[15:08:48] <BuenGenio> this is for virtual aliases and mysql
[15:11:55] *** Juspion has joined #postfix
[15:12:37] <Verilium> All your aliases are in mysql?
[15:14:15] <BuenGenio> actually i don't yet have an alias table set up
[15:14:21] <BuenGenio> just been reading man 5 virtual
[15:14:40] <Verilium> If your aliases are in text file, then check out the man page on virtual.  If they're in mysql, well, time to go edit your database. ;)
[15:16:17] <BuenGenio> I'm not too certain what to put into main.cf - whether virtual_alias_domains and virtual_alias_maps are both obligatory
[15:17:22] <Verilium> I'm not sure I understand your setup to be honest, especially since you mentionned mysql.
[15:18:42] <BuenGenio> mind checking out main.cf briefly (it's not long) ? http://pastebin.com/d68027f96
[15:18:46] <Verilium> In a typical/simple virtual setup, you'd just have a file called 'virtual', and in that file, you'd define the domains you want setup, and the addresses for those domains.
[15:18:54] <Verilium> And you'd have virtual_alias_maps point to that file.
[15:19:08] <BuenGenio> hat about virtual_alias_domains?
[15:20:36] <Verilium> BuenGenio:  Did you set this whole thing up?
[15:20:47] <BuenGenio> yeah
[15:21:00] <Verilium> virtual_alias_domains should point to something that can get a listing of all your virtual domains.
[15:21:14] <BuenGenio> it works... :)
[15:21:21] <Verilium> !virtual_alias_domains
[15:21:22] <knoba> Verilium: "virtual_alias_domains" : a configuration parameter in the main.cf: Optional list of names of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains.
[15:21:25] <BuenGenio> so the trick is to not screw it up at thisstage
[15:21:47] <Verilium> BuenGenio:  How you're doing that, what table and whatnot, in mysql, well...
[15:22:47] <Verilium> You could always look into postfixadmin too, if that might be of interest.
[15:22:51] <BuenGenio> mysql-virtual_domains.cf: query = SELECT domain AS virtual FROM domains WHERE domain='%s'
[15:23:15] <BuenGenio> Verilium, i have a slightly different setup to postfixadmin's at the moment
[15:24:02] <Verilium> BuenGenio:  ...nice smtpd banner. ;)
[15:24:32] <BuenGenio> yeh, courtesy of various #postfix members ;)
[15:25:25] <BuenGenio> so are virtual_domains and virtual_alias_domains different?
[15:25:51] <BuenGenio> !virtual_domains
[15:25:52] <knoba> BuenGenio: Error: "virtual_domains" is not a valid command.
[15:26:30] <BuenGenio> rather virtual_mailbox_domains vs. virtual_alias_domains..
[15:26:37] <BuenGenio> !virtual_mailbox_domains
[15:26:37] <knoba> BuenGenio: "virtual_mailbox_domains" : a configuration parameter in the main.cf: The list of domains that are by default delivered via the $virtual_transport mail delivery transport. This list uses the same syntax as the mydestination configuration parameter.
[15:34:39] *** pirho has quit IRC
[15:43:25] *** Motoko-chan has quit IRC
[15:43:54] *** mark-use has quit IRC
[15:59:47] *** pirho has joined #postfix
[16:00:44] *** pirho has quit IRC
[16:01:17] *** pirho has joined #postfix
[16:07:01] *** hemry has joined #postfix
[16:11:56] *** pirho has quit IRC
[16:14:18] *** wooz_ is now known as wooz
[16:14:58] *** pirho has joined #postfix
[16:21:39] *** opt1k has joined #postfix
[16:21:49] <opt1k> is there a way to set up postfix to send mail thru a proxy?
[16:25:04] <Zelest> check the relayhost thing
[16:25:15] <Zelest> if that's considered a proxy or no, I don't know.
[16:25:29] <opt1k> k, i'll check that out
[16:33:11] *** m0f0x_ has joined #postfix
[16:41:24] *** weedar has joined #postfix
[16:44:05] *** m0f0x has quit IRC
[16:57:40] *** keffff has quit IRC
[16:57:49] *** keffer has joined #postfix
[17:14:09] *** opt1k has quit IRC
[17:14:18] *** Juspion has quit IRC
[17:16:03] *** lunaphyte has quit IRC
[17:21:47] *** Mohero has joined #postfix
[17:21:50] <Mohero> hi all
[17:21:55] <googlah> hi
[17:23:25] <Mohero> I have a postfix server, that holds all SMTP mail for Mailscanner to scan, the problem is, when I'm roaming (quite often) some of the IP's i'm at are not allowed to host smtp servers, so my outgoing mail is marked as spam (through Spamhaus) is there a way I can configure postfix to hold all mail for mailscanner,, appart from mail that I send after authenticating?
[17:24:46] <Mohero> or rather, never HOLD messages that I send authenticated.
[17:25:09] *** x03 has joined #postfix
[17:26:18] *** Mohero_ has joined #postfix
[17:26:23] *** Mohero_ has left #postfix
[17:26:27] <x03> hello! i have a simple question here. in postfixadmin the $CONF['encrypt'] = 'md5crypt'; is compatible to auth_default_mechanism = MD5 in postfix main.cf ?
[17:26:37] *** Mohero_ has joined #postfix
[17:27:02] *** Mohero has quit IRC
[17:27:09] *** Mohero_ is now known as Mohero
[17:44:24] *** sophokles has quit IRC
[17:45:28] <shasta> there's no such setting as "auth_default_mechanism" in main.cf
[17:47:39] <Trengo> in postfixadmin
[17:53:25] *** BuenGenio_ has joined #postfix
[17:53:42] *** BuenGenio has quit IRC
[17:58:35] *** mark-use has joined #postfix
[18:00:32] *** Clown has joined #postfix
[18:06:20] *** BuenGenio_ has quit IRC
[18:09:39] *** hparker has quit IRC
[18:13:45] *** hparker has joined #postfix
[18:19:59] *** lunaphyte has joined #postfix
[18:20:36] *** hparker has quit IRC
[18:21:11] *** hparker has joined #postfix
[18:23:22] *** Tykling has joined #postfix
[18:34:31] *** hparker has quit IRC
[18:35:05] *** hparker has joined #postfix
[18:50:22] *** tomocha6 has joined #postfix
[19:00:09] *** Tykling has left #postfix
[19:18:49] *** BuenGenio has joined #postfix
[19:21:25] <oblio_> account list
[19:25:39] *** xpoint has joined #postfix
[19:36:13] *** BuenGenio has quit IRC
[19:39:29] *** BuenGenio has joined #postfix
[19:40:14] *** BuenGenio has quit IRC
[19:40:20] *** BuenGenio has joined #postfix
[19:42:50] *** havvg has joined #postfix
[19:59:48] *** netcrash has quit IRC
[20:04:22] *** amrit|wrk is now known as amrit
[20:23:34] *** denis has quit IRC
[20:34:59] *** deftunix has quit IRC
[20:37:26] *** growltiger_ has joined #postfix
[20:44:11] *** carl- has quit IRC
[20:52:31] *** growltiger has quit IRC
[20:56:21] *** deftunix has joined #postfix
[21:31:17] *** Balu has joined #postfix
[21:40:02] <Balu> After a few years with a nicely running postfix (mysql) + amavisd-new + spamassassin + policyd-weight + courier server I'm about to set up a new one. And now I'm wondering what the common packages are today.
[21:40:08] <Balu> It looks like amavisd-new + spamassassin are still common, but people seem to go for dovecot. And policyd-weight seems to get replaced by postfwd...
[21:40:23] <Balu> Are there any opinions on postfix-policyd, postfix-smtpguard or postfix-gld for their matters (as they have debian packages ;)
[22:04:22] <x03> i have a litle problem where with authetication system in postfix
[22:04:52] <x03> im trying block the not trusted users
[22:04:59] <x03> this trusted users is in mysql table
[22:05:00] *** seekwill has joined #postfix
[22:05:09] <x03> just this users can relay mensages
[22:05:22] <x03> i configure postfix acording to and internet howto
[22:05:28] <x03> and get this as result
[22:05:42] <x03> http://rafb.net/p/cgQfS278.html
[22:05:59] <x03> (i dont remove the comments)
[22:06:27] <x03> when i try to send a message to someone at gmail dot com the system give me r 'relay access denyed'
[22:06:35] *** denis has joined #postfix
[22:06:57] <x03> i log into postfix with tls and giving username / password
[22:07:10] <x03> someone have a clue ?
[22:13:20] <oblio_> who is the biggest postfix expert, ever
[22:13:44] <oblio_> and/or
[22:13:50] <oblio_> can i port a queue to dovecot to process
[22:14:17] <seekwill> "to process"?
[22:14:27] <oblio_> my mail queue started holding all mail starting last monday
[22:14:28] *** Zelest has quit IRC
[22:14:30] <oblio_> i currently have 15k emails in queue
[22:14:40] <oblio_> ive gone through my configs extensively, i think my problem is //probably// maildrop
[22:15:00] <oblio_> but i have ldap aliases in use so i require the use of maildrop, at least thats how the current setup works
[22:15:04] <oblio_> the weird thing is nothing has changed in my config
[22:15:13] <oblio_> the box is ok, it fsck's ok, things are processing fine
[22:15:19] <oblio_> qmgr just decided it cant talk to local anymore
[22:16:38] <oblio_> also maildrop works fine when you kick mail to it from the cli
[22:16:43] <oblio_> it's just baffling
[22:17:08] <oblio_> qmgr just tries to hit local and bounces it back to incoming
[22:17:28] <oblio_> i wish i knew more about how that interaction works, i did look at an strace but that is a bit beyond me
[22:18:28] <oblio_> no errors in the logs, whats so ever
[22:18:33] <oblio_> *what
[22:27:26] *** deftunix_ has joined #postfix
[22:32:11] *** Zelest has joined #postfix
[22:36:31] *** deftunix has quit IRC
[22:44:25] *** x03 has quit IRC
[22:50:27] *** mark-use has quit IRC
[23:09:03] <sahil> oblio_: around?
[23:09:32] <oblio_> sahil: yes
[23:09:39] <sahil> oblio_: sucks you're still having this problem. =/
[23:09:42] <oblio_> yes
[23:09:52] <oblio_> :)
[23:09:58] <sahil> at least you're smiling!
[23:10:01] * sahil would be livid
[23:10:31] <oblio_> hah
[23:11:54] <sahil> reboot?
[23:19:21] <sahil> did you ever paste what local is doing with -v?
[23:19:45] <sahil> oblio_, that is.
[23:20:52] <oblio_> yes for sure
[23:20:56] <oblio_> doesnt print // anything //
[23:21:00] <oblio_> so does local hit maildrop?
[23:21:08] <sahil> that is very, very wrong.
[23:21:14] <sahil> it *has* to print something. :P
[23:21:29] <sahil> and you do want ${user} and not ${recipient} on that maildrop line, right?
[23:22:38] *** Clown has quit IRC
[23:24:32] *** havvg has quit IRC
[23:29:27] <sahil> what does your master.cf look like with the -v?  /me wonders if you put it in the right place. :P
[23:30:09] *** denis has quit IRC
[23:31:57] *** UQlev has joined #postfix
[23:34:14] *** UQlev has quit IRC
[23:38:39] *** BartVB has quit IRC
[23:39:04] *** kraypius has joined #postfix
[23:55:46] *** rcsu has quit IRC





top