[00:06:41] *** AcTiVaTe has quit IRC
[00:18:31] *** hemry has quit IRC
[00:20:32] *** Zelest has quit IRC
[00:22:26] <wedge> hm
[00:22:47] *** deftunix_ has quit IRC
[00:23:58] *** Zelest has joined #postfix
[00:27:52] *** barnie has quit IRC
[00:29:05] *** gonewestcoast has joined #postfix
[00:40:55] *** gonewestcoast has quit IRC
[00:50:47] *** adnc has joined #postfix
[00:57:53] <sahil> wedge: hm.
[01:11:26] *** pirho has quit IRC
[01:34:17] <wedge> hm hm
[01:36:17] *** madrescher has quit IRC
[01:52:44] <adnc> how can i have an alias on a virtual domain recipient with two destinations. it works here when i map an alias, but if i use two, seperated by coma it doesnt work
[01:53:14] *** syllogism has quit IRC
[01:53:31] *** brad_ has joined #postfix
[02:05:23] *** gonewestcoast has joined #postfix
[02:05:23] *** war9407 has quit IRC
[02:16:41] *** joeyo has quit IRC
[02:33:39] *** F6F has joined #postfix
[02:40:40] <oblio_> sahil: rebooting fixed it
[02:51:17] *** Fallenou has quit IRC
[02:52:41] *** hever has joined #postfix
[02:56:34] <adnc> for month there is a spammer trying to send mails to my domain with persuader at myOwnDomain dot tld
[02:56:53] <adnc> is anyone else also facing this problem, or is it just me this guy is sending to
[02:57:40] *** hever has quit IRC
[02:59:06] <hparker> you've found a new friend
[03:00:52] *** F6F has quit IRC
[03:01:41] <vice-versa> just you, I doubt anyone here would be receiving mail for your domain
[03:09:36] <adnc> vice-versa: do i do not receive them
[03:09:51] <adnc> he is trying to send it like it
[03:10:17] <adnc> bad english...
[03:10:50] *** gonewestcoast has quit IRC
[03:12:49] <adnc> vice-versa: http://pastebin.com/d23084573 this is a small example of what i see very often
[03:13:08] <adnc> fortunately this is blocked by a rbl lookup at spamhaus
[03:13:22] <adnc> is there a more elegant way getting it blocked before?
[03:14:00] <adnc> as you can see he is trying to send to a envelop recipient called persuader on my domain
[03:14:16] <adnc> and this for month
[03:15:32] <shasta> do you have a persuader@yourdomain user?
[03:15:38] <adnc> shasta: no
[03:15:45] <shasta> then why do you worry? :)
[03:16:04] <adnc> shasta: no, i just wonder if there is something i could learn
[03:16:16] <shasta> properly configured postfix will respond with 5xx code "recipient unknown"
[03:16:19] <adnc> maybe even blocking it with a rule before it looks to spamhaus
[03:16:53] <adnc> shasta: that would be the case if the rbl wouldnt block before
[03:16:59] <shasta> depending on complexity of your system, DNS lookup might or might not be cheaper than local/virtual recipient check
[03:17:40] <shasta> (and rbl check is exactly a dns lookup)
[03:17:51] <adnc> shasta: DNS lookup is probaply not cheaper
[03:18:10] <vice-versa> is it always the same ip?
[03:18:14] <adnc> shasta: yes, i did read about it
[03:18:21] <adnc> vice-versa: no, changing
[03:18:31] <adnc> and i do have him for month always to this particular user
[03:18:51] <adnc> i thought maybe someone else has this too
[03:19:06] <adnc> btw this is a british ip
[03:19:16] <shasta> yeah, blame the brits ;)
[03:19:27] <adnc> no
[03:19:33] <adnc> i would blame the brits
[03:19:41] <adnc> i wouldn't
[03:19:57] <vice-versa> make up your mind ;)
[03:20:02] <shasta> (-8
[03:20:08] <shasta> well
[03:20:50] <adnc> the last days i did some simple statistics with pflgsumm and i see that there is more rejected mail sending attemts than used and welcome connects
[03:20:56] <adnc> do you guys have this aswell?
[03:21:39] <shasta> you could add "check_recipient_access hash:/etc/postfix/blah" to smtpd_recipient_restrictions, then: echo persuader@ REJECT >> /etc/postfix/blah; postmap /etc/postfix/blah
[03:22:07] <shasta> but DNS queries are usually cheap (unless you've got TONS of them)
[03:22:53] <adnc> shasta: i understand your idea. thank you very much
[03:24:18] <shasta> i've got no "persuader" string in my maillogs for the last 30 days
[03:24:29] <adnc> if i do check_recipient_access before permit_mynetworks can i also do a second check_recipient_access after permit_mynetworks with a different map?
[03:24:48] <vice-versa> yes
[03:24:52] <adnc> will this the restrict the one before
[03:26:16] <shasta> not sure what you mean by that
[03:26:28] <adnc> shasta: mhhh, i'll try to describe
[03:26:58] <adnc> the map before permit_mynetworks could reject particular addresses for everyone
[03:27:17] <shasta> *would* :)
[03:27:46] <adnc> and the map after would allow people in mynetworks to send to particular addresses
[03:27:49] <adnc> will this work?
[03:28:05] <adnc> shasta: thank you *would*. ok
[03:28:59] <shasta> i'll give you a hint how *_restrictions work
[03:29:06] <adnc> shasta: cool.
[03:29:30] <shasta> (whatever)_restrictions = a, b, c, d, e    [assume all of these are valid restrictions]
[03:30:22] <shasta> first 'a' is checked. if there's no match or if 'a' "returns" DUNNO, then the next restriction, 'b' in this case is checked
[03:31:24] <shasta> otherwise, if 'a' returns OK, checking further restriction is omitted and the "passes" on
[03:31:56] <shasta> in case of a REJECT match, again checking further is omitted and the mail is rejected
[03:32:21] <shasta> (there are other 'actions' than DUNNO, OK and REJECT, but that's the main idea)
[03:32:25] <shasta> so
[03:32:31] <adnc> i see
[03:32:52] <shasta> if you have: smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/blah, permit_mynetworks, check_recipient_access hash:/etc/postfix/foo
[03:33:05] <adnc> yes
[03:33:07] <shasta> and there "persuader@ REJECT" in blah
[03:33:25] <shasta> even people in $mynetworks will be unable to send email to persuader at any domain
[03:33:47] <shasta> if you want them to do so, place this check after permit_mynetworks
[03:34:00] <adnc> ohhh the idea was for something like this.
[03:34:17] <adnc> restrict sending to a@mydomain
[03:34:26] <adnc> from everywhere
[03:34:53] *** amrit is now known as amrit|bbl
[03:34:58] <adnc> and allow b@mydomain only from smtp authed or from mynetworks
[03:35:27] <adnc> thats why i asked if i can do two seperate check_recipent_access
[03:35:35] <adnc> before and after permit_mynetworks
[03:35:49] <adnc> but if i did understand you right, then this should work
[03:36:18] <vice-versa> and I already said yes, as in, yes you can do this
[03:36:42] <adnc> vice-versa: i noticed. just to make it more clear.
[03:37:00] <adnc> dkim-filter[7707]: 6EFA33443A SSL error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too short
[03:37:23] <adnc> i did not understand why i get this error. can someone help me interprete this=
[03:40:29] *** MrNaz has quit IRC
[03:41:58] *** adcn has joined #postfix
[03:42:09] *** adnc has quit IRC
[03:42:48] *** adcn is now known as adnc
[03:51:53] *** mavrick61 has quit IRC
[03:52:59] *** mavrick61 has joined #postfix
[03:54:28] <kjs> morning
[03:54:57] <vice-versa> not yet
[04:11:41] *** adnc has quit IRC
[04:13:28] *** jduggan_ is now known as jduggan
[04:25:33] *** pitakill has joined #postfix
[04:25:58] *** jrsharp has joined #postfix
[04:31:06] *** kraypius has quit IRC
[04:36:55] *** chadmaynard has joined #postfix
[04:38:30] *** growltiger has joined #postfix
[04:38:46] *** jrsharp has left #postfix
[04:47:42] *** growltiger_ has quit IRC
[05:03:09] *** goldfischli has joined #postfix
[05:18:23] *** gonewestcoast has joined #postfix
[05:19:04] *** gonewestcoast has quit IRC
[05:19:47] *** goldfisc1li has quit IRC
[05:49:42] *** kraypius has joined #postfix
[06:06:33] *** xpoint has quit IRC
[06:21:47] *** j_s has quit IRC
[06:21:47] *** _bt has quit IRC
[06:21:47] *** Spec has quit IRC
[06:21:47] *** tshine has quit IRC
[06:21:47] *** VaNNi has quit IRC
[06:21:47] *** PRAEDO has quit IRC
[06:21:47] *** Bejgli has quit IRC
[06:21:47] *** glitch- has quit IRC
[06:21:47] *** amrit|bbl has quit IRC
[06:21:47] *** jduggan has quit IRC
[06:21:47] *** UdontKnow has quit IRC
[06:21:47] *** kiliko has quit IRC
[06:21:47] *** jwit has quit IRC
[06:21:48] *** tm-afk has quit IRC
[06:21:48] *** sysmonk has quit IRC
[06:21:50] *** Zeit|awy has quit IRC
[06:21:50] *** eanxgeek has quit IRC
[06:21:51] *** Signum has quit IRC
[06:21:51] *** anoncos has quit IRC
[06:21:51] *** jelly has quit IRC
[06:21:51] *** magyar has quit IRC
[06:21:51] *** googlah has quit IRC
[06:21:52] *** fg3 has quit IRC
[06:21:52] *** DanGer has quit IRC
[06:21:52] *** chrisq has quit IRC
[06:21:52] *** lysander has quit IRC
[06:21:52] *** sep has quit IRC
[06:21:52] *** mcblady has quit IRC
[06:21:52] *** mathez has quit IRC
[06:21:52] *** nux has quit IRC
[06:21:52] *** kjs has quit IRC
[06:21:52] *** memic has quit IRC
[06:21:53] *** biz has quit IRC
[06:21:53] *** dhg has quit IRC
[06:21:53] *** puff has quit IRC
[06:21:53] *** soren has quit IRC
[06:21:53] *** Zborg has quit IRC
[06:27:20] *** Zeit|awy has joined #postfix
[06:27:20] *** eanxgeek has joined #postfix
[06:27:20] *** Signum has joined #postfix
[06:27:20] *** anoncos has joined #postfix
[06:27:20] *** jelly has joined #postfix
[06:27:20] *** magyar has joined #postfix
[06:27:20] *** fg3 has joined #postfix
[06:27:20] *** DanGer has joined #postfix
[06:27:20] *** googlah has joined #postfix
[06:27:20] *** puff has joined #postfix
[06:27:20] *** chrisq has joined #postfix
[06:27:20] *** lysander has joined #postfix
[06:27:20] *** sep has joined #postfix
[06:27:20] *** kjs has joined #postfix
[06:27:20] *** nux has joined #postfix
[06:27:20] *** mathez has joined #postfix
[06:27:20] *** mcblady has joined #postfix
[06:27:20] *** biz has joined #postfix
[06:27:20] *** dhg has joined #postfix
[06:27:20] *** memic has joined #postfix
[06:27:20] *** soren has joined #postfix
[06:27:20] *** Zborg has joined #postfix
[06:27:24] *** sysmonk has joined #postfix
[06:27:31] *** jwit has joined #postfix
[06:27:31] *** tm-afk has joined #postfix
[06:27:32] *** kiliko has joined #postfix
[06:27:44] *** j_s has joined #postfix
[06:27:44] *** _bt has joined #postfix
[06:27:44] *** Spec has joined #postfix
[06:27:44] *** tshine has joined #postfix
[06:27:44] *** VaNNi has joined #postfix
[06:27:44] *** PRAEDO has joined #postfix
[06:27:44] *** jduggan has joined #postfix
[06:27:44] *** UdontKnow has joined #postfix
[06:27:44] *** amrit|bbl has joined #postfix
[06:27:44] *** Bejgli has joined #postfix
[06:27:44] *** glitch- has joined #postfix
[06:32:02] *** FedererRoger has joined #postfix
[06:32:53] <FedererRoger> Help!! i can send emails from my domain, but when i dont receive any, i created MX records on BIND
[06:34:32] *** vexellon_ has joined #postfix
[06:49:22] *** kraypius has quit IRC
[06:52:56] <seekwill> HELP!!!
[06:52:58] *** seekwill has quit IRC
[06:54:55] *** efaistos has joined #postfix
[06:55:19] <efaistos> hi
[06:56:26] <efaistos> little question ... I just changed my ethernet card and my fetchmail doesnt work anymore ...  Itried to check with fetchmail -vv but About to rewrite To: and Rewritten version is To: and then a timed out
[06:56:30] <efaistos> any idea ?
[06:57:30] <FedererRoger> how to add a virtual domain?>
[07:00:59] *** virtualroot has joined #postfix
[07:10:16] *** hparker has quit IRC
[07:11:49] *** hparker has joined #postfix
[07:17:18] *** virtualroot has quit IRC
[07:26:10] *** gonewestcoast has joined #postfix
[07:34:42] *** gonewestcoast has quit IRC
[07:35:22] *** gonewestcoast has joined #postfix
[07:39:37] *** webPragmatist has joined #postfix
[07:48:01] *** hparker has quit IRC
[08:09:13] *** vexellon_ has quit IRC
[08:11:07] *** pitakill has quit IRC
[08:14:14] *** gonewestcoast has quit IRC
[08:18:44] *** bugz__ has joined #postfix
[08:35:43] *** _bugz_ has quit IRC
[08:39:37] *** FedererRoger has quit IRC
[08:45:06] *** UQlev has joined #postfix
[08:47:50] *** UQlev has quit IRC
[08:51:54] *** chadmaynard has quit IRC
[09:05:52] *** rmayorga_ has joined #postfix
[09:07:11] *** rmayorga has quit IRC
[09:07:34] *** rmayorga_ is now known as rmayorga
[09:08:22] *** AcTiVaTe has joined #postfix
[09:18:46] *** BartVB has joined #postfix
[09:45:16] *** denis has joined #postfix
[09:52:51] *** MrNaz has joined #postfix
[09:53:43] *** phx has joined #postfix
[09:53:44] <phx> morning
[09:54:09] <phx> how do i tell postfix that any mail comes to foobar@ (to any hosts) handle it with a script?
[09:58:05] *** war9407 has joined #postfix
[10:00:06] *** jeffspeff has joined #postfix
[10:02:17] *** madrescher has joined #postfix
[10:02:35] *** alienbrain has joined #postfix
[10:04:45] *** amrit|bbl is now known as amrit|zzz
[10:16:21] *** Haris has joined #postfix
[10:17:18] *** MrNaz` has joined #postfix
[10:30:14] *** deftunix has joined #postfix
[10:30:19] *** FedererRoger has joined #postfix
[10:30:28] <FedererRoger> HELP!!
[10:31:52] <FedererRoger> when i try to connect to port 25, using telnet: for example:     telnet 10.0.0.1 25 , i get the error: telnet: connect to address 10.0.0.1: Connection refused
[10:31:52] <FedererRoger> But then i try telnet localhost 25 , i got no errors
[10:31:52] <FedererRoger> Help me please!
[10:33:36] *** MrNaz has quit IRC
[10:34:02] *** Zeit|awy_ has joined #postfix
[10:34:21] <Haris> FedererRoger: Either you have a firewall
[10:34:30] <FedererRoger> iptables shows this:
[10:34:36] <Haris> FedererRoger: or you have configured potfix to listen on localhost only
[10:34:55] <FedererRoger> Chain INPUT (policy ACCEPT) target     prot opt source               destination           Chain FORWARD (policy ACCEPT) target     prot opt source               destination           Chain OUTPUT (policy ACCEPT) target     prot opt source               destination
[10:34:55] <Haris> postfix+
[10:35:14] <FedererRoger> Haris how to change from localhost to whole ports?
[10:35:25] <Haris> FedererRoger: what is your inet_interfaces set to in main.cf ?
[10:36:01] <Haris> damn, no matter how many times I watch StarTrek, I just want to see it again after some time
[10:36:24] <FedererRoger> Haris try Man Vs Wild
[10:36:52] <FedererRoger> inet_interfaces = localhost
[10:36:55] <FedererRoger> thats what is says
[10:38:42] <FedererRoger> WOHOOO works
[10:38:51] <FedererRoger> i love you Haris... if i were a girl... ill be yours
[10:40:21] *** Zeit|awy has quit IRC
[10:41:52] *** internat1 has joined #postfix
[10:43:43] <phx>  how do i tell postfix that any mail comes to foobar@ (to any hosts) handle it with a script?
[10:45:00] *** Mohero has quit IRC
[10:45:14] *** hparker has joined #postfix
[10:48:23] *** deftunix has quit IRC
[10:50:16] *** internat1 has quit IRC
[10:50:39] *** internat1 has joined #postfix
[11:04:25] <phx> how do i make postfix to handle foobar@* with a script?
[11:05:27] <FedererRoger> php?
[11:05:46] <phx> beg your pardon?
[11:06:03] <FedererRoger> what kind of script
[11:06:24] <phx> i don't think that matters
[11:06:33] <phx> the problem is, as i asked, how do i make postfix to do it
[11:06:49] <phx> but let's say, haskell.
[11:06:56] <FedererRoger> no clue
[11:07:02] <FedererRoger> im facing another problem
[11:07:05] <FedererRoger> Recipient address rejected: User unknown in virtual alias table (state 14).
[11:07:14] <FedererRoger> my emails are being rejected
[11:09:14] <FedererRoger> help please?
[11:09:55] *** Internat has quit IRC
[11:10:27] *** denis has quit IRC
[11:12:49] *** denis has joined #postfix
[11:14:28] *** havvg has joined #postfix
[11:22:05] <FedererRoger> helo?
[11:23:40] <Haris> !virtual_mailbox_maps
[11:23:41] <knoba> Haris: "virtual_mailbox_maps" : a configuration parameter in the main.cf: Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains.
[11:25:04] <FedererRoger> Haris, how to setup that it shuold accept for any domain?
[11:25:26] <FedererRoger> *
[11:26:09] <FedererRoger> Relay access denied (state 14).
[11:26:17] <FedererRoger> now whats this error? lol...
[11:26:31] <FedererRoger> !relay
[11:26:32] <knoba> FedererRoger: Error: "relay" is not a valid command.
[11:30:53] <FedererRoger> wtf this is a new server and its blacklisted!
[11:30:59] *** hparker has quit IRC
[11:31:20] *** adnc has joined #postfix
[11:33:54] *** havvg has quit IRC
[11:45:01] *** pulsar has quit IRC
[11:58:50] <Haris> relay access denied, means it doesn't allow that someone to send mail through it
[11:58:56] <Haris> !mynetworks
[11:58:56] <knoba> Haris: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.
[11:59:19] <FedererRoger> ohhh
[11:59:53] *** brancaleone has joined #postfix
[12:07:56] *** Tykling has joined #postfix
[12:09:41] *** Fallenou has joined #postfix
[12:09:44] *** hemry has joined #postfix
[12:13:08] <FedererRoger> Haris how to open to relay for anybody?
[12:14:34] <phx> i've got a transport "noreply   unix  n       n       n       -       32      pipe -vv flag=OX user=nobody argv=/usr/local/sbin/noreply.pl ${sender} ${recipient}", and when i route a mail to it, i got " postfix/qmgr[28058]: warning: connect to transport noreply: No such file or directory". what can be wrong, and how can i fix this?
[12:20:31] <FedererRoger> ARGGHH i cant disable the relay blocking
[12:25:03] *** pulsar has joined #postfix
[12:28:24] <FedererRoger> WORKED!!
[12:28:26] <FedererRoger> thanks
[12:35:11] <FedererRoger> help!!!
[12:35:25] <phx> yeah, i need that
[12:35:30] <FedererRoger> how to update the rest of the servers of the world, when i change a DNS entrie, inmediately?
[12:36:55] <phx> wait
[12:37:03] <FedererRoger> im using bind
[12:38:37] <adnc> i must have changed something i can not find. i get "Sender address rejected: not owned by user" when i try sending with mail clients via smtp
[12:38:49] <higuita> FedererRoger: you have a time in the SOA that tells you how long a record should be cached
[12:38:50] <adnc> has someone got an idea for me?
[12:39:01] <FedererRoger> ohhh
[12:39:02] <higuita> in the worst case, you will have to wait that time
[12:39:30] <higuita> so wait for the record to propagate and expire the cache
[12:39:43] <FedererRoger> ok ill put 1 second
[12:40:30] *** BartVB has quit IRC
[12:40:43] <higuita> most of the servers update after some hours anyway, but again ANY change can take that SOA time to update
[12:40:49] <higuita> even a change in the SOA
[12:41:13] <higuita> so update now to 1s will take anyway the previous SOA ttl to update :)
[12:41:31] <FedererRoger> i ahve cotnrol
[12:42:34] <higuita> and dont put 1s, your server will take a bit performance hit and all DNS to your domain will have no cache, they must be updated to your server and so will be slower
[12:43:15] <higuita> when testing things, a TTL of 1h is good, when in production, 1day is most common
[12:43:43] <FedererRoger> higuita: thank you!
[12:44:05] <FedererRoger> higuita: do you know why, i dont get any errors, but no emails are being received?
[12:44:33] <FedererRoger> i enable relying , i received 1 email, then it died
[12:44:44] <higuita> can you tell me a example email, so i can test?
[12:44:59] <FedererRoger> sure in private
[12:45:03] <higuita> ok
[12:48:36] <adnc> did noone come across the "Sender address rejected: not owned by user" when sending mails?
[12:53:35] <sysmonk> adnc: sender_login_maps maybe ?
[12:53:49] <adnc> i'm looking
[12:54:01] <sysmonk> !smtpd_sender_login_maps
[12:54:02] <knoba> sysmonk: "smtpd_sender_login_maps" : a configuration parameter in the main.cf: Optional lookup table with the SASL login names that own sender (MAIL FROM) addresses.
[12:54:37] <adnc> sysmonk i do not use smtpd_sender_login_maps
[12:54:49] <adnc> permit_sasl_authenticated,
[12:54:53] <adnc> permit_mynetworks
[12:55:02] <adnc> reject_non_fqdn_sender
[12:55:06] <adnc> reject_unknown_sender_domain
[12:55:11] <adnc> reject_unknown_address
[12:55:18] <sysmonk> adnc: but maybe you have reject_sender_login_mismatch
[12:55:20] <sysmonk> adnc: USE a pastebin
[12:55:55] <adnc> sysmonk, yes i do have reject_sender_login_mismatch
[12:56:14] <adnc> in smtpd_recipient_restrictions
[12:56:19] <sysmonk> !reject_sender_login_mismatch
[12:56:19] <knoba> sysmonk: "reject_sender_login_mismatch" : Reject the request when $smtpd_sender_login_maps specifies an owner for the MAIL FROM address, but the client is not (SASL) logged in as that MAIL FROM address owner; or when the client is (SASL) logged in, but the client login name doesn't own the MAIL FROM address according to $smtpd_sender_login_maps.
[12:57:07] <adnc> ohhh this means that using reject_sender_login_mismatch without the sender_login_maps doesnt make sence
[12:57:38] <sysmonk> why should it make sense?
[12:58:10] <adnc> no, i said than i made a mistake and it doesnt make sence
[12:58:53] <sysmonk> i already know that ;)
[12:59:07] <adnc> sysmonk. did i do something wrong?
[12:59:35] <sysmonk> o_O
[12:59:48] <sysmonk> yes, you put reject_sender_login_mismatch
[12:59:51] <sysmonk> remove it
[12:59:55] <adnc> heheh
[13:01:02] <adnc> sysmonk, now i get relay access denied when sending outer mails
[13:01:26] <sysmonk> congratulations, then you don't have access to send emails
[13:01:33] <sysmonk> as per your smtpd_*_restrictions
[13:03:32] <higuita> ! basic FedererRoger
[13:03:32] <knoba> higuita: Error: "basic" is not a valid command.
[13:04:00] <adnc> http://pastebin.com/d189f0b52 which one of these restrictions could make this problem?
[13:04:07] <sysmonk> higuita: !basic
[13:04:15] <sysmonk> adnc: *not even looking at it* any ?
[13:04:19] <higuita> !basic
[13:04:20] <knoba> higuita: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[13:04:30] <higuita> !basic FedererRoger
[13:04:31] <knoba> higuita: Error: "basic" is not a valid command.
[13:04:32] <sysmonk> are you authenticated? what ip are you sending from?
[13:04:44] <higuita> thanks knoba
[13:04:46] <sysmonk> higuita: !tell basic FedererRoger
[13:04:51] <higuita> hehehe
[13:04:55] <higuita> !tell basic FedererRoger
[13:04:56] <knoba> higuita: Error: No factoid matches that key.
[13:05:00] <adnc> sysmonk i'm authenticated via smtp auth using my thunderbird client
[13:05:05] <sysmonk> hmm
[13:05:08] <sysmonk> !tell basic to sysmonk
[13:05:09] <knoba> sysmonk: Error: No factoid matches that key.
[13:05:12] <sysmonk> ;/
[13:05:17] * sysmonk pwn3d
[13:05:20] <sysmonk> !help
[13:05:20] <knoba> sysmonk: (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.
[13:05:26] <sysmonk> !knoba
[13:05:26] <knoba> sysmonk: "knoba" : an informational bot in this channel (see http://workaround.org/f=postfix)
[13:05:38] <sysmonk> !help tell
[13:05:38] <knoba> sysmonk: (tell <an alias, 2 arguments>) -- Alias for "echo $1: -> [Factoids whatis $2]".
[13:05:42] *** pirho has joined #postfix
[13:06:57] <sysmonk> adnc: never pastebin main.cf entries unless asked so. use postconf -n
[13:07:05] <adnc> ok
[13:07:09] <adnc> i didnt know
[13:07:11] <sysmonk> you're not the first day on this channel, you should have already knew that
[13:07:19] <adnc> this i didnt know
[13:07:24] <sysmonk> o_o
[13:08:31] *** ploploop has joined #postfix
[13:11:50] *** F6F has joined #postfix
[13:12:06] *** martianixor has joined #postfix
[13:12:43] *** martiancode has joined #postfix
[13:13:10] <adnc> postconf -n http://pastebin.com/d4bf0250c
[13:13:14] *** martiancode has quit IRC
[13:15:18] <adnc> sysmonk does the postconf -n show any reason for the relay problem?
[13:16:02] <sysmonk> also, pastebin the logs which are saying that relay access denied + everything relevant ( i.e. that you're authed)
[13:16:12] *** denis has quit IRC
[13:16:17] <adnc> ok
[13:16:43] *** Haris has quit IRC
[13:16:53] *** Haris_ has joined #postfix
[13:18:16] <adnc> sysmonk, http://pastebin.com/d24ac65c4
[13:19:11] <sysmonk> adnc: TLS is used
[13:19:15] <sysmonk> but AUTHENTICATION is not
[13:19:56] <sysmonk> and, as you're not authenticated and try to send email to a domain not in your postfix config ( charite.de ) - it rejects the mail
[13:19:56] *** brancaleone has quit IRC
[13:21:39] <adnc> sysmonk this is strange, since my client should authenticate with my username and password
[13:22:06] <sysmonk> i don't see that in the logs.
[13:22:08] *** denis has joined #postfix
[13:22:25] <adnc> yes you are right, it doesnt. but i wonder why
[13:23:26] <adnc> and what i could do
[13:24:49] <adnc> sysmonk, what could i do?
[13:26:16] <sysmonk> !debug
[13:26:17] <knoba> sysmonk: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .
[13:27:40] <adnc> sysmonk, do you think this is a postfix problem?
[13:27:45] <adnc> or more a client problem?
[13:28:10] <sysmonk> don't know
[13:28:23] <sysmonk> but postfix usually logs failed login attempts
[13:28:26] <sysmonk> authentication attempts
[13:28:30] <sysmonk> so it must be thunderbird
[13:29:20] <adnc> how does such a login attempt look like?
[13:29:59] *** cafuego has quit IRC
[13:30:10] <sysmonk> you'll know it when you'll see it
[13:30:23] *** cafuego has joined #postfix
[13:31:31] <adnc> sysmonk, because it used to work till yesterday and i went throught the logs and i didnt see anything regarding authentication
[13:31:52] <adnc> although i always have to send my username and password before sending the first time
[13:32:01] <sysmonk> sending the first time?
[13:32:08] <sysmonk> it's required each time
[13:32:11] <sysmonk> not the first time
[13:32:46] <adnc> well, when i connected with thunderbird and i wanted to send a mail it asked once for a password then never
[13:33:29] <sysmonk> Sep 21 14:25:17 mail postfix/smtpd[10249]: 140141144D: client=unknown[192.168.69.6], sasl_method=CRAM-MD5, sasl_username=alex@e
[13:34:52] <adnc> ahhh thank you sysmonk. i had PLAIN in the past till yesterday
[13:36:13] <jduggan> !
[13:36:18] <jduggan> sysmonk saves the day
[13:36:19] <jduggan> again
[13:36:20] <jduggan> ;o
[13:36:39] <sysmonk> and doesn't get anything for that :)
[13:37:21] <adnc> sysmonk, my thank you. if you were here i would spend you a pizza if you like
[13:37:40] <adnc> although the problem is not solved here ;)
[13:38:12] <sysmonk> now now, maybe there's a online food shop somewhere around here
[13:38:15] <sysmonk> selling pizzas
[13:38:31] * jduggan once bought an IRC friend a pizza, online, for his help
[13:38:40] <adnc> why not
[13:38:47] <sysmonk> jduggan: nobody does that for me :(((
[13:38:48] <jduggan> forget paypal donations, pizza is where it's at
[13:39:06] <jduggan> actually i paypal'd someone 12.50GBP for fixing a bug yesterday heh
[13:39:35] <sysmonk> heh, not much
[13:39:56] <sysmonk> i'd better accept a job
[13:40:01] <jduggan> well, i said i'd paypal 25GBP if it were a misconfiguration error, it was a bug, caused by my misconfiguration (an option disabled caused 450, when it should not read the option)
[13:40:21] <jduggan> and therefor should pass the mail =]
[13:40:37] <sysmonk> jduggan: postfix?
[13:41:03] <jduggan> a policy daemon for postfix that i've been alpha/beta testing in production
[13:41:09] <jduggan> policyd v2
[13:41:10] <sysmonk> ah
[13:41:12] <jduggan> policyd.org/v2/
[13:41:22] <sysmonk> yeah, i know
[13:41:27] * sysmonk already whoised you before
[13:41:27] <sysmonk> ;)
[13:41:32] <jduggan> stalker
[13:41:36] <sysmonk> ;P
[13:41:42] *** ploploop is now known as brancaleone
[13:42:23] <jduggan> it's a nice project, with alot of good features yet to come
[13:42:29] * jduggan stops pimping policyd
[13:42:30] <jduggan> ;]
[13:49:31] *** w0rd54 has quit IRC
[13:50:53] *** martianixor has quit IRC
[14:01:24] *** Haris________ has joined #postfix
[14:01:24] *** Haris_ has quit IRC
[14:03:32] *** markoa has joined #postfix
[14:10:25] *** cafuego has quit IRC
[14:10:40] *** cafuego has joined #postfix
[14:13:53] *** Haris_ has joined #postfix
[14:13:53] *** Haris________ has quit IRC
[14:14:13] *** Dukkan has joined #postfix
[14:15:47] *** cafuego has quit IRC
[14:16:06] *** cafuego has joined #postfix
[14:21:12] *** cafuego has quit IRC
[14:41:39] *** Dukkan has left #postfix
[14:43:19] *** Thorn has quit IRC
[14:44:35] *** Haris_ is now known as Haris
[14:45:00] *** Thorn has joined #postfix
[14:45:49] *** weedar has quit IRC
[14:45:49] *** _evangelion has joined #postfix
[14:45:52] <_evangelion> hi all
[14:46:04] *** weedar has joined #postfix
[14:46:20] <_evangelion> can anyone tell me how can i resolve this
[14:46:21] <_evangelion> NOQUEUE: reject: RCPT from geek.unreal-sxs.eu[78.46.64.14]: 554 5.7.1 <le_petit_jarod at hotmail dot com>: Relay access denied; from=<blackrosie at unreal-sxs dot eu> to=<le_petit_jarod at hotmail dot com> proto=ESMTP helo=<mail.unreal-sxs.eu>
[14:46:31] *** phx has left #postfix
[14:48:39] <sysmonk> you don't have access to send it to that destination. you have to authenticate ( if you have SASL enabled ) or have your IP in $mynetworks
[14:50:37] *** hemry has quit IRC
[15:03:23] *** pirho has quit IRC
[15:08:35] *** brancaleone has quit IRC
[15:10:53] <_evangelion> here's mynetworks
[15:11:12] <_evangelion> mynetworks = 127.0.0.0/8
[15:11:21] <_evangelion> i have SASL enabled
[15:12:45] *** pirho has joined #postfix
[15:13:40] <_evangelion> here's the complecte error message
[15:13:42] <_evangelion> NOQUEUE: reject: RCPT from geek.unreal-sxs.eu[78.46.64.14]: 554 5.7.1 <le_petit_jarod at hotmail dot com>: Relay access denied; from=<blackrosie at unreal-sxs dot eu> to=<le_petit_jarod at hotmail dot com> proto=ESMTP helo=<mail.unreal-sxs.eu>
[15:16:27] *** alienbrain has quit IRC
[15:21:37] <_evangelion> please
[15:21:41] <_evangelion> can someone help me ?
[15:22:34] *** w0rd54 has joined #postfix
[15:23:52] *** Haris_ has joined #postfix
[15:23:53] *** Haris has quit IRC
[15:31:31] <FedererRoger> i can gry
[15:33:48] <_evangelion> FedererRoger
[15:33:57] <_evangelion> i got this error message when i send an email
[15:34:00] <_evangelion> NOQUEUE: reject: RCPT from geek.unreal-sxs.eu[78.46.64.14]: 554 5.7.1 <le_petit_jarod at hotmail dot com>: Relay access denied; from=<blackrosie at unreal-sxs dot eu> to=<le_petit_jarod at hotmail dot com> proto=ESMTP helo=<mail.unreal-sxs.eu>
[15:34:16] <FedererRoger> relay access denied, i just resolved adding my domain to
[15:35:04] <FedererRoger> mydestination = $myhostname, localhost.$mydomain, localhost,mydomain.com
[15:39:42] <FedererRoger> thanks to higuita
[15:43:10] *** Haris_ is now known as Haris
[15:48:17] *** adnc has quit IRC
[15:53:01] *** Monike1 has joined #postfix
[15:54:55] <higuita> _evangelion FedererRoger: dont put hotmail.com in mydestination!
[15:55:09] <Monike1> Can you guys please point me in a viable direction to solve my " Can not deliver to Yahoo" problem sending from home server.should I look at reverse DNS?Thanks
[15:55:10] <_evangelion> i resolved the problem
[15:55:17] <higuita> that is just for domains that YOUR mail server is responsible for
[15:55:36] <Monike1> oh sorry you where in the middle of something
[15:55:39] <higuita> _evangelion: problem is different one
[15:55:41] *** markoa_ has joined #postfix
[15:56:04] *** BuenGenio has quit IRC
[15:57:10] *** xpoint has joined #postfix
[15:58:01] <Monike1> nevermind, got it.I knew if I asked......
[15:59:51] *** Monike1 is now known as Moniker
[16:00:06] <FedererRoger>  DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
[16:00:23] *** Moniker is now known as Guest86132
[16:00:31] <FedererRoger> why all email disappears and just that email is left?
[16:00:45] *** Guest86132 is now known as Monike1
[16:06:24] *** sepski has joined #postfix
[16:06:56] *** Monike1 is now known as moniker
[16:07:28] *** moniker is now known as Guest27347
[16:09:59] *** Guest27347 is now known as Moniker
[16:10:28] *** Moniker is now known as Guest40552
[16:11:10] *** Guest40552 is now known as m0niker
[16:12:42] *** markoa has quit IRC
[16:14:12] *** UQlev has joined #postfix
[16:25:36] <m0niker> your computer hates you.mine hates me too sometimes.It will be ok.
[16:31:18] <FedererRoger> thats why i believe you must go more intimate with the computer...
[16:31:47] *** adnc has joined #postfix
[16:31:59] <sysmonk> no pr0n here guys, please
[16:32:38] <adnc> sysmonk the problem with not being able to send was due to the missplaced permit_sasl_authenticaed, which was after reject_unknown_sender_domain
[16:33:51] <adnc> i would like to ask how the message id is genereated. when i send a mail from an external client like thunderbird it is called 48CD8CBD.5000604 at myDomain dot org but when i send it from the server itself then it is called 48CD8CBD.5000604 at mail dot myDomain.org
[16:44:12] *** carl- has joined #postfix
[16:46:04] <jduggan> hrm, is RCPT TO:< at domain dot com> valid?
[16:46:39] <jduggan> anyone know offhand before i go reading RFCs?
[17:00:59] *** SeJo has quit IRC
[17:01:20] *** SeJo has joined #postfix
[17:01:55] <m0niker> what name at domain dot com
[17:01:57] <m0niker> ?
[17:02:30] <m0niker> rcpt to:yomomma at yodomain dot com
[17:03:06] <adnc> m0niker: is this comment for me?
[17:04:03] <sysmonk> m0niker: hea meant a null left part
[17:04:10] <sysmonk> atleast that's how i understood it
[17:04:47] <jduggan> nod @ sysmonk
[17:06:05] <m0niker> ah,?
[17:06:08] <m0niker> ok
[17:07:50] <jduggan> i think its valid, but its hard to read the RFC :P
[17:07:51] <jduggan> 4.1.2
[17:07:55] <jduggan> can someone confirm it's valid?
[17:08:15] <jduggan> section 4.1.2, would someone like to clarify? :)
[17:23:41] <sysmonk> imho it's not
[17:23:47] <sysmonk> but i'm not a good rfc reader too :)
[17:24:38] <jduggan> well
[17:24:49] <jduggan> if it were RFC invalid, postfix wouldnt relay (IMO)
[17:24:52] <jduggan> ?
[17:25:22] <sysmonk> and, DOES it ?
[17:25:22] <sysmonk> ;)
[17:25:29] <jduggan> yes
[17:25:35] <jduggan> accepts without error
[17:25:40] *** sepski has quit IRC
[17:25:43] <sysmonk> rcpt to:< at domain dot com>
[17:25:43] <sysmonk> 501 5.1.3 Bad recipient address syntax
[17:25:52] * jduggan tests
[17:25:58] *** _evangelion has quit IRC
[17:28:03] *** adnc has quit IRC
[17:28:36] <jduggan> am i missing a restriction
[17:28:37] <jduggan> RCPT TO:< at testurl dot co.uk>
[17:28:37] <jduggan> 250 2.1.5 Ok
[17:29:11] <sysmonk> are you not-missing a restriction which says 'sure, i'll do whatever you want'
[17:29:16] <sysmonk> i.e. permit_mynetworks
[17:29:16] <sysmonk> ;)
[17:29:27] <jduggan> (i have a seperate machine that handles testurl.co.uk), i saw it come in on that MX and respond with a reject with illegal address
[17:29:57] <jduggan> permit_mynetworks isnt the first restriction
[17:30:20] <m0niker> mydomain
[17:30:47] *** adnc has joined #postfix
[17:30:58] <sysmonk> jduggan: i have my permit_mynetworks after reject_non_fqdn_* and reject_unknown_recipient_domain
[17:31:13] <m0niker> ?from nvrmind
[17:31:17] <sysmonk> smtpd_recipient_restrictions = check_client_access hash:/usr/local/etc/postfix/stophosts, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
[17:38:02] <jduggan> sysmonk: interesting, i've pretty much the same restrictions, but it still accepts
[17:40:41] <jduggan> sysmonk: http://sigkill.noffle.net/~jduggan/restrictions.txt
[17:42:10] *** F6F has quit IRC
[17:42:24] *** m0niker has left #postfix
[17:45:31] *** Juspion has joined #postfix
[17:45:55] <sysmonk> jduggan: do you have strict rfc envelopes enabled?
[17:46:31] <sysmonk> !strict_rf821_envelopes
[17:46:33] <knoba> sysmonk: Error: "strict_rf821_envelopes" is not a valid command.
[17:46:35] *** F6F has joined #postfix
[17:46:42] <sysmonk> !postconf strict_rf821_envelopes
[17:46:43] <knoba> sysmonk: Error: "postconf" is not a valid command.
[17:46:46] <sysmonk> ;/
[17:46:50] <sysmonk> !postconf blah
[17:46:51] <knoba> sysmonk: Error: "postconf" is not a valid command.
[17:46:55] <sysmonk> knoba hates me ?
[17:46:57] <vice-versa> !maincf strict_rfc821_envelopes
[17:46:58] <jduggan> no
[17:46:58] <sysmonk> !postconf
[17:46:59] <knoba> sysmonk: "postconf" : the configuration management tool for postfix. See man postconf for more information.
[17:47:00] <jduggan> strict_rfc821_envelopes = yes
[17:47:04] <sysmonk> ah, they changed it to maincf :)
[17:47:04] <jduggan> but i should
[17:47:18] <vice-versa> sysmonk: it made more sense
[17:47:20] <sysmonk> vice-versa: thanks, didn't know it was changed
[17:47:27] <sysmonk> vice-versa: agree
[17:48:32] <jduggan> ok, strict envelopes needs to be on :)
[17:48:34] <jduggan> thanks
[17:48:37] <jduggan> i knew i was missing something
[17:50:30] *** felix-da-catz_zz has quit IRC
[17:58:49] *** markoa_ has quit IRC
[18:00:50] *** Juspion has quit IRC
[18:01:10] *** Virus_FFF has joined #postfix
[18:01:31] *** Virus_FFF has quit IRC
[18:05:49] *** kexman has left #postfix
[18:08:54] *** GoGi has joined #postfix
[18:11:34] <adnc> is it possible to have multiple recipients in alias maps for virtual users?
[18:11:56] <vice-versa> yes
[18:12:40] <adnc> when i define one local existing user as an alias then it works but as soon as i define more than one separated by commas noone receives them
[18:14:41] <vice-versa> local?
[18:14:58] <adnc> yes, non virtual user, user which have a home directory for there own
[18:16:15] *** BuenGenio has joined #postfix
[18:16:24] *** Haris has left #postfix
[18:16:55] <vice-versa> show us an example of how the alias is defined
[18:17:19] <sysmonk> and what kind of error do the logs show
[18:17:21] <sysmonk> if any ...
[18:22:53] <adnc> maybe these informations will help
[18:23:01] <adnc> for any ideas http://de.pastebin.ca/1207508
[18:31:57] <vice-versa> adnc: looks to me like the alias is being expanded as defined in your pastebin
[18:32:23] <adnc> vice-versa: expanded to what?
[18:32:26] <sysmonk> yeah, and delivered to sa
[18:32:35] <sysmonk> what goes there isn't a postfix problem
[18:32:38] *** UQlev has quit IRC
[18:32:40] <adnc> i didnt understand
[18:33:06] <sysmonk> look at lines 34-37
[18:33:11] <sysmonk> those are delivered to the aliases
[18:33:15] <adnc> yes
[18:33:20] <sysmonk> (to spamassassin actually)
[18:33:27] <adnc> ok
[18:33:32] <sysmonk> what happens in spamassassin isn't postfix problem, is it?
[18:33:47] <adnc> sure
[18:33:57] <adnc> god
[18:34:11] <adnc> sysmonk: no problem
[18:34:17] <sysmonk> ...
[18:34:21] <vice-versa> hehe
[18:34:59] <sysmonk> do i really sound so mad? :)
[18:35:06] <adnc> ohh god yes
[18:35:10] <sysmonk> ;))
[18:35:28] <adnc> ;)
[18:35:30] * sysmonk evil
[18:45:11] *** Daviey has quit IRC
[18:45:12] *** pitakill has joined #postfix
[18:55:59] *** trissmo has joined #postfix
[18:58:35] *** barnie has joined #postfix
[19:00:18] *** pulsar has quit IRC
[19:01:00] *** pulsar has joined #postfix
[19:09:59] *** hparker has joined #postfix
[19:10:40] *** rootsvr has joined #postfix
[19:11:31] *** denis has quit IRC
[19:12:19] *** trissmo has left #postfix
[19:18:24] *** rootsvr has quit IRC
[19:19:46] <adnc> the mails i send from a smtp client are passed to spamassassin by and spamassassin interprets them as local receive and looks for such a user
[19:20:00] <adnc> is this a sa issue?
[19:26:29] *** Deffie has joined #postfix
[19:40:21] *** SeJo has quit IRC
[19:40:42] *** SeJo has joined #postfix
[19:43:45] *** cyr- has joined #postfix
[20:01:13] *** bugz__ has quit IRC
[20:01:59] *** _bugz_ has joined #postfix
[20:13:02] <FedererRoger> how to install in a partition, without deleting the /home ?
[20:13:47] <FedererRoger> i have my info /home in the primary partition, its infected with Ubuntu, now i want to install over it Debian, is there any way to keep the /home?
[20:14:59] <vice-versa> why are you asking that here?
[20:15:07] <FedererRoger> oh dammit.. sorry
[20:15:14] <FedererRoger> wrong channel
[20:18:32] *** darkphader has joined #postfix
[20:20:29] *** denis_ has joined #postfix
[20:24:16] <sysmonk> hehe
[20:24:25] <sysmonk> i liked the "its infected with Ubuntu" part ;))
[20:27:02] <Trengo> i didnt like the debian bit :s
[20:27:13] <adnc> btw is there a heterogenous irc channel regarding postfix and spamassassin ;) heheh
[20:27:23] <adnc> rule is rule
[20:33:16] *** sahil has quit IRC
[20:36:21] *** sahil has joined #postfix
[20:44:29] *** Fallenou has quit IRC
[20:44:38] *** darkphader has quit IRC
[20:45:18] *** Virus_FFF has joined #postfix
[20:46:32] *** lambda has joined #postfix
[20:46:43] *** F6F has quit IRC
[20:47:53] *** Virus_FFF has quit IRC
[20:48:08] *** F6F has joined #postfix
[20:49:37] *** FedererRoger has quit IRC
[20:51:12] *** hemry has joined #postfix
[20:53:37] *** lambda has quit IRC
[20:56:09] <sahil> oblio_: :P
[20:56:30] <sahil> oblio_: the windows solution!
[21:02:29] *** edman007|work has joined #postfix
[21:04:45] <edman007|work> hi, i'm using postfix to accept my incoming email, i would like to run a script  whenever i receive email at a specific address, is there a simple way to do that?
[21:04:53] *** carl- has quit IRC
[21:06:12] <edman007|work> basically i need to log bounces sent to a specific address...is there a simple way to do that?
[21:07:22] <edman007|work> i'm currently using maildrop for most email and the one i need to log is currently using the discard: transport....
[21:09:09] *** weedar has quit IRC
[21:10:18] *** weedar has joined #postfix
[21:17:16] <higuita> edman007|work: you can parse the maillog to check for bounces
[21:17:30] <higuita> its the simplest way
[21:18:17] <edman007|work> ...there has to be a better way, i can't just write a script to run every time i get an email at bounce at mydomain dot com?
[21:18:29] <higuita> a procmail rule would do it, so probably maildrop can also do it (i never used it, so i'm not sure)
[21:19:03] <higuita> you can add a new "protocol" in master
[21:19:15] <higuita> then deliver that email to that protocol
[21:20:38] <higuita> also, running a forward script its also possible ( | some script  in the aliases) , specially if you dont care about the message
[21:21:08] <edman007|work> alright, thanks, i'll try writing my own protocal to deliver it...
[21:23:08] <higuita> depending of the sever load and quantity of bounces, i would put a script parse the maillog at 04:00
[21:24:02] <sysmonk> edman007|work: alias with | command would do too
[21:24:06] <sysmonk> or .forward file
[21:24:18] <sysmonk> or dedicated transport in master.cf
[21:25:56] *** BuenGenio has quit IRC
[21:26:47] *** Thorn has quit IRC
[21:34:54] *** Deffie has quit IRC
[21:37:07] *** GoGi has quit IRC
[21:40:48] *** seekwill has joined #postfix
[21:42:21] *** BartVB has joined #postfix
[21:46:44] *** alienbrain has joined #postfix
[21:48:17] *** BuenGenio has joined #postfix
[21:54:36] <edman007|work> sysmonk, what do you mean alias with |? you mean in the master.cf?
[21:55:23] <edman007|work> does postfix know if the incoming email is a bounce? i'm trying to figure out how to write a transport and its not working too well :/
[21:58:03] <seekwill> A message with a NULL mailfrom is a bounce
[22:02:28] <vice-versa> typically...
[22:05:02] <seekwill> What bounce has a mailfrom?
[22:05:55] *** growltiger_ has joined #postfix
[22:06:14] *** alienbrain has quit IRC
[22:06:19] <jduggan> is it normal for cyrus sasl to cut the @+rhs from the userid in %u ?
[22:07:11] <jduggan> im using an email address as a login and it's cutting everything leaving just the lhs
[22:07:16] <jduggan> is it a different %option
[22:07:17] <jduggan> ?
[22:08:52] *** Radiance has quit IRC
[22:08:57] *** Radiance has joined #postfix
[22:08:58] <jduggan> ah, so it is
[22:09:03] <jduggan> @%r
[22:09:03] *** Fallenou has joined #postfix
[22:09:04] <jduggan> :o
[22:10:26] *** BartVB has quit IRC
[22:17:42] *** growltiger has quit IRC
[22:21:52] *** cafuego has joined #postfix
[22:22:21] *** cyr- has quit IRC
[22:37:30] *** hemry has quit IRC
[22:38:04] *** alienbrain has joined #postfix
[22:55:52] *** rootsvr has joined #postfix
[23:00:17] *** f3ew has quit IRC
[23:00:21] *** jonez has quit IRC
[23:16:14] *** denis_ has quit IRC
[23:17:02] *** Tinozaure is now known as _Tino
[23:17:12] *** _Tino is now known as Tinozaure
[23:21:07] *** hever has joined #postfix
[23:23:39] *** j_s has quit IRC
[23:29:43] *** BuenGenio_ has joined #postfix
[23:31:41] *** jssa has joined #postfix
[23:32:55] <jssa> Hi guys. I'm having a problem: I'm using SASL authentication, but some of my users have trojan infected PCs and are sending spam thru my server (I guess the trojan steals the credentials from Outlook)
[23:33:48] <jssa> Tagging messages as Spam is not enough (my server is blacklisted in variuos RBL)
[23:33:57] <jssa> any hint?
[23:35:23] <aut> block users who are sending obscene numbers of emails?
[23:35:27] <aut> gmail caps at 500
[23:35:31] <aut> i think hotmail caps at 250
[23:35:37] <aut> (per 24 hour period)
[23:36:16] <aut> perhaps send an email to those users explaining that they may be infected when they hit that limit...
[23:37:08] <jssa> aut:  But that won't solve my problem: My server get blacklisted anyway :(
[23:37:19] *** BuenGenio has quit IRC
[23:37:23] *** pirho has quit IRC
[23:38:28] <sahil> jssa: well, we can't help you get un-blacklisted; you need to contact the admins of the DNSBLs or whatever.
[23:38:57] <sahil> but before doing that, make sure you cut off the infected PCs.  in fact, i would not even rate limit -- once you identify users sending spam, DISABLE sending from that machine/user.  that way they will get in touch with you when they realize they can't send.
[23:39:25] <sahil> 250 is too large a rate limit because you WILL be on more RBLs if you let even 1/2 that amount of spam leave your server(s).
[23:39:30] <Trengo> afaik, trojans dont send auth mail
[23:39:44] <sahil> it would be a new one indeed!
[23:39:45] <jssa> Yes, sahil, I know how to remove my server from the blacklists
[23:39:48] <Trengo> enforce authenticated relay
[23:39:53] <sahil> we have mostly Macs on our network, so i haven't had to deal with this problem. =/
[23:40:06] <jssa> but what I want is trying not to get blacklisted anymore :(
[23:40:24] <Trengo> jssa run SA or dspam or something
[23:40:26] <sahil> jssa: are you *sure* the infected PCs are stealing credentials from Outlook and SASL-authenticating to relay?  that is what you've implied above.
[23:40:36] <sahil> do you clamav outgoing mail?
[23:40:39] <Trengo> i've never seen that
[23:40:50] <jssa> Trengo: I'm rejecting unauth relaying. I'm also using spamassassin and clamav,
[23:40:55] *** Juspion has joined #postfix
[23:40:57] <sahil> Trengo: neither have i, but he's saying it's happening, in which case enforcing SASL to relay does nada.
[23:41:02] <jssa> but I can't stop spam anyway :(
[23:41:15] <sahil> jssa: yes you can!
[23:41:40] <sahil> jssa: have you at least rejected the infected PCs for now?
[23:41:41] <jssa> Yes, sahil. the trojan are stealing credentials
[23:41:48] <Trengo> sahil if he says so... what can i say? :)
[23:41:52] <sahil> Trengo: :P
[23:41:59] *** cyr- has joined #postfix
[23:42:06] * Trengo shuts up and goes watch tv
[23:42:07] <jssa> I'm using sasl auth and mynetworks is set to 127.0.0.1/8
[23:42:24] <sahil> paste your postconf -n and relevant excerpts from your log showing the spam leaving your servers.
[23:42:29] <sahil> (in a pastebin, *not* in the channel)
[23:42:32] <jssa> I'm tagging spam with spamassassin and filtering using clamav
[23:42:47] <sahil> tagging doesn't absolve you from sending the stuff!
[23:42:49] <jssa> but everyday, my server get listed on different rbls as sending spam
[23:43:06] <sahil> sending spam with tags is completely useless in so far as getting you removed from RBLs.
[23:43:10] <jssa> Sure, sahil, and I don't want spamassassing to eat my mails, just tag it
[23:43:31] <sahil> right, but think about what you are saying "hey, I killed you, but I clearly said I would before I did it, so it's ok!"
[23:43:42] <jssa> I know that, sahil, so I'm looking for another way
[23:43:54] <jssa> to filter this kind of attack
[23:43:57] <sahil> REJECT the PCs you know are infected!
[23:44:17] <sahil> determine how this particular trojan operates and don't let messages leave your server!
[23:44:36] <sahil> or if you want to pay for a service, let me fix it for you. :)
[23:44:48] <jssa> hahaha, sahil
[23:45:04] <jssa> the extra problem is that my clients are using dynamic ip addresses
[23:45:16] <jssa> :(
[23:46:53] <sahil> post the info requested as well as an example of the email being sent by the trojan.
[23:47:08] <jssa> hold on
[23:47:27] <sahil> why don't you force everyone to SASL-authenticate for sending mail?  then it will be easy to determine which users are infected.
[23:47:42] <sahil> right now you probably have someone on mynetworks (who doesn't have to authenticate) relaying via trojan.
[23:50:40] <jssa> I'm doing that. Every user must authenticate in order to relay mail.
[23:51:05] <jssa> Hold on, I'll give you a pastebin
[23:51:17] <sahil> ok, i'm not here for much longer, so someone else will hopefully help you as well. :)
[23:51:41] <sahil> are you in BA?
[23:51:42] <jssa> hum... I have the mail in the "deferred" queue. How do I get the original mail?
[23:51:48] <jssa> BA?
[23:54:43] <sahil> a city in argentina mi amigo
[23:54:57] <sahil> jssa: man postcat
[23:55:08] <jssa> yes, I found postcat :)
[23:55:25] <jssa> Nope, I live in Rio Cuarto, province of Cordoba, my friend ;)
[23:55:29] <sahil> ah!
[23:55:33] <sahil> my friend is from cordoba...
[23:56:12] <sahil> we call him from cordobez... the guy from cordoba haha
[23:58:25] <jssa> http://pastebin.com/m341e8f7e
[23:58:48] *** war9407 has quit IRC
[23:59:17] <jssa> there you have it, sahil
[23:59:28] <jssa> SASL authenticated, Clamav checked





top