[00:00:27] *** jonez has quit IRC
[00:07:42] *** Tykling has left #postfix
[00:10:49] *** `Orum has joined #postfix
[00:12:48] *** justatheory has joined #postfix
[00:12:53] <justatheory> Howdy.
[00:12:59] <justatheory> I have this main.cf: http://rafb.net/p/9uohYp12.html
[00:13:25] <justatheory> How can I whitelist stupid hosts that are subject to "Helo command rejected: Host not found"?
[00:15:24] <gpled> check_helo_access hash:/etc/postfix/check_helo_access
[00:15:34] *** fibbs has joined #postfix
[00:15:36] <fibbs> Hi folks
[00:15:37] <gpled> dumb.isp OK
[00:16:09] <gpled> 250 fibbs
[00:16:29] *** havvg has quit IRC
[00:16:53] <gpled> justatheory: that make sense?
[00:17:03] <justatheory> gpled: Um?no?
[00:17:04] *** AcTiVaTe has joined #postfix
[00:17:05] *** Haris has joined #postfix
[00:17:07] <Haris> Hello people
[00:17:11] <fibbs> any suggestion which of the thousands of logfile analyzer/grapher are useful? i would like to have something like a graph how many mails, how many spam, how many 4xx, how many 5xx in a certain time, but also would like to have something more detailed in text format, top 20 blocked ips and so on
[00:17:19] <justatheory> gpled: Oh
[00:17:22] <Haris> I'm getting the following messages in postfix log -> Oct  2 04:44:32 dione postfix/smtpd[14039]: warning: connect to private/anvil: No such file or directory <- what does it mean?
[00:17:28] <fibbs> I have the combination postfix/amavisd/postfix-policyd
[00:17:58] <justatheory> gpled: Doesnt check_helo_access get checked *after* reject_unknown_helo_hostname?
[00:17:59] <gpled> fibbs: i like to do that with bash
[00:18:02] <fibbs> i remember a long time ago i was using somewhat very nice but it was counting every email twice because of the mailtransport to and from amavis
[00:18:32] <fibbs> gpled: well i would do with perl, but if others already created nice things why break my head?
[00:18:36] *** Lukemob has quit IRC
[00:18:49] <jstrom> anyone with some clues about my relayhost problem? just ened to find out how to make it send mails using local.. using my own domainname makes it bork since it thinks it loops.. with smtp: it uses the relay anyways..
[00:19:38] <Haris> jstrom: Are you trying ot send through some other box or using the same box that postfix is on?
[00:19:43] <gpled> justatheory: i do mine in smtpd_recipient_restrictions =
[00:19:49] <gpled> but i just realized something
[00:19:58] <justatheory> gpled: Isn't that too late for helo restrictions?
[00:20:05] <gpled> i selectively use reject unknow host
[00:20:36] <justatheory> ?
[00:20:39] <gpled> justatheory: after the above i :  check_client_access cidr:/etc/postfix/reject_unknown_client.cidr
[00:20:49] <jstrom> Haris: most of my mail i want to route through my default realyhost, but for some specific (sender) address i need to use the local box to send the mails (ie as if i didnt have any relayhost)
[00:21:23] <gpled> i only put people i get spam from, that have unknown host in check_client_access cidr:/etc/postfix/reject_unknown_client.cidr
[00:21:33] <jstrom> sender_dependent_relayhost_maps looks like it could be used but i have no idea what to put as value..
[00:21:35] <justatheory> Oh, so you're less strict.
[00:21:41] <gpled> which comes after the ok file
[00:21:45] <justatheory> right
[00:21:56] * justatheory is irritated with dumb isps
[00:22:00] <gpled> my hope, is it goes in order
[00:22:18] <gpled> i think it checks in order
[00:22:24] <seekwill> justatheory: Which ones are dumb?
[00:22:26] <gpled> least i hope it does
[00:22:40] <justatheory> seekwill: In this case, a client that happens to be a big NGO.
[00:22:56] *** LordDicranius has quit IRC
[00:23:09] <seekwill> NGO?
[00:23:16] <jstrom> Haris: any ideas? :)
[00:23:20] <gpled> yah, i have a big hospital that does that
[00:23:45] <gpled> http://en.wikipedia.org/wiki/NGO
[00:24:08] <justatheory> gpled: Yeah, I also have a big business school.
[00:24:32] <justatheory> I think that a lot of the time it's probably internal servers and user clients are misconfigured and IT doesn't know to have the internal server route mail through a known server.
[00:24:41] <gpled> justatheory: do you understand the check order that postfix uses?  i need to sit down and right a howto for it
[00:24:45] <seekwill> oh
[00:24:51] <gpled> im not that good with the order
[00:25:24] <gpled> i blame windows dns admins
[00:25:29] <seekwill> justatheory: BINGO?
[00:25:44] <gpled> they are like, whats bind?
[00:26:31] <gpled> i dont like binds syntax.  its on my list of things to rewrite :)
[00:26:56] <justatheory> heh
[00:27:20] *** Lukemob has joined #postfix
[00:27:22] <gpled> <xml>bind</xml>   :)
[00:28:11] <gpled> got to run
[00:28:13] *** gpled has left #postfix
[00:30:31] *** cilly has joined #postfix
[00:31:08] *** BuenGenio has quit IRC
[00:35:17] *** fibbs has quit IRC
[00:40:33] *** justatheory has quit IRC
[00:41:06] *** stainer has joined #postfix
[00:41:48] *** justatheory has joined #postfix
[00:43:00] *** chadmaynard has quit IRC
[00:44:46] *** justatheory has quit IRC
[00:59:13] *** cilly has quit IRC
[01:06:44] *** war9407 has quit IRC
[01:09:41] *** justatheory has joined #postfix
[01:11:23] *** Southron has joined #Postfix
[01:13:42] *** seekwill has quit IRC
[01:17:05] *** Southron has quit IRC
[01:19:07] *** Fallenou has quit IRC
[01:28:21] *** k-man has quit IRC
[01:32:43] *** sol has joined #postfix
[01:32:47] <sol> hey
[01:33:37] <sol> ive got amavis entries in my maillog for when it picks up spam, but they have *two* IP addresses
[01:33:41] <sol> sometimes they match, sometimes they dont
[01:33:50] <sol> is one spoofed?  are they both potentially spoofed?
[01:38:49] <Dominian> ask amavis?
[01:38:53] *** wdp has quit IRC
[01:41:03] <sol> mrmm fair enough
[01:41:46] <Dominian> sorry don't know much about amavis
[02:02:41] *** memetic has quit IRC
[02:23:56] *** githogori has quit IRC
[02:27:23] *** timotiCK has joined #postfix
[02:29:51] *** chadmaynard has joined #postfix
[02:30:51] *** pitakill has joined #postfix
[02:31:20] *** keffer has joined #postfix
[02:39:47] *** stainer is now known as stainer_
[02:40:39] *** memetic has joined #postfix
[02:41:33] *** albech_ has quit IRC
[02:42:13] *** stainer_ is now known as stainer
[02:53:35] *** m1n3s6 has quit IRC
[03:06:40] *** cVsup has joined #postfix
[03:07:49] <cVsup> somebody can say if exist postfix traffic monitor in real time?
[03:07:59] <Nockian> yes!
[03:08:23] <cVsup> Nockian you can say more about it?
[03:08:38] <cVsup> where i find it?
[03:09:24] <lunaphyte> cVsup: tail -f /var/log/mail.log
[03:10:32] <vice-versa> use -F in case the log rotates ;)
[03:10:43] <lunaphyte> where's your sense of adventure?
[03:10:44] <cVsup> lunaphyte crazy
[03:11:00] <cVsup> lunaphyte i need for my client monitoring
[03:11:22] <lunaphyte> what exactly would you like to monitor?
[03:11:41] <cVsup> her not understand messages in maillog
[03:12:04] <lunaphyte> what sort of information would be valuable to her?
[03:12:09] <Nockian> haha
[03:12:15] <cVsup> for example
[03:12:16] <Nockian> English++
[03:12:35] <cVsup> mail from: bla at bla dot com   to:aaa at aaa dot com   OK
[03:12:58] <cVsup> mail from: test at test dot com   to:in at nerd dot com  SPAM
[03:13:29] <lunaphyte> cVsup: write some fancy ajax that watches and parses the log and writes to a web page.
[03:14:20] *** timotiCK has quit IRC
[03:15:13] <lunaphyte> now that i think about it, something like that could have some great shiny red ball potential.  i can think of al sorts of stuff to put on a "postfix status" page.
[03:15:20] <lunaphyte> *all
[03:15:35] <cVsup> lunaphyte you knows some project?
[03:15:46] <lunaphyte> sure - the one you're about to start.
[03:17:03] <lunaphyte> :)
[03:17:10] <lunaphyte> better get crackin'
[03:18:05] <cVsup> hehehe
[03:18:27] <cVsup> lunaphyte can be nice project
[03:21:34] <cVsup> somebody would like start?
[03:21:41] <cVsup> hehehe
[03:25:05] <lunaphyte> money talks.
[03:36:45] *** growltiger_ has joined #postfix
[03:38:27] *** Severed_Head_Of_ has quit IRC
[03:38:41] <cVsup> kkkkk
[03:39:26] <cVsup> lunaphyte exist softwares pay
[03:40:38] <stainer> anyone have the syntax for locate? would it be locate tcpd.h if I wanted to find that file?
[03:41:17] <stainer> nm
[03:41:27] <lunaphyte> find / -iname tcpd.h
[03:41:30] <lunaphyte> locate sucks.
[03:41:44] <cVsup> update locate
[03:41:51] <cVsup> command locatedb
[03:41:55] <cVsup> and try again
[03:42:26] <stainer> stupid perl
[03:49:36] *** mavrick61 has quit IRC
[03:50:44] *** mavrick61 has joined #postfix
[03:57:20] *** JesseL627 has joined #postfix
[03:59:26] *** JesseL627 has left #postfix
[04:11:19] *** Juspion has joined #postfix
[04:17:00] *** afallenhope has joined #postfix
[04:17:39] <afallenhope> hey I have a question about postfix and gmail.. is there reason as to why I always "timeout" according to my logs?
[04:18:24] <afallenhope> Oct  2 22:13:32 afh postfix/smtp[25040]: C0EFBF6439: to=<this.is.me.is.this.you at gmail dot com>, relay=none, delay=152, delays=0.59/0.01/152/0, dsn=4.4.1, status=deferred (connect to alt1.gmail-smtp-in.l.google.com[209.85.143.27]:25: Connection timed out)
[04:20:38] <vice-versa> is gmail the only domain you're getting time outs for?
[04:20:48] <afallenhope> vice-versa, I'll try another
[04:21:24] <[shg]> perl rocks!!
[04:21:39] <[shg]> cVsup it's slocate -u
[04:21:42] <[shg]> then locate
[04:21:58] <[shg]> locate for the win!
[04:22:59] *** Motoko-chan has joined #postfix
[04:24:46] <afallenhope> vice-versa, it times out for all domain
[04:25:11] <vice-versa> afallenhope: are you on a dynamic IP?
[04:25:23] <afallenhope> vice-versa, yes.
[04:25:26] <vice-versa> !dynamic
[04:25:26] <knoba> vice-versa: "dynamic" : If your server is using a dynamic IP, (DHCP leased IP address), you should consider using your ISP's SMTP server to relay for you as many dynamically assigned IP address spaces are listed within DNSBLs reducing the likelihood of successfully delivering mail to many servers. See the !relayhost factoid. If your ISP requires SASL auth see the !sasl & !saslclient factoids
[04:25:57] <stainer> I just set that up the other day on mine
[04:25:59] <vice-versa> chances are they are blocking port 25 outbound
[04:26:09] <stainer> through sbcglobal
[04:26:13] <afallenhope> vice-versa, can I tunnel the port?
[04:26:51] *** growltiger_ has quit IRC
[04:27:13] *** growltiger has joined #postfix
[04:27:24] <afallenhope> ssh -D 25 myuser@mydomain -p 1995
[04:30:48] <vice-versa> afallenhope: I guess you don't quite understand how this works, just do as the factoid suggested, use you ISPs smtp to relay for you via relayhost in main.cf
[04:31:02] <vice-versa> !maincf relayhost
[04:31:15] <vice-versa> !relayhost
[04:31:15] <knoba> vice-versa: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination. If your relay host requires authentication see the !saslclient channel factoid.
[04:31:27] <afallenhope> vice-versa, my isp's smtp = authenticate..
[04:31:46] <vice-versa> If your ISP requires SASL auth see the !sasl & !saslclient factoids
[04:33:44] <afallenhope> umm I just setup eveything still not working
[04:33:48] <afallenhope> broken :-P
[04:34:17] <stainer> !sasl
[04:34:17] <knoba> stainer: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[04:34:46] <stainer> !saslclient
[04:34:46] <knoba> stainer: "saslclient" : See http://www.postfix.org/SASL_README.html#client_sasl when you need client-side SASL authentication to deliver mail to another server
[04:35:04] *** Juspion has quit IRC
[04:35:15] <afallenhope> rpm remove..
[04:35:15] <afallenhope> lol
[05:02:05] *** _Driver_ has quit IRC
[05:02:58] *** goldfischli has joined #postfix
[05:05:29] *** m0f0x has joined #postfix
[05:17:53] *** cVsup has quit IRC
[05:19:45] *** goldfisc1li has quit IRC
[05:30:21] *** hooch has quit IRC
[05:30:28] *** hooch has joined #postfix
[05:32:54] *** bhagat has joined #postfix
[05:45:39] *** Dominian has quit IRC
[06:12:10] *** chadmaynard has quit IRC
[06:12:23] *** Dominian has joined #postfix
[06:16:24] *** saurabhb has joined #postfix
[06:20:07] *** BartVB has joined #postfix
[06:32:36] *** dorijan_ has joined #postfix
[06:48:26] *** dorijan has quit IRC
[06:57:21] <`Orum> is there any way to have all emails bounce on postfix if it's not handling the domain itself?
[06:58:59] <`Orum> well, if it's not handling it itself or not forwarding to another server on a list of domains
[07:07:50] *** Roobarb has quit IRC
[07:14:39] <f3ew> `Orum, Postfix will reject those mails by default
[07:14:59] <`Orum> hrm...then I've misconfigured something
[07:17:52] <f3ew> `Orum, show smtpd_recipient_restrictions
[07:20:42] <`Orum> I don't have anything for that in my main.cf
[07:21:21] <f3ew> postconf smtpd_recipient_restrictions
[07:21:23] <`Orum> smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
[07:22:30] <`Orum> strange, it doesn't bounce to other destinations, and the mails never arrive there (either due to firewall or postfix itself)
[07:24:49] *** hever has joined #postfix
[07:26:09] <f3ew> what do your logs say?
[07:27:51] <`Orum> let me dig through them and look for anything suspicious
[07:35:47] *** weedar has quit IRC
[07:35:52] *** pitakill has quit IRC
[07:39:36] <`Orum> hrm...there's....not much in the log
[07:45:39] *** weedar has joined #postfix
[07:47:05] *** weedar has quit IRC
[07:51:28] *** denis_ has quit IRC
[07:55:40] *** justatheory has quit IRC
[07:56:50] *** mjoseph has quit IRC
[07:56:53] *** mjoseph has joined #postfix
[08:03:08] *** Tykling has joined #postfix
[08:31:05] *** denis_ has joined #postfix
[08:42:40] *** sol has quit IRC
[08:43:04] *** Tykling has left #postfix
[08:49:12] *** sega01_ has joined #postfix
[08:52:45] *** sega01 has quit IRC
[08:58:56] *** hparker has quit IRC
[09:05:25] *** amrit|wrk is now known as amrit|zzz
[09:09:52] *** denis_ has quit IRC
[09:18:52] *** kk_CHN has joined #postfix
[09:22:50] *** denis_ has joined #postfix
[09:25:13] *** zamba has joined #postfix
[09:25:22] <zamba> is it possible to process individual messages in the queue?
[09:25:27] <zamba> instead of issuing postqueue -f
[09:29:53] *** cilly has joined #postfix
[09:37:17] *** madrescher has joined #postfix
[09:41:43] *** indego has joined #postfix
[09:48:52] *** cilly has quit IRC
[09:49:31] *** war9407 has joined #postfix
[09:54:02] *** kk_CHN has quit IRC
[10:00:02] *** RoyK has joined #postfix
[10:00:04] <RoyK> hi
[10:01:09] <zamba> heihei :)
[10:02:04] <RoyK> someone let the door open on our mail server, and suddenly it was spamming the planet... I've stopped that, ok, but how there's thousands of messages in the queue. Most of it is spam, ok, but I've found a few messages that looks real. Can I just copy them to the new queue (I reset the old one) - to incoming/ and postfix will try to resend them?
[10:02:07] <RoyK> zamba: hei
[10:08:17] *** Motoko-chan has quit IRC
[10:09:21] <zamba> RoyK: you've put the queue on hold?
[10:09:37] <zamba> with postsuper -h <id>|all?
[10:10:14] *** lunaphyte_ has quit IRC
[10:10:36] <RoyK> zamba: I stopped postfix, moved the queue elsewhere and restarted postfix with a new queue
[10:11:17] <zamba> i think you have to requeue them somehow..
[10:11:33] *** jeffspeff has quit IRC
[10:11:40] <zamba> but you can always try just putting one of the files into the new queue and see what happens..?
[10:11:47] *** jeffspeff2 has joined #postfix
[10:12:21] <zamba> the internal directory structure of the queue is somewhat complex
[10:12:37] *** lunaphyte_ has joined #postfix
[10:12:45] <zamba> so a better solution would probably be just holding all messages and then "unhold" the ones you want delivered
[10:12:54] <zamba> and then just wipe the whole queue (which then should contain just spam)
[10:13:05] *** jeffspeff has joined #postfix
[10:13:50] <zamba> postsuper -h ALL and then just postsuper -H <id> for the different ids
[10:14:39] <RoyK> zamba: it was _thousands_ of messages
[10:14:51] <zamba> yeah, but not thousands of messages that wasn't spam?
[10:14:57] <RoyK> no
[10:15:17] <RoyK> anyway - I'll try to solve it on a file basis
[10:15:33] <zamba> and since you're able to uniquely identify those and moving the individual files in the file system, you ought to be able to do the same with queue ids, or?
[10:15:53] *** neonoe_ has joined #postfix
[10:15:55] <zamba> yeah.. you can always try.. but i'm not 100% sure how the queue system works on a file system basis
[10:15:57] 
[10:17:15] <neonoe_> hello, i am looking for a solution as tuneling smtp via ssh
[10:18:04] <neonoe_> sudo ssh -N -L25:smtp.site.com:25 name at site dot com
[10:18:18] <neonoe_> but i miss something in my postfix configuration:
[10:18:27] <neonoe_> default_transport = smtp:localhost:25
[10:18:28] <neonoe_> ?
[10:18:44] <neonoe_> i found this tutorial: http://taint.org/2003/10/14/021302a.html
[10:19:00] <neonoe_> and does not work with me, anybody tried this before?
[10:19:10] <neonoe_> thank you for help
[10:19:48] *** cilly has joined #postfix
[10:29:18] *** jeffspeff2 has quit IRC
[10:31:05] *** Lirezh has joined #postfix
[10:31:06] <Lirezh> hi
[10:31:35] <Lirezh> my mx record is smtp.domain.com , my reverse dns on it is domain.com . is this ok ?
[10:32:18] *** Zeit|awy has quit IRC
[10:34:58] <zamba> Lirezh: yup.. the important thing is that the MX record has a A record as well
[10:35:15] *** madrescher has quit IRC
[10:35:28] <zamba> so that smtp.domain.com has a A record, and not just a CNAME to domain.com
[10:35:55] <Lirezh> oh
[10:35:58] <Lirezh> gonna check that
[10:36:57] *** pariviere has joined #postfix
[10:38:01] <zamba> Lirezh: and about reverse DNS, i think it's good practice that the EHLO corresponds to the reverse of the ip
[10:47:10] *** Gokee2 has quit IRC
[10:57:25] *** swarog has joined #postfix
[10:57:28] <swarog> hello
[10:57:52] <swarog> hello
[10:59:14] <swarog> i've implemented some kind of archiving for all the traffic in and out with the allways_bcc to some catchall account and now i have several issues with it.
[10:59:50] <swarog> one of the main is next. when remote tries to send email to local recipient, and if local recipient doesnt exist, it doesnt get reject.
[11:00:44] <swarog> it rather accepts silently and send back email with the message that email is accepted for allways_bcc address and rejected for the original destination address
[11:01:13] <swarog> any way/suggestion to avoid this behaviour? i dont want it to accept emails at all if local recipient doesnt exist.
[11:02:54] *** cilly has quit IRC
[11:03:28] *** shahbour has joined #postfix
[11:03:43] <swarog> to translate, it shouldnt reach always_bcc if the destination address doesnt exist
[11:07:32] <shahbour> Hello all, i am trying to activate the vacation feature with postfix and postfixadmin, when reading teh install i am stuck at transport issue as in my current installation i got virtual_transport = virtual , and in installation it asked me to put transport_maps = hash:/etc/postfix/transport can i use both of these at teh same time
[11:15:28] *** Fallenou has joined #postfix
[11:16:54] *** stas__ has quit IRC
[11:17:08] *** stas__ has joined #postfix
[11:17:32] *** stas__ has quit IRC
[11:17:44] *** c00l2sv has joined #postfix
[11:18:24] *** bhagat has quit IRC
[11:20:01] *** BartVB has left #postfix
[11:26:40] *** cilly has joined #postfix
[11:33:59] *** RoyK has left #postfix
[11:34:59] <Hyperi> Hi, which option should I do to get foo at domain dot com to deliver mails to /var/mail/domain/foo/Maildir/ ?
[11:38:09] <Hyperi> I've virtual_alias_maps = hash:/etc/postfix/virtusertable AND in that file definition for foo at domain dot com to account 'foo', and it's supposed to do the maildir in ~/Maildir/ (which it for some reasons doesn't do :/)
[11:43:50] *** pirho has joined #postfix
[11:45:33] *** cilly has quit IRC
[11:51:10] *** havvg has joined #postfix
[11:55:51] *** shahbour has quit IRC
[12:02:52] <Hyperi> Nobody knows? :/
[12:07:38] <f3ew> !virtual_mailbox_maps
[12:07:39] <knoba> f3ew: "virtual_mailbox_maps" : a configuration parameter in the main.cf: Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains.
[12:08:33] <Hyperi> Well it's properly :P
[12:09:41] *** c00l2sv has quit IRC
[12:10:34] <Hyperi> That's my problem, all the virtuals are set just like in documentation, only that it doesn't read up them :S
[12:19:21] <Hyperi> Ok resolved one step ahead, for some reason(s) it doesn't find the user from virtual alias table (status=bounced (User unknown in virtual alias table)
[12:24:26] *** F6F has joined #postfix
[12:27:36] *** c00l2sv has joined #postfix
[12:35:38] *** madrescher has joined #postfix
[12:37:19] *** c00l2sv has quit IRC
[12:37:25] *** c00l2sv has joined #postfix
[12:38:59] *** BuenGenio has joined #postfix
[12:44:02] *** RaceCondition has joined #postfix
[12:45:16] *** Guest22337 has joined #postfix
[12:47:57] *** cilly has joined #postfix
[12:49:05] *** xpoint has joined #postfix
[12:53:03] <f3ew> Hyperi test with postmap -q
[12:53:25] <Haris> in make config for mail/postfix, I see VDA (virtual delivery agent). Is this a built-in feature of postfix or an extra, third party feature added by freebsd?
[12:54:43] <Hyperi> Which file oO?
[12:55:10] <Haris> I think I worry too much, without sufficient ground
[12:55:45] <cite> Haris: The Postfix virtual(8) delivery agent is part of the official Postfix package.
[12:56:09] <Haris> cite: Good to hear. Already confirmed from freebsd too
[12:56:10] <Haris> Thankyou!
[12:56:13] <cite> lennard: shift; echo $@
[12:58:31] *** JDuke128 has joined #postfix
[12:58:38] <Hyperi> f3ew: Can't use postmap on those 2 files :/
[12:58:40] <lennard> riiiight
[12:58:42] <Hyperi> They're not hashed
[12:59:25] <JDuke128> can i send mail to large group of people the mails recorded inside directory and files line by line.
[12:59:27] <JDuke128> ?
[13:00:30] <Hyperi> JDuke128: My option would be to use shell scripting or external program anyway
[13:01:51] <JDuke128> do you have any script for that ?
[13:02:18] <sysmonk> sure, cat, echo, and friends
[13:02:19] <sysmonk> ;)
[13:02:30] <sysmonk> it really depends on your needs
[13:02:33] <JDuke128> can you share it with me ?
[13:02:44] <JDuke128> i ll do advertisement
[13:02:56] <JDuke128> but i need really fast way
[13:03:17] *** BuenGenio has quit IRC
[13:03:21] <JDuke128> caching dns , optimizing etc...
[13:03:25] <JDuke128> postfix do it ?
[13:03:48] <JDuke128> for ex i give group of people on hotmail.com , yahoo.com , gmail.com
[13:03:54] <JDuke128> it will make sorting
[13:04:08] <JDuke128> after sorting , then send hotmail.com groups
[13:04:14] <JDuke128> and then yahoo.com groups...
[13:05:45] <sysmonk> spam!
[13:07:51] <cite> JDuke128: Just grab yourself a copy of a mailing list manager.
[13:07:55] *** Internat has quit IRC
[13:08:00] *** internat1 has joined #postfix
[13:08:02] <cite> JDuke128: Majordomo, Mailman, smartlist, they all do that kind of stuff.
[13:08:19] <JDuke128> do you know any java app for that ?
[13:08:24] *** Gokee2 has joined #postfix
[13:08:26] <JDuke128> Java Based ?
[13:09:01] <JDuke128> http://xerxes.qwik.net/ <= does someone know whats that ?
[13:09:18] <cite> JDuke128: You are not exactly making sense.
[13:09:51] <Hyperi> uhm JDuke128
[13:10:04] <Hyperi> "Open source e-mail management for Cyrus Imap and Postfix on Linux"
[13:10:41] <Hyperi> Check the 'What?' link and you'll see that it has nothing to do with mailing lists :<
[13:13:11] <JDuke128> oh
[13:13:19] <JDuke128> so its not suitable for me
[13:13:28] <Hyperi> Nopes
[13:13:31] <Hyperi> Sorry (o:
[13:13:39] <JDuke128> I've searched now
[13:13:59] <JDuke128> SYMPA is very good people say for large maillist
[13:14:11] <JDuke128> Sympa
[13:14:25] <JDuke128> does someone have idea about for 2 millions of maillist ?
[13:15:05] <JDuke128> sympa good for that or mailman or ... ?
[13:15:11] <Hyperi> I've personally favored majordomo tbh :P
[13:15:13] <JDuke128> which one good for very large network
[13:16:15] <Hyperi> (No offense, but I'm starting to feel like you're planning to build up a spam sender?)
[13:16:18] <f3ew> what sort of messages do you need to send, and why are you in a hurry?
[13:16:27] <f3ew> Hyperi you can always use postmap -q
[13:16:40] *** saurabhb has quit IRC
[13:16:42] <sysmonk> f3ew: i think he still has a few tones of viagra left
[13:16:45] *** cilly has quit IRC
[13:16:46] <sysmonk> :P
[13:16:47] <f3ew> sysmonk lol
[13:20:33] <cite> JDuke128: Every half-decent mailing list software will be able to manage 2 million recipients.
[13:20:46] <cite> Hell, even majordomo with sendmail 4.13 was able to handle that.
[13:21:22] <cite> If you don't do content filtering, Postfix, even on cheap hardware, will be ablte to handle a million mails per hour.
[13:22:14] <cite> If you go into the region where master(8) will fail, i.e. concurrency for smpt is larger than, say 800, you will be able to handle a ton more.
[13:23:08] *** saurabhb has joined #postfix
[13:23:33] *** weedar has joined #postfix
[13:31:18] *** _Driver_ has joined #postfix
[13:40:09] *** bhagat has joined #postfix
[13:45:00] *** sega01_ is now known as sega01
[13:47:15] *** pirho_ has joined #postfix
[13:58:38] *** pirho has quit IRC
[13:58:54] *** gutocarvalho has joined #postfix
[14:05:20] *** saurabhb has quit IRC
[14:10:38] *** cilly has joined #postfix
[14:10:56] *** bhagat has quit IRC
[14:12:30] *** cilly has quit IRC
[14:15:39] *** afallenhope has left #postfix
[14:16:21] *** pirho_ has quit IRC
[14:27:46] <Guest22337> hello everyone
[14:29:26] <Guest22337> Wonder why I cant send email to tmobile phones via SMS when behind my router?
[14:29:49] <Guest22337> but yet at a hotspot down the street it will send
[14:29:54] <Guest22337> dumb
[14:32:15] *** xpoint has quit IRC
[14:32:25] <lunaphyte_> !logs
[14:32:25] <knoba> lunaphyte_: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going. also see !have2mung
[14:35:17] *** Zonei has joined #postfix
[14:35:38] <Zonei> Hi all. I've found the following in my log. What does it mean?       Oct  3 11:20:20 mysite postfix/smtp[29853]: 023A41EA01F7: host mailin-01.mx.aol.com[205.188.159.57] said: 421-:  (DNS:NR)  http://postmaster.info.aol.com/errors/421dnsnr.html 421 SERVICE NOT AVAILABLE (in reply to end of DATA command)
[14:36:02] *** Guest22337 is now known as m0niker
[14:36:39] *** cVsup_ has joined #postfix
[14:36:42] *** cVsup_ is now known as cVsup
[14:36:43] <lunaphyte_> Zonei: what part isn't clear?
[14:37:27] <Zonei> lunaphyte_ I don't know if this is for outgoing or incoming. Or is it the same?
[14:38:26] <lunaphyte_> Zonei: all mail is outgoing and incoming.  that entry refers to a message that your server was attempting to deliver to aol
[14:38:58] <Zonei> lunaphyte_ I see, so I have to obtain the reverse dns entry for my site.... ah, thanks.
[14:38:59] <lunaphyte_> the preceding/following logs likely provide clues that indicate that.
[14:39:29] <Zonei> Yeah, I'm new to Postfix, I totally have to figure my way around it. :)
[14:44:05] *** Fallenou has quit IRC
[14:45:01] <Zonei> Also, the problem is I have many such entries for same email address. What config should I tweak to limit the number of retries? Shouldn't the sender get a notice from mailer daemon about failed sending?
[14:48:21] *** swarog has left #postfix
[14:51:18] *** RaceKondition has joined #postfix
[14:51:46] *** RaceKondition has quit IRC
[14:57:48] *** RaceCondition has quit IRC
[15:07:13] *** cVsup has quit IRC
[15:08:46] *** gutocarvalho has quit IRC
[15:09:16] *** m0niker has quit IRC
[15:13:00] *** bhagat has joined #postfix
[15:16:25] *** weedar has quit IRC
[15:18:51] *** hparker has joined #postfix
[15:19:58] *** jonez has joined #postfix
[15:22:11] <Zonei> How can I limit the number of retries to send an email (authenticated relay)?
[15:25:45] *** arkibott_ has joined #postfix
[15:28:52] *** bhagat has quit IRC
[15:34:44] *** madrescher has quit IRC
[15:34:50] *** stefan-f has quit IRC
[15:40:51] *** RaceCondition has joined #postfix
[15:44:26] *** F6F has quit IRC
[15:45:05] *** Zonei has left #postfix
[15:48:53] *** pariviere has quit IRC
[15:51:28] *** denis_ has quit IRC
[15:56:44] *** alex_alex has joined #postfix
[16:05:34] *** DakotaWRS has joined #postfix
[16:06:24] *** qrk has joined #postfix
[16:06:43] *** pirho has joined #postfix
[16:09:04] <DakotaWRS> Good morning/afternoon/evening, all.  I have an unusual question, I think.  Configuring Postfix as part of an enterprise mail solution for several hundred users.  It's Postfix/Dovecot/Squirrelmail/Mailscanner/etc.  It's in a Windows shop and authenticating to Active Directory for users.  It all works great except for one thing:
[16:10:52] <DakotaWRS> If mail is sent to 'user' rather than 'user at domain dot tld', Postfix authenticates against AD via winbind and decides that the user is local and attempts to deliver to the user's nonexistent home directory.  I need it to re-write the incoming header to 'user at domain dot tld' so that it will deliver to /home/vmail/$USER'.
[16:11:35] <DakotaWRS> No effing combination of config directives I've tried seems to accomplish this.
[16:13:34] <lunaphyte_> !tell DakotaWRS showme
[16:13:35] <knoba> DakotaWRS: -> "showme" : Please pastebin the output from the following as root, uname -a;postconf -h mail_owner mail_version;echo;postconf -n;echo;cat `postconf -h config_directory`/master.cf - also, show some logs (see !logs).
[16:13:55] *** cite has quit IRC
[16:15:13] <DakotaWRS> Will do.  Half a sec.
[16:15:58] *** seekwill has joined #postfix
[16:25:49] *** blackflag has joined #postfix
[16:26:37] <brd> seems like you need to configure it for virtual only setup..
[16:27:45] <qrk> hi, how can i set up smtp authentication to secure my smtp server, and can access at anywhere, at any place in the world but without be an open relay server
[16:27:47] <qrk> ?
[16:28:00] <lunaphyte_> !tell qrk sasl
[16:28:01] <knoba> qrk: -> "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[16:28:32] <qrk> um
[16:28:46] <qrk> oks i will search tahnk you
[16:29:12] <lunaphyte_> search?  the link is right there.
[16:31:16] <qrk> yes, but i'm sure that i will search more info xD
[16:31:28] <qrk> look i already set up this
[16:31:31] <qrk> but not works
[16:31:46] <qrk> smtpd_sasl_auth_enable = yes
[16:31:46] <qrk> smtpd_sasl2_auth_enable = yes
[16:31:46] <qrk> broken_sasl_auth_clients = yes
[16:31:50] <qrk> and
[16:32:22] <qrk> mech_list: PLAIN LOGIN
[16:32:22] <qrk> pwcheck_method: saslauthd
[16:32:34] <qrk> at /etc/sasl*/smtpd.conf
[16:33:21] <qrk> but i do not even know what this do xd
[16:45:47] *** hparker has quit IRC
[16:49:21] *** DakotaWRS has quit IRC
[16:49:58] *** RaceKondition has joined #postfix
[16:51:43] *** tecguto has joined #postfix
[16:52:27] *** hparker has joined #postfix
[16:57:05] *** RaceCondition has quit IRC
[16:57:13] *** dft has joined #postfix
[16:57:34] *** BuenGenio has joined #postfix
[16:57:37] <dft> morning
[16:57:46] <dft> at least for those of us -5UTC
[17:00:03] *** cite has joined #postfix
[17:00:22] <Haris> Is UTC=GMT?
[17:00:24] *** m0f0x has quit IRC
[17:00:25] *** gpled has joined #postfix
[17:04:02] <qrk> somebody knows how sasl can be set to auth against mysql db?
[17:04:21] <qrk> and force postfix to use sasl2 always?
[17:04:23] <Dominian> !sasl
[17:04:23] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[17:04:27] <qrk> >.<
[17:04:33] <cite> Haris: yes, it's both Zulu time
[17:04:36] <qrk> already read but it is not very clear
[17:04:49] <dft> Haris: yes, but one doesn't observer DST
[17:11:17] *** BuenGenio_ has joined #postfix
[17:13:18] *** tshine has quit IRC
[17:22:23] *** justatheory has joined #postfix
[17:22:25] *** Jax0r has joined #postfix
[17:23:04] *** Jax0r is now known as Jax
[17:27:08] <Haris> dft: ? doesn't observe? which?
[17:29:06] *** tecguto has quit IRC
[17:29:40] <dft> Haris, nm I haven't validated my statement
[17:30:21] *** BuenGenio has quit IRC
[17:32:14] *** BuenGenio_ is now known as BuenGenio
[17:33:03] *** Zeit|awy has joined #postfix
[17:35:05] *** madrescher has joined #postfix
[17:42:37] *** JoaoCarneiro has joined #postfix
[17:49:01] *** mofino has joined #postfix
[17:49:20] *** pitakill has joined #postfix
[17:49:25] <mofino> does /usr/sbin/sendmail bypass virtual if transport_maps are in place?
[17:49:34] <mofino> seems like it does
[17:49:45] <mofino> smtp behaves correctly
[17:50:19] *** danbeck has joined #postfix
[17:51:17] *** Zitter has joined #postfix
[17:51:49] <gpled> mofino: what are you sending to /usr/sbin/sendmail ?
[17:51:59] <sysmonk> some beer
[17:51:59] <sysmonk> and vodka
[17:52:00] <sysmonk> ;P
[17:52:14] <gpled> sysmonk: sup
[17:52:19] <sysmonk> still alive
[17:52:44] <sysmonk> almost all servers in new nagios box, hooray
[17:52:51] <mofino> gpled, remote mail
[17:52:53] <gpled> nagios?
[17:52:57] <Zitter> hi, I've installed postfix. I need a very basic configuration, only to send mails  to internet. It seems that it isn't able to do it. Any hint? Any ready configuration file?
[17:53:04] <sysmonk> gpled: not familiar with nagios ?
[17:53:10] <sysmonk> !basic
[17:53:11] <knoba> sysmonk: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[17:53:12] <sysmonk> Zitter: ^^
[17:53:15] <mofino> gpled, aka, gmail.com isn't local, but postfix/sendmail thinks it is
[17:53:30] <sysmonk> mofino: um, what?
[17:53:35] <mofino> what do you mean what?
[17:53:48] <sysmonk> how can postfix think that it is local?
[17:53:55] <mofino> via smtp, postfix looks up the virtual_mailbox_domains, sendmail doesn't seem to
[17:53:59] <mofino> no clue
[17:54:02] <mofino> this is why i'm asking
[17:54:07] <sysmonk> mofino: ah
[17:54:08] <mofino> i'm using a transport_maps
[17:54:14] <mofino> with a wildcard of *
[17:54:22] <sysmonk> mofino: vai smtp postfix uses the smtpd_recipient_restrictions to validate the virtual_*_ stuff
[17:54:27] <mofino> it seems that postfix ignores virtual when using sendmail
[17:54:32] <sysmonk> when you INJECT the mail directly - it doesn't look at those
[17:54:37] <mofino> that's retarded
[17:54:41] <sysmonk> that's not
[17:54:43] <mofino> haha yes it is
[17:54:47] <gpled> im thinking /usr/sbin/sendmail is the direct access to postfix.  say you want to right a script to send an email or some other thing
[17:54:48] <sysmonk> i think you are
[17:54:50] <mofino> coming from a coherent system, it is
[17:54:56] <sysmonk> gpled: that's right
[17:54:59] <mofino> jesus
[17:55:08] <mofino> never ends with postfix broken behaviour
[17:55:14] <mofino> alright, i'll work around it
[17:55:21] <sysmonk> mofino: with 'sendmail' you INJECT the mail to postfix queue
[17:55:24] <sysmonk> you just put a file
[17:55:24] <mofino> i realize
[17:55:28] <sysmonk> postfix can't "reject" it
[17:55:32] <mofino> but postfix should have a SANE queueing system
[17:55:41] <mofino> as in, ALL lookups are done in the SAME way
[17:55:48] <sysmonk> oh postfix has the best queue system i ever seen yet
[17:55:52] <mofino> my lord
[17:55:53] <gpled> so when you ask: does /usr/sbin/sendmail bypass virtual if transport_maps are in place?  i would say, it can, if you write your script that way
[17:55:57] <mofino> you haven't seen much then
[17:56:04] <mofino> sigh
[17:56:08] <Haris> sysmonk: That is discuss'able
[17:56:14] <mofino> vacation scripts send responses
[17:56:18] <mofino> using sendmail
[17:56:19] <Haris> I haven't read postfix's queue system yet
[17:56:28] <Haris> I thought qmail's was best
[17:56:42] <sysmonk> mofino: and?
[17:56:46] <mofino> Haris, it is. it's the most consistent behaviour seen
[17:56:48] <sysmonk> mofino: and yes, i did see enough
[17:56:55] <mofino> sysmonk, and what?  i'm answering gpled
[17:57:01] <Haris> mofino: qmail's or postfix's?
[17:57:06] <mofino> Haris, qmail
[17:57:20] <mofino> has a consistent and coherent logic flow
[17:57:20] <sysmonk> qmails queue system just sux alot imho
[17:57:21] <sysmonk> anyway
[17:57:23] <sysmonk> back to the problem
[17:57:27] <mofino> sysmonk, you are ignorant, this is why
[17:57:28] <sysmonk> WHAT do you want to accomplish?
[17:57:33] <mofino> i already told you
[17:57:34] <mofino> pay attentikon
[17:57:39] <mofino> i have my solution
[17:57:41] <sysmonk> mofino: i've only seen you bitch about postfix all the time i see you here
[17:57:42] <sysmonk> always
[17:57:45] <mofino> that's fine
[17:57:56] <mofino> i'm familiar with more consistent, coherent systems
[17:57:56] <sysmonk> mofino: you told you want to send vacation - that's all
[17:58:01] <mofino> no
[17:58:01] <sysmonk> so go use them
[17:58:04] <mofino> i explained it, you cannot read
[17:58:04] <Haris> sysmonk: Where can I read more on postfix's queue system
[17:58:25] <sysmonk> Haris: postfix.org has some info about it, don't have a direct link
[17:58:27] <sysmonk> !qmgr
[17:58:28] <knoba> sysmonk: Error: "qmgr" is not a valid command.
[18:00:29] <mofino> so does sendmail do ANY lookups?
[18:00:39] <mofino> do i have a bloody nightmare on my hands now?
[18:01:04] <sysmonk> mofino: sendmail just PUTS a file in the queue, DIRECTLY
[18:01:04] <gpled> mofino: think the confusion came when you make it sound like you taping /usr/sbin/sendmail by hand.   that like saying, i hot wire my care, and the darn cab light does not come on.  like it does when i use the key
[18:01:06] <sysmonk> no lookups
[18:01:10] <mofino> hahaha
[18:01:13] <mofino> what a fucking joke
[18:01:18] <gpled> care/car
[18:01:43] <mofino> gpled, you make no sense
[18:01:44] <mofino> anyway
[18:02:07] <gpled> that would explain a lot
[18:03:27] <sysmonk> mofino: postfix has sendmail just because of compatibility with sendmail mta, not to offer an MUA service
[18:03:34] <mofino> sigh
[18:03:40] <mofino> you miss the problem
[18:03:55] <sysmonk> i didn't hear a problem. you didn't state your problem well enough
[18:04:00] <sysmonk> you just bitched about how postfix sucks
[18:04:03] <sysmonk> and qmail rocks
[18:04:09] <sysmonk> and postfix queue is a joke and so on
[18:04:10] <mofino> of course you won't
[18:04:13] <mofino> you have your blinders on
[18:04:33] <mofino> realize something, i am converting
[18:04:37] <mofino> FROM qmail to postfix
[18:04:38] <sysmonk> i just didn't realize you're that stupid.
[18:04:44] <sysmonk> really.
[18:04:44] <mofino> so i am UPGRADING
[18:04:48] * sysmonk ignores people like you
[18:04:50] <mofino> waha
[18:04:59] <mofino> i've been using qmail since 99
[18:05:08] *** indego has quit IRC
[18:05:20] <mofino> i think i have an idea of how i'd like a mail system to operate
[18:05:30] <mofino> it's truly not rocket science.
[18:09:28] <sysmonk> gpled: so did you try to make the vine?
[18:09:31] *** BuenGenio has quit IRC
[18:09:41] <sysmonk> or were those only thoughts? :)
[18:10:37] <mofino> hahaah
[18:10:38] <mofino> http://advosys.ca/papers/postfix-instance.html
[18:10:40] <mofino> ahh man
[18:11:28] <gpled> sysmonk: have not decided a few things.  grape or fruit. and the method.  i like the balloon method (i can tell its done :)
[18:12:13] <sysmonk> baloon method works too
[18:12:26] <sysmonk> gpled: just make one grape and one fruit :)
[18:16:45] <mofino> just so you guys know, if you remove the wildcard from the transport_maps, sendmail behaves correctly
[18:17:03] <mofino> it seeems sendmail uses transports_maps BEFORE accessing virtual
[18:17:18] <mofino> instead of the opposite with smtp
[18:23:49] <gpled> http://www.postfix.org/OVERVIEW.html
[18:24:15] <qrk> in theory, if a postfix server is correctly set up with a sasl2 autentication mechanism, it will accept my anywhere connections even if that remote IP isn't into "mynetworks" directive right?
[18:24:34] <mofino> qrk, if you configure it to do that, yes
[18:24:39] <sysmonk> qrk: depending on the order of restrictions, but yes
[18:24:56] <qrk> the ordeR?
[18:25:06] <qrk> i have that like this
[18:25:23] <qrk> smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_relay_domains
[18:25:41] <mofino> gpled, that may be the case, but why does sendmail hit transport maps before virtual?
[18:25:54] <sysmonk> qrk: then yes. unless you have permit_mynetworks after some kind of rejects in smtpd_{ehlo,sender}_restrictions
[18:26:01] *** hever has quit IRC
[18:26:14] <sysmonk> err, also client_
[18:26:26] <gpled> mofino:  i do not understand some of the ways you are using terms.  what do you mean by sendmail
[18:26:38] *** netcrash has joined #postfix
[18:26:46] <mofino> gpled, what do you mean, it means precisely what i said
[18:27:00] <mofino> gpled, postfix comes with a sendmail wrapper, this is obviously what i'd be referring to
[18:27:02] <qrk> the oerder of values matters? i mean, is not equal if i put first permit_mynetworks permit_sasl_authenticated instead permit_sasl_authenticated permit_mynetworks?
[18:27:06] <mofino> it's even described in the document you just pasted.
[18:27:26] <sysmonk> er, sorry, it had to be permit_sasl_authenticated in that sentence
[18:27:42] <sysmonk> but anyway, default configuration is just the way you'd like
[18:28:01] <gpled> mofino: can you point me to some docs about this sendmail wrapper, you are talking about?
[18:28:14] <qrk> um, now, i'm getting troubles because a destination server gives me this answer
[18:28:14] <mofino> gpled, if smtp operated the same way as sendmail, that would mean my wildcard transport would override my virtual maps
[18:28:24] <mofino> you must be joking
[18:28:33] <gpled> mofino: again, docs please
[18:28:33] <mofino> http://www.postfix.org/sendmail.1.html
[18:28:44] <mofino> you are incapable of accessing them yourself?
[18:28:47] <mofino> and you are helping me?
[18:29:27] <qrk> <lchavezb at dian dot gov.co>: host mx2.dian.gov.co[201.245.171.253] refused to
[18:29:27] <qrk> talk
[18:29:27] <qrk>     to me: 554 ironport.dian.gov.co
[18:29:41] <sysmonk> qrk: use a pastebin
[18:29:46] <qrk> oks sorry
[18:29:56] <qrk> (it is a short text =$)
[18:30:08] *** ik has joined #postfix
[18:30:10] <sysmonk> yeah, that's the other problem - pastebin the whole error
[18:30:53] *** Thorn has joined #postfix
[18:31:46] *** RaceKondition has quit IRC
[18:31:52] <mofino> gpled, i can always paste my config if there is any confusion
[18:33:19] <gpled> mofino: just trying to define terms. sounds like your trying to pump mail to postfix, using sendmail, as a compatibility interface
[18:33:27] <mofino> of course
[18:33:29] <qrk> sysmonk, do you know why that mailserver reject my MTA connection to bounce an email for him?
[18:33:32] <mofino> who wouldn't.
[18:33:46] <sysmonk> qrk: you didn't pastebin the error, so no
[18:33:47] <ik> gpled: *you're
[18:33:58] <mofino> gpled, i've solved the problem, but the queue interface *seems* to be inconsistent
[18:34:00] <qrk> hehe oks
[18:34:17] <qrk> the next time i will
[18:34:18] <ik> also you didn't really need that second comma
[18:34:22] <qrk> but not this
[18:34:23] <qrk> xd
[18:39:08] *** justatheory has left #postfix
[18:39:50] <gpled> ik: your mom goes to college :)
[18:40:35] <ik> not anymore
[18:41:32] <gpled> i wonder how many people get that joke.  i forget their are many people from all over the world here
[18:41:41] <gpled> there :)
[18:42:53] <gpled> ik: you from the us?
[18:43:00] <ik> yeah
[18:43:49] <gpled> ik: k, just wanted to make sure, you did not think i was insulting you.
[18:44:19] <ik> I've no idea what you meant, but I usually don't assume malice anyway :)
[18:45:25] <gpled> http://www.urbandictionary.com/define.php?term=your+mom+goes+to+college
[18:45:37] <gpled> Napoleon Dynamite joke
[18:45:49] <ik> ah
[18:45:53] <ik> I only watched part of that movie
[18:46:13] <ik> It was probably funny, but it really just made me cringe..
[18:46:42] <gpled> o man, your not a hip tech guy if you did not watch it.  next your going to tell me you did not watch Nacho Libre
[18:47:15] <ik> didn't see that either
[18:47:18] <gpled> i better cool it. little off topic :)
[18:52:06] <gpled> anyone have a postfix book that they really like?
[18:52:16] <Dominian> google
[18:52:21] <mofino> postfix.org
[18:52:21] <mofino> heh
[18:54:10] <ik> gpled: we have one or two at work, neither of which I've read
[18:54:23] <ik> But the covers are neat I guess
[18:54:34] <gpled> ik: lol
[18:56:20] <gpled> i need a better understanding of the flow of main.cf  smtpd_client_restrictions =, smtpd_sender_restrictions =, smtpd_recipient_restrictions =
[18:56:42] <mofino> you just explained it
[18:56:49] <mofino> client -> sender -> rcpt
[18:56:49] <gpled> where in the smtp conversation do they take place
[18:56:53] <mofino> DUH
[18:56:56] <mofino> come on man
[18:57:21] <mofino> client == connection, sender == mail from, rcpt == rcpt to
[18:57:27] <mofino> data == data
[18:57:47] <mofino> do you even know smtp?
[18:57:53] <mofino> you have to get up on that...
[18:58:42] <gpled> maybe you can help me.  you want to reject any mail from example.com   ...    here comes a connection:  123.example.com
[18:59:28] <gpled> i would use a check_sender_access regexp:/etc/postfix/reject_domain.list.regexp
[19:00:01] <gpled> and think it would go in client, because it is a connection
[19:00:04] <mofino> yep
[19:00:16] <mofino> all depends on what you want to do
[19:00:21] <mofino> postfix is extremely flexible
[19:00:42] <mofino> it's annoying as sin sometimes, but it's really great for these types of situations
[19:02:52] *** denis has joined #postfix
[19:13:32] <jduggan> hrm
[19:13:49] <jduggan> is there any way to count a header in header checks?
[19:14:09] <jduggan> i want to reject if the count of a specific header is above N
[19:14:22] <jduggan> IE, N or more headers matched
[19:14:25] <mofino> doesn't sounds like a pf feature
[19:15:44] *** amrit|zzz is now known as amrit|wrk
[19:16:22] *** githogori has joined #postfix
[19:28:16] *** pitakill has quit IRC
[19:28:23] <gpled> jduggan: think you would want to move the email to filter, and do it there
[19:28:43] *** RaceCondition has joined #postfix
[19:37:36] *** denis has quit IRC
[19:48:06] *** pickcoder has joined #postfix
[19:52:33] *** chadmaynard has joined #postfix
[19:53:02] *** m1n3s6 has joined #postfix
[20:02:54] *** Zeit|awy_ has joined #postfix
[20:06:25] *** Jax has quit IRC
[20:06:43] *** m0f0x has joined #postfix
[20:10:57] *** Zeit|awy has quit IRC
[20:13:51] *** tshine has joined #postfix
[20:21:06] *** growltiger_ has joined #postfix
[20:21:49] *** qrk has quit IRC
[20:22:02] *** infinity1 has joined #postfix
[20:22:03] *** rhousand has joined #postfix
[20:22:20] <infinity1> how do i upgrade my sasldb2 file after upgrading libdb?
[20:24:49] <rhousand> our office is looking into hosting our own email. I know that there are alot of email server that will reject email sent off a ipaddress that is not a knowen ipadress. How do we need to go about getting our ip approved
[20:26:14] *** denis_ has joined #postfix
[20:27:24] *** Zitter has quit IRC
[20:27:39] <mofino> rhousand, is that a postfix question?
[20:27:47] <mofino> infinity1, recompile
[20:27:57] <mofino> infinity1, assume you compiled static
[20:28:10] <mofino> assuming
[20:29:03] <infinity1> mofino: recompile?
[20:29:23] <infinity1> the sasldb2 file for seems incompatible. i think it needs to be upgraded to the new libdb
[20:30:12] *** netcrash has quit IRC
[20:30:16] *** qrk has joined #postfix
[20:30:36] <qrk> how can i force to MUAs use authentication for smtp?
[20:31:06] <qrk> that the server doe
[20:31:13] *** netcrash has joined #postfix
[20:31:16] *** edibrac has joined #postfix
[20:31:33] <mofino> qrk, is this a postfix question?
[20:32:12] *** denis__ has joined #postfix
[20:32:13] <edibrac> maybe i've overlooked something obvious in the docs, but is there a way to assign a certain mail relay, based on what domain the user is sending from?
[20:32:52] *** denis_ has quit IRC
[20:33:30] *** Ryushin has joined #postfix
[20:33:53] <qrk> mofino, i think so =S
[20:34:05] <edibrac> is relaying always from one server to another, or can it be one-to-many ?
[20:34:39] <qrk> i mean, is the MTA who is going to recive the unauthenticated connections isn't it?
[20:35:30] <mofino> qrk, it handles smtp, yes
[20:36:18] <qrk> ok, then that feature must be configured at postfix main configuration file isn't it?
[20:36:34] <mofino> stop asking these questions
[20:36:48] <mofino> i'm not going to confirm the obvious to you
[20:36:55] <qrk> it is just for ask if it can be done or not =S
[20:37:02] <mofino> figure out your problem and ask a clear question regarding postfix
[20:37:21] <ik> qrk: "Try it and see: the best way to figure out if something works"
[20:37:26] <qrk> oks, i didn't wnat to pissed off you xD
[20:37:37] <qrk> want*
[20:37:37] <mofino> nobody is pissed
[20:37:41] <mofino> just stop wasting time
[20:37:48] *** growltiger has quit IRC
[20:37:54] <qrk> bah oks, just foerget it
[20:37:59] <mofino> good
[20:38:00] <ik> oh crap TIME IS WASTED GET IT BACK GET IT BACK
[20:38:39] <ik> qrk: do you have three minutes to give mofino?  He's mad because someone keeps stealing all of his time when he's asleep
[20:38:52] <ik> Every time he wakes up it's like eight hours missing and he has no idea where they went
[20:38:57] <mofino> hahaha
[20:39:09] <qrk> >.<
[20:39:50] <mofino> qrk, short answer is, postfix does everything a mail server should do
[20:39:53] <mofino> go from there
[20:40:19] <qrk> oks thnks
[20:40:24] <qrk> thanks*
[20:44:27] *** RaceCondition has quit IRC
[20:45:50] *** growltiger has joined #postfix
[20:46:28] *** dft has quit IRC
[20:47:23] *** cpm has joined #postfix
[20:47:59] *** ik has left #postfix
[20:54:46] *** netcrash has quit IRC
[20:56:00] *** c00l2sv has quit IRC
[20:56:14] *** c00l2sv has joined #postfix
[20:58:34] *** m0f0x has quit IRC
[20:59:31] *** growltiger_ has quit IRC
[21:02:16] *** m0f0x has joined #postfix
[21:03:16] *** c00l2sv has quit IRC
[21:03:54] *** c00l2sv has joined #postfix
[21:18:12] *** Ryushin has quit IRC
[21:24:41] *** carl- has joined #postfix
[21:25:33] *** havvg has quit IRC
[21:28:13] *** growltiger_ has joined #postfix
[21:28:48] *** Zitter has joined #postfix
[21:34:39] *** afeijo has joined #postfix
[21:34:43] <afeijo> hi folks!
[21:34:53] <afeijo> success, my imap is working with dovecot :)
[21:35:06] <afeijo> but I cant make smtp work with postfix, do I need any special package?
[21:35:55] <mofino> what?
[21:36:05] <mofino> yes, postfix.
[21:36:58] <afeijo> its not working, and nothing on mail.log
[21:37:26] *** growltiger has quit IRC
[21:37:53] <afeijo> how to test if postfix is ok?
[21:40:31] <mofino> you learn unix
[21:42:17] <afeijo> funy
[21:42:20] <mofino> first you might want to see if it's installed
[21:42:30] <mofino> type postfix
[21:42:43] <mofino> and you really need to lear nthe system you are on
[21:43:57] <afeijo> yeah its installed, I installed many times trying to configure imap, now I did it
[21:44:05] <afeijo> I'm not that newbie to linux
[21:44:16] <afeijo> but its my first linux mail server
[21:44:49] <afeijo> found 2 errors
[21:44:50] <afeijo> postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/./smtpd_scache.db
[21:44:50] <afeijo> postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/./smtp_scache.db
[21:45:04] <mofino> sweet
[21:45:06] <mofino> fix em
[21:45:11] <afeijo> just change owner?
[21:45:20] <mofino> also look in /var/log/mail.err
[21:45:20] *** JDuke128 has quit IRC
[21:45:24] <mofino> do you know what owner to use?
[21:45:29] <afeijo> yeah, postfix:postfix
[21:45:36] <afeijo> its fetchmail:postfix now
[21:46:23] <afeijo> ok, errors gone
[21:46:48] <mofino> those were warnings, did you check mail.err?
[21:46:49] <afeijo> smtp away
[21:46:54] <mofino> ok cool
[21:47:08] <afeijo> now I have another issue, I'm checking something
[21:47:12] <afeijo> but thanks for the kick!
[21:47:44] *** Zitter has left #postfix
[21:48:54] <afeijo> yeah, I mess something here
[21:49:04] <afeijo> new mails are going to /var/mail/feijo
[21:49:08] <afeijo> imap are reading from Mailbox :(
[21:49:27] *** Haris has left #postfix
[21:49:58] <mofino> i use maildir, can't help much :/
[21:50:36] <afeijo> ok
[21:52:20] <mofino> where are the mailbox files in your imap configuratyion?
[21:55:46] <edibrac> i'm been scouring the docs. .and it doesn't look like i can do this: if the From field is a certain address, relay that message to a certain server -- and let all others proceed as normal
[21:56:44] <edibrac> i guess.... i could daemonize a script to do it ..something like http://snippets.dzone.com/posts/show/3932
[21:56:49] <mofino> edibrac, sounds possible.
[21:57:00] <afeijo> mofino: I found this mbox:~/Mail/:INBOX=/var/mail/%u
[21:57:02] <mofino> using a transport
[21:57:19] <mofino> afeijo, hmmm is that from your imap config?
[21:57:25] <afeijo> should I change it to "inbox and folders in ~/Maildir" ?
[21:57:27] <edibrac> well, transport is based on the RCPT TO field, as far as i can tell
[21:57:30] <afeijo> yeah, webmil > dovecot
[21:57:35] <afeijo> webmin
[21:57:35] <mofino> edibrac, transport_maps = user at dom dot com smtp:otherserver
[21:57:47] <mofino> oh sorry yo uwant sender
[21:58:07] <mofino> afeijo, do you want to use maildir?  is this a new setup?
[21:58:36] <afeijo> yeah, all new
[21:58:40] <afeijo> isnt maildir beter?
[21:58:43] <mofino> afeijo, then set it all up for maildir
[21:58:46] <mofino> yes much better
[21:58:52] <afeijo> cool
[21:59:36] <mofino> edibrac, yeah, not sure...
[22:07:50] <afeijo> my smtp is telling relay denied?
[22:08:00] <afeijo> to feijo at local dot sial
[22:08:11] <mofino> sounds like it's missing some configuration
[22:08:31] <qrk> how can i set up my MTA to force MUAs use authentication for smtp, what is the directive?
[22:08:44] <qrk> i can't find it at postconf(5)
[22:08:52] <afeijo> yeah, Im looking on webmin where I can add that alias, or domain
[22:09:49] <mofino> qrk, deny everyone except sasl users
[22:10:06] <qrk> um
[22:10:19] <mofino> that means, remove any allows that are not for sasl users
[22:10:26] <qrk> actually that have sense
[22:10:49] <mofino> maybe
[22:10:50] <mofino> i'm not sure.
[22:11:17] <qrk> um oks i will test, thank you
[22:15:59] <afeijo> I added as virtual domain, but isnt working
[22:21:26] <afeijo> where is postfix config file?
[22:22:05] *** sparkleytone has quit IRC
[22:22:20] <vice-versa> O.o
[22:23:31] <vice-versa> time to start reading some documentation afeijo
[22:23:41] <vice-versa> !docs
[22:23:41] <afeijo> sorry, I agree
[22:23:42] <knoba> vice-versa: "docs" : Postfix documentation http://www.postfix.org/documentation.html
[22:23:52] <vice-versa> !basic
[22:23:53] <knoba> vice-versa: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[22:26:53] *** journeyman has joined #postfix
[22:26:57] <journeyman> ehlo channel
[22:27:02] <journeyman> so, here's the deal
[22:27:19] <journeyman> i'm troubleshootin' a bounced message, apparently orig from my mailserver
[22:27:40] <journeyman> i'm looking for a ambiguous 'relay denied' error I guess
[22:27:52] <afeijo> I edited virtual file, added fejio at sial dot local feijo, still not working... back to docs
[22:28:00] *** cyr- has joined #postfix
[22:28:01] <journeyman> but for the time being, I just searched the entire time interval that the said message was sent from, to my mailserv
[22:28:09] <journeyman> i see no 'relay denied' bounce error from smtpd
[22:28:12] <journeyman> so,
[22:28:16] <mofino> afeijo, did you rebuild the map?
[22:28:18] <journeyman> i looked up the smtp server
[22:28:26] <journeyman> grep smtp.server.com /var/log/maillog
[22:28:40] <journeyman> the thinking is, that i would find any all activity orig from that server to mine
[22:28:52] <journeyman> within the timeframe of the logs of course
[22:29:02] <journeyman> so i don't see any 'bounce' messages from that smtp server
[22:29:09] <mofino> fake
[22:29:13] <journeyman> no 'relay access denied' to smtp.server.com
[22:29:15] <afeijo> ... no?
[22:29:20] <afeijo> just postfix reload
[22:29:27] <mofino> afeijo, are you using maps?
[22:29:30] <mofino> or SQL?
[22:29:33] * journeyman waits in line
[22:29:39] <mofino> journeyman, what is the issue?
[22:29:55] <afeijo> I'm not using mysql yet
[22:29:55] <mofino> journeyman, your explaination is confusing
[22:30:00] <journeyman> well, i'm trying to see if my server dished a relay error on someone who emailed to me
[22:30:00] <mofino> afeijo, so you are using map files
[22:30:07] <mofino> afeijo, they need rebuilding after you make changes
[22:30:09] <journeyman> someone emailed us, said they got a bounce
[22:30:11] <afeijo> I'm editing it with webmin
[22:30:18] <journeyman> i grep my logs, looking for their smtp server
[22:30:19] <mofino> journeyman, do you have the full headers of the emailed message?
[22:30:21] <journeyman> i see no evidence of that
[22:30:30] <journeyman> not of the bounced message, no
[22:30:34] *** m1n3s6 has quit IRC
[22:30:37] <mofino> journeyman, then stop right there
[22:30:48] <journeyman> eh?
[22:30:56] <mofino> journeyman, you are chasing a non-existent cat up a non-existent tree
[22:30:58] <journeyman> well, if i searched teh logs for the smtp/mx
[22:31:14] <journeyman> that would at least tell me that a communication was attempted, no?
[22:31:17] <journeyman> how can that be worthless?
[22:31:20] <mofino> yes
[22:31:23] <qrk> how do you manage account, passwords, user changes etc? postfixadmin?
[22:31:29] <mofino> you are wasting time searching logs
[22:31:38] <journeyman> i don't get it, everything is logged there
[22:31:43] <mofino> qrk, depends on your system
[22:31:49] <mofino> journeyman, was the bounce from a remote party?
[22:31:53] <journeyman> even without a 'header' i'd be able to tell rather quickly, if a bounce was generated from my server
[22:32:10] <journeyman> the bounce allegedly generated from my system
[22:32:10] <mofino> ok, so it is from your server?
[22:32:11] <qrk> postfixadmin can provide final users can change passwords etc?
[22:32:15] <journeyman> allegedly
[22:32:25] <mofino> so why are you so concerned with this?
[22:32:27] *** pitakill has joined #postfix
[22:32:28] <journeyman> i can't find evidence for it, just searching for their smtp server in the logs
[22:32:30] <mofino> qrk, no idea
[22:32:46] <mofino> journeyman, so... what do you want?
[22:32:49] <journeyman> which leads me to my question...how to search for this 'evidence' without immediately asking for a bounce back message transcript from them
[22:32:49] <qrk> um
[22:32:55] <mofino> you dont
[22:33:06] <mofino> you did your part
[22:33:09] <journeyman> i'm not so willing to give up like that :)
[22:33:15] <journeyman> my server logs quite a bit
[22:33:19] <mofino> fake bounce messages are VERY possible
[22:33:24] <journeyman> true
[22:33:27] <mofino> well then waste your time
[22:33:28] <mofino> i don't care
[22:33:31] <journeyman> i suppose i should just get that bounce message :)
[22:33:45] *** dft has joined #postfix
[22:34:40] *** dft has quit IRC
[22:37:08] <vice-versa> journeyman: grep your logs for postfix/bounce, that will give you date and time and queue ids for bounces, then grep the queue ids from there
[22:37:55] <mofino> vice-versa, should be an outbound smtp connection, which he looked for
[22:37:57] *** davidroderick has joined #postfix
[22:38:07] <journeyman> nah, i was looking for inbound smtp
[22:38:20] <journeyman> we bounced them, so that's inbound to me, outbound to the sender
[22:38:24] <journeyman> supposedly hehe
[22:38:40] <mofino> what?
[22:38:45] <mofino> a bounce is outbound from you
[22:38:54] <mofino> unless it's an inline smtp rejection
[22:38:54] <journeyman> right
[22:39:56] <mofino> but in that case, it wouldn't be your bounce.
[22:40:35] <journeyman> eh, sorry noob question here, but what part of all that would be teh queue ID?
[22:40:49] <mofino> the 11 character alphanumeric
[22:41:09] <journeyman> postfix/bounce[29158]: 90F064222A0: sender non-delivery notification: EF879421E86
[22:41:34] <mofino> couple there.
[22:48:35] <davidroderick> hi I am using ubuntu.  I am trying to send through google smtp tls and the problem is with the certificate.  I installed ca-certificates.  I appear to have the correct one.  How can I get postfix to use it?
[22:49:03] <mofino> smtp_tls*
[22:53:11] *** abi- has joined #postfix
[22:53:55] <abi-> Hi. How can I make postfix only accept mail for addresses in the virtual(5) table? Currently, it also accepts mail for every-possible-username@mailname
[22:55:17] <mofino> abi-, set it up properly
[22:56:14] <abi-> mofino: so, to fix my problem I should fix my problem? thanks!
[22:56:24] <vice-versa> hehe
[22:56:28] <mofino> or read the docs about virtual :)
[22:56:49] <abi-> I've read virtual(5) but didn't get englightened
[22:57:14] <mofino> here, you may need: virtual_mailbox_base virtual_mailbox_domains virtual_alias_maps virtual_mailbox_maps virtual_uid_maps etc
[22:57:44] <mofino> each containing it's appropriate information
[22:58:26] *** afeijo has left #postfix
[23:00:29] <davidroderick> I set smtpd_tls_CAfile to the ca-certificates.crt but this did not fix it.  Should I use a more specific certificate?
[23:00:47] <mofino> why are you using the CA?
[23:01:10] <davidroderick> Because I haven't a clue what I am doing
[23:01:40] <mofino> hehe
[23:01:50] <mofino> i can't really help you much
[23:01:56] <mofino> you need the cert googles gives you
[23:02:00] <mofino> googles!
[23:02:42] <davidroderick> Thawte Premium Server is mentioned in the logs.  I am sure that I see this in the certs directory. I will try
[23:02:56] <mofino> I THINK
[23:03:00] <mofino> i have no idea, never used it
[23:03:13] <mofino> i just know if you are attempting TLS with a peer, you need to accept it's cert
[23:03:15] <mofino> and have your own
[23:03:20] <vice-versa> abi-: postfix wouldn't normally do this, so there's a configuration issue as mofino pointed out, albeit rather condescendingly
[23:03:34] <mofino> vice-versa, no wai! ;)
[23:07:12] <abi-> vice-versa: hm, I am using just the debian default main.cf with one line (virtual_alias_maps = hash:/etc/postfix/virtual) added. I don't want to use virtual mailboxes, but I also do not want mail for any address not associated with a UNIX user in my virtual.db to be accepted.
[23:08:06] <mofino> makes no sense
[23:08:33] <abi-> my english may not be the best, sorry
[23:08:56] <mofino> you want virtual domains, but only aliases?
[23:09:03] <mofino> and only going to valid unix accounts?
[23:09:23] <abi-> I still want to use UNIX user accounts to be the ultimate destination of the mails. but I only want mails to be accepted for addresses explicitly configured in my virtual.db
[23:09:56] <pickcoder> seekwill: ping
[23:10:20] <seekwill> pickcoder: in a meeting
[23:10:21] <mofino> abi-, so bascially you only want to accept mail if the account is in virtual.db?
[23:10:29] <abi-> mofino: yes
[23:10:38] <mofino> abi-, sounds pretty possible
[23:10:52] <mofino> abi-, not sure what can be said to help you right now.
[23:10:52] <pickcoder> need that web url again for the bulk mailer consulting
[23:11:14] <abi-> mofino: well, I haven't the slightest idea on how to do that :)
[23:11:36] <mofino> abi-, start with http://www.postfix.org/VIRTUAL_README.html
[23:11:50] <vice-versa> abi-: are you hosting more than one domain?
[23:11:51] <mofino> abi-, it's tricky, but it's much harder for me to help you
[23:12:51] <davidroderick> going back to my problem, i set the same variable to Thawte_Premium_Services.pem and it failed again
[23:12:58] <abi-> vice-versa: no
[23:15:25] <abi-> ah, ok, got it.
[23:15:33] *** gpled has left #postfix
[23:16:50] <seekwill> pickcoder: wordtothewise.com
[23:17:21] <vice-versa> abi-: if I'm understanding what you want, I believe you want to be looking at local_recipient_maps not virtual(8)
[23:18:24] <vice-versa> !maincf local_recipient_maps
[23:18:31] *** jpalmer has quit IRC
[23:19:02] *** jpalmer has joined #postfix
[23:19:54] <davidroderick> http://pastebin.ca/1218423
[23:20:07] *** jY has quit IRC
[23:20:19] <pickcoder> seekwill: thanks
[23:20:55] <seekwill> np :)
[23:22:41] <mofino> davidroderick, certificate verification failed for smtp.gmail.com[209.85.135.109]:587: untrusted issuer ... need to solve that
[23:22:59] <davidroderick> but how....
[23:23:31] <davidroderick> is the problem that my postfix dislike google's certificate?
[23:24:26] <mofino> yes
[23:26:20] <davidroderick> so I need to get google's certificate and tell postfix that google is to be trusted?  Is the Thawte certificate I mentioned the correct one?
[23:26:30] <mofino> no idea
[23:26:33] <mofino> but yes, basically that
[23:26:37] <mofino> i have NO CLUE how to do that
[23:26:42] *** Motoko-chan has joined #postfix
[23:26:52] <davidroderick> ok.
[23:27:29] <davidroderick> it seems that a lot of variables are possibly relevant.  Which one is the problem
[23:27:45] <davidroderick> I need to find which one
[23:27:52] <higuita> mofino:  you need to get the CA for that certificate
[23:27:59] <mofino> higuita, why?
[23:29:08] <higuita> openssl s_client -host smtp.gmail.com -port 25 -starttls  smtp
[23:29:45] <higuita> it will tell you that the certificate is signed by Thawte Premium Server CA
[23:29:53] <higuita> and your openssl dont have it
[23:30:16] <mofino> but why can't postfix ignore this?
[23:30:20] <higuita> if you install that CA in your openssl instalation, it will be trusted by postfix
[23:31:00] <higuita> its just a warning in the default config... if your mail is failling, the you configure it to reject invalid certs
[23:31:43] <higuita> of course, without a valid CA, you cant trust any cert if signs, as you dont have anything to compare to
[23:34:04] <mofino> yeah
[23:34:05] <higuita> http://gagravarr.org/writing/openssl-certs/others.shtml
[23:34:26] <higuita> i assume its openssl, it can also be gnutls
[23:38:41] *** hacim has joined #postfix
[23:38:52] *** cyr- has quit IRC
[23:38:57] <hacim> my active queue just shot up several thousand messages, what is a good way to determine what caused that?
[23:39:19] <hacim> I'm looking at logs and I can't find any common pattern, the files in the spool/active are binary, so its a bit difficult to do some shell operations on them
[23:39:38] <vice-versa> use postcat on them
[23:39:50] <hacim> i am, but they all seem legitimate so far
[23:39:56] <hacim> but there are about 4k of them
[23:40:02] <hacim> so somewhere in there must be some kind of bomb
[23:40:19] <hacim> and individually postcatting each one is not a convenient mechanism for determining patterns
[23:40:20] <higuita> hacim: postsuper -h ALL
[23:40:43] <higuita> it will stop the active queue and give you more time to analyse the issue
[23:41:11] <hacim> yeah, but the analyze is the part I'm wondering about :)
[23:41:35] <higuita> mailq | cut -b -11 | xargs -i postcat -q {} |less
[23:42:31] <higuita> will help you to see many message and analyse then.. confirm the -11 field (if you stopped the queue, greo '!' will just postcat then)
[23:42:55] <higuita> the headers are not binary, so you can compare that
[23:43:33] <hacim> i guess this will tell me my senders: mailq | tail +2 | grep -v '^ *(' | awk 'BEGIN { RS = "" } {print $7}' |less | sort |uniq -c |sort -n
[23:44:10] <hacim> and $8 will give me recipients
[23:44:45] <hacim> err, remove the less in there :)
[23:45:40] <qrk> talking about logs, somebody knows what directive in main.cf is the indicated for change the path or the file where smtpd logs are in?
[23:46:15] <vice-versa> hacim: qshape may be of some use too, http://www.postfix.org/qshape.1.html
[23:46:41] <hacim> vice-versa: yeah, I'm trying to wrestle with qshape to give me something interesting now
[23:47:23] <davidroderick> higuita: I have openssl via apt-get on ubuntu.  I am out of my depth here.  Can I install the CA in openssl without building openssl?
[23:47:42] <higuita> qrk: its the syslog you are looking for, check the mail.* entries in the /etc/syslogd.conf
[23:48:19] <qrk> i do not use syslog
[23:48:47] <qrk> everything is being logging into /var/log/messages
[23:49:08] <higuita> qrk: postfix only uses syslog for logs, IIRC
[23:49:19] <qrk> there is no a directive to redirect the log file?
[23:49:24] <higuita> but you can check if the master.cf have some hack on it for that
[23:49:50] <qrk> i'm looking at postconf
[23:49:54] <qrk> but nothing yet
[23:50:20] <higuita> davidroderick: yes, grab the CA from their site, convert it just like the url i post say and put it in your openssl cert dir
[23:51:20] <higuita> qrk: postconf -n will give you the options different from the default, check it out also, but again, i never saw a logfile entry in postfix
[23:52:05] <qrk> >.< oks thankyou higuita
[23:54:35] *** abi- has quit IRC
[23:55:30] *** qrk has quit IRC
[23:58:44] *** carl- has quit IRC





top