[00:01:09] <edibrac2> if i use pcre i have to run postmap on that map file right? but not for regex?
[00:01:23] <edibrac2> or neither?
[00:02:58] <wdp> try it
[00:03:34] <jtsigma> when trying to expand ldap groups, as specified http://www.postfix.org/LDAP_README.html, it shows only usage of 'groupofnames' type of ldap group which specify each 'member' entire DN: format.   Is it possible to use postfix to expand ldap group type of 'posixGroup', in which the member: field shows simply the username only 'joe.blow'?
[00:04:23] *** Jax has joined #postfix
[00:06:52] <alvarezp> PodMan99, thanks for your help.
[00:19:48] *** phorce1 has left #postfix
[00:24:15] *** PodMan99 has quit IRC
[00:25:14] *** Jax has quit IRC
[00:28:47] *** BuenGenio has joined #postfix
[00:34:08] *** pickcoder has quit IRC
[00:35:27] <wdp> someone from florida here?
[00:35:32] <wdp> how late is it over there right now?
[00:37:53] *** BuenGenio has quit IRC
[00:38:21] *** BuenGenio has joined #postfix
[00:38:45] *** _mika has quit IRC
[00:42:43] *** hparker has quit IRC
[00:43:04] <thumbs> wdp: 18:46 PM
[00:43:17] <thumbs> wdp: google.com, current time in florida
[00:43:35] <wdp> ty
[00:44:05] *** Ernest0x has quit IRC
[00:44:41] *** adnc has joined #postfix
[00:44:59] <adnc> hello, if i have a logentry like this
[00:44:59] <adnc> warning: 193.192.120.120: hostname 120.120.192.193.static.turk.net verification failed: Name or service n
[00:45:03] <adnc> ot known
[00:45:10] <adnc> does it mean that the ip could not be mapped to a domainname?
[00:47:15] *** pirho has quit IRC
[00:48:13] *** BuenGenio has quit IRC
[00:48:14] <higuita> adnc: yes
[00:48:20] <adnc> higuita: thank you
[00:48:31] *** BuenGenio has joined #postfix
[00:48:33] <higuita> or better, the rdns could not be resolved back to the same IP
[00:48:35] <adnc> than this is not a critical logentry, isnt it
[00:49:44] <higuita> its a warning, so no... but you can enforce that check if you want... several mail servers do that, as mail servers usually are companies IPs, so have valid rdns
[00:50:18] <adnc> higuita: if i consider this particular warning than no, since the sender is a turkish museum
[00:50:31] <adnc> but actually it seems that a provider is managing there ip
[00:50:41] <adnc> so a professional mail operator
[00:50:53] <adnc> i dont know why they do not have a reverese dns entry
[00:50:58] <zaarg> i'm so fucking hungry
[00:51:04] <zaarg> er, wrong channel
[00:52:03] <higuita> adnc: they probably didnt ask for their provider to update its rdns for the mail server, the provider doesnt guess :)
[00:52:16] <adnc> uyyy
[00:52:42] <adnc> higuita: unfair isn't it a museum is not a professional in this case
[00:52:51] <adnc> so the provider should do this job for them
[00:53:01] *** BuenGenio has quit IRC
[00:53:09] <adnc> they may recognize this if mailservers do reject it, wont they
[00:53:55] <higuita> the question is who manage the mail server.... its the job of that person to ask for the rdns... if its the provider, then yes, they fail the service
[00:54:33] <adnc> higuita: i did try to look what is behind that ip and i saw that there service is providing mail services
[00:54:35] <higuita> depends on how much email gets rejected or the complains...
[00:54:44] <adnc> yeahh
[00:54:47] <higuita> one email week will hardly get notice
[00:55:00] <adnc> if anyone rejects it at all
[00:55:17] <adnc> that is a little criteria i think. rejecting just because of this
[00:55:58] <higuita> belive me, there are many server that check the rdns, as adsl, cable, etc dont have correct rdns
[00:56:38] <adnc> higuita: i did set up mine, but i think only huge mail services providers like hotmail etc. can do or allow this rejecting
[00:56:50] <adnc> if i would do this with my small server ;)
[00:59:31] <higuita> most do the check in the spamassassin, but some do it directly in the mail server, so generating the reject
[00:59:57] <higuita> but yes, its usually big ones that do this check
[01:00:11] <adnc> wouldnt it be a problem of the mailserver instead of spamassassin?
[01:00:29] <adnc> it would be better to reject in the instance of the mta
[01:00:37] *** Zeo80 has quit IRC
[01:00:46] <adnc> if sa checks it then the mail is already accepted
[01:02:26] *** UQlev has quit IRC
[01:09:16] <higuita> yes
[01:09:44] <higuita> but it can be discard if the score is too high, the rdns check is just one of many tests
[01:15:00] *** gutocarvalho has quit IRC
[01:15:04] *** cmdln has joined #postfix
[01:15:14] <cmdln> good evening
[01:15:30] *** fuzzylogick has joined #postfix
[01:15:33] <stainer> hi
[01:16:06] *** hparker has joined #postfix
[01:18:56] <cmdln> Im trying to setup per-user access control, I keep getting server configuration errors in the logs when I try to send
[01:19:10] <fuzzylogick> I'm getting an access denied error using postfix for local delivery with zarafa and i'm not sure if the issue is with postfix or zarafa, can anybody help? http://pastebin.com/m25d694e5
[01:19:28] <cmdln> is there a better way to track how messages pass through than tailing the mail.log?
[01:21:00] <adnc> fuzzylogick: does your user testuser exist=?
[01:21:54] <fuzzylogick> yes, user is set up in zarafa mysql database and I have postfix installed with mysql support
[01:22:32] <adnc> fuzzylogick: then i can not help you, i dont know what zarafa does. but obviously postfix can not find this user
[01:22:59] *** k-man has joined #postfix
[01:23:15] <fuzzylogick> yes, i figured that i just thought perhaps somebody here had experience w/ zarafa an postfix in this configuration
[01:26:30] <stainer> !DNSBL
[01:26:30] <knoba> stainer: Error: "DNSBL" is not a valid command.
[01:28:04] *** chadmaynard has quit IRC
[01:35:19] *** war9407 has quit IRC
[01:43:02] *** k-man has quit IRC
[01:43:22] *** BuenGenio has joined #postfix
[01:44:43] *** alvarezp has quit IRC
[01:45:30] *** adnc has quit IRC
[01:46:27] *** Motoko-chan has quit IRC
[01:50:03] *** BuenGenio has quit IRC
[01:53:59] *** BuenGenio has joined #postfix
[02:10:30] *** edibrac2 has quit IRC
[02:11:32] *** MrNaz has quit IRC
[02:11:42] *** fuzzylogick has left #postfix
[02:11:43] *** gutocarvalho has joined #postfix
[02:14:46] *** wdp has quit IRC
[02:20:57] *** karega has joined #postfix
[02:21:21] <karega> does anyone know a command line to send an email with an file attachment?
[02:29:15] *** dft has joined #postfix
[02:40:29] *** githogori has quit IRC
[02:55:45] *** ming_zym has joined #postfix
[03:08:52] *** karega has quit IRC
[03:10:25] *** pickcoder has joined #postfix
[03:10:47] *** BuenGenio_ has joined #postfix
[03:10:57] *** greed has quit IRC
[03:17:25] *** BuenGenio__ has joined #postfix
[03:21:30] *** BuenGenio__ is now known as BuenGenio_____
[03:21:47] *** dft has quit IRC
[03:22:50] *** BuenGenio_____ has quit IRC
[03:23:49] *** Motoko-chan has joined #postfix
[03:25:04] *** Haris_ has joined #postfix
[03:29:29] *** BuenGenio has quit IRC
[03:31:09] *** stainer has quit IRC
[03:32:28] *** rmayorga has quit IRC
[03:32:53] *** rmayorga has joined #postfix
[03:34:15] *** BuenGenio_ has quit IRC
[03:39:07] *** AllenJB has quit IRC
[03:53:05] *** lili has joined #postfix
[03:53:15] <lili> Everytime I rewrite header_checks do I have to also restart postfix?
[03:53:58] <pickcoder> postmap should be enough
[03:54:06] <lili> Thank you :)
[03:54:08] <pickcoder> you can do a reload if you want to force a map reread
[03:55:36] <Dominian> er
[03:55:52] <Dominian> doing postmap on a transport or something.. should load it back into postfix automatically without restarting/reloading postfix
[03:55:57] *** MrNaz has joined #postfix
[03:56:19] <lili> Also, could I bother you with a header_check regexp that has been bothering me for some time?
[03:56:25] <lili> *troubling
[03:58:52] <lili> Aw well, since the channel is quite silent, I'll just go ahead and paste it here in case anyone is in the mood ;)
[03:58:57] <lili> (^From: Plop Plop <fif\ at fofo\ dot com>(.|\n)+^Content-Type: application.foo\;)
[03:59:26] <lili> I am trying to match mails coming from Plop Plop that contain an attachment of application.foo.
[03:59:34] <lili> Is that the way to do it? Because it doesn't really work ;p
[04:02:59] *** pickcoder has quit IRC
[04:12:10] <Fallenou> application\.food maybe
[04:14:44] <lili> Fallenou: no, that's not the problem :] Actually, it's application/foo, but application.foo contains that too.
[04:15:56] *** pulsar has left #postfix
[04:23:32] *** mavrick61 has quit IRC
[04:24:41] *** mavrick61 has joined #postfix
[04:25:09] <vice-versa> lili: you can't do that with header_checks for two reasons, data is passed to header_checks one line at a time and you use mime_header_checks for the Content-(Disposition|Type) checks
[04:25:30] <lili> I see
[04:25:35] <lili> Aw I see
[04:25:47] <lili> Dammit >_<
[04:25:54] *** stainer has joined #postfix
[04:25:58] <lili> So, what I'm trying to do is impossible?
[04:26:15] <lili> is there any other way?
[04:26:34] *** MrNaz has quit IRC
[04:27:24] <vice-versa> using built-in checks it's not possible, those are for for fairly simple checks and should be used sparingly
[04:28:23] <vice-versa> !tell lili docs
[04:28:24] <knoba> lili: -> "docs" : Postfix documentation http://www.postfix.org/documentation.html
[04:28:39] <vice-versa> see the 'Content inspection' section
[04:28:54] <lili> Thank you :)
[04:29:13] <vice-versa> yw
[04:30:06] *** MrNaz has joined #postfix
[04:33:28] *** chadmaynard has joined #postfix
[04:34:29] *** chadmaynard has quit IRC
[04:37:42] <deface> so i've moved my relay_domains to a mysql setup, using postfix-admin .. but postfix is not actually pulling them, and all are getting denied
[04:37:58] <deface> works if i specify the relay domains in main.cf, but wanted to move them to mysql
[04:38:12] <deface> relay_domains = mysql:/etc/postfix/mysql/relay_domains_map.cf
[04:38:26] <deface> query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '1' AND active = '1'
[04:38:44] <deface> and query matches, but postfix doesnt seem to be using any
[04:39:05] <Fallenou> ok sorry lili :p
[04:39:06] *** Fallenou has quit IRC
[04:41:48] <deface> 450 4.1.1 <user at domain dot com>: Recipient address rejected: User unknown in virtual mailbox table
[04:42:06] <deface> it keeps looking for an email, yet i have them set as backup mx
[04:43:31] <deface> another issue .. if i send to just 'postmaster' .. it doesnt make it anywhere, if i send to 'postmaster at domain dot com' .. i get it
[04:44:41] <vice-versa> deface: I think it's because relay_domains is expecting a list, try it with out the domain='%s' in the WHERE
[04:46:08] *** githogori has joined #postfix
[04:48:50] *** pitakill has joined #postfix
[04:49:39] <deface> query = SELECT domain FROM domain WHERE backupmx = '1' AND active = '1'
[04:49:58] <vice-versa> yeah, give that a whirl
[04:51:37] <deface> still getting Recipient address rejected: User unknown in virtual mailbox table
[04:52:07] <deface> yet query gives list
[04:52:42] <vice-versa> and if you specify this list manually it works?
[04:52:54] <deface> yup
[04:53:18] <deface> relay_domains = domain1 domain2 domain3
[04:53:19] <deface> works fine
[04:53:58] *** lili has quit IRC
[04:54:12] <deface> blah .. whitespace
[04:54:23] <deface> working now, thanks
[04:54:43] <deface> now to fix my alias's
[04:55:41] *** Haris1 has joined #postfix
[04:56:25] <deface> local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
[04:56:37] <deface> my alias points to my user
[04:59:57] <vice-versa> deface: where's the alias being defined?
[05:03:16] *** goldfisc1li has joined #postfix
[05:03:58] <deface> you mean /etc/mail/aliases ?
[05:04:10] <deface> oh, thats defined via postfix-admin
[05:04:28] <deface> should i just remove $alias_maps & unix: ?
[05:05:05] <vice-versa> postmap -q postmaster hash:/etc/mail/aliases
[05:05:31] <deface> zeus postfix # postmap -q postmaster hash:/etc/mail/aliases
[05:05:32] <deface> jeremy at fluxlabs dot net
[05:05:53] <deface> after i removed unix & $alias_maps
[05:06:22] <deface> but the messages are still being dropped to a local box
[05:07:11] <vice-versa> hmm, pastebin the relevant log experts for a failed delivery to postmaster
[05:07:24] <deface> well its not failing
[05:07:37] <deface> its being dropped to postmaster's box on the machine
[05:07:51] <deface> like i said, if i do postmaster at domain dot com i get them
[05:08:04] <deface> but anything off the box locally, to either root or postmaster get dropped to local box's
[05:08:09] <vice-versa> s/failed/undesirable/
[05:09:01] <deface> CE5BC628060: to=<postmaster at zeus dot fluxlabs.net>, orig_to=<postmaster>, relay=local, delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
[05:09:11] <deface> relay is local, not virtual
[05:11:16] *** solarce has joined #postfix
[05:11:52] <deface> now postmaster's box is filling up with - Recipient address
[05:11:52] <deface>      rejected: User unknown in virtual mailbox table
[05:11:59] <deface> messages
[05:12:19] <deface> since we did the relay domains to mysql
[05:15:49] *** saurabhb has joined #postfix
[05:17:08] <solarce> I am getting the following error message on a freshly installed and configured Postfix+Amavisd+SA on CentOS 5.2, when trying to test sending, "Diagnostic-Code: smtp; 554 5.4.0 Error: too many hops", see http://pastie.org/private/xfboyeqo2ows0endc10hrg for postconf and http://pastie.org/private/xrixahnnzrni4rdgtd7i2g for /var/log/maillog during the transaction
[05:18:37] *** goldfischli has quit IRC
[05:18:45] <deface> sounds like an amavis misconfig
[05:20:04] <solarce> I am suspecting networking somehow, because I did the same setup on an existing centos 5 test box and it works correctly, I've copied over the postfix, amavis, and sa configs, updating the postfix configs for the different hostname of the server
[05:20:13] <solarce> but I am open to any suggestions
[05:20:28] <vice-versa> deface: you probably want to set myorigin = $mydomain then create postmaster at fluxlabs dot net -> jeremy at fluxlabs dot net in virtual_alias_maps
[05:21:03] <vice-versa> that's assuming mydomain = fluxlabs.net
[05:21:42] <deface> well have zeus.fluxlabs.net forwarded to fluxlabs.net
[05:22:05] <vice-versa> how?
[05:22:48] <deface> all aliased via postfix-admin's mysql db
[05:23:08] <vice-versa> solarce: to may hops sounds like a mail loop
[05:23:18] <vice-versa> *many
[05:23:18] <solarce> vice-versa: yeah
[05:23:26] <solarce> so says http://www.postfix.org/faq.html#loop
[05:23:49] <solarce> but, I am unsure what might be wrong with amavisd, as it is the content filter
[05:24:31] <vice-versa> deface: which means nothing to me
[05:25:57] <vice-versa> solarce: trace the loop in your logs and see if you can make any sense of it from that
[05:28:03] <solarce> vice-versa: http://pastie.org/private/1gulxlfnfmpvtayotxboa is my amavisd.conf
[05:29:51] *** Thorn_ has quit IRC
[05:33:44] <vice-versa> solarce: so if you take amavis out of the equation the mail loop goes away?
[05:35:29] <solarce> vice-versa: sadly, yes
[05:35:53] <solarce> it's obviously a amavis problem, but I cn't determine why
[05:40:00] <vice-versa> I would wager a guess it's probably something to do with your overrides in master.cf related to amavis
[05:40:11] <vice-versa> or the lack there of...
[05:41:07] <solarce> overrides?
[05:41:48] <deface> Oct  7 22:42:05 zeus postfix/local[20946]: B2097628060: to=<jeremy at zeus dot fluxlabs.net>, orig_to=<postmaster>, relay=local, delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
[05:41:59] <vice-versa> yeah, like -o content_filter=   -o smtpd_delay_reject=no  etc., etc,
[05:42:02] <deface> lol, now its all going to that user's inbox
[05:43:13] <vice-versa> what did you change?
[05:43:25] <solarce> vice-versa: http://pastie.org/private/o29vcgqts3h4uslco7unfw
[05:43:34] <deface> alias_maps = hash:/etc/mail/aliases
[05:43:49] <solarce> I followed http://fedorasolved.org/server-solutions/postfix-mail-server
[05:44:15] *** snadge has joined #postfix
[05:44:32] <snadge> when i update the /etc/postfix/virtual .. what do i have to do for it to take effect? (noob q 101)
[05:44:46] <snadge> i've just tried newaliases.. but i thought that was for /etc/aliases
[05:45:03] <vice-versa> postmap
[05:45:48] <solarce> vice-versa: is it possible tabs vs spaces matter?
[05:46:16] <snadge> postmap virtual ?
[05:46:20] <snadge> (in /etc/postfix)
[05:46:30] <vice-versa> postmap /etc/postfix/virtual
[05:46:37] <vice-versa> solarce: nope
[05:48:46] <vice-versa> solarce: what happened to all your underscores?
[05:49:24] <solarce> say what?
[05:49:40] <solarce> oh!
[05:49:42] <solarce> hrm
[05:49:50] <solarce> the wiki must have ate them
[05:50:22] <snadge> ok cool its working now.. god bless postfix ;)
[05:50:25] <solarce> must be the markdown intrepreter
[05:50:35] <cmdln> anyone using client smtp restrictions?
[05:50:44] <cmdln> well user really
[05:50:45] * vice-versa wacks solarce with wikiby4
[05:50:55] <solarce> cmdln: like policyd?
[05:51:10] <cmdln> mmm im not familiar with policyd
[05:51:26] <cmdln> i was looking for for restricting specific users from inbound/outbound mail
[05:51:34] <cmdln> i found the wiki page about it
[05:51:48] <cmdln> but i keep getting errors about server configuration error
[05:51:52] <solarce> vice-versa: amazing what some underscores can do
[05:52:16] <vice-versa> solarce: worth their weight in gold in your case
[05:54:03] <vice-versa> cmdln: the most common cause of that when working with restriction stages is use a "=" when you shouldn't be
[05:54:45] <cmdln> mmm
[05:54:55] <cmdln> ill look closly at my config again
[05:55:27] <cmdln> i was pretty much doing exactly what i saw on the restriction class readme.
[05:55:41] *** karega has joined #postfix
[05:55:50] *** karega has left #postfix
[05:55:59] <vice-versa> yeah,  look for something like, reject_rbl_client = zen.spamhaus.org
[05:56:09] <vice-versa> which of course is a no no
[05:56:44] <solarce> now to tune policyd
[06:01:36] <cmdln> http://pastebin.com/d4adb4cc3
[06:01:49] <cmdln> those are the lines i have in my config that are causing the issues i believe
[06:03:21] *** shinao1 has quit IRC
[06:03:56] <vice-versa> cmdln: fix the first one
[06:04:47] <solarce> where would "<** 450 4.7.1 <bburton at ristech dot net>: Recipient address rejected: Policy Rejection- Please try later.
[06:04:50] <solarce> "
[06:04:55] <solarce> be likely to be caused?
[06:05:19] <vice-versa> looks like greylisting to me
[06:05:33] <Dominian> concur
[06:05:54] <vice-versa> solarce: are you using postgrey?
[06:06:03] <solarce> no
[06:06:08] <cmdln> vice-versa: whats wrong with the first one? Ive tried it like this as well. ... http://pastebin.com/d7957555b
[06:06:11] <solarce> I am using policyd v1 though
[06:06:39] <solarce> turning off greylisting in policyd did it :)
[06:06:40] <solarce> thanks
[06:07:00] <vice-versa> cmdln: put it all on one line or indent with whitespace
[06:10:59] <vice-versa> cmdln: maybe it's that shitty pastebin wrapping your paste
[06:11:12] <cmdln> yeh it was all one one line
[06:11:27] <cmdln> and i have tried it indented as well
[06:11:50] <solarce> thanks folks
[06:11:51] *** solarce has left #postfix
[06:11:51] <cmdln> still get server configuration error
[06:12:05] <vice-versa> confirm your path/filenames
[06:13:21] <vice-versa> and look for obvious warnings etc. in the logs
[06:13:26] <vice-versa> !obvious
[06:13:26] <knoba> vice-versa: "obvious" : look for obvious signs of trouble, egrep '(warning|error|fatal|panic):' /some/log/file See: !logs factoid if you're unsure of where your mail logs are located
[06:18:47] <cmdln> Ill have to look at it again with fresh eyes later
[06:18:52] <cmdln> i must be missing something simple
[06:19:07] <cmdln> any thoughts on greylisting?
[06:19:13] <cmdln> ive been considering adding it
[06:20:09] <vice-versa> postgrey
[06:23:18] <cmdln> yeah, how has your experience been with it?
[06:23:26] <cmdln> did it decrease your spam?
[06:23:43] <vice-versa> heh, don't go there
[06:23:50] <cmdln> lol
[06:24:01] <Dominian> hehe
[06:24:07] <Dominian> I don't think vice-versa trusts greylisting :P
[06:24:13] <cmdln> heh
[06:25:05] <vice-versa> I don't care for greylisting myself but have been forced to use it against my better judgement and bitter protests
[06:25:16] <Dominian> I think it helps
[06:25:39] <cmdln> why dont you lke it? what mail did you miss out on vice-versa ?
[06:26:12] <Dominian> unfortunately there are some systems out there that treat 4xx temp fail reponses as 5xx and they discard or bounce the message
[06:26:26] <vice-versa> not me, it's on a clients server
[06:27:59] <vice-versa> and it caused more issues than it solved initially, after some unnecessary whitelisting it got better but meh I just forward the complaint calls onto management now ;)
[06:28:18] <cmdln> lol
[06:28:22] <cmdln> fair enough
[06:28:48] <cmdln> probably wouldnt be prudent for me to install it if there are very many servers treating 4xx as 5xx
[06:30:45] <vice-versa> well he's my take on it, don't go overboard with anti-uce countermeasures, no two spam problems are the same in my experience, add what you need and not what you think you need
[06:31:07] <vice-versa> some good pre-data spam control goes a long way
[06:31:22] <cmdln> mmm i need smarter users, they need to learn to trim and bottom post
[06:31:51] <vice-versa> it's about mitigation not prevention, if you keep that in the back of your mind you'll be fine
[06:33:18] <vice-versa> oh and for the record, the issue that all the asshats thought greylisting would resolve continues :)
[06:35:18] <cmdln> heh
[06:44:36] *** F6F has joined #postfix
[06:46:25] *** Toerkeium has quit IRC
[06:49:53] *** dorijan_ has quit IRC
[06:50:07] *** dorijan__ has joined #postfix
[06:51:13] *** F6F has quit IRC
[06:57:48] *** niki has quit IRC
[07:00:11] *** adityag has joined #postfix
[07:00:44] *** chadmaynard has joined #postfix
[07:00:59] <adityag> i installed postfix using "yum install postfix dovecot system-switch-mail"
[07:01:33] <adityag> i switched to it from sendmail, i use centOS 5.1
[07:01:47] <thumbs> congratulations
[07:01:49] <adityag> still when i send emails i dont receive it
[07:02:37] <adityag> thumbs: anyway to check its working or not ?
[07:02:58] <jp-> have a look at /var/log/maillog and http://www.postfix.org/DEBUG_README.html
[07:03:02] <thumbs> you need to provide more details, entries from the error log, et
[07:03:06] <thumbs> etc
[07:03:16] <thumbs> we can't guess.
[07:03:36] <vice-versa> well we can, but....
[07:04:10] <thumbs> vice-versa: ok, you can.
[07:05:03] * vice-versa guesses it wasn't started
[07:05:05] <adityag> can u atleast tell me where error logs are located ?
[07:05:14] <vice-versa> !logs
[07:05:15] <knoba> vice-versa: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going. also see !have2mung
[07:05:28] <jp-> i just told you, on centos it's probably /var/log/maillog
[07:05:37] <thumbs> vice-versa: my guess was not as nice. I won't say it publicly.
[07:05:46] <vice-versa> hehe
[07:06:06] <vice-versa> thumbs: I actually figured as much ;0
[07:06:13] <thumbs> hehe
[07:06:18] <thumbs> anyway, buenas noches
[07:12:53] <adityag> thumbs: NO ROUTE TO HOST
[07:15:04] <adityag> i am getting error "NO ROUTE TO HOST"
[07:17:28] <vice-versa> I'll go out on a limb and make a guess there's no route to the host
[07:17:48] <adityag> any1 there to help ? any help will be appreciated
[07:19:15] <vice-versa> !relevant
[07:19:16] <knoba> vice-versa: "relevant" : Please pastebin the relevant mail log excerpts for your issue. See the !logs channel factoid if you do not know where your mail logs are located. See the !pastebin channel factoid if you do not know what a pastebin is.
[07:20:03] <deface> aight vice-versa still cant get these aliases squared away ..
[07:20:09] <deface> tweaked the rest of it, but not this portion
[07:20:44] <vice-versa> deface: did you try my suggestion?
[07:20:47] <deface> yeah
[07:20:50] <deface> didnt see a change
[07:22:05] <vice-versa> tell me how you implemented it
[07:24:46] <deface> vice-versa> deface: you probably want to set myorigin = $mydomain then create postmaster at fluxlabs dot net -> jeremy at fluxlabs dot net in virtual_alias_maps
[07:25:13] <deface> virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
[07:26:39] <deface> SELECT goto FROM alias WHERE address='%s' AND active = '1'
[07:27:14] <vice-versa> does a postmap query work
[07:27:22] <deface> query returns jeremy at fluxalbs dot net
[07:27:29] <deface> if i %s on postmaster at fluxlabs dot net
[07:27:54] <adityag> http://pgsql.privatepaste.com/d2h6UE138o
[07:28:15] <adityag> vice-versa:  thumbs:  ^
[07:29:38] <deface> vice-versa: how can you postmap -q a mysql db ?
[07:30:17] <vice-versa> postmap -q postmaster at fluxlabs dot net mysql:/etc/postfix/mysql/virtual_alias_maps.cf
[07:30:55] <deface> tried that .. maybe i mistyped
[07:31:02] <deface> returns jeremy at fluxlabs dot net
[07:31:22] <deface> its really just local alias's
[07:31:42] <deface> i geuss i could manually add the alias entries w/ out complete email addresses
[07:32:36] <deface> lets try this
[07:34:23] *** eric2b has joined #postfix
[07:34:53] *** snadge has left #postfix
[07:35:07] <eric2b> I'm trying to attach a pdf to an email with the following:
[07:35:25] <eric2b> /usr/sbin/sendmail emailAddress at gmail dot com < /tmp/test.pdf
[07:35:43] <eric2b> what's the proper way of attaching a file to an email and sending it from the command line?
[07:36:17] <adityag> any1 there to help, i am getting error:"no route to host", here's the maillog  http://pgsql.privatepaste.com/d2h6UE138o
[07:37:40] <vice-versa> adityag: looks to be a network config issue, no/invalid default gateway maybe
[07:38:27] <deface> eric2b: -f FILE
[07:38:40] <adityag> vice-versa: ok
[07:39:06] <deface> vice-versa: 84948628060: to=<jeremy at fluxlabs dot net>, orig_to=<postmaster>, relay=virtual, delay=0.18, delays=0.17/0/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
[07:39:32] <vice-versa> that looks better
[07:39:55] <adityag> vice-versa: any help on how do i add default gateway ?
[07:40:13] <vice-versa> yup, man route
[07:40:38] <deface> adityag: what flavor ?
[07:40:53] <adityag> centos 5.1 64bit
[07:41:17] <eric2b> deface, are you sure? I tried -f FILE and -f myfile.pdf
[07:41:19] <eric2b> no go
[07:41:35] <deface> not sure w/ sendmail
[07:41:40] <deface> thats nail/mail line
[07:41:41] <eric2b> can't find it in the man sendmail page...
[07:42:36] <deface> google broke ?
[07:42:46] <eric2b> never
[07:43:03] <eric2b> already all over it  :)
[07:43:05] <deface> adityag: /etc/sysconfig/network
[07:43:29] <deface> GATEWAY=x.x.x.x
[07:43:37] <adityag> deface: thank you!
[07:44:03] <deface> if you've got multiple nic's you'd have - /etc/sysconfig/networking/devices/ifcfg-ethX
[07:48:24] <deface> nice .. aight vice-versa .. thanks, i got it
[07:48:52] <deface> i had to add postmaster & root w/ out a domain .. and alias it to jeremy at fluxlabs dot net
[07:49:13] <deface> i'm using strictly virtual ... local_recipient_maps = $virtual_mailbox_maps
[07:49:26] <deface> only looks to mysql, removed local & unix
[07:49:26] <vice-versa> ahh
[07:50:53] <deface> i implemented greylisting yesterday .. was previously just doing SA/MailScanner ..
[07:51:15] <deface> holy crap, big difference .. went from 20k w/ 1k legit messages .. to 1k and 800 legit
[07:52:16] <adityag> deface: i have enter my mail server's ip address ??? "GATEWAY=x.x.x.x"
[07:52:33] <deface> umm .. no
[07:52:38] <deface> what exactly are you trying to do
[07:53:34] <adityag> deface: mails i sent are not received by the other party
[07:54:12] <deface> yeah, i saw that
[07:54:28] <deface> does the box have internet ?
[07:54:32] <deface> can you ping out .. surf ?
[07:54:44] <deface> dns is apparently working
[07:55:00] <adityag> deface: yes, it can
[07:55:32] <deface> pastebin the output of - postconf -n
[07:55:41] <deface> and master.cf
[07:55:50] <adityag> deface: no i cant ping
[07:56:15] <deface> firewall? iptables?
[07:56:23] <deface> service iptables stop
[07:56:31] <deface> selinux ?
[07:56:43] <adityag> selinux ? whats this ?
[07:57:10] <adityag> actually i am logged on a remote server usung ssh
[07:57:35] <adityag> i have no idea of iptables, selinux ,etc
[07:57:48] <deface>  - /sbin/service iptables status
[07:57:48] <adityag> i am yet a student, trying to learn out new things
[07:58:18] <vice-versa> pastebin the output from, ifconfig && route -n
[07:58:20] <deface> well its really the wrong channel for basic linux support, but i'll help yah
[07:58:30] <adityag> should i paste bin "?/sbin/service iptables status" 's output too?
[07:58:47] <deface> nah, you can just report that here .. lol
[07:58:54] <deface> either running or stopped
[07:59:55] <adityag> deface: i am getting output as some list
[08:00:14] <deface> then pastebin it
[08:00:33] <adityag> ok
[08:03:09] <adityag> deface:  vice-versa: http://pgsql.privatepaste.com/46Pu9TpmeD
[08:03:52] <deface> service iptables stop
[08:04:02] <deface> postqueue -f
[08:04:45] <adityag> done
[08:05:12] <deface> tail your mail logs now
[08:05:14] *** eric2b has quit IRC
[08:06:23] <adityag> ok just a sec
[08:07:50] *** AllenJB has joined #postfix
[08:08:58] <adityag> http://pgsql.privatepaste.com/6dUVXl1g5Z
[08:08:59] *** Knoedel2 has joined #postfix
[08:10:12] <deface> try ping mail.yahoo.com
[08:11:00] <adityag> able to ping
[08:11:06] <deface> odd
[08:11:21] <deface> telnet mail.yahoo.com 25
[08:12:12] <adityag> Trying 209.73.168.74...
[08:12:12] <adityag> telnet: connect to address 209.73.168.74: No route to host
[08:12:12] <adityag> telnet: Unable to connect to remote host: No route to host
[08:12:24] <vice-versa> telnet 216.39.53.3 25
[08:12:45] <deface> what does /etc/resolv.conf have ?
[08:13:15] *** resmo has joined #postfix
[08:13:18] <resmo> hi
[08:13:26] <adityag> ; generated by /sbin/dhclient-script
[08:13:26] <adityag> nameserver 216.93.160.16
[08:13:26] <adityag> nameserver 216.93.170.17
[08:15:15] <resmo> i wanted to whitelist a email addr. mailing from a host which does not send correct helo data
[08:15:47] <resmo> so i have mtp_helo_required = yes
[08:16:19] <resmo> and smtpd_helo_restrictions = check_sender_access hash:/etc/postfix/whitelist, reject_invalid_hostname,
[08:17:03] <resmo> whitelist looks like user at example dot com OK, and i have postmaped it
[08:17:04] <deface> okie, looks good .. did you run a postmap on whitelist after updating ?
[08:17:06] <resmo> what do i wrong
[08:17:17] <deface> hmm
[08:17:40] <deface> whats in whitelist ?
[08:18:03] <resmo> membersupport at technorati dot com    OK
[08:18:51] <deface> should be smtpd_recipient_restrictions
[08:18:55] <deface> not helo_restrictions
[08:18:56] *** hparker has quit IRC
[08:19:01] <deface> for your check_sender_access
[08:19:31] <vice-versa> whitelist the client not the sender, do it in  smtpd_recipient_restrictions and DO *NOT* whitelist prior to reject_unauth_destination
[08:19:51] <resmo> hmm but the problem is a Helo command rejected: Host not found;
[08:20:03] <deface> else you relay
[08:20:40] <deface> well, your helo has nothing to do with who its from
[08:21:16] <adityag> deface: is there something very wrong with my server?
[08:21:31] <deface> adityag: seems somethings up w/ the route
[08:21:43] <deface> try to telnet to alpha.fluxlabs.net 26
[08:22:15] <resmo> ehm i forgot to say, i want to whitelist a FROM email addr. not a recipeint email addr.
[08:22:20] <deface> resmo: not familiar w/ mtp_helo_required .. cant find it anywhere in postfix ....
[08:22:32] <deface> ahh .. smtp_helo
[08:22:48] <deface> smtpd_helo_required
[08:23:07] <resmo> a sorry for that...
[08:23:09] <adityag> Connected to alpha.fluxlabs.net (75.126.60.66). Escape character is '^]'. 220-alpha.fluxlabs.net ESMTP Exim 4.69 #1 Wed, 08 Oct 2008 01:22:34 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.
[08:23:43] <deface> adityag: ok, now try port 25
[08:23:46] <deface> alpha.fluxlabs.net 25
[08:24:12] <vice-versa> resmo: don't whitelist on addresses
[08:24:22] <adityag>  deface: Trying 75.126.60.66... telnet: connect to address 75.126.60.66: No route to host telnet: Unable to connect to remote host: No route to host
[08:24:35] <deface> adityag: your hosts isp is blocking port 25
[08:24:38] <deface> :(
[08:25:13] <adityag> deface: is port 25 needed for postfix ?
[08:25:13] <deface> whose the isp ?
[08:25:24] <deface> output mail connect to remote port 25
[08:25:29] <deface> outbound*
[08:25:46] <adityag> i really dont know, as i have hired a server
[08:25:48] <deface> your server is trying to connect to mail.yahoo.com on port 25 .. but isp is blocking
[08:25:55] <deface> looks to be through serverpath
[08:26:00] <adityag> yup
[08:26:03] <deface> call them and rip them a new hole .. ask why there blocking port 25
[08:26:07] <deface> and may want to read your TOS
[08:26:25] <deface> sometimes you have to just ask for port 25 to be opened up .. saves spam
[08:26:42] <vice-versa> adityag: contact their support, you might have to request they unblock 25
[08:26:49] <deface> servepath.com *
[08:27:14] <adityag> deface: ok, can we change the outbound mails port?
[08:27:17] <vice-versa> al though I don't like how they're blocking it
[08:27:27] <adityag> i'll do that anyways
[08:28:35] <adityag> can we change the outbound mails port?
[08:28:43] <deface> no
[08:28:48] <adityag> ok
[08:28:49] *** HansTheGerman has joined #postfix
[08:28:52] <deface> there router/firewall is blocking port 25 .. nothing you can do
[08:28:54] <HansTheGerman> hey
[08:29:01] <adityag> okkk
[08:29:25] <HansTheGerman> how to i change the retry interval on postfix
[08:29:26] <adityag> deface: vice-versa: thanks alot!!!
[08:29:31] <deface> np
[08:30:10] <adityag> deface: ur really very good
[08:31:44] <deface> ty
[08:32:53] <adityag> ty?whats thaT?
[08:33:39] <deface> np = no problem, ty = thank you
[08:33:54] <adityag> okk
[08:36:50] <vice-versa> HansTheGerman: why do you want to change the sane defaults?
[08:37:14] <HansTheGerman> what is the default retry interval
[08:37:46] <vice-versa> 300s
[08:38:05] <HansTheGerman> o
[08:38:14] <HansTheGerman> not like 10min?
[08:39:47] *** sophokles has joined #postfix
[08:40:08] <deface> HansTheGerman: queue_run_delay
[08:40:15] <vice-versa> as successive retries fail, the next retry time is incremented
[08:40:38] <HansTheGerman> yes
[08:41:20] <vice-versa> !mancf minimal_backoff_time
[08:41:21] <knoba> vice-versa: Error: "mancf" is not a valid command.
[08:41:28] <vice-versa> !maincf minimal_backoff_time
[08:41:40] <HansTheGerman> in the case of a mail that gets greylisted, i see mail servers try to connect rapidly until it is accepted
[08:42:24] <deface> what are you using for greylisting ?
[08:42:40] <vice-versa> umm, if you don't admin the other hosts you got no control on that
[08:43:22] <vice-versa> I knew there was going to be something odd about that request
[08:43:37] *** adityag has left #postfix
[08:43:46] <deface> ha
[08:44:10] <HansTheGerman> ty
[08:44:34] <HansTheGerman> no
[08:44:45] <HansTheGerman> nm
[08:44:52] <vice-versa> ok
[08:45:03] <vice-versa> np
[08:45:20] <resmo> vice-versa: hmm what should i whitelist instead?
[08:45:30] <vice-versa> the client
[08:46:03] <resmo> the client is what? where the mail comes from?
[08:46:35] <vice-versa> yes, the ip or host name
[08:47:04] <resmo> vice-versa: so this goes to smtpd_client_restrictions...
[08:47:06] <resmo> right?
[08:48:08] <resmo> no success
[08:48:26] <vice-versa> give ya a little tip about restrictions, do them all in smtpd_recipient_restrictions
[08:48:45] <resmo> ok, that helped  :)
[08:50:03] <resmo> yeepee
[08:50:07] <resmo> vice-versa: THX
[08:50:15] <vice-versa> np
[08:53:52] *** m1n3s6 has joined #postfix
[08:54:26] <vice-versa> !tell resmo cheatsheet
[08:54:26] <knoba> resmo: -> "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[08:54:29] <vice-versa> some future reading for ya
[08:56:24] <resmo> nice
[08:56:43] <vice-versa> resmo: do you understand why whitelisting addresses is not a good idea?
[08:57:15] <resmo> yeah of course
[08:57:24] <vice-versa> ok ;)
[09:02:02] *** pitakill has quit IRC
[09:05:48] *** chadmaynard has quit IRC
[09:07:12] *** phnord has joined #postfix
[09:23:08] *** stockhol1 is now known as stockholm
[09:40:00] *** HansTheGerman has quit IRC
[09:52:32] *** internat1 is now known as Internat
[09:53:13] *** Haris1 has joined #postfix
[09:53:15] *** Slashman has quit IRC
[09:53:31] *** Slashman has joined #postfix
[09:56:43] *** war9407 has joined #postfix
[10:07:30] *** madrescher has joined #postfix
[10:11:54] *** MrNaz has quit IRC
[10:12:01] *** cmdln has quit IRC
[10:12:21] *** cmdln has joined #postfix
[10:16:04] *** amrit|wrk is now known as amrit|zzz
[10:24:56] *** ATA_Dark_Shadow has joined #postfix
[10:35:21] *** Motoko-chan has quit IRC
[10:38:35] *** HSorgYves has joined #postfix
[10:39:36] <HSorgYves> morning
[10:39:51] <vice-versa> yup
[10:40:12] <sysmonk> midday
[10:40:23] <vice-versa> yup
[10:41:05] <HSorgYves> its always morning on Internet ;-)
[10:41:06] *** shinao1 has joined #postfix
[10:41:23] <sysmonk> true.
[10:41:49] *** RoyK has joined #postfix
[10:42:06] <vice-versa> afternoon and night too
[10:43:00] <HSorgYves> i know how to change an address using sender_canonical_maps; can i do this conditionally, i.e. only if the mail is sent to a certain provider?
[10:47:13] *** MrNaz has joined #postfix
[10:51:03] *** Trengo has joined #postfix
[11:10:09] *** tjikkun_work has joined #postfix
[11:12:03] <tjikkun_work> hi, anyway to do per-domain whitelisting of sender domains/email-addresses? Googling gave me some old results saying it is not possible, but maybe things have changed?
[11:13:25] *** higuita has quit IRC
[11:13:25] *** githogori has quit IRC
[11:13:25] *** rmayorga has quit IRC
[11:13:25] *** gutocarvalho has quit IRC
[11:13:26] *** littlebird has quit IRC
[11:13:26] *** JoaoCarneiro has quit IRC
[11:13:26] *** PRAEDO has quit IRC
[11:13:26] *** mofino has quit IRC
[11:13:26] *** ponyofdeath has quit IRC
[11:13:26] *** razym has quit IRC
[11:13:32] *** maqr has quit IRC
[11:13:32] *** neonoe_ has quit IRC
[11:13:32] *** jstrom has quit IRC
[11:13:32] *** _ruben has quit IRC
[11:13:32] *** frido has quit IRC
[11:13:32] *** f3ew has quit IRC
[11:13:32] *** brd has quit IRC
[11:13:38] <vice-versa> wait for it....
[11:14:16] *** githogori has joined #postfix
[11:14:16] *** rmayorga has joined #postfix
[11:14:16] *** gutocarvalho has joined #postfix
[11:14:16] *** littlebird has joined #postfix
[11:14:16] *** brd has joined #postfix
[11:14:16] *** f3ew has joined #postfix
[11:14:16] *** higuita has joined #postfix
[11:14:16] *** _ruben has joined #postfix
[11:14:16] *** frido has joined #postfix
[11:14:16] *** maqr has joined #postfix
[11:14:16] *** PRAEDO has joined #postfix
[11:14:16] *** ponyofdeath has joined #postfix
[11:14:16] *** razym has joined #postfix
[11:14:16] *** jstrom has joined #postfix
[11:14:16] *** neonoe_ has joined #postfix
[11:14:16] *** JoaoCarneiro has joined #postfix
[11:14:16] *** mofino has joined #postfix
[11:14:31] <vice-versa> wb
[11:14:44] <tjikkun_work> i guess there was a brownout
[11:15:10] <vice-versa> tjikkun_work: you understand whitelisting addresses is not a good idea right?
[11:15:30] <tjikkun_work> i do, but i am under pressure of customers
[11:15:57] *** neonoe_ has quit IRC
[11:16:07] *** neonoe_ has joined #postfix
[11:16:11] *** grmpf has joined #postfix
[11:16:12] <vice-versa> heh, we don't need no stinking custome...oh wait
[11:17:06] * vice-versa takes the dog out for a smoke
[11:17:18] <tjikkun_work> so no answers for me? :)
[11:17:44] <tjikkun_work> and tell the dog to quit, smoking is bad for dogs
[11:18:38] *** _nalle has quit IRC
[11:20:20] *** cilly has joined #postfix
[11:22:56] <grmpf> Hi, I'm trying to find a way to make postfix bypass the content filter for recipients that match a pattern. Now if I use '/^[a-z]+(\.|-)[a-z]+ at blah dot net$/ FILTER smtp:[127.0.0.1]:10025' in the access table to route mail directly to the reinjection smtpd, I get a NOQUEUE message for incoming mails matching the pattern. Any Ideas what could be wrong?
[11:27:26] *** _nalle has joined #postfix
[11:29:51] <grmpf> nm, think I got it. Mails gets rejected after filter.
[11:30:35] *** HSorgYves has quit IRC
[11:31:12] *** Fallenou has joined #postfix
[11:35:21] *** RoyK has left #postfix
[11:37:31] *** cafuego has quit IRC
[11:44:21] *** pirho has joined #postfix
[11:51:09] *** MrNaz has quit IRC
[11:51:41] *** BuenGenio has joined #postfix
[11:53:29] *** cilly has quit IRC
[11:56:29] *** Yatmai has joined #postfix
[11:57:00] <Yatmai> Hello
[11:57:35] <Yatmai> I'm trying to configure postfix, but I can't understand his policy
[11:58:09] <Yatmai> There's two groups "trusted" and "untrusted", only trusted users can send mails everywhere
[11:58:49] <Yatmai> But trusted users are by default from same network
[11:59:41] <f3ew> !restriction_class
[11:59:42] <knoba> f3ew: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html
[11:59:48] <f3ew> @ Yatmai
[12:00:36] <tjikkun_work> f3ew: is there some page like that for whitelisting as well/
[12:00:58] <f3ew> check_mumble_access?
[12:01:05] <f3ew> See access(5)
[12:01:15] <Yatmai> is there possibility to add authenticated users to "trusted"?
[12:03:15] *** cilly has joined #postfix
[12:09:27] <tjikkun_work> i cannot find check_mumble_access anywhere on the postfix site
[12:10:16] <Yatmai> f3ew: knoba: it works:) thanks
[12:11:54] <f3ew> tjikkun_work check_sender_access, check_client_access, etc
[12:13:11] *** neonoe_ has quit IRC
[12:13:51] *** neonoe_ has joined #postfix
[12:13:56] *** Yatmai has left #postfix
[12:15:08] <tjikkun_work> f3ew: ah, sorry for having a thick skull
[12:19:41] <tjikkun_work> ah well.. i am looking for per domain whitelisting. Can't really find a way to do that with check_mumble_access
[12:20:39] *** pirho has quit IRC
[12:22:25] *** pirho has joined #postfix
[12:32:37] <f3ew> check_sender_access
[12:33:59] *** k-man__ has quit IRC
[12:35:22] *** m1n3s6 has quit IRC
[12:38:47] <grmpf> a filter question. I use check_recipient_access and reject_rbl_client for smtpd_recipient_restrictions. Now I have a FILTER action in the access table, but instead of routing the matching messages to the specified transport postfix just says 'filter triggered' and kills the message in the rbl check. Is there a way to bypass the reject_rbl_* when a filter in the access table matched?
[12:42:39] *** randra has joined #postfix
[12:44:16] *** ikaro^ has joined #postfix
[12:50:17] *** dragonheart has joined #postfix
[12:50:30] <f3ew> Add a check_client_access which says 'OK' for that IP?
[12:52:13] <grmpf> right, but then it won't go to the transport it should use.
[12:52:48] <grmpf> I use the FILTER action instead of OK to bypass the AV scan.
[12:53:16] <grmpf> and it's based on recipient, not sender IP
[12:53:28] <f3ew> so a check_recipient_access
[12:53:40] <f3ew> the FILTER actually runs _post_ smtpd
[12:53:50] <f3ew> so the right transport will be used
[12:54:31] <grmpf> really? my logs say first 'filter triggered' and then reject because of the rbl
[12:55:23] *** cafuego has joined #postfix
[12:55:32] <grmpf> 11:45:48 localhost postfix/smtpd[27262]: NOQUEUE: filter: RCPT from....Recipient address triggers FILTER....
[12:55:38] <grmpf> 11:45:48 localhost postfix/smtpd[27262]: NOQUEUE: reject: RCPT...blocked using zen.spamhaus.org
[12:55:52] *** ikaro has quit IRC
[12:56:03] *** ikaro^ is now known as ikaro
[12:56:44] <grmpf> maybe it adds the filter request for the mail and would process it post-smtpd but it does not get there because of the rbl
[12:57:30] *** lera_zed has joined #postfix
[12:57:42] <grmpf> cause I don't see any log message indicating the transport was used and the script behind that transport gets no data
[12:59:44] *** dragonheart has left #postfix
[13:03:03] *** cpm has joined #postfix
[13:06:53] *** BuenGenio_ has joined #postfix
[13:08:22] <tjikkun_work> ok, i need to be more clear, i would like to have per-recipient-domain sender whitelisting
[13:09:07] <shasta> go policy delegation
[13:14:14] *** gutterpunk has joined #postfix
[13:14:59] *** ming_zym has quit IRC
[13:15:38] <gutterpunk> Hi. I have a problem with mysql maps in postfix. I try to get the domains from a database using SELECT source from forwarder WHERE source LIKE "@%" but I need to drop the "@" when the query completes
[13:15:58] <gutterpunk> Is this possible?
[13:17:45] *** dragonheart has joined #postfix
[13:18:23] <shasta> read the mysql documentation on string functions
[13:18:27] *** amrit has joined #postfix
[13:19:13] <gutterpunk> shasta, thanks
[13:20:54] <shasta> SELECT TRIM(LEADING '@' FROM source) FROM forwarder ...
[13:20:59] <shasta> or something like that
[13:21:28] <gutterpunk> shasta, thanks! that helps a lot :)
[13:21:58] *** amrit|zzz has quit IRC
[13:22:53] <grmpf> f3ew, filter from the access table is triggered pre-queue but processing is post-queue.
[13:24:51] <f3ew> grmpf yes
[13:25:14] *** BuenGenio has quit IRC
[13:26:38] *** rimad has joined #postfix
[13:27:45] <rimad> is anyone using dk-milter?
[13:28:10] *** BuenGenio has joined #postfix
[13:31:38] <gutterpunk> shasta, when I use this query in my mysql.cf file I get "Invalid query template: SELECT TRIM(LEADING '@' FROM source) FROM forwarder WHERE source LIKE "@%"" at startup
[13:32:03] <gutterpunk> I can't use these functions in this kind of map maybe?
[13:33:07] <shasta> can you do that query in mysql command line?
[13:33:17] <grmpf> f3ew, in my case that means the filter is triggered but never processed because other restrictions kill the message.
[13:33:39] <grmpf> and there's no way to skip the rbl checks based on the filter
[13:33:41] <gutterpunk> shasta, yep, it's a working query
[13:33:48] *** BuenGenio has quit IRC
[13:34:08] *** BuenGenio has joined #postfix
[13:35:43] <f3ew> grmpf which is why you give it an OK
[13:36:44] <grmpf> I can either give it a OK or a FILTER. I need filter to get it to the right transport, so I can't give it OK
[13:37:55] *** madrescher has quit IRC
[13:38:53] <grmpf> OK would mean 3M messages that I know are spam go through clamsmtp and my server is on heavy load. FILTER should get them directly to a parser script but only the few that are not rbl'ed get through, would like to disable the rbl for those.
[13:41:41] * f3ew sighs
[13:41:53] <f3ew> you trigger the FILTER, then have the next line say OK
[13:43:03] *** randra has quit IRC
[13:44:03] *** BuenGenio has quit IRC
[13:44:23] <grmpf> postmap: warning: recipient_restrictions.db: duplicate entry...
[13:44:27] *** BuenGenio has joined #postfix
[13:44:32] *** sinus has joined #postfix
[13:44:52] <grmpf> can't add two actions for the same regex
[13:45:10] *** mazac has joined #postfix
[13:45:27] *** gutocarvalho has quit IRC
[13:46:16] <mazac> hey guys, do you know if there is any way to configure backup postfix mailserver to cache emails ? like hold already delivered emails with possibility to deliver them later on in case somwthing on the primary mailserver fucks up ?
[13:46:30] *** BuenGenio_ has quit IRC
[13:54:38] *** BuenGenio has quit IRC
[13:55:14] *** BuenGenio has joined #postfix
[13:56:09] *** MrNaz has joined #postfix
[13:56:20] *** cafuego has quit IRC
[14:01:47] <Roobarb> mazac: you probably want a replicated facility, like running a 2-node Active/Passive cluster with DRBD replicating the queue directories
[14:03:50] *** Jax has joined #postfix
[14:05:18] *** BuenGenio has quit IRC
[14:05:38] *** BuenGenio has joined #postfix
[14:06:09] <mazac> Roobarb; hmm .. not really ... i've got setup with exchange and postfix as a backup MX .. if the exchange is down, postfix holds emails nicely, but if exchange come up and somethings fucked on it, postfix just resends all the email into it and theyre lost .. so i want like emails wich went through the backup MX for last 10 days (lets say) to be kept in the backup MX with possibility of resending .. does it make sense ?
[14:06:16] *** BuenGenio has quit IRC
[14:06:36] <sysmonk> ah
[14:06:43] <sysmonk> i've understood it like Roobarb
[14:06:48] <sysmonk> but now i get it
[14:06:59] <mazac> cool :)
[14:07:03] <Roobarb> hmm, what you want sounds complicated
[14:07:08] <sysmonk> not really
[14:07:12] <sysmonk> afair there WAS an option like that
[14:07:16] * sysmonk searches for it
[14:07:21] <mazac> thanks ! :)
[14:07:23] *** BuenGenio has joined #postfix
[14:07:30] <Roobarb> (when you have a head full of cotton-wool, most thigns are compliated)
[14:07:35] <sysmonk> !dont_remove
[14:07:36] <knoba> sysmonk: "dont_remove" : a configuration parameter in the main.cf: Don't remove queue files and save them to the "saved" mail queue. This is a debugging aid. To inspect the envelope information and content of a Postfix queue file, use the postcat(1) command.
[14:07:37] <Roobarb> *sneeze*
[14:07:38] <sysmonk> vuala
[14:07:39] <sysmonk> ;)
[14:07:40] <mazac> hahaha :)
[14:08:05] <sysmonk> but you'll have to manage the '10 days' thing yourself
[14:08:05] <sysmonk> ;)
[14:08:07] <Roobarb> resending those isn't automagic though
[14:08:11] <sysmonk> yup
[14:08:31] <mazac> yeah that should be ok
[14:09:04] <mazac> postfix hasnt got a way to check the other MX if the mails were stored ok :)
[14:09:13] <mazac> afaik
[14:09:14] <sysmonk> mazac: SMTP doesn't have that.
[14:09:24] <ATA_Dark_Shadow> greetings,sry cause its a bit OT: if /etc/init.d/saslauthd would allways starts to try sasldb rather then pam as mechanism, where do i need to look other then /etc/default/saslauthd?
[14:09:26] <sysmonk> mazac: i mean, SMTP says if the server said OK then the mail was delivered. period
[14:09:33] <mazac> yeah i know
[14:09:41] <sysmonk> if it didn't then it's exchange problem
[14:09:51] <sysmonk> so exchange does say the mail were delivered.
[14:09:52] <mazac> thats the problem .. i need to keep that email even this msg was OK ..
[14:10:01] <mazac> yea yea
[14:10:02] <sysmonk> mazac: so dont_remove is the way
[14:10:17] <sysmonk> ATA_Dark_Shadow: distro specific thing
[14:10:30] <mazac> uh,
[14:10:46] <mazac> sysmonk; is it gonna just keep somewhere out of the active q ?
[14:11:04] <sysmonk> mazac: the factoid had the information
[14:11:05] <Roobarb> re-read the faqtoid
[14:11:11] <sysmonk> it DID say where the mails will be stored.
[14:11:19] <ATA_Dark_Shadow> i see, sry then, guess ill check the startscript
[14:13:00] <mazac> sysmonk; sry faqtoid ? :-/
[14:13:16] <sysmonk> mazac: !dont_remove
[14:14:07] <mazac> sysmonk; ok im gona read some documentation about it, thanks so far ;) if i have any other q ill come back to you :D
[14:14:21] <mazac> thanks guys
[14:14:36] <sysmonk> mazac: come back to me? for a fee? sure!
[14:14:51] <mazac> hahaha
[14:15:00] <sysmonk> nothing funny about that
[14:15:22] <mazac> okay ;p
[14:17:20] *** eanxgeek has joined #postfix
[14:19:17] *** phnord has quit IRC
[14:20:40] <mazac> so i just need to write a little script to manage the saved q and thats it .. thats wonderful ! :)
[14:29:57] *** MaD^MaRe` has quit IRC
[14:32:43] *** madrescher has joined #postfix
[14:33:10] <rimad> is there a difference betwen dkim and dk?
[14:33:29] *** Haris________ has joined #postfix
[14:33:29] *** Haris_ has quit IRC
[14:34:40] *** gutocarvalho has joined #postfix
[14:40:46] <alex_alex> rimad: sure the im part
[14:44:16] *** BuenGenio_ has joined #postfix
[14:45:54] *** cmdln has quit IRC
[14:48:06] *** suwro has joined #postfix
[14:48:10] <suwro> hello
[14:48:24] <rimad> alex, do i need different dns records for each standard?
[14:50:52] <suwro> I am using postfix+mailscanner - now I've compiled and installed domain key proxy. I need to sign my mail on out with dkey. Ive made all that  "HowTo" but mail is not signed.  When I put "content_filter = dksign:[127.0.0.1]:10027" all my incoming mail are signed - but not the outgoing... is there a content_filter for out mails?
[14:51:29] <xpoint> suwro, why not do dkim sign in amavisd-new 2.6.x ?
[14:51:54] <suwro> xpoint: we use mailscanner with multiple antivirus and spamassasin - it's the best this way
[14:52:07] <suwro> from pour point of view
[14:52:33] <xpoint> mailscanner and postfix :(
[14:52:35] *** Jax has quit IRC
[14:52:47] <suwro> it seems mailscanner send the mail finally - i have to sign the mail before mailscanner
[14:53:01] <suwro> some smtpd_sender_restrictions or something...
[14:53:38] <xpoint> your setup end more complicated then amavisd
[14:54:27] <suwro> xpoint: ok I'll not use amavisd. - can you help me or you wish to point a finger on me coz I'm not using your style of config?
[14:54:44] <xpoint> my postfix conf do not know what amavisd does for me and why it does :)
[14:55:48] <xpoint> suwro, i do not use mailscanner with postfix, and i see no reason to use mailscanner either
[14:56:23] <suwro> xpoint: ok - that's your point of view - i repeat - we are using several antiviruses - one is our own antivirus that we are trying to develop - amavisd is not usefull in tis case.
[14:57:15] <xpoint> i would like to know if you have seen a bit on amavisd ?
[14:57:16] <suwro> xpoint: mailscanner use spamassasin + antivirus scan in an easy config, also make the upgrade to avir. db. from sources.
[14:57:57] <xpoint> amavisd use spamassassin aswell
[14:58:09] *** madrescher has quit IRC
[14:58:12] <suwro> ok - I'll go read amavisd - ok?
[14:58:20] <xpoint> yep
[14:58:33] *** madrescher has joined #postfix
[14:58:36] <xpoint> speficaly amavisd.conf
[15:02:45] *** BuenGenio__ has joined #postfix
[15:03:42] *** BuenGenio has quit IRC
[15:07:15] *** dft has joined #postfix
[15:15:20] *** cmdln has joined #postfix
[15:15:23] <cmdln> good morning
[15:16:10] <cmdln> I am still getting server configuration errors trying to add pr user access controls
[15:18:08] <vice-versa> !obvious
[15:18:08] <vice-versa> !relevant
[15:18:09] <knoba> vice-versa: "obvious" : look for obvious signs of trouble, egrep '(warning|error|fatal|panic):' /some/log/file See: !logs factoid if you're unsure of where your mail logs are located
[15:18:10] <knoba> vice-versa: "relevant" : Please pastebin the relevant mail log excerpts for your issue. See the !logs channel factoid if you do not know where your mail logs are located. See the !pastebin channel factoid if you do not know what a pastebin is.
[15:20:16] *** sophokles has quit IRC
[15:20:29] *** BuenGenio_ has quit IRC
[15:22:12] *** sophokles has joined #postfix
[15:30:15] <cmdln> Here are the offending lines in main.cf, and the contents of my mysql querys as well as the result of the query. Also a snippet from the log that shows a warning.
[15:30:18] <cmdln> http://pastebin.com/d589d2d57
[15:32:51] <sysmonk> do they offend you?
[15:32:52] <sysmonk> ;)
[15:33:23] *** phlax has joined #postfix
[15:33:28] *** Edward123 has joined #postfix
[15:33:35] <cmdln> sysmonk: yes
[15:33:36] <cmdln> they do
[15:33:53] <cmdln> because they cause errors in my log and me to not recieve mail :)
[15:34:23] *** lera_zed has quit IRC
[15:34:47] <sysmonk> ;)
[15:34:49] <sysmonk> then fix it
[15:35:02] <cmdln> indeed
[15:35:02] <sysmonk> your #
[15:35:04] <sysmonk> mysql-virtual_insiders_only_permitted_domains.cf sucks
[15:35:11] <cmdln> why?
[15:35:17] <sysmonk> it returns email, whereas it should return an action
[15:35:33] <sysmonk> #
[15:35:47] *** Knoedel2 has quit IRC
[15:35:58] <cmdln> so it should just return localonly_permitted_domains for example
[15:35:59] <sysmonk> SELECT '%d' AS domain FROM mailserver_viewvirtualuser <- this one selects an email
[15:36:08] <cmdln> it does?
[15:36:15] <cmdln> i thought that selects the domain
[15:36:20] <cmdln> oh
[15:36:28] <cmdln> i changed that one and forgot to update it
[15:36:45] <cmdln> select '%d' as domain, 'OK' as policy
[15:37:03] <sysmonk> why do you need to select the domain?
[15:37:09] <sysmonk> you only need an answer
[15:37:10] <sysmonk> i.e. OK
[15:37:13] <cmdln> ah ok
[15:37:22] *** Knoedel2 has joined #postfix
[15:37:23] <sysmonk> select policy from xxxx where domain = '%d'
[15:37:31] *** Toerkeium has joined #postfix
[15:37:31] *** Knoedel2 has quit IRC
[15:37:37] <cmdln> the restriction class readme has me confused
[15:37:41] *** Knoedel2 has joined #postfix
[15:37:45] *** madrescher has quit IRC
[15:37:49] <cmdln> i was reading those as whats returned
[15:37:49] *** gutocarvalho_ has joined #postfix
[15:37:56] <sysmonk> cmdln: when selecting you only need the right part, in this case - OK
[15:38:04] <cmdln> ah
[15:38:06] <cmdln> i see
[15:38:14] <sysmonk> if you return something what is not a usual command, then it thinks it's a restriction class
[15:38:15] <cmdln> that will prolly get me on the righ tpath
[15:38:41] <cmdln> much appriciated
[15:38:41] *** lera_zed has joined #postfix
[15:47:24] *** lataffe has joined #postfix
[16:01:39] *** lera_zed has quit IRC
[16:02:04] *** lera_zed has joined #postfix
[16:02:48] *** gutocarvalho has quit IRC
[16:02:51] *** gutocarvalho_ has quit IRC
[16:03:46] *** lera_zed_ has joined #postfix
[16:07:09] *** pirho has quit IRC
[16:07:29] *** saurabhb has quit IRC
[16:12:18] *** ming_zym has joined #postfix
[16:14:34] *** gpled has joined #postfix
[16:14:52] <gpled> sysmonk:  wake up
[16:22:16] *** danbeck has joined #postfix
[16:22:27] *** lera_zed1 has joined #postfix
[16:23:10] *** pirho has joined #postfix
[16:26:18] *** denis_ has joined #postfix
[16:27:11] *** fofo has joined #postfix
[16:28:24] <fofo> I'm using Postfix with Amavis/Clamav/SA. What I want to do is: when an email comes to a particular mailbox it should pipe it to the stdin of a script.
[16:29:18] *** Tykling has joined #postfix
[16:29:21] <Roobarb> fofo: use a .forward file, and have "| /path/to/script" in it
[16:29:54] <Roobarb> fofo: you probably want to set forward_path = $home/.forward
[16:30:31] *** sophokles has quit IRC
[16:31:41] <fofo> I didn't know about .forward files. I'll check them out, right away :)
[16:32:03] *** lera_zed has quit IRC
[16:32:42] <lera_zed_> ehm, i am using ldap for virtual_alias_maps, however i'd like to have  virtual per domain catchall accounts, which would get domain emails , while/if_ever ldap would be down, how can i achieve this ?
[16:33:04] *** lera_zed_ is now known as lera_zed
[16:33:24] *** lera_zed1 has quit IRC
[16:34:44] <ATA_Dark_Shadow> greetings, if i want to use a mysql db to auth users which are allowed to send emails, would the "right" setting for smtpd.conf pwcheck_method: auxprop
[16:35:08] <ATA_Dark_Shadow> be or would it be pwcheck_method : pam?
[16:37:00] *** ming_zym has quit IRC
[16:40:06] *** cilly has quit IRC
[16:41:06] *** MrNaz has quit IRC
[16:42:34] *** seekwill has joined #postfix
[16:45:50] *** Ernest0x has joined #postfix
[16:46:03] <Ernest0x> hello
[16:48:19] <Ernest0x> is there any configuration parameter equivalent to smtpd_sender_restrictions but for local users (feeded through pickup)?
[16:49:56] <zaarg> yu
[16:52:38] <Ernest0x> I mean how can I apply restrictions to mail sended from local users?
[16:52:46] *** tombar has joined #postfix
[16:53:47] <Ernest0x> sent*
[17:00:26] <mofino> so is there any way to prevent sendmail from using transport_maps first
[17:00:28] <Roobarb> !authorized_submit_users
[17:00:29] <knoba> Roobarb: Error: "authorized_submit_users" is not a valid command.
[17:00:48] <Roobarb> http://www.postfix.org/postconf.5.html#authorized_submit_users
[17:01:03] <Roobarb> or is that not what you mean Ernest0x ?
[17:01:29] <gpled> ATA_Dark_Shadow:  thinking you would use something like check_sender_access in main.cf
[17:01:46] *** lera_zed has quit IRC
[17:02:16] *** lera_zed has joined #postfix
[17:04:10] <gpled> mofino: what are you trying to do?
[17:05:21] <Ernest0x> Roobarb, I want something more flexible
[17:05:33] <Ernest0x> not just restrict from sending
[17:05:55] <mofino> gpled, get postfix to use virtual when using sendmail
[17:06:00] <mofino> currently it only uses transport_maps
[17:06:02] <Ernest0x> but restrict from sending to specific destionations for example
[17:06:05] <mofino> and this plain out, does not work
[17:06:44] <mofino> i'd like to use both, but in the same order as smtpd does the lookups (virtual first, then transport later)
[17:07:39] <f3ew> smtpd does not use transport_maps
[17:07:45] <mofino> right
[17:07:50] <mofino> well either way, sendmail does
[17:08:01] <mofino> and it's extremely painful
[17:09:12] <mofino> postfix does no virtual lookups when a message is dropped in
[17:09:28] <mofino> at least not when a transport map is present
[17:11:37] <mofino> should i be using something like address_verify_default_transport?
[17:11:44] <mofino> i dont think so... but
[17:12:37] <Ernest0x> Roobarb, what I want can be seen as what 'check_sender_access' and 'check_recipient_access' restrictions do for mails passing through smtpd, but for mails sent by local users through pickup
[17:12:54] <mofino> actually, i'm stupid
[17:13:17] <mofino> if the user isn't listed in the transport_maps, it should go to the "default"
[17:13:37] <mofino> i'll try it...
[17:18:17] <ATA_Dark_Shadow> gpled sry, i guess i miswrote what i want, i need a smtp auth through a database of users, i've read a few howtos about it, saslfinger -s shows me plain and login as mechs; testsaslauth works , but a remote mail-client cannot login, thats y i asked
[17:22:02] <gpled> mofino: i dont due virtual hosting, but this might help: http://www.postfix.org/postconf.5.html#virtual_transport
[17:22:11] *** BuenGenio__ has quit IRC
[17:22:13] <mofino> it doesn't, but thanks
[17:22:37] <mofino> it's a good idea, but i need transport_maps for custom handling of certain accounts
[17:23:01] <mofino> my issue is that sendmail does not follow the same logical flow as smtpd
[17:23:17] <gpled> mofino: think you need to pastebin your setup
[17:23:47] <gpled> when you say sendmail, are you talking about postfix?
[17:23:47] <mofino> nah
[17:23:50] <mofino> i'm testing right now
[17:23:52] <gpled> !sendmail
[17:23:52] <knoba> gpled: "sendmail" : a pretty cryptic MTA that was famous in the ancient days of UNIX and still runs on a lot of mail servers. Don't confuse it with the "sendmail" command that is offered by Postfix to send emails (for compatibility reasons).
[17:23:54] <mofino> of course i am
[17:23:59] <mofino> i'm in #postfix
[17:24:15] <mofino> sendmail implies the sendmail(1) wrapper
[17:24:23] <mofino> i shouldn't have to be so specific
[17:24:29] <gpled> knoba: thanks :)
[17:28:05] *** Thorn has joined #postfix
[17:30:22] <mofino> yeah that works.
[17:30:49] <mofino> specifying the full email instead of the domain or * in transport_maps works
[17:31:08] <mofino> sendmail ends up checking virtual
[17:31:25] <mofino> but alas, it still checks transport first, which is strange
[17:31:56] *** suwro has left #postfix
[17:36:26] *** MrNaz has joined #postfix
[17:40:21] *** tjikkun_work has quit IRC
[17:40:45] <fofo> Can I use .forward files if my mailboxes are of the: /var/mail/$user fashion?
[17:41:00] <mofino> in $HOME
[17:41:11] <mofino> (i think)
[17:41:25] <mofino> eg, /home/user/.forward
[17:41:49] <fofo> i'll try it
[17:41:57] <gpled> fofo: i think .forward is for local users.
[17:42:43] <mofino> yeah, i think it only applies to the local transport
[17:42:50] <mofino> (which is nuts in itself)
[17:45:45] <f3ew> why?
[17:48:14] <mofino> I do not like the way local is setup, it has ALL the features
[17:48:23] <mofino> forces you to operate within it's constraints
[17:48:24] *** art1st has joined #postfix
[17:48:32] <mofino> if yo uwant those features
[17:48:47] <art1st> hello. i am trying to get postfix going, but it will complain about no authentication mechanisms available
[17:48:56] *** Jax has joined #postfix
[17:49:01] <mofino> virtual / local should be identical, only the lookups should differ
[17:49:36] *** cilly has joined #postfix
[17:50:00] <gpled> art1st: did you install postfix from source?
[17:50:14] <mofino> f3ew, tcp_tables looks neat, going to try that
[17:50:33] *** felix-da-catz has joined #postfix
[17:51:26] *** gutterpunk has quit IRC
[17:54:04] *** eanxgeek has quit IRC
[17:54:18] <mofino> f3ew, or not, it's incomplete.
[17:54:26] <phlax> hi - postfix seems to pass usernames as user@domain when doing sasl authentication - how do i get it to auth with only 'user'
[17:54:45] <mofino> phlax, change your auth backend to handle that, or ask your client to send only 'user'
[17:55:38] <phlax> mofino: the client is netcat, the auth backend is saslauthd - it seems as though postfix is passing the user@domain to saslauthd
[17:56:26] <mofino> that doesn't add up
[17:56:33] <mofino> how does postfix know the domain of the user?
[17:56:47] <mofino> i suppose there may be a way of forcing one if none is specified
[17:56:54] <mofino> if that's an option, remove it
[17:56:58] <phlax> mofino: it is passing myhostname
[17:58:24] <mofino> append_dot_mydomain = no, maybe
[17:58:26] <mofino> i'm not sure.
[17:58:28] *** eanxgeek has joined #postfix
[17:58:56] <phlax> mofino: ive sussed it - it was actually passing #$myhostname - the hash was not commenting it out
[17:59:12] *** F6F has joined #postfix
[17:59:16] <mofino> yeah, i have no idea what your doing there.
[17:59:28] <art1st> gpled: no i did not install it from source. i am on ubuntu
[18:02:57] *** Thorn has quit IRC
[18:03:34] *** Thorn has joined #postfix
[18:03:41] *** hparker has joined #postfix
[18:04:32] *** conzor has joined #postfix
[18:06:06] <conzor> I ant get a connection on port 25
[18:06:27] <mofino> telnet hostname 25, verify
[18:06:38] <conzor> yes
[18:06:44] <mofino> connection refused?
[18:06:46] <conzor> just hangs
[18:07:02] <mofino> hangs is potential firewall / packet discard
[18:07:02] <conzor> set inet_interfaces = all
[18:07:17] <mofino> if it's not running you WILL get connection refused
[18:07:36] <mofino> on the server, telnet publicip 25
[18:07:48] <conzor> pastfix status is ok
[18:07:49] <mofino> unless you have local packet filtering...
[18:08:20] <conzor> firewall clear .. same thing
[18:08:35] <mofino> did you test fro mthe server itself?
[18:09:15] <conzor> if i telnet on the server to localhost its works
[18:09:29] <mofino> then this isn't a postfix problem
[18:09:39] <mofino> netstat -lnp |grep :25
[18:09:50] <mofino> if it's listening on 0.0.0.0, check your firewall
[18:10:03] <conzor> tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      29397/master
[18:10:04] <conzor> tcp        0      0 :::25                   :::*                    LISTEN      29397/master
[18:10:08] <mofino> dont paste
[18:10:15] <mofino> a simple yes or no is sufficient
[18:10:27] <conzor> sorry
[18:11:05] <conzor> yes
[18:11:07] <mofino> ;)
[18:11:16] <mofino> it's your firewall / router / whatever
[18:12:10] <conzor> I clear the fire wall and still the same problem
[18:12:40] <mofino> you're on your own
[18:12:54] <conzor> thank anyway
[18:12:58] <mofino> no problem
[18:13:08] *** cilly has quit IRC
[18:14:38] *** neuro_damage has joined #postfix
[18:15:47] <neuro_damage> can anyone tell me what's wrong with my email server when I'ma ble to connect to it on port 25 but it's not able to receive mail?
[18:16:02] <gpled> art1st: was thinking maybe you did not have authentication mechanisms installed.
[18:16:12] <neuro_damage> ie. gmail server can't connect and doesn't show in logs as far as a connection of any kind...and then the email is returned saying it's no good
[18:16:43] <mofino> neuro_damage, need more information
[18:16:47] *** lera_zed has quit IRC
[18:16:50] <neuro_damage> heh...me too :)
[18:17:26] *** _mXr is now known as mXr
[18:17:54] <gpled> neuro_damage: what is the domain name for this server?
[18:18:05] *** Jax has quit IRC
[18:18:16] <neuro_damage> sahilcooner.com
[18:18:27] <neuro_damage> test for yourself, it has TLS and SASL enabled...SASL auth works just fine.
[18:18:31] *** dryrot has joined #postfix
[18:18:57] <dryrot> How would I purge all email in the queue to a specific user ?
[18:19:06] <mofino> dryrot, with great pain
[18:19:14] <lunaphyte_> write a script.
[18:19:19] *** ren0r has joined #postfix
[18:19:21] <gpled> Host mail.sahilcooner.com not found: 3(NXDOMAIN)
[18:19:31] <mofino> dryrot, either parse mailq, or parse results from mailq + postcat
[18:19:44] <gpled> neuro_damage: dig sahilcooner.com mx
[18:19:51] <mofino> gpled, haha
[18:19:59] <gpled> dig says mail.sahilcooner.com
[18:20:12] <mofino> neuro_damage, next time, TEST
[18:20:21] <gpled> but mail.sahilcooner.com  does not seem to exist
[18:20:24] <mofino> why are people so afraid of testing
[18:20:39] <mofino> you mean, i can send an email to myself?!? BUT HOW?
[18:20:40] <neuro_damage> huh...well I mean you can connect to sahilcooner.com and not to mail.sahilcooner.com?
[18:20:43] <lunaphyte_> ill founded fear of failure.
[18:20:57] <lunaphyte_> they want to "do it right the first time".
[18:21:01] <mofino> neuro_damage, please understand how DNS works.
[18:21:02] <gpled> neuro_damage: your connecting local?
[18:21:09] <neuro_damage> nope
[18:21:13] <mofino> gpled, he said gmail
[18:21:18] <neuro_damage> it's a remote VPS, they have a mail.sahilcooner.com record for me...huh
[18:21:36] <mofino> neuro_damage, well they don't, this is the FIRST THING you examine
[18:21:42] <neuro_damage> I mean they should be able to get email sent to someone at sahilcooner dot com
[18:21:52] <mofino> neuro_damage, how exactly?
[18:21:56] <gpled> neuro_damage: the outside does not work, because of you dns issue with mail.sahilcooner.com
[18:22:08] <neuro_damage> huh those bastards
[18:22:35] <mofino> neuro_damage, if you're the mail admin, you've been put on probation
[18:23:03] <gpled> neuro_damage: looks like sahilcooner.com works, but your telling the world to use mail.sahilcooner.com
[18:23:18] <mofino> CNAME > MX > A
[18:23:29] <gpled> cname :(
[18:23:31] <neuro_damage> huh...they said to use mail.sahilcooner.com I guess in the future that's weird, cause you can't connect to mail.sahilcooner.com, huh
[18:23:34] <mofino> of course CNAME on a root domain is pure and absolute brokenness
[18:23:42] <neuro_damage> heh
[18:23:56] * gpled kicks cname
[18:24:11] <neuro_damage> heh
[18:24:20] <neuro_damage> well you know its' funny because mail.sahilcooner.com doesn't work either to send mail to ?
[18:24:32] <mofino> holy shit dude
[18:24:39] <mofino> do you have any idea how DNS works?
[18:25:20] <gpled> neuro_damage: who does your dns?
[18:25:37] <neuro_damage> well yeah...but I mean I have an MX record at mail.sahilcooner.com
[18:25:44] <neuro_damage> and then my A record for sahilcooner.com
[18:25:52] <neuro_damage> but dig doesn't show that when I dig sahilcooner.com
[18:25:55] <mofino> you are completely daft
[18:25:56] <lunaphyte_> uh, no you don't
[18:26:06] *** grmpf has left #postfix
[18:26:11] <mofino> lrn2dns
[18:26:27] <lunaphyte_> neuro_damage: how old are you?
[18:26:33] *** chadmaynard has joined #postfix
[18:26:34] <neuro_damage> heh...well let me look at what they've done, there should be an MX record as well as an A record
[18:26:47] <cpm> dig sahilcooner.com IN MX works for me.
[18:27:05] <cpm> sahilcooner.com.        600     IN      MX      10 mail.sahilcooner.com.
[18:27:23] <mofino> cpm, mail. has no A record.
[18:27:23] <neuro_damage> http://pastebin.com/d69c81a55
[18:27:33] <neuro_damage> didn't show it, no I understand these concepts, heh.
[18:27:33] <cpm> mofino, ah.
[18:27:35] <neuro_damage> and i'm 24
[18:27:37] <cpm> that's a mistake.
[18:27:42] <mofino> cpm, sure is.
[18:27:46] *** HSorgYves has joined #postfix
[18:27:46] <neuro_damage> heh...well yeah.
[18:27:51] <HSorgYves> morning
[18:27:53] <mofino> neuro_damage, none of this changes your lack of understanding of DNS
[18:28:03] <mofino> FIX mail. ALREADY
[18:28:10] <neuro_damage> what do you think I'm not understanding?
[18:28:16] <neuro_damage> well yeah I'm on it...now.
[18:29:05] <gpled> neuro_damage: just get that record for you mail.sahilcooner.com and you should be ok
[18:29:22] <mofino> neuro_damage, and i think you do not understand the whole thing
[18:29:42] <mofino> if you did, you wouldn't  be here
[18:30:40] <neuro_damage> well explain then what you think I don't understand.
[18:30:55] <mofino> there is no need
[18:30:58] <mofino> it's obvious
[18:31:00] <neuro_damage> cause my dig didn't show any MX records for that?
[18:31:02] <mofino> scroll up
[18:31:11] <mofino> ....
[18:31:11] *** VaNNi has quit IRC
[18:31:17] <ren0r> hi everybody. i'm quite sure you guys know what my problem is. i get an "relay access denied" with my workaround.org-howto-mailserver. mynetworks is set to 127.0.0.0/8 . what can i do to fix the problem?
[18:31:23] <mofino> perhaps you need to hit yourself in the head with a frying pan
[18:31:28] <neuro_damage> scroll up to which part?
[18:31:49] <mofino> neuro_damage, just fix mail. and move on
[18:32:21] <neuro_damage> I did that already...changed the postfix hostname to mail.sahilcooner.com, instead of sahilcooner.com
[18:32:27] <mofino> hahaha
[18:32:31] <mofino> holy mother of hell
[18:32:47] <mofino> sorry dude, but that's bad
[18:32:56] <mofino> you need to learn DNS ASAP
[18:33:18] <neuro_damage> ok well it'd be connecting by IP the MX record just forwards to the server with the correct IP right?
[18:33:33] <mofino> you keep asking the same daft questions over and over
[18:34:00] <neuro_damage> yeah and I keep getting the same response about how daft it is with no clarification?
[18:34:08] <neuro_damage> what do you think I don't understand here?
[18:34:15] <mofino> it's been clarified multiple times
[18:34:20] <mofino> you simple do not understand the technology
[18:34:23] <mofino> simply
[18:35:29] <mofino> neuro_damage, to break it down even more, this is NOT a postfix configuration problem
[18:35:31] <neuro_damage> well I understand the concepts what's the issue though? I mean my dig isn't showing what you guys are seeing clearly as I've paste that earlier
[18:35:37] <mofino> no you do not
[18:35:38] <neuro_damage> mofino, I know that...now
[18:35:45] <mofino> if you did, you would quickly fix mail.
[18:35:58] <neuro_damage> well I'm not in control of the DNS over there.
[18:36:06] <mofino> it doesn't matter
[18:36:07] <neuro_damage> all I can do is put in a help desk ticket
[18:36:16] <mofino> you don't understand how the internet operates with names for email purposes
[18:36:16] <neuro_damage> which I've done so that it knows what mail.sahilcooner.com is
[18:36:26] <neuro_damage> or rather has a mail.
[18:36:34] <mofino> again, you don't get it... please stop
[18:37:09] *** weedar has joined #postfix
[18:37:19] <mofino> for your sanity, mail. REQUIRES an A RECORD
[18:37:24] <mofino> "A" record
[18:37:41] <neuro_damage> right...I only have the sahilcooner.com A record, no A record for mail
[18:37:57] <mofino> so therefore?
[18:38:17] <neuro_damage> I can put in a request with them to give me an A record for mail.
[18:38:24] <mofino> wonderful
[18:38:42] <neuro_damage> lol...but that's what I'm saying I've done that about 100 lines ago when someone mentioned that there was no record for it
[18:38:52] *** Edward123 has quit IRC
[18:38:53] <mofino> but you kept getting confused
[18:38:55] <neuro_damage> plus I was also curious why I wasn't showing an MX record via my dig
[18:38:59] <mofino> and talking about unrelated items
[18:39:16] <mofino> you didn't need to talk about anything else after that statement, because that was the solution
[18:39:17] <neuro_damage> well I mean that was the part that was confusing, why I couldn't see any MX records via a dig
[18:39:23] <neuro_damage> ok, thanks.
[18:39:32] <mofino> MX requires an A record
[18:39:37] <neuro_damage> right...
[18:39:44] <mofino> MX -> hostname with valid A record
[18:39:45] <neuro_damage> thanks again...sorry I was confusing, I haven't slept in days
[18:39:49] <neuro_damage> 2 days rather.
[18:39:50] <mofino> it's alright
[18:39:59] <mofino> i wasn't confused ;)
[18:40:04] <neuro_damage> that was really stupid of them, seriously
[18:40:09] <mofino> sure!
[18:40:10] <gpled> neuro_damage: if you use just dig <domain.name>  your not always sure what you will get.  if you say dig <domain.name> <type>  in this case type MX, you know what you will get
[18:40:20] <mofino> neuro_damage, try host -t mx domain
[18:40:33] <mofino> neuro_damage, it  will lookup the A record for you, if it doesn't, it's broken
[18:40:45] <mofino> actually, nevermind, i'm daft
[18:40:59] <mofino> 'host' doesn't do that
[18:40:59] <neuro_damage> well specifying MX at the end worked and showed the MX records
[18:41:10] <neuro_damage> no it doesn't
[18:41:20] <gpled> neuro_damage: dig takes some getting used to
[18:41:32] <neuro_damage> it says my mail is handled by mail.sahilcooner.com heh, that's awesome, I ove these guys seriously
[18:41:51] <neuro_damage> yeah I don't do too many DNS queries/lookups
[18:41:56] <mofino> start
[18:42:03] <mofino> you need to learns it
[18:42:32] *** xpoint has quit IRC
[18:42:49] <gpled> neuro_damage: i can understand there mistake.  mail.  is kind of the customary way to do it
[18:43:00] <mofino> i can't
[18:43:05] <mofino> you don't delete the A record of the MX
[18:43:19] *** pitakill has joined #postfix
[18:43:37] <mofino> unless you are planning on using the A record of the root, then you must delete the MX as well
[18:44:05] *** ren0r has left #postfix
[18:47:35] *** ziro has joined #postfix
[18:47:44] *** VaNNi has joined #postfix
[18:48:18] *** conzor has quit IRC
[18:52:02] *** conzor has joined #postfix
[18:56:23] <HSorgYves> is there a way to use sender policy framework (srs) or return path rewriting (rpr) in postfix on debian?
[18:56:26] <gpled> would postfix ever have an effect on using telnet ?
[18:57:04] <gpled> spf yes
[18:57:28] <HSorgYves> gpled: not spf, srs or rpr
[18:57:55] <HSorgYves> upps, srs = sender rewrite scheme
[18:58:01] <gpled> !srs
[18:58:02] <knoba> gpled: Error: "srs" is not a valid command.
[18:58:20] <gpled> my bad
[18:58:35] <HSorgYves> no mine, wrote the wrong one
[18:59:42] <mofino> gpled, an effect on telnet?
[18:59:55] <seekwill> telnet?
[19:00:04] <gpled> just yes or no
[19:00:15] <mofino> short answer is no
[19:00:19] <gpled> thanks
[19:00:31] <mofino> but it really depends
[19:00:40] <gpled> have one site that works strange.  not my system
[19:00:46] <mofino> telnet isn't exactly the same thing as smtp
[19:00:59] <gpled> i can telnet <ip> 80
[19:01:11] <gpled> but not telnet <ip> 25
[19:01:16] <gpled> from my mta
[19:01:27] <seekwill> service postfix start
[19:01:28] <mofino> what does not entail?
[19:01:29] <gpled> but i can from windows boxes, and from some system on the out side
[19:02:03] <mofino> HSorgYves, google
[19:02:33] *** neuro_damage has quit IRC
[19:02:46] <HSorgYves> mofino: don't you think i did?
[19:03:00] <mofino> HSorgYves, most people dont
[19:03:44] <HSorgYves> mofino: i found something with a patch but that is not an option on a production server
[19:04:23] *** MrNaz has quit IRC
[19:04:45] *** rob0 has joined #postfix
[19:04:54] <mofino> HSorgYves, yeah sounds awful
[19:05:07] <mofino> i mean, it's fine, but yeah, not ideal for production
[19:05:32] *** MrNaz has joined #postfix
[19:05:35] *** Knoedel2 has quit IRC
[19:07:45] *** art1st has quit IRC
[19:07:56] *** HSorgYves has quit IRC
[19:08:03] *** conzor has quit IRC
[19:08:19] *** sinus has left #postfix
[19:14:13] *** maddevil has joined #postfix
[19:14:54] *** eanxgeek has left #postfix
[19:15:19] *** Jax has joined #postfix
[19:15:32] *** marek_ has joined #postfix
[19:17:29] *** Hein has joined #postfix
[19:17:35] *** havvg has joined #postfix
[19:18:17] <marek_> did any one have problem's setting up postfix on suse 11
[19:18:23] <maddevil> someone can help me in german??
[19:19:21] *** amrit is now known as amrit|wrk
[19:19:29] *** marek_ has quit IRC
[19:19:56] *** Zeit|awy_ has joined #postfix
[19:20:00] *** growltiger_ has quit IRC
[19:20:02] *** Severed_Head_Of_ has joined #postfix
[19:22:52] *** marek_ has joined #postfix
[19:23:15] <cos> pointer to a good tutorial on using procmail as the local delivery agent?
[19:23:23] <cmdln> sysmonk: I forgot to tell you that did fix my issue, thanks for the pointers.
[19:24:00] *** marek_ is now known as conzor9732
[19:24:13] <mofino> cos, from my experience, i don't know anyone uses pipe to deliver
[19:25:09] <cos> mofino: I don't understand that sentence ?
[19:25:23] <mofino> cos, procmail uses postfix's pipe system
[19:25:30] <mofino> and it's positively brutal, from my experience
[19:25:48] *** madrescher has joined #postfix
[19:26:01] *** Zeit|awy has quit IRC
[19:26:15] <mofino> exit codes are completely broken, everything is perm error, shutting down postfix while pipes are in motion results in dupes
[19:26:22] <cos> oh, but I'm still not sure I get what you're saying.  by default procmail does not *use* anything from postfix.  it depends on how you configure postfix to use procmail.
[19:26:31] <mofino> sure
[19:26:40] <mofino> but pipe in postfix is ill-conceived
[19:26:44] <cos> are you talking about configuring postfix to use procmail as its local delivery agent, instead of local?
[19:26:49] <mofino> yes
[19:26:54] <mofino> if that's what you want
[19:26:58] <cos> I want to learn about it.
[19:27:28] <mofino> i believe there are wrapper scripts to handle some of the problems
[19:28:27] <cos> okay.  you're way ahead of where I'm asking, though.  I want an intro/tutorial to using procmail as the local delivery agent.  how to configure it, what to watch for, what the issues are, etc.  do you know of such a document?
[19:28:27] *** conzor9732 has quit IRC
[19:28:37] <mofino> no i don't
[19:28:52] <mofino> basically you deliver to a new transport
[19:29:12] <mofino> the pitfalls are the exit codes and stopping of postfix
[19:30:37] <mofino> (so far)
[19:30:44] <mofino> aside from that, it's great
[19:31:42] <mofino> the exit codes issue is serious, any code that isn't handled specifically by postfix is treated as a perm error
[19:31:48] <mofino> which is most certainly not what you want
[19:32:11] <mofino> this requires a wrapper to prevent lost email in the event of a mishap
[19:32:27] *** pirho has quit IRC
[19:32:52] *** MrNaz has quit IRC
[19:32:52] <mofino> in practical reality, all exit codes should be treated as defer, and only ONE should issue a perm
[19:33:09] <mofino> 0 of course will always be success.
[19:33:14] <cos> hmmm.  where is this documented?
[19:33:35] <mofino> http://www.postfix.org/pipe.8.html
[19:33:39] <mofino> they won't say this
[19:33:43] <mofino> but this is how it is
[19:34:02] *** Ryushin has joined #postfix
[19:34:54] <mofino> also the issue of dupes... which is sort've handled by catching sigpipe on bigger messages, or aborting when the parent pid becomes 1
[19:35:11] <mofino> of course on small messages, sigpipe is useless due to buffering
[19:38:50] *** fofo has quit IRC
[19:40:35] *** githogori has quit IRC
[19:40:42] *** loconut has joined #postfix
[19:42:00] <cos> thank you
[19:42:06] <loconut> hello- I've got a box that does virtual maps with mysql, and the mysql server used to be on the same machine but now is on another one in the same rack with a direct crossover connection. The problem im having is postfix seems to lose track of the mysql and start reporting a configuration problem, even though cyrus on the same box stays happy. I have to restart postfix regularly to keep my mail flowing. any thoughts?
[19:43:03] *** LordDicranius has joined #postfix
[19:43:21] *** ziro has quit IRC
[19:45:53] <higuita> you probably forgot to change somewhere the IP of the mysql database
[19:45:59] <cos> so, my basic problem is on one server where the vast majority of messages are going to procmail which delivers it to a script.  box has spare CPU and spare memory, and postfix is not keeping up with incoming mail.
[19:46:16] <cos> so I'm looking for strategies to speed up the throughput from active queue to procmail script.
[19:46:30] <LordDicranius> I"m having issues logging into a mailbox via squirrelmail.  I'm able to log into a few others, it's only this one.  I get an error stating "ERROR: Connection dropped by IMAP server."  anybody know where I could start the troubleshooting? :-)
[19:46:30] <higuita> recheck the config, the logs, postconf -n and the datafiles
[19:46:56] <higuita> cos: local_destination_concurrency_limit = 2
[19:47:02] <lunaphyte_> LordDicranius: you're using postfix for imap?
[19:47:10] <mofino> cos, may be a resource problem
[19:47:33] <higuita> increase this, it will probably increase the rate you deliver to procmail... but a warning, local delivery usually is IO bond, not cpu bound
[19:47:36] <LordDicranius> lunaphyte_: yes, I'm using postfix for imap
[19:47:51] <higuita> LordDicranius: lol
[19:48:01] <higuita> postfix dont do IMAP, just SMTP
[19:48:07] *** Zelest has quit IRC
[19:48:09] <lunaphyte_> LordDicranius: are you sure?  ;)
[19:48:12] <higuita> dont confuse the 2 protocols
[19:48:16] <cos> mofino: may be.  but from what I can see, I could invoke that script at a higher rate than postfix does.
[19:48:30] <mofino> cos, perhaps you need to increase the limits on postfix
[19:48:41] <mofino> you may want to watch the system as it moves, maybe with vmstat 1
[19:48:43] <lunaphyte_> well, to be fair, postfix also does lmtp.
[19:48:58] <LordDicranius> nope, not sure
[19:49:08] <LordDicranius> haven't done much work with this system, still trying to learn it all
[19:49:13] <higuita> and uucp (? not sure about this one)
[19:49:26] <LordDicranius> sendmail is the imap portion?
[19:49:43] <higuita> not, sendmail is also a smtp server, the one that postfix replaces
[19:49:50] <higuita> replaces/fake
[19:50:06] <higuita> do netstat -tuapn |grep 143
[19:50:08] <higuita> as root
[19:50:16] *** ATA_Dark_Shadow has quit IRC
[19:50:58] <higuita> and watch what process is responding to the imap port (143, or 993 if imaps, imap+ssl)
[19:51:14] <LordDicranius> imapd
[19:51:23] *** Haris________ is now known as Haris
[19:51:39] <LordDicranius> at the very top of the list there was one instance of couriertcpd
[19:52:18] *** Zelest has joined #postfix
[19:53:04] <higuita> then is probably courier that is doing the imap
[19:53:06] *** shinao1 has quit IRC
[19:54:02] <LordDicranius> the couriertcpd line doesn't show any source/destination ip's, and shows as "listen"
[19:54:19] <LordDicranius> all the others (imapd) actually show ip's and "established"
[19:54:22] <mofino> wooo postfix is READY
[19:54:29] * mofino turns it live soon
[19:55:25] *** dryrot has left #postfix
[19:55:59] <loconut> so, any suggestions on why my postfix stops talking to my mysql (which never went/goes down) even though cyrus and postgrey are happy?
[19:57:10] <mofino> nope
[19:57:15] <mofino> postfix works
[19:57:15] <lunaphyte_> sure.  define "stops talking", and show some logs.
[19:58:52] <loconut> lunaphyte_: i've been looking for logs that show anything worthwhile. what's weird is it seems to accept mail via fetchmail on the localhost to a mysql based mailbox map, but outside mail quits coming. who knows, maybe its just my sqlgrey thats freaking out.
[19:59:09] <maddevil> someone can help me in german??
[19:59:10] *** pirho has joined #postfix
[20:01:27] *** Ryushin has quit IRC
[20:01:28] *** growltiger has joined #postfix
[20:02:57] <stockholm> maddevil: i speak german
[20:03:01] *** cilly has joined #postfix
[20:04:30] <gpled> wundervoll
[20:05:37] *** Zeit|awy has joined #postfix
[20:07:33] <maddevil> stockholm kannst du mir helfen vielleicht
[20:07:58] <maddevil> mein englidvh ist leider nicht so gut zum unterhalten :(
[20:08:11] <maddevil> englisch
[20:08:57] <cpm> I liked englidvh better
[20:09:12] <stockholm> vielleicht :-)
[20:09:58] <Ernest0x> how can I apply restrictions in respect to "MAIL FROM:" for mails sent by local users?
[20:11:26] *** Zeit|awy_ has quit IRC
[20:15:24] *** Severed_Head_Of_ has quit IRC
[20:17:11] <gpled> http://translate.google.com/translate_t#
[20:18:14] 
[20:19:14] <gpled> Deutsch nicht aussehen wie viel Englisch.
[20:19:38] *** githogori has joined #postfix
[20:25:44] <cmdln> does postfix cache results from mysql lookups in smtpd restrictions?
[20:26:17] *** loconut has quit IRC
[20:28:51] *** chadmaynard has quit IRC
[20:30:37] *** Haris1 has quit IRC
[20:31:04] *** LordDicranius has quit IRC
[20:31:18] *** cilly has quit IRC
[20:40:30] *** weedar has quit IRC
[20:42:23] *** Jax has quit IRC
[20:47:35] <higuita> Ernest0x: if local users, you say mail command... you probably cant... if you are talking about smtp to localhost, you can enable sasl and enforce it
[20:49:29] *** shayarnett has joined #postfix
[20:50:20] *** Christofer has joined #postfix
[20:50:33] *** cichlid02 has joined #postfix
[20:50:36] *** danbeck has quit IRC
[20:51:03] <shayarnett> i'm in need of a simple solution to forward catch-all email for a handful of domains to gmail accounts
[20:53:17] <higuita> shayarnett: use the virtual maps, @domain spam at gmail dot com
[20:53:30] <Christofer> i am new to postfix, i try to telnet localhost 110 and i write user and my mail, and when i typ pass and my pass i get respond -ERR Authentication failed. i use postfixadmin to add users. what can the problem be?
[20:53:36] <higuita> of course, all valid emails should come before that
[20:53:51] <rob0> !pop3
[20:53:51] <knoba> rob0: "pop3" : POP3 is an application layer Internet protocol that allows a client (MUA) to access email on a remote server (see: http://en.wikipedia.org/wiki/Post_Office_Protocol ). Postfix does not provide POP3 (or IMAP) service; see !courier or !dovecot for common IMAP/POP3 choices.
[20:53:53] <shayarnett> higuita: thats what i was doing previously... should have been more specific
[20:54:17] <rob0> Christofer, IRC as root is not a good idea.
[20:54:26] <shayarnett> i'm running on a vps and resources are precious :) so i'm looking for solution with a smaller footprint than exim or postfix
[20:54:30] <Christofer> no i know not my pc
[20:54:46] *** Christofer has quit IRC
[20:54:48] <higuita> i DO NOT recommend ANY catch-all emails, they are just spam receivers, a waste of resources for you and for the internet
[20:55:04] <higuita> just reject all invalid emails and let it die
[20:56:01] <shayarnett> higuita: that sounds like a better solution
[20:56:32] <higuita> :)
[20:57:11] <shayarnett> higuita: got any links or pointers for performance/resource tuning ?
[20:57:50] <higuita> depends on what limit are you hitting right now
[20:58:45] <higuita> but as a rule, reject the soon as possible... reject invalid domains, invalid recipients, invalid senders, bad helos, RBL
[20:59:00] <shayarnett> higuita: usually memory limitations because of the amount daemons(??) that postfix starts.. but sometimes process and open file limitations
[20:59:07] <higuita> if you can, greylist will also help
[20:59:54] <higuita> that much? are you sending spam? :)
[21:00:25] <shayarnett> no but recieve a boatload
[21:00:31] <shayarnett> most of it correctly addressed :(
[21:00:56] <shayarnett> not so savvy users signing up for loads of stuff (aka parents)
[21:01:30] <higuita> are you sure that you are not a open relay or something? have you setup SPF to avoid other to abuse your domain (and so you getting the bounces)
[21:02:03] <shayarnett> higuita: not open relay
[21:02:21] <shayarnett> i did check that
[21:02:54] <shayarnett> any ground up walkthroughs posted online somewhere?
[21:03:53] *** xpoint has joined #postfix
[21:04:26] <seekwill> Time to outsource your mail to MessageLabs!
[21:05:35] *** adnc has joined #postfix
[21:06:05] <shayarnett> seekwill: i have looked at a few of those services :)
[21:06:31] <shayarnett> hate to waste the money on forwarding directly to gmail though :(
[21:06:37] <seekwill> I'm only mentioning them because of a certain event that has recently taken plce
[21:06:50] <shayarnett> ?
[21:07:03] <seekwill> Keep up with the news!
[21:07:58] <sysmonk> seekwill: s/messagelabs/sysmonk/
[21:08:17] <sysmonk> seekwill: btw, what event?
[21:08:19] * sysmonk doesn't read news
[21:08:22] <seekwill> :(
[21:08:35] <seekwill> Google News -> MessageLabs
[21:08:36] <seekwill> :P
[21:08:36] <sysmonk> no time for news :(
[21:08:45] <seekwill> No time for news? No time for customers!
[21:08:55] *** cilly has joined #postfix
[21:09:06] <sysmonk> seekwill: symantec one?
[21:09:18] <seekwill> yar
[21:13:31] <jtsigma> when trying to expand ldap groups, as specified http://www.postfix.org/LDAP_README.html, it shows only usage of 'groupofnames' type of ldap group which specify each 'member' entire DN: format.   Is it possible to use postfix to expand ldap group type of 'posixGroup', in which the member: field shows simply the username only 'joe.blow'?
[21:14:10] *** pebo_ has joined #postfix
[21:16:52] <pebo_> pflogsumm or mailgraph -- both applications count an incoming mail when a log-line matches something like 'postfix/smtpd.*client='. This is misleading since postfix logs such a line when a milter rejects the mail at END-OF-MESSAGE. Does somebody know how to work around this problem?
[21:17:42] <pebo_> (while the definition of 'incoming mail' means = accepted by smtpd)
[21:18:35] <Hein> Im trying to send mails remote but getting "status=bounced (unknown user: "morten")
[21:18:38] <Hein> "
[21:18:58] <Hein> and i have set local_recipient_maps =
[21:19:30] <shayarnett> higuita: thanks for answering my questions
[21:19:36] <shayarnett> gonna go hack some config files :)
[21:19:52] <Hein> but still get the same problem...
[21:19:58] *** shayarnett has left #postfix
[21:20:17] <pebo_> Hein: your local_recipient_maps is empty? well, that explains it, I guess..
[21:20:45] <Hein> well, i read it somwhere it should be empty if you dont want it to look up users
[21:21:03] <pebo_> So how should postfix know what users it has to serve?
[21:21:13] <pebo_> without looking them up?
[21:21:46] <Hein> To disable the local_recipient_maps feature, specify:   /etc/postfix/main.cf:
[21:21:50] <Hein> local_recipient_maps =
[21:21:55] <Hein> With this setting, the Postfix SMTP server will not reject mail for unknown local recipients.
[21:22:04] <Hein> :\
[21:22:22] <Hein> Heck, I dont know... im a newbie and got thrown this problem to me :)
[21:22:31] <Hein> ive googled my ass off but no luck
[21:22:58] <pebo_> has `morten' a local account?
[21:23:44] <Hein> nope
[21:23:57] <Hein> it should be sent through the net
[21:24:12] <Hein> not via local machine
[21:24:32] *** pitakill has quit IRC
[21:24:40] <pebo_> you don't want local_recipient_maps then, check virtual(5).
[21:24:59] <Hein> ok
[21:25:55] <Hein> I think i want it to be a relay(?)
[21:26:20] <pebo_> no, you need virtual_alias_domains and virtual_alias_maps.
[21:26:36] <Hein> Heh, ok.. think i have nothing like that now
[21:26:37] <pebo_> sorry, misread your message..
[21:26:48] <pebo_> but it's still valid. ;)
[21:26:51] <Hein> :)
[21:32:21] *** cafuego has joined #postfix
[21:32:37] <mofino> postfix is live and working
[21:32:38] <mofino> yay
[21:37:52] *** BuenGenio has joined #postfix
[21:38:54] *** dft has quit IRC
[21:42:52] <Hein> bah
[21:43:06] <Hein> think i should not trying to fix this :)
[21:44:56] *** cpm has quit IRC
[21:45:03] <Hein> serious. funny stuff... now it works
[21:45:18] <Hein> and ive done... nothing... :)
[21:45:46] <Hein> i tried the virtual maps but i got the same problem, so i unmarked that in main.cf and reloaded.. and thought "hell, lets try one more time"
[21:45:48] <Hein> and then it worked
[21:52:29] *** Bombo has joined #postfix
[21:52:35] *** Zeit|awy has quit IRC
[22:00:32] *** Jax has joined #postfix
[22:02:03] <growltiger> does anyone know awk here?
[22:02:14] *** spikyjt has joined #postfix
[22:03:17] <gpled> !awk
[22:03:18] <knoba> gpled: Error: "awk" is not a valid command.
[22:06:26] *** alienbrain has joined #postfix
[22:09:23] *** Haris_ has joined #postfix
[22:16:49] *** dragonheart has quit IRC
[22:17:51] *** dragonheart has joined #postfix
[22:18:41] *** Jax has quit IRC
[22:18:49] <pebo_> growltiger: what do you need?
[22:20:13] <growltiger> trying to make a ksh script to get a fax number out of a text file and mail that file to faxnumber@mailhost
[22:20:27] <growltiger> finanlly got hylafax and postfix to work together
[22:20:49] *** maddevil has quit IRC
[22:21:18] <pebo_> ok, but whats your awk problem?
[22:24:07] <growltiger> i have some files named .rpt in a dir, i made a script that will mail them out to faxnumber@mailhost if you use ./faxrpt.ksh numberhere, but i want to be able to just run ./faxrpt.ksh and extract the faxnumber from a line like Fax: 888-555-1212 that is in each report and send them to mail faxnubmer@mailserver
[22:26:52] <pebo_> awk '/^Fax: <insert-some-nasty-extended-regex-here>$/ { print $2 }' /path/to/rpt
[22:28:41] <growltiger> yeah, i dont have to take the ( and -s out, i got it working so 555-1222@mailserver and 5551212@server will both work
[22:28:51] *** Haris has quit IRC
[22:29:39] <Bombo> how do i tell postfix to accept relay access if the user is authenticated? i'm testing with thunderbird, outgoing mail is set to port25, TLS, with username&passwd, i get 'Relay access denied'
[22:30:05] <Bombo> i added this line to main.cf: smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_auth_destination
[22:31:19] <Bombo> probably this is wrong (it didnt work)
[22:31:58] <growltiger> !permit_sasl_authenticated
[22:31:59] <knoba> growltiger: Error: "permit_sasl_authenticated" is not a valid command.
[22:32:09] <growltiger> bastard, it is to a valid command
[22:32:18] <higuita> but is that .)
[22:32:42] <Bombo> i need sasl? i thought its done with tls
[22:32:56] <higuita> !config permit_sasl_authenticated
[22:32:57] <knoba> higuita: Error: 'supybot.permit_sasl_authenticated' is not a valid configuration variable.
[22:33:08] <growltiger> hmm
[22:33:11] <vice-versa> !maincf permit_sasl_authenticated
[22:33:13] *** alienbrain has quit IRC
[22:33:17] <Bombo> supy ;)
[22:33:30] <higuita> tls is just the encryptation
[22:33:37] <higuita> sasl is the auth
[22:33:49] <Bombo> hmmkay
[22:33:54] *** pebo_ has quit IRC
[22:34:36] *** alienbrain has joined #postfix
[22:38:38] *** ejer has joined #postfix
[22:41:29] <Ernest0x> higuita, what do you mean by "enforce it" (sorry for the delay)
[22:41:44] <ejer> with virtual domains, how can I blackhole email to unknown users instead of bouncing it?
[22:42:24] <cmdln> ejer: why would you do that?
[22:42:37] <cmdln> just curious
[22:42:37] <ejer> cause it is all spam
[22:42:56] <ejer> all email is sent through webforms only to these domains
[22:42:59] <cmdln> are you doing a domain alias?
[22:43:03] <ejer> yes
[22:43:20] <cmdln> you need to change your map to get that to stop
[22:43:31] <cmdln> are you using a database backend?
[22:43:37] <ejer> i was thinking I could put a catchall on master domain, but I think that would break domain aliases
[22:43:42] <ejer> no plain files
[22:44:38] <cmdln> rather than do catchall, if you are only accepting mail for a few addresses just do specific forwards
[22:44:53] <lunaphyte_> ejer: why are you accepting it in the first place?
[22:44:53] <cmdln> if your using plain text files I think thats the easiest thing
[22:44:58] <cmdln> to stop the backscatter
[22:45:18] <cmdln> lunaphyte_: I think its because he is doing domain alias ... @domain1 -> @domain2
[22:45:24] *** denis_ has quit IRC
[22:45:30] <higuita> Ernest0x: enforce the use of sasl -> remove that ip from mynetworks or remove the permit_mynetworks
[22:45:30] <ejer> lunaphyte_: this is how the virtual aliases work from what I can tell, it acceots the mail, then tries to deliver to real mailbox
[22:45:44] <ejer> ie it does not know users until delivery
[22:45:56] <cmdln> postfix matches the @domain1 part and accepts the email, then it trys to deliver it to the realbox and bounces, then it becomes backscatter
[22:46:04] <ejer> yup
[22:46:30] <ejer> so cmdln how do I forward unmatched entries
[22:46:31] <cmdln> so you either need to do specific forwards like user1@domain1 -> user1@domain2
[22:46:41] <cmdln> or use a db backend and get fancy
[22:46:45] <ejer> ok I see
[22:46:55] <cmdln> then you basically do not do catchall
[22:47:02] <ejer> i am trying to cut corners by doing domain aliases
[22:47:06] <cmdln> yeh
[22:47:07] <cmdln> dont
[22:47:12] <cmdln> either move to database
[22:47:16] <cmdln> or do it straight
[22:47:20] <ejer> grr ok
[22:47:22] <cmdln> or have backscatter .... to my knowledge
[22:47:27] <cmdln> i just dealt with the same issue
[22:47:30] <cmdln> but im using db backend
[22:47:36] <vice-versa> indeed, you absolutely must do recipient validation
[22:48:53] <cmdln> ive got a fancy query to join and map the sent to address to the final destination address if it exists
[22:49:22] <cmdln> so email john@domain1 where john does not have an account on domain2 and it does not return so the msg is rejected
[22:49:25] * ejer is trying to figure another way :)
[22:49:54] <cmdln> the only other way i know of would be specific forwards
[22:50:14] <cmdln> because some way you have to identify both the original destination and final destination
[22:50:40] <ejer> what about soft_bounce
[22:51:11] <higuita> just make a scrpit to generate that specific forward map and put it in a cron
[22:51:16] <ejer> or "Another possibility just occurred to me, what if you replaced the bounce transport in master.cf with a pipe transport that happily cats the msg into /dev/null? Might work. "
[22:51:38] *** Famic has joined #postfix
[22:51:48] <ejer> i could but I want to be able to simply add a real email address and have all domains use it
[22:52:15] <higuita> make a fail back map, in case the script fails (like out of space to create the file)
[22:54:29] <ejer> soft_bounce looks promising, but then they will hang in queue till.. what? maximal_queue_lifetime? Then discarded?
[22:54:45] *** solarce has joined #postfix
[22:55:24] <solarce> So what are the most likely fixes for Relay access is denied when the destination is a domain besides the system domain?
[23:00:39] <vice-versa> fixes? that's how it's supposed to work
[23:02:01] <vice-versa> !relay_denied
[23:02:02] <knoba> vice-versa: "relay_denied" : \"554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER_ADDRESS> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>\": This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).
[23:02:20] *** dragonheart has quit IRC
[23:03:21] *** cilly has quit IRC
[23:04:50] <solarce> vice-versa: so I'm trying to setup postfix as an outbound spam filter
[23:04:59] <cmdln> ejer: I think you are only going to complicate things trying to step around how things work.
[23:05:17] <cmdln> ejer: it would be less resistance to either move to db backend or do specific aliases
[23:05:30] <solarce> vice-versa: so I'll be having our internal mail server forward all mail to it, basically use it as smarthost
[23:05:35] <cmdln> you could write a script to add an account and append forwards to a forwards file
[23:05:54] <cmdln> that way your only doing the "creation" and the forwards are done for you
[23:06:07] <solarce> vice-versa: should I turn postfix into an open relay? how do I make it so I can use it to send mail to domains besides $my_domain?
[23:07:02] <cmdln> solarce: add your internal mail server as a my_networks i belive
[23:07:28] <vice-versa> solarce: add the hosts ip to my networks of have it auth with sasl
[23:07:55] <cmdln> thanks for the help guys im heading home for the day
[23:07:55] <vice-versa> !mynetworks
[23:07:56] <knoba> vice-versa: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.
[23:08:08] <vice-versa> !maincf mynetworks
[23:08:12] <ejer> cmdln: yes but then if I add a mail user after some aliases, I need to go create specific aliases for each domain... and if I remove that user...
[23:08:57] <ejer> ps: the whole server is scripted, hence why I am trying to avoid any manual edist after setup
[23:09:08] <solarce> awesome, it's been too log since I used postfix, I herded Exchange for the last three years
[23:09:25] <cmdln> have it append to the file on creation and maybe have it search or something. For removal have it search the aliases file for destinations that match the account your removing and remove those lines
[23:10:19] <ejer> ya I already have to sed the vhosts and valiases file to remove, so I guess a bit more scripting is in order... thanks for your help cmdln
[23:12:45] <cmdln> np
[23:12:46] <cmdln> ttyl
[23:12:47] <cmdln> good luck
[23:12:49] *** cmdln has quit IRC
[23:16:15] <solarce> vice-versa: I added my subnet to mynetworks , and this host is stil being denied relay
[23:16:50] <solarce> mynetworks = 192.168.10.0/24*, 127.0.0.0/8
[23:16:59] <solarce> ct  8 14:16:27 redskull postfix/smtpd[962]: connect from unknown[192.168.10.199]
[23:17:03] <solarce> Oct  8 14:16:27 redskull postfix/smtpd[962]: NOQUEUE: reject: RCPT from unknown[192.168.10.199]: 554 5.7.1 <bburton at ristech dot net>: Relay access denied; from=<james at james dot com> to=<bburton at ristech dot net> proto=ESMTP helo=<andesite.local>
[23:17:16] <vice-versa> lose the asterisk
[23:17:30] <solarce> haha, wtf
[23:17:52] <solarce> still same rejection
[23:18:32] <vice-versa> postfix reload
[23:19:30] <solarce> it helps to add permit_mynetworks to smtpd_recipient_restrictions
[23:21:08] *** F6F has quit IRC
[23:21:40] <vice-versa> yup, which it is by default, you changed it without checking the defaults by the sounds of things
[23:22:03] <vice-versa> postconf -d mynetworks
[23:22:28] <vice-versa> that will show what the default values are
[23:23:31] <solarce> gotcha
[23:26:03] <deface> sup vice-versa
[23:26:59] <vice-versa> hey deface
[23:27:44] <deface> how goes it
[23:27:55] <vice-versa> it goes ;)
[23:28:01] <deface> i feel yah
[23:37:08] *** githogori has quit IRC
[23:37:22] *** felix-da-catz is now known as felix-da-catz_zz
[23:52:32] *** war9407 has quit IRC
[23:54:11] *** adnc has quit IRC
[23:55:49] <gpled> in a regexp file to reject .ro  would it look like this?  /\.ro/ reject     not sure about the /\.ro/ part
[23:57:10] *** githogori has joined #postfix
[23:58:49] *** shinao1 has joined #postfix





top