[00:00:53] *** eanxgeek has left #postfix
[00:02:45] <vice-versa> then set a spf record up for pickaride.com that says rider.pizzatimemansfield.com or 72.89.70.147 is authorized to transmit mail for said domain, this will resolve the yahoo! delivery issues
[00:04:20] <mjh> how can i see the result of sa-test at sendmail dot net ?
[00:04:45] <mjh> i fixed the router issue..i think..just needto teest
[00:06:38] <xpoint> mjh, it will mail you back
[00:08:41] <Bombo> is it possible that sasl auth doesnt work for virtual users?
[00:08:52] <sahil> Bombo: sure, if you screwed it up.
[00:08:56] <sahil> but it works here.
[00:09:09] <Bombo> i got two users in /etc/sasldb2, one systemuser, one virtual
[00:09:37] <Bombo> systemuser can send mail with his pw, virtual not
[00:09:50] <sahil> find out why; check the logs.
[00:09:58] <Bombo> what did i screw up
[00:10:20] <sahil> i don't know; i can't read minds.
[00:10:24] <Bombo> postfix/smtpd[11421]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
[00:10:37] <sahil> turn up debugging and see if that turns up anything.
[00:10:49] <sahil> and please tell me you're not operating in a silly chroot.
[00:11:43] *** Fallenou has quit IRC
[00:12:13] <Bombo> postfix/smtpd[17624]: warning: SASL authentication failure: no secret in database
[00:12:20] <Bombo> this is the first msg
[00:12:28] *** Fallenou has joined #postfix
[00:12:34] <Bombo> warning: dslb-084-062-255-251.pools.arcor-ip.net[84.62.255.251]: SASL CRA
[00:12:36] <Bombo> M-MD5 authentication failed: authentication failure
[00:12:52] <Bombo> yes chroot, but i linked the sasldb2
[00:13:06] <Bombo> it works for a systemuser
[00:13:49] *** carl- has quit IRC
[00:14:19] <Bombo> ln /var/spool/postfix/etc/sasldb2 /etc/sasldb2
[00:16:56] <xpoint> Bombo, start saslauthd might help
[00:17:40] <xpoint> saslauthd only supports plain login not cram-md5
[00:17:54] <xpoint> sorry if i am wroung
[00:18:02] <Bombo> its running
[00:18:26] <Bombo> i just changed the saslpasswd2 for a systemuser, that one workes
[00:18:27] <xpoint> use testsaslauthd to find if its working
[00:20:21] <Bombo> pam_authenticate failed: Authentication failure
[00:20:38] <Bombo> [mech=pam] [reason=PAM auth error]
[00:20:41] <Bombo> hmm
[00:21:51] <Bombo> several instances of "/usr/sbin/saslauthd -a pam -c -n 5" are running
[00:22:02] <mjh> hello
[00:22:15] *** madrescher has quit IRC
[00:22:24] <mjh> had to reboot router
[00:23:43] <xpoint> Bombo, stop them all and start it again, test one more time then
[00:24:22] <xpoint> Bombo, but is seem currect config
[00:24:43] <Bombo> pam is correct?
[00:25:33] <Bombo> i changed it to MECHANISMS="sasldb" in /etc/default/saslauthd but it didnt help
[00:26:20] <xpoint> pam is pam, sasldb is sasldb
[00:26:27] <Bombo> saslauthd[28021]: do_auth         : auth failure: [user=bleh] [service=imap] [realm=] [mech=sasldb] [reason=Unknown]
[00:26:27] *** mjh has quit IRC
[00:26:31] <xpoint> what one do you want ?
[00:26:45] *** mjh has joined #postfix
[00:27:37] <Bombo> i want smtpd to use /etc/sasldb2 users/passwords for auth
[00:29:39] <Bombo> when adding users with 'saslpasswd2 foo' i get this 'saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found'
[00:30:13] <Bombo> but the entry is there when i do sasldblistusers2
[00:30:58] <xpoint> hmm, i use imap (-a rimap) in saslauthd
[00:31:36] *** pirho has quit IRC
[00:31:37] *** weedar has joined #postfix
[00:31:42] *** Trengo has joined #postfix
[00:34:45] *** mandragor has joined #postfix
[00:35:05] <xpoint> mjh, got reply from sa-test ?
[00:36:06] <xpoint> mjh, the attachment is original mail receved in there mta after thay process it, and the body tells you what works
[00:44:44] <deface> Bombo: what does your sasldb file look like ?
[00:45:53] <deface> Bombo: http://rafb.net/p/Oqx0lA53.html
[00:46:07] <deface> thats my /etc/sasl2/smtpd.conf file
[00:47:11] <Bombo> new error: warning: SASL authentication failure: cannot connect to saslauthd server: Connection refused
[00:48:13] <deface> using courier ?
[00:48:37] <Bombo> no i'm trying to send mail
[00:48:50] <Bombo> courier works
[00:48:53] <deface> using what daemon ?
[00:49:00] <Bombo> postfix
[00:49:01] <deface> sendmail ?
[00:49:20] <Bombo> pwcheck_method: saslauthd
[00:49:21] <deface> postfix is nothing more than an mta, it uses sendmail
[00:49:22] <Bombo> mech_list: plain login
[00:49:39] <deface> pwcheck_method should be authdaemond
[00:49:47] *** weedar has quit IRC
[00:49:56] <Bombo> nothing more in /etc/postfix/smtpd.conf
[00:49:58] <deface> what flavor ?
[00:50:17] <Bombo> hm
[00:51:20] <Bombo> warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
[00:51:45] <deface> what flavor of linux ?
[00:51:49] <deface> do you have - authdaemon_path defined ?
[00:51:49] <sahil> keep re-pasting the same error over and over; that will help.
[00:52:00] <Bombo> etch
[00:52:13] <Bombo> sahil: its not the same.
[00:52:15] <deface> how'd u install postfix?
[00:52:27] <deface> its pretty straight forward in etch .. lol
[00:52:56] <Bombo> well everything works, just the auth doesnt
[00:53:15] <sahil> so everything doesn't work.
[00:53:31] <Bombo> i can send/receive mail locally
[00:53:51] <deface> do you have - authdaemon_path defined ?
[00:54:06] <Bombo> deface: where
[00:54:15] <deface> in smtpd.conf
[00:54:33] <deface> let me boot up my etch box
[01:00:58] *** Fallenou has quit IRC
[01:01:57] <Bombo> ln /var/run/courier/authdaemon/socket /var/spool/postfix/var/run/courier/authdaemon/socket
[01:02:14] <Bombo> authdaemond_path:/var/run/courier/authdaemon/socket
[01:02:19] <deface> chrooted
[01:02:23] <Bombo> indeed
[01:02:25] <deface> i asked that did i not ?
[01:02:35] <Bombo> not sure heh
[01:02:37] <deface> err .. maybe i should have
[01:02:53] <Bombo> i didnt chroot it... i think
[01:03:32] <Bombo> well now i got less errors
[01:03:42] *** kylepike has joined #postfix
[01:04:19] <Bombo> but the pw is still not accepted
[01:04:30] <kylepike> hey, anyone be able to point me in the right direction for somehow deferring mail in the queue, and limiting it to send only 1000 messages per hour?
[01:04:44] <kylepike> for specific domains
[01:05:26] <deface> www.google.com
[01:05:34] *** war9407 has quit IRC
[01:05:43] <deface> Bombo: whats error now ?
[01:05:45] <kylepike> deface, whoa... never would have thought
[01:06:10] <Bombo> deface: warning: SASL authentication failure: Password verification failed
[01:06:14] <deface> yeah, common sense isnt to common
[01:06:19] <Bombo> plain and login also
[01:06:38] <deface> and u have - mech_list: plain login ?
[01:06:41] <deface> in smtpd.conf ?
[01:06:48] <Bombo> indeed
[01:07:00] <kylepike> deface, was a pretty straight forward question... im all over the docs as it is... having trouble finding it... hense why I asked. ass
[01:07:31] <Bombo> what pw does it take now /etc/courier/userdb or /etc/sasldb2 i#m confused
[01:07:33] *** pitakill has joined #postfix
[01:07:37] <Bombo> my brain hurts ;/(
[01:08:14] <Bombo> authdaemon uses /etc/courier/userdb right
[01:08:26] <Bombo> whats the sasl for now
[01:09:32] *** runlevel-work has joined #postfix
[01:09:47] <kylepike> lol
[01:09:52] <deface> http://www.postfix.org/rate.html#destination
[01:10:03] <kylepike> deface, thank you
[01:10:16] <runlevel-work> kylepike: google.com
[01:10:34] *** kylepike has left #postfix
[01:10:38] *** runlevel-work has left #postfix
[01:11:47] * vice-versa wonders what was that all about
[01:13:36] *** mandragor has quit IRC
[01:16:17] *** hever has quit IRC
[01:21:59] *** ploploop has joined #postfix
[01:22:20] <deface> ok Bombo did you edit /etc/default/saslauthd ?
[01:22:40] <Bombo> yes
[01:23:04] <Bombo> added -m /var/spool/postfix/var/run/saslauthd/mux
[01:23:38] <Bombo> no more file not found, but connection refused
[01:24:24] <Bombo> MECHANISMS="sasldb"
[01:24:48] <deface> no pam ?
[01:25:06] *** davidroderick has joined #postfix
[01:25:08] <Bombo> do i need that?
[01:25:15] <Bombo> kan i haz both
[01:25:20] <Bombo> ;)
[01:26:17] <deface> yup
[01:26:41] <deface> # Only one option may be used at a time. See the saslauthd man page
[01:26:41] <deface> # for more information.
[01:26:44] <deface> boo 2 that
[01:29:17] *** [shg] has quit IRC
[01:30:54] <Bombo> with pam and authdaemon i get SASL authentication failure: Password verification failed
[01:30:59] <deface> yeah .. only 1
[01:32:10] *** hparker has quit IRC
[01:33:59] <Bombo> i dont get it, courier works with the same userdb passwd
[01:34:31] <Bombo> postfix uses the same userdb with authdaemon and it fails
[01:34:33] <davidroderick> http://pastebin.ca/1225021  I can't get STARTTLS command to work on telnet.  I made a self-signed certificate.  Does My postscript dislike google?  I do not understand what is happening
[01:37:12] <Bombo> ok be back later, need food, thx for now
[01:40:21] <deface> davidroderick: smtp_use_tls !== smtpd_use_tls
[01:40:25] <deface> smtpd .. not smtp
[01:41:08] <vice-versa> !smtpd!=smtp
[01:41:08] <knoba> vice-versa: "smtpd!=smtp" : Postfix smtpd_* and smtp_* configuration parameters have different meanings. smtpd_ = server and smtp_ = client, the server-side receives mail whilst the client-side sends mail. (smtpd = server = receives mail) (smtp = client = sends mail)
[01:41:22] *** brancaleone has quit IRC
[01:43:29] *** hparker has joined #postfix
[01:45:17] <sahil> lol
[01:45:21] <sahil> i can't believe there's a trigger for that.
[01:45:24] <sahil> so many estupidos.
[01:47:15] *** pitakill has quit IRC
[01:49:52] <deface> and to think, sahil people like you are why there is .. :)
[01:58:54] *** githogori has quit IRC
[02:03:27] <davidroderick> Ues. Thanks. This is a step forward. But still the problem with STARTTLS command remains http://pastebin.ca/1225040
[02:07:34] <vice-versa> sahil: yup, so much so that there's the inverse of that one as well ;)
[02:07:40] <vice-versa> !smtp!=smtpd
[02:07:42] <knoba> vice-versa: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[02:09:11] <rimad> i am sorry , quick question...is smtpd server and smtp client?
[02:09:30] <vice-versa> O.0
[02:09:35] <davidroderick> eh? why this repetition?
[02:10:07] <rob0> sahil? I think confusing smtp_* and smtpd_* is extremely common, an easy mistake to make. I agree there are a lot of incapable would-be postmasters, but that particular mistake isn't what I'd call stupid.
[02:10:47] <rob0> David, the repetition appears to be because you didn't understand it the first time.
[02:10:48] *** mjh has quit IRC
[02:11:31] <rob0> Lack of STARTTLS on your own smtpd(8) has nothing to do with trying to STARTTLS at a remote site.
[02:13:31] <davidroderick> well I commented out the client smtp one and retried and it seemed a bit better. so should I change the smtpd to smtp thus reversing the one I removed, or comment them both out having neither?
[02:16:33] <davidroderick> so commenting both does not restore STARTTLS
[02:20:03] <vice-versa> davidroderick: what exactly are you trying to accomplish?
[02:20:37] <davidroderick> send a mail through google.
[02:22:13] <davidroderick> I don't wish to learn postscript properly
[02:22:28] <vice-versa> postscript?
[02:25:51] *** Internat has quit IRC
[02:27:08] * vice-versa wonders what a text/graphical page description language would have to do with using gmail as a mail relay
[02:31:59] <davidroderick> yeah I'm tired
[02:33:43] *** Haris_ has joined #postfix
[02:34:16] *** Haris has quit IRC
[02:36:25] <davidroderick> so is the the lack of STARTTLS with my local smtpd completely unrelated to postfix?
[02:37:32] <vice-versa> postfix needs to be configured properly for it to use tls
[02:38:03] <vice-versa> !tls_readme
[02:38:04] <knoba> vice-versa: "tls_readme" : http://www.postfix.org/TLS_README.html : Transport Layer Security (TLS/SSL) features in Postfix
[02:40:15] *** Zeit|awy has joined #postfix
[02:40:22] *** plugwash has quit IRC
[02:48:30] <davidroderick> I am using Ubuntu. if it says libssl when I ldd /usr/sbin/postfix I gues that I don't need to compile anything to make STARTTLS work, and therefore the fault must be in my now cogent config file http://pastebin.ca/1225051
[02:51:08] *** Internat has joined #postfix
[02:51:42] <davidroderick> postfix is so big learning a language is comparable
[02:55:07] <vice-versa> davidroderick: is your postfix server actually going to be a final destination of mail for a domain?
[02:55:13] *** [shg] has joined #postfix
[02:55:45] <vice-versa> or are you just needing to get mail off your notebook and want to relay via gamil?
[02:58:17] <davidroderick> not a domain, just localhost. the latter. as a learning experiment it has been useful, because I have played with certificates for the first time.  The mail seems to have been delivered now from the log files but I can't find it at yahoo.  I am curious about this mx server redirection.  it seems that google tells postfix, ``go and try yahoo yourself''
[03:00:51] <vice-versa> davidroderick: postfix may be overkill given your requirements, ssmtp would be a better option imo
[03:02:15] <davidroderick> I agree, but the exercise was to get this far, not make it work.  I will try playing with fetchmail next, and I have discover many other resources because of this route, which are unrelated to mail at all.
[03:03:54] <davidroderick> I would like to know what stunnel is.  I am learning about networks at the end of my compsci journey
[03:05:24] <[shg]> yahoo sucks, don't test yahoo
[03:05:51] <[shg]> Yahoo's spam filter delay for 5 years isn't very helpful, not to mention their process that you can request to be whitelisted doesn't exist.
[03:06:28] <[shg]> It's just annoys you and makes you fustrated because you fill out the form they give you and then they give you another form which points to the same one you just filled out and then you tell them and they send you another form which points to the same form...
[03:08:51] <vice-versa> davidroderick: stunnel is used to provide ssl/tls encrypted connections for network services that do not support it natively, but this doesn't have anything to do with postfix
[03:14:44] <davidroderick> well thanks. must sleep now. gn8
[03:18:19] *** davidroderick has left #postfix
[03:18:48] *** githogori has joined #postfix
[03:43:47] *** pingouin has quit IRC
[03:44:50] *** pingouin has joined #postfix
[03:58:47] *** pitakill has joined #postfix
[04:04:47] *** dft has joined #postfix
[04:23:25] *** mavrick61 has quit IRC
[04:24:32] *** mavrick61 has joined #postfix
[04:29:33] *** tombar_ has joined #postfix
[04:48:24] *** xpoint has quit IRC
[04:48:57] *** tombar has quit IRC
[04:57:00] *** littlebird is now known as chadmaynard
[05:12:14] *** Haris_ has quit IRC
[05:36:19] *** A-KO has joined #postfix
[05:36:36] *** Dominian has quit IRC
[05:38:14] <A-KO> Quick general question. Is it possible to use one SSL certificate that covers multiple virtual hosted mail domains?
[05:41:22] *** Haris has joined #postfix
[05:41:42] <vice-versa> afaik the cert is per the server not the domains it's hosting
[05:42:18] <deface> what what
[05:42:26] *** pitakill has quit IRC
[05:43:50] *** A-KO has left #postfix
[05:48:28] *** hparker has quit IRC
[05:49:43] *** goldfisc1li has joined #postfix
[05:52:21] *** Dominian has joined #postfix
[06:02:32] *** jeffspeff has joined #postfix
[06:05:05] *** Motoko-chan has joined #postfix
[06:05:23] *** goldfischli has quit IRC
[06:07:33] *** [shg] has quit IRC
[06:07:58] *** [shg] has joined #postfix
[06:10:36] *** jeffspeff has quit IRC
[06:14:50] <sahil> rob0: i jest; i agree with you.  calmness.
[06:15:49] <sahil> [shg]: i feel your pain re: yahoo.com.  but i must say, SPF + DKIM have helped immensely.  they seem to really give a sh*t about that jazz.
[06:19:06] * Motoko-chan thinks SPF is a solution looking for a problem
[06:24:45] * sahil shrugs with apathy
[06:25:08] <sahil> enough of our users need to send to hundreds of yahoo servers, so if the big boys want SPF, they get SPF.
[06:25:17] <sahil> er, s/servers/users/
[06:25:32] <sahil> but i haven't till this day ever received a response from a HUMAN at yahoo dot com
[06:25:34] <sahil> =/
[06:31:45] <Motoko-chan> yahoo.com isn't the corporate domain.
[06:33:17] *** existx has joined #postfix
[06:34:52] <sahil> does the point change if I spell out cc.yahoo-inc.com?
[06:41:21] <sahil> do you guys ever read daringfireball.net after the last time i linked to its douchebaggery?
[06:41:28] <sahil> the guy is sooooo annoying sometimes.  sigh.
[06:42:46] <vice-versa> what kind of douchebaggery
[06:43:41] <sahil> of the highest order. :P
[06:43:46] * sahil -> sleep
[06:43:48] <sahil> night folks.
[06:44:01] *** derrick_ has joined #postfix
[06:53:16] *** amrit|wrk is now known as amrit|afk
[06:59:57] *** derrick_ has quit IRC
[07:02:21] *** jeffspeff has joined #postfix
[07:09:15] <googlah> does somebody generally know how ssl-certs works? Everytime I connect to imaps, or my webserver (https), I have a bad ssl cert.
[07:09:24] *** saurabhb has joined #postfix
[07:09:31] <googlah> and I need to accept it
[07:10:15] <vice-versa> is the cert self-signed?
[07:12:12] *** saurabhb has quit IRC
[07:13:21] <googlah> yep
[07:13:37] <googlah> or I made it myself
[07:14:43] <googlah> I know you can pay for it.. is that the only way, to get rid of the message?
[07:15:34] <vice-versa> ok, so you're the CA, you should have a cacert.pem correct?
[07:16:36] <googlah> correct. but this is a general question, not only for postfix
[07:16:53] <vice-versa> right
[07:17:22] <vice-versa> the CA cert was used to sign the postfix server cert
[07:18:03] <googlah> yeah, I think so
[07:18:20] <Haris> ok, the new quad core xeon box is ready with mysql+postfix
[07:18:33] <Motoko-chan> googlah, what client?
[07:18:35] <Haris> now to make the mail db and configure postfix
[07:19:08] <googlah> Motoko-chan: That I used to make the cert? Or connect to postfix?
[07:19:17] <Motoko-chan> To connect to IMAP/SMTP
[07:19:25] <googlah> Thunderbird
[07:19:35] <Motoko-chan> Hm. It should remember your choice.
[07:19:46] <rob0> If the client (whatever it may be) knows and trusts the CA, it trusts the cert (any cert signed by that CA.)
[07:19:46] <Motoko-chan> It coudl be bad because it can't get the signer.
[07:19:58] <Motoko-chan> You could chain and send
[07:20:17] <googlah> Motoko-chan: Yeah, correct. But think of it like this, what is required that it "would not even ask"?
[07:20:33] <rob0> So generally, you need to look in the tbird docs about how to trust a CA.
[07:20:55] <vice-versa> what you need to do is have the cacert.pem distributed and installed on client machines, for windows boxen you need a DER formatted CA Root Certificate
[07:20:56] <Motoko-chan> You need to make the CA trusted.
[07:21:08] * Motoko-chan points at vice-versa's line
[07:21:28] *** amrit|afk is now known as amrit
[07:22:13] <googlah> Yes. I know that.. but like, connecting to Gmail through Thunderbird, don't give you a pop-up message about self-signed cert.
[07:22:36] <Motoko-chan> Right, because they use a cert signed by a CA in the built-in trust list.
[07:22:47] <[shg]> Crap, it is only 1:23am.
[07:22:54] <googlah> Their ssl cert is trusted from beginning. yeah, so is that easy to fix?
[07:23:11] <Motoko-chan> Buy a cert from a trusted provider.
[07:23:18] <Motoko-chan> SBS works well for me.
[07:23:26] <Motoko-chan> Although they do need a chained cert.
[07:23:35] <[shg]> There's "Something Bout Sertificates"
[07:23:39] <Motoko-chan> GoDaddy isn't in the trust list for TB2.
[07:23:52] <Motoko-chan> So don't even bother.
[07:24:01] <googlah> Right, so you need to get it from a provider
[07:24:15] <Motoko-chan> Yes. One on the trust lists.
[07:25:12] <Motoko-chan> As long as that is met, you can pay whatever you like.
[07:25:17] <sysmonk> trust noone!
[07:25:18] <googlah> okay. any provider you know of?
[07:25:21] <Motoko-chan> Get the lowest-cost one from the provider.
[07:25:26] <Motoko-chan> No fancy seal, etc.
[07:25:37] <Motoko-chan> At work, we go through eNom and use SBS certs.
[07:25:40] <Motoko-chan> Nice and cheap.
[07:25:42] <sysmonk> or import your ca to your thunderbird
[07:25:42] <sysmonk> ;)
[07:25:48] <Motoko-chan> Less than $50.
[07:25:52] <vice-versa> googlah: that depends on your needs really
[07:25:53] <Motoko-chan> Heck, less than $20
[07:26:04] <Motoko-chan> (YMMV)
[07:26:07] <rob0> I don't use tbird, but Firefox has an interface to manage and import CA's.
[07:26:13] <Motoko-chan> TB does too.
[07:26:14] <googlah> sysmonk: Yep. ;P but just generally.. I'm asking about this
[07:26:19] <Motoko-chan> Same interface, more or less.
[07:26:32] <rob0> that's what I guest
[07:26:50] <Motoko-chan> (Options / Advanced / Certificates / View Certificates)
[07:27:39] *** [shg] has quit IRC
[07:27:54] <sysmonk> Motoko-chan: btw, what does SBS mean?
[07:28:02] <Motoko-chan> sysmonk, http://www.securebusinessservices.com/
[07:28:11] <sysmonk> sick building sindrome?
[07:28:12] <sysmonk> :P
[07:28:15] <rob0> Oh, I was thinking it was Same BS
[07:28:39] <googlah> Yea, I see it there. but I am connecting with another URL, and my cert is signed for a different one.
[07:28:46] <vice-versa> fuck it, spare no expense, go all out and get a VeriSign Class 3 Extended Validation SSL SGC
[07:28:47] <Motoko-chan> They are a CA signed from the AddTrust External CA Root
[07:29:03] <Motoko-chan> Which means they aren't single-root.
[07:29:13] <Motoko-chan> Not a huge deal, really.
[07:29:24] <Motoko-chan> Most people don't notice as long as the thing works.
[07:29:39] <Motoko-chan> Verisign = a** rape.
[07:29:46] <Motoko-chan> srsly.
[07:29:51] <vice-versa> yup
[07:29:59] <sysmonk> Motoko-chan: doh, can't find where to order a cert on that page
[07:30:05] <Motoko-chan> sysmonk, you can't.
[07:30:12] <sysmonk> oO
[07:30:13] <Motoko-chan> You have to go through one of their resellers.
[07:30:18] <sysmonk> oh
[07:30:30] <Motoko-chan> We use eNom.
[07:30:39] <sysmonk> haha
[07:30:45] <Motoko-chan> I can get RapidSSL certs for $9.95/yr.
[07:30:47] <sysmonk> www.enom.com doesn't work
[07:30:52] <sysmonk> it redirects me to outage.enom.com
[07:30:54] <sysmonk> which doesn't work :P
[07:30:55] <googlah> tried to get to eNom, but it seemed down :p
[07:30:58] <Motoko-chan> Yeah, they are in maintenance.
[07:31:06] <Motoko-chan> They should be up tomorrow morning.
[07:31:15] <sysmonk> nice maintenance, even no 'sorry come back in 23 hours' thing
[07:31:20] <Motoko-chan> http://www.rapidssl.com/index_ssl.htm <-- You can order direct.
[07:31:25] <Motoko-chan> Yeah, eNom is... interesting.
[07:31:44] <Motoko-chan> Not my favorite reseller, but they have a nice selection of certs for good prices.
[07:31:48] <vice-versa> eNom used to be ok
[07:32:01] <Motoko-chan> I used to use BulkRegister.
[07:32:10] <Motoko-chan> Before eNom broke them.
[07:32:24] <Motoko-chan> The "platform upgrade" just totally ruined the thing.
[07:32:42] <Motoko-chan> Anyway, RapidSSL should work on TB 2.
[07:33:09] <Motoko-chan> Interestingly, their site uses a GeoTrust cert...
[07:33:23] <sysmonk> i just go for CaCERT ;P
[07:33:38] <Motoko-chan> BTW: GeoTrust, Thawte, Verisign = same company.
[07:36:36] *** [shg] has joined #postfix
[07:36:41] <vice-versa> eNom kinda turned to shit when they were acquired by Demand Media imo
[07:36:51] *** Dominian has quit IRC
[07:37:43] <Motoko-chan> Their API is utter feces.
[07:38:08] <Motoko-chan> Oh, and in re-coding for it (from a really simple and nice one BR had), found a bunch of commands that were broken
[07:38:21] <Motoko-chan> Had been for a few years I was told, just no one had noticed.
[07:42:07] <[shg]> Motoko-chan it happens.
[07:42:17] <[shg]> Usually when admin rushes sh**
[07:42:43] *** Dominian has joined #postfix
[07:43:23] <Motoko-chan> THe thing was they were broken for years.
[07:43:47] <sysmonk> Dominian: are you growing noobs?
[07:44:56] <Dominian> sysmonk: hmm?
[07:45:04] <Dominian> sysmonk: what do you mean?
[07:45:29] <Dominian> sysmonk: If you mean me leaving and coming back or something.. I had to build a new kernel for my vps.. something was causing kernel panics.... no idea what at this time
[07:45:57] <sysmonk> Dominian: 10-11 08:43:33 -!- Dominian [i=dominian at noobfarm dot org] has joined #postfix
[07:46:00] <sysmonk> host
[07:46:37] <Dominian> hehe
[07:46:43] <Dominian> check out noobfarm.org
[07:46:47] <Dominian> you'll see what its about
[07:48:22] <sysmonk> yeah, i see
[07:48:26] <sysmonk> so you are growing noobs
[07:48:53] <[shg]> http://co.mmunity.us/maillog | http://co.mmunity.us/postconf-n
[07:48:55] <sysmonk> ah, atlest a search for sysmonk didn't return any rows
[07:48:56] <sysmonk> ;)
[07:49:04] <[shg]> My problem, anyone have an idea how I can resolve it?
[07:49:07] <Dominian> hehe
[07:50:04] <sysmonk> [shg]: more logs!
[07:50:04] <sysmonk> ;)
[07:50:09] <[shg]> ok
[07:50:35] <sysmonk> i'm just interested where did the host come from
[07:50:36] <sysmonk> 208-43-85-112
[07:50:44] <sysmonk> it should be 208.43.85.112
[07:50:49] <sysmonk> not '-' but '.'
[07:52:21] <[shg]> that's the actualy host
[07:52:25] <[shg]> you can refresh, there is more there
[07:52:34] <[shg]> But that's the actual hostname of the server
[07:53:01] <[shg]> It's using the hostname of the server instead of myhostname. postfix/virtual is I mean.
[07:53:10] <sysmonk> ah
[07:53:20] <sysmonk> [shg]: hostname -f ?
[07:53:37] <[shg]> 208-43-85-112.lx-vs.net
[07:55:15] <sysmonk> [shg]: i'd trie to look at debug log and see where it gets the real host
[07:55:26] <sysmonk> btw, you've updated the fiel, but removed the old entry ;/
[07:55:34] <[shg]> Whoops
[07:56:26] <[shg]> F5
[07:56:44] * sysmonk uses ^R
[07:56:44] <sysmonk> ;)
[08:05:54] <vice-versa> sort of has the earmarks of a screwed chroot
[08:08:25] <[shg]> Not using chroot
[08:09:43] *** niki has quit IRC
[08:10:48] <sysmonk> everybody says that
[08:10:49] <sysmonk> ;P
[08:10:57] <[shg]> Heh
[08:11:12] <vice-versa> yeah, I was about to say, "Are you sure?"
[08:11:17] <vice-versa> !chroot
[08:11:18] <knoba> vice-versa: "chroot" : The fifth column in master.cf, if not n , means that the Postfix process described on that line runs in a chroot, see !debug , !queue_directory and files in the examples/chroot-setup subdirectory of the Postfix source archive which show examples of a Postfix chroot environment on a variety of systems
[08:11:27] <sysmonk> 'oh, so that little "y" in the "chroot" collumn means i'm runing chroot?! then yes i do!"
[08:11:30] <sysmonk> ;))
[08:11:45] <vice-versa> or -
[08:11:51] <[shg]> Yeah, it was n
[08:12:52] <vice-versa> for all services?
[08:13:05] <[shg]> Yes
[08:13:10] <[shg]> All services chroot n
[08:13:26] <vice-versa> !obvious
[08:13:26] <knoba> vice-versa: "obvious" : look for obvious signs of trouble, egrep '(warning|error|fatal|panic):' /some/log/file See: !logs factoid if you're unsure of where your mail logs are located
[08:13:46] <[shg]> Mmm...
[08:14:35] <[shg]> !Pork
[08:14:36] <knoba> [shg]: Error: "Pork" is not a valid command.
[08:14:36] <[shg]> I mean
[08:14:38] <[shg]> !debug
[08:14:38] <knoba> [shg]: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .
[08:14:40] <[shg]> :P
[08:15:25] <[shg]> I added -v but doesn't really add much to maillog
[08:15:51] <[shg]> smtpd
[08:16:06] <vice-versa> it should
[08:16:24] <sysmonk> did ya restart?
[08:16:29] <sysmonk> postfix, that is
[08:16:32] <[shg]> I reloaded
[08:16:37] <[shg]> postfix that is
[08:17:14] <sysmonk> if you think that verbosity is not enough, you can add more vvvvvv's :)
[08:17:33] <[shg]> Oh ok
[08:17:39] <[shg]> Yeah, needed more v's
[08:17:40] <[shg]> :P
[08:17:42] <[shg]> Woa!! nice
[08:20:27] <[shg]> This is neat, shows exactly what it is doing.
[08:21:28] <vice-versa> s/\./ wrong\./ ;)
[08:21:46] <[shg]> That too!
[08:23:16] <[shg]> I see the hostname show up but not where it comes from.
[08:23:44] <[shg]> Oct 11 06:18:19 208-43-85-112 postfix/smtpd[21511]: dict_eval: const  208-43-85-112
[08:26:42] <vice-versa> postconf myhostname
[08:27:21] *** unique has joined #postfix
[08:28:58] <[shg]> that's in http://co.mmunity.us/postconf-n
[08:31:05] <[shg]> I posted the extended debug in http://co.mmunity.us/maillog
[08:31:37] <[shg]> You can see how the server hostname shows up as a const right below the mydomain variable
[08:32:16] <vice-versa> that's only partial though is it not?
[08:32:44] <vice-versa> as compared to the output from hostname -f
[08:32:53] <[shg]> That is correct.
[08:33:16] <[shg]> hostname -f would be the fully qualified hostname which includes the domain.
[08:34:38] *** [shg] has quit IRC
[08:35:03] *** [shg] has joined #postfix
[08:37:03] *** dragonheart has joined #postfix
[08:37:09] <vice-versa> grep ^virtual /etc/postfix/master.cf
[08:37:37] <[shg]> virtual   unix  -       n       n       -       -       virtual
[08:38:00] <vice-versa> that looks fine to me
[08:39:11] <[shg]> Why thank yuo
[08:42:40] <[shg]> I think I see
[08:42:50] <[shg]> At the very top, myhostname doesn't expand to anything
[08:43:25] <[shg]> However, lower it does which doesn't make sense to me.
[08:44:36] <[shg]> I don't get it!
[08:45:13] *** niki has joined #postfix
[08:47:26] <[shg]> Ok, no worries, the debug will help me later when I wake up.  If you tell me something while I'm sleep I will do it when I arise in the morning.
[08:47:31] <[shg]> Thanks for your direction
[08:49:24] *** rour has joined #postfix
[08:50:25] <unique> why is it that when i try to connect to telnet on port 25 nothing really happens..it connects me but i do not see any message.. this is my postconf -n: http://pastebin.com/d17b1eb09
[08:51:48] <vice-versa> on localhost?
[08:52:47] <sysmonk> my guess is alias database missing, but that should be in the logs
[08:59:17] <unique> i also see in my /var/log/maillog "warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling"
[08:59:21] <unique> what is that all about
[09:00:05] <vice-versa> !obvious
[09:00:06] <knoba> vice-versa: "obvious" : look for obvious signs of trouble, egrep '(warning|error|fatal|panic):' /some/log/file See: !logs factoid if you're unsure of where your mail logs are located
[09:00:56] <vice-versa> the actual problem is probably prior to that warning
[09:07:32] *** Rouri has joined #postfix
[09:16:14] *** lambda has joined #postfix
[09:21:19] *** rour has quit IRC
[09:23:02] <cite> Uh oh. It's a bad idea to mount the volume which contains Postfix's mail spool _and_ the smtpd's chrott with "noexec" ;-)
[09:25:41] *** madrescher has joined #postfix
[09:37:16] *** unique has quit IRC
[09:57:13] *** war9407 has joined #postfix
[10:23:59] *** tombar_ has quit IRC
[10:35:56] *** Fallenou has joined #postfix
[10:38:42] *** lambda has quit IRC
[10:39:34] *** hever has joined #postfix
[10:44:40] *** gregor2005 has quit IRC
[10:47:30] *** Motoko-chan has quit IRC
[10:53:42] *** m0niker has joined #postfix
[10:54:01] *** rmayorga has quit IRC
[10:57:14] *** rmayorga has joined #postfix
[11:08:10] *** cilly has joined #postfix
[11:24:07] *** sophokles has joined #postfix
[11:24:53] *** _Driver_ has quit IRC
[11:25:26] *** _Driver_ has joined #postfix
[11:33:35] *** m0niker has quit IRC
[11:36:43] <telmich> hello
[11:37:09] <telmich> is it possible to run multiple smtpd-processes in master.cf with different checks enabled?
[11:37:31] *** Tykling has joined #postfix
[11:42:18] *** Fallenou[oqp] has joined #postfix
[11:43:53] *** Fallenou has quit IRC
[12:03:55] *** fabounio has joined #postfix
[12:06:02] *** Fallenou[oqp] is now known as Fallenou
[12:07:42] <sysmonk> telmich: yes, but on different ip/port
[12:10:42] *** pirho has joined #postfix
[12:15:42] *** rour has joined #postfix
[12:17:05] *** dragonheart has quit IRC
[12:17:38] *** dragonheart has joined #postfix
[12:31:03] *** sophokles has quit IRC
[12:33:10] *** sophokles has joined #postfix
[12:33:58] *** Rouri has quit IRC
[12:34:01] *** Rouri has joined #postfix
[12:40:20] *** cilly has quit IRC
[12:49:08] *** rour has quit IRC
[13:06:03] *** Fallenou has quit IRC
[13:18:14] *** sophokles has quit IRC
[13:20:21] *** sophokles has joined #postfix
[13:20:26] *** inflex has joined #postfix
[13:20:38] <inflex> Hi, anyone an alterMIME + Postfix user for disclaimer insertions?
[13:22:22] * vice-versa growls at disclaimer insertions
[13:22:57] *** madrescher has quit IRC
[13:25:06] *** rour has joined #postfix
[13:27:32] *** madrescher has joined #postfix
[13:28:43] <inflex> yes,I know, tell me about it
[13:29:09] <inflex> I actually don't really see the point or approve, especially in the true sense of being a disclaimer (a consistent footer on the other hand that has -useful- information isn't so bad)
[13:29:21] <inflex> but those 1K long legalise drivel ones... ugh.
[13:35:47] *** Rouri has quit IRC
[13:36:30] *** denis_ has joined #postfix
[13:45:03] <vice-versa> it's the insertion part I dislike as it breaks signed messages :(
[13:45:49] <inflex> ugh, well, people should be using a setup that doesn't insert into signed messages
[13:47:13] *** Juspion has joined #postfix
[13:47:57] <inflex> (it's not that hard, altermime by default won't insert unless you explicitly force it via a command line parameter
[13:52:33] *** madrescher has quit IRC
[13:53:25] *** cilly has joined #postfix
[13:53:25] *** madrescher has joined #postfix
[13:56:43] *** kevc has quit IRC
[13:59:12] *** growltiger_ has joined #postfix
[13:59:56] *** ploploop has quit IRC
[14:05:22] *** Tykling has left #postfix
[14:06:54] *** dft has quit IRC
[14:09:34] *** Tykling has joined #postfix
[14:12:41] *** Severed_Head_Of_ has joined #postfix
[14:14:58] *** arkibott_ has joined #postfix
[14:15:27] *** madrescher has quit IRC
[14:22:34] *** growltiger has quit IRC
[14:29:14] *** growltiger_ has quit IRC
[14:32:48] *** denis_ has quit IRC
[14:37:46] *** brancaleone has joined #postfix
[14:51:59] *** Juspion has quit IRC
[15:07:52] *** cilly has quit IRC
[15:08:01] *** inflex has quit IRC
[15:16:08] *** cilly has joined #postfix
[15:27:53] *** xpoint has joined #postfix
[15:38:46] *** rour is now known as rouri
[15:39:29] *** cilly has quit IRC
[15:42:06] *** tombar has joined #postfix
[15:42:08] *** cilly has joined #postfix
[15:44:37] *** dragonheart has quit IRC
[15:48:04] *** [shg] has quit IRC
[15:48:15] *** [shg] has joined #postfix
[15:59:27] *** lera_zed has joined #postfix
[16:02:36] *** Fallenou has joined #postfix
[16:09:47] *** lera_zed has quit IRC
[16:13:35] *** mjon has joined #postfix
[16:14:30] *** lera_zed has joined #postfix
[16:29:59] *** tombar_ has joined #postfix
[16:40:12] *** madrescher has joined #postfix
[16:47:18] *** tombar has quit IRC
[16:51:32] *** rouri has quit IRC
[16:53:38] *** rouri has joined #postfix
[16:58:09] *** rouri has quit IRC
[17:01:41] *** Southron has joined #Postfix
[17:03:23] <rapha> I got Postgrey and the usual reject rules now. Is there any other (not too false-positives-prone) measure I should also take?
[17:04:50] *** a0x has joined #postfix
[17:05:29] <vice-versa> yes, don't get too aggressive with uce countermeasures
[17:06:08] *** lera_zed has quit IRC
[17:15:25] <rapha> so basically, "no"?
[17:20:08] <rob0> !cheatsheet
[17:20:09] <knoba> rob0: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[17:20:22] <rob0> (maybe that's what ou meant by "usual"?)
[17:36:33] *** sega01 has quit IRC
[17:40:28] *** sega01 has joined #postfix
[17:40:40] *** madrescher has quit IRC
[17:43:40] *** denis_ has joined #postfix
[17:47:58] *** Thorn_ has joined #postfix
[17:49:33] *** sophokles has quit IRC
[17:57:00] *** cilly has quit IRC
[17:57:07] *** lambda has joined #postfix
[18:02:06] *** cilly has joined #postfix
[18:03:09] <rapha> Cool, thanks knoba
[18:04:08] *** Thorn has quit IRC
[18:04:10] <rapha> Hismtpd -n smtp -t inet -u -o stress    inthe process list and get "fork: failed to allocate memory" every once in a while when working on the server? (top shows both mem and swap still free to some degreE)
[18:05:09] *** Bombo_ has joined #postfix
[18:05:54] *** Thorn_ is now known as Thorn
[18:08:02] *** Juspion has joined #postfix
[18:13:31] *** akke has joined #postfix
[18:14:20] <akke> a customer has a domain "dropbox.domain.com" where all bounces should be sent to. But he doesn't have a a server on dropbox.domain.com port 25. We need an application that just accepts all messages at port 25 and send them to /dev/null
[18:14:25] <akke> anyone know of anything like that?
[18:17:12] *** Bombo has quit IRC
[18:17:12] *** Bombo_ is now known as Bombo
[18:17:38] *** denis_ has quit IRC
[18:18:45] *** Paul_UK has joined #postfix
[18:19:36] <Paul_UK> hi all.  i have to setup some redundancy for an exchange server.  what i am going to do is have 2 mx records 1 for the exchange another for the postfix box.  so if the exchange box is down, mail goes to the postfix so users can use a webgui to view them.
[18:20:24] <Paul_UK> my question is this.  once the exchange server is back up.  whats the best way for the email to be routed to the exchange server?
[18:20:51] <Paul_UK> from the postfix box.
[18:21:18] *** BeerSerc has left #postfix
[18:21:27] <Trengo> if the mail is queued for delivery for the exchange, it will do it on its own
[18:21:29] <deface> pop2exchange
[18:21:54] <deface> Paul_UK: set that up on the exchange server, it'll poll the postfix, and drop it to there box
[18:22:35] <deface> SmartPop2Exchange .. very good program
[18:23:38] <Paul_UK> deface.  ok so to clarify, exchange box goes down.  mx record send email to postfix.  users can then view messages on postfix box via gui.  exchange box comes back online and then pop2exchange moves messages from postfix onto exchange.  emails appear in users outlook on desktop?
[18:23:54] <deface> yessur
[18:24:04] <deface> i run it on bout 50 of my clients servers
[18:24:23] <deface> just because you have a 2nd mx, doesnt mean mail always hits mx1 first
[18:24:38] <Paul_UK> deface, you rock.  i can set all this up.  but my stumbling block was the postfix mailboxes delivering to exchange once it was up.
[18:24:46] <deface> so you'll also have some being sent directly to postfix .. so in this event, pop2exchange will poll postfix on an interval .. 2 min or so
[18:25:25] <deface> you may want to specify 2 A records for your webmail.domain.com
[18:25:47] <deface> so if exchange.domain.com = is down, they'll get pushed to postfix.domain.com
[18:25:57] <Paul_UK> sure
[18:25:58] *** mjon has quit IRC
[18:26:09] <deface> rather than users having to remember 2 seperate webmail addresses
[18:26:27] <Paul_UK> deface is this per domain or per user for the pop2exchange
[18:26:38] <deface> per user
[18:26:55] <deface> you can have it poll unlimited pop3/imap accounts and drop them to exchange
[18:27:19] <sahil> *shudder* ... exchange.
[18:27:32] <Paul_UK> deface, ok hmm which one is it.  SmartPop2Exchange or pop2exchange as i have numerous google links
[18:28:01] <rob0> akke, it's a FAQ by people who don't understand how email should work. What are these bounces, and why should they be discarded? Sounds spammy, in fact.
[18:28:40] <akke> rob0: it's because he sends a large amount of bulk mail (no spam) and lots of the users have autoresponders (vacation etc..)
[18:29:11] <deface> Paul_UK: check out smartpop2exchange
[18:29:22] <deface> i was just being general in the program idea .. w/ pop2exchange ;)
[18:29:27] <rob0> It's amusing, a Web GUI on a Postfix box to view mail while MSexChange is down? Why not just lose the MSexChange?
[18:29:41] <Paul_UK> deface: is that the one you use?
[18:29:42] <deface> because exchange pwns postfix
[18:29:50] <deface> Paul_UK: i use a few different ones
[18:30:01] <deface> there is a pop2exchange built into GFI's mail essentials
[18:30:01] <Paul_UK> deface, which one is the best.  i just want something that i know will work
[18:30:12] <deface> smart pop
[18:30:16] <deface> costs some $$ though
[18:30:31] <Paul_UK> deface, its ok.  the client will pay.
[18:30:32] <deface> i dont know of any free ones
[18:30:35] <deface> tru
[18:31:49] <deface> d/l the demo and take a peep at it
[18:31:53] <rapha> Good day deface!
[18:32:14] <Paul_UK> deface, i will do.  thanks very much for helping me out!
[18:32:16] <deface> sup rapha, how'd it go ?
[18:32:19] <deface> np Paul_UK
[18:34:26] <deface> rapha: you get it back up? .. haa
[18:35:07] <rob0> akke, transport(5), transport_maps, discard(8)
[18:35:48] <rapha> deface: indeed I did! I had been so tired that I hadn't seen there _wasn't_ any TLS config in main.cf - so how could it work? :-) (plus, ssmptd was disabled in master.cf)
[18:36:29] <rapha> The upside is that now I'm motivated to implement sensible anti-spam measures.
[18:36:46] <deface> i dont get spam
[18:36:55] <rapha> Lucky you...
[18:37:00] <xpoint> deface, want more ?
[18:37:08] <rapha> heheh
[18:37:13] <deface> xpoint: bring it on ;)
[18:37:36] <xpoint> policyd kills the fun
[18:37:44] *** Paul_UK has left #postfix
[18:37:52] <deface> rapha: want my main.cf ?
[18:38:03] <deface> just a few postfix options stop alot at the gateway
[18:38:18] <deface> and for those that pass through that, and greylisting .. it gets to mailscanner
[18:38:54] <xpoint> mailscanner and postfix yark
[18:39:02] <jduggan> xpoint is a hater
[18:39:04] <jduggan> :S
[18:39:31] *** AcTiVaTe has quit IRC
[18:39:34] <xpoint> i will use mailscanner i would use sendmail
[18:39:56] <xpoint> not bloatware as postfix <vbg>
[18:40:21] <rapha> deface: sure, show!
[18:40:49] *** lambda has quit IRC
[18:40:57] <rapha> xpoint: "i will use mailscanner i would use sendmail" - you should rephrase that
[18:41:33] <deface> sounds like something out of a dr. seuss book
[18:42:07] <deface> rapha: http://rafb.net/p/FKhynJ14.html
[18:42:13] * rapha takes a look
[18:42:47] <rapha> Flux Labs sounds like Back To The Future
[18:42:56] <deface> ha
[18:43:03] <deface> thats my company
[18:43:08] <rapha> oh ic
[18:43:35] <rapha> fluxlabs.com?
[18:43:41] <deface> .net
[18:43:45] <deface> .com is graphics .. i think
[18:43:53] <deface> havent posted new site .. still working on it
[18:43:55] <rapha> yeah
[18:43:58] <rapha> print and interactive design
[18:44:10] <rapha> hahah
[18:44:10] <rapha> hahyou got "Under Development"
[18:44:15] <rapha> very 1990 :-)
[18:44:40] <rapha> should add one of those construction men
[18:44:41] <deface> default root skel dir ..
[18:44:45] <deface> w/ the hat ?
[18:44:46] <deface> haa
[18:44:48] *** chadmaynard_ has joined #postfix
[18:44:59] <rapha> w/ or w/o ... but does need a shovel
[18:45:11] <deface> definately
[18:46:48] <rapha> oh, can you show your header_checks? and all the pcre and hash stuff, too? :-)
[18:47:28] <rapha> and is that postgrey running on 2501?
[18:47:32] <deface> http://zeus.fluxlabs.net/~jeremy/
[18:47:39] <rapha> kewl thx
[18:47:40] <deface> sqlgrey
[18:47:46] <rapha> k
[18:47:46] <deface> there is a postfix.tar.gz file
[18:48:05] <rapha> got it!
[18:48:21] <deface> only thing ive found so far, is i need to setup a truncate for the connect db on sql grey .. on say an @nightly crontab
[18:49:10] <deface> the sqlgrey web gui .. has a 'view' option for the connect table .. sucks shit when you've got to load say 75000 entries .. it doesnt split per page .. 1 single .. hella long
[18:49:37] <rapha> wow
[18:49:52] 
[18:50:17] <deface> just noticed i was missing a , at reject_rbl_client pbl.spamhaus.org
[18:50:29] <deface> although u can remove both pbl & sbl .. zen covers them both
[18:50:49] <rapha> received my /msg?
[18:50:50] <xpoint> sqlgrey is 42 from postgrey
[18:51:20] <rapha> xpoint dude, you read too much douglas adams
[18:51:24] <jduggan> heh
[18:51:37] <jduggan> xpoint: what you got against policyd? =[
[18:54:24] <xpoint> jduggan, it uses myisam
[18:54:41] <jduggan> so?
[18:54:42] <jduggan> :)
[18:54:48] <xpoint> my working patch to 1.80 use innodb
[18:55:07] <jduggan> i meant v2
[18:55:08] <jduggan> =]
[18:55:15] <xpoint> do i care ?
[18:55:24] <jduggan> i'm just askin..
[18:55:33] <xpoint> and i am 42
[18:55:44] <jduggan> LOLZ
[18:55:46] <jduggan> dude
[18:56:21] <xpoint> if i am cool i would remove need for goto in c
[18:59:01] <xpoint> http://bugs.gentoo.org/buglist.cgi?quicksearch=policyd jduggan
[18:59:34] <deface> ok, postfix.tar.gz updated .. and keys removed
[18:59:41] <deface> although they were dummy keys .. ;)
[19:00:00] <xpoint> deface, thanks
[19:00:16] <deface> thanks for those who pointed it out
[19:00:22] <xpoint> np
[19:01:02] *** Juspion has quit IRC
[19:02:17] <rapha> oh boy
[19:02:37] <rapha> I really wish you could split off all the NOQUEUE and related messages into a separate log
[19:03:54] <deface> grep/echo
[19:04:09] <sahil> rapha: you can with just a novice understanding of grep and some other UNIX basics.
[19:04:18] *** chadmaynard_ has quit IRC
[19:04:50] <Trengo> i remember the guy did sqlite used it to save logs
[19:05:08] <Trengo> you can then look at them with SQL
[19:06:05] <xpoint> jduggan, i plan make a recipient sender whitelist into 1.80, why none so far have done this is beyoung me
[19:06:12] *** devdas has joined #postfix
[19:06:46] <rapha> sahil: I don't want to filter it out after it has been written. I want it not to get written in there.
[19:07:19] <sahil> rapha: that's silly; read a few posts by the author of Postfix on the mailing list to understand why.
[19:07:24] <jduggan> xpoint: because nobody actively develops 1.x
[19:07:34] <rapha> sahil: google search word / url?
[19:07:37] <jduggan> xpoint: patches are welcome..
[19:07:42] <jduggan> :D
[19:07:43] <xpoint> jduggan, sad
[19:07:54] <jduggan> xpoint: yes
[19:08:25] * sahil is not here to spoonfeed, thanks.
[19:08:26] <xpoint> seen facebook make random helo pr ip
[19:08:53] <jduggan> ic
[19:08:58] * xpoint have blamed the postmaster
[19:09:06] <jduggan> did you email?
[19:09:07] <jduggan> =]
[19:09:13] <jduggan> postmaster@
[19:09:24] <xpoint> my policyd got them blocked
[19:09:34] <rapha> pft
[19:09:49] <rapha> that's arrogant and as childish as spoonfeeding would be
[19:09:51] <rapha> nm tho
[19:10:42] <xpoint> rapha, yes i tempfail, so i have 5 days to fix my errors :)
[19:13:02] <xpoint> jduggan, do you belive policyd v2 will be rewrited to c later ?
[19:13:27] <rapha> xpoint :-)
[19:13:37] *** akke has quit IRC
[19:13:40] <devdas> xpoint: only when the performance demands it
[19:14:23] <xpoint> devdas, do you say that amavisd should be rewrited to c now ?
[19:14:53] <devdas> xpoint: not really
[19:15:06] <xpoint> what about spamasassin
[19:15:27] <devdas> SA is already partially C
[19:15:42] <xpoint> 1% is
[19:16:16] <devdas> How often do you need C for raw performance, ignoring startup costs?
[19:16:40] <xpoint> i dont belive performance wins over flexibilities
[19:17:44] <xpoint> jduggan, yes maybe you can write to postmaster@ if you want facebook emails :)
[19:18:26] <devdas> Perl is _extremely_ fast and performant when dealing with text
[19:18:47] * devdas is looking into replacing Postfix with qpsmtpd on his spamtraps next week
[19:18:50] <Bombo> hi
[19:19:09] <xpoint> jduggan, always bad excuses when mailservers is badly configured, where internal failback_relay is in use in there sendmail power boxes
[19:19:55] <xpoint> devdas, policyd v1
[19:19:59] *** fabounio has quit IRC
[19:20:06] <Bombo> i'm trying to get postfix sasl auth to run via courier authdaemon, i get the message in the syslog: "postfix/smtpd[28324]: warning: SASL authentication failure: cannot connect to Courier authdaemond: Connection refused"
[19:20:11] <xpoint> no need to use perl devdas
[19:20:31] <devdas> xpoint: and?
[19:20:35] <Bombo> i straced it and found this: "connect(17, {sa_family=AF_FILE, path="/dev/null"}, 110) = -1 ECONNREFUSED (Connection refused)
[19:20:40] <devdas> Why C?
[19:20:57] <devdas> Connect to /dev/null refused?
[19:21:05] <Bombo> any suggestions?
[19:21:06] <devdas> xpoint: or perhaps, why not Perl?
[19:21:21] <devdas> Bombo: is authdaemond running?
[19:21:21] <xpoint> devdas, perl is overkill there
[19:21:29] <Bombo> devdas: yes
[19:21:35] <devdas> xpoint: for a policy daemon?
[19:21:38] <devdas> Not really
[19:21:47] <Bombo> (i did ln /dev/null /var/spool/postfix/dev/null, but didnt help)
[19:21:49] <devdas> Nigel chose Perl for rapid development
[19:21:52] <xpoint> Bombo, where is authdaemond socket
[19:21:57] <devdas> !chroot
[19:21:58] <knoba> devdas: "chroot" : The fifth column in master.cf, if not n , means that the Postfix process described on that line runs in a chroot, see !debug , !queue_directory and files in the examples/chroot-setup subdirectory of the Postfix source archive which show examples of a Postfix chroot environment on a variety of systems
[19:22:39] <Bombo> /var/run/courier/authdaemon/
[19:23:00] <xpoint> Bombo, smtpd.conf need to know it
[19:23:00] <rob0> Symbolic links can't go outside a chroot.
[19:23:09] <rob0> 17:22 < Bombo> (i did ln /dev/null /var/spool/postfix/dev/null, but didnt help)
[19:23:29] <rob0> you could mknod it inside the chroot, perhaps
[19:23:56] <rapha> , what did you put it in for?
[19:24:05] <Bombo> i linked the socket too ln /var/run/courier/authdaemon/socket /var/spool/postfix/var/run/courier/authdaemon/socket
[19:24:08] <rapha> deface: the /^Received:/ HOLD, what did you put it in for?
[19:24:24] <xpoint> rapha, mailscanner
[19:24:43] <xpoint> did i say mailscanner sooks ? :)
[19:24:47] <rob0> I just say, if you don't know how to set up a chroot, unchroot your Postfix. Done.
[19:24:53] <deface> yeah, rapha MailScanner
[19:24:57] <deface> you can remove that if your not going to use it
[19:25:57] <Bombo> got authdaemond_path:/var/run/courier/authdaemon/socket
[19:26:04] *** m0f0x is now known as colesterol_dog
[19:26:47] <Bombo> ok i'll try to get rid of the chroot
[19:27:39] <Bombo> its just one line in master.cf right?
[19:27:39] <rapha> deface: yeah because i just noticed that it actually holds emails :-)
[19:27:42] <Bombo> smtp      inet  n       -       n       -       -       smtpd
[19:27:56] <deface> rapha: yeah, then mailscanner picks it up
[19:28:08] <Bombo> ok restarted postfix
[19:29:18] <deface> someone type my nick .. testing sound
[19:29:20] <deface> :)
[19:30:52] *** lera_zed has joined #postfix
[19:31:16] *** cilly has quit IRC
[19:31:47] <Bombo> deface: no ;)
[19:31:56] <deface> oh wait, had speaks down .. again  please
[19:32:01] <Bombo> connect(15, {sa_family=AF_FILE, path="/var/run/courier/authdaemon/socket"}, 110) = -1 EACCES (Permission denied)
[19:32:14] <Bombo> deface: *ding*
[19:32:18] <deface> hmms
[19:32:39] <Bombo> srwxrwxrwx 1 postfix root 0 2008-10-11 18:54 /var/run/courier/authdaemon/socket
[19:32:53] <Bombo> any ideas?
[19:33:05] *** higuita has joined #postfix
[19:34:46] <Bombo> doh, drwxr-x--- 2 daemon daemon 1024 2008-10-11 18:54 authdaemon
[19:35:06] <Bombo> now it works, chmod to postfix
[19:35:30] <deface> chown
[19:35:36] <Bombo> indeed
[19:37:30] *** fabounio has joined #postfix
[19:40:03] *** a0x has quit IRC
[19:40:33] *** lera_zed has quit IRC
[19:41:28] <xpoint> Bombo, restart courier-authlib :)
[19:41:44] <xpoint> if it still works
[19:41:52] *** a0x has joined #postfix
[19:43:21] *** hever has quit IRC
[19:43:47] *** Internat has quit IRC
[19:45:51] *** lera_zed has joined #postfix
[19:46:20] <rapha> k, implemented most of your stuff now, deface
[19:47:20] <rapha> now i'm down to 5 of those "smtpd stress" processes and don't get any fork: coulnt allocate memory notices anymore. much better.
[19:47:45] <deface> eh?
[19:49:16] <rapha> that happened a couple of hours ago
[19:49:38] <deface> how much ram in the box ?
[19:50:37] <rapha> 384MB, plus about 3.5Gig  swap, so it should be fine
[19:50:49] <rapha> But it's a vserver, so it might be related to that
[19:51:00] <deface> swap shouldnt be more than 2x your system ram
[19:51:30] *** devdas has quit IRC
[19:51:32] <rapha> I gess that's because of it being virtual - has been chosen by the hosting company, not me
[19:51:57] <rapha> we'll buy a real box in a couple of weeks anyways, but only when OpenBSD 3.4 is out.
[19:52:01] <rapha> erm
[19:52:05] <rapha> 4.4 even
[19:52:17] <rapha> s/buy/rent
[19:52:28] <deface> fbsd > o
[19:53:46] <rapha> heheh
[19:54:23] <rapha> now _that_s a matter of taste
[19:54:43] <rapha> and i find those 2 remote holes in 10 years in the default install hard to argue with
[19:55:11] <deface> because the system is so unused .. no one bothered looking for holes
[19:55:20] <rapha> don't think that
[19:55:28] <rapha> there's enough ppl using openbsd
[19:56:00] *** Zeit|awy has quit IRC
[19:57:35] *** barnie has quit IRC
[19:58:24] *** barnie has joined #postfix
[19:59:52] <lera_zed> rapha: openbsd spamd is unbeatable - there's nothing like that in linux world
[20:00:12] <lera_zed> at least in non-commercial part of it
[20:00:22] *** denis_ has joined #postfix
[20:00:27] *** amrit is now known as amrit|car
[20:00:59] <rapha> lera_zed: good to know :-)(
[20:01:17] <Trengo> spamd is the spamassassin daemon?
[20:01:24] <Bombo> hmmm
[20:01:46] <lera_zed> rapha: really, together with carp and pfsync - you can make solution which will have no competitors :)
[20:01:48] <Bombo> what type of pw does postfix need in the userdb?
[20:01:51] *** cilly has joined #postfix
[20:01:53] <lera_zed> Trengo: nope
[20:02:03] <Bombo> userdbpw -md5 or -hmac-md5
[20:02:27] <lera_zed> Trengo: http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
[20:02:51] <Bombo> or -hmac-sha1
[20:02:58] <Trengo> then there's a name conflict, which sucks too
[20:03:29] <lera_zed> Trengo: there are a plenty of name conflicts all around :)
[20:04:00] <Bombo> anyone using postfix/courier with courier authdaemon? do i need to add a new user with -md5 or -hmac-md5 or -hmac-sha1?
[20:04:02] <rapha> lera_zed: I said, when we're going to have a real server (as in, not a stripped-down vvirtual box, but some real metal), then I also want to make it as secure as possible
[20:04:22] *** Zeit|awy has joined #postfix
[20:07:22] <rapha> lera_zed: wow, spamd sounds mean... i like the tarpit thing :-)
[20:08:17] <lera_zed> rapha: yeah, people do install it in front of exchange (sorry for offtopic :) ) to make it sane :)
[20:13:01] *** a0x has quit IRC
[20:14:16] *** lera_zed has quit IRC
[20:19:07] <Bombo> crap postfix needs 'userdbpw -hmac-md5 | userdb $MAILUSER set hmac-md5pw' and courier needs 'userdbpw -md5 | userdb $MAILUSER set systempw'
[20:19:27] <rapha> deface: http://distrowatch.com/table.php?distribution=openbsd take a look there - i'd hardly call that "unknown"
[20:19:41] <Bombo> so if i add a ne user i must type the pw 4 times
[20:19:52] <rapha> lera_zed: i think anybody can be glad if they don't have to run exchange at all
[20:21:40] <deface> pfff
[20:25:03] *** hever has joined #postfix
[20:28:27] *** internat85 has joined #postfix
[20:35:24] <rapha> sorry, didn't mean to hurt your feelings, deface
[20:35:28] *** tsop has quit IRC
[20:35:31] <deface> ;)
[20:37:19] *** arkibott_ has quit IRC
[20:50:33] *** Fallenou has quit IRC
[21:00:02] *** rcsu has joined #postfix
[21:01:43] *** fabounio has quit IRC
[21:10:11] *** lambda has joined #postfix
[21:11:29] *** _matt has joined #postfix
[21:21:21] *** _matt is now known as matt_
[21:27:24] <rcsu> !ping
[21:27:25] <knoba> pong
[21:30:51] *** jwit_ has joined #postfix
[21:31:13] *** jwit has quit IRC
[21:36:15] <rob0> !pong
[21:36:16] <knoba> rob0: Error: "pong" is not a valid command.
[21:39:11] <rcsu> rob0: that was a simple test wether i receive something
[21:42:45] *** gutocarvalho has joined #postfix
[21:43:30] <rob0> !syn
[21:43:30] <knoba> rob0: Error: "syn" is not a valid command.
[21:43:39] <rob0> !learn syn as ack
[21:43:41] <rob0> !syn
[21:43:42] <knoba> rob0: "syn" : ack
[21:44:29] <rob0> !ehlo
[21:44:30] <knoba> rob0: Error: "ehlo" is not a valid command.
[21:44:35] <rob0> !helo
[21:44:36] <knoba> rob0: Error: "helo" is not a valid command.
[21:44:52] <rob0> afk :)
[22:04:54] *** BuenGenio has joined #postfix
[22:06:00] *** hever has quit IRC
[22:06:08] *** Severed_Head_Of_ is now known as growltiger
[22:11:01] *** Lap_64 has joined #postfix
[22:12:53] *** BuenGenio has quit IRC
[22:13:23] *** BuenGenio has joined #postfix
[22:18:16] *** allisonvoll has joined #postfix
[22:18:49] *** ikaro has quit IRC
[22:18:58] *** [shg] has quit IRC
[22:19:08] *** Lap_64 has quit IRC
[22:22:54] *** Lap_64 has joined #postfix
[22:38:17] *** BuenGenio has quit IRC
[22:39:28] *** BuenGenio has joined #postfix
[22:40:12] *** Juspion has joined #postfix
[22:46:10] <sahil> heh
[22:46:17] <sahil> !annoying
[22:46:18] <knoba> sahil: Error: "annoying" is not a valid command.
[22:47:03] <sahil> !smtp!=smtpd
[22:47:04] <knoba> sahil: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[22:49:14] *** BuenGenio has quit IRC
[22:49:29] *** BuenGenio has joined #postfix
[22:49:59] *** lambda has quit IRC
[22:52:55] *** cilly has quit IRC
[22:54:29] *** BuenGenio has quit IRC
[22:54:42] *** BuenGenio has joined #postfix
[22:59:35] *** BuenGenio has quit IRC
[23:00:11] *** BuenGenio has joined #postfix
[23:03:25] *** xous has quit IRC
[23:03:25] *** Juspion has quit IRC
[23:03:32] *** Lap_64 has quit IRC
[23:08:27] *** xous has joined #postfix
[23:10:09] *** BuenGenio has quit IRC
[23:10:25] *** BuenGenio has joined #postfix
[23:11:14] *** mdige has joined #postfix
[23:11:48] *** m_dige has joined #postfix
[23:15:19] *** BuenGenio has quit IRC
[23:15:48] *** BuenGenio has joined #postfix
[23:16:24] *** BuenGenio has quit IRC
[23:19:14] <m_dige> Hi guys. I am new to postfix. Is it always necessary to have a mydomain set in main.cf ?
[23:19:51] <m_dige> e.g the server I am running postfix on. I really want all domains to be virtual mailbox
[23:23:01] *** tombar_ has quit IRC
[23:23:04] *** allisonvoll has quit IRC
[23:23:25] *** allisonvoll has joined #postfix
[23:24:02] <m_dige> so no need for user accounts on the server
[23:24:26] *** BuenGenio has joined #postfix
[23:30:55] *** rouri has joined #postfix
[23:32:02] *** ikaro has joined #postfix
[23:32:02] *** rcsu has quit IRC
[23:34:00] *** allisonvoll has quit IRC
[23:39:13] *** rouri has quit IRC
[23:49:46] <vice-versa> !tell m_dige virtual
[23:49:48] <knoba> m_dige: -> "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[23:51:04] <m_dige> vice-versa: I have allready ready read it. But don't I still need to have a mydomain an myhost set in main.cf ?
[23:52:08] <vice-versa> not necessarily, postfix will use the fqdn of the host if it's not set
[23:53:57] <m_dige> vice-versa: okay. And if I set mydomain and myhost postfix thinks that the domain set in those are not virtual mailboxes right ?
[23:57:07] <vice-versa> correct
[23:59:36] <m_dige> vice-versa: thanks for clarifying. So if I want virtual mailbox for example.com and the server I run postfix on is host1.example.com then I DO NOT set mydomain and myhost and then I can use virtual mailbox for example.com





top