[00:00:54] <m4r71x> vice-versa: not yet, I need to go to a datacenter later and get resolved this problem :(
[00:00:56] *** kipler has left #postfix
[00:02:08] <m4r71x> Optional address that receives a "blind carbon copy" of each message that is received by the Postfix mail system.
[00:03:33] *** felix-da-catz is now known as felix-da-catz_zz
[00:03:46] *** eanxgeek has quit IRC
[00:10:55] *** madrescher has quit IRC
[00:12:53] *** Fallenou has joined #postfix
[00:19:57] *** Sephiroth_ has quit IRC
[00:20:54] <m4r71x> vice-versa:  always_bcc = address   Deliver a copy of all mail to the specified address. In Postfix versions before 2.1  <--- I think this is my solution
[00:21:02] <m4r71x> "Deliver A copy..."
[00:21:19] *** Sephiroth_ has joined #postfix
[00:24:22] *** Drezard_ has quit IRC
[00:27:36] *** grzybowski has joined #postfix
[00:28:40] *** githogori_ has quit IRC
[00:28:43] <grzybowski> good night... is there a way to send e-mails from different domain from certainly ips? abc.com send from IP Y and xyz.com from IP Z?
[00:29:42] *** githogori_ has joined #postfix
[00:31:01] <growltiger> yes
[00:31:53] <grzybowski> growltiger: where should i look? i tried setting differents "smtp" entires in master.cf but i doesn't seems to work
[00:32:00] <grzybowski> *entries
[00:34:19] *** eanxgeek has joined #postfix
[00:34:54] *** eanxgeek has left #postfix
[00:41:01] <growltiger> i dont know how, i just know you can
[00:43:19] <grzybowski> ok, thanks
[00:51:23] *** war9407 has quit IRC
[00:52:57] *** A|3x has joined #postfix
[00:53:01] *** pickcoder has quit IRC
[00:53:02] <A|3x> hi
[00:53:53] *** xnixan has joined #postfix
[00:53:53] <A|3x> for some reason i started getting "Connection refused" from hotmail, yahoo, gmail smtp servers, what could be wrong?
[00:54:56] <vice-versa> they got tired of your shenanigans I guess
[00:57:07] <A|3x> i have very low email traffic, 12 messages/hour
[00:57:16] <A|3x> how can that be possible
[00:58:42] <vice-versa> you'll have to take that up with them
[00:59:55] *** deadpigeon has quit IRC
[01:01:03] <A|3x> my PTR record seems to be in order, strange...
[01:19:11] *** Zelest has quit IRC
[01:27:21] <lunaphyte> grzybowski: smtp_bind_address along with transport maps.
[01:28:28] <grzybowski> lunaphyte: do you have any example about how? i already tried to use transport maps without lucky
[01:29:48] <grzybowski> domain.com smtp -o smtp_bind_address=IP:   , does that work? option inside transport
[01:30:23] <lunaphyte> you'll have to set up entries in master.cf for each domain.
[01:31:00] <grzybowski> IP:smtp .... smtpd -o smtp_bind_address=IP , you mean that?
[01:33:12] <lunaphyte> !tell grzybowski smtp!=smtpd
[01:33:20] <lunaphyte> !smtp!=smtpd
[01:33:21] <knoba> lunaphyte: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[01:36:02] <grzybowski> lunaphyte: so, if i get it... i should have an entry for transport and another one in master.cf for each domain<-> ip?
[01:36:10] <grzybowski> transport: domain.com smtp:IP
[01:36:47] <lunaphyte> the entry in your transport map should reference the transport name in master.cf
[01:36:49] <grzybowski> IP:smtp inet .... smtp -o smtp_bind_adres=X
[01:40:09] *** weedar has quit IRC
[01:40:17] <lunaphyte> special-smtp inet ... smtp -o smtp_bind_address=1.2.3.4
[01:41:03] <grzybowski> oh, i see, and the transport would call domain.com special-smtp: , right?
[01:41:15] <lunaphyte> right
[01:41:35] <grzybowski> lunaphyte: ok, thank you a lot :)
[01:41:48] <lunaphyte> sure thing.
[01:47:02] *** denis_ has quit IRC
[01:48:29] <grzybowski> lunaphyte: 0.0.0.0:plug-smtp: Servname not supported for ai_socktype am I missing something? i know this error seems to be very clear but...
[01:56:11] <lunaphyte> what have you got in your transport table, and how are you referencing it in your config?
[01:58:08] *** [shg] has joined #postfix
[01:58:40] <grzybowski> plug-smtp      inet  n       -       -       -       -       smtp -o smtp_bind_address=64.56.64.17
[01:58:43] <grzybowski> it is in my master
[01:59:04] <grzybowski> domain.com     plug-smtp:
[01:59:15] <grzybowski> and that on my transports
[02:00:03] <grzybowski> i am doing something very wrong but i dont know what , yet :D
[02:06:04] *** saurabhb has joined #postfix
[02:14:14] *** ThersiT has joined #Postfix
[02:14:31] *** ThersiT has quit IRC
[02:19:59] *** Zelest has joined #postfix
[02:44:34] *** ming_zym has joined #postfix
[02:49:18] *** xnixan has quit IRC
[02:50:04] *** CrazyFoam has quit IRC
[02:51:56] *** CrazyFoam has joined #postfix
[03:09:51] *** loompek has quit IRC
[03:10:42] *** Fallenou has quit IRC
[03:23:50] *** jeffspeff has joined #postfix
[03:25:56] *** dft has joined #postfix
[03:55:44] *** _bugz_ has quit IRC
[03:57:55] *** chadmaynard has quit IRC
[04:04:40] *** A|3x has quit IRC
[04:11:07] *** pitakill has joined #postfix
[04:12:14] *** AntreKotik has joined #postfix
[04:15:23] <AntreKotik> Hello there!!! I was trying to do HELO check via pcre and it is working (I can see mails being rejected) but there are lines in log like this -- Oct 17 10:04:24 mail postfix/smtpd[8342]: warning: regexp map /etc/postfix/check-lists/helo_checks, line 5: ignoring unrecognized request.... Are they unavoidable?
[04:15:59] <AntreKotik> I can see the checks working though... may be I should leave it as it is?
[04:23:12] *** mavrick61 has quit IRC
[04:24:21] *** mavrick61 has joined #postfix
[04:25:34] <rob0> That sounds like the kind of error you would get with incorrect / improper syntax on line 5.
[04:25:38] <deface> whats your helo_checks look like
[04:25:46] <deface> yups -^
[04:26:25] *** pirho has quit IRC
[04:26:50] <rob0> "Captain Oveur, I have an emergency call from a Mr. Hamm on line 5." "Okay, give me Hamm on 5, hold the Mayo."
[04:27:11] *** jeffspeff has quit IRC
[04:28:36] <AntreKotik> just a second... but I can see the mails being rejected... so they seem to be working those pcre's
[04:28:42] *** flourish_ has joined #postfix
[04:28:52] *** flourish_ has left #postfix
[04:30:25] <AntreKotik> here  /192\.168\.0\.\d+/             OK
[04:34:57] *** guilherme-jorge has joined #postfix
[04:35:42] *** xpoint has quit IRC
[04:45:05] *** Juspion has joined #postfix
[04:49:37] *** m0f0x has joined #postfix
[05:11:13] *** _bugz_ has joined #postfix
[05:17:23] <AntreKotik> I did it! I'm poor stupid soul... I left some other expressions without \ and /...
[05:21:31] *** looner has joined #postfix
[05:24:21] *** Haris1 has joined #postfix
[05:25:25] *** goldfischli has joined #postfix
[05:27:54] <cite> Good morning.
[05:30:29] *** Motoko-chan has joined #postfix
[05:30:57] *** cite has quit IRC
[05:33:11] *** growltiger_ has joined #postfix
[05:33:33] *** cite has joined #postfix
[05:41:00] *** goldfisc1li has quit IRC
[05:43:54] *** RaymondBeaudoin has joined #postfix
[05:44:00] <RaymondBeaudoin> Hello
[05:44:09] <RaymondBeaudoin> Is anyone available?
[05:44:39] <RaymondBeaudoin> Hello, it's great to meet all of you, is anyone still available?
[05:45:37] <Motoko-chan> No, everyone is gone.
[05:46:29] <RaymondBeaudoin> =/ Will anyone be back anytime soon?
[05:46:39] <Motoko-chan> Dunno. I think they went to lunch.
[05:46:46] <RaymondBeaudoin> I'm in desperate need of help, though I'm sure you here that quite often.
[05:46:50] <Motoko-chan> General hint: Ask your question and someone will help
[05:47:01] <RaymondBeaudoin> Thank you
[05:47:43] <RaymondBeaudoin> I was following "Signum's" tutorial on creating an ISP-style email server and got to the point of testing the email system.
[05:47:51] <RaymondBeaudoin> when I did however though, it failed in the logs
[05:47:54] *** growltiger has quit IRC
[05:48:19] <RaymondBeaudoin> First it stated that you could not have mydestination and virtualalias as the same domain, and after changing my destination to localhost
[05:48:38] <RaymondBeaudoin> everything is bouncing =/
[05:49:00] *** Juspion has quit IRC
[05:49:14] <RaymondBeaudoin> I've spent quite a few hours on this and I laugh at myself knowing someone will see an immediate mistake I've made, but it's extremely important to me.
[05:49:23] <RaymondBeaudoin> Better Motoko?
[05:49:31] <RaymondBeaudoin> Do you think anyone will be back in the next hour?
[05:50:08] <Motoko-chan> Do you need virtual users?
[05:50:29] <RaymondBeaudoin> Yes, I believe so at least.
[05:50:33] <Motoko-chan> One sec...
[05:50:55] <Motoko-chan> http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL
[05:51:02] <Motoko-chan> Good guide.
[05:51:44] <RaymondBeaudoin> Mm it doesn't look to be for Debian though, is it?
[05:51:49] <RaymondBeaudoin> I was following, http://workaround.org/articles/ispmail-etch/#virtual-alias-maps
[05:52:01] <Motoko-chan> You should be able to follow the guide with some changes.
[05:52:01] <RaymondBeaudoin> And it seems to also be a great guide, but I feel I must have gone wrong somewhere
[05:52:12] <RaymondBeaudoin> Does Signum come on often?
[05:52:57] <RaymondBeaudoin> My biggest fear is following the guide and changing something that would end up worsening the situation.
[05:53:02] <Motoko-chan> Not sure, I don't follow users in here.
[05:53:11] <Motoko-chan> If it isn't production, play.
[05:53:21] <Motoko-chan> If it is production, why are you doing this in production?
[05:54:16] <RaymondBeaudoin> Because I could find no other guide to building an email system, and it was important to have a pop/imap system for users of domains on the server.
[05:54:54] <Motoko-chan> Is it production?
[05:54:55] *** m0f0x has quit IRC
[05:55:24] <RaymondBeaudoin> Yes, unfortunately, but I have until the end of the weekend to fix the situation.
[05:55:37] <Motoko-chan> Try starting from scratch with the guide I linked.
[05:55:42] <Motoko-chan> I've used it, it works well.
[05:56:04] <RaymondBeaudoin> It's just, this is only step one of a 4 or 5 page Order, so yes, it's not making my job easy
[05:56:59] *** pitakill has quit IRC
[05:58:28] <RaymondBeaudoin> Okay, well if I can't get it resolved tonight then I will, but putting 6 or 7 hours into this, which yes does sound a bit slow, is quite discouraging in the want to build a whole new server
[05:58:35] *** growltiger_ has quit IRC
[06:00:56] *** RaymondBeaudoin has quit IRC
[06:08:03] *** m0f0x has joined #postfix
[06:21:15] *** growltiger has joined #postfix
[06:31:03] *** hparker has quit IRC
[06:33:29] *** kk_CHN has joined #postfix
[06:34:49] *** bhagat has joined #postfix
[06:43:43] *** niki has quit IRC
[06:56:29] *** donglin has joined #postfix
[07:05:49] *** m0f0x has quit IRC
[07:12:41] *** Deffie has joined #postfix
[07:13:39] <Deffie> hi all, i'm looking for a console utility able to extract headers from a mail message file in maildir format, any hint ?
[07:14:16] <mjoseph> formail?
[07:14:47] <mjoseph> hrm...maybe formail doesn't do Maildir
[07:15:54] <mjoseph> with a few lines of shell scripting, you could probably use it anyway
[07:19:13] <Deffie> yup i'm actually doing it that way
[07:19:22] <Deffie> but i dont know if it is completely safe
[07:21:48] <Deffie> yup formail works fine
[07:21:53] <Deffie> tnx
[07:31:57] *** m0f0x has joined #postfix
[07:38:55] *** amrit|wrk is now known as amrit
[07:41:59] *** hever has joined #postfix
[07:55:22] *** chadmaynard has joined #postfix
[07:56:51] *** |_Knoedel_| has joined #postfix
[07:58:22] *** CrazyFoam has quit IRC
[07:59:18] *** CrazyFoam has joined #postfix
[08:01:45] *** Drezard_ has joined #postfix
[08:06:44] *** Deffie has quit IRC
[08:09:09] *** weedar has joined #postfix
[08:23:39] *** phnord has joined #postfix
[08:32:52] *** donglin has quit IRC
[08:33:39] *** sophokles has joined #postfix
[08:37:14] <sysmonk> heeeeey, i don't need visa anymore to go to US, who'll offer me a job? :)
[08:38:28] *** Drezard_ has quit IRC
[08:40:47] *** ming_zym has quit IRC
[08:45:22] *** Lap_64 has joined #postfix
[08:45:48] *** madrescher has joined #postfix
[08:48:48] *** donglin has joined #postfix
[08:48:53] *** donglin has left #postfix
[08:49:30] *** Tykling has joined #postfix
[08:50:54] *** rycar has joined #postfix
[08:51:01] <rycar> what does (queue active) in my logfiles mean?
[08:52:21] *** chadmaynard has quit IRC
[08:54:55] *** CrazyFoam has quit IRC
[08:55:55] *** weedar has quit IRC
[08:56:04] *** CrazyFoam has joined #postfix
[08:56:14] *** weedar has joined #postfix
[08:57:46] *** rouri has joined #postfix
[09:02:55] *** CrazyFoam has quit IRC
[09:08:43] *** brancaleone has joined #postfix
[09:30:27] *** m0f0x has quit IRC
[09:42:36] *** kk_CHN has quit IRC
[09:48:50] *** AntreKotik has quit IRC
[09:51:13] <cite> rycar: The mail ins currently in the "active" queue and Postfix is trying to deliver it.
[09:57:20] *** war9407 has joined #postfix
[10:00:41] *** amrit is now known as amrit|zzz
[10:22:47] *** Fallenou has joined #postfix
[10:31:02] *** Tex-Twil has joined #postfix
[10:31:47] *** madrescher has quit IRC
[10:40:16] <rycar> how do I increase the number of threads or simultanious messages that postfix processes
[10:40:37] <f3ew> see master.cf
[10:42:03] *** anebi has joined #postfix
[10:42:39] <anebi> hi, i would like to know how to tell postfix to reject the mails to users with overquota mailboxes and to not wait in queue?
[10:42:53] <anebi> is there some way to do this?
[10:47:20] *** rouri has quit IRC
[10:48:48] *** mark-use has joined #postfix
[11:02:11] *** rycar has quit IRC
[11:17:46] *** Motoko-chan has quit IRC
[11:19:24] *** Tex-Twil has quit IRC
[11:31:35] *** saurabhb has quit IRC
[11:38:21] *** madrescher has joined #postfix
[11:46:50] *** pirho has joined #postfix
[11:51:29] *** Castigador has joined #postfix
[11:57:57] *** kk_CHN has joined #postfix
[12:03:48] *** Tex-Twil has joined #postfix
[12:10:44] *** madrescher has quit IRC
[12:15:34] *** Tex-Twil has left #postfix
[12:19:07] *** [shg] has quit IRC
[12:19:45] <Castigador> Hi, I want to reject all the request when the localhost Postfix is not the final destination. I've unsetted $relay_domains and $mynetworks, and set  smtpd_recipient_restrictions=reject_unlisted_recipient, reject_unauth_destination, reject_unknown_recipient_domain, check_relay_domains
[12:20:36] <Castigador> But Postfix does the relay when I send from localhost
[12:23:22] <sysmonk> how do you send from localhost?
[12:23:30] <sysmonk> using smtp, or using 'sendmail'?
[12:24:50] <Castigador> I use a webmail aplication, I think it's using smtp
[12:26:45] *** madrescher has joined #postfix
[12:27:53] <sysmonk> Castigador: don't think, go and check
[12:28:01] <sysmonk> that matters a lot
[12:29:51] <Castigador> sysmonk, you are right, the webmail was using the PHP mail()
[12:30:08] <Castigador> now is using smtp and postfix blocks the mail
[12:30:12] <Castigador> thanks a lot sysmonk
[12:31:21] <sysmonk> no problem, 99.99$
[12:31:28] <Castigador> :D
[12:31:52] * vice-versa tosses some spare change in sysmonk's cup
[12:32:01] <sysmonk> vice-versa: thank you :P
[12:32:31] <sysmonk> i should do the way Matt does
[12:32:32] <sysmonk> http://www.flickr.com/photos/freebsdgirl/1077426140/
[12:32:52] <f3ew> anebi a custom service which updates a lookup table
[12:34:35] <anebi> f3ew: i will think in that, thanks
[12:38:12] <sysmonk> or you can pay some phreak in #postfix to do that for you (vote for me vote for me! )
[12:38:15] <sysmonk> ;P
[12:38:35] <sysmonk> f3ew: you use jabber right?
[12:39:05] *** Lap_64 has quit IRC
[12:40:28] *** madrescher has quit IRC
[12:43:10] <f3ew> yes
[12:43:36] <sysmonk> what are you using for the server part?
[12:44:18] <f3ew> Openfire
[12:44:24] <f3ew> Java shop here
[12:44:30] <sysmonk> yeah... java...
[12:44:32] <f3ew> It's still a good server though
[12:44:38] * sysmonk looks at jabber 1.4 / jabber 2
[12:45:05] <f3ew> ejabberd
[12:45:11] <sysmonk> nah, i don't like anything what uses java, i'm still living in the days where ram does matter to me :P
[12:45:23] <f3ew> ejabberd is Erlang
[12:45:27] <sysmonk> ejabberd seems nice, but i don't like Erlang
[12:45:32] <f3ew> Why not?
[12:45:33] * f3ew does
[12:45:36] <sysmonk> not that it sucks, but i just don't know it :)
[12:46:19] <sysmonk> f3ew: i like to know that if something goes wrong i can debug it and change the code a bit
[12:46:33] <sysmonk> maybe erlang is nice, but i don't know it
[12:46:45] <onre> http://www.pragprog.com/titles/jaerlang/programming-erlang  <- imo the best book on that subject.
[12:47:09] <sysmonk> onre: still have one book in my to-read-queue
[12:47:37] <sysmonk> and even then i'd like to read some good book about openldap, tcp/ip and cryptography
[12:47:40] <onre> put that in queue. erlang is really nice language.
[12:47:42] <sysmonk> maybe then i'll get to erlang :P
[12:47:47] <onre> openldap, pfft :p
[12:49:30] <f3ew> do Erlang first
[12:49:54] <sysmonk> f3ew: i'll first need to get the book, then i'll be able to read it :P
[12:50:45] <onre> sell the others to fund it. ;)
[12:51:26] <sysmonk> hehe, nah, i don't like to sell nice books :P
[12:54:13] * vice-versa takes his spare change back
[12:54:31] *** rouri has joined #postfix
[12:54:38] <sysmonk> ;(
[12:54:45] <vice-versa> that was supposed to be for necessities like food, shelter and Internet broadband
[12:55:04] <sysmonk> it will be!
[12:55:18] <sysmonk> i have to update my subscription to the pr0n account
[12:57:41] *** bhagat has quit IRC
[12:58:06] <f3ew> vice-versa books are necessities
[12:58:59] *** madrescher has joined #postfix
[13:02:02] *** |_Knoedel_| has quit IRC
[13:02:31] *** growltiger_ has joined #postfix
[13:02:45] *** kk_CHN has quit IRC
[13:02:54] *** growltiger has quit IRC
[13:07:53] *** Castigador has left #postfix
[13:10:47] *** growltiger has joined #postfix
[13:16:26] *** growltiger has quit IRC
[13:16:38] *** growltiger has joined #postfix
[13:17:03] *** Tex-Twil has joined #postfix
[13:17:17] *** Tex-Twil has left #postfix
[13:26:06] *** growltiger_ has quit IRC
[13:36:10] *** jes-o-ma1 has left #postfix
[13:38:27] *** kk_CHN has joined #postfix
[13:41:35] *** hever has quit IRC
[13:41:44] *** inflex has joined #postfix
[13:41:51] <inflex> evening all from Australia
[13:43:51] <vice-versa> good morning from Canada
[13:44:21] <inflex> Bonjour.
[13:44:25] *** Bombo_ has joined #postfix
[13:44:25] <onre> good "two and half hours before weekend begins" from Finland
[13:44:34] <inflex> Oh wait, are you not in the French-Canadian part?
[13:45:00] *** bhagat has joined #postfix
[13:45:06] <vice-versa> not really, Acadia isn't too far away though
[13:45:36] * inflex is jsut writing software manuals for his new Postfix product
[13:45:46] <inflex> I love cutting new code... but writing manuals... never much fun
[13:46:18] <vice-versa> nope, that's what technical writers are for
[13:46:23] *** Bombo has quit IRC
[13:46:23] *** Bombo_ is now known as Bombo
[13:46:32] <inflex> Except that in this business, I have to be that as well
[13:46:52] <vice-versa> wearing all the hats
[13:46:54] * inflex is designer, consultant, developer, marketer and whip-wielder.
[13:47:29] <vice-versa> ...and chief bottle washer
[13:47:35] <grzybowski> doamin.com   smtp:[XX.XX.XX.XX] , is that transport right to send email to my another IP dor domain.com
[13:47:43] <grzybowski> s/dor/for/
[13:47:44] <inflex> and coffee maker
[13:48:38] <f3ew> heh
[13:48:56] <f3ew> grzybowski yes
[13:49:22] * f3ew thinks inflex missed the chief bottle washer reference
[13:49:34] <f3ew> Surely you are joking, Mr. Inflex?
[13:50:26] <grzybowski> f3ew: what else should i do to ensure my own IP XX.XX.XX.XX to use it for outgoing emails? just bind the smtp port for this IP would be enough?
[13:51:34] <f3ew> yes
[13:52:22] <grzybowski> very strange, it's not working, is there any way to see if the transport is being used?
[13:54:02] <inflex> oh no, are we having Feynmann references here?
[13:54:37] *** cx42net has joined #postfix
[13:55:21] <cx42net> Hi there
[13:55:22] <inflex> no firewalls?
[13:55:45] <cx42net> I'd like to konw something. On different forums, anybody can help me :s There is the thing :
[13:56:43] <cx42net> I receive each day a mail from logwatch on my server to indicate some informations on my server. In these, I have postfix that send xx mails (58 for example), but from the local user, I have root that send 10 mails and www-data that send 5 mails
[13:56:50] <cx42net> I'm the only one to use the mail system
[13:57:16] <cx42net> I'd like to know where and who send the others mails 58-(10+5)
[13:57:21] <inflex> cronjobs probably
[13:57:32] <cx42net> but cronjobs works behind a specific user
[13:57:51] <inflex> even if you setuid the job?
[13:57:52] <cx42net> if cron is runned as root and send mail, the sender will be root right ?
[13:58:02] <cx42net> is runned = running
[13:58:20] <inflex> well, the headers of the email should give you some indications - what about the mail.log file?
[13:58:20] <cx42net> I suppose it's from the :25 interface
[13:58:40] <inflex> Oh, from the :25 port... mmm... are you on a LAN/WAN with other machines capable of talking to yours?
[13:58:45] <anebi> cx42net: just check your maillog, there you will find more info
[13:58:45] <inflex> What is the content of the emails?
[13:58:47] <cx42net> inflex: I search thought the mail.log file and I found that mails are send outside my domains
[13:59:10] <cx42net> inflex: but I have no information about the content of the mails :s just "from" "to" and the result (sent, bounce, etc)
[13:59:34] <anebi> cx42net: do you use authentication when send mails?
[13:59:54] <cx42net> I suppose the problem is from the smtp serveur (myip:25)
[14:00:07] <inflex> sounds like you're slightly 'open' in terms of relaying
[14:00:10] <cx42net> anebi: ... I suppose. (explaination will follow ;))
[14:00:23] <cx42net> I set up postfix with sasl auth
[14:00:32] <cx42net> it apparently work
[14:00:46] <cx42net> (when i try to send a mail, he ask me for loging in with my user credential)
[14:00:48] <cx42net> BUT
[14:00:59] <cx42net> I tried a telnet session on the 25 port
[14:01:05] <cx42net> <>port 25
[14:01:35] <cx42net> and MAIL FROM: <>; RCPT TO: <some_existant_user@of_MY_domain>; DATA; .... .;
[14:01:36] <cx42net> work
[14:01:52] <cx42net> but if a specify something else than one of my domain in the rcpt, the rcpt failed
[14:02:26] <cx42net> the thing i'd like is to force the user to loging in BEFORE write MAIL FROM:
[14:02:39] <cx42net> but apparently after that, I cannot send email to someone@mydomain
[14:02:43] <cx42net> (I tried from google)
[14:03:13] <cx42net> I used the permit_sasl_authentitcated in the first possibilities of smtpd_sender_restrictions in the main.cf config file
[14:03:49] <cx42net> (that the thing that disallow gogle to send an email on my domain)
[14:03:57] <cx42net> so i'm lost :(
[14:04:06] <onre> could those mails then be sent from some of your own machines which has been compromised?
[14:04:11] <weedar> I rotated my /var/log/maillog and now postfix doesn't seem to log anything anymore but it is working...any ideas? the new/empty /var/log/maillog has mode 600 and ownership root:root
[14:04:42] <cx42net> apparently, it's not possible to specify an inexistant user in the RCPT command but the mail.log indicate that someone succeded this :s
[14:04:52] <vice-versa> weedar: rotated how?
[14:04:52] <inflex> mmm.. shouldn't mail.log be something more like owned by syslog.adm ?
[14:05:07] <inflex> if it's root.root 600 your syslog daemon probably can't write to it
[14:05:16] <inflex> (compare with other log files
[14:05:17] <cx42net> onre: apparently, my only server does not seem to be compromised (any new processus, huge use of bandwidth, etc)
[14:05:43] <onre> if you'd notice it from something so obvious, they'd be amateurs.
[14:05:58] <cx42net> But it's not a huge sending email, I have only less than 100 mails sent every day, but it disturbing me !
[14:06:11] <weedar> vice-versa: well, the old maillog had grown to 2.1G in size so I created a custom logrotate script and then ran logrotate -v -f /etc/logrotate.d/maillog
[14:06:18] <cx42net> I was thinking if using sasl + tls will correct this
[14:06:21] <inflex> I'd suggest capturing the contents of those emails if you can
[14:06:28] <cx42net> inflex: how ? :s
[14:06:38] <inflex> wooo... 2.1G logs, that'll kill the poor I/O a lot
[14:06:49] <cx42net> inflex: maybe set the bcc option in the main.cf config file
[14:06:49] <inflex> (nothing like watching your system load magically go to 100+ without the CPU being used
[14:06:53] <weedar> And all my other logfiles are also owned by root:root and have permission 600 so I would think that wasn't the problem here..
[14:07:10] <inflex> cx42net: I have various methods of capturing the mailpacks but they're a bit more 'extreme'
[14:07:18] <inflex> (namely installing a content_filter= entry
[14:07:48] <vice-versa> weedar: try restarting your syslog daemon
[14:07:50] <weedar> I think the reason the logfile grew to that size was I increased loglevel on amavis temporarily and forgot to lower it again :o) but should be okay now
[14:08:22] <cx42net> and what about adding a always_bcc=<myemail> in the main.cf ?
[14:08:29] <weedar> vice-versa: Thank you! That did the trick =)
[14:09:36] <cx42net> if you want to, I can pastebin the main.cf
[14:11:02] *** djo_boulo has joined #postfix
[14:15:58] <cx42net> how your server works for send mails ?
[14:16:24] <cx42net> it's possible to send a mail to a allowed domain without authenticate yourself on your smtp server ?
[14:19:51] <djo_boulo> hello there, I have postfix (Waouh !) with mysql backend et some virtual domaines (virtual aliases too) What I'm trying to do is for some domains, I want potfix to do only reciepient checking and route the mail to another host that will resolve the aliases and do the final delevry. I tried a transport map but this avhieve only the "routing" the postfix continue to resolve the aliases. how can do to predent it to resolve aliases befor
[14:21:45] <cx42net> Do you have any idea on how to make things right ?
[14:26:20] <lunaphyte_> the only way to make things right is to tell her you're sorry.
[14:27:33] <djo_boulo> lol !
[14:29:12] *** Haris1 has quit IRC
[14:29:38] <grzybowski> what happens when postfix recieves an email from IP Y:25 for relay to forward? does it stores in a list and then qmgr take care of it? how can i ensure the outgoing to be the ip Y if it calls the unix smtp?
[14:29:39] *** eanxgeek has joined #postfix
[14:32:05] <inflex> lunaphyte_: don't forget flowers and chocolates
[14:32:14] *** kk_CHN has quit IRC
[14:32:35] * inflex runs another build process of his software... *twiddles thumbs*
[14:36:31] *** Haris1 has joined #postfix
[14:37:06] <inflex> Arrrugh, don't you just love it when you wait 10 minutes for a build only to find a silly typo in your code causes it to terminate...and you have to do it again
[14:38:41] * vice-versa deons't mkae tpyos
[14:38:45] <inflex> :p
[14:40:15] *** bhagat has quit IRC
[14:41:10] *** yam has quit IRC
[14:41:48] <cx42net> lol lunaphyte, I just saw your joke ;)
[14:42:34] <cx42net> inflex, do you have a smtp server ?
[14:42:57] <inflex> yes
[14:43:00] <inflex> a few too many
[14:46:35] <cx42net> inflex: and if you connect at one of them in telnet
[14:46:51] <cx42net> inflex: could you send an email to someone@yourdomain without loging in ?
[14:47:04] *** eanxgeek1 has joined #postfix
[14:47:21] *** lataffe has quit IRC
[14:48:16] *** eanxgeek has quit IRC
[14:48:36] <inflex> yes, it happens all the time - that's how I receive emails from the world.
[14:48:58] <inflex> However, I cannot SEND an email that doesn't originate from my domain or has not been sent from one of the registered IP's
[14:50:32] <cx42net> I think I loose something on the smtp protocol.
[14:51:23] <cx42net> When you send an email (from gmail, for example). Do Gmail will connect to the recipient domain to send email or send mails from their own server (the MAIL FROM, RCPT TO, etc are put where ? GMAIL or the recipient mail) ?
[14:54:15] <stony> hi
[14:54:21] <cx42net> inflex: ?
[14:54:45] <inflex> Sorry, am busy with adding a new feature that a customer has asked for :)
[14:54:50] <stony> i'm receiving mail from the internet, giving it to amavis, getting it back from it and then deliver it via maildrop
[14:55:16] <inflex> cx42net: gmail will connect to your MX server and deliver the email  from their MTA.
[14:55:16] <stony> and now i have messages in the queue that maildrop can't deliver because the recipient is unknown and maildrop can't open the maildir
[14:56:06] <stony> i tested the whole thing - if i try to send a mail to one of the recipients that are in the queue - it's reject, tried to send it to the recipients in cc or bcc with valid or non valid recipient - always rejected
[14:56:12] <stony> i have no idea where those messages come from
[14:58:06] <cx42net> inflex: I'm sorry if I bother you, I just want to know what I did wrong :s :(
[14:58:26] <inflex> It is okay - I am only explaining why I can be slow to respond :)
[14:59:01] <vice-versa> stony: grep the queue id from your logs and use postcat to review the queued message for clues
[15:02:51] <stony> vice-versa: that's what i did - nothing
[15:03:03] <stony> vice-versa: i don't get the point where those recipients enter the system
[15:03:27] <cx42net> inflex: thanks you :)
[15:04:19] <cx42net> I tested my server on a website to check if it's an open relay for spam, apparently not
[15:04:29] <inflex> Then you are okay for that -good :)
[15:04:33] <cx42net> :)
[15:04:47] <vice-versa> at least for what they test for
[15:05:03] <cx42net> but It's disturbing me a lot of why I have 58 mails sent indicated by logwatch, but only 20 sended by my local users :s
[15:05:09] <cx42net> vice-versa: yep !
[15:05:19] <vice-versa> stony: I would think there has to be something relevant in the logs
[15:05:43] <stony> vice-versa: i searched the whole thing - nothing - i'm really confused about this
[15:05:49] <stony> vice-versa: but i'll find it - i'm sure ;)
[15:07:04] <vice-versa> pastebin the postcat output from one of these mystery messages
[15:07:50] <stony> vice-versa: i deleted the messages in the queue and i'm checking if something appears again - perhaps this was something that happend by mistake as i was configuring the maildrop service
[15:08:05] <vice-versa> perhaps
[15:09:12] <stony> vice-versa: yes - and before i start hunting ghosts i'll better check that :)
[15:10:03] <vice-versa> cx42net: we can speculate all day and go nowhere, show us something tangible, postconf -n and relevant log excerpts in a pastebin
[15:10:18] <stony> got another one - no ghosts
[15:10:46] <cx42net> vice-versa: ok :)
[15:11:10] <cx42net> which pastebin ?
[15:11:24] <vice-versa> !pastebin
[15:11:25] <knoba> vice-versa: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.
[15:12:47] <cx42net> http://pastebin.com/m55ef173f for the postconf -n
[15:12:51] <stony> vice-versa: amavisd is sending those mails to my system 'cause i don't do a recipient check on the incoming side of the amavis thingie - but shouldn't postfix stop that before ?
[15:13:35] <stony> vice-versa: is it because i use smtpd_recipient_restrictions=check_recipient_access proxy:pgsql.... on the fist line ?
[15:13:59] <stony> i think reject_unauth_destination should be first in this line - right ?
[15:14:29] <milligan_> Oct 17 15:13:12 endor_2008 postfix/pipe[12488]: E05312AC0E37: to=<user#domain.tld at autoreply dot domain.tld>, orig_to=<user at domain dot tld>, relay=vacation, delay=0.11, delays=0.07/0/0/0.04, dsn=2.0.0, status=sent (delivered via vacation service)<- How come the email is delivered to my homedir, but no vacation reply is sent ?
[15:14:38] *** bieb has joined #postfix
[15:14:59] <vice-versa> stony: this is the default, smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
[15:15:21] <vice-versa> you have to be very careful what you do prior to reject_unauth_destination
[15:15:29] <cx42net> vice-versa: for my mail.log, what to you want ?
[15:15:55] <stony> vice-versa: yes - i think that's it - the filter is triggered before the mail is rejected so i have those mails inside the system
[15:16:07] <stony> i'll set check_recipient_access after the reject_unauth
[15:16:47] <vice-versa> cx42net: a chunk of the log around the time of the delivery in question should be sufficient
[15:18:01] <cx42net> vice-versa: ok I check for a suspicious mail and i pastebin the log with more info before and after this, that's what you want ?
[15:18:11] <vice-versa> yes
[15:19:54] <stony> vice-versa: now it's working - thanks :)
[15:19:59] <vice-versa> np
[15:22:48] <cx42net> http://pastebin.com/m7454a597, I highlighted the line of someone with the mail from & to aren't in my domain
[15:23:08] <cx42net> the from is "<>" (I can do that in a telnet session)
[15:24:06] <cx42net> but the To: is set to someone I DON'T know :s
[15:24:25] <cx42net> and that I cannot set in telnet session, It's always refused... (RCPT TO: I supposed)
[15:24:48] <cx42net> So i suppose that is the mails I don't know where they are, where they goes, etc
[15:24:50] <stony> vice-versa: just an illusion *glglgl*
[15:24:58] <cx42net> vice-versa: if you want more of my log, tell me
[15:26:01] <vice-versa> cx42net: yes, don't remove anything, if you need help sorting this out let us decide what's relevant and what's not
[15:28:42] <cx42net> vice-versa: ok, so what I do now ?
[15:29:35] *** guilherme-jorge has quit IRC
[15:32:45] <cx42net> vice-versa: "postfix/smtp" mean that the client connected throw socket ? (telnet mydomain 25 for ex) ?
[15:33:00] <grzybowski> does transports look at the FROM or TO of the message?
[15:33:13] <stony> vice-versa: so i checked everything again - if i remove the check_recipient_access it's still not working
[15:34:14] <vice-versa> cx42net: start over, don't mung and show a larger chunk of the log
[15:35:09] <cx42net> mung ?
[15:35:16] <vice-versa> !mung
[15:35:16] <knoba> vice-versa: "mung" : Mash Until No Good : the art of obfuscating data which ultimately results in unintentional consequences such as making diagnostics impossible.
[15:39:22] <cx42net> thank you :)
[15:39:31] <cx42net> ok pastebin think i post a spam ...
[15:40:13] <cx42net> http://pastebin.ca/1229355
[15:40:29] *** Tykling has left #postfix
[15:43:13] <grzybowski> is there a way to make transports look at sender address instead of recipient?
[15:43:58] <cx42net> vice-versa: tell me if you want more :p
[15:43:59] *** _Driver_ has quit IRC
[15:44:11] *** deadpigeon has joined #postfix
[15:44:15] <vice-versa> cx42net: your postconf -n output isn't matching up to what I'm seeing in the log paste
[15:44:58] <vice-versa> there is address verification being performed and no configuration for it that I can see
[15:45:35] <cx42net> vice-versa: :(
[15:45:45] <cx42net> postfix ignore my config file ?
[15:45:55] <cx42net> maybe a wrong chmod ? chown ?
[15:46:05] <vice-versa> nm, I see it now... warn_if_reject reject_unverified_sender
[15:46:28] <vice-versa> take that out
[15:46:44] <cx42net> http://pastebin.com/d19fa8b1f
[15:47:18] <cx42net> vice-versa: but if a remove that, postfix will autorize unverified sender right ?
[15:47:40] <vice-versa> address verification can be a double edged sword
[15:49:02] <vice-versa> in a perfect world it would be grand, but in the world of spam it's poison and a good way to get yourself blacklisted
[15:50:19] <vice-versa> !tell cx42net verification
[15:50:42] <vice-versa> hmm
[15:50:46] <cx42net> ok, so I remove it
[15:50:48] <vice-versa> !verification
[15:50:49] <knoba> vice-versa: "verification" : http://www.postfix.org/ADDRESS_VERIFICATION_README.html : the Postfix verify(8) server
[15:51:04] <cx42net> hum, It don't want to respond to your order !
[15:52:13] <vice-versa> yeah, prima donna
[15:52:20] <vice-versa> !stupidbot
[15:52:21] <knoba> vice-versa: "stupidbot" : heh, more like dumb ass human!
[15:52:30] <vice-versa> see ;)
[15:52:35] <cx42net> oh ok, the thing is that for each mail, postfix will ask to the domain of the email in FROM or RCPT if he exist, before send mail. And too many "asks" could set the server to be blacklisted, right ?
[15:52:42] <cx42net> lol
[15:52:48] <vice-versa> right
[15:52:59] <cx42net> but I have a low trafic server actually
[15:53:23] <vice-versa> trust me, it's not worth it
[15:54:22] <vice-versa> yes, but you're thinking in terms of legitimate traffic
[15:54:30] <vice-versa> if you have to do it, then do so selectively, but think hard about that too
[15:54:58] <stony> vice-versa: if i check the recipient in the postcat then there is nothing changed or rewritten - postfix simple accepted this recipient - and i don't know why
[15:57:27] <cx42net> ok so I remove it
[15:57:35] <cx42net> but this will not correct my problem right ?
[15:57:36] *** weedar has quit IRC
[15:58:10] <vice-versa> stony: same thing applies here too, we can speculate all day, show something tangible, postconf -n, relevant log excerpts and postcat output in a pastebin
[15:58:23] <cx42net> Now I have : smtpd_sender_restrictions = permit_mynetworks,reject_unknown_sender_domain
[15:59:18] <vice-versa> cx42net: you should get in the habit of doing all your restrictions in the smtpd_recipient_restrictions stage
[15:59:57] <stony> vice-versa: ok, i'll get something together
[16:01:17] <cx42net> vice-versa: so where I have to set all the restrictions ?
[16:03:43] *** aba- has joined #postfix
[16:04:28] <vice-versa> cx42net: from what I seen of what you had so far, use, smtpd_recipient_restrictions = reject_unknown_sender_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
[16:04:47] <cx42net> vice-versa: in this order I suppose
[16:05:00] <vice-versa> yes
[16:05:20] <vice-versa> and I purposly left out reject_unknown_client
[16:05:54] <vice-versa> reject_unknown_client/reject_unknown_client_hostname will cause you to reject a lot of legit mail
[16:06:12] <cx42net> I was about to ask why ;)
[16:06:16] <cx42net> Ok I modified that too
[16:07:10] <vice-versa> remove or comment out smtpd_client_restrictions and smtpd_sender_restrictions and their restrictions
[16:09:04] *** rouri has quit IRC
[16:09:47] <vice-versa> cx42net: now if you want a better recommendation of a base for smtpd_client_restrictions, here is my suggestion
[16:11:31] <vice-versa> smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, warn_if_reject reject_unknown_reverse_client_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client psbl.surriel.com, permit
[16:13:22] <stony> wtf?
[16:13:40] <stony> vice-versa: once again: i think i found it *g*
[16:13:58] <vice-versa> cx42net: the reason for the warn_if_reject with reject_unknown_reverse_client_host is the same for reject_unknown_client_hostname, while not as strict it can still cause issues with legit hosts
[16:13:59] <stony> if i didn't - i'll put all logs on nopaste
[16:16:36] <cx42net> vice-versa: waouh, that a long list ! :p the reject_rbl_client zen.spamhaus.org will ask zen.spamhaus.org for the current client to check if it is allowed to send mail ?
[16:16:53] <vice-versa> yes
[16:17:12] <cx42net> and I set to empty  smtpd_client_restrictions and smtpd_sender_restrictions ?
[16:17:24] <stony> is there a way to tell the pipe daemon via the exit code of the program that was started that the message was bounced ?
[16:17:25] <vice-versa> just leave them out
[16:17:37] <cx42net> I completely remove them ?
[16:17:42] <vice-versa> yes
[16:18:19] <vice-versa> the default is empty, smtpd_sender_restrictions =
[16:18:31] <cx42net> ok, and know anybody can send mails from a socket to port 25 without being authenticated ?
[16:18:36] <vice-versa> so it's just useless noise in the config imo
[16:18:56] <stony> vice-versa: i found it: the problem is: if you submit something to bleh at a dot de and in virtual_alias_maps is an entry @a.de -> @a.com then the message is accepted, rewritten to the new recipient and then submitted to amavis BEFORE there is a check if the new recipient is ok - and that 'causes the trouble
[16:19:41] *** brancaleone has quit IRC
[16:20:02] <vice-versa> ahh yes, domain aliases are bad news if you can't do them in such a way that it also validates recipient addresses
[16:21:01] <cx42net> the domain aliases I made ?
[16:21:35] <stony> vice-versa: i'm thinking about resubmitting the mail, i mean: internet -> mail arrives -> smtpd accepts -> trivial rewrite takes case -> smtp send to new smtpd -> smtpd checks for recipient or bounces -> filter sends it to amavis -> amavis sends it back -> delivering via maildrop
[16:21:44] <vice-versa> cx42net: not sure what you mean, you server will accept delivery of messages it's the final destination for and the sender passes you restriction policies
[16:21:58] <vice-versa> cx42net: the domain alias was ment for ston
[16:22:09] <vice-versa> *y
[16:22:59] <cx42net> vice-versa: ok, sorry
[16:23:03] <cx42net> (about the domain aliases)
[16:23:15] <inflex> *phew* user-requested feature is finally cut and working
[16:23:22] <inflex> looks like I missed a lot here
[16:23:33] <vice-versa> not really ;)
[16:24:18] <cx42net> vice-versa: errr, if I put "MAIL FROM:" in a telnet session, anything I specify, smtp respond : 503 5.5.1 Error: nested MAIL command
[16:24:26] <cx42net> It's correct ?
[16:24:43] <cx42net> The reason is a have to authenticate myself before use MAIL FROM command ?
[16:26:51] <cx42net> ohoh ! I tried to send a mail with my mail client, and the mail was sent
[16:27:07] <cx42net> so apparently, I have to authentitcate myself before call the MAIL FROM command, thats right vice-versa?
[16:27:24] *** Tykling has joined #postfix
[16:27:40] *** dft_ has joined #postfix
[16:28:07] <dft_> proxy_interface should be set to the external IP of the nat'd system?
[16:29:27] <dft_> I have two systems in a linux-ha setup with a shared IP on bond0:0 and I need to force all mail to go in and out of via the ip address assigned to this interface and not the ip address of bond0
[16:31:23] <vice-versa> cx42net: you have to authenticate if you're not in mynetworks and you want to send a mail for which your server is not the final destination for
[16:31:29] *** stephen_ has quit IRC
[16:32:19] <cx42net> vice-versa: I think that what I wanted !!! (I hope so ! :))
[16:32:43] <cx42net> I will check my logwatch in two days to see what happened tomorrow
[16:32:54] <vice-versa> dft_: it's  proxy_interfaces
[16:33:02] <vice-versa> !maincf proxy_interfaces
[16:33:03] <knoba> vice-versa: Error: "maincf" is not a valid command.
[16:33:03] <cx42net> If no mail will be sent thought an anonymous sender, I will be my god ;)
[16:33:15] <vice-versa> fuck
[16:33:34] <vice-versa> !proxy_interfaces
[16:33:34] <knoba> vice-versa: "proxy_interfaces" : a configuration parameter in the main.cf: The network interface addresses that this mail system receives mail on by way of a proxy or network address translation unit. This setting extends the address list specified with the inet_interfaces parameter.
[16:34:09] <cx42net> vice-versa: but, my php scripts will have to authenticate to send a mail at somebody outside my domains ? or not ?
[16:34:15] <vice-versa> Signum: what happened to the custom commands for knoba?
[16:35:16] <vice-versa> cx42net: are they on the same host?
[16:35:30] <cx42net> yes
[16:35:34] <cx42net> 127.0.0.1
[16:35:45] <cx42net> apache run on the same machine as postfix
[16:35:46] <vice-versa> then they're part of mynetworks
[16:36:16] <cx42net> vice-versa: so php can send a mail to somebody at white-house dot org without authenticated itself ?
[16:36:29] <stony> have the domains in the virtual_alias_domains table to be added with or without leading "@" ?
[16:36:39] <cx42net> In fact I'm dumb because I have just to test it to know if it works or not ;)
[16:37:25] <vice-versa> cx42net: yes, but seriously, now that you're immediate issue has been resolved you really need to review the documentation
[16:37:33] <vice-versa> !basic
[16:37:33] <vice-versa> !standard
[16:37:33] <vice-versa> !docs
[16:37:34] <knoba> vice-versa: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[16:37:35] <knoba> vice-versa: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html
[16:37:36] <knoba> vice-versa: "docs" : Postfix documentation http://www.postfix.org/documentation.html
[16:37:49] *** sophokles has quit IRC
[16:38:12] <vice-versa> s/you're/your/
[16:38:25] *** danbeck has joined #postfix
[16:38:37] <cx42net> vice-versa: I read the doc this morning about the options in the config file
[16:38:50] <cx42net> i tested some things, that finally didn't worked
[16:38:58] <cx42net> that's why I'm so ... dumb .... :p
[16:39:03] <vice-versa> !cheatsheet
[16:39:05] <knoba> vice-versa: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[16:39:23] <cx42net> but Thank you so much ! you really helped me and take all the time I needed to !! Thankssssss
[16:39:28] *** pitakill has joined #postfix
[16:39:48] *** BuenGenio has joined #postfix
[16:39:56] <vice-versa> dumb might be a stretch, inexperienced I would agree with ;)
[16:39:58] <vice-versa> np
[16:40:49] <cx42net> :)
[16:41:13] <dft_> okay fixed the prob with inet_interfaces and proxy_interfaces
[16:41:44] <cx42net> ah, just, when you typed !verification cx42net Address Verification, it worked, I just saw it. I received a private message from knoba
[16:42:14] <vice-versa> yes, but it's not supposed to work that way any more
[16:42:33] <vice-versa> Signum: ^^^^^^^^^^^^^
[16:42:40] <djo_boulo> hello, is there any way to set per recipient domain "receive_override_options" ?
[16:44:10] <djo_boulo> I want to desactivate the virtual alias expanding for some domains, and route the mail directly to another host
[16:44:26] <vice-versa> yes, using a dedicated transport
[16:44:57] <vice-versa> !dedicated_transport
[16:44:58] <knoba> vice-versa: "dedicated_transport" : dedicated transports are used to control delivery behaviour for a specific domain or a user@domain pattern based on transport_maps. For an example see: http://linuxnet.ca/postfix/dedicated_transport.html
[16:46:27] *** Thorn has joined #postfix
[16:48:06] <djo_boulo> vice-versa: I didn't find the correct option for the smtp option to disable expanding of aliases
[16:48:58] <vice-versa> you mean in the url from the factoid?
[16:49:43] *** Lukemob has quit IRC
[16:50:03] <djo_boulo> non non in the man page of smtp transport, I was thinking of somthing like smtpout unix - - - smtp -o thegoodoptionthatdesablealiasexpanding
[16:50:22] <vice-versa> oh, use no_address_mappings in receive_override_options
[16:50:34] <vice-versa> !no_address_mappings
[16:50:35] <knoba> vice-versa: Error: "no_address_mappings" is not a valid command.
[16:50:39] <vice-versa> :(
[16:51:18] *** Lukemob has joined #postfix
[16:51:43] *** DrSmall has joined #postfix
[16:51:51] <vice-versa> http://www.postfix.org/postconf.5.html#receive_override_options
[16:52:10] * vice-versa elbows knoba
[16:54:41] <DrSmall> Greetings
[16:59:16] <inflex> greetings
[16:59:31] * inflex now waits for the usual "That new feature, it doesn't work" responses
[17:00:07] <inflex> To which we'll eventually discover "That's what I asked for, not what I wanted" :)
[17:00:14] <DrSmall> hey there... i was trying out this new feature, and it is not working
[17:00:41] <DrSmall> :P
[17:00:51] <inflex> *lol*
[17:01:08] <inflex> But that's what you asked for!
[17:01:09] <DrSmall> actually, I didn't do anything, and postfix just went wacky again
[17:01:53] <vice-versa> actually, postfix didn't do anything, and DrSmall just went wacky again
[17:02:28] <DrSmall> hmm. Well, I haven't done anything to postfix for a very long time, so I don't see how anything happened
[17:03:01] <vice-versa> inflex: could be worse, put a ton of time into and it never gets used :(
[17:03:55] <DrSmall> Postfix receives local mail, but won't receive remote email anymore. I made a thread about it at Ubuntu Forums
[17:04:22] * vice-versa unveils his crystal ball
[17:04:42] <DrSmall> :D
[17:04:59] <vice-versa> ahh, I see ISP port 25 blocking in your future
[17:05:02] <inflex> I see a broken router
[17:05:04] <inflex> yes
[17:05:17] <DrSmall> ...
[17:05:20] <DrSmall> neither
[17:05:35] <vice-versa> hmm, could be the dust
[17:05:36] <DrSmall> the router works fine, and the ISP hasn't blocked port 25 (yet!)
[17:05:39] <inflex> Gharr, my wife is watching YouTube, Ic an tell because my SSH sessions are lagging :(
[17:05:52] <inflex> or the lack of solar flares
[17:06:09] <inflex> without them, our atmosphere is slowly going into negative energy phase and hence sucks up energy from routers and ISP lines
[17:06:17] <vice-versa> s/flares/winds/
[17:06:38] <DrSmall> http://ubuntuforums.org/showthread.php?t=950638
[17:06:42] <inflex> winds sounds too soft/gentle
[17:06:46] <inflex> "flares" sounds mean and nasty
[17:07:44] <DrSmall> ^^ incase anyone is bored
[17:07:57] <vice-versa> DrSmall: can you telnet on localhost and deliver a message?
[17:08:27] <DrSmall> probably so. logwatch delivered a email to root and it got sent to me alright this morning
[17:08:54] <DrSmall> i can try though, if you like
[17:08:59] <vice-versa> that would be a local submission
[17:09:09] <vice-versa> not the same thing
[17:09:20] <inflex> can an outside box even see your port 25
[17:09:44] <DrSmall> inflex: yes.
[17:11:13] <DrSmall> just checked. local delivery works (to domain, not localhost)
[17:11:41] *** weedar has joined #postfix
[17:11:51] <vice-versa> netstat -plunt | grep master
[17:12:13] *** Fallenou has quit IRC
[17:12:20] <DrSmall> tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     5501/master
[17:12:56] <vice-versa> any local firewall rules?
[17:13:05] <vice-versa> iptables-save
[17:13:09] <DrSmall> no.
[17:13:20] <DrSmall> i have none
[17:13:28] <DrSmall> it used to work perfectly
[17:14:24] <vice-versa> !obvious
[17:14:25] <knoba> vice-versa: "obvious" : look for obvious signs of trouble, egrep '(warning|error|fatal|panic):' /some/log/file See: !logs factoid if you're unsure of where your mail logs are located
[17:14:44] <DrSmall> the only thing I changed recently was /etc/hosts, and added a few lines in there
[17:14:51] <DrSmall> i've done read through the logs
[17:15:35] <DrSmall> the only thing suspcious was:
[17:15:36] <DrSmall> lost connection after CONNECT from localhost[127.0.0.1]
[17:15:49] <vice-versa> naw
[17:16:13] *** rjbs has joined #postfix
[17:16:14] *** cos has joined #postfix
[17:16:28] <rjbs> Is there something like postcat that will not print the message content?
[17:17:25] <cos> If I set smtp_destination_concurrency_limit to a value higher than the maxprox for smtp in master.cf, that means nothing, right?
[17:17:26] <vice-versa> DrSmall: what version of postfix?
[17:17:56] <cos> that is, smtp_destination_concurrency_limit is a limit on how many smtp processes may be delivering to the same place at the same time, so it's effecitvely limited by how many smtp processes there are, yes?
[17:18:08] <DrSmall> the only other warning I have is:
[17:18:09] <DrSmall> warning: support for restriction "check_relay_domains" will be removed from Postfix; use "reject_unauth_destination" instead
[17:18:18] <DrSmall> vice-versa: how do I check the version?
[17:18:31] <vice-versa> yup, that was why I asked what version
[17:18:38] <Roobarb> rjbs: "postqueue -p" ?
[17:18:56] <vice-versa> postconf mail_version
[17:19:21] <vice-versa> DrSmall: but yeah, do as the warning suggests
[17:19:32] <vice-versa> restart postfix and try again
[17:19:52] <DrSmall> 2.3.8
[17:20:07] <rjbs> Roobarb: no, that doesn't expost the same data and isn't well-structured
[17:20:50] <Roobarb> rjbs: well postcat is just a wrapper for regualr "cat" i think
[17:22:06] <rjbs> not really
[17:22:14] <rjbs> queue files are binary, structured files
[17:22:31] <rjbs> I was hoping to avoid writing a parser, lest the format change under me someday.
[17:22:53] <rjbs> It's not really a big deal, in the end, to either do that or stop reading from `postcat` when I hit the message content.
[17:23:18] <inflex> rjbs: format changes alas are a part of life I've found.
[17:23:30] <inflex> Both 'specified' and 'random'
[17:23:58] <rjbs> yeah
[17:24:01] <DrSmall> vice-versa: I fixed main.cf, restarted and still no go.
[17:24:03] * inflex suffers to Microsoft making his life hell quite frequently with their less than stellar implementations of MIME encoders.
[17:24:18] <rjbs> inflex: Heh, as if MIME could have a stellar implementation.
[17:24:29] *** GoGi has joined #postfix
[17:24:30] <inflex> Turned my compact, fast, complete MIME decoder into a pile of pain
[17:25:11] <inflex> rjbs: okay, there's some worse than others.  MS seems to -really- like to implement either MIME encoders that miss various limits or MIME decoders that can be tricked with ease
[17:25:26] <rjbs> title*0*=utf-8'en-us'q'....
[17:25:34] <rjbs> inflex: Sure, I'm just kvetching. :)
[17:25:37] <inflex> personally, I'd love to see MIME torn up and we just send tarballs to each other :D
[17:25:49] <rjbs> twitter ftw!
[17:25:59] <inflex> rjbs: uuuuuurgh, I remember adjusting my code to suit those sort of god awful strings
[17:26:05] <inflex> <=- author of ripMIME.
[17:26:19] <rjbs> yeah, /me maintains a bunch of mime parsing/producing code
[17:26:22] <rjbs> Let's go drinking.
[17:26:29] <inflex> sounds great, then we can cry together
[17:26:39] <rjbs> keep your tears outta my beer, buddy
[17:26:42] <inflex> hahah
[17:27:28] <inflex> Had a lot of people tell me I should just have stayed with strict MIME interpretation *cough* that'd have never worked.
[17:27:50] <rjbs> I wrote a quick hack the other day, Postfix::Parse::Mailq, to parse mailq output (postqueue -p, as Roobarb said), but I want to parse the spool, so I can get what queue things are in, for example.
[17:28:12] <rjbs> Will start with a hybrid approach: will find filenames in queue and match their position in the spools to the queueid from mailq.
[17:28:43] <rjbs> inflex: I gave a talk at a few conferences this year about MIME (et al): http://xrl.us/onzyt
[17:28:55] <rjbs> inflex: One of the questions I got is, "Yeah, so it's weird, but can you just writea grammar?"
[17:29:28] <inflex> It'd be like the one we use for parsing English ;)
[17:29:28] *** phnord has quit IRC
[17:30:07] <rjbs> yeah.  eventually we'll get offshore labor to sign indentured service contracts to be put in cryostasis while we use their brains to parse mime
[17:30:24] *** DrSmall has quit IRC
[17:30:25] <inflex> *lol*
[17:30:26] <rjbs> > WHIZ, PUT THE CONTENT-DISPOSITION IN THE HEADER
[17:30:43] <rjbs> Sigh.  Everything comes down to a Infocom joke for me.
[17:31:26] <inflex> rolling everything into a .tar.gz would at the very least put aside the encoding traumas
[17:31:44] <rjbs> use shar, isn't that 7-bit already?
[17:31:45] <vice-versa> DrSmall: hmm, running out of ideas, try stopping postfix and do, postfix check
[17:32:16] *** niki has joined #postfix
[17:32:23] <inflex> sad that a decade after we were supposed to be giving up 7-bit only gateways, we're still holding on
[17:33:17] <vice-versa> DrSmall: I can connect, but get an immediate disconnect
[17:34:12] *** havvg has joined #postfix
[17:35:46] <cx42net> I'm leaving!
[17:35:51] <vice-versa> bye
[17:35:57] <cx42net> Thank you very much vice-versa for your help and your patience ! :)
[17:35:59] <cx42net> bye !
[17:36:02] *** cx42net has quit IRC
[17:39:46] *** kjs has left #postfix
[17:42:59] <lunaphyte_> i get full after 7 bytes.  8 bytes is too much.
[17:45:23] <vice-versa> 7 bytes should be enough for anyone
[17:48:07] *** dft_ has quit IRC
[17:50:48] *** anebi has left #postfix
[17:53:18] *** stephen_ has joined #postfix
[17:53:30] <stephen_> hi guys.. is there a way in postfix to redirect mail depending on source..
[17:53:42] <stephen_> eg if from internet goto rt@internaldns
[17:53:57] <stephen_> if internal then goto rt@differentipaddress?
[17:54:07] <stephen_> internal being 10.0.0.0/8
[17:54:11] <stephen_> thanks
[18:00:19] <vice-versa> seems a rather odd requirement, what's the rational?
[18:01:53] *** Bombo_ has joined #postfix
[18:02:02] <cpbills> is there a queue for incoming mail, for looking up users...? or a way to throttle this; the issue is i'm using postfix with postgres, and a flood of spam will come in and innundate my pgsql connections, and result in lots of 'temp lookup failure' responses...
[18:02:36] *** mark-use has quit IRC
[18:02:53] <vice-versa> have you tried using proxymap
[18:03:58] *** Thorn has quit IRC
[18:04:08] *** hparker has joined #postfix
[18:04:39] *** Moofius has joined #postfix
[18:04:43] <vice-versa> cpbills: like so, proxymap:pgsql:/etc/postfix/....
[18:04:54] <Moofius> noob question: how to know if postfix is running?
[18:05:11] <stephen_> Moofius ps auxx|grep post
[18:05:56] <Moofius> It was not running :)
[18:06:06] *** Thorn has joined #postfix
[18:06:14] <stephen_> Moofius depends .. also try ps aux|grep pickup
[18:06:41] <vice-versa> netstat -plunt | grep :25
[18:07:01] <stephen_> visa-versa <-- better way
[18:07:04] <Moofius> ok, it was running then ^^
[18:07:14] <stephen_> does anyone know of a good source routing howto for postfix?
[18:07:15] <Moofius> "netstat: lunt: unknown or uninstrumented protocol
[18:07:16] *** denis__ has joined #postfix
[18:07:50] <vice-versa> Moofius: bsd?
[18:07:58] <Moofius> mac >_<
[18:07:58] <cpbills> vice-versa: no, i think i did a long while ago, but it caused some issues...
[18:08:06] <vice-versa> Moofius: then yes
[18:08:45] <cpbills> vice-versa: nevermind, i am still using 'proxy:pgsql'
[18:09:34] *** DrSmall has joined #postfix
[18:09:47] * DrSmall sighs
[18:09:58] <vice-versa> cpbills: opps, yeah sorry, just proxy: not proxymap:
[18:11:02] *** xpoint has joined #postfix
[18:11:04] <vice-versa> cpbills: can you not tweak pg to handle the connection load?
[18:11:22] <vice-versa> DrSmall: wb
[18:11:37] *** weedar has quit IRC
[18:11:38] <vice-versa> DrSmall: I have a suggestion for you
[18:11:45] <DrSmall> that is?
[18:12:30] <vice-versa> DrSmall: disable sasl for a quick test
[18:12:46] *** madrescher has quit IRC
[18:13:05] *** weedar has joined #postfix
[18:13:22] <cpbills> vice-versa: pgsql can handle 200 connections...
[18:13:36] <cpbills> rather, my configuration of pgsql is set to allow 200
[18:13:45] *** inflex has quit IRC
[18:14:08] <cpbills> postfix sucking down 200 connections is what 'bothers' me...
[18:14:30] *** Bombo has quit IRC
[18:14:30] *** Bombo_ is now known as Bombo
[18:14:35] *** Mosu has quit IRC
[18:14:46] *** Mosu has joined #postfix
[18:14:55] <DrSmall> vice-versa: seems like it still isn't working
[18:15:06] <cpbills> postfix/master[20343]: warning: service "smtp" (25) has re
[18:15:07] <cpbills> ached its process limit "200": new clients may experience noticeable delays
[18:15:31] <DrSmall> also, notice, when I restart postfix, mail.log says: "daemon started... " ... terminating on signal 15
[18:15:43] <mofino> DrSmall, why iks that a concern?
[18:16:05] <mofino> cpbills, sounds like you have high volume / slow clients
[18:16:18] <vice-versa> DrSmall: is everything logged into mail.log?
[18:16:43] <DrSmall> yes, and then there are specific logs for err and warn, but they all show up in mail.log anyhow
[18:16:48] <cpbills> mofino: yeah... i'm thinking i might be doing something wrong... heh... i think if i cut smtpd to 100 processes... it won't flood the pgsql server, and cause a further backup...
[18:22:13] *** stephen_ has quit IRC
[18:22:38] <f3ew> cpbills there's one connection per map
[18:22:43] <f3ew> unless you use proxymap
[18:25:08] <cpbills> f3ew: so proxy: is causing postfix to open a new connectiont o pgsql for each query?
[18:27:38] <cpbills> i know in the past i ran into issues when changing the 'proxy:pgsql' stuff...
[18:35:21] <f3ew> no, one per unless you use proxy:
[18:40:28] <cpbills> is there a way to have it refresh the proxy connections... keep the process from getting too old/etc?
[18:40:34] *** jpalmer has quit IRC
[18:43:11] *** DrSmall has quit IRC
[18:43:29] *** mandragor has joined #postfix
[18:44:10] *** weedar has quit IRC
[18:46:50] *** bieb has quit IRC
[18:46:54] *** DrSmall has joined #postfix
[18:47:02] *** githogori_ has quit IRC
[18:51:45] <Moofius> How to make postfix always on, and not "on-demand"?
[18:51:55] <Dominian> what?
[18:52:00] <Dominian> What do you mean "on-demand"?
[18:52:12] <Dominian> Do you mean you restart the box and it doesn't start?
[18:52:29] <Moofius> no, I mean that the os starts it only when needed
[18:52:49] <Dominian> what distro you running this one?
[18:52:57] <Moofius> mac
[18:53:02] <Dominian> I've never heard of anything starting postfix or any other MTA "as needed"
[18:53:03] <Dominian> oh god
[18:53:18] <Dominian> YWith a Mac.. no idea
[18:53:26] <Dominian> Mac servers do postfix configurations in a very very weird way
[18:53:40] *** bieb has joined #postfix
[18:55:08] *** _ruben has quit IRC
[18:55:26] <vice-versa> DrSmall: can you confirm your external IP, http://ourip.net/is/
[18:55:37] *** danbeck has quit IRC
[18:56:46] *** brancaleone has joined #postfix
[18:57:53] *** rdutra has joined #postfix
[18:59:21] <vice-versa> !tell DrSmall msa
[19:01:20] *** rdutra has quit IRC
[19:01:34] <Moofius> Found out how to make it always on, http://use.perl.org/~rjbs/journal/29776 :)
[19:02:48] *** Weasel[DK] has joined #postfix
[19:04:25] <grzybowski> lunaphyte_: hi
[19:12:17] *** lennard has quit IRC
[19:13:30] *** wietze has quit IRC
[19:13:57] <vice-versa> O.o, no way
[19:15:44] <Weasel[DK]> trying to get an alias map working in LDAP, but i get this error -> warning: dict_ldap_lookup: /etc/postfix/ldapaliases.cf: Search base '' not found: 32: No such object
[19:16:02] <Weasel[DK]> i have a valid search_base specified
[19:16:08] <deface> !pastebin
[19:16:10] <knoba> deface: "pastebin" : a way to paste larger amounts of text so that other people can read it. Try http://www.rafb.net/paste/ or http://paste.debian.net/ - Do not forget to tell us the URL where you pasted it.
[19:16:18] <deface> paste your .cf file
[19:16:35] *** sekhmet has joined #postfix
[19:17:42] <Weasel[DK]> http://rafb.net/p/M5NTZw46.html
[19:19:25] <deface> why do u have ldapaliases_ infront of everything ?
[19:19:34] <deface> should just be search_base
[19:19:48] *** GoGi has quit IRC
[19:19:59] <Weasel[DK]> deface, the docs told me to
[19:20:07] <deface> http://www.postfix.com/LDAP_README.html
[19:20:11] <deface> read them again
[19:21:28] *** DrSmall has quit IRC
[19:22:18] <sekhmet> Bah.  I'm attempting to set up a small server which uses the configuration given here: http://www.postfix.org/VIRTUAL_README.html#mailing_lists
[19:23:01] <sekhmet> ... clearly I'm doing something wrong, as it doesn't appear that it's reading in the information in /etc/aliases...  I've run 'newalises' and 'postalias /etc/aliases' after editing, but mail get rejected with an "unknown local user"
[19:23:10] <sekhmet> (or rather, just "unknown user")
[19:24:02] <sekhmet> I've been trying various things; currently I've got both alias_maps and alias_database set to "dbm:/etc/aliases" (had also tried hash:), and set "allow_mail_to_commands = alias"
[19:25:39] <deface> sekhmet: pastebin the relevant parts .. also an outpuf of postconf -n
[19:25:46] <deface> output*
[19:26:24] <sekhmet> deface: heh, you mean like the subject clearly tells me to?  :)  Will do.
[19:26:36] <deface> yup
[19:26:49] *** Moofius has quit IRC
[19:27:29] *** alienbrain has joined #postfix
[19:27:40] <djo_boulo> bye
[19:27:44] *** djo_boulo has left #postfix
[19:29:11] <sekhmet> oh bah
[19:29:33] <sekhmet> deface: And of course, doing so makes me realize that my alias_maps and alias_database lines get "overwritten" way down at the bottom of the file, apparently.
[19:29:52] <sekhmet> deface: Which is precisely the issue, since it turns out I'm no longer editing the proper alias file
[19:30:23] <sekhmet> Thanks, and sorry for the noise
[19:30:36] <deface> ;)
[19:32:36] <Weasel[DK]> deface, you are right... now it works. i probably got it from some old doc then ?
[19:32:37] *** DrSmall has joined #postfix
[19:32:40] <Weasel[DK]> deface, Thanks
[19:33:59] <deface> np
[19:34:56] *** denis__ has quit IRC
[19:36:39] <vice-versa> lol
[19:37:02] * vice-versa blushes
[19:37:28] *** nickelone has joined #postfix
[19:37:30] *** growltiger_ has joined #postfix
[19:37:50] <Weasel[DK]> deface, now i remeber where i got the info.... O'Reilly - Postfix The Definetive Guide
[19:37:56] <Weasel[DK]> lol
[19:38:11] <deface> hmm
[19:38:13] <deface> old book?
[19:38:18] <Weasel[DK]> 2003
[19:38:32] *** Fallenou has joined #postfix
[19:39:17] <nickelone> morning, i am having a problem with a user not being found in the local recipient table in postfix, when the account is in the transport.db, and the set up was working until apparantly today
[19:40:28] *** mandragor has quit IRC
[19:40:34] <DrSmall> I just wanted to say, from earlier when I said that postfix was messing up, in reality (thanks to vice-versa) it was my modem connection causing problems.
[19:40:48] <deface> nickelone: postconf -q <email> hash:/path/to/transport
[19:42:11] <deface> err postmap -q
[19:42:13] <deface> sorry
[19:42:36] <nickelone> yeah, it returns the destination
[19:42:44] <deface> hmm
[19:43:32] <nickelone> yeah
[19:43:37] <deface> so it reads the file right
[19:43:41] <deface> nothings changed ?
[19:43:48] *** mandragor has joined #postfix
[19:44:13] <nickelone> nope, other than a couple of system related things because we are trying to track down some errant coms between this server and an unrelated server.
[19:44:50] <nickelone> the really strange thing is that i set it up like a month ago, got it and the alias working, and now, it stopped working and started throwing the errors...
[19:45:27] <nickelone> though i can't say that i kept sending the person test mails during that entire time, so this is the first that we have heard about the mail failing
[19:45:43] *** Severed_Head_Of_ has joined #postfix
[19:46:15] <deface> do a postfix reload
[19:46:20] <deface> and send it an email ..
[19:46:33] <deface> pastebin the relevant part of the logs
[19:46:41] <nickelone> ok
[19:46:48] <deface> also an output of postconf -n
[19:47:40] *** m4r71x has left #postfix
[19:49:00] *** amrit|zzz is now known as amrit|wrk
[19:49:13] *** growltiger has quit IRC
[19:51:14] <nickelone> deface: http://pastebin.com/m4c5ce6f8
[19:52:14] *** denis__ has joined #postfix
[19:53:37] *** rd1089 has joined #postfix
[19:57:00] <deface> nice networks .. what are you relaying for everyone ? haa
[19:57:11] <nickelone> heheheh
[19:57:19] <nickelone> it's for our internal webservers.....
[19:57:20] * vice-versa looks
[19:57:56] <nickelone> e-commerce, Verizon doesn't like email from webservers unless verizon can call back and verify the account lives there
[19:58:58] <deface> hmm, nothing happend to the pgsql part ?
[19:59:02] <deface> the user is in transport db
[19:59:23] <nickelone> nope, nothing with pgsql, and user is in the transport db
[20:00:51] *** DrSmall has quit IRC
[20:00:56] *** growltiger_ has quit IRC
[20:01:14] <vice-versa> nickelone: virtual alias woes?
[20:01:53] <nickelone> no, some transport stuff that was working perfectly for a month, then stopped working at some point
[20:01:55] <deface> and postmap -q brent.rusick at overnightprints dot com hash:/usr/local/etc/postfix/transport .. gives u what
[20:02:16] <nickelone> the destination : smtp:zsmtp.farheap.com
[20:02:27] <rd1089> hi, why does postfix say relaying denied to all outside address (gmail, yahoo, etc..)
[20:02:43] <rd1089> it accepts email for the local domain
[20:02:59] <nickelone> wierder thing is that sending brent at overnightprints dot com it checks transport and delivers, but using brent.rusick@ it just fails
[20:03:02] *** rouri has joined #postfix
[20:03:13] <deface> nickelone: sorry man, gotta run across town to a clients .. maybe vice-versa can help u out
[20:03:19] <nickelone> k
[20:03:36] <nickelone> vice-versa, did you see the pastebin link
[20:03:38] <nickelone> thanks deface
[20:03:42] <vice-versa> rd1089: smtpd_recipient_restrictions to strict perhaps
[20:03:48] <vice-versa> *too
[20:03:55] *** muecke77 has joined #postfix
[20:04:33] <vice-versa> nickelone: gemme a few to read the scroll back, I wasn't really paying attention was helping someone in private
[20:04:42] <nickelone> ok
[20:04:48] <nickelone> thanks
[20:04:53] *** wietze has joined #postfix
[20:05:06] *** lennard has joined #postfix
[20:06:05] <rd1089> vice-versa, i want to send all outgoing email through another smtp server on the internet, would i have to setup relay_host for that?
[20:08:15] <vice-versa> yes, but it's relayhost
[20:08:28] <vice-versa> !relayhost
[20:08:29] <knoba> vice-versa: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination. If your relay host requires authentication see the !saslclient channel factoid.
[20:08:29] *** Templar_Xion has joined #postfix
[20:11:34] <rd1089> vice-versa, why does main.cf have a relay_host option?
[20:11:47] <rd1089> is that something different?
[20:12:07] *** Zeit|awy_ has quit IRC
[20:12:19] <vice-versa> rd1089: it does not
[20:12:54] <rd1089> vice-versa, my bad, sorry. i quoted wrong
[20:13:52] *** A|3x has joined #postfix
[20:14:15] <rd1089> vice-versa, i set the relayhost = [smtp.myserver.net] it still say relaying denied if i try an gmail account
[20:14:53] *** Zeit|awy has joined #postfix
[20:15:09] <vice-versa> rd1089: relayhost is not for what you're thinking it's for
[20:16:09] *** githogori has joined #postfix
[20:16:53] <rd1089> vice-versa, how do i tell postfix to send all non-local mail to route through a specific smtp server?
[20:17:00] *** muecke77 has left #postfix
[20:18:43] <vice-versa> rd1089: with relayhost, but it has to be an smarthost that trusts you or you have to auth with sasl
[20:19:52] *** magyar_ has quit IRC
[20:20:20] <vice-versa> nickelone: is the overnightprints.com domain defined in virtual_alias_maps ?
[20:20:32] <nickelone> yeah
[20:21:21] <vice-versa> and you can postmap query it ok
[20:22:22] <nickelone> how do you do the postmap query on it when it's a db?
[20:22:38] <nickelone> it's querying the postgres database rather than a db file
[20:23:30] <vice-versa> postmap -q overnightprints.com pgsql:/usr/local/etc/postfix/pgsql-virtual.cf
[20:24:36] <nickelone> that returns nothing
[20:25:20] <vice-versa> just as a test, try adding virtual_alias_domains = $virtual_alias_maps overnightprints.com
[20:25:21] <nickelone> nm, putting an actual address in it returns a value
[20:26:16] *** growltiger has joined #postfix
[20:26:54] <nickelone> same thing
[20:27:25] <vice-versa> did you relaod postfix?
[20:27:31] <nickelone> yeah
[20:29:25] <grzybowski> how can i tell smtp to send an email using ip Y when the sender use the domain yyy.com ?
[20:29:47] <rob0> grz, use multiple instances.
[20:29:51] <nickelone> you got the part where if i send to brent at overnightprints dot com it finds it and forwards it off to the other server right...... which in the pgsql db, there is a forward for that entry who's destination is brent.rusick at overnightprints dot com
[20:30:34] <grzybowski> rob0: is there another way? or multiple instances are easiest one?
[20:30:38] <rob0> is the overnightprints.com domain defined in virtual_alias_domains ?
[20:32:01] <nickelone> rob0: yes, this is the main server for that domain, what we are doing is forwarding mail for the brent.rusick account to another server that is our Zimbra server
[20:32:15] <roe_> does the postfix local() support global mail delivery filtering? ie, [SPAM] -> .Spam?
[20:32:45] *** arj has quit IRC
[20:34:16] <rob0> Nick, understand that when you map an address@virtual_alias_domains to another@virtual_alias_domains, you also have to have a mapping for another@virtual_alias_domains
[20:35:05] <rob0> Eventually all of that has to resolve to a real mailbox or address somewhere.
[20:38:32] *** Severed_Head_Of_ has quit IRC
[20:44:14] *** brancaleone has quit IRC
[20:44:22] *** pitakill has quit IRC
[20:45:55] <rd1089> vice-versa, got the smtp relay to work
[20:46:18] <vice-versa> good, what did you have to do?
[20:46:18] *** Sylphid|work has joined #postfix
[20:46:27] <rd1089> vice-versa, how do i route local domain but not local user to the internet?
[20:46:50] *** CrazyFoam has joined #postfix
[20:47:06] <rd1089> vice-versa, well, i set the smtp_sasl_password_maps and other options for smtp + disables mynetworks
[20:47:21] <rd1089> vice-versa, disabled mynetwork variable
[20:48:20] <rd1089> my local domain is myhost.com, but i want to route abc at myhost dot com to the internet. user abc does not have a local user account
[20:48:41] <rd1089> in sendmail there is an option, i think its LUSER_RELAY
[20:48:52] <rd1089> how would i do that in postfix?
[20:49:09] <Sylphid|work> hello, im trying to set up spamassassin with postfix and im wondering if qmgr can only connect to one instance of spamassassin at a time
[20:49:53] <Sylphid|work> IE is having multiple spamd childern spawned wasting resources
[20:54:27] <xpoint> IE is a waste on its own :)
[20:55:35] <Sylphid|work> i.e. = illud est = that is to say
[20:55:48] <nickelone> rob0: so I have to have 2 mappings, on for brent@onp -> brent.rusick@onp smtp:destination,  and one for brent.rusick@onp -> brent.rusick@onp smtp:destination
[20:56:31] <Sylphid|work> sry was not reffering to internet explorer
[21:04:58] <vice-versa> rd1089: postfix has luser_relay as well but I don't think it will work the way you're wanting it to
[21:05:23] <rd1089> vice-versa, yes i was just reading about that
[21:05:28] <vice-versa> !luser_relay
[21:05:28] <knoba> vice-versa: "luser_relay" : a configuration parameter in the main.cf: Optional catch-all destination for unknown local(8) recipients. By default, mail for unknown recipients in domains that match $mydestination, $inet_interfaces or $proxy_interfaces is returned as undeliverable.
[21:05:52] <rd1089> vice-versa, i think fallback_transport does
[21:08:37] *** brancaleone has joined #postfix
[21:13:32] *** grzybowski has left #postfix
[21:14:56] <vice-versa> rd1089: hmm, maybe fallback_transport_maps would be better choice so you don't cause the other host to become a backscatter source
[21:16:52] <vice-versa> nickelone: I believe that's what he was referring too
[21:17:39] <nickelone> vice-versa: how can you have to mappings in transport?
[21:17:46] <nickelone> it won't let you
[21:18:11] <nickelone> and when i took out the brent@onp, it still refused to send via transport
[21:18:18] <nickelone> it's very strange
[21:22:24] *** carl- has joined #postfix
[21:23:18] <vice-versa> nickelone: not that it really has any relevance on your problem, but do you really mean to have mail.mail.overnightprints.com as a final destination?
[21:24:16] <nickelone> vice-versa: the final destination is zsmtp.farheap.com for that account in particular.
[21:24:38] <vice-versa> yeah, I mean in mydestination
[21:24:50] <nickelone> oh
[21:25:31] <vice-versa> mail.$myhostname just seems odd, and perhaps telling of something that might have changes as you stated this worked previously
[21:25:46] <vice-versa> s/changes/changed/
[21:25:52] <nickelone> true, i didn't notice that
[21:26:26] <nickelone> also, i think that's covered in the pgsql look up
[21:26:29] <nickelone> checking
[21:27:02] <vice-versa> sort of like mydomain and or myhostname got changed or swapped or something
[21:27:31] *** Haris1 has quit IRC
[21:27:44] <vice-versa> are you fairly confident that this worked previously?
[21:28:15] <vice-versa> can you prove it in log history perhaps
[21:28:28] <nickelone> yeah, i tested it from my yahoo and gmail accounts and it delivered.......
[21:28:31] <nickelone> it's wierd.....
[21:29:22] *** BuenGenio has quit IRC
[21:29:30] <vice-versa> what's the chances you got a backup of main.cf from around that period you could restore for comparison
[21:29:57] <nickelone> nill
[21:30:06] <nickelone> or close to
[21:30:26] <nickelone> yeah, and our backup servers are both hosed......
[21:30:33] <nickelone> so i can't even get one from tape
[21:33:12] <vice-versa> :(
[21:34:18] <nickelone> yeah.....
[21:34:28] <nickelone> teach me not to have copies on the server
[21:35:12] <nickelone> the only thing that i changed in main.cf was the transport line was commented out, so i uncommented it and put the entries in there for the accounts
[21:35:46] <vice-versa> transport_maps?
[21:36:06] <nickelone> yeah, it was commented out prior to setting this up for this account, there was no need for it
[21:36:25] <nickelone> it's like its failing to even look at the transport_maps
[21:36:33] *** jeffspeff has joined #postfix
[21:37:17] <nickelone> except when the mail is accepted for brent@onp, then it looks at the transport_map to find out where to forward it to, and then it delivers it
[21:38:42] <vice-versa> brent is a local user?
[21:39:21] <nickelone> yeah, in the pgsql db
[21:39:41] *** rouri has quit IRC
[21:39:44] <nickelone> but there is a forward directive that forwards to brent.rusick@onp, which then follows the transport mapping
[21:41:02] <vice-versa> in /usr/local/etc/postfix/transport correct?
[21:41:08] <nickelone> yeah
[21:42:40] *** deadpigeon has quit IRC
[21:45:27] *** eanxgeek1 has left #postfix
[21:46:17] <vice-versa> hmm, what I'm thinking is postfix needs to know brent.rusick is a valid local recipient before it consults the transport mapping
[21:48:39] *** Zelest has quit IRC
[21:50:24] *** brancaleone has quit IRC
[21:50:25] *** muecke77 has joined #postfix
[21:53:12] <vice-versa> nickelone: you following me?
[21:54:19] *** muecke77 has left #postfix
[21:57:16] * vice-versa takes the dog out for a smoke
[22:13:23] *** MarkRichman has joined #postfix
[22:16:53] <MarkRichman> Anyone here have experience setting up a TLS outbound connection that requires client certs? I need to send from my MS IIS web server to a remote mail server that requires TLS+Client Cert
[22:19:27] <vice-versa> doubt you'll find much help in this channel for an ms mta
[22:20:03] *** Deffie has joined #postfix
[22:20:48] *** brancaleone has joined #postfix
[22:20:52] *** jeffspeff has quit IRC
[22:27:04] *** Mara has joined #postfix
[22:27:09] *** Mara has left #postfix
[22:27:30] <rd1089> vice-versa, is there a way to transport mail for a local user to the internet, for example user@$mydestination ?
[22:28:10] <MarkRichman> no, i dont want an MS MTA
[22:28:39] <MarkRichman> i want to use postfix to send the emails...i want to send from my IIS box through postfix and out to the remote domain via TLS+Cert
[22:29:56] <lunaphyte_> MarkRichman: truly requires a *client* cert?
[22:30:30] <MarkRichman> lunaphyte: yes...they said TLS + basic auth is not sufficient
[22:31:42] <lunaphyte_> see the various smtp_tls parameters
[22:33:20] <MarkRichman> i guess i need to set up a relay??
[22:39:53] <vice-versa> relay?
[22:40:21] <MarkRichman> i am a novice here
[22:40:48] <MarkRichman> i need to do this web app on IIS -> postfix -> remote domain via TLS+Client cert
[22:41:36] <xpoint> MarkRichman, iis running on dynamic ip ?
[22:41:42] *** muecke771 has joined #postfix
[22:41:47] <vice-versa> first postfix has to trust the IIS boxen to relay through the postfix server
[22:42:02] <MarkRichman> they are all static ips in my datacenter
[22:42:25] <MarkRichman> so the trust issues are non-issues
[22:42:35] <xpoint> MarkRichman, postfix relay for all ips matches mynetwork
[22:42:37] <vice-versa> then add the ip of the iis box to mynetworks
[22:43:21] <vice-versa> or it may already be covered, postconf mynetworks
[22:43:38] <xpoint> MarkRichman, but dont add 0.0.0.0/0 to mynetworks :)))
[22:43:47] <vice-versa> O.o
[22:43:57] <vice-versa> !mynetworks
[22:43:57] <knoba> vice-versa: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.
[22:43:58] <MarkRichman> and then configure a self-signed cert in postfix and use that for the client communication to the remote smtp domain?
[22:44:37] <vice-versa> possibly, depends how strict they are with their tls accepting
[22:45:14] <xpoint> !failback_relay
[22:45:15] <knoba> xpoint: Error: "failback_relay" is not a valid command.
[22:45:39] <xpoint> vice-versa, add it ?
[22:46:05] <MarkRichman> vice-versa: strict in what sense?
[22:46:22] <vice-versa> as in will they trust the CA of a self-signed cert, in this case that will be you
[22:46:47] <xpoint> MarkRichman, in that case use your isp smtp server if you cant send some domains mail to them
[22:47:10] <MarkRichman> vice-versa: yes they will accept our self-signed cert or a commercial one
[22:47:37] <vice-versa> well you're all set then
[22:47:40] *** muecke771 has quit IRC
[22:47:50] <MarkRichman> that was kinda easy lol
[22:48:06] <vice-versa> I guess it boils down to if you know what to do next ;)
[22:48:25] <MarkRichman> well, how do i tell postfix that * at * dot example.com requires TLS+client cert?
[22:50:20] <vice-versa> with opportunistic smtp tls, the postfix smtp-client will figure out the remote host supports tls and establish the connection
[22:53:09] *** bieb has left #postfix
[22:54:19] <vice-versa> !tls_readme
[22:54:19] <knoba> vice-versa: "tls_readme" : http://www.postfix.org/TLS_README.html : Transport Layer Security (TLS/SSL) features in Postfix
[22:55:07] <MarkRichman> yeah i already got it working as a server accepting TLS connections
[22:55:14] <MarkRichman> just not sure about initiating them
[22:55:19] <MarkRichman> thanks for the pointers
[22:55:25] <vice-versa> initiating?
[22:55:41] <MarkRichman> postfix acting as the smtp client to a remote domain
[22:55:46] <MarkRichman> is that an MTA?
[22:56:01] <vice-versa> !mta
[22:56:01] <knoba> vice-versa: "mta" : Mail Transfer Agent: software that facilitates the transfer of mail messages between hosts
[22:57:35] <vice-versa> if you already have smtpd tls working, smtp_tls_security_level = may should be all you need
[22:58:04] <MarkRichman> and of course the remote domain would have to be configured to trust my cert
[22:58:37] <vice-versa> right, which you stated wasn't an issue
[22:59:05] *** havvg has quit IRC
[23:00:41] <MarkRichman> cool, so as long as i change my IIS box to use the IP that postfix listens on instead of that piece of shit on its localhost, i'm golden ;)
[23:01:07] <MarkRichman> M$FT wants you to use Exchange, natch
[23:12:37] *** carl- has quit IRC
[23:14:22] <vice-versa> heh, mSeXchange
[23:16:38] <jelly> how are postfix queue ids generated?
[23:30:01] <xpoint> random
[23:30:31] <xpoint> with a salt of unix time added
[23:31:50] *** ikaro has quit IRC
[23:33:55] *** brancaleone has quit IRC
[23:35:05] *** ikaro has joined #postfix
[23:36:23] *** lataffe has joined #postfix
[23:36:29] *** mandragor has quit IRC
[23:36:35] *** githogori has quit IRC
[23:49:15] <vice-versa> jelly: postfix queue IDs are partially based on the fs inode number of the message
[23:51:21] <nickelone> vice-versa and rob0: thanks for the tips, looks like all i needed to do is make an entry in virtual for brent.rusick@onp brent.rusick@onp, then it went to transport, now i just have to verify that the person got it
[23:52:26] *** _Radiance has joined #postfix
[23:53:23] *** Fallenou has quit IRC
[23:55:04] <vice-versa> nickelone: interesting
[23:55:29] <nickelone> vice-versa: i am checking to make sure it was received on the other server
[23:56:47] <vice-versa> if it accepted it what happens after that is beyond mail.overnightprints.com's control ;)
[23:57:05] <nickelone> yeah... looks good, i am checking his inbox....
[23:57:13] <nickelone> again, thanks a bunch
[23:57:40] <vice-versa> nickelone: np, so basically what you did was what i was thinking but via virtual instead of local





top