[00:05:28] *** Zblakany_ has joined #postfix
[00:12:25] *** Southron has left #Postfix
[00:13:56] *** justizin has joined #postfix
[00:15:12] <justizin> howdy, i am migrating a mailman host and want the current host to forward incoming messages to the new host, rather than processing with its' local mailman, is there a simple way to do this?
[00:15:24] <justizin> of course, it's running postfix at both ends :)
[00:21:16] *** Zblakany has quit IRC
[00:21:33] *** Evanlec has joined #postfix
[00:22:30] <Evanlec> So I'm wondering about some spam that users are getting that appears to be coming from themselves, looks like spammer has altered the from: field, is there a way i can block these types of spam with postfix?
[00:22:31] <sahil> justizin: consider transport maps.
[00:22:53] * justizin googles
[00:23:19] <sahil> Evanlec: this is common; you can either block all incoming messages that appear to be From: one of your domains AND NOT sent from within mynetworks or authenticated (SASL, et cetera) clients.
[00:23:54] <sahil> Evanlec: OR you can use zen.spamhaus.org, SA, and other tools to block that spam, because blocking the spam in the way i describe above has various unintended consequences.
[00:24:30] <sahil> Evanlec: see the archives over the last 2-3 days on the postfix-users mailing list; there has been extensive discussion about such spam and how to combat it ... appanrelt there's been a pickup in such messages, but we haven't seen it here.
[00:25:46] *** jimpop has joined #postfix
[00:27:03] <Evanlec> sahil: yea, actually ive noticed it a lot, i work for an ISP and we're getting more and more customers getting spam from themselves
[00:27:31] <Evanlec> i'm trying to find a fix for it so i can get promoted ;p
[00:28:00] <justizin> sahil: do i need to configure the transport.db table in one of my .cf files, or is /etc/postfix/transport.db default ?
[00:28:57] <justizin> ah, i need to connect it to one of the transports, duh.
[00:29:33] <sahil> Evanlec: what i describe above is a potential fix, but like i said, there is no panacea and each proposed solution will create potential for side effects.
[00:29:53] <sahil> Evanlec: do you guys use RBLs to block traffic at SMTP time?  i highly recommend using zen.spamhaus.org to do that.
[00:29:57] <Evanlec> sahil: yea, well especially because the mails are coming from different sources
[00:30:21] <sahil> Evanlec: are the spamming machines compromised MXs in your opinion or dynamic-looking IP subnets?
[00:30:28] <sahil> we block the latter outright with a pretty simple PCRE.
[00:30:59] <Evanlec> sahil: appears to be the latter, here's one for example
[00:31:01] <sahil> justizin: you should read the transport manual to gain a better understanding of how to use them.  you don't hand-edit a .db file; you edit a text file and then postmap it.
[00:31:04] <Evanlec> sahil: Received: from 212-182-188-170.ip.telfort.nl (212-182-188-170.ip.telfort.nl [212.182.188.170])
[00:31:16] <justizin> sahil: yeah, i created a new one with postmap, so i'm thinking maybe it isn't configured..
[00:31:19] <sahil> Evanlec: from the maillog, what did that machine HELO (or EHLO) as?
[00:31:28] *** aba- has quit IRC
[00:31:28] <Evanlec> ah
[00:31:38] <sahil> justizin: not sure; without seeing your postconf -n and some relevant logs, it's just a wild guess.
[00:31:45] <Evanlec> sahil: that i dont have access to atm ;p
[00:32:12] <justizin> i can pastebin postconf -n for you..
[00:32:16] <sahil> Evanlec: ah, so you don't really run the mail server. :-)
[00:32:49] <justizin> sahil: http://pastebin.ca/1278357
[00:32:51] <Evanlec> sahil: this is true, i do run my own postfix mailserver, but i don't run the ISP's, i was thinking of testing solutions out on my mailserver, and then suggest the fix to the NetOps ppl here at the ISP
[00:33:10] <sahil> Evanlec: but my guess is that machine *did* HELO with that dynamic hostname, in which case, a simple PCRE that checks for dynamic-looking HELOs would've rejected it.
[00:33:13] <sahil> % postmap -q 212-182-188-170.ip.telfort.nl pcre:helo_checks
[00:33:16] <sahil> REJECT  Generic hostname. Please use your ISP or fix your rDNS.
[00:33:31] <justizin> Evanlec: that's a fantastic way to make friends, let me tell ya ;)
[00:33:35] <sahil> Evanlec: do you work at the ISP to begin with like you claimed above? :)
[00:33:53] <Evanlec> justizin: lol
[00:34:01] <Evanlec> sahil: yes i do, im in tech support
[00:34:07] <Evanlec> sahil: im actually at work right now ;p
[00:34:15] <sahil> justizin: i don't see transport_maps defined in your main.cf.
[00:34:19] <Evanlec> sahil: and we're getting more and more calls about ppl getting spam from themselves
[00:34:41] <sahil> Evanlec: hard to help troubleshoot the problem if we can't know what defenses and setup your ISP already has in place.
[00:34:54] <justizin> sahil: me either. i think just the string "transport_maps" may be what i was unable to deduce from transport(5)
[00:35:15] <Evanlec> sahil: well i understand, they use Proofpoint for spam
[00:35:18] <sahil> Evanlec: like i said, look at past 2-3 days of archives on the mailing list to get some generic ideas and point your fellow employees in the right direction.
[00:35:22] <sahil> proofpoint *sucks* :0
[00:35:31] <Evanlec> lol
[00:35:38] <justizin> Evanlec: that is a common problem, btw, forged from: header.  shouldn't be too difficult to find a doc on the net about it.
[00:35:47] <sahil> justizin: http://www.postfix.org/postconf.5.html#transport_maps
[00:35:48] <Evanlec> yea, i think its microsoft platform?
[00:36:15] <justizin> sahil: ah-ha, a better copy of postconf(5)
[00:36:22] <sahil> people often conflate From: header and the ENVELOPE From, even on allegedly helpful docs on the wonderful net...
[00:36:27] <Evanlec> justizin: thats what i thought, but the issue's been occuring at our isp for a while now, and all the collective brainpower of the abuse department has not come up with a solution
[00:36:29] <sahil> which is confusing solutions.
[00:37:02] <sahil> Evanlec: if they want to pay someone to consult and help fix the problem, i freelance. :)  you can get a cut if they enlist my services.
[00:37:05] <Evanlec> sahil: yea, i see what u mean, is there any way to see the envelope from address on an email?
[00:37:08] <justizin> Evanlec: basically, what's most likely is that outgoing mail is restricted not by SMTP Auth, or origin address, but by from address.  so, i can send spam from evanlec at yourcompany dot com to an invalid address, and you get the spam as part of the bounce..
[00:37:14] <Evanlec> sahil: haha nice
[00:37:39] <sahil> Evanlec: you need the maillog and access to config to effectively troubleshoot this effectively.
[00:37:40] <justizin> I highly recommend SMTP AUTH, personally.  When I worked at Rackspace, we required it of all servers accepting mail from the 'net.
[00:37:45] <sahil> and i just used effectively twice.
[00:37:48] * sahil lays off the beer
[00:37:55] <justizin> heh
[00:37:55] <Evanlec> sahil: yea k
[00:38:08] <justizin> sahil: maybe you *really* want to drive home the idea about effectiveness
[00:38:12] <sahil> justizin: you can't force SMTP AUTH for all incoming mail from the net; that makes no sense. :)
[00:38:18] *** JMK has joined #postfix
[00:38:22] <Evanlec> sec, on a call
[00:38:23] <justizin> sahil: accepting outgoing mail.
[00:38:28] <sahil> then most mail servers would never be able to send you mail
[00:38:37] <sahil> makes sense to force SMTP AUTH for relaying mail to the outside world. :-)
[00:38:55] <justizin> yes, this problem is created by people forging local addresses so that the actual user gets a bounce.  it's an outgoing mail problem.
[00:39:09] <JMK> Some web services(etc: hotmail, yahoo.. ) doesnt accept emails from dhcp network. what do you suggest me ?
[00:39:22] <justizin> the problem is not that a mail comes TO Evanlec at hiscompany dot com, it goes from his server to an invalid address like foozle@barzle, and bounces back to him..
[00:39:34] <thumbs> yes, spammers.
[00:39:36] <sahil> JMK: use a relayhost to relay through your ISP mailserver, perhaps.
[00:39:44] <sahil> justizin: that mail shouldn't *bounce*.
[00:39:56] <sahil> justizin: it should be rejected at SMTP time so the real evalec at hiscompany dot com never even hears about it.
[00:40:10] <sahil> the server sending bounces is a source of backscatter and should be unplugged from the internet.
[00:40:16] <justizin> there are a few variations to get around various means of trying to deny these messages..
[00:40:25] <JMK> sahil, yeah good idea, I will try it.
[00:40:27] <justizin> you can send them to an invalid user at a valid domain, and let them do the bouncing for you.
[00:40:44] <justizin> e.g. foozle at microsoft dot com or random-string at microsoft dot com
[00:40:48] <sahil> no... servers should just not accept email (and later bounce it to create backscatter) for users that don't exist.
[00:41:04] <justizin> sahil: how do they know if the remote user exists?
[00:41:19] <justizin> let's approach this from an angle of what they *should* allow
[00:41:36] <justizin> i connect to my smtp server, send mail as justizin at whatever dot com to someone-who-doesnt-exist at another dot com
[00:41:45] <sahil> what?
[00:42:03] <justizin> i will receive a message, in 5 minutes, or a few hours, from another.com saying, hey, you sent a mail to someone who doesn't exist here..
[00:42:04] <sahil> i'm talking about server X sending message to nonexistentuser@serverY
[00:42:16] <justizin> follow me and stop arguing, please :)
[00:42:21] <justizin> you can tell me i'm an idiot when i'm done explaining
[00:42:24] <sahil> serverY should *NOT* bounce that message; it simply should not let it come through and give server X a message during the SMTP conversation that the user does not exist.
[00:42:45] <justizin> sahil you don't even understand the problem.  i've seen it on a few thousand servers.
[00:43:02] <justizin> let's say i have a server outside my physical network, say, at Rackspace, or nowadays, an even more awesome hosting provider..
[00:43:05] <Evanlec> alright let me catch up here
[00:43:16] <Evanlec> i get very dumb ppl calling me
[00:43:17] <justizin> i want to use SMTP to relay for my company's users to the outside world, on this server.
[00:43:49] * sahil follows along and waits for the punchline
[00:43:51] <justizin> so, i can connect from any ip, and say hey, i am justizin at mycompany dot com, and i want to send email to someone at someothercompany dot com.
[00:44:22] <justizin> the simplest way to restrict, which too many people rely on, is to say, hey, only someone at mycompany dot com can send outgoing mail from this server..
[00:45:02] <sahil> justizin: your server at rackspace should be setup to SMTP AUTH and not let you relay otherwise.  if it's not, that's just a stupid open relay.  and you can setup postfix to not only require smpt auth, but also make sure the Mail From matches the authenticating username.
[00:45:10] <justizin> sahil: that's exactly what i said.
[00:45:17] <sahil> *yawn*
[00:45:24] <justizin> i dont understand where a disagreement occurred.
[00:45:26] <Evanlec> justizin: Oh, so you're saying that the spammer sends mail with from:evanlec at metrocast dot com in the header, and to: somerandomname at randomhost dot com and the bounceback comes to me at evanlec at metrocast dot com because of the from: header
[00:45:34] <justizin> evanlec; yes.
[00:45:39] <sahil> THAT IS BACKSCATTER
[00:45:41] <sahil> grrrrrr
[00:45:59] <sahil> randomhost.com's mailserver should never have accepted the email and then generated a bounce.
[00:46:04] <justizin> by not letting any address on the internet anonymously send mail as your local domain users, via SMTP AUTH or IP-based ACL, you can kill that..
[00:46:19] <sahil> justizin: that's false.
[00:46:22] <justizin> sahil: but you can't control that.  mailservers can't be run as if everyone knows the RFCs.  be a good citizen and expect others not to.
[00:46:33] <sahil> i can right now send an email pretending to be evanlec
[00:46:36] <sahil> through my own mail server.
[00:47:22] <sahil> justizin: what you just uttered is an obvious truism; it doesn't change the fact that what evanlec describes is backscatter and if servers spew enough of it, they get noticed and blacklisted. :)
[00:47:25] <justizin> true, it is not absolute, you can only avoid being a source.
[00:47:25] *** Knoedel2 has quit IRC
[00:47:49] <justizin> yes of course you need tiered access control, we don't even know if evanlec's isp is using any blacklists ;d
[00:48:15] <sahil> right, which is why it's difficult to help him brainstorm ideas since even he does not know what's going on!
[00:48:15] <justizin> if it kept a msgid cache it might reject bounces for messages it didn't originate.
[00:48:32] <justizin> fair enough, i jumped to a quick conclusion perhaps
[00:48:37] * justizin goes to configure his transport_maps
[00:48:38] <justizin> ;d
[00:48:54] <sahil> good luck.
[00:49:01] <Evanlec> lol
[00:49:08] <Evanlec> the isp i work for does blacklist
[00:49:15] <Evanlec> however
[00:49:23] <sahil> should be fairly straightforward if i understood your requirement; just redirect all messages to some.mailman at address dot org to another MX for final processing.
[00:49:32] <Evanlec> the mail users are getting doesnt appear to be bounce messages
[00:50:02] <sahil> Evanlec: yes, that is not backscatter; in this case, it is simply spammers targetting userx at somewhere dot com purporting to themselves be userx at somewhere dot com.
[00:50:30] <justizin> sahil: if i created /etc/postfix/transport, and then ran 'postmap /etc/postfix/transport' which created /etc/postfix/transport.db, i should have "transport_maps = dbm:/etc/postfix/transport.db", correct?
[00:51:16] <sahil> justizin: nope, remove the trailing .db from your main.cf entry.  the fact you specify dbm tells postfix to parse the database, not the text file.
[00:51:16] <justizin> well, the server is all mailman, so i've just set up all of lists.somedomain.com to go to newserver.somedomain.com
[00:51:35] <justizin> okay, that's why i asked, that seemed potentially the case, just wasn't clear.
[00:52:20] <sahil> justizin: are you sure your default database type is dbm?
[00:52:37] <justizin> no, how do i check?
[00:52:44] <sahil> the fact your postmap command created a .db file suggests it's hash.
[00:52:48] <justizin> ok
[00:53:00] <sahil> postconf -d | grep default_database_type
[00:53:19] <justizin> yah hash, thanks
[00:53:34] <Evanlec> alright 1 sec
[00:53:34] <sahil> so you want transport_maps = hash:/etc/postfix/transport
[00:53:48] <justizin> got it, then reload
[00:53:52] <justizin> i guess i am in business..
[00:53:53] <sahil> Evanlec: metrocast has 12 inbound MXs.  going to be hairy task coordinating all that. :)
[00:54:03] <Evanlec> sahil: lol
[00:54:06] <sahil> justizin: what is content of transport?
[00:54:08] <Evanlec> metrocast.net /
[00:54:09] <Evanlec> ?
[00:54:14] <Evanlec> or metrocast.com
[00:54:42] <justizin> lists.pushtotest.com :[ptt.vongogo.net]
[00:54:48] <sahil> Evanlec: same thing.
[00:55:12] <sahil> justizin: give it a test. :)
[00:55:12] <justizin> ptt.vongogo.net is the name for the new 'lists.pushtotest.com'
[00:55:22] <Evanlec> okay, so would SMTP AUTH block mail with from: headers that didnt match host domain ?
[00:55:32] <justizin> well, i guess i should set up mailman's web ui and add myself to a list ;d
[00:55:47] <sahil> Evanlec: i don't think you're understanding what SMTP AUTH does and why/when it's useful.
[00:56:00] <Evanlec> true
[00:56:02] <sahil> Evanlec: definitely read the postfix.org docs that relate to AUTH to gain a better understanding.
[00:56:04] <Evanlec> what is it? ;p
[00:56:28] <sahil> Evanlec: you don't want to sound like a total noob when speaking to the guys that are responsible for administrating the MXs. :)
[00:56:30] <Evanlec> prevents relaying from hosts that don't have an FQDN ?
[00:56:35] <Evanlec> lol
[00:56:36] <Evanlec> i agree
[00:56:46] <sahil> no, that's totally wrong.
[00:56:46] <sahil> wow
[00:56:48] <sahil> :P
[00:56:50] <Evanlec> bah
[00:57:00] <justizin> Evanlec: SMTP AUTH requires you to authenticate as, say, evanlec at somesite dot com, before you can send mail as that user.
[00:57:17] <justizin> just as when you connect to imap or pop
[00:57:41] <justizin> it also allows hosts to authenticate with each other, but you can't really reject mail, as sahil said earlier, from every server that won't auth with you ;d
[00:57:52] <sahil> Evanlec: and requiring this on metrocast's outgoing smtp servers is a good idea but it will not in ANY WAY stop the spammers who are sending mail to metrocast users as if they themselves are those same metrocast users..
[00:57:53] <Evanlec> justizin: i c
[00:58:26] <sahil> in fact, i bet metrocast *already* requires auth for its users to relay to the outside world, but that will not stop spammers from pretending to be the users to whom they're sending spam.  these are fundamentally different things.
[00:58:26] <justizin> it can also be unpopular, a lot of companies are willing to be spam relays if their provider doesn't threaten to cut them off.
[00:58:50] <justizin> also providers, meh..
[00:59:13] <justizin> yes, sahil is right, people can cause bounces without sending through your server, but they have an increased capacity to if you don't auth.
[00:59:39] <justizin> as an isp, i would be willing to bet they don't auth, but let any metrocast user send.
[01:00:08] <Evanlec> sahil: indeed it does require auth from users, can't send mail thru their servers unless ur on their network (a customer), and they also block port 25
[01:00:17] <sahil> that's what i thought.
[01:00:19] <justizin> avast, i was wrong ;d
[01:00:23] <justizin> i guess the times are-a-changin'
[01:00:50] <Evanlec> so you think the spammer is on our network, or outside?
[01:01:02] <Evanlec> if they were on our network they would likely get shut-off quickly
[01:01:17] <Evanlec> we do shut ppl off if they're spamming
[01:02:37] <justizin> well, if you auth, it's not that, i was wrong.
[01:03:01] <justizin> the postfix backscatter howto might be useful to you.
[01:03:37] *** Zblakany has joined #postfix
[01:04:23] <Evanlec> justizin: but the spam emails in question don't look like bounceback messages to me
[01:06:01] <Evanlec> justizin: well maybe they don't auth, in which case anyone could send thru their servers if they just specify a metrocast.net email address in the from: field?
[01:06:14] <sahil> no the backscatter howto will not be useful because this is not backscatter if it is not bounces!
[01:06:24] <sahil> Evanlec: the spammer, as indicated from your Receiver header is NOT on your network.
[01:06:25] <justizin> you are tech support and you don't know if people are required to input their login info to send mail? ;)
[01:06:35] <Evanlec> sahil: yes true
[01:06:43] *** pirho has quit IRC
[01:06:50] <justizin> so you're accepting mail from @metrocast.net that isn't from your servers.
[01:06:50] <Evanlec> justizin: lol, oh i just wasnt thinking
[01:07:03] <Evanlec> they do not require login info to SEND
[01:07:07] <Evanlec> only to receive
[01:07:20] <justizin> well, that's also a concern, but it sounds like not the cause here.
[01:07:29] <Evanlec> but i presumed that is because their ip address was authenticated so thus the login wasnt necessary
[01:10:22] <justizin> your SPF record is questionable: metrocast.net.		1800	IN	TXT	"v=spf1 mx ip4:65.175.128.128/25 ?all"
[01:10:33] *** amrit is now known as amrit|bbl
[01:11:57] <Evanlec> why's that/
[01:12:09] <justizin> if you had "-all" at the end, it would mean that a failure should be caused if anyone tries to send email as metrocast.net and isn't either listed as an MX (with reverse dns) or matches that ip4 mask.  if you had +all it would say, these specific servers, and also, any other server, which would be totally useless.
[01:12:27] <justizin> the ?all may be up for interpretation, for one.  it's neutral.  "here are my servers, i am neutral on all others."
[01:13:29] <justizin> so, instead of saying, "only my mx and these hosts are valid, and no others", it says, "only my mx and these hosts are valid.  any others may be."
[01:13:57] <justizin> the SPF is important for keeping others from accepting mail from you that is not from you, but may also be important in keeping you receiving mail from you that is not from you.
[01:14:05] <justizin> i would change that to "-all"
[01:14:33] <justizin> http://www.openspf.org/SPF_Record_Syntax
[01:16:18] *** hparker has quit IRC
[01:16:18] *** scientes has quit IRC
[01:16:18] *** CrazyFoam has quit IRC
[01:16:18] *** memetic has quit IRC
[01:16:19] *** blackflag has quit IRC
[01:16:19] *** Rockj has quit IRC
[01:16:19] *** zamba has quit IRC
[01:16:19] *** manlymat_83 has quit IRC
[01:17:16] *** scientes has joined #postfix
[01:17:16] *** hparker has joined #postfix
[01:17:16] *** CrazyFoam has joined #postfix
[01:17:16] *** memetic has joined #postfix
[01:17:16] *** blackflag has joined #postfix
[01:17:16] *** manlymat_83 has joined #postfix
[01:17:16] *** Rockj has joined #postfix
[01:17:16] *** zamba has joined #postfix
[01:18:15] <sahil> justizin: many places do not force users to send email from only their MX.
[01:18:26] <sahil> both of you should read this thread to gain a better understanding of what is going on: http://archives.neohapsis.com/archives/postfix/2008-12/0010.html
[01:18:47] <justizin> sahil: i understand, but that means that anyone can send mail as their domain, and there is not much that can be done to protect.
[01:19:00] <sahil> and also read this particular response: http://archives.neohapsis.com/archives/postfix/2008-12/0093.html
[01:19:21] <justizin> alright, i will dig in in a bit, have to run a couple of errands.  thanks, sahil.
[01:19:23] <sahil> just read the thread.  like i said when this entire discussion started, there is actually MUCH that can be done to protect, but there are other consequences of either route you take.
[01:19:24] <Evanlec> SPF stands for what?
[01:19:35] <justizin> Sender Policy Framework
[01:19:36] <sahil> Evanlec: GOOGLE it. :P
[01:19:40] <Evanlec> bah
[01:19:46] <justizin> yes, google it, and follow the link i put up to openspf.org ;)
[01:20:08] <xpoint> justizin, postfix can restrict local users to use smtp auth if sending domain is local, see smtpd_login_missmath_maps if i recall it
[01:20:32] <jimpop> the problem with SPF is that everyone who implements it uses ~
[01:21:11] <xpoint> jimpop, and other does use +all
[01:21:14] <justizin> xpoint: we're a bit past that in the convo, but thanks..
[01:21:22] *** Zblakany_ has quit IRC
[01:21:25] <Evanlec> harr
[01:21:26] <justizin> or ?all like Evanlec's ISP
[01:21:30] <jimpop> if you don't know exactly which IPs are sending your email, then you have much worse problems than SPF can solve
[01:21:33] <justizin> all of which result in, "whatever, accept it."
[01:21:33] <Evanlec> sry didnt see that link
[01:23:12] <Evanlec> indeed
[01:23:21] <Evanlec> the IP's sending the spam are varied
[01:24:04] <Evanlec> now on the end-user side, is there something they can do to block these locally?
[01:24:28] <jimpop> Evanlec, spamassassin will read SPF records and tag email accordingly
[01:24:57] <sahil> xpoint: yes, that is it; dicussed above; it does not help address the problem of spammers using from addresses to send people spam. :)
[01:25:21] *** bluethundr has joined #postfix
[01:25:36] <xpoint> From: is not equal to envelope sender
[01:26:35] <xpoint> and no spf is not a spamfighter but a whitelist/forged protector
[01:26:57] <BBishop> I still don't get why wouldn't people implement something in postfix to only allow mail for a domain only if it comes from the mx servers for that domain ..
[01:27:14] <BBishop> it would make a lil bit more traffic .. but it would help fight against spam ..
[01:27:58] <xpoint> BBishop, thats a good questions, might be that smtp auth need to work to force spf very strict
[01:36:55] *** Zblakany has quit IRC
[01:40:44] *** JMK has quit IRC
[01:47:58] <sahil> xpoint: from not being == envelope sender also discussed above.
[01:48:00] <sahil> lastlog? :P
[01:48:35] <sahil> as discussed in the thread i pasted, spammers are also using Mail From (*NOT* From: header) in forged spam.
[01:51:08] <xpoint> yes if sender domain is local check if sender knows the smtp auth password
[01:51:21] <xpoint> if not reject
[01:51:25] <Evanlec> sahil: how did you find the SPF record for metrocast.net ?
[01:51:47] *** havvg has quit IRC
[01:52:11] <jimpop> Evanlec: "v=spf1 mx ip4:65.175.128.128/25 ?all"    (dig txt metrocast.net)
[01:52:27] <Evanlec> right but what did u do
[01:52:29] <xpoint> Evanlec, http://old.openspf.org/wizard.html?mydomain=metrocast.net&submit=Go!
[01:52:38] <Evanlec> ah
[01:52:43] <jimpop> Evanlec: dig txt metrocast.net
[01:53:04] <jimpop> (in a shell prompt)
[01:53:09] <xpoint> dig is not that helpfull only last resort :)
[01:53:29] <jimpop> pfft.  you web 2.0 guys
[01:53:38] <jimpop> ;-)
[01:54:38] <xpoint> jimpop, who do not say i have a frammebuffer at 1600x1200 with graphics ? :)
[01:55:10] <jimpop> :-) it makes it easier to have 10 open consoles ;-)
[01:56:20] <xpoint> that depends
[01:57:22] *** bluethundr has quit IRC
[01:57:30] *** bluethundr has joined #postfix
[01:59:55] *** growltiger has joined #postfix
[02:00:03] *** growltiger_ has quit IRC
[02:03:15] *** bluethundr_ has joined #postfix
[02:06:09] *** bluethundr__ has joined #postfix
[02:06:22] *** bluethundr_ has quit IRC
[02:07:08] *** bluethundr__ has quit IRC
[02:07:38] *** bluethundr_ has joined #postfix
[02:10:21] <Evanlec> so how do i add an spf record for my mailservor ? ;p
[02:10:38] <jimpop> you need to add it to your DNS
[02:10:46] <Evanlec> is it called an SPF record?
[02:10:53] <jimpop> usually
[02:11:04] <Evanlec> would it be called TXT ?
[02:11:04] <jimpop> but some DNS providers call it a TXT Record
[02:11:07] <Evanlec> ah
[02:11:29] <jimpop> and some DNS provider still don't support txt records
[02:11:31] <jimpop> :-(
[02:12:03] <Evanlec> what is an SOA record?
[02:12:40] <jimpop> it's the start of authority record
[02:12:54] <jimpop> it contains admin email, and timeouts
[02:13:09] *** F6F has quit IRC
[02:13:13] <jimpop> http://www.zytrax.com/books/dns/ch8/soa.html
[02:13:32] *** bluethundr__ has joined #postfix
[02:13:33] *** bluethundr_ has quit IRC
[02:14:36] *** bluethundr__ has quit IRC
[02:14:39] *** bluethundr_ has joined #postfix
[02:17:37] *** xpoint has quit IRC
[02:19:19] *** bluethundr has quit IRC
[02:21:00] * jimpop goes to CVS
[02:21:03] *** jimpop has quit IRC
[02:21:55] *** bluethundr_ has quit IRC
[02:22:04] *** bluethundr has joined #postfix
[02:25:24] *** war9407 has quit IRC
[02:38:41] <justizin> sahil: now that i have my relay_tables set up on the old host, what config do i need on the new host?
[02:43:00] *** s0what has quit IRC
[02:45:42] <justizin> hm i added the ip of the old host to mynetworks, hopefully that is enough.
[02:56:30] *** bluethundr_ has joined #postfix
[03:01:09] *** hparker has quit IRC
[03:01:37] *** niki has quit IRC
[03:10:00] *** bluethundr has quit IRC
[03:17:19] *** rcsu_ has joined #postfix
[03:17:57] *** shasta has quit IRC
[03:20:55] *** tris has quit IRC
[03:21:08] *** tris has joined #postfix
[03:21:43] *** shasta has joined #postfix
[03:32:08] *** tris has quit IRC
[03:34:02] *** rcsu has quit IRC
[03:39:25] *** Tr3ze has joined #postfix
[03:40:25] *** tris has joined #postfix
[03:43:59] *** Tr3ze has left #postfix
[04:00:05] *** Haris_ has joined #postfix
[04:00:06] *** Haris has quit IRC
[04:04:15] *** justizin has quit IRC
[04:04:35] *** justizin1 has joined #postfix
[04:04:40] *** justizin1 is now known as justizin
[04:12:26] *** scientes has quit IRC
[04:21:27] *** jimpop has joined #postfix
[04:22:19] *** mavrick61 has quit IRC
[04:23:27] *** mavrick61 has joined #postfix
[04:37:03] *** jimpop has quit IRC
[04:56:24] *** skeeziks has joined #postfix
[04:57:00] <skeeziks> Argh, anyone here had success configuring Postfix on Solaris 10 to use the Sun-supplied LDAP libraries rather than OpenLDAP?
[04:59:25] <skeeziks> I've defined HAS_LDAP and the executables even report /usr/lib/libldap.so.5 in ldd output, but postconf -m doesn't report ldap support.
[05:15:00] *** jens__ has joined #postfix
[05:30:48] *** jens_ has quit IRC
[05:47:07] *** jctheman has joined #postfix
[05:59:10] *** magyar has quit IRC
[06:19:40] *** hachiya has quit IRC
[06:21:59] *** ki__ has joined #postfix
[06:26:03] *** Evanlec has quit IRC
[06:26:26] *** Woosta has left #postfix
[06:44:50] <ki__> How do i setup postfix as a relay? I want it to accept incoming smtp from 192.168.100.157 (and local)
[06:44:56] <ki__> right now it sends fine from local
[06:45:32] <ki__> but not from the other machine, it gets postfix 554 relay access denied
[06:46:00] *** georg_ has joined #postfix
[06:47:08] *** felix-da-catz_zz has quit IRC
[06:59:38] <lunaphyte> ki__: if that's a trusted computer, then add it to mynetworks.
[06:59:59] <ki__> is that all i need to do?
[07:00:02] <ki__> will it have limits?
[07:00:11] <ki__> the web apps on that server could queue upwards of 20k emails ...
[07:00:20] <ki__> i want to make sure my configuration can handle that
[07:01:32] <lunaphyte> !tuning
[07:01:33] <knoba> lunaphyte: Error: "tuning" is not a valid command.
[07:02:01] *** georg- has quit IRC
[07:02:18] <lunaphyte> !performance
[07:02:19] <knoba> lunaphyte: "performance" : Having postfix performance issues? See the 'Bottleneck analysis' and 'Performance tuning' pages under the 'Problem solving' section of http://www.postfix.org/documentation.html
[07:02:26] <ki__> also, i dont want ANY other computers sending mails out of it besides that internal ip and its own local ip. existing now is the external ip for the machine ext-ip/32
[07:03:03] <ki__> mynetworks = external-ip/32
[07:03:08] <ki__> should i take that off?
[07:03:45] <ki__> pardon my lameness, but i've had a hard time wrapping my head around the subnet thing
[07:03:50] <ki__> subnet shorthand
[07:05:52] <lunaphyte> you mean that the public address of itself (the computer running postfix) is listed in mynetworks?
[07:08:22] <ki__> yes
[07:08:40] <ki__> but the firewall isnt open
[07:08:46] <lunaphyte> yeah, you can take that out. that doesn't really make much sense.
[07:09:07] <ki__> still tho ... no reason to have it there if i'm not using it as a mail server external users are using
[07:09:26] <ki__> the full is like this actually: mynetworks = 72.32.24.156/32, 127.0.0.0/8
[07:13:15] *** lunaphyte has quit IRC
[07:22:28] *** lunaphyte has joined #postfix
[07:22:59] *** magyar has joined #postfix
[07:27:13] *** UQlev has joined #postfix
[07:37:49] <ki__> postfix is cool
[07:43:43] *** _Driver_ has quit IRC
[07:53:53] *** _Driver_ has joined #postfix
[07:54:19] *** growltiger_ has joined #postfix
[08:05:13] *** growltiger has quit IRC
[08:19:54] *** bluethundr_ has quit IRC
[08:56:48] *** _sng has joined #postfix
[09:00:00] <Haris_> Dec  7 03:01:18 mc2 postfix/trivial-rewrite[31498]: warning: do not list domain mc2.mol.com.mk in BOTH mydestination and virtual_mailbox_domains
[09:00:15] <Haris_> its the name of the box
[09:00:29] <Haris_> How can I have it in only at one place?
[09:00:53] <Haris_> I should add it to virtual_mailbox_domains and remove it from mydestination?
[09:01:02] <Haris_> or otherwise?
[09:04:40] <sahil> hm.
[09:04:41] <Haris_> 2) my box just rejected gmail from sending mail to an email account that exists on this box? -> Dec  7 09:00:40 mc2 postfix/smtpd[32531]: NOQUEUE: reject: RCPT from fg-out-1718.google.com[72.14.220.156]: 554 5.7.1 <email at domain dot tld>: Recipient address rejected: Access denied; from=<me at gmail dot com> to=<email at domain dot tld> proto=ESMTP helo=<fg-out-1718.google.com>
[09:04:59] <sahil> Haris_: yes, the log message is pretty clear. :)
[09:05:02] <Haris_> I don't understand, why
[09:06:02] <sahil> Haris_: if you have virtual_mailbox_domain foo.com, do not list foo.com in mydestination.
[09:06:15] <Haris_> even if it is the box's own name/
[09:06:17] <sahil> justizin: still around?
[09:06:24] <Haris_> it'll accept mail for it, either way?
[09:06:33] <sahil> paste your postconf -n to pastie.org
[09:06:37] <sahil> or something, so i can take a look.
[09:06:58] <sahil> postfix will accept mail for destinations listed in virtual_mailbox_domains; trust me, i have almost 40 :)
[09:08:04] <Haris_> http://pastie.org/333047
[09:09:36] <sahil> Haris_: i don't see mydestination, so it must be the default.  and i can't see the contents of your mysql virtual domain db, so no help there.
[09:09:58] <sahil> but why are you rejecting at the end of your smtpd_recipient_restrictions?  that's why the gmail test did not go through.
[09:10:09] *** jra has joined #postfix
[09:10:27] <Haris_> virtual domain db contains this domain
[09:11:02] <sahil> what is *this* domain?
[09:12:01] <sahil> by default, mydestination = $myhostname, localhost.$mydomain, localhost
[09:12:06] <Haris_> vox-mundi.net.mk
[09:12:11] <Haris_> :o
[09:12:14] <Haris_> for question one
[09:12:17] <Haris_> that's mc2.mol.com.mk
[09:12:25] <Haris_> for question 2, its vox-mundi.net.mk
[09:12:34] <sahil> in your case, what is $myhostname?  and is $myhostname listed in virtual_mailbox_domains?
[09:12:52] <Haris_> yes, I think so
[09:12:57] <sahil> that's the problem
[09:13:06] <Haris_> I needed to have it there, so I could map where those mails end up
[09:13:07] <sahil> change mydestination = localhost.$mydomain, localhost
[09:13:13] <Haris_> Ok
[09:13:17] <sahil> Haris_: that's not true
[09:13:29] <sahil> but if you want to do it that way, then remove it from mydestination
[09:13:53] <sahil> and remove that trailing 'reject' at the end of your recipient restrictions... did some random HOWTO on the web suggest that?
[09:14:15] <Haris_> for example, server logs generated from root at mc2 dot mol.com.mk and sent to it, need to end up somewhere
[09:14:51] <Haris_> No, its a general reject, if it doesn't match any if s' in the recipient restrictions
[09:15:36] <sahil> wtf?
[09:15:40] <sahil> do you want all mail to be rejected?
[09:15:43] <sahil> if not, REMOVE that.
[09:15:52] <sahil> you asked why the gmail message was rejected, *that* is why it was rejected.
[09:16:02] <Haris_> I see
[09:21:07] <Haris_> at some point
[09:21:12] <Haris_> let me paste it again
[09:23:01] <Haris_> double-bounce at mc2 dot mol.com.mk
[09:23:12] <Haris_> for this, I should add an alias in /etc/aliases?
[09:23:17] <Haris_> this is the box's hostname
[09:23:32] <Haris_> and then I can designate where the email should end up?
[09:24:47] <sahil> i have no idea what you're trying to do anymore, sorry.
[09:24:52] <sahil> try to explain your problem from the top.
[09:24:55] <sahil> bbiab.
[09:25:49] *** hyper_ch has quit IRC
[09:29:02] <Haris_> works
[09:29:09] <Haris_> I'v removed it from virtual_mailbox_domains
[09:29:25] <Haris_> I could do otherwise, but for the moment, this should suffiece
[09:29:29] <Haris_> suffice+
[09:29:43] <Haris_> For the second issue
[09:30:04] <Haris_> first postfix checks if the domain exists in db, it does. Then it checks if the mailbox exists, which also does
[09:30:06] <Haris_> in db
[09:30:49] <Haris_> test at vox-mundi dot net.mk
[09:30:55] <Haris_> the domain and email account exist in db
[09:31:17] <Haris_> which suggests, that some rule in the recipient restrictions should get hit for it
[09:31:35] <Haris_> right?
[09:31:57] <Haris_> so, I think its another sql query problem :|
[09:35:30] <Haris_> with postconf -n I'm pasting my virtual_mailbox_domains and virtual_mailbox_maps query/table spec
[09:37:54] <Haris_> http://pastie.org/333047
[09:38:04] <Haris_> ok, now this is a more comprehensive paste
[09:46:59] *** madrescher has joined #postfix
[09:51:58] <sahil> why should some rule in recpient restrictions get hit?
[09:52:41] <sahil> i don't understand WHY YOU HAVE "reject" at the end of your smtpd_recipient_restrictions.
[09:52:44] <sahil> THAT IS A BAD IDEA.
[09:52:53] <sahil> sorry, but you did not seem to understand when i did not scream it. :)
[09:53:28] <sahil> what this means is unless the sender is sasl authenticated or in your 'mynetworks', ALL MAIL WILL BE REJECTED.
[09:57:02] *** war9407 has joined #postfix
[10:11:23] *** wdp has joined #postfix
[10:19:33] *** F6F has joined #postfix
[10:21:29] *** georg_ has quit IRC
[10:45:33] *** Mr_Grim has quit IRC
[10:47:52] *** Tino is now known as _Tino
[10:47:58] *** _Tino is now known as Tinozaure
[10:55:54] *** wdp is now known as anyone
[10:55:58] *** anyone is now known as wdp
[11:07:39] *** _sng_ has joined #postfix
[11:14:24] *** Tinozaure is now known as Tino
[11:14:30] *** Tino is now known as _Tino
[11:16:00] *** sophokles has joined #postfix
[11:27:34] *** _sng has quit IRC
[11:32:43] *** UQlev has quit IRC
[11:47:14] *** wdp has quit IRC
[11:47:30] *** wdp has joined #postfix
[11:49:41] *** wdp has quit IRC
[11:49:41] *** madrescher has quit IRC
[11:49:56] *** wdp has joined #postfix
[11:51:07] *** madrescher has joined #postfix
[11:51:10] *** georg_ has joined #postfix
[11:53:26] *** _sng has joined #postfix
[12:01:15] *** wdp_ has joined #postfix
[12:01:34] *** georg_ has quit IRC
[12:06:22] *** _Driver_ has quit IRC
[12:10:13] *** _Driver_ has joined #postfix
[12:16:05] *** _sng_ has quit IRC
[12:18:23] *** wdp has quit IRC
[12:18:29] *** georg has joined #postfix
[12:25:03] *** georg has quit IRC
[12:30:11] *** wdp_ has quit IRC
[12:33:03] *** plee has joined #postfix
[12:38:38] *** pirho has joined #postfix
[12:40:08] <Haris_> ok, there's a big difference in what I take as meaning of keywords and as they are originally programmed
[12:41:31] <Haris_> !rbl
[12:41:32] <knoba> Haris_: "rbl" : short for "realtime black list". RBLs are DNS zones that can help your mail server to determine if an IP address is trusted. It's a great way to fight spam. See http://www.au.sorbs.net/ http://www.dnsrbl.net/ http://www.spamcop.net/ http://www.mail-abuse.org/ http://www.rfc-ignorant.org/
[12:42:10] <Haris_> someone needs to add rbl related keywords fro,m postfix into that description
[12:42:20] *** weedar has joined #postfix
[12:42:28] <Haris_> or are they all extinct?
[12:42:50] <Haris_> as I'v noticed, some of them have become extinct/ancient/thing of the past
[12:42:53] *** Fallenou has joined #postfix
[12:57:48] *** _Driver_ has quit IRC
[12:57:49] *** madrescher has quit IRC
[12:58:19] *** madrescher has joined #postfix
[13:03:18] *** bkw has joined #postfix
[13:04:35] <bkw> To rewrite email to user@domain to otheruser@otherdomain, what documentation should I look futher on, how to transport?
[13:05:34] *** cite has quit IRC
[13:06:31] *** cite has joined #postfix
[13:13:06] *** Fallenou has quit IRC
[13:17:10] *** _Driver_ has joined #postfix
[13:20:27] *** weedar has quit IRC
[13:26:04] *** wdp has joined #postfix
[13:29:21] <munga> hello. I've a list of 2000 addresses . I wont to be able to accept emails only from list this. which map should I use ?
[13:29:32] <munga> ... aaaaaaaaaaa
[13:29:44] <munga> I want :)
[13:32:25] <jra> local_recipient_maps
[13:33:38] *** niki has joined #postfix
[13:34:03] <munga> thanks :)
[13:36:58] *** Motoko-chan has quit IRC
[13:38:56] *** brancal has joined #postfix
[13:42:43] <munga> jra: ... I think I didn't explain my request properly. I want to accept emails only if the sender is in my list. I know that the sender can be faked, but this is just a temporary solution to avoid spamming too many ppl...
[13:44:38] <jra> the sender, okay...
[13:44:48] <adaptr> !check _sender _access
[13:44:48] <knoba> adaptr: Error: "check" is not a valid command.
[13:44:52] <adaptr> !check_sender _access
[13:44:52] <knoba> adaptr: Error: "check_sender" is not a valid command.
[13:44:56] <adaptr> !check_sender_access
[13:44:56] <knoba> adaptr: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.
[13:45:03] <adaptr> pff jesus fucking christ
[13:46:38] <onre> i thought they were the same guy
[13:49:55] *** brancaleone has quit IRC
[13:55:13] <adaptr> well, it depends - have you seen Zeitgeist yet ?
[14:01:21] *** scientes has joined #postfix
[14:01:57] *** jctheman has quit IRC
[14:08:28] *** Izlots has quit IRC
[14:14:58] *** jra has quit IRC
[14:37:23] *** flobbie has joined #postfix
[14:42:32] *** Fallenou has joined #postfix
[14:43:25] *** Virus_FFF has joined #postfix
[14:45:40] *** gadi_ has joined #postfix
[14:46:14] *** gadi_ has left #postfix
[14:46:49] *** Virus_FFF has quit IRC
[15:09:26] *** nerbie69 has joined #postfix
[15:18:28] *** scientes has quit IRC
[15:22:33] *** growltiger has joined #postfix
[15:28:23] *** georg has joined #postfix
[15:36:59] *** miegalius has joined #postfix
[15:37:04] *** growltiger_ has quit IRC
[15:44:01] *** crab has joined #postfix
[15:44:20] *** F6F has quit IRC
[15:45:21] *** F6F has joined #postfix
[15:45:38] *** bluethundr has joined #postfix
[15:46:11] *** devdas has joined #postfix
[15:47:15] <crab> suppose i have a virtual_mailbox_domain with entries like "x at example dot org example.org/x/", and a virtual_alias_map that has e.g. "pqr at example dot org x at example dot org". what's the best way to say "mail sent to pqr at example dot org should go to both pqr at example dot org and xyz at example dot org" (where the latter are defined in the virtual_mailbox_domains map)
[15:47:43] <crab> having pqr at example dot org on both sides of the virtual_alias_map doesn't seem to work.
[15:48:10] <crab> (i could have sworn i knew how to do this, but i seem to have forgotten.)
[15:48:19] <adaptr> you need 3 accounts
[15:48:36] <adaptr> pqr -> pqr_mb, x_mb
[15:48:43] <adaptr> separate the mailbox from the address
[15:48:57] <rob0> virtual_mailbox_domains => virtual_mailbox_maps
[15:49:09] <rob0> !virtual_mailbox_maps
[15:49:09] <knoba> rob0: "virtual_mailbox_maps" : a configuration parameter in the main.cf: Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains.
[15:49:34] *** scientes has joined #postfix
[15:49:40] <devdas> Are you trying to do the equivalent of an always_bcc?
[15:49:53] <devdas> or a recipient_bcc_maps?
[15:50:14] <rob0> virtual_alias_maps can do it, IIUC what you want
[15:50:45] <rob0> but the key is listing ALL VALID ADDRESSES in the appropriate class maps
[15:51:25] <rob0> even if you don't have a virtual mailbox, if the domain is in virtual_mailbox_domains, the address must be in virtual_mailbox_maps.
[15:51:27] <devdas> virtual_alias_maps should work for you
[15:51:48] <adaptr> rob0: really ? okay
[15:52:21] <adaptr> so if you define it in mailbox_maps but alias it then it is expanded but not delivered ?
[15:52:30] <rob0> yes
[15:52:31] *** crab has quit IRC
[15:52:37] <adaptr> that makes no sense, he DOES want it delivered to both
[15:52:37] <rob0> ha!
[15:52:52] *** crab has joined #postfix
[15:52:52] <devdas> uh?
[15:53:01] <rob0> oh he's back
[15:53:06] <crab> sorry.
[15:53:10] <devdas> np
[15:54:36] <crab> i missed nearly everything you said. :/
[15:55:09] <devdas> You should be able to do this with virtual_alias_maps, but you might be looking for recipient_bcc_maps
[15:55:42] <crab> devdas: should be able to do "x@y x@y,pqr@z" with virtual_alias_maps?
[15:56:02] <devdas> yes
[15:56:47] <devdas> But personally I prefer x@y -> x-y@m, pqr-z@n
[15:58:11] <crab> hmm. you're right, it *does* work. i appear to have misread the logs. i'm sorry for the noise.
[15:58:43] <devdas> np
[15:58:46] <adaptr> rob0: how can it work if you say it doesn't ?
[15:59:03] <adaptr> for a normal alias, the alias is never delivered to, the message is not magically split in two
[15:59:12] <rob0> It's misbehaving! It must be punished!
[15:59:16] <rob0> huh?
[15:59:18] <devdas> adaptr: think .forward
[15:59:27] <adaptr> well, that's certainly an option, but I'll wait until I understand it
[15:59:38] <adaptr> devdas: no, froward has no analogue in virtual domains
[15:59:42] <adaptr> it doesna exist
[15:59:53] <rob0> What did I say doesn't work?
[15:59:57] <crab> i'll be sure to feed it only bread and water for a week.
[16:00:05] <devdas> adaptr: .forward is a user controlled alias_maps
[16:00:15] <adaptr> I asked you whether a virtual alias made on a virtual mailbox will deliver to the mailbox AND resolve the alias, or not
[16:00:18] <devdas> so virtual_alias_maps is the equivalent
[16:00:25] <adaptr> and you said it will not
[16:00:37] <adaptr> it wouldn't make any sense, eitehr
[16:00:54] <adaptr> devdas: erm.. no, virtual_alias_maps is a root controlled virtual alias file
[16:00:57] *** Vince42 has quit IRC
[16:01:32] <devdas> adaptr: that depends
[16:01:44] <adaptr> on what ?
[16:02:14] *** crab has left #postfix
[16:02:50] <devdas> on the way you make your virtual_alias_maps
[16:03:01] <devdas> a RDBMS + web control panel == user controllable map
[16:03:02] <adaptr> how deliciously vague
[16:03:10] *** hyper_ch has joined #postfix
[16:03:19] <adaptr> it will not DUPLICATE the message!
[16:03:33] <adaptr> a@b -> b@b will NOT deliver to both a AND b
[16:03:36] <adaptr> never
[16:03:38] <adaptr> nowheres
[16:03:47] <hyper_ch> hi there... someone recommended a while a .deb package from sourceforge for "easy" administring users and mail addresses. Anyone recalls the name?
[16:03:55] <adaptr> cough
[16:03:58] <adaptr> postfixadmin
[16:03:59] <adaptr> cough
[16:04:02] <adaptr> now go
[16:04:05] <hyper_ch> adaptr: that was it :) thx
[16:04:13] *** bkw has left #postfix
[16:04:26] <devdas> adaptr: a@b -> a@b, b@b ?
[16:04:32] <adaptr> devdas: loopy
[16:05:13] <devdas> no
[16:05:18] <adaptr> really ?
[16:05:40] <adaptr> I thought that was always invalid, definitely invalid in the normal alias file
[16:05:58] <devdas> It isn't
[16:06:05] <adaptr> testing
[16:09:21] <adaptr> I will never doubt devdas again
[16:09:44] *** loddafnir has joined #postfix
[16:10:01] <adaptr> so.. what would happen to cyclical aliases that al deliver ?
[16:10:11] <adaptr> test: test, test2
[16:10:15] <adaptr> test2: test2, test
[16:10:19] <adaptr> insanity ?
[16:10:22] <adaptr> loopy ?
[16:10:39] <adaptr> brain explody ?
[16:11:28] <devdas> Postfix detectes recursion and breaks it for a single alias
[16:11:53] <devdas> but a -> b abd b->a generates a loop
[16:11:53] <devdas> and*
[16:12:06] <devdas> test it and see though
[16:12:11] <devdas> IIRC, it does not break in virtual
[16:12:39] <adaptr> so if they both deliver, it will explode really quick :)
[16:12:45] <adaptr> excellent!
[16:14:03] *** Balu has left #postfix
[16:14:08] <rob0> adaptr: sorry, I misunderstood what you asked. I was thinking of virt. aliasing A@A --> A@A, B@A
[16:14:31] <adaptr> so was he, I thought that was not possible
[16:14:49] <adaptr> damn postfix! always evolving from under my very fingers
[16:15:04] <devdas> Errr, this has worked from the very beginning
[16:15:27] <rob0> virtual(5) expansion doesn't reexpand, so a name can be aliased to itself.
[16:15:32] <adaptr> and I never knew it, so form my point of view, it has changed :)
[16:15:34] <rob0> and yes, it's not new
[16:16:01] <devdas> man 5 virtual has it documented
[16:16:14] <adaptr> rob0: it never re-expands ? so you cannot recurse with virtual aliases ?
[16:16:29] <devdas> It dioesn't re-expand self
[16:16:36] <devdas> doesn't
[16:16:55] <devdas> a->a is what stops recursion
[16:17:44] <miegalius> hello, i was configuring postfix on openbsd by this manual : http://www.kernel-panic.it/openbsd/mail/mail3.html but i cant connect via telnet, its stuck and then reset the connection
[16:18:49] <adaptr> is it running ?
[16:18:58] <adaptr> netstat -ln |grep 25
[16:19:02] <devdas> logs?
[16:19:19] *** mark-use has joined #postfix
[16:19:23] *** xpoint has joined #postfix
[16:19:58] <miegalius> adaptr,
[16:19:59] <miegalius> root@noob /etc: # netstat -ln |grep 25
[16:19:59] <miegalius> root@noob /etc: #
[16:20:17] <adaptr> not running
[16:20:21] <miegalius> i think
[16:20:31] <adaptr> did you add it to your rc ?
[16:21:22] <miegalius> yes
[16:21:45] <adaptr> did you start it ?
[16:23:03] *** pirho has quit IRC
[16:23:25] <adaptr> apparently not
[16:23:32] <miegalius> adaptr, when i write
[16:23:33] <miegalius> root@noob /etc: # /usr/local/sbin/postfix start
[16:23:33] <miegalius> postfix/postfix-script: fatal: the Postfix mail system is already running
[16:23:33] <miegalius> root@noob /etc: #
[16:23:45] <adaptr> stale lock file, remove it
[16:25:58] <adaptr> not a chance, miegalius
[16:26:09] <adaptr> and don't PM me unless I tell you to
[16:26:23] <adaptr> last warning
[16:26:27] <miegalius> ok
[16:26:44] <miegalius> adaptr, what i have to remove ?
[16:27:00] <adaptr> you firts need to verify if postfix is running and listening for mail
[16:27:13] <adaptr> ps -a |grep master
[16:27:27] <miegalius> nothing
[16:27:36] <adaptr> not running
[16:27:57] <adaptr> then there is a stale lock file that prevents the startup script from starting it
[16:28:00] <adaptr> remove it
[16:28:20] <miegalius>  /usr/local/sbin/postfix - this ?
[16:28:23] <devdas> postfix stop
[16:28:27] <devdas> postfix start
[16:28:34] <devdas> SEE YOUR LOGS
[16:28:51] <adaptr> heck no, that's almost cheating - who needs logs when they can whine on IRC ?
[16:29:00] <miegalius> root@noob /etc: # /usr/local/sbin/postfix start
[16:29:00] <miegalius> postfix/postfix-script: starting the Postfix mail system
[16:30:01] *** _sng has quit IRC
[16:30:38] <adaptr> miegalius: for a noob, openbsd is about the worst choice imaginable
[16:30:45] <adaptr> start with a simple Linux distro
[16:30:59] <miegalius> on debian i was made mail system :-D
[16:31:11] <miegalius> but BSD its hell :-D
[16:31:16] <devdas> Postfix is the same across all Unix syste,s
[16:31:19] <devdas> systems
[16:31:22] <devdas> No it isn't
[16:31:37] <devdas> Think in Postfix terms, except you replace /usr by /usr/local
[16:35:28] *** miegalius has quit IRC
[16:35:37] <rob0> I suspect openbsd does things in the name of "security" which make it difficult. Unfortunately the word "security" attracts people who don't know enough about it, because they think they'll be safer.
[16:36:40] *** aichainz has quit IRC
[16:37:23] <adaptr> +1
[16:37:40] * adaptr goes back to reading the book
[16:40:54] <devdas> Postfix is the same
[16:41:30] *** rob-84x^ has joined #postfix
[16:41:39] <adaptr> if he cannot get it started, his problem is not with postfix
[16:41:50] <adaptr> it's his complete and utter ignorance of his OS
[16:42:58] *** sophokles has quit IRC
[16:47:03] *** ayeuu has quit IRC
[16:55:49] *** niki has quit IRC
[16:56:46] *** lunaphyte is now known as foofybear
[16:57:05] <foofybear> why my postfix not running for extra logins?
[16:57:34] *** foofybear is now known as postfixnoob
[16:58:04] <adaptr> postfix has no logins
[16:58:13] <adaptr> want to try again ?
[16:58:24] *** postfixnoob is now known as lunaphyte
[16:58:46] <lunaphyte> nah.  i thought it would be more fun that it actually was.
[16:58:56] <lunaphyte> :p
[16:59:11] *** growltiger_ has joined #postfix
[16:59:41] <adaptr> quitter!
[16:59:56] *** growltiger has quit IRC
[17:00:00] <lunaphyte> i was reading the scrollback, and it looked like it might be fun to push your buttons, but i lost interest too quickly.
[17:00:41] <adaptr> heheh that was yesterday
[17:00:58] <lunaphyte> sorry i missed it.
[17:02:04] <adaptr> well, it was mostly me ranting about him not reading/thinking
[17:02:13] <adaptr> I guess it was a full moon or something
[17:04:43] <lunaphyte> we'll chain you up next time.
[17:06:31] *** xpoint has quit IRC
[17:06:42] *** xpoint has joined #postfix
[17:08:30] *** m0t3jl has quit IRC
[17:09:06] *** scientes has quit IRC
[17:18:02] *** psypointerV6 has joined #postfix
[17:18:24] *** lkthomas has quit IRC
[17:36:38] *** scyon has left #postfix
[17:40:30] *** devdas has quit IRC
[17:43:52] *** devdas has joined #postfix
[18:02:09] <hyper_ch> I setup relay access....and the relay server accepted the mail... but the destination mailserver rejected it with " reject: RCPT from tr12.bluewin.ch[195.186.19.81]: 450 4.1.8 <....... at server dot hubatka-partner.ch>: Sender address rejected : Domain not found; from=<..... at server dot hubatka-partner.ch> to=<...... at notkeriana dot ch> proto=ESMTP helo=<tr12.bluewin.ch>". So, I wonder what happens with this mail? will bluewin (relay) try to submit it again?
[18:02:10] <hyper_ch> will it end up in the sending server (server.hubatka-partner.ch)?
[18:05:34] *** internat1 has joined #postfix
[18:06:56] *** Internat has quit IRC
[18:11:32] *** jonez has quit IRC
[18:12:17] *** jonez has joined #postfix
[18:15:54] *** justizin has left #postfix
[18:24:17] *** miegalius has joined #postfix
[18:25:11] <miegalius> aphexer, i have finally started postfix and it works fine with squirrel, but i have added new mysql query with new domain
[18:25:51] <miegalius> and its doesnt create /var/mail/vhosts/newdoma.in/user/files
[18:26:29] <miegalius> adaptr, *
[18:29:49] <adaptr> miegalius: no idea what you expected
[18:30:09] <adaptr> hyper_ch: no, rejected mail is bounced
[18:30:19] <adaptr> by the relay
[18:30:29] <hyper_ch> adaptr: hmmmm... thx
[18:30:30] <adaptr> which may or may not be a bad thing
[18:30:36] <adaptr> it's mostly bad
[18:30:51] <miegalius> i want to make mails with two or more different domains
[18:31:09] <miegalius> with one domains its works fine
[18:31:30] <miegalius> but when i add second, it dont work like first
[18:32:22] <psypointerV6> hi
[18:33:04] <sahil> hyper_ch: SMTP reject code 450 is temporary; so it will retry.
[18:33:10] <sahil> or, rather, it *should*.
[18:33:16] <hyper_ch> sahil: I will see
[18:33:17] <psypointerV6> does anyone know a good tutorial howto configure postfix + spamassassin + vmail + procmail? i'm currently running postfix + spamassassin + vmail - spamassasin delivers the mails..
[18:33:39] <sahil> spamassassin does not deliver mail, so that's interesting.
[18:33:51] <adaptr> sahil: not in practice, since hte check is done for teh existence of the domain IN DNS
[18:33:59] <psypointerV6> hmm.. i used a tutorial so i'm not sure who delivers it
[18:34:01] <adaptr> that's unlikely to be a temporary failure
[18:34:08] <hyper_ch> sahil: you're right... the emails ahve arrived :)
[18:34:14] <hyper_ch> now I need to figure out why tls isn't working
[18:34:21] <sahil> adaptr: and there could be a *temporary* failure in dns that causes the problem, hence 450 as the reject code, instead of 5xx, which is perm.
[18:34:26] <hyper_ch> I guess I didn't forward the according port yet
[18:34:34] <adaptr> sahil: true, but still - the exception rather than the norm
[18:34:39] <sahil> adaptr: nope.
[18:35:13] <adaptr> definitely; which do you think is more likely: spam submitting fake sender domain or the sender domain dropping off the net ?
[18:35:26] <adaptr> I know who I'd bet on
[18:36:05] <psypointerV6> sahil: http://rafb.net/p/cq1oCo30.html http://rafb.net/p/BmIgFP63.html that are my configs. do you know who delivers the mail to the mailboxes?
[18:36:05] <sahil> adaptr: that is a trivial discussion; my point is that *WHEN* there is a likely temp dns failure, 450 is the correct reject code, and the sending MTA, *IF* it were legit, will retry.
[18:36:18] <adaptr> of course, I'm not debating that
[18:36:28] <sahil> *THAT* is the discussion.  i'm not hazarding any guesses as to legitimacy of sending MTA, or when or how often this particular problem occurs, just simply how SMTP should handle it.
[18:36:29] <adaptr> merely pointing out that the spa scenario is rather more likely these days
[18:36:44] <hyper_ch> TLS doesn't use a different port, right? It just encrypts the connection?
[18:36:46] <sahil> sure, i won't argue either way -- that's less important of a question to me. :)
[18:36:48] <adaptr> DNS, if anything, will get better, while spam gets worse
[18:37:27] <sahil> but as long as DNS exists, there will be temporary failures that need to be dealt with gracefully, that's all.
[18:38:03] <sahil> hyper_ch: it might or might not; depends on configuration.  some people allow TLS/SASL on port 25; others only on (submission) port 587.  it's up to you.
[18:38:45] <hyper_ch> sahil: if I remember correctly I setup port forwarding on port 25, 143, 587
[18:39:01] <devdas> psypointerV6: you need maildrop, not procmail
[18:39:18] <devdas> Tutorial linked from the workaround.org URL in /topic
[18:40:14] <psypointerV6> devdas: who delivers the mail currently? (it works)
[18:41:24] <devdas> see your logs
[18:41:37] <psypointerV6> the logs say spamassassin
[18:50:16] <hyper_ch> hmmm, when I locally telnet on port 25 and then run ehlo localost I see that starttls is there and also auth login plain and auth=login plain.... so tls should be working but kmail won't recognize it
[19:14:41] *** f3ew has quit IRC
[19:16:06] *** jwit has quit IRC
[19:17:29] *** Zeit|awy_ has joined #postfix
[19:17:36] <hyper_ch> hmmm... tls should be working.... hmmmm
[19:19:37] <devdas> logs?
[19:20:02] <hyper_ch> devdas: auth or mail log?
[19:20:05] *** nerbie69 has quit IRC
[19:22:00] *** jwit has joined #postfix
[19:22:39] <devdas> mail
[19:22:44] <hyper_ch> devdas: server logs show nothing... at least not when I try with kmail
[19:23:29] *** Zeit|awy has quit IRC
[19:24:08] <hyper_ch> devdas: I just get the kmail error:  "
[19:24:09] <hyper_ch> The server does not support TLS.
[19:24:11] <hyper_ch> Disable this security feature to connect unencrypted
[19:24:33] <hyper_ch> and the auto-detect in kmail just goes to none / clear text
[19:25:28] <roe_> kmail is running on localhost?
[19:25:30] <hyper_ch> shall I try with another mail client?
[19:25:41] <hyper_ch> roe_: server is seperate from my computer
[19:26:04] <roe_> telnet from your computer on 25 and make sure it is advertising starttls
[19:26:07] <hyper_ch> running kmail on the local computer and trying to connect to remote server
[19:26:12] <hyper_ch> roe_: it does
[19:26:41] <hyper_ch> roe_: http://phpfi.com/385930
[19:26:48] *** carl- has joined #postfix
[19:26:56] <roe_> that is from localhost
[19:27:07] <hyper_ch> that's from the server
[19:27:15] <roe_> <roe_> telnet from your computer on 25 and make sure it is advertising starttls
[19:27:22] <hyper_ch> ah :)
[19:28:11] <hyper_ch> roe_: how? once I logged in with telnet also issue:  ehlo localhost?
[19:28:35] <roe_> telnet <server IP address or dns name> 25
[19:28:42] <roe_> ehlo foobar
[19:28:52] <hyper_ch> roe_: thats what I did
[19:29:02] <roe_> not in your pastebin
[19:29:02] <hyper_ch> but what to use as "foobar"?
[19:29:09] <roe_> doesn't matter
[19:29:35] <hyper_ch> roe_: http://phpfi.com/385932
[19:30:38] <roe_> good, now paste logs from the server when you try to send an email
[19:30:52] <hyper_ch> roe_: I don't understand?
[19:31:40] <hyper_ch> roe_: send an email from? to? by what?
[19:31:46] <roe_> the good part or the "now paste logs from the server when you try to send an email"?
[19:32:18] <roe_> configure kmail to use your server, try to send an email, you will get an error at the client, the server will also log an error
[19:32:34] <roe_> paste the logs from the server
[19:32:36] <hyper_ch> roe_: kmail doesn't let me use TLS to get an IMAP connection to the server
[19:32:52] <roe_> postfix != IMAP
[19:32:57] <roe_> postfix has nothing to do with imap
[19:33:02] <roe_> !imap
[19:33:03] <knoba> roe_: "imap" : IMAP is an application layer Internet protocol that allows a client (MUA) to access mailboxes on a remote server (see: http://en.wikipedia.org/wiki/IMAP). Postfix does not provide IMAP (or POP3) service; see !courier or !dovecot for common IMAP/POP3 choices.
[19:34:25] *** nerbie69 has joined #postfix
[19:40:09] <dvl> ++Dovecot
[19:41:35] *** loompek has quit IRC
[19:42:19] *** loompek has joined #postfix
[19:43:54] <hyper_ch> roe_: but no special configuration is needed on the IMAP client to use TLS
[19:44:18] <sysmonk> dvl: cyrus++
[19:44:18] <sysmonk> ;)
[19:44:51] *** hparker has joined #postfix
[19:47:51] <devdas> mutt on a shell
[19:49:12] *** f3ew has joined #postfix
[19:49:26] <roe_> for some reason IMAP servers generally use SSL
[19:49:28] <roe_> not TLS
[19:49:43] <roe_> granted TLS = SSL ver.3
[19:55:00] <sysmonk> cyrus supports TLS
[19:55:03] <sysmonk> and ssl
[19:57:10] *** doctor has joined #postfix
[19:57:34] <dvl> sysmonk: I looked at cyrus, but gave up.  I found it more complicated than my needs.  My IMAP server serves only.
[19:57:48] *** carl- has quit IRC
[19:57:58] <sysmonk> i didn't understand the last sentence
[19:58:29] <dvl> serves only me....
[19:58:40] <sysmonk> cyrus is sure 'complicated', i agree with that
[19:58:46] <sysmonk> but i don't install simple mail servers
[19:58:48] <dvl> feature rich.
[19:58:49] <sysmonk> so it's just what i need
[19:59:16] <sysmonk> when i need something for a few mailboxes i offer courier
[19:59:25] <sysmonk> but anyway
[20:02:29] *** wdp has quit IRC
[20:04:59] *** doctor has left #postfix
[20:05:11] *** loddafnir has quit IRC
[20:05:33] *** hdm has joined #postfix
[20:05:36] <sysmonk> miegalius: m? :)
[20:06:01] <miegalius> ;-)
[20:06:07] <stockholm> anyone knowledgable about hotmail? what is a SenderID?
[20:06:22] <stockholm> i have SPF in place, but aparently i dont have SenderID.
[20:06:35] <hdm> any thoughts on how to do recipient validation on a relay server? i have 3 mail servers, one actually delivers mail, the other 2 are backups and spool, but the backup servers don't have an easy way to validate recipients, so lots of bad recipient mail gets relayed to the main server
[20:06:37] <stockholm> i thought that senderID was just SPF in green
[20:06:57] <xpoint> stockholm, openspf.org
[20:07:17] <sysmonk> stockholm: sender id is based on spf
[20:07:26] <sysmonk> stockholm: http://en.wikipedia.org/wiki/Sender_ID
[20:07:30] *** Armandas has joined #postfix
[20:07:58] <sysmonk> hdm: you could use recipient verification
[20:08:08] <stockholm> sysmonk: thanks
[20:08:08] <sysmonk> !reject_unverified_recipient
[20:08:08] <knoba> sysmonk: "reject_unverified_recipient" : a configuration parameter in the main.cf: A sender or recipient address is verified by probing the nearest MTA for that address, without actually delivering mail. Probe messages are like normal mail, except that they are never delivered, deferred or bounced; probe messages are discarded.
[20:08:09] <Armandas> miegalius, ;*
[20:08:11] <sysmonk> hdm: ^^
[20:08:14] <miegalius> ;-]
[20:08:42] <hdm> knoba: woot, thanks :)
[20:08:56] <sysmonk> hdm: ;)
[20:09:19] *** mark-use has quit IRC
[20:09:19] *** loddafnir has joined #postfix
[20:09:27] <hdm> if relayhost is set, will that always be the probe mta?
[20:09:50] <Armandas> kaip naglai cia
[20:10:05] <sysmonk> hdm: should be
[20:10:17] <sysmonk> hdm: if not, there are lots of address_verify_* options you could use
[20:10:24] *** bacaci__ has joined #postfix
[20:10:31] <sysmonk> i'd offer you to look at them anyway, you can tune it up a bit
[20:10:37] <sysmonk> Armandas: english only
[20:10:41] <hdm> ok, ill dig through, them, appreciated
[20:10:47] <hdm> in the middle of a big move from qmail to postfix
[20:11:03] <Armandas> su miegalium english nereikejai
[20:11:04] <Armandas> :>
[20:11:45] <sysmonk> Armandas: um, that was in PM... not in the channel
[20:11:55] <Armandas> ok ok :)
[20:11:55] <sysmonk> please use english in public channels
[20:12:04] <Armandas> i'll try
[20:12:46] *** growltiger has joined #postfix
[20:13:14] *** hyper_ch has quit IRC
[20:13:51] <stockholm> sysmonk: how do i go about the senderID thing in practice? i have a valid spf1.0 txt record. if i replace that with a senderID txt record (saying spf2.0), will i still be spf complient?
[20:14:00] <bacaci__> I've got the following postfix config: http://dpaste.com/96806/
[20:14:18] <bacaci__> and I keep getting a relay access denied error message when I try to send mail
[20:14:41] <bacaci__> is there a quick fix to this, I've heard about relay_domains or something?
[20:14:55] <sysmonk> stockholm: who told you have to replace it? :)
[20:15:03] <devdas> !access_denied
[20:15:04] <knoba> devdas: Error: "access_denied" is not a valid command.
[20:15:04] <sysmonk> stockholm: you can have multiple records
[20:15:18] <bacaci__> but not sure how to set it...
[20:15:26] <sysmonk> !devdas_access_denied
[20:15:26] <knoba> sysmonk: Error: "devdas_access_denied" is not a valid command.
[20:15:34] <devdas> !relay_access
[20:15:34] <knoba> devdas: Error: "relay_access" is not a valid command.
[20:15:39] * devdas beats the bot
[20:15:42] <sysmonk> devdas: ew, didn't you say you used 'devdas' while at work?
[20:15:48] <devdas> no
[20:15:53] <stockholm> sysmonk: oahhh! i did not think of that
[20:15:53] <devdas> f3ew at work, devdas at home
[20:15:53] <sysmonk> ah, while at home?
[20:15:57] <sysmonk> i see
[20:16:06] <sysmonk> i thought you're working on weekend
[20:16:08] <stockholm> sysmonk: can you give me an example zone to look at?
[20:16:12] <bacaci__> !relay_access_denied
[20:16:12] <knoba> bacaci__: Error: "relay_access_denied" is not a valid command.
[20:16:13] <devdas> no
[20:16:35] <Armandas> bey :)
[20:16:36] <devdas> you need to add your client's IP to mynetworks, or setup SASL
[20:16:41] *** Armandas has quit IRC
[20:16:47] <bacaci__> kk
[20:16:47] <sysmonk> stockholm: IN TXT "v=spf1 ...." IN TXT "v=spf2 ..."
[20:16:48] <devdas> relay_domains is for domains you accept mail for
[20:16:59] <bacaci__> ok
[20:17:14] <sysmonk> bacaci__: also, if you're fighting hotmail delivery - read !hotmail
[20:17:26] <sysmonk> hotmail sure sucks ;)
[20:17:31] <bacaci__> sysmonk, nope, gmail
[20:17:41] <bacaci__> but I might be soon
[20:18:01] <sysmonk> bacaci__: delivery to gmail never was a problem to me if you're clean
[20:18:11] <sysmonk> but delivery to hotmail.... it's a magical thing :P
[20:18:15] <bacaci__> I'm assuming, if my ip is x.x.x.75 then I put x.x.x.0 in my networks
[20:18:35] <devdas> .0/24
[20:18:38] <bacaci__> ook
[20:18:57] <bacaci__> just curious, whats /24 stand for?
[20:19:08] <devdas> !cidr
[20:19:08] <knoba> devdas: "cidr" : cidr_table(5) - format of Postfix CIDR table. Lookup table in Classless Inter-Domain Routing form. In this case, each input is compared against a list of patterns. When a match is found, the corresponding result is returned and the search is terminated.
[20:19:27] <devdas> http://en,wikipedia.org/wiki/CIDR
[20:19:42] <bacaci__> thanks
[20:19:46] <devdas> http://en.wikipedia.org/wiki/CIDR rather
[20:20:38] <sahil> mmmm, cider.
[20:20:41] <sysmonk> ;)))
[20:26:02] <bacaci__> sysmonk, the problem is that my postfix server is hosted on an ec2 instance with an elastic ip, and it's not part of my network, soo...
[20:26:16] *** miegaliuz has joined #postfix
[20:26:22] *** miegalius has quit IRC
[20:26:26] *** miegaliuz is now known as miegalius
[20:26:28] <bacaci__> I'm not sure what to put in my networks to listen for my dhcp address..
[20:26:32] <bacaci__> at home
[20:27:01] *** growltiger_ has quit IRC
[20:27:56] <sysmonk> bacaci__: sorry but i haven't read your problem description
[20:28:05] <bacaci__> ook
[20:28:45] <bacaci__> how do I allow all networks to send, and then let authsmtp sort out if it's a valid user?
[20:28:54] *** psypointerV6 has quit IRC
[20:28:59] <bacaci__> *.*.*.*/24 ?
[20:29:03] <sahil> bacaci__: uh NO.
[20:29:10] <bacaci__> ook
[20:29:12] <adaptr> bacaci__: the two are separate
[20:29:19] <adaptr> !permit_mynetworks
[20:29:20] <knoba> adaptr: "permit_mynetworks" : Permit the request when the client IP address matches any network or network address listed in $mynetworks. Can be used in smtpd_*_restrictions.
[20:29:31] <adaptr> !permit_sasl_authenticated
[20:29:31] <knoba> adaptr: Error: "permit_sasl_authenticated" is not a valid command.
[20:29:35] <adaptr> ah fuck
[20:29:38] <sahil> bacaci__: you needn't add your home ip address(es); just setup smtp auth, and setup your client to authenticate to the postfix server in order to relay.
[20:29:41] <adaptr> I can never remember them
[20:29:49] <sahil> !sasl
[20:29:50] <knoba> sahil: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[20:30:30] <bacaci__> I'm checking if I can send from the elastic ip instance, I should be able to...
[20:31:42] <bacaci__> and I can
[20:32:09] <adaptr> an elastic IP ? wow, can you send me some code to make my IP elastic ?
[20:32:27] <bacaci__> and I can receive a reply, I'm just hazy on how to allow an email client connect to the postfix server
[20:32:50] <adaptr> you don't need it, obviously, since you're already allowing the whole world to use you as a spam relay
[20:32:55] <hdm> haha
[20:33:09] <sahil> lol
[20:33:11] <bacaci__> http://developer.amazonwebservices.com/connect/ann.jspa?annID=295
[20:33:14] <sahil> bacaci__: why are you running a mail server?
[20:33:32] *** randra has joined #postfix
[20:33:55] <bacaci__> sahil, my company is shutting down because of the economy and I'm going to pick up my bosses hosting clients with my uncle
[20:34:20] <sysmonk> bacaci__: wooo, wanna share the clients?
[20:34:21] <sysmonk> ;)
[20:34:22] <bacaci__> well not necessarily the economy, but more, he want's to start a gym
[20:34:26] <sysmonk> or need a sysadmin? :P
[20:34:34] <bacaci__> sysmonk.... maybe
[20:34:45] <sysmonk> ew, not in a gym :P
[20:35:16] <sahil> screw sysadmin, too much work; but if you need another postmaster, let us know. :)
[20:35:36] <sysmonk> sahil: !
[20:35:37] <bacaci__> no... I'm start a web design/hosting business not a gym
[20:35:39] <sahil> you can re-sell my services and pretend that you're the postmaster.  that'd be fun!
[20:35:45] <bacaci__> lol
[20:36:02] <sahil> cuz, ahem, let's face it... ya know.
[20:36:06] <bacaci__> well, I spend more time in the python/django rooms
[20:36:15] <sahil> so you need postfix guys.
[20:36:25] <sysmonk> sahil: good point. guyS
[20:36:27] <thumbs> bacaci__: s/room/channel/
[20:36:33] <sahil> sysmonk: i'm all about the plural.
[20:36:33] <sysmonk> we'll split the income with you
[20:36:52] <bacaci__> thumbs ??
[20:37:00] <sahil> yeah, 40% for sysmonk and myself, a whopping 20% for you just to do nothing but pretending postfix proficiency.
[20:37:08] <sahil> bacaci__: google 'sed'.
[20:37:12] <adaptr> sysmonk: SPLIT?!? I'd say a healthy 90/10 is more than fair
[20:37:14] <thumbs> bacaci__: it's called a channel, not a room
[20:37:37] <sahil> thumbs: he knows not what he do; it's the aol pedigree.
[20:37:44] <sysmonk> adaptr: yup, 90 to me, 10 to the rest
[20:37:44] <sysmonk> ;P
[20:37:53] <adaptr> that IS what I meant
[20:38:11] <sysmonk> sahil will have to split the 10% with bacaci__
[20:38:17] * sahil cries
[20:38:18] <sysmonk> so, bacaci__ takes 9%, sahil takes 1%
[20:38:20] *** Fallenou has quit IRC
[20:38:22] <sysmonk> i take 90%
[20:38:26] <bacaci__> sahil If I remember advanced programming... which I don't...
[20:38:27] <sysmonk> oh, and sahil does all the work
[20:38:27] <sysmonk> ;P
[20:38:32] <sahil> haha
[20:38:36] <bacaci__> sed?
[20:38:36] <sahil> slave labour!
[20:38:49] <sahil> bacaci__: g-o-o-g-l-e it, biznatch.
[20:38:50] <bacaci__> simple editor?
[20:39:02] <adaptr> snickety snickety
[20:39:04] <adaptr> SNOOCH
[20:39:30] <sysmonk> oh my
[20:39:42] <devdas> Stream EDitor
[20:39:48] <bacaci__> close...
[20:39:49] <sysmonk> devdas: :(
[20:39:55] <sysmonk> you ruined all the fun :(
[20:40:09] <devdas> I thought the fun was in the 90% income?
[20:40:17] <devdas> paid in vodka?
[20:40:23] <devdas> Or whisky?
[20:40:36] <bacaci__> SWedka or Drambuie?
[20:40:43] <sysmonk> devdas: vodka or beer
[20:40:47] * sysmonk doesn't drink whiskey
[20:40:51] <bacaci__> would be my choice
[20:41:01] <bacaci__> maybe johnny walker
[20:41:10] <sysmonk> the texas ranger?
[20:41:25] <bacaci__> I'm give free qi gong lessons
[20:41:29] <adaptr> bacaci__: that is not whisky
[20:41:32] <bacaci__> I'd*
[20:41:41] <adaptr> that is fake rum
[20:41:55] <bacaci__> as your pay
[20:41:56] <adaptr> have you got anything remotely resembling SIngle Malt Islay on offer ?
[20:42:19] <sahil> paid in black, the liquor of all desis worldwide.
[20:42:37] <sahil> but i'll take the makers mark, neat, please.
[20:42:44] <bacaci__> adaptr I can't even pronounce Islay
[20:42:46] *** Rockj has quit IRC
[20:42:52] *** Rockj has joined #postfix
[20:43:00] *** zamba has quit IRC
[20:43:04] <devdas> sysmonk: whisky, not whiskey
[20:43:04] *** zamba has joined #postfix
[20:43:20] <sahil> "biskey"
[20:43:22] *** blackflag has quit IRC
[20:43:22] *** hdm has left #postfix
[20:43:23] <adaptr> there are some whiskeys I can stomach
[20:43:24] * devdas wonders where sahil works
[20:43:28] <sysmonk> devdas: i don't care as long as it's not vodka or beer
[20:43:30] <sysmonk> ;)
[20:43:33] <devdas> heh
[20:43:37] *** blackflag has joined #postfix
[20:43:41] <adaptr> connemara good
[20:43:44] <adaptr> bushmills good
[20:43:51] * sahil wonders why about dedas' wonderment. :)
[20:43:58] * sahil wonders why he can't type
[20:44:03] <adaptr> jameson okay for large quantities to poach on yer mates
[20:44:09] <adaptr> as it be cheep
[20:44:15] <sahil> word.
[20:44:18] <devdas> adaptr: Glenlivet, Glenfidditch
[20:44:26] <adaptr> not whiskey
[20:44:28] <devdas> the 30 yo is _good_
[20:44:29] <adaptr> that's whisky
[20:44:32] <bacaci__> how about free old led zeppelin cds?
[20:44:35] <devdas> yes
[20:44:38] <bacaci__> as payment?
[20:44:40] <sysmonk> milk is nice too
[20:44:42] * sysmonk hides
[20:44:46] <sahil> baileys
[20:44:48] <adaptr> devdas: sorry, islay ftw for me
[20:44:51] <devdas> lol
[20:44:57] <devdas> adaptr: np
[20:45:02] * adaptr strangles sahil slowly in his own baileys
[20:45:04] *** randra has quit IRC
[20:45:15] <adaptr> choke on it, yer bastd! choke!
[20:45:20] <thumbs> sysmonk: you will forever be know the as the 'milk' guy
[20:45:21] * devdas drowns sysmonk in American mass produced beer
[20:45:35] <bacaci__> or fried oatmeal?
[20:45:40] <sysmonk> devdas: i like lithuanian beer
[20:45:49] <sysmonk> thumbs: i'm just an evil guy
[20:45:50] <sysmonk> !evil
[20:45:51] <knoba> sysmonk: "evil" : is sysmonk
[20:46:01] <bacaci__> !evil
[20:46:01] <knoba> bacaci__: "evil" : is sysmonk
[20:46:27] <sahil> hoegaarden
[20:46:28] <sysmonk> we evil people drink milk to not look evil! :)
[20:46:38] <devdas> sahil: tolerab;e
[20:46:39] *** Vince42 has joined #postfix
[20:46:41] <devdas> tolerable
[20:46:54] <sysmonk> really, i haven't heard even half of those words
[20:46:55] <sahil> it's cheap and tolerable, a rather nice mix.
[20:46:59] <devdas> I like grey goose though
[20:47:00] <bacaci__> like nixon was an immoralist hiding behind a moralist?
[20:47:05] <sysmonk> are those all whisky?
[20:47:11] <devdas> No
[20:47:14] <sysmonk> milk?
[20:47:15] <devdas> the Glen* are whisky
[20:47:22] <sysmonk> i see
[20:47:30] <sysmonk> and hoe something?
[20:47:31] <sahil> grey goose == the bottle one purchases when entering any club here in nyc, so i abhor it for that reason alone.
[20:47:31] <bacaci__> just have a white russian sysmonk
[20:47:41] <devdas> sahil: oh dear
[20:47:51] <sysmonk> bacaci__: that's what i like, really
[20:47:52] <devdas> GG is actually good vodka
[20:47:59] <sahil> yeah, it's not bad. :)
[20:48:06] * sahil is not partial to vodka in general...
[20:48:08] <devdas> Hoegaarden is Belgian beer
[20:48:12] <adaptr> close
[20:48:17] * devdas is a vodka and whisky person
[20:48:19] * bacaci__ thinks of GG as 'GOOD GAME'
[20:48:21] <adaptr> devdas: it is not
[20:48:24] <sahil> much prefer mountain gay
[20:48:26] <devdas> Hmmm?
[20:48:31] <sahil> and yes, that's a real name of the rum!
[20:48:41] * devdas is so not a Rum person
[20:48:54] * devdas notes that he is not a whiskey person
[20:49:02] *** randra has joined #postfix
[20:49:04] <sahil> we're all SMTP people
[20:49:04] * sysmonk is not a gay person too
[20:49:08] * sahil awaits the hazing
[20:49:10] <sysmonk> err, rum person that is;
[20:49:19] <thumbs> sysmonk: yeah, unlike adaptr
[20:49:25] <sysmonk> thumbs: hah :P
[20:49:25] <sahil> rofl
[20:49:44] <devdas> sahil: you forgot the POP3 and IMAP bits
[20:50:10] * bacaci__ bored with licqour
[20:50:18] <adaptr> devdas: could have sworned it was Dutch.. which one am I thinking of that is Dutch, then ?
[20:50:33] <sysmonk> adaptr: you like rum, right? :)
[20:50:33] <bacaci__> who's dutch?
[20:50:42] <sahil> devdas: pop3... *cringe*
[20:51:01] <devdas> argh
[20:51:02] <adaptr> sysmonk: don't really drink it
[20:51:09] <devdas> I used to know this
[20:53:10] * bacaci__ thinks sahil is from boston... not nyc but could be wrong
[20:53:56] <sahil> bacaci__: cute deduction based on my hostname, but wrong.  i schooled outside of boston many yrs ago.
[20:54:02] * bacaci__ used to be registered with columbia... but decided not to go back
[20:54:28] <devdas> so sahil, where do you work?
[20:54:31] <bacaci__> sahil that's why I included the disclaimer
[20:54:38] <devdas> which big financial firm?
[20:54:50] <sahil> bacaci__: fair enough. ;-)
[20:54:52] *** pitakill has joined #postfix
[20:54:53] * devdas sees a XKCD reference again
[20:55:12] <sahil> haha
[20:55:25] * bacaci__ thinks sahil doesn't need 90% to help me
[20:55:47] <sahil> bacaci__: dude, it's a recession, i'll take 99% without flinching.
[20:56:10] <bacaci__> sahil: how do I allow connections from a dhcp in postfix?
[20:56:20] * sahil faints with frustration
[20:56:26] <devdas> !sasl
[20:56:27] <knoba> devdas: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[20:56:36] <devdas> sahil: lol
[20:56:45] <bacaci__> http://dpaste.com/96806/
[20:56:48] <devdas> !relay
[20:56:48] <knoba> devdas: Error: "relay" is not a valid command.
[20:56:57] <bacaci__> I have sasl setup through dovecot
[20:57:04] * devdas beats knoba more
[20:57:05] <bacaci__> I've added the users that I need
[20:57:06] <sahil> bacaci__: so what is the problem?
[20:57:33] <bacaci__> sahil, relay access denied, I can send from the server, but not a remote connection
[20:57:58] <bacaci__> and I can receive just fine, but not send
[20:58:16] <sahil> instead of pasting that crap, can you paste the output of 'postconf -n'?
[20:58:16] * bacaci__ thinks it's more of a personal problem of mine
[20:58:20] <bacaci__> kk
[20:58:30] <sahil> debian schmebian.
[21:00:31] <bacaci__> http://dpaste.com/96829/
[21:00:39] * bacaci__ misses nyc
[21:01:03] *** hyper_ch has joined #postfix
[21:01:09] *** brancal is now known as brancaleone
[21:01:15] <sahil> where exactly do you permit sasl authenticated clients bacaci__?
[21:01:21] <hyper_ch> when I alter the virtual table and postmap it.... will I then have to reload postfix?
[21:01:26] <bacaci__> 19
[21:01:59] <bacaci__> smtp_sasl_auth_enable = yes
[21:01:59] <bacaci__> isn't that it?
[21:02:09] <sahil> no.
[21:02:18] <devdas> smtpD
[21:02:26] <devdas> hyper_ch: no
[21:02:27] *** jwit has quit IRC
[21:02:40] *** jwit has joined #postfix
[21:02:59] <hyper_ch> devdas: just postmap the new file and that's all=
[21:03:37] <sahil> hyper_ch: indeed.
[21:04:05] <sahil> hyper_ch: watch your logs, postfix will even notice you changed it and restart the appropriate processes all by itself.
[21:04:08] <hyper_ch> thx, this far I always manually reloaded
[21:04:31] <hyper_ch> upon editing the virtual file, the sender_check file, the recipient_check file, .....
[21:04:36] <sahil> unnecessary.
[21:04:45] <hyper_ch> wasn't much work :)
[21:06:48] <bacaci__> sahil I added smptd_sasl_auth_enable = yes
[21:07:49] <sahil> bacaci__: did you even read http://www.postfix.org/SASL_README.html#server_sasl?
[21:08:10] <sahil> particularly the section about adding permit_sasl_authenticated somewhere in your main.cf?
[21:08:13] *** jwit has quit IRC
[21:08:33] *** jwit has joined #postfix
[21:09:55] <bacaci__> sahil thanks
[21:10:25] <bacaci__> hopefully I didn't piss you off, I'm just fresh out of college, and looking for any help that I can get
[21:10:47] <bacaci__> I really made the lighttpd guys mad when I tried setting up 1.5
[21:11:03] <bacaci__> when it wasn't a stable release
[21:11:17] <hyper_ch> last question (maybe): why are emails from outside being rejected? I have set hubatka-partner.ch  in $mydestination  and I added  user@hubatka-partner-ch   user   into the virtual file, compiled it with postmap and added it to the main cf with:  virtual_maps = hash:/etc/postfix/virtual
[21:12:04] <hyper_ch> user at hubatka-partner dot ch>: Relay access denied (state 14).
[21:14:45] *** hever has joined #postfix
[21:16:13] <sahil> hyper_ch: paste your postconf -n on pastie.org along with full log examples; and you might as well paste the contents of your virtual file.
[21:16:15] *** jwit_ has joined #postfix
[21:16:16] *** jwit has quit IRC
[21:16:39] *** jwit_ is now known as jwit
[21:19:15] <hyper_ch> sahil: postconf:  http://phpfi.com/385976
[21:19:23] <hyper_ch> sahil: log: http://phpfi.com/385978
[21:19:32] <hyper_ch> sahil: virtual: http://phpfi.com/385979
[21:20:23] <hyper_ch> I just set now the mydomain var... hadn't had that before.. but it didn't change anything
[21:20:32] *** stas has quit IRC
[21:20:53] *** stas has joined #postfix
[21:21:51] <sahil> typo. :)
[21:22:45] <sahil> hyper_ch: you've listed hubakta-partner.ch in your mydestination list.  hubakta-partner.ch != hubatka-partner.ch, hence the error.
[21:23:09] <hyper_ch> sahil: that's too simple :)
[21:23:12] <hyper_ch> sahil: thx
[21:23:22] <sahil> hyper_ch: if you're going to define mydomain, why not just use $mydomain in your mydestination as well?  it's simple and avoid typos like above.
[21:23:27] <hyper_ch> I guess I could have stared at that config for another hour
[21:23:44] <hyper_ch> I added $mydomain later....
[21:23:48] <hyper_ch> :)
[21:24:11] <sahil> setting mydomain to something in main.cf but not alterting the contents of mydestination would not help here.
[21:24:21] <sahil> you either need to fix the typo or include $mydomain as one of the mydestinations.
[21:24:56] <hyper_ch> I deleted $mydomain and fixed the typo
[21:25:23] <hyper_ch> Dec  7 21:27:07 server postfix/local[9824]: 6909D93C6C: to=<bah at server dot hubatka-partner.ch>, orig_to=<bah at hubatka-partner dot ch>, relay=local, delay=0.66, delays=0.59/0.01/0/0.07, dsn=2.0.0, status=sent (delivered to maildir)
[21:25:28] <hyper_ch> now that looks ogod :)
[21:25:28] <sahil> then you should be all set.
[21:25:35] <hyper_ch> damn, I can't type today
[21:25:43] <sahil> clearly. :)
[21:26:09] <hyper_ch> sahil: could I just set myhostname in main.cf also to just "hubatka-partner.ch" instead of the fqdn?
[21:26:46] <hyper_ch> so that the log would also just be to=..... instead of  to=...., orig_to=.....
[21:27:27] <sahil> if that is what you want.
[21:27:35] <hyper_ch> :)
[21:27:50] <devdas> thje orig_to is due to your using virtual
[21:28:22] <sahil> but you should likely keep myhostname as fqdn.  why change it?
[21:28:37] <hyper_ch> sahil: well, it looks better without the sub :)
[21:28:55] <sahil> oh who cares about aesthetics in your logs!
[21:29:21] <hyper_ch> I guess you're right
[21:29:25] <sahil> bah is a user on server.whatever; email was delivered to bah at server dot whatever via some virtual domain, so it's useful to know.
[21:29:35] <hyper_ch> so, next thing to check is to see if backup mx works :)
[21:30:13] <sahil> backup MXs are so early 2k
[21:30:31] <hyper_ch> I think early 2k there weren't any mailserver at all ;)
[21:30:38] <hyper_ch> ok, there were
[21:30:49] <hyper_ch> well, what do you suggest then in case the mailserver is down?
[21:30:59] *** Don_Corleone has joined #postfix
[21:31:05] <sahil> the sending mailservers will notice that and just try again later.
[21:31:25] <hyper_ch> and if the server is down for....hmmm.. 10 days?
[21:32:00] *** hparker has quit IRC
[21:32:25] <sahil> the user who was sending the mail will probably get a bounce from his mail server explaining the mail never made it, and he or she might try sending again.
[21:32:40] <sahil> hyper_ch: and why the heck would your server be down for 10 days? :-)
[21:32:48] <hyper_ch> sahil: *holidays*
[21:33:10] <sahil> is this a personal mail server or a production one on which any other human beings or businesses rely?
[21:33:37] <hyper_ch> it's a small business one for my company :)
[21:33:39] <sahil> if it's anything other than personal,  you better figure out a way to monitor it every day; if not you, then someone else who works with you.
[21:34:08] <sahil> does this server do both SMTP and IMAP/POP3?
[21:34:13] <hyper_ch> yes
[21:34:59] <sahil> where is it hosted?  you appear to be relaying through bluewin.ch's mail servers, so are you hosting it on some dhcp line at your home or something?
[21:35:18] <hyper_ch> sahil: its in my office... I still need to get a static ip for it
[21:35:43] <sahil> gotcha.
[21:36:06] <hyper_ch> it's just to setup now to test it before taking it operational
[21:36:09] <sahil> well, if you're worried, then sure, run the backup mx. :)
[21:36:26] <hyper_ch> well, the backup mx is my personal managed server :)
[21:36:34] <hyper_ch> but on that server confidential mail comes in
[21:36:44] <hyper_ch> so it's a fully encrypted raid1 system
[21:36:58] *** hparker has joined #postfix
[21:37:06] <miegalius> gero vakaro
[21:37:07] <sahil> i hope the mail contents itself are encrypted.
[21:37:26] <hyper_ch> sahil: unfortunately not all of them
[21:37:35] <sahil> otherwise anyone with access to intervening routers and basic tcpdump knowledge is reading all those important messages!
[21:37:53] <hyper_ch> I know that :)
[21:38:03] *** wdp has joined #postfix
[21:38:05] <hyper_ch> but one partner has his mail currently on gmail
[21:38:06] * devdas drops a trojan and a keylogger on sahil's system
[21:38:10] <devdas> Who needs tcpdump?
[21:38:16] <hyper_ch> and the other one hotmail
[21:38:25] <sahil> oh no!!!!!
[21:38:40] <hyper_ch> I still need to figure out how to best get that mail in original format (date, orig_from, orig_to) onto the server
[21:38:48] * sahil throws a greasy aloo paranta at devdas
[21:39:03] <sahil> hyper_ch: what do you mean by that?
[21:39:13] <hyper_ch> sahil: well, we are three people...
[21:39:21] <hyper_ch> sahil: one hosts all the email currently on hotmail
[21:39:29] <hyper_ch> sahil: the other one on gmail
[21:39:31] <sahil> hyper_ch: bad choice by him, but anyway.
[21:39:44] <hyper_ch> sahil: so, question is how to get that all onto the mail server
[21:39:54] <hyper_ch> so that it will keep the current structure
[21:40:08] <hyper_ch> (hence not just forwarding it all from the according server)
[21:40:14] <hyper_ch> gmail can be accessed by imap
[21:40:24] <hyper_ch> hence make a local copy and then copy it just over
[21:40:32] <sahil> hyper_ch: maybe hotmail too?
[21:40:32] <hyper_ch> that should be fine
[21:40:38] <hyper_ch> not sure about hotmail
[21:40:45] <sahil> give it a shot.
[21:41:03] <hyper_ch> you probably have to use outlook for hotmail
[21:41:44] <thumbs> *shudder* outlook
[21:43:32] *** devdas has quit IRC
[21:45:43] <hyper_ch> thumbs: what do you have against outlook?
[21:45:43] <sahil> i'm out.
[21:45:49] <hyper_ch> sahil: thx for the help
[21:46:33] <thumbs> it's perhaps the worst email client out there?
[21:46:48] <hyper_ch> thumbs: it's not just an email client
[21:47:04] <thumbs> that's part of the problem, too.
[21:47:42] <hyper_ch> ;)
[22:01:45] <ki__> can i search postfix queue for messages by subject?
[22:04:21] <ki__> !queue
[22:04:22] <knoba> ki__: Error: "queue" is not a valid command.
[22:06:53] <adaptr> !postcat
[22:06:54] <knoba> adaptr: "postcat" : a command for printing the contents of a mail in the queue. See "man postcat".
[22:09:05] *** Archgrue has joined #postfix
[22:13:30] <Archgrue> hi, I need some help. I've installed Postfix on gentoo, configured it to work with dovecot sasl, but when I start postfix it does not create the socket where I configured it to.
[22:14:23] <adaptr> why would postfix create a socket for SASL ?
[22:14:31] <adaptr> you need to rethink this
[22:15:32] <Archgrue> adaptr: as far as I understand it, it does. besides, same config works fine on some other distros.
[22:15:45] <adaptr> well, it doesn't
[22:15:57] <adaptr> *dovecot* creates a socket that postfix uses to auth against
[22:16:05] <Archgrue> adaptr: ok, then, it fails to create the private/auth file.
[22:16:13] <Archgrue> adaptr: oh.....
[22:17:17] *** nerbie69 has quit IRC
[22:17:29] *** Fallenou has joined #postfix
[22:17:35] *** stas has quit IRC
[22:18:37] *** stas has joined #postfix
[22:20:32] *** nerbie69 has joined #postfix
[22:21:36] *** Archgrue has quit IRC
[22:22:51] *** pitakill has quit IRC
[22:24:44] *** Don_Corleone has quit IRC
[22:28:38] *** Archgrue has joined #postfix
[22:29:23] <Archgrue> Sorry, I accidentally closed the terminal.... My problem is that when I open connection to the smtpd, it complains, through the log, that connect to private/auth failed. I don't know why, it is there, all permissions ok.
[22:29:35] <Archgrue> postconf -n:  http://pastebin.ca/1279087
[22:34:59] *** nerbie69 has quit IRC
[22:40:16] *** mathez has quit IRC
[22:42:14] *** rcsu_ has quit IRC
[22:42:41] *** pitakill has joined #postfix
[22:51:13] *** _Tino is now known as Tino
[22:51:13] *** Tino is now known as Tinozaure
[22:51:25] <ki__> i am reading some documentation and it mentions "per mail delivery request" ... what exactly does this mean? If i connect from a different machine to send mail via smtp, does it refer to per message to be queued for delivery?
[22:51:43] <ki__> The maximal number of recipients that the Postfix SMTP server accepts per message delivery request.
[22:52:12] *** jwit has quit IRC
[22:52:42] *** bluethundr_ has joined #postfix
[22:55:53] *** jwit has joined #postfix
[22:58:43] *** Don_Corleone has joined #postfix
[23:09:05] *** bluethundr has quit IRC
[23:09:18] *** Archgrue has left #postfix
[23:09:34] *** growltiger_ has joined #postfix
[23:13:54] *** growltiger has quit IRC
[23:13:59] *** randra has quit IRC
[23:18:22] *** CrazyFoam has quit IRC
[23:18:51] *** CrazyFoam has joined #postfix
[23:22:05] *** AC`97 has joined #postfix
[23:22:08] *** AC`97 has left #postfix
[23:22:31] *** AC`97 has joined #postfix
[23:22:53] *** AC`97 has left #postfix
[23:23:19] *** linguini has joined #postfix
[23:23:57] *** wdp has quit IRC
[23:24:31] *** nerbie69 has joined #postfix
[23:35:32] *** BBishop has quit IRC
[23:41:37] *** m0t3jl has joined #postfix
[23:42:47] <m0t3jl> adaptr, hello, I am starting to consider myself an idiot, because since yesterday I have not managed to overcome that little problem of mine. Would you mind kicking me a little bit farther?
[23:42:52] <Don_Corleone> how do we set mail headers ?
[23:43:58] * sahil kicks m0t3jl in the balls.
[23:44:00] <sahil> happy?
[23:44:05] <sahil> Don_Corleone: how do you ask more intelligent questions?
[23:44:48] <m0t3jl> sahil, that was not exactly what I had in mind....
[23:44:59] <sahil> m0t3jl: what *did* you have in mind?
[23:45:00] <Don_Corleone> sahil: what do u mean
[23:45:29] <m0t3jl> sahil, were you here yesterday when I talked with adaptr?
[23:45:33] <sahil> Don_Corleone: no, what do YOU mean?  what headers are you trying to add?  why?  what is the problem?
[23:45:39] <sahil> m0t3jl: negative.
[23:45:41] <sahil> nyet.
[23:46:08] <m0t3jl> sahil, xarasho ;)
[23:46:19] <sahil> i don't speak hax0r.
[23:46:39] <m0t3jl> sahil, me neither, I just know a few Russian words, since I am trying to study Russian a bit ;)
[23:46:45] <Don_Corleone> sahil: fuck you
[23:46:59] <Don_Corleone> :D
[23:47:38] *** havvg has joined #postfix
[23:48:57] <sahil> Don_Corleone: no, thanks.  moron.
[23:49:04] <sahil> m0t3jl: :)
[23:49:20] <sahil> Don_Corleone: go play with your headers.
[23:49:44] <Don_Corleone> sahil: be intelligent, don't take it so serious :D
[23:49:52] <sahil> Don_Corleone: HAHAHAHAHAHA
[23:49:54] <Don_Corleone> you are very smart
[23:49:56] <sahil> be intelligent?!
[23:50:04] <Don_Corleone> I guess
[23:50:19] <sahil> m0t3jl: what is the problem you were having yesterday?
[23:50:32] <m0t3jl> sahil, I have a machine that has 3 interfaces.
[23:50:35] *** nerbie69 has quit IRC
[23:51:08] <m0t3jl> sahil, I have set up master.cf to create 3 smtpd transports and each of them bind to one interface.
[23:51:32] <m0t3jl> sahil, using IP_addres_of_the_first_interface:smtp
[23:52:35] <sahil> and?
[23:52:44] <m0t3jl> sahil, my trouble is that when there is an outgoing e-mail, it will get send from one of the interfaces, but not from the one the smtp is bound to ;)
[23:53:08] <m0t3jl> sahil, that does not sound right, let me rephrase that :)
[23:53:12] <sahil> you can't control the interface used for outgoing.
[23:53:20] <m0t3jl> sahil, really?
[23:54:20] <m0t3jl> sahil, I believed that http://www.postfix.org/postconf.5.html#smtp_bind_address was the option I could use to do that.
[23:54:46] <sahil> no.
[23:55:04] <sahil> but to be clear, are you really trying to force a particular interface for outgoing mail?
[23:55:07] *** nerbie69 has joined #postfix
[23:55:32] <m0t3jl> sahil, not for every outgoing.
[23:55:55] <sahil> you can try using separate instances of postfix for each interface and experiment that way, but i'm not sure it's worth the trouble.
[23:56:09] <m0t3jl> sahil, it should be like this: when a client connects to an smtpd instance that listens on interface A, the e-mail should be send outside using the interface A.
[23:56:26] <sahil> hehe, nope.
[23:56:31] <m0t3jl> sahil, that's my point, having separate postfix instances would be the very last resort.
[23:57:26] <sahil> see postfix-user mailing list archives; this is somewhat of a FAQ.  and i'm yet to hear a good reason for why it's even necessary.
[23:58:07] *** Don_Corleone has quit IRC





top