[00:01:12] *** BBishop has joined #postfix
[00:01:55] <sahil> m0t3jl: bottom line is that your OS chooses the interface, postfix cannot be configured (in its current state) to also specify outgoing interface.
[00:02:27] <m0t3jl> sahil, but can I somehow specify something like the IP adress to be used to relay the mail to?
[00:04:17] <sahil> you mean smtp_bind_address?
[00:04:32] <m0t3jl> sahil, maybe default_transport?
[00:04:41] <sahil> no, that has nothing to do with the IP address used!
[00:05:02] <sahil> m0t3jl: and remember, smtpd is different than smtp. :)
[00:05:07] <m0t3jl> sahil, I know.
[00:05:35] <m0t3jl> sahil, so the smtp_bind_address in main.cf really applies only to smtp?
[00:05:40] *** GoGi has quit IRC
[00:05:45] <sahil> you appeared confused earlier since you were explaining how you setup 3 smtpd transpors in master.cf but then were confused why they weren't being used on hte way out (that is to say, smtp, minus the trailing d).
[00:06:52] <sahil> m0t3jl: http://www.postfix.org/postconf.5.html#smtp_bind_address
[00:06:53] <m0t3jl> sahil, I am sorry for that.
[00:07:11] <sahil> An optional numerical network address that the Postfix SMTP _client_ should bind to when making an IPv4 connection.
[00:08:15] <m0t3jl> sahil, the point I was trying to get to: When smtpd gets a connection from a client (user) to send an e-mail somewhere, it would authenticate the client, check headers and stuff, and then it would just simply open the internal smtp client to send the mail outside, right?
[00:08:33] <sahil> when sending mail to certain domains, i suppose (though i've never needed this or test it), you could setup clone smtp transports in master.cf and use the -o smtp_bind_address=xxx.xxx.xxx.xxx flag to set a specific ip address, but this would only be if you knew in advance which sites you want to send to with which IP.
[00:08:49] <sahil> m0t3jl: pretty much.
[00:09:39] *** Haris_ has quit IRC
[00:10:08] <sahil> m0t3jl: http://thread.gmane.org/gmane.mail.postfix.user/59197/focus=59212
[00:10:25] <m0t3jl> sahil, but I can't use the smtp_bind_address in the smtpd -o declaration in master.cf, can I?
[00:12:27] <sahil> again, you are talking about smtp, _not_ smtpd.
[00:12:36] <m0t3jl> sahil, I was not
[00:12:55] <sahil> aren't you talking about the IP postfix binds to when _sending_ email?
[00:13:04] <sahil> if so, then you're talking about smtp, and not smtpd.
[00:13:21] <m0t3jl> sahil, yes, let me explain my point.
[00:13:21] *** dvl has left #postfix
[00:13:40] <sahil> but let's back up and make one thing clear, you cannot set things up so that in your current setup, postfix takes a connection in ip X and then sends a message out on ip X.  no, you cannot.
[00:13:41] <m0t3jl> sahil, smtpd receives mail, it executes the smtp client to send the mail somewhere else, right?
[00:13:57] <sahil> m0t3jl: unless it's delivering mail locally, or to a virtual domain, etc.
[00:13:57] *** hparker has quit IRC
[00:14:52] <m0t3jl> sahil, so I was thinking about telling smtpd to use certain options for smtp when executing it
[00:15:20] <sahil> no.
[00:15:31] <sahil> can you give a real world example of what problem you're trying to solve here?
[00:15:52] <stockholm> a DKIM question: i found this little script in debians dkimproxy dokumentation: http://paste.debian.net/23093/
[00:16:08] <sahil> why can't you just let the mail go out on the smtp_bind_address?  do you require a different address to which postfix's smtp client should bind for a particular domain?  what is the actual problem?
[00:16:12] <stockholm> is DOMAIN the actual domain or the hostname?
[00:16:27] <stockholm> and SELECTOR...?
[00:16:51] <sahil> stockholm: no clue, but do you use amavisd-new within your email infrastructure?  if so, setting up DKIM is *trivial* and so easy.  try it.
[00:16:52] *** F6F has quit IRC
[00:17:16] <stockholm> sahil: no, i dont use amavis
[00:17:28] <stockholm> i just use dkimproxy and postfix
[00:17:51] <stockholm> sahil: besides, dkimproxy setup is done and works
[00:17:57] <stockholm> this is about the dns record
[00:18:06] <sahil> ok, enjoy yourself then.
[00:18:22] <stockholm> sahil: does amavis set up your dns txt records for you?
[00:18:41] <sahil> stockholm: no, but it makes a rather nice latte.
[00:18:49] <thumbs> mmm latte
[00:18:50] <stockholm> sahil: i can do that myself
[00:18:59] <stockholm> my latte is better i bet
[00:19:11] <m0t3jl> sahil, the problem is that the network belongs to a company and everything on the network is connected to its domain, now they have bought a major part in another company and connected the new company's network to the old one. They do not want to spend more money on the network, so they just told me to connect the new company, join all their pcs to the old domain and use the current mail server for outgoing e-mail. Everything went smoothly, but yesterda
[00:19:11] <m0t3jl> y I was told it's bad that every outgoing e-mail (even from the new company) looks like it was sent from the old company's server, so they want me to make sure that the e-mails from the new company will look like as sent from the new company's server, not the old company's server ;)
[00:20:04] <sahil> so just make everything originate from new company's server with smtp_bind_address
[00:20:13] <sahil> old company coming from new company shouldn't matter, should it?
[00:20:26] <m0t3jl> sahil, believe me, it would, it's all business shit...
[00:20:37] <sahil> m0t3jl: i can appreciate that.
[00:20:57] *** hparker has joined #postfix
[00:21:05] 
[00:21:48] <stockholm> i think i found some good documentation for the txt record
[00:24:00] <sahil> stockholm: actually, amavisd showkeys pastes the record for you so you can just drop it in your dns.  but hey, you're already all setup.  do your thing, barista and sysadmin.
[00:24:32] <m0t3jl> sahil, so what do you think about it?
[00:27:43] <sahil> m0t3jl: if i understand your problem correctly, there is no solution outside of running different postfix instances, each with their own smtp_bind_address entries.
[00:28:12] <m0t3jl> sahil, pitty...
[00:29:15] <sahil> odd that business people are getting involved with such petty things as the ip address of sending machine.
[00:29:26] <sahil> what business is this?  and shouldn't they be spending more time making money? :)
[00:29:28] *** _Driver_ has quit IRC
[00:31:10] <m0t3jl> sahil, When you receive a bounce message saying that the message was seen or that it is undeliverable and the sending server is of another company than you send the e-mail to, you get angry.
[00:31:36] <m0t3jl> sahil, could I tell smtpd to use different transport for sending the e-mails?
[00:32:06] <stockholm> now google tells me "no signature": http://paste.debian.net/23094/
[00:32:20] <stockholm> can someone see what went wrong?
[00:32:31] <sahil> m0t3jl: wouldn't the *hostname* be the same?
[00:32:47] <sahil> m0t3jl: no, but yo could tell smtp (not smtpd) to use a different transport for sending emails, yes.
[00:32:56] <sahil> s/yo/you/
[00:33:21] <m0t3jl> sahil, the default_transport is for smtp, not smtpd?
[00:34:28] <sahil> m0t3jl: http://www.postfix.org/postconf.5.html#default_transport
[00:34:39] <sahil> it defaults to smtp.
[00:34:44] <sahil> there's a lot in the docs, you know. :)
[00:34:49] <m0t3jl> I am looking at the documentation, there is nothing in there saying that smtp or smtpd uses that :(
[00:35:02] <sahil> uses _what_?
[00:35:40] <m0t3jl> sahil, when you look at the documentation that is there for the default_transport, there is not a single line saying that this parameter applies to smtp or smtpd only.
[00:35:53] <sahil> dude, omfg
[00:35:59] <sahil> the default_transport _is_ smtp
[00:36:46] <m0t3jl> sahil, yes, but there can be more transports defined in the master.cf, can't they?
[00:36:50] <sahil> if you want to alter something related to _outgoing_ mail, you're talking about the smtp _client_ not the smtp _server_ (aka smtpd), so you need to manipulate smtp, not smtpd.  been trying to drive this home for a while. :)
[00:37:15] <sahil> m0t3jl: yes, but for OUTGOING, you need to define another smtp (NOT smtpd) transport, and configure its smtp_bind_address accordingly.
[00:37:33] <m0t3jl> sahil, but how does the smtpd know what to use for outgoing mail?
[00:37:52] <m0t3jl> sahil, it just simply has smtp hardcoded into itself?
[00:40:46] <sahil> smtpd doesn't, postfix does. :)
[00:41:10] <m0t3jl> sahil, but it does have it hardcoded, doesn't it
[00:41:13] *** Juspion has joined #postfix
[00:41:14] <sahil> postfix uses the default transport, which is smtp, but can be changed by, say a transport_map.  this is explained in the default_transport section in the postconf(5) man page.
[00:43:04] <sahil> sorry, gotta go, and can't think of how else to explain these things.  but good luck.
[00:43:20] <sahil> you should read http://www.postfix.org/OVERVIEW.html -- especially the section on how postfix delivers mail.  might help you understand.
[00:43:20] <m0t3jl> sahil, but transport maps depend on recipient...
[00:43:47] <sahil> m0t3jl: yes, that's what i'm trying to tell you and i said several iterations ago... you can only do what you're trying to do if you KNEW THE RECIPIENT DOMAINS FOR WHICH YOU WANTED TO SET A SPECIFIC IP.
[00:43:54] <sahil> rtfm! :)
[00:43:59] <sahil> i'll be back in a few, good luck.
[00:44:10] <m0t3jl> thanks anyway...
[00:50:42] *** Haris_ has joined #postfix
[00:50:52] *** nerbie69 has quit IRC
[01:00:12] *** Fallenou has quit IRC
[01:02:56] *** war9407 has quit IRC
[01:05:33] *** _ruben has quit IRC
[01:08:30] *** _nalle has quit IRC
[01:08:33] *** _nalle has joined #postfix
[01:10:53] *** hever has quit IRC
[01:11:54] *** hever has joined #postfix
[01:12:46] *** georg has quit IRC
[01:14:00] *** xpoint has quit IRC
[01:14:19] *** xpoint has joined #postfix
[01:23:47] *** wdp has joined #postfix
[01:31:02] *** nerbie69 has joined #postfix
[01:40:49] *** havvg has quit IRC
[01:57:38] *** keffer has quit IRC
[02:00:16] *** ming_zym has joined #postfix
[02:02:54] *** _Driver_ has joined #postfix
[02:03:58] <sahil> m0t3jl: still around?
[02:04:02] <sahil> .2
[02:04:03] <sahil> woops
[02:04:08] *** BlueG has joined #postfix
[02:04:44] <m0t3jl> sahil, yep
[02:04:55] <sahil> m0t3jl: check out the overview?
[02:05:16] <m0t3jl> sahil, I did... without any luck...
[02:05:21] <sahil> =/
[02:05:49] <sahil> re-reading our convo i think you might be under the impression that smtpd controls smtp; that is not the case; the master process calls smtp.
[02:07:31] <m0t3jl> sahil, the sender_dependent_relayhost_maps is a parameter of smtp?
[02:12:03] *** googlah_ has joined #Postfix
[02:13:00] <sahil> not sure what you mean by that, but you *can* use it to override the default transport and nexthop.
[02:14:04] <m0t3jl> sahil, whether I should assign it to smtpd or smtp in master.conf
[02:16:22] <sahil> what do you mean assign it?
[02:16:24] <sahil> you set it in main.cf
[02:16:56] <sahil> and direct some sending domains, presumably, to another transport, which is defined in your master.cf as a clone of the existing (default) smtp transport, where the only difference is a different smtp_bind_address
[02:17:40] <roe_> I have a simple question, I just can't arrive at the solution.  I want all system mail forwarded to user at domain dot com
[02:17:51] <roe_> system mail addressed to root
[02:20:12] *** googlah_ has quit IRC
[02:20:15] *** googlah_ has joined #Postfix
[02:21:20] *** googlah has quit IRC
[02:23:11] *** Zelest has quit IRC
[02:23:44] <m0t3jl> sahil, as you have said earlier, it is possible to specify a transport in relayhost, right?
[02:23:58] *** z\ has joined #postfix
[02:24:04] *** Juspion has quit IRC
[02:24:13] <sahil> you specify a transport in transport_maps, which you set in main.cf.
[02:24:16] *** hever has quit IRC
[02:25:01] <m0t3jl> <sahil> not sure what you mean by that, but you *can* use it to override the default transport and nexthop.
[02:25:33] *** googlah has joined #Postfix
[02:27:15] <m0t3jl> sahil, what would a transport defined in master.cf like this: 10200 inet n - n - - smtp do?
[02:31:18] <linguini> m0t3jl: I'm a postfix newb so probably shouldn't butt in, but FWIW, I don't believe sahil's interpretation.
[02:32:16] <m0t3jl> linguini, what exactly do you disagree with?
[02:34:21] <linguini> m0t3jl: Some of the postfix docs give the impression you can have more than one "service" in master.cf.  I.e. smtp_newcompany and smtp_oldcompany.  Again, I don't know how this would work exactly -- maybe address classes could be used.
[02:34:43] <m0t3jl> linguini, that's what I found as well...
[02:35:04] <sahil> wtf are you guys going on about?
[02:35:09] <linguini> Does the outgoing mail come from foo at newcompany dot com and bar at oldcompany dot com ?
[02:35:14] <sahil> when did i ever say you *can't* have smtp_anything_foo?
[02:35:29] <sahil> the point is, you need to tell postfix *when* to use smtp_anything_foo rather than the default smtp with some sort of directive.
[02:35:30] <m0t3jl> sahil, if I can, how can I use that?
[02:35:51] <sahil> sigh.
[02:36:45] *** googlah_ has quit IRC
[02:36:59] <linguini> m0t3jl: Do you know what address classes are?
[02:37:23] <linguini> m0t3jl: sahil's seems to know much more than me.  I just happened to be reading these docs at the same time seeing this thread go by.
[02:37:40] <m0t3jl> sahil, I'll ask another way, if I (for just any reason) do not want the implicit transport to be named smtp, what can I do about it, i.e. what should I change in order to use smtp_someting instead of the implicit smtp?
[02:37:53] <m0t3jl> linguini, I am not sure what address classes are...
[02:38:12] <linguini> m0t3jl: Does the outgoing mail come from foo at newcompany dot com and bar at oldcompany dot com ?
[02:38:44] *** amrit|bbl is now known as amrit
[02:39:01] <m0t3jl> linguini, yes
[02:39:19] *** loddafnir has quit IRC
[02:39:19] <m0t3jl> linguini, only from these two domains.
[02:39:43] <linguini> sahil: Can't he use this fact to specify a "service" via address classes (see ADDRESS_CLASS_README)?
[02:40:19] <sahil> clearly i am not as smart as either of you because even at this point i do not know exactly WHAT m0t3jl is trying to accomplish.
[02:40:30] <sahil> i just am trying to answer bits and pieces of general postfix questions.
[02:40:54] <sahil> are you trying to use a different outgoing smtp_bind_address based on who is sending the email?  or what?
[02:40:58] *** keffer has joined #postfix
[02:41:19] <m0t3jl> sahil, wtf? I have said this like 4 times ...
[02:41:19] <linguini> It sounds like he wants all mail from foo at newcompany dot com to go out via IP #1 and all mail from bar at oldcompany dot com to go out via IP #2.
[02:41:49] <m0t3jl> linguini, exactly.
[02:42:35] <m0t3jl> sahil, but I agree that it may have not been as clear as it is when linguini says it ;)
[02:43:53] <sahil> you have *NOT* said that 4 times, you were going on about smtpd executing smtp, blahdy blah blah.
[02:45:11] <m0t3jl> sahil, it really does not care now ... the question is the one that linguini have written - is is possible to do that?
[02:45:16] *** wdp has quit IRC
[02:45:22] <sahil> it does not care?
[02:45:25] <sahil> what is it?
[02:45:45] <m0t3jl> sahil, sry... Do not think about it ;)
[02:46:31] *** Internat has joined #postfix
[02:46:31] <m0t3jl> sahil, is it possible to say that every email that has a sender like * at domainA dot com to come from IP # 1 and every email that has a sender like * at domainB dot com to come from IP #2?
[02:46:50] *** internat1 has quit IRC
[02:47:33] <linguini> m0t3jl: You should say "sent via" not "come from" -- it's confusing...
[02:47:47] <linguini> s/sent via/be sent via/
[02:48:46] <linguini> The ADDRESS_CLASS_README seems to be written towards delivering incoming mail, rather than outgoing, but I think that's where I would start reading if I were you, m0t3jl.
[02:49:35] <linguini> And again, I'm a newb, so may be misleading you.
[02:50:02] <m0t3jl> linguini, thanks for the grammar though ;)
[02:55:41] <sahil> m0t3jl: why are you averse to running a different postfix instance for the old company and a separate one for the new one?
[02:56:13] <sahil> m0t3jl: sender_dependent_relayhosts will only change the relayhost, not the transport, which then prevents you from directing mail to a different transport based on sender.
[02:56:24] <sahil> at least that is my understanding; perhaps others can opine.
[02:56:47] <m0t3jl> sahil, because it would need to change the startup scripts...
[02:56:52] <sahil> lol
[02:56:59] <sahil> that's trivial. :)
[02:57:20] *** tmus has joined #postfix
[02:57:26] <m0t3jl> sahil, nevertheless not doing it that way is a big challenge
[02:58:08] <m0t3jl> sahil, but can't I use a transport as part of a relay host?
[02:58:15] <tmus> is there a way to get postfix to log to mysql?
[02:59:23] <sahil> unfortuantely, i don't believe so.
[03:04:43] <tmus> sahil: sorry to ask, but was that for me or m0t3jl ? :-)
[03:04:47] <sahil> tmus: m0t3jl
[03:05:15] <tmus> okay :)
[03:06:03] <sahil> tmus: you can experiment with http://sourceforge.net/projects/msyslog/, but why log to mysql?  seems draconian abuse of your mysql server if postfix is very active. :)
[03:06:46] <tmus> sahil: i agree, but this is a request from a customer
[03:07:17] <tmus> sahil: msyslog is a complete syslog, right? i'm not sure that is what I want
[03:07:41] <tmus> just wondered whether postfix could do this on its own
[03:08:20] <BlueG> is a domain name from a dyndns service sufficient to set up a postfix MTA and send mail, or would you need something more?
[03:10:53] *** xpoint has quit IRC
[03:12:49] <sahil> BlueG: reverse dns to that domain name, otherwise you will probably get rejected by a lot of MTAs.
[03:13:06] <sahil> tmus: sorry, don't think so.
[03:13:31] <tmus> sahil: okay, thanks :)
[03:16:25] <BlueG> sahil: how do you do that?
[03:19:09] <sahil> BlueG: you don't, whomever assigned you your IP controls that.
[03:20:22] *** miegalius has quit IRC
[03:21:46] *** keffer has quit IRC
[03:22:07] *** nerbie69 has quit IRC
[03:23:18] *** nerbie69 has joined #postfix
[03:24:12] *** tmus has quit IRC
[03:25:05] <BlueG> sahil: ok, so using a dyndns for sending mail is not likely to work
[03:25:53] <BlueG> can you use postfix to send mail via a web based email account that has smtp access, like gmail?
[03:35:41] <sahil> BlueG: yes, you can use smtp as your relayhost.
[03:35:55] <sahil> you could also use your ISP as your relayhost; many people do that.
[03:38:37] *** growltiger_ has quit IRC
[03:52:52] *** growltiger has joined #postfix
[03:59:44] *** googlah has quit IRC
[04:02:07] *** googlah has joined #Postfix
[04:22:02] <bluethundr_> I seem to be getting email as my user account
[04:22:04] <Muffin> Hi. I'm having a lot of trouble tracking down what I believe to be a flaw in my postfix configuration, and was hoping someone could help.
[04:22:06] <bluethundr_> but root gets no mail
[04:22:18] *** mavrick61 has quit IRC
[04:22:33] <Muffin> I'm a little new to interpreting mail.log output, but this line concerns me: Dec  7 19:22:51 blue postfix/smtp[23277]: 4203ADC212: to=<scorpio.ken at msa dot hinet.net>, relay=msa-mx8.hinet.net[168.95.6.152]:25, delay=137, delays=0/43/93/0.6, dsn=2.0.0, status=deliverable (250 <scorpio.ken at msa dot hinet.net>... Recipient ok)
[04:23:01] <Muffin> ...it concerns me because it (and many MANY like it) were not sent by anyone on my server.
[04:23:25] *** mavrick61 has joined #postfix
[04:23:34] <bluethundr_> I try looking in all the usual places for mail for root
[04:23:40] <bluethundr_> but nothing seems to turn up
[04:23:46] <sahil> Muffin: that's worrisome indeed.
[04:24:25] <Muffin> My desire is to only allow local accounts to use the server for smtp. There are only two or three local accounts.
[04:24:34] <sahil> Muffin: what else is in your log related to that same queue id (4203ADC212)?
[04:25:11] <sahil> bluethundr_: is there an alias (perhaps in /etc/aliases) that redirects mail for root to someone else?
[04:25:22] <bluethundr_> yes, there is
[04:25:30] <Muffin> sahil: A bunch of stuff. Do you have a pastebin I can put grep output into?
[04:25:37] <bluethundr_> but that user does not get the mail intended for root
[04:26:06] <bluethundr_> I'll work on pastebinning my log file
[04:26:14] <bluethundr_> it's just that it's on a server without a gui
[04:26:16] <sahil> Muffin: use pastie.org
[04:26:52] <Muffin> (it'll be a bit, as mail.log is currently 200MB big due to lines like the one above.)
[04:26:58] <sahil> bluethundr_: pipe the output to some txt file and scp that to some box with gui and try cut and pasting from there.
[04:27:11] <Muffin> sahil: http://blue.ilovebacon.org/~adik/output.txt
[04:27:12] <sahil> Muffin: are you sure the server is not compromised?
[04:29:18] <Muffin> In what way do you mean "compromised?" Login rates for the three users haven't changed, and the passwords are strong and unshared.
[04:29:38] <Muffin> Is it possible to track this opening back to a certain user account somehow? double-bounce at blue dot ilovebacon.org doesn't exist as a user.
[04:29:53] <sahil> Muffin: can you grep your log for "scorpio.ken" and throw that in a pastebin as well?  i have a theory.
[04:30:02] <sahil> double-bounce is very specific. :)
[04:30:26] <sahil> do you do address verification?
[04:30:29] <Muffin> Ah, ok. I will grep for scorpio.ken, but the thing you probably want more is grepping for hinet.net...there's a LOT of mail headed to/from there. Also, yahoo.com.tw
[04:31:12] <sahil> couple of different reasons this could be happening, but if you do address verification, that could be it.  but helps to see postconf -n to rule out a number of things.
[04:31:13] <Muffin> sahil: What exactly do you mean by address verification? http://blue.ilovebacon.org/~adik/main.cf.txt
[04:31:46] <sahil> Muffin: ah, as i suspected.  under your recipient restrictions you have reject_unverified_recipient,
[04:32:19] <Muffin> It seems to me that that should reject recipients such as that who have not been verified...does it implicitly say to ACCEPT those that ARE verified?
[04:32:39] <Muffin> output2.txt is the result of grepping for scorpio.ken ; postconf.n.txt is the output of postconf -n
[04:32:51] <sahil> that's not a good idea; just blanket address verfication requests are considered abuse by a lot of systems.  and postfix uses the double-bounce@$myorigin for address verification probes.
[04:33:34] <Muffin> That makes sense, but so little mail SHOULD be coming out of my system that the address verification shouldn't be considered abusive.
[04:33:48] <sahil> Muffin: sure, it's up to you, but just my opinion.
[04:33:54] <sahil> (and that of many others)
[04:34:04] <sahil> but that explains your double-bounce emails; those are address verification probes.
[04:34:13] <Muffin> It's certainly a reasonable opinion.
[04:34:34] <Muffin> But the bigger worry to me is why anyone was trying to verify all of these hinet.net and yahoo.com.tw addresses.
[04:34:37] <bluethundr_> I'm a little new to scp...
[04:34:52] <bluethundr_> I'm typing scp /home/username/mail-log.txt username@host-ip
[04:34:58] <bluethundr_> and nothing seems to happen
[04:34:59] <sahil> Muffin: do read http://www.postfix.org/ADDRESS_VERIFICATION_README.html for some background.  and recognize that some folks will add your server to blacklists (like backscatterer.org) if they notice you're doing it to them.
[04:35:03] <Muffin> You want username@host-ip:/path/to/new/file
[04:35:14] <bluethundr_> gotcha
[04:35:17] <bluethundr_> much thanks
[04:35:36] <Muffin> OK.
[04:35:46] *** synx has joined #postfix
[04:36:41] <Muffin> sahil: I will read that site. It does start out by saying it's only for low-traffic sites, but I've taken it out of my configuration for the time being.
[04:36:47] <synx> I need to filter my outgoing email, to change around the addresses. I made a smtp mail filter to do that, and set it as default_transport.
[04:37:04] <Muffin> I mean, it should only apply to outgoing mail from my server, which should be coming only from my users...so really, it's useless once my main problem is fixed.
[04:37:17] <synx> Then in master.cf I set -o default_transport=myISPthing for a service on port 10025
[04:37:42] <synx> So sending email to port 10025 ignores that, and uses the filter as a default transport, thus the filter filters mail forever filling up my queue geometrically.
[04:38:03] <synx> Is it not able to set default_transport just for one service in master.cf?
[04:38:39] <sahil> Muffin: you know what, my caution applies much more to reject_unverified_sender, not so much _recipient_, so yeah, definitely take cues from that readme, less from me.  i'm obviously suffering from lack of sleep.
[04:39:45] <sahil> synx: http://www.postfix.org/FILTER_README.html
[04:39:52] <Muffin> Heh, well I quite appreciate your attempts to help me nail this down. IT's been an issue for over a month, and I'm pretty much out of ideas.
[04:40:21] <synx> I'm not filtering incoming mail. I can't even get incoming mail anymore. Just sending it, it needs to be munged or all my return addresses will get blocked.
[04:40:29] <Muffin> Really, the only senders that should be allowed are my users. Unless it refers to people sending mail TO my users, in which case I don't care if they're verified.
[04:40:48] <sahil> synx: a filter is a _filter_ -- it does not matter whether you're trying to do this on incoming or outgoing; that readme is relevant.
[04:40:53] <Muffin> ...and I don't have reject_unverified_sender  set anyway. :)
[04:40:59] *** nerbie69 has left #postfix
[04:41:04] <sahil> Muffin: nope you don't; hence my retracement. :)
[04:41:12] <sahil> but those are definitely address verification probes.
[04:41:14] *** Motoko-chan has joined #postfix
[04:41:17] <synx> sahil: I've read through it, but it doesn't mention about filtering once a message has been destined non-locally.
[04:41:33] <Muffin> :) OK. Let me dig for a better error message, then.
[04:42:40] <sahil> and you've got permit_mynetworks in two different places, a bunch of trailing "permits" (redundant) and rejects.  not sure which document suggested these things. :-)
[04:42:57] <synx> My question is more can you override default_transport in main.cf, for a service in master.cf. I'll worry about getting filtering correct after learning that.
[04:43:20] <Muffin> I used to have a nice clean main.cf, back before I got frustrated enough to start tweaking random things. :-\
[04:43:20] <synx> Like the way you can override content_filter to prevent infinite filter loops.
[04:43:24] <Muffin> 52EC7DC118: to=<wang6788 at ms17 dot hinet.net>, relay=none, delay=36, delays=5.7/0/30/0, dsn=4.4.1, status=deferred (connect to ms17a.hinet.net[168.95.5.17]:25: Connection timed out)
[04:43:58] <sahil> well that's pretty clear; that particular hinet MTA was not responding; so postfix will try again later.
[04:44:10] <Muffin> Er, that line is just a site timing out.
[04:44:15] *** saurabhb has joined #postfix
[04:44:21] <Muffin> The problem is that to=<wang6788 at ms17 dot hinet.net> should not exist.
[04:44:28] <Muffin> Like, nobody send mail there.
[04:44:48] <sahil> Muffin: but did that user (wang6788) send a message to one of your users?
[04:44:49] <synx> obviously somebody did.
[04:45:17] <Muffin> http://blue.ilovebacon.org/~adik/output.txt  is a grep for 52EC7DC118.
[04:45:23] <sahil> synx: default_transport is smtp... are you trying to change that to something else when sending email to a particular domain?
[04:46:12] <Muffin> sahil: I don't know how to find out. Grepping for that address doesn't produce anything that suggests so (it's in output2.txt)
[04:47:01] <z\> is it possible in main.cf, that mydomain and myhostname are the same?
[04:47:54] <Muffin> z: Yes, that's quite normal.
[04:47:59] *** georg has joined #postfix
[04:48:13] <Muffin> z\: Sometimes it's otherwise, if you're hosting multiple domains on the same server.
[04:48:14] <synx> sahil: I'm pretty much trying to take source address user@myhost, and convert it to otheruser+user@otherhost, only then sending the email to a remote transport. But only for emails destined non-locally.
[04:49:52] *** k-man has left #postfix
[04:50:07] <Muffin> ...the email to wang6788 at hinet dot net appears to have a from of rczdqcueo.uiiwm at msa dot hinet.net
[04:50:47] <sahil> Muffin: yes, can you show some logs that surround that users' attempt to send what appears to be a random assortment of yahoo, yam.com and other addresses?
[04:51:28] <synx> Muffin: deferred due to user complaints? <_<
[04:52:34] <Muffin> http://blue.ilovebacon.org/~adik/output2.txt is that one message. output3.txt is filling up with a grep for hinet.net
[04:53:23] <Muffin> Er, output2.txt is a grep for wang6788. output3.txt is a grep for hinet.net. output4 is a grep for rczdqcueo.uiiwm
[04:54:08] <synx> You do operate on hinet.net, right?
[04:55:32] *** bluethundr_ has quit IRC
[04:55:34] <sahil> yahoo's messages are rarely trusted; that user complaints crap is usually, well, crap.  but in this case it might be true.
[04:55:41] <synx> Maybe you should talk to the user rczdqcueo.uiiwm, see why they're sending email to a destination that is timing out.
[04:56:07] <sahil> that's not a real user on his machine; hence this discussion.
[04:56:19] <Muffin> synx: NO
[04:56:28] <Muffin> hinet.net is a domain that is completely unknown to me!
[04:56:33] <sahil> Muffin: something on localhost is generating those mails.
[04:56:46] <synx> If it's not a user, and not an alias for a user, then you should probably check if your machine is acting as an open mail relay.
[04:56:54] <Muffin> sahil: That is disturbing.
[04:56:59] <sahil> it's not; i just checked; he's not an open relay.
[04:57:04] <Muffin> synx: It's not an open relay if I can't just point...yeah.
[04:57:13] <synx> okay
[04:57:34] <synx> 128.223.98.60 is where it's coming from, on smtpd, not localhost...?
[04:57:41] <Muffin> ...
[04:57:52] <Muffin> That's my laptop at school.
[04:57:53] <synx> Oh wait no it is localhost.
[04:58:15] <sahil> NOQUEUE: reject: RCPT from localhost[127.0.0.1]
[04:58:18] <sahil> that's the key.
[04:58:30] <Muffin> OK. And it means that there's basically a rogue call to sendmail?
[04:58:47] <sahil> and why is it HELO'ing from 128.223.98.60 (which is your laptop at oregon) is also interesting.
[04:58:53] <synx> It's still smtpd, just that the connection is coming from 127.0.0.1
[04:59:45] <synx> It's almost as if your laptop is hiding inside your computer...
[05:00:01] <sahil> lol
[05:00:09] *** mhearne has joined #postfix
[05:00:47] <Muffin> So, something may be up with my laptop, but...my laptop shouldn't be able to send mail through that server anyway...
[05:01:25] * Muffin nmaps
[05:01:58] <synx> The HELO is reporting as your laptop, but it's originating from your email server. You have a ssh tunnel or something, from your laptop to your server?
[05:02:31] <synx> It could just be something giving the wrong HELO, maybe you copied configuration over from said laptop.
[05:03:24] <Muffin> ...christ.
[05:03:41] *** bluethundr has joined #postfix
[05:03:54] <Muffin> My brother wanted a way to send mail through the server. So I set up a manner by which to test whether I could get a mac to automatically ssh-forward smtp requests.
[05:04:03] <sahil> ha, there you go.
[05:04:14] <synx> So anyway, what I need to do is for all emails with a local source, but a remote destination, I need to munge that local source to reflect where people need to send email, since I'm being blocked from the normal way.
[05:04:18] <sahil> it *was* localhost as we suspected.
[05:04:29] <Muffin> And I left it on, and someone found out that my laptop open-relay-forwarded mails to the blue server.
[05:04:53] <sahil> now yahoo and a bunch of big guys are blacklisting you.  uh oh. :/
[05:04:56] <Muffin> Now, how do I shut that off...
[05:04:58] <synx> Ooh, so they were spam messages.
[05:05:09] <sahil> Muffin: block your bro's laptop!
[05:05:10] <Muffin> synx: YES! A spammer thought my laptop was an open relay.
[05:05:20] <sahil> Muffin: because it *was* an open relay.
[05:05:24] <Muffin> sahil: MY laptop. I never explained to him how to do it. :)
[05:05:28] <Muffin> sahil: YES
[05:05:34] <sahil> well stop it at once!
[05:05:35] <Muffin> Now how the heck do I undo this.
[05:05:37] <Muffin> Heh.
[05:05:41] *** georg has quit IRC
[05:05:52] <synx> Sigh, at least YOUR service provider didn't block port 25 forever.
[05:06:05] <sahil> stop the forwarding, and in the meantime, block that laptop with a client check from relaying through your postfix box.
[05:06:24] <Muffin> Ha.
[05:07:34] <synx> I can't get or send emails anymore thanks to them.
[05:07:40] <sahil> omfg
[05:07:53] <sahil> Muffin: i just relayed mail to myself via parmesan.uoregon.edu.  you need to put a stop to this at once!
[05:08:09] <synx> So I was trying to work around it by using another email account I had, with IMAP access not SMTP.
[05:08:42] <sahil> synx: use a relayhost and use submission port 587 to circumvent blocks of 25
[05:08:49] <synx> Trouble is email to a user has to now go through this other account, since existing source addresses will be blocked.
[05:09:00] <bluethundr> hey postfix guys
[05:09:03] <synx> sahil: That doesn't work for receiving email. All my return addresses would be worthless.
[05:09:13] <bluethundr> I was able to scp to a gui'd machine and paste to paste.debian.net
[05:09:15] <sahil> synx: your isp blocks INCOMING 25?  that sucks.
[05:09:17] <bluethundr> here are my logs
[05:09:17] <bluethundr> http://paste.debian.net/23104/
[05:09:19] <bluethundr> to recap
[05:09:22] <Muffin> <working on it>
[05:09:35] <bluethundr> I am able to send mail to my username, but not to root for some reason
[05:09:42] <synx> sahil: Comcast has been doing that a lot lately. They finally got me last week.
[05:09:50] <sahil> synx: bastards.
[05:09:52] <sahil> ok, i'm out good luck.
[05:09:56] <synx> totally
[05:10:02] <synx> thanks sahil.
[05:11:36] <synx> bah I'll just content_filter it normally and pretend I'm not violating 17 pages of the SMTP standard.
[05:14:14] *** jense has joined #postfix
[05:18:00] *** lunaphyte has quit IRC
[05:18:22] *** lunaphyte has joined #postfix
[05:18:32] <bluethundr> I performed a tail -f on /var/mail/mail.log
[05:18:45] <bluethundr> do I have enough info in my logs from when I tried to mail root?
[05:22:11] *** saurabhb has quit IRC
[05:22:18] *** saurabhb has joined #postfix
[05:23:05] <Muffin> parmesan:LaunchDaemons> sudo launchctl unload /Library/LaunchDaemons/smtp.plist
[05:23:10] * Muffin hopes.
[05:24:00] *** roe_ has quit IRC
[05:24:20] *** roe_ has joined #postfix
[05:25:06] *** mhearne has left #postfix
[05:25:40] <bluethundr> I tried again and generated a new log file
[05:25:41] <bluethundr> http://paste.debian.net/23105/
[05:30:00] <bluethundr> I generated a new aliases database with newaliases and tried again
[05:30:39] *** jens__ has quit IRC
[05:32:14] <bluethundr> http://paste.debian.net/23106/
[05:38:35] <synx> Hmph...
[05:38:49] <synx> If I put mail into the queue just using 'mail', will it not get content filtered?
[05:39:26] <Haris_> http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions
[05:39:31] <Haris_> Mail to local destinations that match $inet_interfaces or $proxy_interfaces, $mydestination, $virtual_alias_domains, or $virtual_mailbox_domains.
[05:40:39] <synx> That wasn't to me, was it Haris_?
[05:41:27] <Haris_> Nope
[05:42:00] <bluethundr> ah, was that to me, good sir?
[05:42:22] <Haris_> Nope, that was for my understanding. Clearing concepts
[05:42:30] <bluethundr> ah, okay
[05:43:15] <Muffin> synx, sahil: Thanks so much. The problem appears alleviated for the time being.
[05:43:52] <synx> Muffin: No problem. Always beware when unrecognized domains start appearing in the logs!
[05:46:12] <Muffin> Indeed!
[05:46:24] <Muffin> Or when the logs balloon to several mb per day.
[05:46:25] *** linguini has quit IRC
[05:52:11] *** z\ has quit IRC
[05:52:16] <roe_> can I do smtp:[dns.name.com] in my transport file?
[05:52:21] *** syntax- has joined #postfix
[05:52:49] <bluethundr> I can send email to my username but not to root
[05:52:53] <bluethundr> http://paste.debian.net/23106/
[05:56:32] <Muffin> bluethundr: What that says is that the mail to root was actually sent to bluethundr at nylsd dot com
[05:56:45] <Muffin> Perhaps you have that set up as an alias? Is there anything for "root:" in /etc/aliases?
[05:57:48] <bluethundr> yes thank you, I do have root sending to bluethundr setup in my aliases file
[05:57:55] <bluethundr> but when I look in that mailbox
[05:58:08] <bluethundr> I do not see the mail that I just sent
[05:58:18] <bluethundr> would you like to see my conf file?
[06:02:25] <Muffin> I may not be able to make sense of it...I'm a bit of a novice, that was just my first best guess.
[06:02:54] <bluethundr> ah, I see
[06:02:55] <Muffin> That file says that Postfix thinks that the meail is sent.
[06:02:57] <bluethundr> well thanks for trying
[06:03:11] <bluethundr> well, that's a start I suppose!
[06:03:15] <Muffin> Or, like, postfix thinks it sent the message and is done with it. So that may indicate that root is just not getting the message. Are the permissions right on /var/spool/mail/root ?
[06:03:36] <bluethundr> ah, interesting.. let me check that location
[06:04:22] <bluethundr> hmm... I tried looking in /var/spool/mail/root
[06:04:24] <bluethundr> AND
[06:04:45] *** Zelest has joined #postfix
[06:04:50] <bluethundr>  /var/mail/root
[06:05:03] <bluethundr> but I get No such file or directory
[06:05:23] <bluethundr> I do have /var/mail/bluethundr
[06:05:36] <bluethundr> and I point mutt to there, and do not see the mails either
[06:07:28] <sahil> Muffin: it is worth investing a few moments in setting up at least daily postfix-logwatch reports; they would have alerted you to this problem long ago. :)
[06:10:09] <bluethundr> okay, bedtime for me due to work in the morning
[06:10:12] <bluethundr> appreciate the effort
[06:10:21] <bluethundr> I'll take another crack at this tomorrow
[06:10:24] <Muffin> Weird.
[06:10:28] <Muffin> :-\ Sorry I couldn't be more help.
[06:10:38] <bluethundr> no worries.. appreciate the attempt! ;)
[06:10:46] <bluethundr> cheers! over and out!
[06:10:49] *** bluethundr has quit IRC
[06:10:56] <Muffin> sahil: Yeah, that's true. I found it almost immediately, though...what with the files ballooning and all.
[06:11:36] <Haris_> Do I need to tell postfix where the ssl cert is, for it to ru sasl auth/
[06:12:09] <Muffin> Haris_: Yep, using something like smtpd_tls_cert_file=
[06:12:28] <Muffin> Well, ify ou want it to do tls.
[06:12:53] <Haris_> Otherwise, I don't?
[06:13:01] <Muffin> Correct.
[06:13:12] <Muffin> sasl probably has programs that will do all the certification stuff for you.
[06:13:27] <Muffin> So you'd just need postfix to know how to run sasl.
[06:13:45] <Muffin> http://www.postfix.org/SASL_README.html is a good reference.
[06:15:47] <Haris_> I'm reading that. Actually I'v already many times and probably missed something there
[06:15:56] <Haris_> Dovecot SASL configuration for the Postfix SMTP server
[06:16:32] <Dominian> Its best to get SASL working without SSL first.
[06:16:37] <Dominian> then put SSL into the mix
[06:16:44] <Haris_> I have dovecot sasl ready
[06:16:59] <Dominian> Well, I'm too lazy to read up and see what the issue is. hehe
[06:17:06] <Haris_> I can see built postfix with dovecot sasl and configure it
[06:17:13] <Haris_> but there's no option to specify a ssl cert
[06:17:24] <Haris_> build+
[06:18:01] <Haris_> There's no option to tell it, looks .. here's the ssl cert you'r going to use
[06:18:10] <Dominian> The SSL cert will be in postfix.. not dovecot
[06:18:19] <Haris_> exactly
[06:18:29] <Haris_> The question is .. where
[06:18:33] <Dominian> wait one
[06:19:23] <Dominian> smtpd_tls_key_file
[06:19:34] <Dominian> smtpd_tls_cert_file
[06:19:42] <Dominian> smtpd_tls_CAfile
[06:19:44] *** syntax- is now known as z\
[06:19:50] <Dominian> just to give you some breadcrumbs
[06:20:09] <Haris_> setting path against smtpd_tls_cert_file
[06:20:43] <Dominian> I had to do a lot of reading to figure out the SSL stuff
[06:20:48] <Dominian> and I'm still not sure I have it all ;)
[06:21:08] <Haris_> I'm working on enabling smtp auth
[06:21:09] <Dominian> are you wanting to use SSL/TLS on submission?
[06:21:13] <Dominian> ahh ok hang on
[06:21:13] <Haris_> for that I need to set sasl option
[06:21:14] <Haris_> s
[06:21:25] <Dominian> submission inet n       -       n       -       -       smtpd -o smtpd_tls_security_level=may -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions= -o smtpd_delay_reject=yes
[06:21:37] <Dominian> that's part of my master.cf for submission
[06:21:52] <Haris_> are submissions and sasl/smtp auth different things?
[06:21:57] <Haris_> submission+
[06:21:59] <Dominian> negative
[06:22:07] <Dominian> submission = smtp_auth
[06:22:22] *** chadmaynard has joined #postfix
[06:22:28] <Haris_> because submission as I gather works on a seperate port
[06:22:36] <Haris_> while smtp auth works on standard port
[06:22:43] <Haris_> standard smtp port
[06:22:44] <Dominian> right
[06:22:49] <Dominian> submission works on 587
[06:22:59] <Dominian> and is actually better to use for authentication
[06:23:08] <Dominian> that way you separate wh ocan do what easier
[06:23:37] <Haris_> so, I'm going for the standard port implementation right now
[06:24:13] <Haris_> http://www.postfix.org/SASL_README.html#server_dovecot <- this is also for submission?
[06:24:24] <Dominian> yeah.
[06:24:29] <Dominian> as you're doing the SASL using dovecot
[06:25:40] *** niki has joined #postfix
[06:25:49] <Haris_> /var/spool/postfix/private/auth
[06:25:56] <Haris_> is this used by dovecot or postfix?
[06:26:00] <Haris_> from the above url
[06:26:12] <Haris_> postfix writes to it, dovecots responds after checking through mysql?
[06:26:26] <Dominian> I believe dovecot just "uses" it.. doesn't write against it
[06:26:48] <Haris_> do they need to be at the same place for postfix and dovecot?
[06:27:46] <z\> any one using postfix admin here?
[06:27:55] <Dominian> Haris_: I believe so
[06:27:58] <Dominian> z\: yep
[06:28:19] <Haris_> z\: #postfixadmin
[06:28:27] <Haris_> z\: what's up
[06:31:51] <Haris_> what happens when /var/spool/postfix/private/auth
[06:31:58] <Haris_> is written to by postfix for smtp auth
[06:32:13] <Haris_> does dovecot reply or does postfix itself do some calculations?
[06:32:34] <Dominian> postfix gets the reply from dovecot
[06:36:41] <Haris_> this is the socket way and submission is the way via tcp/ip?
[06:37:14] <Dominian> er.. no
[06:37:20] <Dominian> SASL auth is done in the "background"
[06:37:29] <Dominian> there is no physical connection from the clients to the wauth back end
[06:41:01] <Haris_> I have set -> 1) smtpd_sasl_auth_enable = yes 2) broken_sasl_auth_clients = yes 3) smtpd_sasl_type = dovecot 4) smtpd_sasl_path = private/auth 5) smtpd_tls_cert_file = /path/to/postfix/ssl/postfix.crt
[06:42:05] <Haris_> is that enough?
[06:42:14] <Haris_> dovecot is already configured
[06:42:35] <Dominian> looks to be good
[06:43:08] <Haris_> after ehlo domain.tld I get;
[06:43:08] <Haris_> 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
[06:43:09] <Haris_> 250-AUTH=DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
[06:43:15] <Haris_> is there a difference?
[06:43:25] <Dominian> looks like it supports it
[06:44:38] *** growltiger_ has joined #postfix
[06:44:53] <Haris_> 535 5.7.8 Error: authentication failed: Invalid authentication mechanism
[06:44:53] <Haris_> lol
[06:45:30] <Dominian> have to choose a mechanism somewhere
[06:47:39] <Haris_> nothing is apparent in postconf -d|grep auth
[06:48:42] <Muffin> So what authentication mechanism are you using on your client?
[06:48:47] <Haris_> plain
[06:48:50] <Haris_> in dovecot
[06:48:57] <Dominian> plain and login
[06:49:06] <Haris_> sheep
[06:49:08] <Haris_> need to re-order them
[06:49:13] <Haris_> it should be PLAIN first
[06:49:13] *** _sng has joined #postfix
[06:50:01] <synx> Well a content filter works. I'd rather filter only when messages are destined for outside my network, but filtering every message isn't too bad since I'm low volume.
[06:54:07] <Haris_> hmm
[06:54:18] <Haris_> something is missing. Nothing I change in dovecot helps
[06:54:24] <Haris_> Must be something in postfix
[06:54:35] <Haris_> for auth = PLAIN or auth = MD5-CRYPT
[06:56:14] *** BlueG has quit IRC
[06:59:25] *** growltiger has quit IRC
[06:59:31] <Haris_> How do I set the correct auth mechanism
[07:00:05] *** synx has left #postfix
[07:03:59] * Muffin has only made it work for Cyrus.
[07:18:14] <Haris_> I can't find auth method in postconf -d or main.cf
[07:19:05] <Haris_> nor in master.c
[07:19:09] <Haris_> master.cf+
[07:20:03] *** psilo2 has joined #postfix
[07:24:24] <psilo2> I'm working through this: http://www200.pair.com/mecham/spam/virtualp1.html  I can't seem to receive my first piece of mail from the internet.   postconf -n is here: http://pastie.textmate.org/333693
[07:24:45] <psilo2> All four /var/log/mail.* logs remain empty; I was hoping to get some clue from them.
[07:25:34] <psilo2> I've tried sending to root at slyserve dot com which has an MX record, and also to root@<ip address>; nothing gets logged.  Port 25 is open.
[07:30:20] *** miegalius has joined #postfix
[07:32:08] <f3ew> Postfix logs to syslog, so check why your syslog stuff isn't working first
[07:32:57] *** Fallenou has joined #postfix
[07:34:23] *** z\ has quit IRC
[07:34:33] *** syntax- has joined #postfix
[07:36:07] <psilo2> f3ew: duh, good call, thanks.  Now I get stuff in the logs for local mail delivery at least.
[07:36:21] *** syntax- is now known as z\
[07:40:52] <psilo2> Still, when I send to root at 69 dot 80.249.110 from my gmail account, I would at least expect to see something in the logs..
[07:42:46] *** brancaleone has quit IRC
[07:48:05] *** Fallenou has quit IRC
[08:06:45] *** miegalius has quit IRC
[08:08:37] *** miegalius has joined #postfix
[08:19:36] <f3ew>  root@[ip]
[08:19:40] <f3ew> the [] are necessary
[08:20:44] *** Filbert has quit IRC
[08:23:33] *** Filbert has joined #postfix
[08:25:11] *** z\ has quit IRC
[08:25:44] *** z\ has joined #postfix
[08:26:16] *** pitakill has quit IRC
[08:28:19] *** deepjoy has joined #postfix
[08:31:28] *** sophokles has joined #postfix
[08:35:34] *** _ruben has joined #postfix
[08:37:01] *** georg has joined #postfix
[08:42:23] *** pa has quit IRC
[08:42:43] *** pa has joined #postfix
[08:45:26] *** Lap_64 has joined #postfix
[08:51:34] *** Motoko-chan has quit IRC
[08:53:04] *** arubin has joined #postfix
[08:58:30] *** georg has quit IRC
[08:59:46] *** madrescher has quit IRC
[09:02:46] <Haris_> How do I set the correct auth method?
[09:03:23] <Haris_> pop3, imap logins are working via dovecot
[09:03:42] <Haris_> I can't get correct auth method for smtp auth
[09:08:32] *** harobed has joined #postfix
[09:21:55] *** wdp has joined #postfix
[09:28:06] *** denis has joined #postfix
[09:32:29] *** |_Knoedel_| has joined #postfix
[09:33:08] *** chadmaynard has quit IRC
[09:39:39] *** Kako has joined #postfix
[09:40:36] *** brancaleone has joined #postfix
[09:42:39] *** shasta has quit IRC
[09:42:42] *** SARGuy_ has joined #postfix
[09:43:23] *** x-spec-t has joined #postfix
[09:43:32] *** arubin has left #postfix
[09:45:50] *** hever has joined #postfix
[09:48:37] *** deepjoy has quit IRC
[09:56:09] *** war9407 has joined #postfix
[09:59:12] *** Spec has quit IRC
[09:59:54] *** SARGuy has quit IRC
[10:00:15] *** Roobarb has quit IRC
[10:01:42] *** Zeit|awy_ has quit IRC
[10:02:02] *** SARGuy_ has quit IRC
[10:03:35] *** Roobarb has joined #postfix
[10:07:34] *** F6F has joined #postfix
[10:09:46] *** hever has quit IRC
[10:10:47] *** hever has joined #postfix
[10:16:36] *** inflex has joined #postfix
[10:16:39] <inflex> evening all
[10:17:39] <inflex> No, I don't have a problem - just thought I'd drop in :)
[10:17:57] *** randra has joined #postfix
[10:18:25] *** jeffspeff has joined #postfix
[10:18:54] <jeffspeff> what is the recpient delimiter character?
[10:19:40] *** cilly has joined #postfix
[10:19:44] <inflex>  \r\n ?
[10:19:46] <inflex> or ,
[10:20:59] <f3ew> postconf recipient_delimiter
[10:21:02] <f3ew> hey inflex
[10:21:07] <inflex> hi there f3ew
[10:21:10] <f3ew> Are you going to make it to LCA?
[10:21:30] <inflex> Oh, man, I wish I could make an appearance, would be nice to get to see/meet a lot of the online names I know.
[10:21:40] <inflex> Would have liked to have made a bit of a presentation/speech too
[10:21:44] <inflex> but, nope, can't.
[10:22:05] <f3ew> Damn!
[10:22:21] <f3ew> Are you in Sydney | Canberra?
[10:22:35] * f3ew is visiting those two places along with hobart
[10:23:00] <inflex> Nope, far north queensland
[10:23:35] <inflex> inland from Townsville by about 140km
[10:24:57] <inflex> so yes, about 3000km too north.
[10:25:07] *** lysander has quit IRC
[10:25:25] <f3ew> damn
[10:25:59] <f3ew> I travel all the way and you don't!
[10:28:08] <inflex> :(
[10:28:11] <inflex> I'm broke
[10:28:29] <inflex> Just finally finished paying off the ATO (tax) debt and now I'm just going to be glad to get through Christmas.
[10:28:35] <f3ew> :(
[10:28:39] <inflex> It's also why I've been pumping my new commercial warez around
[10:28:49] * f3ew hopes they sell
[10:29:28] <inflex> me too - don't like bills piling up. :D
[10:29:35] <inflex> Takes a long time though to push these things to market
[10:29:49] <f3ew> which sucks
[10:30:10] <inflex> Actually need to write up some more documentation for it... built it to work with Postfix as much as possible with the automated installer... but other MTAs need a lot more manual work :(
[10:30:11] <f3ew> Travel in .au is expensive
[10:30:18] <f3ew> :(
[10:30:26] *** denis has quit IRC
[10:30:39] *** denis_ has joined #postfix
[10:31:14] <inflex> You going as an attendee or as a speaker?
[10:31:22] <f3ew> Miniconf speaker
[10:31:35] * f3ew is paying his own way :(
[10:32:12] <inflex> ouch
[10:32:19] <f3ew> But then, it still goes on the resume
[10:32:19] <psilo2> Anyone seen this before? pop3d-ssl: calcsize fopen: Permission denied - it's killin me.
[10:32:34] <f3ew> psilo2, not me
[10:32:42] <f3ew> Courier? Cyrus? Dovecot?
[10:32:52] <inflex> mmm... pop3, ssl... problems with accessing the keyfiles?
[10:33:00] <psilo2> Courier.  Even chmod 777 on the courierpop3dsizelist file gives the same result.
[10:33:05] <inflex> strace would reveal probably - but it's hard to do that during real operation
[10:33:16] <inflex> fopen could be opening anything though
[10:33:28] <f3ew> Is there a selinux/apparmor policy in effect?
[10:33:42] <psilo2> no
[10:34:22] <inflex> is it intermittent or always happening?
[10:34:25] <psilo2> strace is a good idea.  I did that earlier and I just realized I was tracing the courierlogger heh
[10:34:33] <inflex> *lol*
[10:34:38] <psilo2> every time a client tries to pick mail up
[10:35:06] <psilo2> I looked at the source and concluded it was that particular file, but nothing's better than a real strace, Ibetter do that
[10:35:08] <inflex> okay, could be a multitude of things, at least with strace with the popper in non-daemon mode, you should get some idea
[10:35:28] <inflex> would be nice if they put the filename/line-number in those logging outputs
[10:36:04] <psilo2> I came close to recompiling with exactly that tweak.  But I've got debian packages installed and didn't wanna press my luck
[10:36:22] <psilo2> Been hard enough for me to get to this point.. mail newbie.
[10:36:55] <inflex> I always feel like a mail newbie :(
[10:37:03] <inflex> Been doing this since mid 90's and I'm still that way
[10:38:03] <psilo2> Is it important to be in non-daemon mode? I was just going to attach to the running couriertcpd's.
[10:38:42] <inflex> psilo2: well, just thought it'd be easier for you to then terminate
[10:40:06] <f3ew> you could connect wuith
[10:40:17] <f3ew> openssl -_client
[10:40:22] *** F6F has quit IRC
[10:40:25] <f3ew> see the op3d which gets invoked
[10:40:27] <f3ew> pop3d
[10:40:33] <f3ew> and then attach strace
[10:42:18] <psilo2> http://pastie.textmate.org/333756
[10:42:32] <psilo2> Bah, accept() indeed, but no subsequent open()
[10:45:07] *** deepjoy has joined #postfix
[10:47:33] *** deepjoy has left #postfix
[10:55:29] <psilo2> heh courier ./configure seems to be in an infinite loop, checking the same things repeatedly
[10:56:51] *** Tinozaure is now known as Tino
[10:57:01] *** Tino is now known as _Tino
[10:58:40] *** z\ has quit IRC
[10:58:57] *** z\ has joined #postfix
[11:02:20] *** shasta has joined #postfix
[11:02:23] <f3ew> no
[11:02:25] <f3ew> that's normal
[11:03:35] <psilo2> Never seen that before, but it did finish eventually.
[11:04:40] <psilo2> So I've determined that calcsize() wants to open the mail files themselves, measure them, and write the results to the courierpop3dsizelist.  Default perms on the new mail files are 600, vmail:vmail
[11:04:54] <psilo2> But I imagine it's postfix:postfix trying to do the read.
[11:08:40] <f3ew> no
[11:08:51] <f3ew> root, or the virtualo_uid_maps use5r
[11:08:55] <f3ew> or the system user
[11:09:17] <f3ew> Set virtual_uid_maps and v_gid_maps correctly
[11:09:27] <psilo2> both are static:6060, which is vmail
[11:09:43] <psilo2> I also have virtual_minimum_uid=6060
[11:10:07] *** m0t3jl has quit IRC
[11:11:19] <f3ew> and courier has the same info in it's config file?
[11:13:13] <psilo2> Which file would that be?
[11:13:34] <f3ew> pop3d-ssl.conf ?
[11:13:47] <f3ew> or rather, your auth<DB>rc ?
[11:13:59] <f3ew> where DB is mysql or pgsl or whatever
[11:14:08] <psilo2> ah mysql, ok.  let's see.
[11:15:16] *** cilly has quit IRC
[11:15:39] *** lysander has joined #postfix
[11:15:51] <psilo2> k, got that set up.  I'll have to wait to gmail to come back from maintenance...
[11:16:20] <f3ew> login by hand?
[11:16:28] <f3ew> or use a MUA
[11:17:26] <psilo2> I believe you've done it! :)
[11:18:30] <f3ew> yay
[11:19:02] *** googlah has quit IRC
[11:19:34] <psilo2> delicious success
[11:22:16] *** Kako has quit IRC
[11:29:22] *** _BBishop has joined #postfix
[11:29:46] *** _BBishop has quit IRC
[11:34:09] <inflex> congrats
[11:34:12] * inflex is just back from shopping
[11:34:25] <inflex> Now, time to ponder what new feature to cram into my commercial software
[11:35:57] *** hparker has quit IRC
[11:36:26] <psilo2> That was certainly an ordeal, thanks to both of you
[11:37:50] <psilo2> everything's working nicely now, even postfixadmin.
[11:38:36] <psilo2> er, I phrased that very awkwardly.  It was an ordeal thanks to me :P
[11:39:01] *** Izlots has joined #postfix
[11:40:42] *** BBishop has quit IRC
[11:42:19] *** blasse has joined #postfix
[11:43:55] *** z\ has quit IRC
[11:43:56] <f3ew> heh
[11:44:14] <f3ew> inflex, have you thought of going into hosting?
[11:46:53] *** tm-30740-exa has joined #postfix
[11:50:22] *** cpm has joined #postfix
[11:52:20] *** ming_zym has quit IRC
[11:58:34] <inflex> f3ew: hosting.... eish, not again, no.
[11:58:34] *** jelly has quit IRC
[11:59:13] <blasse> anyone seen anything like these lines in their logs mail amavis[5153]: (05153-09) NOTICE: reconnecting in response to: err=2006, S1000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 40) line 153, <GEN72>  line 5.
[11:59:13] <blasse>  everything seems to be working. i've used the etch tutorial
[12:01:38] *** wdp_ has joined #postfix
[12:04:44] *** BBishop has joined #postfix
[12:05:51] *** pirho has joined #postfix
[12:06:38] <psilo2> blasse: Is MySQL ok?
[12:08:30] <f3ew> inflex, it might be easier to sell your software as a service?
[12:09:05] <blasse> psilo2: no other errors in  the logs, and i've mails are coming in to all users just fine
[12:10:13] <psilo2> blasse: It certainly sounds like mysql was simply down (being restarted or integrity checked?) for a period
[12:10:19] *** jelly has joined #postfix
[12:10:29] *** denis_ has quit IRC
[12:13:53] <blasse> psilo2: sounds reasonable, becuase it just happens on some incoming mails not everyone.
[12:16:20] *** mark-use has joined #postfix
[12:18:33] *** wdp has quit IRC
[12:20:41] <inflex> f3ew: possibly - though it's a lot more complex and exceptionally expensive.
[12:21:24] <inflex> f3ew: I was involved with a group who did that (they used my Xamime email filtering software) and it was naturally a lot harder to handle the "real life events" and keep the profits up than desired
[12:21:38] <inflex> (they recently did however just sell out for an apparently very nice sum of money)
[12:28:54] *** madrescher has joined #postfix
[12:29:46] *** BuenGenio has joined #postfix
[12:32:46] *** googlah has joined #Postfix
[12:45:45] *** xpoint has joined #postfix
[12:55:22] *** mark-use_ has joined #postfix
[12:58:30] *** denis has joined #postfix
[13:01:16] *** amrit is now known as amrit|zzz
[13:08:18] *** mark-use has quit IRC
[13:09:12] *** robert83a1 has joined #postfix
[13:09:37] <robert83a1> hello, I'm using postfix and I'm currently rejecting 240~ mails/min , how can I tell postfix not to log this at all?
[13:11:45] <stockholm> robert83a1: do you accept some, too?
[13:11:59] <stockholm> otherwise you could do a /etc/init.d/postfix stop
[13:13:38] <robert83a1> :)
[13:13:49] <robert83a1> I do accept a  lot
[13:15:19] <robert83a1> and I need to stop logging al these rejected mail only
[13:15:36] <f3ew> robert83a1, why?
[13:15:42] <stockholm> you could filter on the syslog side...
[13:15:55] <stockholm> syslog-ng for instance can do that
[13:16:01] <robert83a1> because my masillog is over 800MB after one day
[13:16:08] <robert83a1> maillog
[13:16:14] <stockholm> robert83a1: try gzipping it
[13:16:14] <f3ew> Get a better syslogd
[13:16:17] <robert83a1> I'm using these smtp rules
[13:16:19] <f3ew> or rotate your logs faster
[13:16:20] <stockholm> it shrinks a lot
[13:16:29] <robert83a1> the log files rotate
[13:17:05] <stockholm> it packs beautifully. only a percent or so will remain
[13:17:08] <robert83a1> it's just that I thought that I could maybe somehow stop postfix from logging all these rejected mails, since I'm pretty sure that it's setup correctly...just wasting my place
[13:18:37] *** denis has quit IRC
[13:18:49] *** denis_ has joined #postfix
[13:19:14] *** robert83a1 has quit IRC
[13:19:57] *** blasse has left #postfix
[13:23:24] *** eanxgeek|laptop has joined #postfix
[13:23:45] *** pirho has quit IRC
[13:25:50] *** pirho has joined #postfix
[13:29:37] <inflex> If you can tollerate 1hr or 1 day of uncompressed logs, it's not a problem if you then bzip2 or gzip them after they've rolled
[13:29:54] <inflex> (syslog or syslog-ng should be able to do that, amazing how much smaller they become
[13:30:05] <inflex> It's preferrable if you do keep the slightly more verbose logs
[13:30:38] <inflex> Here's a gzip'd comparison
[13:31:00] <inflex> 288K compressed vs ~2MB by the end of the day
[13:31:16] *** mark-use_ has quit IRC
[13:33:15] <xpoint> inflex, just show me syslog-ng conf that use compressed log files :)
[13:33:27] <inflex> Though, yes, 800MB/day, a log file that big starts to cause an increased system load due to I/O
[13:33:44] <inflex> xpoint: am sure I used to have it on my Slackware boxes
[13:33:56] <inflex> now-a-days I'm using Ubuntu-server which gzip's automagically.
[13:34:02] <xpoint> logrotate does this
[13:34:10] *** mark-use_ has joined #postfix
[13:37:28] *** ctp has joined #postfix
[13:38:41] *** denis__ has joined #postfix
[13:38:49] *** dddh has joined #postfix
[13:39:47] *** denis_ has quit IRC
[13:39:55] *** saurabhb has quit IRC
[13:43:41] <Haris_> How do I configure the proper method for smtp/sasl auth in postfix? I'm using MD5-CRYPT in dovecot wiht it
[13:44:41] <ctp> hi folks. i am looking for a nice management gui for my postfix/dovecot/openldap setup. i know there's jamm and openmailadmin but the development on them stopped 2 years ago. any alternatives or hints what to take a look on?
[13:50:22] *** mark-use__ has joined #postfix
[13:51:28] *** cilly has joined #postfix
[13:58:32] *** saurabhb has joined #postfix
[14:03:00] *** mark-use_ has quit IRC
[14:18:52] *** ctp has quit IRC
[14:23:59] *** saurabhb has quit IRC
[14:32:26] *** weedar has joined #postfix
[14:32:52] *** inflex has quit IRC
[14:39:51] *** hever has quit IRC
[14:43:31] <weedar> I've got Postfix with Dovecot SASL, opened up port 587 as an alternative SMTP-port. Now one customer is unable to send from his desktop computer, but it works fine from his laptop - He is asked for his password on both machines but it doesn't work on the desktop
[14:44:07] <roe_> what do the logs say?
[14:44:39] <weedar> My logfile says "SASL PLAIN authentication failed" when he attempts to use the desktop, but "sasl_method=PLAIN, sasl_username=username" when he successfully sends from his laptop
[14:45:30] <weedar> He uses the same version of Thunderbird on both machines and identical settings. I don't see how they could behave differently
[14:45:54] <roe_> pebkac
[14:54:41] <rob0> or, smtp proxy
[14:57:35] <weedar> But he read the settings back to me on both machines - same smtp-server, same port, same username, same security settings (never use TLS) and both machines are connected to the Internet through the same DSL-line
[14:57:59] <weedar> rob0: what do you mean by "smtp proxy"?
[14:58:39] <rob0> !cisco_pix
[14:58:40] <knoba> rob0: "cisco_pix" : The Cisco PIX firewall has a SMTP proxy feature which breaks ESMTP. If your Postfix server is behind such a firewall you should disable the SMTP Fixup feature.
[14:58:51] *** hark has joined #postfix
[15:02:18] <_ruben> or nasty "personal firewall" on the desktop intercepting the traffic (wild guess)
[15:02:56] <rob0> same sort of thing, yes
[15:04:17] *** netcrash has joined #postfix
[15:07:13] *** skar has joined #postfix
[15:08:31] <skar> hi, i've got a postfix + dovecot sasl setup where postfix uses dovecot sasl for auth, how do i disable mail relaying for only 1 id say blocked at mydomain dot com while allowing mail for everybody else using permit_sasl_authenticated?
[15:10:20] <rob0> check_sender_access before permit_sasl_authenticated
[15:11:24] *** lunaphyte_ has quit IRC
[15:11:53] *** pirho has quit IRC
[15:13:33] <skar> rob0: thanks, that was pretty easy than i thought :)
[15:17:47] *** growltiger has joined #postfix
[15:17:50] *** growltiger_ has quit IRC
[15:25:13] *** _sng_ has joined #postfix
[15:28:38] *** McJerry has quit IRC
[15:29:01] *** _sng has quit IRC
[15:29:13] *** _sng_ is now known as _sng
[15:29:16] *** McJerry has joined #postfix
[15:29:27] *** _Driver_ has quit IRC
[15:31:54] *** pirho has joined #postfix
[15:33:28] *** pirho has quit IRC
[15:33:47] *** lunaphyte_ has joined #postfix
[15:34:57] *** pirho has joined #postfix
[15:35:43] *** skar has quit IRC
[15:37:31] *** loddafni1 has joined #postfix
[15:40:50] *** tombar has joined #postfix
[15:44:01] *** Lap_64 has quit IRC
[15:46:41] *** hparker has joined #postfix
[15:53:06] *** micw has joined #postfix
[15:53:11] <micw> hi
[15:53:45] <micw> can i configure multiple different mysql databases (with different queries) for virtual aliases or addresses?
[15:54:04] <f3ew> yes
[15:54:06] <micw> od (better) one different mysql database+quers for addresses and aliases of one specific domain?
[15:54:10] <micw> od->or
[15:54:11] <f3ew> yes
[15:54:19] <micw> great. how?
[16:06:12] <roe_> how will cost you extra
[16:06:16] <roe_> :)
[16:07:19] <roe_> do you know how to do it for one?
[16:08:38] *** hever has joined #postfix
[16:11:18] *** hever has quit IRC
[16:14:26] *** internat1 has joined #postfix
[16:15:44] *** Internat has quit IRC
[16:16:23] *** denis__ has quit IRC
[16:17:25] *** deadpigeon has joined #postfix
[16:23:21] *** dddh has quit IRC
[16:26:47] *** robert83a1 has joined #postfix
[16:27:03] <robert83a1> hello, just upgraded postfix via yum upgrade to latest verion now I'm getting the following error
[16:27:08] <robert83a1> process /usr/libexec/postfix/virtual pid 1711 exit status 1
[16:27:38] <robert83a1> warrning /usr/libexec/postfix/virtual : bad command startup --throtiling
[16:31:08] <micw> roe_, atm it runs with one db cnfiguration for all domains and aliases
[16:32:20] <micw> but i'd like to have a special domain for temporary email addresses (contains of random local part, expire date, forward address and description + a query which returns only non-expired ones)
[16:33:36] *** Kapaneus has joined #postfix
[16:33:47] <Kapaneus> yah, so i figured out what was wrong...
[16:33:55] <Kapaneus> and sure enough, it wasn't a postfix thing
[16:33:57] <Kapaneus> but dear god
[16:34:03] <Kapaneus> did i make a horrendous mistake.
[16:34:38] *** felix_da_catz has joined #postfix
[16:37:48] *** siamba has joined #postfix
[16:42:22] *** Pokshun has joined #postfix
[16:42:50] <Pokshun> Guys, I am losing my mind here.. I just installed postfix. How do I send a mail with it? ie, setup user account. sorry dumb question.
[16:42:55] *** BuenGenio has quit IRC
[16:44:26] *** loddafni1 has quit IRC
[16:45:51] <Dominian> !basic
[16:45:52] <knoba> Dominian: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[16:46:29] *** |_Knoedel_| has quit IRC
[16:48:38] *** |_Knoedel_| has joined #postfix
[16:49:51] *** karrotx has joined #postfix
[16:51:30] *** robert83a1 has quit IRC
[16:52:04] *** gdfuego has joined #postfix
[16:56:08] *** xpoint has quit IRC
[16:57:54] <gdfuego> hey folks.  A postfix mailserver I'm responsible for is exhibiting an odd behavior that I was hoping someone might help explain
[16:58:51] <gdfuego> The system is configured to accept mail for a number of domains we're responsible for.  It has a text file defining the domains to accept for, and it either forwards mail for addresses we care about to our main domain
[16:59:13] <gdfuego> the text file is defined as part of the mydestination variable
[16:59:50] <gdfuego> everything has been working fine for the domains themselves, but it seems someone has started sending mail to a subdomain of one of the domains
[17:00:01] <gdfuego> and the system is trying to relay mail for that domain rather than accepting it
[17:00:16] <gdfuego> so domain.com is accepted, test.domain.com is relayed
[17:00:35] <f3ew> !parent_domain_matches_subdomains
[17:00:36] <knoba> f3ew: "parent_domain_matches_subdomains" : a configuration parameter in main.cf: What Postfix features match subdomains of domain.tld automatically, instead of requiring an explicit .domain.tld pattern. This is planned backwards compatibility: eventually, all Postfix features are expected to require explicit .domain.tld style patterns when you really want to match subdomains.
[17:00:54] <gdfuego> Ah!  Thanks
[17:00:58] <gdfuego> That would explain it :)
[17:01:11] *** _Tino is now known as Tino
[17:01:11] *** Tino is now known as Tinozaure
[17:02:35] *** weedar has quit IRC
[17:02:47] <gdfuego> sounds like I want to remove relay_domains from that list at the very least
[17:04:05] <rob0> The official recommendation is to unset it altogether, be explicit about when you want to match subdomains.
[17:04:53] <gdfuego> ok, thanks
[17:05:50] <gdfuego> Looks good.  thanks for the help
[17:07:07] *** |_Knoedel_| has quit IRC
[17:17:03] *** weedar has joined #postfix
[17:24:28] *** hparker has quit IRC
[17:28:11] *** ayeuu has joined #postfix
[17:28:31] *** hparker has joined #postfix
[17:32:46] *** siamba has quit IRC
[17:35:41] *** deftunix has joined #postfix
[17:35:56] <deftunix> hi all, is possible customizing overquota bounce message?
[17:37:52] *** micw has quit IRC
[17:39:42] *** Knoedel2 has joined #postfix
[17:40:18] <f3ew> yes
[17:40:47] <f3ew> See bounce_template_file
[17:40:50] <f3ew> !bounce_template_file
[17:40:50] <knoba> f3ew: "bounce_template_file" : Pathname of a configuration file with bounce message templates. These override the built-in templates of delivery status notification (DSN) messages for undeliverable mail, for delayed mail, successful delivery, or delivery verification. The bounce(5) manual page describes how to edit and test template files.
[17:41:35] <deftunix> what is the DSN for overquota?
[17:42:24] <loompek> umm
[17:42:50] <loompek> postfix's smtp client should connect to the mx by default.. even if there's an a record for a domain... right?
[17:43:01] <Haris_> How do I configure the proper method for smtp/sasl auth in postfix? I'm using MD5-CRYPT in dovecot wiht it
[17:43:44] <f3ew> loompek unless yuo have told it not to
[17:44:05] <f3ew> Haris_, if smtpd advertises md5-crypt ...
[17:44:15] *** m0t3jl has joined #postfix
[17:44:26] *** SARGuy has joined #postfix
[17:44:39] <loompek> hmm
[17:44:55] *** siamba has joined #postfix
[17:45:13] <loompek> i've changed the domain on dns, flushed my local cache and the tried postsuper -r ALL
[17:45:15] <deftunix> knoba: what is the dsn for overquota?
[17:45:19] <loompek> and it still tries to connect to the ip :S
[17:47:03] <f3ew> knoba is the bot
[17:47:16] <m0t3jl> sahil, you there?
[17:49:40] <ayeuu> hi, I've got troubles with my virtual users configurations, in virtual_alias_maps; when I send a mail to "vaccount at mydomain dot tld vaccount at mydomain dot tld, another at account dot com" I've got 2 sames mails at another at account dot com and 1 in vaccount at mydomain dot tld / does anyone have an idea why I haven't got 1 normal mail to another@account ?
[17:53:24] *** m0t3jl has quit IRC
[17:53:35] *** LordDicranius has joined #postfix
[17:55:09] *** gdfuego has left #postfix
[17:56:48] *** Sieg has quit IRC
[17:58:48] *** Sieg has joined #postfix
[17:59:12] *** weedar has quit IRC
[18:00:28] <Haris_> f3ew:
[18:00:28] <Haris_> 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
[18:00:29] <Haris_> 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5
[18:00:40] <Haris_> f3ew: Do I need to rebuild it?
[18:01:42] *** UQlev has joined #postfix
[18:01:56] *** Sieg has quit IRC
[18:02:25] <Haris_> postconf can't show auth types
[18:02:33] <Haris_> which+ auth types are supported
[18:02:42] *** plee has quit IRC
[18:02:48] *** plee has joined #postfix
[18:03:18] <Dominian> That tells you what is supported...
[18:03:27] <Dominian> says right there in plaine nglish
[18:03:44] <Haris_> I understand, but as you also might have noticed md5-crypt is not there
[18:03:49] *** Sieg has joined #postfix
[18:03:54] <Haris_> The question is and remains, how do I get it in there =)
[18:04:15] *** freqmod_qu has left #postfix
[18:04:48] <Dominian> cram-md5
[18:05:05] <Haris_> I don't understand. How do I configure it in postfix?
[18:05:21] <Dominian> no idea.. I never cared to mess with cram-md5
[18:05:41] <Haris_> How do you do smtp auth
[18:05:52] <Haris_> ah, you use the submission port rather than sasl auth
[18:06:30] <Haris_> but (also) cram-md5 is listed
[18:06:31] <Dominian> uhhh
[18:06:33] <Dominian> I use sasl
[18:06:36] <Dominian> on the submission port
[18:06:50] <Haris_> so what auth method do you use?
[18:06:52] <Dominian> cram-md5 is probably listed as a supproted method because you have it enabled in your SASL provider.
[18:06:55] <Dominian> I use plain and login
[18:07:05] <Haris_> isn't that .. open?
[18:07:13] <Haris_> cleartext passwords?
[18:07:34] <cpm> sasl over tls, no worries
[18:07:38] <UQlev> Haris_: most use tls
[18:07:51] <Haris_> ah, yes, I forgot, tls
[18:07:53] <cpm> everyone *should*. Submission requires it.
[18:08:02] <Dominian> I use TLS
[18:08:10] <Dominian> TLS with SASL over port 587
[18:08:14] <Dominian> no worries
[18:08:16] <Haris_> What I'm trying to do is, keep it on a single port right now
[18:08:24] <Haris_> I can use submission later on
[18:08:33] <Dominian> You will find that will cause a administrative headache later
[18:08:45] <Haris_> hmm ?
[18:08:51] <Dominian> and if you awnt it on one port..
[18:08:53] <cpm> yup. Best to do it right. Use submission for clients, smtp for mta<->mta
[18:09:13] <Dominian> and if you want to do submission on smtp... then you have to make a change to the master.cf to effect that change iirc
[18:09:24] <Haris_> hmm
[18:09:37] *** doctor has joined #postfix
[18:09:41] *** doctor has left #postfix
[18:09:43] <Dominian> but.. setting up a seperate port you stick: permit_sasl_authenticated,reject
[18:09:46] <cpm> http://www.maawg.org/port25
[18:09:46] <Dominian> and your golden
[18:09:49] *** cilly has quit IRC
[18:10:02] <Dominian> keeps people from trying to relay through your submission port and forces authentication
[18:11:42] *** cilly has joined #postfix
[18:12:20] <seekwill> maaaaaawg
[18:12:56] *** LordDicranius has quit IRC
[18:13:12] *** Scurz has joined #postfix
[18:13:15] <Scurz> hello
[18:16:23] <cpm> Scurz, what problem?
[18:17:21] <Scurz> cpm: when I send a mail to a mail on the postfix server, I get an "user unknown"
[18:17:26] *** madrescher has quit IRC
[18:17:40] <cpm> pastebin the logs
[18:17:47] *** cilly has quit IRC
[18:17:51] <cpm> also, pastebin the output of postconf -n
[18:18:24] *** xpeed has joined #postfix
[18:18:59] <Scurz> http://pastebin.com/mc27e590 for postconf -n
[18:19:43] *** cilly has joined #postfix
[18:20:40] <Scurz> http://pastebin.com/m54ed3ff9 for the logs
[18:21:23] *** cilly has quit IRC
[18:22:44] <cpm> your virtual_alias_maps line looks really messed up. Might want to clean that up a bit.
[18:23:28] *** cilly has joined #postfix
[18:23:48] *** _sng has quit IRC
[18:23:59] <cpm> where is the address sfantar at snurf dot info defined?
[18:24:17] <cpm> in hash:/etc/postfix/virtual-snurf-info ?
[18:24:22] <Scurz> cpm: in a mysql db
[18:24:32] <cpm> which one?
[18:24:47] <Scurz> its name is postfix
[18:25:44] <cpm> I don't see a reference to a db named postfix anywhere in your config.
[18:25:58] <cpm> where is it defined?
[18:26:11] <Scurz> virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
[18:26:11] <Scurz> virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
[18:26:58] <cpm> very well.
[18:27:11] <cpm> So, which query should have that address?
[18:27:18] <cpm> doesn't matter.
[18:27:33] <cpm> run postmap -q sfantar at snurf dot info mysql:/etc/postfix/mysql-virtual_mailboxes.cf
[18:27:53] <cpm> do you get a response?
[18:27:57] <Scurz> yes
[18:27:58] <Scurz> snurf.info/sfantar
[18:28:01] <cpm> good.
[18:28:07] <Scurz> cpm: this mail worked before...
[18:28:07] <rob0> good
[18:28:23] <Scurz> but after set up of mailman, there is this problem
[18:28:57] <cpm> what transport *should* there be for sfantar at snurf dot info ?
[18:29:01] *** bluethundr has joined #postfix
[18:29:15] <cpm> because it's returning the mailman transport. I'm gonna guess you want it to return virtual
[18:29:26] <Scurz> yes
[18:29:30] <Scurz> a virtual transport
[18:29:42] <Scurz> why, postfix doesn't use the virtual transport...
[18:34:41] *** mark-use__ has quit IRC
[18:38:18] *** eanxgeek|laptop has quit IRC
[18:40:13] *** eanxgeek|laptop has joined #postfix
[18:40:34] <Haris_> Is Terminator 4 comming out?
[18:40:50] *** cilly has quit IRC
[18:42:05] *** felix_da_catz is now known as felix-da-catz_zz
[18:45:17] *** harobed has quit IRC
[18:47:30] *** Tinozaure is now known as Tino
[18:47:32] *** Tino is now known as _Tino
[18:47:44] *** xpeed has quit IRC
[19:01:53] <Kapaneus> nah
[19:04:26] *** havvg has joined #postfix
[19:05:26] *** Pokshun has left #postfix
[19:06:40] *** _Tino is now known as Tinozaure
[19:06:42] *** Tinozaure is now known as _Tino
[19:08:19] *** githogori has quit IRC
[19:14:31] *** adaptr has quit IRC
[19:14:42] *** adaptr has joined #postfix
[19:15:46] *** githogori_ has joined #postfix
[19:20:33] *** ayeuu has quit IRC
[19:29:02] *** scientes has joined #postfix
[19:30:39] <scientes> how can i make all mail that doesnt match an existing address be foward to a special address?
[19:31:19] <scientes> o there should be somehting like RoR's routes file for mail :)
[19:32:06] <seekwill> You don't want that
[19:32:19] <seekwill> Just reject it if it doesn't match an existing address
[19:32:24] <scientes> why not?
[19:32:26] <scientes> i do want it
[19:32:47] <seekwill> Why? It's better that you reject it so the person sending knows about the error immediately
[19:33:01] *** brancaleone has quit IRC
[19:33:18] <scientes> ah, but i want instantly trashable addresses
[19:33:26] <scientes> maybe with a prefix?
[19:33:32] <seekwill> Sure
[19:35:04] *** x-spec-t is now known as Spec
[19:35:26] <scientes> how?
[19:36:54] *** rouri has joined #postfix
[19:37:03] *** UQlev has quit IRC
[19:44:09] *** growltiger_ has joined #postfix
[19:45:08] *** eanxgeek|laptop has quit IRC
[19:52:23] *** tombar has quit IRC
[19:52:35] *** jiffe99 has quit IRC
[19:52:41] *** amrit|zzz is now known as amrit|wrk
[19:53:15] *** growltiger_ has quit IRC
[19:53:35] *** growltiger_ has joined #postfix
[19:55:49] *** denis_ has joined #postfix
[19:57:29] *** eanxgeek|laptop has joined #postfix
[19:58:49] *** growltiger has quit IRC
[19:59:48] *** deftunix has quit IRC
[20:00:13] *** magyar_ has quit IRC
[20:11:51] <siamba> hello!
[20:12:13] * siamba needs guide on postfix + postfixadmin + cyrus-imapd
[20:13:19] *** growltiger has joined #postfix
[20:13:24] <SARGuy> what parameter tells postfix AFTER it checks for a valid virtual alias to send it to another postfix server?
[20:14:16] <Dominian> relay_host
[20:14:25] *** randra has quit IRC
[20:14:30] <SARGuy> that does it after?
[20:14:35] *** growltiger_ has quit IRC
[20:14:36] <Dominian> unless you are doing "backup mx" services.. than I'd suggest looking at transport maps
[20:14:38] <SARGuy> i thought that sent it before
[20:14:39] <Dominian> !transport
[20:14:40] <knoba> Dominian: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[20:16:07] *** hachiya has joined #postfix
[20:29:01] *** cpm has quit IRC
[20:32:26] <Kapaneus> if you cut me, don't I bleed?
[20:32:39] *** adaptr has quit IRC
[20:32:51] *** adaptr has joined #postfix
[20:35:18] <SARGuy> dominian: if i want to have a front end server check a virtual alias table and, if the user exists, forward the message to another server for final processing, would that be transport_maps or something else.
[20:39:34] *** adaptr has quit IRC
[20:39:46] *** adaptr has joined #postfix
[20:43:34] *** jangell has joined #postfix
[20:44:35] <jangell> I currently have a qmail / vpopmail e-mail system that is about 8 years old serving 10,000 users.  The day has come where I really need to be providing IMAP service and webmail.  I'm thinking about migrating to Postfix.  Would Postfix / Dovecot be a logical choice for a high volume system?  I need to be able to support virtual users and domains (obviously) and alias domains.
[20:45:57] *** growltiger has quit IRC
[20:46:06] *** growltiger has joined #postfix
[20:46:38] *** LordDicranius has joined #postfix
[20:53:36] *** seekwill has quit IRC
[20:54:57] <PatrickDK> jangell, I do it on dovecot/postfix/horde with I forget how many users now
[20:55:25] <jangell> PatrickDK: What makes the most sense for an authentication backend?  LDAP?
[20:55:43] <PatrickDK> that highly depends
[20:55:55] <PatrickDK> I like ldap, and ldap is very nice and fits good with this application
[20:55:59] <jangell> PatrickDK: right now I'm using vpopmail with qmail using mysql.
[20:56:04] <PatrickDK> except using openldap sucks
[20:56:14] <jangell> PatrickDK: which ldap server do you use..and why does openldap sucl?
[20:56:15] <sysmonk> PatrickDK: hehe :)
[20:56:22] <PatrickDK> memory issues
[20:56:28] <PatrickDK> if it runs out of memory it crashs
[20:56:41] <PatrickDK> memory used it statically defined based on your .DB.... file
[20:56:58] *** assignme has joined #postfix
[20:56:59] <jangell> PatrickDK: my biggest concern is from a hardware side.  Right now I'm doing the 10k users with 1 smtp server and 3 pop3 servers.
[20:57:17] <jangell> PatrickDK: Does Dovecot do indexing and whatnot for POP3 connections as well?
[20:57:27] <PatrickDK> I'm doing 28k domains, webhosting, email, dns, ssh, ftp, ....
[20:57:43] <PatrickDK> all on a single quad-core 2.2ghz machine with 18gigs of ram
[20:57:49] <PatrickDK> jangell, yes
[20:58:25] <jangell> PatrickDK: Cool.  I'm thinking that Dovecot itself will save me a lot of I/O..or at least I hope.. I/O is my biggest struggle right now.
[20:58:32] *** eanxgeek|laptop has quit IRC
[20:58:37] <PatrickDK> dovecot eats i/o
[20:58:53] <jangell> PatrickDK: What do you use for storage?
[20:59:01] <PatrickDK> dovecot >=1.0.3 saves craploads of i/o compated to <1.0, 2/3 less i/o usage in my case
[20:59:14] <PatrickDK> 28 144gig 15krpm fiber drives
[20:59:28] *** brancaleone has joined #postfix
[20:59:33] <jangell> Right now I've got 40 some fiber channel disks...about the same thing...Netapp
[21:00:09] <jangell> I'm looking at moving away from that expensive crap though and just building out homemade storage servers,  NFS,  and just putting X number of domains on each 'storage server'.
[21:00:22] <PatrickDK> heh
[21:00:27] <PatrickDK> that doesn't sound safe
[21:00:36] <jangell> PatrickDK: Why is that?
[21:00:56] *** ffeynman has joined #postfix
[21:01:03] <PatrickDK> well, in the long run, it's going use up more space and more electricity
[21:01:20] <jangell> PatrickDK: I've got $150,000 into my Netapp storage system and only 8TB of space.
[21:01:24] <PatrickDK> I know the netapp performs better, and uses much less electricity than build box's
[21:01:34] <PatrickDK> you overpayed
[21:01:38] <ffeynman> hey guys! I have  quick Q... how do I increase the message attachment size? 10Mb is not enough...
[21:01:39] <jangell> PatrickDK: I can build out storage for much much much much cheaper.. electricity is dirt cheap
[21:01:40] <PatrickDK> or didn't know how to deal with netapp :)
[21:01:44] *** albertoandrade has joined #postfix
[21:01:53] <jangell> PatrickDK: no idea.  I didn't do the buying.  I've inherited all of this.
[21:01:57] <PatrickDK> I got my 4tb netapp for $12k
[21:02:05] <jangell> PatrickDK: which system?
[21:02:17] <PatrickDK> fc270
[21:02:22] <PatrickDK> I believe
[21:02:24] <jangell> PatrickDK: I have 2X Netapp 3020 controllers and 3 shelves of FC and two shelves of SATA
[21:02:32] <jangell> redundant controllers basically.
[21:02:44] <PatrickDK> ah, you have a bigger, system
[21:02:48] <PatrickDK> it's the controllers that cost
[21:03:10] <jangell> PatrickDK: The storage hurts bad though too..I dumped $30,000 into it last year and only gained about 4-5TB.
[21:03:24] *** eanxgeek|laptop has joined #postfix
[21:03:27] <jangell> I think I gained 2TB of FC and 2 TB of SATA with $30k
[21:03:52] <PatrickDK> your probably already screwed
[21:03:57] <PatrickDK> I know when you deal with netapp
[21:04:08] <PatrickDK> you have to deal with the first person that quotes you netapp equipment
[21:04:13] <PatrickDK> if you don't, it costs much more
[21:04:30] <PatrickDK> the first dealer to quote you gets 70% off list price
[21:04:33] <PatrickDK> the others don't
[21:04:44] <PatrickDK> so if you don't go with the first guy, you screw yourself
[21:05:04] <jangell> I recently built a system using Openfiler and this chassis: http://www.newegg.com/Product/Product.aspx?Item=N82E16811152034 ... $5,000 even got me 12TB of sata storage,  RAID-6,  etc..that said..the I/O is nowhere near what the Netapp is..but it doesn't ahve to be at that price
[21:05:21] <jangell> I moved 120 of my 1500 domains onto it last night..and it isn't registering any sort of I/O load.
[21:05:24] <SARGuy> ffeynman: message_size_limit
[21:05:26] <SARGuy> !message_size_limit
[21:05:26] <knoba> SARGuy: "message_size_limit" : a configuration parameter in the main.cf: The maximal size in bytes of a message, including envelope information.
[21:05:41] <ffeynman> SARGuy: thanks!!
[21:05:41] <PatrickDK> why raid6?
[21:06:10] <jangell> PatrickDK: Primarily because it was built originally as a backup server for disk to disk backups..and I wanted to be able to have two hard drive failures.  I'm just experimenting with putting some mail on it.
[21:06:27] <jangell> PatrickDK: I'm so tempted to just build about 4 of these and move all my e-mail to it...as part of this whole e-mail upgrading project.
[21:06:32] <PatrickDK> dunno, I only ever do raid10
[21:06:45] <PatrickDK> raid5 was way too many corruption issues
[21:06:50] <jangell> Then..you can buy my Netapp :)
[21:06:56] <PatrickDK> I dunno about raid6, but since it's built on raid5, hmnm
[21:06:58] <jangell> PatrickDK: What controller did you use?
[21:07:05] <PatrickDK> controller?
[21:07:09] <jangell> PatrickDK: The important thing is a *GOOD* raid card..the 3ware card I put in that was $1,200
[21:07:19] *** growltiger_ has joined #postfix
[21:07:20] <PatrickDK> it doesn't matter what controller
[21:07:26] *** Fallenou has joined #postfix
[21:07:30] <PatrickDK> it's inherent faults with the raid method itself
[21:07:38] <PatrickDK> some controllers work around those issues better than others
[21:07:40] <jangell> Hm...I've never had any RAID-5 corrupting.
[21:07:45] <PatrickDK> but nothing will totally solve the issue
[21:07:46] <jangell> corruption*
[21:07:55] <PatrickDK> when you do, you will know :)
[21:08:22] <PatrickDK> I know my adaptec cards have background consistency checks
[21:08:30] <PatrickDK> and that detects problems with raid5
[21:08:38] <jangell> PatrickDK: I suppose so.  I know the 3Ware does constant checks as well
[21:08:38] <PatrickDK> but still, that is after the fact detection
[21:08:56] <PatrickDK> I haven't seen any raid card that can solve it before it gets corrupted
[21:09:18] <jangell> PatrickDK: The main thing I'm trying to figure out right now....is what I do from a MTA/POP3/IMAP perspective..The big thing is I need to be able to do alias domains.
[21:09:26] <sysmonk> PatrickDK: you're talking about write hole?
[21:09:44] <PatrickDK> sysmonk, not sure
[21:09:54] <PatrickDK> I've gotten too pissed at it to care what it's called :)
[21:09:58] <jangell> PatrickDK: basically virtual domain abc123 has a user  john at abc123 dot com  ...I need to also add a domain test123.com as an alias domain so that you can check john at abc123 dot com mail and get john at test123 dot com mail as well
[21:10:27] <PatrickDK> jangell, you need google for that :)
[21:10:44] <miegalius> gero vakaro
[21:10:46] <PatrickDK> almost any postfix search will bring that up
[21:10:53] <sysmonk> miegalius: english only
[21:10:54] <jangell> PatrickDK: Sure,  doing that right now,  and building Postfix from source to try and build some test environment out.
[21:10:59] *** miegalius has left #postfix
[21:11:18] <jangell> I sort of dread offering webmail though..afraid of the space it may consume.
[21:11:20] *** Fallenou has quit IRC
[21:11:23] <PatrickDK> postfix uses about 4gigs of memory on my system
[21:11:47] <jangell> PatrickDK: Do you have any redundancy?
[21:11:51] <PatrickDK> ya
[21:11:59] <PatrickDK> I have two boxes, all services are on both boxes
[21:12:06] <jangell> PatrickDK: I'm thinking about doing a 2xPOP3/IMAP and 2x SMTP and then load balance all that
[21:12:13] <PatrickDK> but one box can handle full load with no problem
[21:12:44] <PatrickDK> I have 2 dovecots, 12 postfix, 2 webmail
[21:12:47] <ffeynman> what's the proper way of telling postfix to reload main.cf? doing the /etc/init.d/postfix reload  ?
[21:13:04] <PatrickDK> and 2 mysql servers
[21:13:13] <PatrickDK> technically 3 mysql, one of the slaves lives offsite
[21:13:20] *** Severed_Head_Of_ has joined #postfix
[21:13:36] <jangell> PatrickDK: So you actually are doing those 25k users with 16 servers?
[21:13:43] <PatrickDK> 25k domains
[21:13:47] <PatrickDK> no, 1 server
[21:13:54] <PatrickDK> 6 postfix installs on one server
[21:13:58] <jangell> Ah...
[21:14:01] <jangell> Why is that if I may ask?
[21:14:04] <PatrickDK> 6 postfix installs on backup server
[21:14:11] <PatrickDK> cause not all users are the same :)
[21:14:17] <jangell> I suppose so. lol
[21:14:18] <PatrickDK> and shouldn't be treated the same
[21:14:23] <PatrickDK> you have one person sign up a new account
[21:14:27] <PatrickDK> and he is a spammer
[21:14:36] <PatrickDK> so he uses smtp auth to send all his spam via you
[21:14:43] <PatrickDK> and now all your ligit people suffer cause of that
[21:14:49] <PatrickDK> cause you got rbl'ed
[21:14:49] <jangell> We're basically a web application provider and with the web application we sell and host for our clients we also provide e-mail.
[21:15:00] <assignme> ok guys i give up
[21:15:08] <assignme> if it doesnt work now i will never be able to get it to work
[21:15:19] *** _xous has joined #postfix
[21:15:21] <assignme> how do i get postfix working with multiple gmail accounts? and multiple domains?
[21:16:08] <assignme> i dont want multiple emails for 1 person. i mean i have 3 different emails for 1 domain and another 2 for another domain and i cant get anything to work. the farthest i got was exim sending from the same email no matter what user@domain i use
[21:16:47] <assignme> and i looked at online tutorials and i get errors. like when i try to sign a pem. However getting SSL, trac and svn was no problem for me and works perfectly
[21:17:16] <PatrickDK> jangell, http://10.1.11.61/munin/mail.local.your-site.com/5011.mail.local.your-site.com.html
[21:17:27] <jangell> Uhm..lol
[21:17:35] <PatrickDK> oh heh :)
[21:17:37] <assignme> can i get anyone to help me? all i need is a way to connect to google (smtp server) and then have postfix look up the password in its config list for the user php is sending it out form
[21:17:43] <PatrickDK> jangell, http://admin.your-site.com/munin/mail.local.your-site.com/5011.mail.local.your-site.com.html
[21:17:47] <PatrickDK> I like to use my vpn ip's
[21:18:47] <jangell> PatrickDK: So basically,  you're an e-mail badass :)
[21:18:51] <assignme> any help?
[21:18:53] <Scurz> does some know to fix this "(mail transport unavailable)" ? I don't manage :-(
[21:19:02] <Scurz> someone*
[21:19:08] <PatrickDK> jangell, na, it's a webhosting company, but people care much more about email than websites :)
[21:19:08] <Scurz> +how
[21:19:20] *** denis_ has quit IRC
[21:19:23] <jangell> PatrickDK: That file system usage number you're showing...is that disk utilization as reported by Netapp or what is that?
[21:19:42] <PatrickDK> technically, the webserver can be broken for a week, and no one will notice, if email goes down for >1min, they notice
[21:19:47] <hyper_ch> what are the drawbacks of running a mail server on a dynamic ip (while sending email by realying through the ISP)?
[21:19:51] <PatrickDK> jangell, depends what one your looking at
[21:20:44] <PatrickDK> iostat is local drive usage (postfix queues)
[21:21:01] <PatrickDK> nfs client = netapp usage
[21:21:02] <jangell> PatrickDK: Yeah.  Same thing for us..we're a web company..but god forbid if pop3 drops for 1/100th of a second all the phones light up
[21:21:07] *** denis_ has joined #postfix
[21:21:24] <PatrickDK> http://admin.your-site.com/munin/ny.your-site.com/netapp01.ny.your-site.com.html
[21:21:26] *** Fallenou has joined #postfix
[21:21:36] <ffeynman> wtf... I changed message_size_limit in main.cf, did a postfix reload and then after checking with postconf -d | grep message_size_limit
[21:21:37] <ffeynman> message_size_limit = 10240000  it still shows the old, 10Mb value... what am I doing wrong?
[21:22:04] <SARGuy> try without -d
[21:22:07] <ffeynman> ahh
[21:22:15] <SARGuy> having trouble with transport maps now...  trying to do a lookup on a virtual alias table then, if the user exists, send the mail to an internal server..
[21:22:16] <ffeynman> yay :D
[21:22:18] <SARGuy> anyone
[21:22:19] <jangell> PatrickDK: Oddly enough..You're numbers are all mch lower then mine...our clients tend to be higher end businesses though
[21:22:26] <ffeynman> I need a coffee! lol
[21:22:46] *** growltiger has quit IRC
[21:22:59] <PatrickDK> numbers for what?
[21:23:25] <jangell> PatrickDK: My spam is about 12 msg per second..and my Netapp NFS numbers are about 3,000 requests per second
[21:23:29] <sysmonk> mails /s  and accesses/ spam
[21:23:31] <PatrickDK> 99,764 email accounts currently
[21:23:45] <jangell> PatrickDK: How many concurrent pop3 connections do you have?
[21:23:52] <PatrickDK> jangell, I have 2million ip's in my blacklist
[21:23:56] <PatrickDK> trust me it used to be insane
[21:25:35] <PatrickDK> currently have 44 pop3 connections, and 108 imap
[21:25:51] <jangell> I hold about 150 pop3 24x7
[21:26:04] <jangell> POP3 is extremely intensive for me..rather annoying
[21:26:09] <jangell> people checking their mail every minute
[21:26:41] *** xous has quit IRC
[21:26:57] <jangell> PatrickDK: You do any consulting work on the side?  I'm the only Sys Admin here and we're seriously lacking in resources.  I need to revamp e-mail very soon and it is possible that there may be times where it makes more sense for me to just ask someone that knows what they're talking about instead of me trying to learn Postfix.
[21:27:47] <PatrickDK> I'll always around :)
[21:28:11] <sysmonk> and i'm always looking for $cash$ :P
[21:28:24] *** albertoandrade has quit IRC
[21:28:29] <sysmonk> but i can't help with dovecot, don't use it here
[21:28:32] *** growltiger_ has quit IRC
[21:28:33] <PatrickDK> I'm always on aim, under patrickdk
[21:29:07] *** tombar has joined #postfix
[21:34:08] *** growltiger has joined #postfix
[21:35:27] *** Severed_Head_Of_ has quit IRC
[21:45:34] *** Kapaneus has quit IRC
[21:47:36] *** tombar has quit IRC
[21:47:56] *** tm-30740-exa has quit IRC
[21:48:12] *** assignme has quit IRC
[21:48:16] *** vertigo has quit IRC
[21:49:49] *** xpoint has joined #postfix
[21:56:43] *** tm-30740-exa has joined #postfix
[21:57:02] *** tm-30740-exa has quit IRC
[22:00:08] *** rouri has quit IRC
[22:01:07] *** m0t3jl has joined #postfix
[22:08:24] <Scurz> bye !
[22:08:24] *** Scurz has left #postfix
[22:13:28] <hyper_ch> I just wonder, what advantage does it have to run a mailserver on a dedicated IP? I mean you can use a dynamic IP to receive mail and for sending relay it through the ISP.... furthermore what's the difference between TLS and SSL connectiosn for IMAP....
[22:13:39] *** F6F has joined #postfix
[22:20:30] <js_> hm, how do i specify user passwords when using the hash format of virtual_mailbox_maps?
[22:21:35] <jangell> hyper_ch: What do you mean by a "dynamic ip" ?
[22:21:47] <hyper_ch> jangell: dsl connection that changes once in a while
[22:21:48] <jangell> hyper_ch: Do you mean a dns name with a real short TTL and some automated way of updating it?
[22:22:31] <jangell> hyper_ch: You need a DNS record which informs a mail server where to deliver e-mail for your domain
[22:22:38] <hyper_ch> jangell: I have that
[22:22:50] <jangell> hyper_ch: How is it updated if your IP address changes?
[22:22:53] <hyper_ch> jangell: everdns.net --> with a perl script
[22:23:16] <jangell> hyper_ch: Okay.  Do you really want to trust your mail being successfully delivered to DNS TTL values?
[22:23:26] <jangell> hyper_ch: I can tell you that some DNS servers don't honor them.
[22:23:40] <hyper_ch> jangell: I setup a backup mailserver
[22:23:50] <jangell> hyper_ch: You can try it.  It'll probably work.  Personally,  I wouldn't bother..but to each their own :()
[22:23:53] <jangell> * :)
[22:23:55] *** karrotx has quit IRC
[22:24:11] <hyper_ch> jangell: well, I think I can convince my boss getting a fixed IP ;)
[22:24:29] <jangell> hyper_ch: If you're trying to do business mail I would highly encourage you to do that.
[22:24:39] <PatrickDK> most issues with dynamic ip's is reverse dns
[22:24:51] <PatrickDK> most mailservers blacklist dynamic ip's and dynamic looking dns
[22:25:02] <hyper_ch> that's why I relay through the ISP
[22:25:07] <hyper_ch> the outgoing mail
[22:25:19] <PatrickDK> for just incoming, you should be fine
[22:25:35] <jangell> PatrickDK: Are you using mysql or ldap for authentication?
[22:25:51] <jangell> PatrickDK: It really scares the hell out of me to try and convert my entire vpopmail mysql structure to ldap...
[22:25:52] <PatrickDK> mysql
[22:26:05] <jangell> PatrickDK: Although I found this random guy with a script that claims to do it: http://www.unix.gr/vpop2ldap/
[22:26:34] <PatrickDK> I've had nothing but memory issues with openldap, so I have gotten away from using it
[22:26:53] <PatrickDK> if openldap has a nicer backend, that wasn't sleepycat, it wouldn't be so bad
[22:27:04] <PatrickDK> but the only other real option is mysql backend, and that defeats the point
[22:28:11] <jangell> PatrickDK: I'm trying to figure out how hard it'll be to continue using vpopmail....hopefully I can get some sort of test working.
[22:29:06] *** havvg has quit IRC
[22:29:08] *** hparker has quit IRC
[22:39:52] *** hparker has joined #postfix
[22:45:15] *** Samus_Aran has joined #Postfix
[22:45:46] <Samus_Aran> does Postfix have any options to distribute sending amongst several relay hosts ?
[22:46:10] <PatrickDK> yep, that is built into DNS, it's called MX record
[22:46:14] <wdp_> Samus_Aran, how u mean exactly?
[22:46:17] <Dominian> !transport
[22:46:18] <knoba> Dominian: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[22:46:19] <Dominian> !relay_host
[22:46:20] <knoba> Dominian: Error: "relay_host" is not a valid command.
[22:46:23] <Dominian> damni t
[22:46:24] <Dominian> !relay
[22:46:25] <knoba> Dominian: Error: "relay" is not a valid command.
[22:46:28] <Dominian> knoba: screw you
[22:46:30] <Dominian> :)
[22:46:35] <wdp_> yeah.. transport.
[22:47:58] <Samus_Aran> wdp_: I am using relayhost to send through an SMTP server.  I would like to distribute the sending over four different SMTP servers, so mail doesn't use only one of them
[22:48:22] <Samus_Aran> PatrickDK: this isn't related to DNS or MX records
[22:48:22] <PatrickDK> I still say using MX is the way to go :)
[22:48:26] <wdp_> Samus_Aran, someone else asked something similar here, he wanted to send a mail twice to two different servers.
[22:48:27] <PatrickDK> why not?
[22:48:30] <wdp_> Samus_Aran, thats not working.
[22:48:47] <Dominian> !transport @ Samus_Aran
[22:48:47] <knoba> Dominian: Error: "transport" is not a valid command.
[22:48:49] <PatrickDK> you setup mx 10 mailserver1
[22:48:49] <Dominian> bah
[22:48:52] <PatrickDK> mx 10 mailserver2
[22:48:53] <PatrickDK> ...
[22:48:54] <Dominian> !transport
[22:48:55] <knoba> Dominian: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[22:48:59] <Dominian> ^^^^^^^^^^^^^^^^^^^
[22:49:00] <PatrickDK> then you port relayhost at it
[22:49:01] <Samus_Aran> PatrickDK: I have four SMTP accounts that I want to send through.  they are fixed domains, usernames and passwords.  I just want to alternate sending between them
[22:49:01] <PatrickDK> done
[22:49:13] <PatrickDK> oh, then your screwed :)
[22:49:38] <PatrickDK> you never said anything about usernames and passwords
[22:50:20] *** hyper_ch has left #postfix
[22:52:42] <Samus_Aran> so nobody else has any suggestion for how this might be accomplished ?
[22:57:41] *** jimpop has joined #postfix
[23:03:38] *** F6F has quit IRC
[23:07:45] *** bluethundr has quit IRC
[23:14:04] *** davidj has joined #postfix
[23:18:53] *** vertigo_ has joined #postfix
[23:19:05] *** vertigo_ is now known as vertigo
[23:20:04] *** vertigo is now known as vertigo_
[23:26:47] *** ffeynman has quit IRC
[23:33:54] *** Zeit|awy has joined #postfix
[23:35:54] *** githogori_ has quit IRC
[23:39:11] *** githogori_ has joined #postfix
[23:42:43] *** radius has quit IRC
[23:42:54] *** radius has joined #postfix
[23:43:22] *** radius is now known as Guest25850
[23:50:36] *** Guest25850 has left #postfix
[23:51:00] *** radius has joined #postfix
[23:51:54] *** radius has left #postfix
[23:54:14] *** davidj has quit IRC
[23:54:36] *** shawnh has joined #postfix
[23:55:57] *** adaptr has quit IRC
[23:56:08] *** adaptr has joined #postfix
[23:56:40] *** radius has joined #postfix
[23:57:33] <shawnh> Greetings.  I'm trying to accomplish a certain goal, and I've got a concern about the efficiency of my solution.  I need all mail *originating from* and *destined to* a set of domains to be CCd to a certain account.  I was thinking of using header_checks to accomplish this.
[23:58:50] <shawnh> any thoughts?
[23:59:20] <sysdef> maybe procmail?
[23:59:28] *** keffer has joined #postfix





top