[00:05:13] *** deadpigeon has quit IRC
[00:12:12] <skeeziks> Is it possible to bind to LDAP using Kerberos when using ldap_table?
[00:12:28] <skeeziks> Er, SASL/GSSAPI?
[00:37:17] *** VaNNi has quit IRC
[00:37:49] *** VaNNi has joined #postfix
[00:38:30] *** VaNNi has quit IRC
[00:39:01] *** VaNNi has joined #postfix
[00:51:41] *** bluethundr has quit IRC
[00:53:25] *** war9407 has quit IRC
[00:54:38] *** hever has quit IRC
[01:00:12] *** LordDicranius has quit IRC
[01:00:31] *** SARGuy has quit IRC
[01:02:48] *** jangell has quit IRC
[01:03:47] *** jra has joined #postfix
[01:05:20] *** madrescher has joined #postfix
[01:06:29] *** shasta has quit IRC
[01:06:45] *** madrescher1 has quit IRC
[01:07:40] *** Vince42 has quit IRC
[01:08:05] *** Vince42 has joined #postfix
[01:09:50] *** shasta has joined #postfix
[01:14:43] *** brancaleone has quit IRC
[01:18:47] *** standel has quit IRC
[01:21:24] *** siamba has joined #postfix
[01:21:39] *** freelock has joined #postfix
[01:22:26] <freelock> hey there, we're migrating to a new postfix server, and having trouble with regexps
[01:22:47] <freelock> the same config file/regexp file that works on one server is broken on another
[01:22:49] *** wyze has joined #postfix
[01:23:03] *** Zumu has joined #postfix
[01:23:04] <freelock> how do we tell if we have regexp support available in postfix?
[01:23:41] *** miegalius has quit IRC
[01:23:55] *** miegalius has joined #postfix
[01:25:36] <rob0> postconf -m
[01:26:25] <freelock> thanks, just found that... regexp is there.
[01:27:29] *** vivia has left #postfix
[01:27:32] <freelock> error we're getting: regular expression substitution is not allowed: skipping this rule
[01:27:51] <freelock> this for every pattern in the regexp file
[01:28:12] <freelock> pattern looks like this:
[01:28:28] <freelock> whoops, wrong pase
[01:28:33] <freelock> s/pase/paste/
[01:28:38] *** keffer has quit IRC
[01:28:47] <freelock>  /^spam\+([[:alnum:]_-]+\ at freelock\ dot com)$/       dspam-miss:$1
[01:29:48] <freelock> this is used as a transport map
[01:31:35] <freelock> I don't see any errors in the regexp--has something changed so that postfix no longer does substitution?
[01:38:38] *** ikaro has quit IRC
[01:38:40] *** ikaro has joined #postfix
[01:40:13] <rob0> look in transport(5)
[01:40:54] *** balu has joined #postfix
[01:41:36] <balu> can anybody help me with a postfix problem
[01:42:24] *** standel has joined #postfix
[01:42:25] <balu> http://pastebin.com/d35d82a56
[01:42:31] *** xpoint has quit IRC
[01:44:22] <freelock> ah, rob0, thanks... looks like that's something that was added to 2.5.3
[01:44:40] <freelock> s/2.5.3/2.3/
[01:44:50] <freelock> we're moving from 2.2 to 2.5.
[01:45:04] <freelock> Will have to rewrite our transports to not use substitution
[01:48:25] *** jra has quit IRC
[01:48:37] *** wyze has quit IRC
[01:55:09] *** ming_zym has joined #postfix
[01:55:18] *** growltiger has joined #postfix
[02:00:46] *** ikaro has quit IRC
[02:05:20] *** Severed_Head_Of_ has joined #postfix
[02:08:42] *** madrescher has quit IRC
[02:09:54] *** growltiger_ has quit IRC
[02:13:06] *** balu2 has joined #postfix
[02:16:21] *** ikaro has joined #postfix
[02:18:50] *** growltiger has quit IRC
[02:19:18] *** felipe_ has quit IRC
[02:19:33] *** growltiger has joined #postfix
[02:20:41] *** freelock has quit IRC
[02:22:31] *** Zeit|awy has quit IRC
[02:27:43] *** standel has quit IRC
[02:29:24] *** balu has quit IRC
[02:34:12] *** balu2 has quit IRC
[02:34:20] *** Severed_Head_Of_ has quit IRC
[02:38:49] *** HorizonXP has joined #postfix
[02:39:31] <HorizonXP> why does postfix connect to my MySQL db, find the e-mail user, thus finding the Maildir, yet still determine that it couldn't find the user? my postconf -n output: http://pastebin.ca/1282208
[02:40:52] *** zer0mdq has quit IRC
[02:44:19] <lunaphyte> HorizonXP: probably because the result isn't formatted as postfix wants it.  use postmap to debug your lookup maps.
[02:46:09] <HorizonXP> lunaphyte: ok will do. i have another question. i have a user named vmail that is supposed to be able to chdir into the user's maildir, but anytime i try to login via pop, it fails due to permissions. maildirmake creates the folder without r+x permissions. is this correct and i've configured something wrong, or should i chmod r+x the directory?
[02:52:04] *** freelock has joined #postfix
[02:57:12] *** hparker has quit IRC
[03:03:42] *** Knoedel2 has quit IRC
[03:03:57] <HorizonXP> postmap query shows that it is finding my user in the mysql tables. logs confirm this.
[03:11:51] *** hparker has joined #postfix
[03:12:19] *** growltiger_ has joined #postfix
[03:12:30] *** growltiger has quit IRC
[03:17:11] *** jangell has joined #postfix
[03:17:51] <jangell> Anyone in here use LDAP with Postfix?  I'm trying to think of a method of laying out my schema so that a virtual domain can ahve alias domains which work for all the users of that virtual domain.
[03:19:37] *** zer0mdq has joined #postfix
[03:21:36] *** githogori has quit IRC
[03:28:40] *** LordDicranius has joined #postfix
[03:29:37] *** amrit|wrk is now known as amrit|afk
[03:36:11] *** nphase_ has joined #postfix
[03:36:54] *** HorizonXP has left #postfix
[03:36:55] *** keffer has joined #postfix
[03:38:39] *** nphase_ has quit IRC
[03:44:54] <lunaphyte> jangell: sounds straightforward enough.
[03:49:56] <cite> Good morning.
[03:53:42] <jangell> lunaphyte: I was told that I couldn't wildcard one domain to the other..because that would create backscatter issues..any insight?
[03:54:17] <lunaphyte> wildcards generate backscatter - no need for any insight.
[03:56:09] <jangell> lunaphyte: How woudl I accomplish it without a wildcard?
[04:14:55] <sahil> jangell: as you were told; write a script to replicate the spirit behind creating the wild card.  get to the goal; don't spew backscatter.
[04:17:11] <jangell> sahil: must you show up again :)
[04:17:49] <jangell> sahil: Actually..I'm trying to figure out a way if I can structure my ldap query or something to do just that..
[04:19:06] <sahil> *sigh*
[04:19:11] <sahil> ok, enjoy yourself.
[04:19:41] <rob0> sahil, let's pick on lunaphyte.
[04:20:03] <rob0> lunaphyte: you smell bad, and your mom dresses you funny.
[04:20:26] <sahil> rob0: not hungover from your drinking escapades last night? :)
[04:21:01] <rob0> A bit of a headache in the night, but thankfully it was gone by morning.
[04:21:45] <cite> Spoken like a true driking pro ;-)
[04:21:50] <cite> drinking*
[04:22:08] *** mavrick61 has quit IRC
[04:22:12] <rob0> hmmm ... now that would be something, to be a drinking pro
[04:22:39] <cite> Sendmail pro -> drinking pro -> Postfix pro.
[04:23:14] *** mavrick61 has joined #postfix
[04:23:49] <cite> We literally "lost" a mailserver last night.
[04:24:17] <rob0> Did you look behind the filing cabinets?
[04:24:56] <cite> We were moving our mailgateways to a new location and the truck carrying mx5 (and the Nokia IP380s, BTW) had an accident.
[04:25:07] <rob0> ouch
[04:26:11] <cite> Well, it _was_ raining at 8pm, and between 8pm and 10pm, temperature here dropped from +1 to -6.
[04:26:37] <Dominian> cite: so the mailserver didn't pull through?
[04:27:00] <cite> I'm afraid I don't know what "pull trhough" means.
[04:27:40] <Dominian> did it survive the accident?
[04:28:19] <cite> Nope. Driver wasn't injured too bad, but the all of the routers, firewalls and servers are broken.
[04:28:51] <rob0> This is what you call a device driver problem.
[04:28:57] <cite> rofl
[05:18:10] <sahil> cute.
[05:23:52] *** githogori has joined #postfix
[05:28:54] *** bhagat has joined #postfix
[05:36:07] *** pickcoder has joined #postfix
[05:53:26] *** pickcoder has quit IRC
[05:53:59] *** pickcoder has joined #postfix
[05:57:06] *** saurabhb has joined #postfix
[05:58:02] *** Motoko-chan has joined #postfix
[06:07:27] *** jtaji has joined #postfix
[06:07:29] *** hparker has quit IRC
[06:13:59] *** amrit|afk is now known as amrit
[06:14:06] *** eshear has quit IRC
[06:18:29] *** pickcoder has quit IRC
[06:22:30] *** kk_CHN has joined #postfix
[06:39:13] *** munga has quit IRC
[06:44:30] *** Xzisted has quit IRC
[06:46:22] *** Keizer has quit IRC
[06:47:52] *** Xzisted has joined #postfix
[06:48:31] *** Keizer has joined #postfix
[06:58:15] *** xpoint has joined #postfix
[07:03:16] *** amason_ has quit IRC
[07:07:19] *** Keizer has quit IRC
[07:07:51] *** amason_ has joined #postfix
[07:08:01] *** githogori has quit IRC
[07:09:47] *** Keizer has joined #postfix
[07:39:46] <Keizer> Sup
[07:45:32] <xpoint> dont run / install glibc 2.9 on gentoo, portage does not work after this
[07:46:12] <xpoint> i know there is a few gentoo users here, so no need to be where i am now :(
[07:59:02] *** jeet2k123 has joined #postfix
[07:59:05] <amason_> xpoint: can you chroot into it via a livecd and update the glibc-so ?
[07:59:55] <xpoint> no
[08:00:16] <xpoint> https://bugs.gentoo.org/show_bug.cgi?id=250342 thats the problem i have here
[08:03:23] *** Fallenou has joined #postfix
[08:03:47] *** Fallenou has quit IRC
[08:07:48] *** leyoda has joined #postfix
[08:10:02] *** antdedyet has quit IRC
[08:10:23] *** antdedyet has joined #postfix
[08:10:44] *** growltiger has joined #postfix
[08:15:04] *** Motoko-chan has quit IRC
[08:15:51] *** leyoda has quit IRC
[08:21:45] *** ming_zym has quit IRC
[08:24:32] *** growltiger_ has quit IRC
[08:30:28] *** growltiger has quit IRC
[08:30:38] *** growltiger has joined #postfix
[08:34:43] *** ming_zym has joined #postfix
[08:36:33] *** sophokles has quit IRC
[08:36:52] *** sophokles has joined #postfix
[08:42:24] *** Haris1 has joined #postfix
[08:47:33] *** phnord has joined #postfix
[08:47:44] *** micw has joined #postfix
[08:47:47] <micw> hi
[08:49:04] <micw> i try to get dkim (milter) running. the it seems to work and adds "dkim=... header.i=unknown". is this ok? i have read that normaly it is header=domain.com.
[08:51:19] *** amrit is now known as amrit|zzz
[08:53:23] *** kk_CHN has quit IRC
[08:54:56] *** nxmehta has joined #postfix
[08:58:37] *** growltiger_ has joined #postfix
[09:09:40] *** growltiger_ has quit IRC
[09:09:58] *** growltiger_ has joined #postfix
[09:12:20] *** denis has joined #postfix
[09:12:26] *** growltiger has quit IRC
[09:23:34] <micw> any idea how i get postfix+dk-milter to reject unsigned mails if the policy forces signature? actually the header shows that the check failed but it is not rejecting
[09:25:48] *** brancaleone has joined #postfix
[09:27:44] *** madrescher has joined #postfix
[09:28:57] *** saurabhb has quit IRC
[09:30:34] *** Filbert has quit IRC
[09:31:44] *** growltiger_ has quit IRC
[09:31:57] *** growltiger has joined #postfix
[09:33:15] *** saurabhb has joined #postfix
[09:34:32] *** Filbert has joined #postfix
[09:37:36] *** Keizer has quit IRC
[09:38:33] *** madrescher has quit IRC
[09:43:36] *** LordDicranius has quit IRC
[09:45:12] *** growltiger has quit IRC
[09:45:19] *** growltiger has joined #postfix
[09:45:49] *** Keizer has joined #postfix
[09:54:34] *** growltiger has quit IRC
[09:54:35] *** growltiger_ has joined #postfix
[09:56:58] *** war9407 has joined #postfix
[10:08:13] *** growltiger has joined #postfix
[10:13:10] *** sophokles has quit IRC
[10:13:28] *** rexwin has joined #postfix
[10:13:32] *** sophokles has joined #postfix
[10:20:52] *** growltiger_ has quit IRC
[10:27:29] *** felipe_ has joined #postfix
[10:35:18] *** samix has joined #postfix
[10:39:03] *** kruzi has quit IRC
[10:42:01] *** cilly has joined #postfix
[10:44:47] *** sophokles has quit IRC
[10:47:28] *** madrescher has joined #postfix
[10:57:56] *** cilly has quit IRC
[10:58:44] *** onre has quit IRC
[11:00:43] *** |_Knoedel_| has joined #postfix
[11:08:16] *** jeet2k123 has quit IRC
[11:08:36] *** wdp has joined #postfix
[11:11:18] *** cilly has joined #postfix
[11:14:37] *** xpoint has quit IRC
[11:14:43] *** rouri has joined #postfix
[11:16:53] *** rouri has quit IRC
[11:17:48] *** miegalius has quit IRC
[11:18:03] *** miegalius has joined #postfix
[11:21:01] *** sophokles has joined #postfix
[11:21:47] *** sophokles has quit IRC
[11:21:59] *** jangell has quit IRC
[11:24:31] *** jangell has joined #postfix
[11:29:59] *** nxmehta has quit IRC
[11:30:17] *** cilly has quit IRC
[11:31:36] *** jangell has quit IRC
[11:40:31] <micw> anyone has an idea if to prefer dkim or spf? i guess, with spf i get an equal security but have lot easier setup, right?
[11:43:59] *** rexwin has quit IRC
[11:48:39] *** pirho has joined #postfix
[11:50:32] *** Tex-Twil has joined #postfix
[11:50:44] *** Tex-Twil has left #postfix
[11:56:25] *** Roobarb has joined #postfix
[11:59:51] *** jaclinuxhelp has joined #postfix
[12:01:43] *** wdp_ has joined #postfix
[12:02:00] <jaclinuxhelp> i've succesfully setup my multilink box at work (http://lartc.org/howto/lartc.rpdb.multiple-links.html), but now i need postfix to send mail always through my ppp0 connection (200.107.224.16), even when i setup my default gateway to eth1 network def. gw (192.168.1.1), how can i do that ?
[12:04:12] <f3ew> See smtp_bind_address
[12:04:15] <f3ew> !smtp_bind_address
[12:04:16] <knoba> f3ew: "smtp_bind_address" : a configuration parameter in the main.cf: An optional numerical network address that the SMTP client should bind to when making a connection.
[12:05:25] *** wdp has quit IRC
[12:08:02] <jaclinuxhelp> mmmm
[12:08:56] <jaclinuxhelp> so... my LAN friend at 192.168.1.3 opens its outlook, with its account on 192.168.1.5 (smtp and imap there)
[12:09:41] <jaclinuxhelp> then writes an email, press send and receive... its SMTP ... client? (outlook is the SMTP client?) makes the connection to my box (192.168.1.5)
[12:10:39] <jaclinuxhelp> and then postfix at 192.168.1.5 receives the mail form him and then sends it to destination.domain... (person at destination dot domain)
[12:11:11] <jaclinuxhelp> but... on 192.168.1.5 i have two outputs to internet, ppp0 and 192.168.1.1
[12:11:40] <jaclinuxhelp> you say, if i use that parameter smtp_bind_address, and set it to a fixed ip (ppp0 ip) it solves my problem?
[12:12:17] <jaclinuxhelp> but postfix... is the SMTP "server", not "client" as help says ? i dont understand that
[12:14:52] <jelly> jaclinuxhelp: it's both... when it sends mail to another MTA, it's a smtp client (smtp).  When it listens for incoming connections and receives mail, it's a smtp server (smtpd)
[12:15:25] <jaclinuxhelp> great
[12:15:27] <jaclinuxhelp> i ll try
[12:19:34] <f3ew> your desktop is the client, Postfix is the server on smtpd
[12:19:51] <f3ew> When Postfix sends mail out, it's the smtp client, aka smtp
[12:19:59] <jaclinuxhelp> yeah, i got it
[12:21:22] <jaclinuxhelp> so setting smtp_bind_addres to ppp0 ip address, i solve my problem of postfix ALWAYS sending though that interface, even when my default gateway points to other gateway, right ?
[12:27:58] *** cilly has joined #postfix
[12:28:46] *** mark-use has joined #postfix
[12:31:38] <f3ew> yes
[12:33:41] *** macsim`work has joined #postfix
[12:33:52] <macsim`work> hi, I got this error in mailq (temporary failure. Command output: maildrop: authlib: groupid=2000)
[12:34:15] <macsim`work> is it normal or is it an error I have to fix ?
[12:35:24] *** loddafnir has joined #postfix
[12:36:18] *** jaclinuxhelp has quit IRC
[12:41:03] <f3ew> macsim`work something you need to fix, I don't know how
[12:51:40] *** wdp_ has quit IRC
[12:54:03] <macsim`work> f3ew, hum it's a maildrop problem your think ?
[12:54:43] <f3ew> yes
[12:54:50] <macsim`work> f3ew, oki thanks
[12:59:18] *** scientes has quit IRC
[13:11:17] *** randra has joined #postfix
[13:11:35] *** k4z has joined #postfix
[13:14:56] <k4z> Hi, when the option: inet_interfaces = localhost - is it possible to sending email to the world? (i understand that only world will not be able to send email to me)?
[13:15:46] <f3ew> k4z yes
[13:16:17] <k4z> f3ew: thanks ;-)
[13:17:02] *** Roobarb has quit IRC
[13:22:17] *** cpm has joined #postfix
[13:25:20] *** rouri has joined #postfix
[13:30:19] *** micw has quit IRC
[13:33:15] *** Roobarb has joined #postfix
[13:33:28] *** bhagat has quit IRC
[13:33:42] *** denis has quit IRC
[13:33:55] *** denis_ has joined #postfix
[13:59:07] *** rour has joined #postfix
[14:01:28] *** albertoandrade has joined #postfix
[14:04:26] *** rouri has quit IRC
[14:07:25] *** samix has quit IRC
[14:08:17] *** Roobarb has quit IRC
[14:08:39] *** wdp has joined #postfix
[14:12:32] *** Roobarb has joined #postfix
[14:13:32] *** pirho has quit IRC
[14:14:30] *** pirho has joined #postfix
[14:19:20] *** pirho has quit IRC
[14:20:27] *** pirho has joined #postfix
[14:27:18] *** ming_zym has quit IRC
[14:33:21] *** saurabhb has quit IRC
[14:38:07] *** Roobarb has quit IRC
[14:56:17] *** glad_work has quit IRC
[14:57:12] *** glad_work has joined #postfix
[15:00:58] *** denis_ has quit IRC
[15:07:22] *** munga has joined #postfix
[15:07:39] *** Roobarb has joined #postfix
[15:17:41] *** albertoandrade has quit IRC
[15:21:20] *** ejik has joined #postfix
[15:28:03] *** felix-da-catz_zz is now known as felix_da_catz
[15:35:19] *** zzz has joined #postfix
[15:37:00] <zzz> Hi! I' ve a server  (AAA) with a lots of virtual users and domains, and an other "empty" server (BBB). If i want to make an mx backup from BBB, do i need to have the full structure of AAA on BBB? I mean, the virtual domain settings, etc, or just a simply install, and the 3 entry which makes mx backup from BBB?
[15:38:15] <roe_> !transport
[15:38:16] <knoba> roe_: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[15:38:57] <roe_> you want some kind of address verification, but I would create a transport map for each domain
[15:42:06] *** Roobarb has quit IRC
[15:46:07] *** Roobarb has joined #postfix
[15:55:15] *** jimpop has joined #postfix
[16:06:02] *** deadpigeon has joined #postfix
[16:06:36] *** pumbac has joined #postfix
[16:07:26] <pumbac> !check_client_access
[16:07:27] <knoba> pumbac: "check_client_access" : Search the named access database for the client name, parent domains, client address, or networks obtained by stripping least significant octets. Reject if the result is REJECT or [45]XX text . Permit otherwise
[16:07:57] <pumbac> how to whitelist an IP ?
[16:08:17] <pumbac> because it's not a fqdn host
[16:09:36] *** reisi has quit IRC
[16:20:06] *** eanxgeek|laptop_ has quit IRC
[16:21:05] *** bluethundr has joined #postfix
[16:24:22] *** bluethundr has quit IRC
[16:30:50] *** Kako has joined #postfix
[16:31:12] *** eanxgeek|laptop has joined #postfix
[16:32:09] *** cilly has quit IRC
[16:37:32] *** karrotx has joined #postfix
[16:38:35] *** rour has quit IRC
[16:41:39] *** SeJo is now known as masterhumper
[16:42:00] *** masterhumper is now known as SeJo
[16:42:52] *** KaiForce has joined #postfix
[16:44:29] <KaiForce> is it ok to have the different parts of an SPF record broken up into multiple records?  i.e.  "v=spf1" in one record, "ip4:192.168.1.1" in another etc?
[16:44:38] *** hparker has joined #postfix
[16:45:40] *** LordDicranius has joined #postfix
[16:48:50] *** Kako has quit IRC
[16:49:06] *** denis has joined #postfix
[16:52:24] *** bluethundr has joined #postfix
[16:58:37] *** albertoandrade has joined #postfix
[17:00:01] *** hparker has quit IRC
[17:01:42] <dotplus> pumbac: did you look in man pages? access(5) and also cidr_table(5) are relevant
[17:05:33] *** hparker has joined #postfix
[17:06:28] *** eanxgeek|laptop has quit IRC
[17:06:40] *** eanxgeek|laptop has joined #postfix
[17:07:30] *** |_Knoedel_| has quit IRC
[17:14:24] *** dustybin has joined #postfix
[17:15:38] <dustybin> i been applying for _lots_ of jobs, and i havent had any replies, it was only to my horror, that my emails were being sent from 'dustybin at blablabla dot net'. i would like to change my mailfrom address, is the /etc/alias file the correct place to change that?
[17:18:00] *** seekwill has joined #postfix
[17:18:44] <rob0> the MUA sets the sender address
[17:19:03] <dustybin> squirrelmail?
[17:19:24] *** Haris has joined #postfix
[17:19:38] <rob0> Seeing as how I don't know what MUA you used, what should I say in reply to that? "Maybe."
[17:21:30] *** madrescher has quit IRC
[17:24:41] *** mrichman has joined #postfix
[17:25:41] <mrichman> I am trying to do mandatory TLS. I have smtp_tls_security_level = encrypt and smtp_enforce_tls = yes, but I still do not get "530 Must issue a STARTTLS command first"
[17:26:53] *** balu has joined #postfix
[17:27:07] *** balu has left #postfix
[17:31:32] *** madrescher has joined #postfix
[17:33:04] *** F6F has joined #postfix
[17:33:45] <rob0> !smtp!=smtpd
[17:33:45] <knoba> rob0: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[17:35:37] *** dustybin has left #postfix
[17:39:06] <cite> I could need some help here. Due to several "lost" servers, we had to modify transport tables on our two remaining gateways.
[17:39:38] <cite> I have verified that the new transport setting is correct by submitting mail. Afterwards, I reprocessed all 21k mails in queue with postsuper -r all.
[17:39:55] <cite> This should have been easy as cake, but unfortunately, the _reprocessed_ mails still use old transport map entries.
[17:40:33] <cite> And yes, I verified they were really reprocessed, I have the logs right *there* in front of my eyes, burning into my retinal cells as if mocking me.
[17:42:22] *** balu2 has joined #postfix
[17:45:16] *** phnord has quit IRC
[17:47:56] *** darkphader has joined #postfix
[17:49:45] *** balu2 has left #postfix
[17:53:32] *** standel has joined #postfix
[17:53:55] *** standel has quit IRC
[17:54:57] *** cedric3 has quit IRC
[18:02:04] <rob0> cite, man postsuper, see -r
[18:02:42] *** albertoandrade has quit IRC
[18:02:55] <cite> rob0: How could I have possibly made a mistake in typing "postsuper -r ALL"? I mean, I can _see_ that the mails were picked up by pickup again...
[18:03:41] <rob0> all != ALL
[18:04:12] <cite> Yeah, sorry, that was a typing mistake in IRC. Still, not relevant, they _were_ reprocessed :-)
[18:04:17] <rob0> oh
[18:06:44] *** albertoandrade has joined #postfix
[18:07:27] * cpm reprocesses rob-84x^
[18:07:32] <cpm> doh!
[18:07:37] <cpm> rob0 even!
[18:07:54] * cpm curses tab complete on first match
[18:08:06] <KaiForce> it does need cursing
[18:10:04] <rob0> ncurses!
[18:14:14] <cite> OK. I will go to our server room and kick the damn thing really *hard*.
[18:14:40] *** sekhmet has left #postfix
[18:14:41] <cite> If that works, I'm gonna sue rob0 for breaking my foot.
[18:15:55] <jp-> i was trying to setup a filter for stripping attachments based on recipient address + transport_maps, i.e., foo at someplace dot com smtp:[127.0.0.1]:filter_port  and the filter is to reinject the mail when it's done for delivery, this creates a loop so i wanted to use a seperate instance for submission from this filter, but you can override transport_maps from master.cf, it's global, which again creates a loop. any suggestions?
[18:16:22] <jp-> s/can override/can't override/
[18:16:25] *** darkphader has quit IRC
[18:19:58] <cite> rob0: Damn you. My foot hurts like hell and the mails are still not routed according to our new transport map.
[18:20:11] <cite> rob0: That's all your fault!!1! ;-)
[18:21:59] *** denis has quit IRC
[18:22:23] <randra> Does some exist problem in using the mailscanner with the postfix? it`s not recommended
[18:22:24] <randra> ?
[18:22:36] <Dominian> mailscanner works fine with postfix.
[18:22:43] <Dominian> However I recently switched to maia mailguard/amavisd
[18:23:04] *** blackflag has quit IRC
[18:23:10] *** jangell has joined #postfix
[18:23:22] <rob0> cite, I hereby nominate you as an honorary American, for litigation above and beyond the call of silliness.
[18:25:49] *** albertoandrade has quit IRC
[18:26:21] <cite> I thankfully accept such an exceptional distinction.
[18:27:15] *** blackflag has joined #postfix
[18:27:20] <randra> Dominian i have mailguard configured and looking switch to mailscanner
[18:27:53] <Dominian> why?
[18:31:00] *** albertoandrade has joined #postfix
[18:33:14] <Dominian> randra: I had some issues with mailwatch not syncing properly with what I wanted... plus maia mailguard does authetntication via IMAP.. so I don't need to create seperate accounts for mailwatch and postfix for authentication.. worked out well
[18:34:08] *** denis has joined #postfix
[18:39:58] *** darkphader has joined #postfix
[18:40:28] *** xpoint has joined #postfix
[18:41:52] *** madrescher has quit IRC
[18:43:38] *** Stavros1 has joined #postfix
[18:44:06] <Stavros1> hello
[18:44:32] <Stavros1> i have a server that is only used to send mail (the mx entries for the server are set to google), is there a downside to setting the postfix port to something other than 25?
[18:45:02] <Dominian> nope
[18:45:10] <Dominian> If its only sending.. and not receiving email...
[18:45:12] <Dominian> no worries
[18:45:26] <Stavros1> Dominian: ah, thanks
[18:45:40] <Stavros1> a recent spam incident has left me thinking that i should change the port to something high
[18:46:55] <Stavros1> how can i change the port, by the way?
[18:47:45] *** Fallenou has joined #postfix
[18:48:28] <shasta> what port, by the way? :>
[18:48:46] <rob0> If you're not receiving mail, disable smtpd.
[18:49:10] <Stavros1> rob0: how can i send mail then, though?
[18:49:20] <shasta> !smtp!=smtpd
[18:49:21] <knoba> shasta: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[18:49:25] <Stavros1> shasta: 2... err!
[18:49:41] <Stavros1> no, i send mail on behalf of other computers
[18:49:45] <Stavros1> my personal ones
[18:49:54] <Stavros1> i.e. i connect to the server to send mail through it
[18:50:06] <Stavros1> can i do that through ssh?
[18:50:11] <Stavros1> without launching smtpd?
[18:51:30] *** blackflag has quit IRC
[18:52:08] <Stavros1> oh wait, that was ssl
[18:52:09] <Stavros1> never mind
[18:52:12] <Dominian> eh
[18:52:18] <Dominian> you can still submit email to the postfix server with smtpd disabled
[18:52:30] <Stavros1> Dominian: yes, but not from a mail client, no?
[18:52:33] <Dominian> just enable submission for internal clients.. have them auth to the server that way to send email
[18:52:40] <Stavros1> a remote one, i mean
[18:52:47] <Dominian> You said you wouldn't be receiving email right?
[18:52:53] <Stavros1> Dominian: that's right
[18:53:04] <Dominian> But sending through the server.. use smtp_auth
[18:53:05] <Stavros1> i just want thunderbird on my laptop to send mail through that remote server
[18:53:06] <Dominian> !submission
[18:53:06] <knoba> Dominian: Error: "submission" is not a valid command.
[18:53:10] <Dominian> !smtp_auth
[18:53:11] <knoba> Dominian: Error: "smtp_auth" is not a valid command.
[18:53:14] <Dominian> damn it
[18:53:15] <Dominian> !auth
[18:53:16] <knoba> Dominian: Error: "auth" is not a valid command.
[18:53:17] <Dominian> !sasl
[18:53:18] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[18:53:20] <Dominian> There!
[18:53:21] <Dominian> damn!
[18:53:36] <Stavros1> i use sasl now
[18:53:44] <Dominian> on port 587?
[18:53:47] <Stavros1> but i want to disable it altogether if possible, since i'm the only one using it
[18:53:51] *** nat2610 has joined #postfix
[18:53:52] <Stavros1> Dominian: no, 25
[18:54:02] <Dominian> then move it to the submission port whichi s 587.. then disable smtpd
[18:54:20] <Stavros1> hmm
[18:54:29] <Stavros1> isn't that the same as running smtpd with auth on 25?
[18:54:43] <Dominian> yep but if you don't want port 25 open.. just use 587
[18:54:58] <rob0> spammers probe 25 constantly
[18:55:03] <Stavros1> Dominian: ah, i've changed it to a non-standard one, 587 is pretty standard too
[18:55:04] <Stavros1> rob0: agree
[18:55:11] <Dominian> eh
[18:55:24] <Dominian> If you use a firewall to block inbound 25 from the itnernet and inbound port 587 from the internet.. no worries
[18:55:42] <Stavros1> Dominian: it's not on a local network :/
[18:55:47] <Stavros1> otherwise i would
[18:55:51] <Dominian> wha..
[18:55:59] <Dominian> alright.. well then put submission on a different port
[18:56:01] * Dominian shrugs
[18:56:04] <Stavros1> it's a server on the internet
[18:56:04] <Dominian> dunno what else to tell you
[18:56:12] <Stavros1> Dominian: that's what i did :P
[18:56:19] <Stavros1> i was wondering if there was a way to send mail through SSH
[18:56:24] <Stavros1> for a remote client, i mean
[18:56:36] <nat2610> Hi, I've a question related more to emails than postfix ... we are getting a lot of spam those days and I'm trying to understand the headers of some of the spams  we are getting to understand where it's coming from.
[18:56:36] <Stavros1> thunderbird logs in to the server with ssh and uses smtp to send the mail
[18:56:57] <Dominian> Stavros1: of course.. create an ssh tunnel
[18:57:03] <KaiForce> ssh tunnel
[18:57:08] <Stavros1> Dominian: oh, interesting
[18:57:20] <nat2610> is the sender of the email is the last Received ?
[18:57:25] <Stavros1> so block the port and create a tunnel on the local machine?
[18:57:31] <Dominian> nat2610: Trying to track the original sender will be next to impossible
[18:57:35] <Dominian> Stavros1: yes
[18:57:40] <Stavros1> Dominian: that's a great idea, thanks!
[18:57:49] <Dominian> Stavros1: no problem .. good luck
[18:57:59] <Stavros1> is there a way for me to tell postfix to only listen to localhost?
[18:58:18] <nat2610> Is there anything that we can do ?
[19:00:19] <lunaphyte_> nat2610:  define "sender".
[19:00:32] <shasta> !inet_interfaces
[19:00:33] <knoba> shasta: "inet_interfaces" : a configuration parameter in the main.cf: The network interface addresses that this mail system receives mail on. By default, the software claims all active interfaces on the machine. The parameter also controls delivery of mail to user at [ip dot address]. If your server does not react to connection attempts on a certain interface you should check this setting.
[19:00:42] <shasta> Stavros1, ^^^^^^
[19:01:12] <Stavros1> ah, thank you
[19:01:42] <nat2610> lunaphyte, what do you mean ?
[19:02:15] <lunaphyte_> that's _my_ question.  what do _you_ mean?
[19:02:50] <rob0> What do you mean, what do you mean what do you mean?
[19:03:40] <Stavros1> do be do be dooo
[19:03:41] <lunaphyte_> maybe we should vote on what a "sender" is.  i vote that it's a human person.
[19:04:16] <Stavros1> i vote it's a computer person
[19:04:17] <nat2610> lunaphyte, I m looking at some of the spam we keep getting and I'm trying to find a solution to reduce it ... we have spam filters but it's going through so I'm hopping I can find something inside the header that would help me to identity it as a spam
[19:06:08] <lunaphyte_> i hate waiting for food to cool.
[19:06:42] <lunaphyte_> nat2610: step 1 is to reject anything and everything you can get away with rejecting.  are you doing that?
[19:06:46] <nat2610> they are some easy thing that make those emails obvious that they are spam ... so I see some that have the same from and to ... so there is for example an email jobs at mycompany dot com ... and I see emails From : jobs@mycompany To: jobs at mycompany dot com
[19:06:51] *** blackflag has joined #postfix
[19:07:09] <lunaphyte_> that step alone will almost invariably combat a huge percentage of spam.
[19:09:27] *** loddafnir has quit IRC
[19:09:50] *** Stavros1 has left #postfix
[19:10:05] <nat2610> there is no way to analyze the header and define that an email isn't coming from jobs at mycompany dot com ?
[19:10:08] <nat2610> for example ?
[19:10:25] *** EasilyOdd has quit IRC
[19:11:45] <shasta> you can only trust the headers inserted by MTAs you're in charge of
[19:11:48] <shasta> ie. yours
[19:11:51] *** Fallenou has quit IRC
[19:12:19] <shasta> all other headers can be fake
[19:12:58] <nat2610> shasta, yeah good point. :( so there is really nothing we can do
[19:13:16] *** oekotaco has joined #postfix
[19:13:32] <lunaphyte_> sure, analyze away.  most people who start playing games with empirical header inspection quickly end up coming to their senses or playing with knives and listening to morrissey.
[19:13:45] <shasta> pgp :)
[19:13:48] <oekotaco> hi. maybe anyone can help. i need to setup postfix that i can login as user@host but i'm using pam authentication. any idea?
[19:14:53] <lunaphyte_> nat2610: reject, don't bounce; greylist if you can; use a decent spam tagging software (and invest in it's configuration and training).
[19:15:44] <rob0> "Login" is not a Postfix concept. Users only connect briefly to send, and if they have to AUTH, they do it each time.
[19:20:31] <oekotaco> ok auth. how can i prepare postfix to auth as user@host? :D
[19:21:03] <stockholm> how can i make postfix send to the submission port (of the smarthost) by default?
[19:21:27] <rob0> !sasl
[19:21:27] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[19:21:54] <rob0> !relayhost
[19:21:54] <knoba> rob0: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination. If your relay host requires authentication see the !saslclient channel factoid.
[19:22:23] *** blackflag has quit IRC
[19:22:36] <rob0> relayhost = [name.or.relayhost]:587
[19:22:46] <rob0> s/or/of/
[19:25:12] *** amrit|zzz is now known as amrit|wrk
[19:28:29] <mrichman> Is there a way to enable/disable mandatory TLS on a per-client domain basis? Say abc.com should be required to connect with TLS, while xyz.com can use opportunistic?
[19:30:33] *** blackflag has joined #postfix
[19:31:19] *** blackflag has quit IRC
[19:31:36] *** darkphader has quit IRC
[19:34:39] *** rimad has joined #postfix
[19:35:34] <rimad> hey guys, i am sending some emails to members of my website, i use another server and i connect to it remotely...i wrote a little program in perl to do all sending but the thing is that it takes very long in betwen emails
[19:35:47] <rimad> any idea how to speed this up?
[19:37:53] *** devdas has joined #postfix
[19:42:08] *** blackflag has joined #postfix
[19:42:50] *** SARGuy has joined #postfix
[19:44:51] <shasta> mrichman, you can use smtp_tls_policy_maps for the client part
[19:45:02] <mrichman> shasta: cool thanks
[19:50:11] <mrichman> shasta: where can I find the format of the tls_policy file that points to?
[19:52:03] *** wdp has quit IRC
[19:53:17] <shasta> http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps
[19:53:32] <shasta> remember that's for _client_ side of postfix
[19:53:47] <shasta> (the one that *sends* emails)
[19:54:00] <mrichman> shasta: yes, i want to restrict which CLIENTS connect via mandatory TLS
[19:54:43] <shasta> sigh
[19:54:58] <mrichman> ?
[19:56:06] <shasta> then that's not what you're looking for.
[19:56:18] <mrichman> maybe i'm not asking the right question
[19:56:47] <devdas> permit_tls_client_certs?
[19:56:57] <mrichman> right now i'm set up for opportunistic TLS on the server....i want to set up mandatory for a subset of client connections
[19:57:30] <shasta> point them to separate postfix (smtpd) instance
[19:57:40] <shasta> or write a policy delegation daemon
[19:59:12] *** freelock has quit IRC
[19:59:22] <mrichman> ouch
[19:59:33] <mrichman> how do I set up two instances that share 25/tcp ?
[19:59:38] *** albertoandrade has quit IRC
[19:59:54] <shasta> on the same IP? you can't
[19:59:56] <sysdef> you don't
[20:00:11] <mrichman> i guess i'd put one on my private IP and the other on my public IP?
[20:00:27] <shasta> we can't guess without knowing your scenario
[20:00:28] <sysdef> hmm
[20:00:59] <sysdef> try a port redirect via iptables
[20:01:05] <mrichman> i have an internal web app which needs to send out email, but doesnt support TLS (ASP.NET 1.1)....and external clients which connect to the same postfix instance via TLS
[20:01:51] <shasta> and those "external clients", are you in charge of all of them?
[20:02:00] <sysdef> is there a way to start postfix with an other port?
[20:02:27] *** Haris has quit IRC
[20:02:34] <shasta> because you _must not_ use mandatory TLS encryption on a publicly-referenced smtp server
[20:03:00] <shasta> (because you can't make all the servers around the world use TLS just because you want them to :>)
[20:03:32] <devdas> shasta: for some clients? It's a local policy
[20:03:56] <devdas> shasta: that would depend on the contractual relationship between you and the entity running those servers
[20:04:24] <shasta> i'm talking about smtpd_tls_security_level=encrypt
[20:04:31] <devdas> If you are in the financial industry, being able to use TLS is pretty much mandatory
[20:04:37] <devdas> ah
[20:05:09] <mrichman> i have no control over the external clients....their requirements for my project mandate I have mandatory TLS (opportunistic is insufficient for them)
[20:05:55] <mrichman> and yes, i'm in finance ;)
[20:06:17] <shasta> does 'mrichman' stand for "I'm a rich man"? ;)
[20:06:23] <mrichman> Mark Richman
[20:06:28] <mrichman> and i wish i were ;)
[20:06:28] <sysdef> so you should have enough money for a second machine
[20:06:36] <devdas> or a second IP
[20:06:42] <devdas> Or use a different port
[20:06:44] <mrichman> they didnt have money for a first machine...these are all VMware
[20:07:01] <sysdef> *sigh*
[20:07:08] <shasta> policy delegation ftw
[20:07:15] <mrichman> "i just work here" lol
[20:08:05] <shasta> connection from whatever_criteria_you_need && no ssl? => REJECT 550 use TLS, dude
[20:08:41] *** randra has quit IRC
[20:08:46] <shasta> mrichman, http://www.postfix.org/SMTPD_POLICY_README.html
[20:08:49] *** Haris_ has joined #postfix
[20:09:25] <mrichman> thanks
[20:15:02] *** githogori has joined #postfix
[20:19:26] *** brancaleone has quit IRC
[20:20:11] <Haris_> I only have squid listening for requests on the LAN interface
[20:21:29] <Haris_> oops
[20:21:30] <Haris_> wrong place
[20:21:54] <sysmonk> Haris_: trying to proxy smtp through squid? :P
[20:22:13] *** jtaji has quit IRC
[20:23:13] <Haris_> Na.. I got too many public IPs to setup an MTA on
[20:23:20] <Haris_> trying to help a guy in #squid
[20:23:37] <Haris_> he wants the internet to see squid box's IP, rather than the LAN client's IP
[20:24:18] *** GoGi has joined #postfix
[20:24:42] *** Haris_ is now known as Haris
[20:35:59] *** growltiger_ has joined #postfix
[20:39:11] *** xpoint has quit IRC
[20:41:27] *** bmunat has joined #postfix
[20:41:48] *** ki__ has quit IRC
[20:43:41] <miegalius> gero vakaro
[20:44:47] <bmunat> i'm trying to tweak email address validation for our website and we use postfix as our MTA; wondering if postfix will accept and queue any email with an address it considers valid, regardless of what the destination server thinks is valid?
[20:44:53] *** miegalius has left #postfix
[20:45:28] <bmunat> in other words, I was going to run through a list of email addresses with punctuation in them to see what postfix rejects... will that be enough?
[20:47:08] <bmunat> or, is there a definitive list of what punctuation postfix considers acceptable in email addresses? haven't been able to find anything like that and the RFC is definitely more permissive than postfix
[20:47:39] <sysmonk> bmunat: you could use reject_unverified_recipient
[20:47:49] <sysmonk> which would connect to the remote server and try to send email there
[20:47:55] <bmunat> hmm
[20:47:56] <sysmonk> if server rejects it - postfix will to
[20:48:01] <sysmonk> !reject_unverified_recipient
[20:48:02] <knoba> sysmonk: "reject_unverified_recipient" : a configuration parameter in the main.cf: A sender or recipient address is verified by probing the nearest MTA for that address, without actually delivering mail. Probe messages are like normal mail, except that they are never delivered, deferred or bounced; probe messages are discarded.
[20:48:24] <bmunat> interesting
[20:48:57] <bmunat> the problem is that I'm working on our email validation regex, which is used when the user signs up
[20:49:11] *** growltiger has quit IRC
[20:49:25] <bmunat> i could theoretically make the sign up fail if the email can't be sent and turn on reject_unverified_recipient
[20:51:11] *** carl- has joined #postfix
[20:51:51] <sysmonk> um, not the best idea, as reject_unverified_recipient will reject with a temporary failure if the probe mail takes too long to check
[20:52:11] <sysmonk> so even if the recipient is valid, it will reject with a temp failure
[20:52:19] <sysmonk> s/will/might/
[20:53:14] <bmunat> good point
[20:53:28] *** mikealeonetti has joined #postfix
[20:53:54] *** growltiger has joined #postfix
[20:54:26] <bmunat> i think the boss would be very nervous about that... we just want an address validation regex that won't allow anything that will puke... can't figure out what's allowed or not tho
[20:54:32] <sysmonk> i'm not sure i remember any place which says what recipients postfix thinks of valid, but afair it's rfc compatible
[20:55:07] <sysmonk> bmunat: have you seen the regex which matches the rfc email address specification? :P
[20:55:29] <mikealeonetti> are there any good guides with setting up anti spam for postfix? I'm trying to look on google but nothing amazing comes up
[20:55:41] <devdas> !cheatsheet
[20:55:42] <knoba> devdas: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[20:55:46] <devdas> See
[20:55:51] <mikealeonetti> thanks
[20:56:05] <bmunat> the rails plugin we use claims to follow the regex to the letter and looks like it does to me
[20:56:12] <sysmonk> bmunat: try to eat this for regexp ;P http://ex-parrot.com/~pdw/Mail-RFC822-Address.html
[20:56:57] *** albertoandrade has joined #postfix
[20:57:10] <bmunat> however, the RFC allows !, but postfix rejects that because it's used in UUCP addresses... and I think there were other differences
[20:57:14] *** Motoko-chan has joined #postfix
[20:57:40] <bmunat> oh yeah... saw that while researching this a while back :-o
[20:58:07] *** albertoandrade has quit IRC
[20:58:39] <bmunat> I'm thinking I'll just write a little script that runs through a list of addresses, each one with a questionable punctuation mark and see what postfix does
[20:58:59] <sysmonk> (or check the source)
[20:59:07] *** madrescher has joined #postfix
[20:59:13] *** dustybin has joined #postfix
[20:59:19] <dustybin> when one sends a email to a big busy orginization, the email can be left at the end of a very big que, is there a way to malfrom the email so it reaches the top of the que?
[21:00:05] <mikealeonetti> so this suggest that rule based checking for keywords with something like spamassassin is bad?
[21:00:10] <mikealeonetti> or nto as good?
[21:00:13] <bmunat> sysmonk: you wouldn't happen to know what source file would have the address validation would you? :-)
[21:00:49] <devdas> dustybin: no
[21:00:59] <dustybin> dam :(
[21:01:25] <devdas> Postfix will retry in ~ 30 minutes to an hour
[21:04:31] *** growltiger_ has quit IRC
[21:15:51] *** jtaji has joined #postfix
[21:19:10] *** brancaleone has joined #postfix
[21:23:56] *** Fallenou has joined #postfix
[21:24:21] *** blackflag has quit IRC
[21:25:45] <stockholm> how can i make postfix send to the submission port (of the local smarthost) by default?
[21:28:47] *** mcp has quit IRC
[21:29:05] <devdas> relayhost = smtp:[ip]:587
[21:29:31] *** wdp has joined #postfix
[21:29:50] *** mcp has joined #postfix
[21:30:11] *** seekwill has quit IRC
[21:31:07] *** madrescher1 has joined #postfix
[21:32:15] *** madrescher has quit IRC
[21:32:23] *** brancaleone has quit IRC
[21:32:36] *** blackflag has joined #postfix
[21:33:49] <rob0> I provided the same answer to the same question by the same nick, 2 hours ago.
[21:34:44] *** LeeQ has joined #postfix
[21:34:48] <LeeQ> HALP!
[21:35:18] <LeeQ> I'm trying to set up sasl smtp-auth for my postfix
[21:35:41] *** denis__ has joined #postfix
[21:35:44] <LeeQ> it is successfully connecting to my mysql DB, but denying permission
[21:36:01] <LeeQ> anyone in here not idle?
[21:36:26] *** denis__ has quit IRC
[21:38:55] <devdas> uh?
[21:39:02] <devdas> Isn't that a MySQL config issue?
[21:39:17] <LeeQ> it's not denying permission to mysql
[21:39:38] <devdas> but you are getting a permission denied
[21:39:45] <LeeQ> testsaslauthd -u test -p test
[21:39:46] <LeeQ> connect() : Permission denied
[21:39:59] <LeeQ> not permission denied for mysql
[21:40:06] <LeeQ> from saslauthd
[21:40:35] <LeeQ> the mysql logs show that it is looking in the proper places for the username and password
[21:41:05] <LeeQ> I'm using PAM
[21:41:47] *** donald2 has joined #postfix
[21:42:17] <Haris> !smtpd_tls_security_level
[21:42:18] <knoba> Haris: Error: "smtpd_tls_security_level" is not a valid command.
[21:42:23] <Haris> wow
[21:42:59] <LeeQ> auth required pam_mysql.so user=user passwd=password host=localhost db=maildb table=users usercolumn=id passwdcolumn=pass crypt=1 md5=1
[21:43:38] <rimad> why is submitting emails really slow on my server? it takes like 2 seconds in betwen emails...
[21:43:45] <rimad> any way to speed this up?
[21:43:57] <rob0> Get out and push!
[21:43:59] * cpm guesses it's a dns lookup thing
[21:44:07] <rob0> Push!!
[21:44:33] * cpm has an abdominal hernia, avoids pushing
[21:44:35] <stockholm> devdas: do i have to give the IP?
[21:44:43] <rimad> cpm, was that for me?
[21:44:54] * Haris pushes rob0 *push* *push*
[21:45:02] <stockholm> devdas: i could do that, in any case.
[21:45:09] *** brancaleone has joined #postfix
[21:45:15] *** Tino is now known as _Tino
[21:45:16] <Haris> you! have a hernia?
[21:45:20] *** cpm has quit IRC
[21:45:23] *** _Tino is now known as Tinozaure
[21:45:30] <Haris> comming out of your abdomin? :P
[21:45:30] <devdas> or hostname
[21:45:43] *** donald2 has quit IRC
[21:46:21] <Haris> in main.cf I have only set smtpd_tls_cert_file
[21:46:40] <Haris> Do I need to set something else for sasl/smtp auth, tls auth to work?
[21:47:08] *** denis has quit IRC
[21:47:15] <Haris> do I need to set smtp_tls_cert_file?
[21:47:18] <Haris> oops
[21:47:24] <Haris> Correction: smtp_tls_key_file
[21:50:14] *** jimpop has quit IRC
[21:51:07] <Haris> How the heck do I get around this -> 535 5.7.8 Error: authentication failed: Invalid authentication mechanism <- from postfix ?
[21:52:56] <LeeQ> Haris: I am working off of this article: http://www.starbridge.org/spip/spip.php?article1
[21:53:17] <LeeQ> and it seems to be really well put together (aside from the parts in french :-P)
[21:53:52] <stockholm> devdas: per default, if no hostname is given, it will look up the mx for the own domain and use that as a smarthost.
[21:54:23] *** cilly has joined #postfix
[21:54:26] <devdas> remove the []
[21:54:38] <LeeQ> except that I can't get the SASL to authenticate
[21:56:23] <Haris> I don't understand this tutorial
[21:56:44] <Haris> this file -> /etc/postfix/sasl/smtpd.conf is referenced no where on that page
[21:57:06] <Haris> !smtp_sasl_mechanism_filter
[21:57:07] <knoba> Haris: Error: "smtp_sasl_mechanism_filter" is not a valid command.
[21:58:22] *** internat1 has quit IRC
[21:58:36] *** dustybin has left #postfix
[21:59:06] *** devdas has left #postfix
[21:59:07] *** bmunat has quit IRC
[22:02:19] *** freelock has joined #postfix
[22:03:37] <Haris> why does postfix give the -> 535 5.7.8 Error: authentication failed: Invalid authentication mechanism <- error?
[22:03:43] <Haris> ?
[22:08:33] *** gutocarvalho has joined #postfix
[22:11:16] *** ejik has left #postfix
[22:15:34] <SARGuy> I have aliases setup to redirect root mail to an external address however it's still delivering internal.  ideas?
[22:16:15] <stockholm> SARGuy: i had to use recipient-canonical-maps
[22:16:38] <SARGuy> hmmm
[22:17:34] <SARGuy> doesn't that just rewrite the address?  I already have that to rewrite root to root at my dot mailsystem.com but I have it under smtp_generic_maps
[22:22:25] *** GoGi has quit IRC
[22:22:32] *** jra has joined #postfix
[22:27:52] <Haris> is tehre a way to configure mechanism?
[22:27:59] <Haris> I tried the said keyword
[22:28:00] <Haris> didn't help
[22:29:47] <Haris> do I need to install saslauthd?
[22:30:01] <Haris> its fbsd. I only installed postfix+mysql here
[22:30:50] *** Internat has joined #postfix
[22:31:10] *** mark-use has quit IRC
[22:31:15] <Haris> guys?
[22:33:15] <rob0> is it cyrus SASL?
[22:33:19] <Haris> nope
[22:33:22] <Haris> dovecot sasl
[22:33:33] *** growltiger_ has joined #postfix
[22:33:38] <rob0> mechanisms in dovecot.conf
[22:33:40] <Haris> dovecot is using md5-crypt as default_auth_scheme
[22:33:43] <rob0> see the wiki
[22:33:52] <Haris> auth works via IMAP port
[22:33:56] <Haris> doesn't work via smtp auth
[22:35:29] <Haris> postfix+dovecot+mysql is enough, for sasl auth, right? or do I need to install saslauthd?
[22:35:58] <Haris> nope
[22:36:07] <Haris> I don't have to install any other authd
[22:36:11] <Haris> why isn't auth working ?
[22:36:29] <Haris> what do I need to set in postfix, so it can auth against dovecot+mysql?
[22:36:33] <rob0> for server sasl, sure, but Dovecot doesn't do client sasl.
[22:36:42] <Haris> it does
[22:36:44] <Haris> via socket
[22:36:56] <rob0> link?
[22:37:04] <Haris> hold on, checking
[22:38:23] *** freelock has quit IRC
[22:39:39] <rob0> http://www.postfix.org/SASL_README.html#versions :: "Dovecot protocol version 1 (server only, Postfix version 2.3 and later)"
[22:39:41] <Haris> in dovecot.conf
[22:39:48] <Haris> under socket listen { section
[22:40:00] *** Severed_Head_Of_ has joined #postfix
[22:40:33] <Haris> # postconf -a
[22:40:33] <Haris> cyrus
[22:40:33] <Haris> dovecot
[22:40:40] <Haris> postconf -A only returns cyrus
[22:41:10] <Haris> ok, so that means, postfix doesn't support client based auth with dovecot?
[22:41:14] <Haris> or client auth?
[22:41:22] <Haris> what's the difference between server and client auth?
[22:42:07] <rob0> !smtp!=smtpd
[22:42:08] <knoba> rob0: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[22:42:29] <rob0> (smtp = client = sends mail) (smtpd = server = receives mail)
[22:43:18] <Haris> ok, so dovecot does apply
[22:43:28] <Haris> why is postfix then saying the mechanism is wrong
[22:46:00] <Haris> I have dovecot listent to socket path = /var/spool/postfix/private/auth
[22:46:06] <Haris> that postfix also uses
[22:46:09] <Haris> this part is ok
[22:46:18] <Haris> the mechanism is not set properly somewhere for postfix
[22:46:32] <Haris> its set to md5-crypt and works for dovecot
[22:46:58] <Haris> that means, I can receive mail, see it via IMAP, but can't send it
[22:47:00] <Haris> atm.
[22:48:26] *** growltiger has quit IRC
[22:49:42] *** gutocarvalho has quit IRC
[22:49:52] *** KaiForce has quit IRC
[22:52:39] *** growltiger_ has quit IRC
[22:53:16] <LeeQ> my mechanism is working, but giving me a  warning: SASL authentication failure: Password verification failed
[22:53:20] *** glad_work has quit IRC
[22:53:33] <LeeQ> and I have tried md5, encrypt, plaintext
[22:53:36] <LeeQ> all to no avail
[22:53:45] *** Tinozaure is now known as Tino
[22:53:48] *** Tino is now known as _Tino
[22:55:46] *** Rockj has quit IRC
[22:55:57] *** Xjs has quit IRC
[22:55:57] *** adaptr_ has quit IRC
[22:57:01] *** Rockj_ has joined #postfix
[22:57:02] *** adaptr has joined #postfix
[23:00:11] *** war9407 has quit IRC
[23:05:07] *** Xjs has joined #postfix
[23:09:51] *** freelock has joined #postfix
[23:10:06] *** McJerry has joined #postfix
[23:10:15] *** Deddi has quit IRC
[23:10:37] *** _Tino is now known as Tino
[23:10:37] *** Tino is now known as Tinozaure
[23:12:47] *** f0ner00t has joined #postfix
[23:12:47] <f0ner00t> Hello how is everyone doing today?
[23:14:23] *** bluethundr has quit IRC
[23:15:22] *** F6F has quit IRC
[23:16:34] <LeeQ> ah... look at this error:
[23:16:49] <LeeQ> postfix/smtpd[14763]: sql_select option missing
[23:16:49] <LeeQ> postfix/smtpd[14763]: auxpropfunc error no mechanism available
[23:16:49] <LeeQ> postfix/smtpd[14763]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
[23:17:09] <LeeQ> Hi f0ner... I am doing poorly
[23:17:28] <LeeQ> been trying to get this smtp-auth working since before lunch time... it is now almost 5:30pm
[23:17:51] *** wdp has quit IRC
[23:18:42] *** pickcoder has joined #postfix
[23:18:43] *** karrotx has quit IRC
[23:20:20] *** Deddi has joined #postfix
[23:20:42] *** McJerry has quit IRC
[23:21:02] *** war9407 has joined #postfix
[23:23:33] <LeeQ> ok, who knows about PAM?
[23:25:18] <pickcoder> it's great stuff for pans
[23:26:17] <rob0> How are you testing?
[23:26:50] <pickcoder> I spray it on and cook with.. but that's just me
[23:26:58] <pickcoder> heh
[23:27:05] *** pirho has quit IRC
[23:27:11] *** growltiger has joined #postfix
[23:27:24] *** war9407 has quit IRC
[23:27:39] *** Severed_Head_Of_ has quit IRC
[23:27:49] * pickcoder goes back to the newsletter maling
[23:29:09] *** LordDicranius has quit IRC
[23:29:27] *** LordDicranius has joined #postfix
[23:30:05] <jra> I started with Slackware partly because it came without PAM, so...
[23:30:47] *** McJerry has joined #postfix
[23:31:50] *** mikealeonetti has left #postfix
[23:32:06] * pickcoder knows enough to break it and fix it
[23:32:10] *** Deddi has quit IRC
[23:32:29] <f0ner00t> Is anybody good with setting up Mail on a server?
[23:32:52] * pickcoder wishes he could get more throughput between local mail servers
[23:33:26] <pickcoder> f0ner00t: ask the question on your mind
[23:33:26] *** carl- has quit IRC
[23:33:36] *** albertoandrade has joined #postfix
[23:34:24] <f0ner00t> Pickcoder: I am setting up my own mail server on my Debian box. But I do not know how to start and I need asistance.
[23:34:30] <pickcoder> !basic
[23:34:32] <knoba> pickcoder: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[23:35:19] <f0ner00t> Pickcoder: Is this email based or postfix based?
[23:36:02] <pickcoder> huh?
[23:36:37] <f0ner00t> The link that pickcoder gave... What is this for?
[23:36:42] <f0ner00t> I mean knoba.
[23:36:43] <f0ner00t> Sorry
[23:37:23] <pickcoder> it's an how-to guide for beginners
[23:37:32] <pickcoder> for postfix setup
[23:37:36] <pickcoder> s/an/a
[23:38:16] *** non-sequitir has joined #postfix
[23:38:52] <LeeQ> any actual help available for PAM sql smtp-auth failure?
[23:38:56] <jra> E-mail!? This is Spa...ostfix!
[23:39:27] <Keizer> Damn I am getting connection refused when I try to download my e-mail but I can send no problem
[23:39:30] <pickcoder> LeeQ: sorry.. never setup MySQL as a pam auth method
[23:39:45] <pickcoder> I've seen lots of how-tos on the web though
[23:39:55] <Keizer> I just setup mysql as pam auth method
[23:40:01] <LeeQ> I've been reading them all afternoon
[23:40:09] <Keizer> I can send but I can't download my e-mail
[23:40:21] <Keizer> I keep getting connection refused
[23:40:26] <LeeQ> I can't send, but I can download my email :-P
[23:40:27] *** drate has joined #postfix
[23:41:02] <pickcoder> Keizer: postfix does not do POP or IMAP
[23:41:18] *** Deddi has joined #postfix
[23:41:23] <pickcoder> try #dovecot, #courier, etc
[23:41:25] <jra> yeah, patches welcome
[23:41:26] <drate> I am trying to setup a postfix/dovecot mail server per the instructions given in the Ubuntu documentation
[23:41:30] <f0ner00t> Pickcoder: I need to read more about postfix.
[23:41:33] <rob0> Any actual answer for my question?
[23:41:34] <drate> I seem to have run into a problem with SASL
[23:41:36] <drate> http://pastebin.com/d7a4b5be1
[23:41:53] <f0ner00t> pickcoder: If my port 25 smtp is blocked.. Can I use another port?
[23:41:57] <pickcoder> f0ner00t: so go to that link
[23:41:59] <drate> from what i've read it has to do with the line pointing to private/auth-client
[23:42:19] <drate> anybody have any ideas?
[23:42:34] <pickcoder> f0ner00t: yes but you will need another MX to relay from port 25 there to your custom port
[23:42:39] *** McJerry has quit IRC
[23:43:06] <pickcoder> or use an address to address:port forward on another machine outside
[23:43:20] <f0ner00t> I will defintly do that.
[23:43:22] <LeeQ> do_auth         : auth failure: [user=ME] [service=smtp] [realm=bellviewsoft.com] [mech=pam] [reason=PAM acct error]
[23:43:33] <f0ner00t> MY ISP blocks the port.. So I will have to find an outside relay.
[23:43:55] <rob0> drate, my idea is that you didn't read the Dovecot wiki about setting up dovecot.
[23:44:41] <drate> rob0 why are you here?
[23:45:12] <rob0> To pester pickcoder.
[23:45:27] <rob0> pickcoder: You smell bad, and your mom dresses you funny.
[23:45:39] <pickcoder> nertz to you
[23:46:07] * pickcoder sends a mail bomb to rob0:25
[23:46:48] <f0ner00t> beback in a little while
[23:46:49] *** f0ner00t has quit IRC
[23:47:07] <LeeQ> ok, pam is talking to MySQL and it looks like it is getting the data it needs, but is giving this error:
[23:47:13] <LeeQ> do_auth         : auth failure: [user=lee at bellviewsoft dot com] [service=smtp] [realm=bellviewsoft.com] [mech=pam] [reason=PAM acct error]
[23:47:58] <LeeQ> and teh interwebs are failing me
[23:48:32] <jra> that's the best about it: you're never alone with failing on the intarwebs
[23:49:11] <rob0> Does your realm bellviewsoft.com have a user=lee at bellviewsoft dot com ? Or is it a "user=lee" ?
[23:50:56] <LeeQ> username is lee at bellviewsoft dot com
[23:51:36] *** Deddi has quit IRC
[23:51:45] *** McJerry has joined #postfix
[23:52:04] <drate> well, thanks for the insults
[23:52:17] <drate> have fun bein "1337"
[23:52:19] *** drate has quit IRC
[23:54:01] <rob0> Oh my, a fragile ego ... I wonder if he was able to understand that I gave him a helpful suggestion?
[23:54:22] <pickcoder> you are sometimes a bit cryptic
[23:54:59] <rob0> zr? pelcgvp?!?
[23:55:16] <LeeQ> he put 1337 in quotes... I don't think he understood :-P
[23:55:33] <shasta> ab jnl!
[23:58:40] <rob0> It's very telling that he found an insult in "my idea is that you didn't read the Dovecot wiki about setting up dovecot."
[23:59:40] *** hever has joined #postfix
[23:59:43] <rob0> Okay Lee, so again, how are you testing? What MUA?





top