[00:00:55] *** BillyBop has quit IRC
[00:10:14] *** jtaji has joined #postfix
[00:17:38] *** Knoedel2 has quit IRC
[00:26:54] *** matt_ has quit IRC
[00:27:14] *** _matt has joined #postfix
[00:27:37] *** _matt is now known as matt_
[00:31:19] *** jra has quit IRC
[00:33:11] *** amason_ has quit IRC
[01:01:24] *** war9407 has quit IRC
[01:08:04] *** nictuku has quit IRC
[01:15:51] *** xpoint has joined #postfix
[01:23:22] *** n0sq has joined #postfix
[01:26:19] <n0sq> i've been trying to figure out what has changed since upgrading to mandriva 2009.0, postfix-2.5.5-2mdv2009.0, that is causing Dec 14 17:18:10 server2 postfix/smtpd[12249]: warning: unknown smtpd restriction: "sbl.spamhaus.org" - google hasn't been much help so far but i'm still looking - maybe someone can save me some time? http://pastebin.ca/1285541
[01:27:02] <n0sq> there are other rbl's in smtp client restristions that aren't generating this error
[01:28:18] <n0sq> xbl.spamhaus.org is showing up with this error also so it's a problem with spamhaus.org?
[01:28:18] <lunaphyte> man postconf
[01:30:36] *** honson has quit IRC
[01:31:38] <sysdef> it isn't a problem with xbl.spamhaus.org. it's a problem with your calendar. it's dead for more than one year
[01:31:45] <sysdef> afaik
[01:32:50] <sysdef> or nonfree?
[01:33:26] <n0sq> hmm, i remember something about that - the website for spamhaus still lists it.
[01:33:55] <sysdef> maybe http://www.spamhaus.org/zen/ is interrestingg
[01:37:26] <n0sq> i tried zen.spamhaus.org with the same results
[01:46:59] *** jtaji has quit IRC
[01:54:04] *** nictuku has joined #postfix
[02:02:55] <rob0> xbl.spamhaus.org. still exists
[02:03:14] *** evaryont has left #postfix
[02:04:47] <rob0> Surely it's a problem with broken syntax ... "unknown smtpd restriction: sbl.spamhaus.org" ... the name of an RBL by itself is not the right way to do it.
[02:05:24] *** Zeit|awy has quit IRC
[02:06:54] <n0sq> well, i don't know what's wrong with this postfix - i tried editing the main.cf file but i can only list 1 rbl service without getting errors
[02:07:03] *** jtaji has joined #postfix
[02:09:48] <rob0> !maincf reject_rbl_client
[02:09:49] <knoba> rob0: Error: "maincf" is not a valid command.
[02:09:55] <rob0> !main.cf reject_rbl_client
[02:09:55] <knoba> rob0: Error: "main.cf" is not a valid command.
[02:09:59] <rob0> damn
[02:10:11] <rob0> see postconf.5.html#reject_rbl_client
[02:17:08] *** __Marko has joined #postfix
[02:26:06] <n0sq> rob0: i think i got it - thanks for the help guys
[02:27:21] *** sahil has quit IRC
[02:28:46] <n0sq> apparently you have to use reject_rbl_client for every rbl instead of 1 reject_rbl_client with a whitespace delimited series of rbl services
[02:35:51] <rob0> indeed
[02:43:15] *** sahil has joined #postfix
[02:53:22] *** ming_zym has joined #postfix
[03:24:24] *** axisys has quit IRC
[03:26:59] *** nphase_ has joined #postfix
[03:27:19] *** mXr has joined #postfix
[03:29:36] <nphase_> SELECT MAX(user_id) FROM users; vs SELECT user_id FROM users ORDER BY user_id DESC LIMIT 1;
[03:29:40] <nphase_> speed thoughts, anyone?
[03:30:34] *** xpeed has quit IRC
[03:40:20] <Dominian> rob0: ghtry.. did he ever remove that lp.net crap off of his system?
[03:42:42] <rob0> I dunno ... I think the tutorial he was using was Slackware-friendly (OS neutral), but it just assumed that you already knew enough about Postfix basics. He assumed it was holding his hand every step of the way.
[03:43:04] <Dominian> haha
[03:43:06] <Dominian> He should've used mine
[03:43:27] <Dominian> I'm going to alter that one to be mailscanner and maia mailguard specific.. so two tutorials.. but one with mailscanner.. one with maia mailguard/amavisd-new
[03:43:38] <Dominian> Just not sure when.
[03:45:45] *** __Marko has quit IRC
[03:46:06] <rob0> As I mentioned later in his troubles here, he was a vivid illustration of the !tutorial problem.
[03:46:35] *** growltiger_ has joined #postfix
[03:48:16] <Dominian> !tutorial
[03:48:17] <knoba> Dominian: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their mail server without reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to look for hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.
[03:48:36] <Dominian> hrm
[03:48:48] <Dominian> I should probably put some annotation in my tutorial that says "when in doubt.. read the documentation"
[03:51:35] <thumbs> you know, I've had to deal with so many idiots in our channels in my whole life this weekend
[03:51:44] <thumbs> I probably banned over 10 people
[03:52:08] <Dominian> rob0: just made an addition
[03:52:38] <rob0> :)
[03:53:05] <Dominian> http://pastebin.slackadelic.com/6763
[03:53:07] <Dominian> that's what I just added
[03:53:22] <rob0> Following a prolonged refusal to read the documentation, I'm now failing to understand the docs because I'm filtering the information through my erroneous preconceptions. So it doesn't work. Any ideas?
[03:53:50] <thumbs> rob0: ./mode +b
[03:53:55] <thumbs> the only fix.
[03:54:19] <Dominian> heh
[03:54:34] <Dominian> well, I can tell you this much.. I now recommend maia mailguard over mailscanner.
[03:54:38] <Dominian> I can see why people love using it
[03:56:54] *** xpoint has quit IRC
[03:57:21] *** growltiger has quit IRC
[04:00:50] <cite> Good morning.
[04:08:54] *** hparker has quit IRC
[04:09:46] *** zmitya has quit IRC
[04:13:10] *** xoritor has quit IRC
[04:29:31] *** growltiger has joined #postfix
[04:33:58] *** n0sq has left #postfix
[04:38:52] *** _mavrick61 has quit IRC
[04:39:59] *** _mavrick61 has joined #postfix
[04:44:29] *** growltiger_ has quit IRC
[04:53:41] *** nictuku has quit IRC
[05:09:58] *** growltiger_ has joined #postfix
[05:11:19] *** fx0 has joined #postfix
[05:23:56] *** saurabhb has joined #postfix
[05:24:43] *** growltiger has quit IRC
[05:28:07] *** growltiger has joined #postfix
[05:28:39] *** growltiger_ has quit IRC
[05:37:54] *** nphase_ has quit IRC
[05:44:06] <sahil> Dominian: maia is just amavisd-new+sa repackaged, no?
[05:47:39] *** jimpop has joined #postfix
[05:52:35] *** growltiger_ has joined #postfix
[05:57:11] *** jens_ has joined #postfix
[05:58:29] *** jens__ has quit IRC
[06:07:39] *** growltiger has quit IRC
[06:10:44] *** Severed_Head_Of_ has joined #postfix
[06:11:15] *** growltiger_ has quit IRC
[06:18:53] <Dominian> sahil: its not SA at all
[06:19:00] <Dominian> sahil: its maia's version of amavisd-new
[06:19:08] <Dominian> + a web interface
[06:28:06] *** pickcoder has quit IRC
[06:29:57] *** k-man__ has joined #postfix
[06:30:26] *** Motoko-chan has joined #postfix
[06:33:50] *** jimpop has quit IRC
[06:57:06] *** Dominian is now known as mhayes
[06:57:31] *** mhayes is now known as Dominian
[06:58:48] *** bhagat has joined #postfix
[07:08:34] *** k-man has joined #postfix
[07:20:53] *** Samson_99 has joined #postfix
[07:21:55] *** k-man__ has quit IRC
[07:23:05] *** Samson_99 has quit IRC
[07:25:53] *** Samson_99 has joined #postfix
[07:27:59] *** Lap_64 has joined #postfix
[07:28:40] *** Fallenou has joined #postfix
[07:41:43] *** dogmeat has quit IRC
[07:46:18] *** k-man has quit IRC
[07:46:38] *** k-man has joined #postfix
[07:51:49] *** Sky[X] has joined #postfix
[07:55:40] *** Fallen[oqp] has joined #postfix
[07:55:54] *** Fallenou has quit IRC
[07:55:57] *** Fallen[oqp] has quit IRC
[07:58:06] *** yacc_ has joined #postfix
[07:58:43] <yacc_> How can I specify which AUTH methods postfix does offer in smtpd, and especially in which which order?
[08:02:45] *** yacc_ is now known as yacc
[08:03:21] *** F|oFF has quit IRC
[08:04:41] *** F|oFF has joined #postfix
[08:08:03] *** hparker has joined #postfix
[08:10:15] *** phnord has joined #postfix
[08:16:53] *** hkais has joined #postfix
[08:17:28] <hkais> is it possible to relay only if the e-mail adress is valid/known?
[08:20:43] *** |_Knoedel_| has joined #postfix
[08:21:31] *** Motoko-chan has quit IRC
[08:24:41] *** sophokles has joined #postfix
[08:28:37] <f3ew> yes
[08:28:44] <f3ew> !reject_unverified_recipient
[08:28:44] <knoba> f3ew: "reject_unverified_recipient" : a configuration parameter in the main.cf: A sender or recipient address is verified by probing the nearest MTA for that address, without actually delivering mail. Probe messages are like normal mail, except that they are never delivered, deferred or bounced; probe messages are discarded.
[08:28:47] <f3ew> !reject_unverified_sender
[08:28:48] <knoba> f3ew: Error: "reject_unverified_sender" is not a valid command.
[08:28:53] <f3ew> Similar though
[08:29:03] <f3ew> yacc edit smtpd.conf
[08:31:20] <yacc> f3ew, thx
[08:38:20] *** denis has joined #postfix
[08:49:00] *** Severed_Head_Of_ has quit IRC
[08:49:04] *** Severed_Head_Of_ has joined #postfix
[09:00:38] *** hever has joined #postfix
[09:01:16] *** denis has quit IRC
[09:01:47] *** denis_ has joined #postfix
[09:06:18] *** growltiger_ has joined #postfix
[09:06:49] *** Severed_Head_Of_ has quit IRC
[09:07:33] *** madrescher has quit IRC
[09:09:33] *** Polysics has joined #postfix
[09:09:36] <Polysics> hi all
[09:10:01] <Polysics> i'm sorry about asking basic questions, but if i need to mimic a typical "shared hosting" setup, what am i looking for?
[09:10:10] <Polysics> i'm getting a VPS and i have never managed mail
[09:10:28] <Polysics> i have 10ish domains with 2-5 addresses each
[09:22:05] *** Xjs has quit IRC
[09:22:17] <R1ck> Polysics: define "mimic"
[09:22:51] <Polysics> uhm...
[09:23:01] <Polysics> i don't know if the terminology is correct
[09:23:18] <Polysics> but basically, mail accounts don't correspond to user accounts on the machine
[09:23:44] <Polysics> i don't need clients to be able to admin the accounts themselves, although that could be a plus
[09:26:40] <Polysics> is postfixadmin what i am looking for, more or less?
[09:30:32] <R1ck> you'll probably want virtual users, at least.. perhaps you could follow the ISP-Config howto
[09:32:53] *** keanne has quit IRC
[09:36:47] <Polysics> isp config wants me to do some stuff to apache i'd rather not use
[09:37:46] <Polysics> as the most important thing on the server is the web part to work well
[09:48:08] *** _sv-- is now known as sv--
[09:50:02] *** Polysics has quit IRC
[09:50:43] *** keanne has joined #postfix
[09:56:10] *** war9407 has joined #postfix
[09:58:05] *** Xjs has joined #postfix
[10:01:14] *** Fallenou has joined #postfix
[10:08:25] *** keanne has quit IRC
[10:17:08] *** MarkBao has quit IRC
[10:17:47] *** thumbs has quit IRC
[10:19:47] *** hkais has quit IRC
[10:20:57] *** MarkBao has joined #postfix
[10:24:30] *** aleix has joined #postfix
[10:26:27] *** thumbs has joined #postfix
[10:27:06] <aleix> Hi all, i'm preparing an Exchange -> Postfix+SomeIMAPServer+LDAP. I'll have more than one server hosting mailboxes and i'd like to do the transport via Postfix. I know postfix can get the transports from an LDAP table, what i wonder is what attribute do you use to save the mail host where the mail box is... I'm sure some of you have this setup, isn't it?
[10:28:25] *** _nalle has quit IRC
[10:40:47] *** Fallenou_ has joined #postfix
[10:40:50] <f3ew> aleix, transport_maps
[10:41:51] <aleix> f3ew: yep, i know that... what i wonder is what ldap attribute do you people use to set the host that has the mailbox, and thus send the message to that host for delivering
[10:41:53] *** Fallenou has quit IRC
[10:42:20] <f3ew> aleix, Postfix doesn't care
[10:42:36] <aleix> mmm? could you elaborate please?
[10:49:46] <f3ew> aleix, Postfix only cares about the result of your lookup
[10:49:59] <f3ew> The specific attribute is a config file problem
[10:50:37] <aleix> yes, you are right, and i understand that. Is there any schema that already has a mailHost or similar?
[10:53:43] *** amrit is now known as amrit|zzz
[11:22:15] *** randra has joined #postfix
[11:24:53] *** tataz has joined #postfix
[11:24:59] <tataz> Hi there!
[11:25:01] *** tataz is now known as ttzou
[11:26:06] *** MarkBao has quit IRC
[11:26:36] <ttzou> My final mailserver will be down for a couple of weeks.  The upstream mailserver has been queuing mails for some time.  Now I've reconfigured the mail routing so new mails are redirected elsewhere.
[11:28:56] <ttzou> My problem is that the defered mails won't be delivered and will ultimately bounce.  Is there a way, even a hack, to shunt this behaviour?
[11:29:30] <ttzou> Actually I'd like to redirect the bounced mail to another address.
[11:33:53] *** darkstar has quit IRC
[11:34:24] *** RedShift has joined #postfix
[11:34:36] <RedShift> hello
[11:34:57] <RedShift> for a HELO, is this a valid notation? [2001:6a8:a40::21]
[11:35:22] <RedShift> I know the RFC's allow [1.2.3.4], but do they allow that for ipv6?
[11:40:37] *** gsamsa has joined #postfix
[11:41:17] *** aleix has quit IRC
[11:42:00] *** Zeit|awy has joined #postfix
[11:44:31] *** mynullvoid has joined #postfix
[11:57:56] <snappy> RedShift: i believe so.
[11:58:46] *** _mavrick61 has quit IRC
[12:04:36] *** ming_zym has quit IRC
[12:04:48] *** Tex-Twil has joined #postfix
[12:05:00] *** Tex-Twil has left #postfix
[12:10:26] *** wdp_ has joined #postfix
[12:16:33] *** F6F has joined #postfix
[12:18:39] <sidh> hello everybody
[12:19:27] <sidh> i have finally understand my problem of ldap connect , and now it is ok
[12:19:41] <sidh> now i get this error
[12:19:49] <sidh> Recipient address rejected: User unknown in local recipient table;
[12:20:10] <sidh> but regarding to http://pastebin.com/f5003afa1
[12:21:00] <sidh> we can see this : transport_maps = hash:/usr/local/etc/postfix/transport, ldap:transport
[12:21:18] *** Sky[XX] has joined #postfix
[12:21:23] <sidh> the link above is the postconf -n output
[12:22:21] *** wdp has quit IRC
[12:22:28] <sidh> so i don't understand
[12:24:30] *** Sky[X] has quit IRC
[12:25:20] *** pirho has joined #postfix
[12:27:35] *** _nalle has joined #postfix
[12:27:44] *** nfi|ermes has joined #postfix
[12:33:43] <f3ew> sidh remove the domain from mydestination
[12:39:14] *** samix has joined #postfix
[12:40:45] <sidh> f3ew: still the problem
[12:41:40] <f3ew> sidh, your error reason must have changed though :)
[12:42:19] *** cpm has joined #postfix
[12:43:06] <sidh> f3ew: no
[12:43:54] *** leleobhz has quit IRC
[12:44:23] <f3ew> Did you reload Postfix?
[12:45:05] <sidh> restart
[12:45:08] *** pirho has quit IRC
[12:50:58] <f3ew> what does postconf mydestination say?
[12:51:21] *** hipodilski has quit IRC
[12:51:55] *** cpm has quit IRC
[12:52:47] <pv2b> ttzou, i'm not at all sure this will work, but in terms of a hack --- maybe you could run a TCP bouncer?
[12:53:04] <pv2b> might wreak havoc with some anti-spam systems though.
[12:55:37] *** Constin has joined #postfix
[12:55:39] <ttzou> pv2b: I think I will
[12:56:10] <pv2b> it might be a better idea to actually set up a mail relay though
[12:56:15] <ttzou> pv2b: I think I will dump the messages will postcat(8)
[12:56:53] <ttzou> pv2b: yeah, but the problem is that the mails are already is postfix defered queue, marked to be transfered to my host.
[12:56:53] <pv2b> it shouldn't be too difficult to setup a server, which has the sole purpose of relaying mail for your mail domain
[12:57:53] <pv2b> oh, you control the mail server? great. set up another virtual interface with the same IP address of the mail server you're trying to deliver to :-)
[12:58:03] <pv2b> on a loopback interface
[12:58:12] <pv2b> or even on a dummy interface
[12:58:27] <pv2b> then watch your mail server talk to itself to deliver all that email. then watch it get routed properly
[12:58:54] <ttzou> hum yeah, that might be a solution
[12:58:56] <pv2b> disclaimer: i have never tried this
[12:59:00] <ttzou> eheh
[13:00:13] <pv2b> and there might be a better way to do it too. probably.
[13:02:36] *** pirho has joined #postfix
[13:05:35] *** sophokles1 has joined #postfix
[13:05:38] <sidh>  f3ew sorry i had a call
[13:05:43] <sidh> mydestination = $transport_maps, localhost, $myhostname
[13:07:44] <pv2b> ttzou, you sure, that when you just "postfix flush", it doesn't deliver properly?
[13:07:55] <pv2b> it still tries to deliver to the wrong machine?
[13:10:09] <f3ew> sidh remove transport_maps from there
[13:12:54] *** cpm has joined #postfix
[13:15:08] <sidh> f3ew: evolution , now : Relay access denied;
[13:15:43] <sidh> relay_domains = $mydestination
[13:15:48] <f3ew> add the domain to relay_domains, and setup relay_recipient_maps
[13:15:48] <sidh> is not enough
[13:16:55] <sidh> f3ew: is it possible to add ldap:domain instead of the domain name
[13:17:22] <f3ew> no
[13:17:46] <sidh> because it is a multi domain mail server, and i would like to search automatically if there a new domain
[13:17:49] <sidh> oh ok
[13:18:46] *** sophokles has quit IRC
[13:19:24] <f3ew> sidh, setup a new LDAP map
[13:23:41] <sidh> f3ew: for relay_recipient_maps is it possible to set ldap:something ?
[13:24:37] *** pirho has quit IRC
[13:26:27] <f3ew> sidh, yes
[13:26:38] <f3ew> You can do the same thing for relay_domains as well
[13:26:43] <sidh> i try ldap:accounts
[13:26:55] <f3ew> relay_domains = ldap:/etc/postfix/ldap_relay_domains.cf
[13:26:58] <f3ew> Full path
[13:27:29] *** mynullvoid has quit IRC
[13:31:42] *** madrescher has joined #postfix
[13:35:57] *** Samson_99 has quit IRC
[13:36:13] *** Samson_99 has joined #postfix
[13:37:26] *** bhagat has quit IRC
[13:38:14] *** Pinchiukas has joined #postfix
[13:44:14] *** GieltjE has joined #postfix
[13:44:42] <GieltjE> if I use sa-learn and -dbpath and specify the folder where to write to, do I need to specify that folder somewhere?
[13:45:37] <Pinchiukas> I have added these lines to my main.cf: "smtpd_sasl_auth_enable = yes", "smtpd_sasl_type = dovecot", "smtpd_sasl_path = private/auth" and authentication ins't working
[13:46:17] <sidh> and maillog says ?
[13:46:39] *** bhagat has joined #postfix
[13:46:46] <Pinchiukas> maillog?
[13:47:02] <sidh> postfix log file
[13:47:06] *** pirho has joined #postfix
[13:48:02] <Pinchiukas> Dec 15 14:28:40 [postfix/smtpd] warning: uosis.mif.vu.lt[193.219.42.14]: SASL PLAIN authentication failed:
[13:48:06] <Pinchiukas> and that's it
[13:48:39] <sidh> maybe you don't permit plain auth
[13:50:21] <sidh> mechanisms = PLAIN LOGIN ?
[13:50:50] <Pinchiukas> yes
[13:50:52] <Pinchiukas> http://pastebin.com/d2ef720cd
[13:51:00] <Pinchiukas> this is what I get if I turn up the debug level
[13:51:16] <sidh> disable_plaintext_auth = no ?
[13:51:29] <Pinchiukas> yep
[13:52:07] <Pinchiukas> I use "perl -MMIME::Base64 -e 'print encode_base64("\0usern@me\0password");'" to get the auth string
[13:52:10] *** p4tr0p1 has joined #postfix
[13:52:21] <p4tr0p1> hi folks!
[16:29:51] *** echelog has joined #postfix
[16:30:16] <sidh> with -v option of smtpd
[16:30:18] <sidh> i get
[16:30:23] <sidh> postfix/qmgr[14670]: warning: connect to transport maildrop: Connection refused
[16:30:48] <sidh> but i'm quite sure there is no transport=maildrop in my main.cf
[16:30:58] <ghtry> roe_ Ahh yes sender policy framework.  It stops forgery.  Found a nifty tutorial on it.  Thanks bud.
[16:31:06] <roe_> any time
[16:31:16] <sidh> so why is it trying to connect to maildrop
[16:31:27] <roe_> sidh, time for pastebin
[16:31:43] <shasta> spf also breaks things
[16:31:47] <shasta> (ie. forwarding)
[16:31:49] <ghtry> hmm
[16:32:25] *** oursbrun33 has joined #postfix
[16:32:37] <ghtry> Well services open so-called security holes.  Things have risks but appreciate the heads up.  Could you point me to a ref/RFC/doc describing the risks of spf shasta?
[16:32:49] *** oursbrun33 has left #postfix
[16:34:02] <sidh> roe_: here is the postconf -n output
[16:34:11] <sidh> http://pastebin.com/f3b7a8329
[16:35:28] <shasta> ghtry, google://spf forwarding
[16:35:28] <shasta> :)
[16:35:33] <roe_> what is in, /usr/local/etc/postfix/transport and ldap:transport?
[16:36:54] *** deadpigeon has joined #postfix
[16:37:07] <ghtry> Sure shasta I was currently looking at a tutorial: http://www.howtoforge.com/postfix_spf (Which appears to be what I am looking for).  If the risk is minimal or the config can adjusts risk to an acceptable level within my network policies then the problem can be tackled head on.
[16:37:34] *** piti has left #postfix
[16:38:02] *** brancaleone has joined #postfix
[16:40:20] <sidh> http://pastebin.com/d44db289d  <-- roe_
[16:40:53] <roe_> sorry, my fault, postmap -q transport should be what I am looking for
[16:42:49] <sidh> postmap: fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key] [-q key] [map_type:]file...
[16:42:57] *** Pinchiukas has joined #postfix
[16:42:58] <sidh> i rtfm postmap
[16:43:11] <Pinchiukas> so what does authentication give for a user? :)
[16:44:04] <Pinchiukas> shouldn't an authenticated used be allowed to relay mail?
[16:44:10] <Pinchiukas> s/used/user
[16:47:25] <sidh> roe_: if postmap -q transport /where/is/transport is what you need
[16:47:29] <sidh> the output is nothing
[16:48:40] *** quentusrex has joined #postfix
[16:49:14] <roe_> sorry, try postmap -q hash:/path/to/transport
[16:49:15] <quentusrex> What would cause an e-mail to sit in the maildrop queue?
[16:50:14] <Herljos> Hi all, does anybody know if there is a french channel for postscript support ?
[16:50:18] <sidh> roe_: still nothing
[16:52:37] *** bluethundr has joined #postfix
[16:52:41] *** UltraCool has quit IRC
[16:53:45] *** ghtry has quit IRC
[16:55:35] *** Gnea has quit IRC
[16:55:55] <roe_> sidh, how about postmap -s /path/to/transport
[16:56:51] *** bisoc_ has joined #postfix
[16:56:51] *** bisoc has quit IRC
[16:56:59] <sidh> .autoreply       :gnarwl
[16:57:28] <roe_> is that all you have in your transport file?
[16:57:45] <sidh> yes
[16:58:03] <roe_> yes, I see, try postmap -s ldap:transport
[16:58:06] <roe_> not sure if that will work
[16:58:49] <sidh> postmap: fatal: ldap table transport: sequence operation is not supported
[16:59:04] <sidh> ok i set the transport ldap entry in a file
[16:59:05] <roe_> well that sux
[16:59:14] <sidh> and try with postmap -s
[16:59:32] <roe_> I'm just trying to see the contents of your transport mechanism
[17:00:09] <sidh> it is written on the pastebin site posted before
[17:01:04] <roe_> I don't see anything new in that bin
[17:01:18] <sidh> http://pastebin.com/d44db289d
[17:01:39] <roe_> still just the 1 transport and the ldap binding/query info
[17:01:50] *** gsamsa has left #postfix
[17:02:13] <roe_> I'm looking for what transports are configured
[17:05:44] <sidh> roe_: i copy/paste the ldap:transport antry in my main.cf in a separate ldap-transport.cf file, then i postmap local-transport.cf to obtain a .db
[17:05:53] <sidh> and did the postmap -s ldap-transport.cf
[17:06:04] *** hkais has quit IRC
[17:06:11] <sidh> as expected , the output is the same
[17:07:39] <roe_> just showing the bind parameters but not the contents of the directory?
[17:08:00] <sidh> yes
[17:09:39] <roe_> do you know the contents of the directory?
[17:10:28] <sidh> yes i paste bin it the whole part (very short)
[17:10:36] <Pinchiukas> shouldn't an authenticated user be allowed to relay mail?
[17:11:23] <roe_> should you spank your kids?
[17:11:25] <adaptr> if you configure it that way, yes
[17:11:32] <roe_> it is a judgement call
[17:11:36] <adaptr> or, to go with roe, if your fancies ru that way
[17:12:12] *** Similian has left #postfix
[17:12:48] *** karrotx has joined #postfix
[17:13:21] *** hkais has joined #postfix
[17:13:29] <hkais> hello
[17:13:44] <roe_> sidh, you did or you are pastebinning it? the only transport in the bin ending in 89d is labeled from transport file
[17:16:10] <sidh> http://pastebin.com/f611bea1b  <- roe_
[17:16:52] <roe_> and there it is
[17:16:58] <roe_> postfixTransport: maildrop:
[17:17:31] <sidh> shit
[17:17:51] <roe_> it looks like you configured your transports to use maildrop
[17:17:56] <roe_> but not postfix
[17:18:04] <sidh> i was sure that the phamm (php apps) has changed it
[17:18:19] <roe_> apparently not
[17:18:21] <sidh> i realized i should not trust php apps
[17:19:32] <sidh> i change the value with dovecot with ldapmodify
[17:19:46] <roe_> I'm curious as to why we couldn't get postmap to spit out your transports nicely
[17:21:04] *** |_Knoedel_| has quit IRC
[17:21:27] *** growltiger_ has joined #postfix
[17:23:26] *** growltiger has quit IRC
[17:23:46] <sidh> roe_: http://pastebin.com/d43c0eef3
[17:24:17] <sidh> it is a mail.xml plugin for phamm (the php apps i use)
[17:24:29] <roe_> postmap should do it
[17:24:33] <sidh> as you can see i had set it to dovecot:
[17:24:57] <roe_> your directory disagrees
[17:30:39] *** plee has joined #postfix
[17:31:10] *** bluethundr_ has joined #postfix
[17:35:55] *** fx0 has joined #postfix
[17:41:33] *** bluethundr has quit IRC
[17:44:20] *** hkais has quit IRC
[18:00:02] *** seekwill has joined #postfix
[18:08:12] *** havvg has quit IRC
[18:20:44] *** brancaleone has quit IRC
[18:21:10] *** LordDicranius has joined #postfix
[18:21:35] *** quentusrex has quit IRC
[18:22:34] <sidh> roe_: i get that message error :
[18:22:42] <sidh>  status=deferred (temporary failure. Command output: Can't open log file /var/log/mail.log: Permission denied
[18:22:54] <sidh> firt it is owned by root
[18:22:59] <sidh> in 600
[18:23:13] <sidh> if i look at the master.cf file
[18:23:23] <sidh> i can see
[18:24:36] <sidh> flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}
[18:25:05] <sidh> so i chown vmail:vmail the dovecot.log file
[18:25:16] *** letni has joined #postfix
[18:25:33] <sidh> because i suppose it is the delivery process that write into dovecot.log
[18:25:45] <sidh> but the problem still remains
[18:26:05] *** letni is now known as Trengo
[18:28:12] *** LordDicranius has left #postfix
[18:32:29] *** Knoedel2 has joined #postfix
[18:33:42] <sidh> well i tried chowning to root,vmail,dovecot,postfix, still the error
[18:34:04] <sidh> how can i find who want to write to dovecot.log file ?
[18:34:24] <cite> sidh: It want's to write to /var/log/mail.log, not dovecot.log.
[18:35:51] <sidh> sorry
[18:35:55] <sidh> (temporary failure. Command output: Can't open log file /var/log/dovecot.log: Permission denied )
[18:36:48] <cite> Time to do a grep -r dovecot.log /etc/*
[18:38:34] *** juzam has joined #postfix
[18:38:47] <juzam> hi
[18:38:51] <sidh> /usr/local/etc/dovecot.conf:log_path = /var/log/dovecot.log
[18:39:38] <cite> sidh: chown vmail:vmail /var/log/dovecot.log ; postfix reload; /etc/init.d/dovecot restart
[18:44:12] *** phnord has quit IRC
[18:45:33] <juzam> is it possible to reject mails if "to" and "from" is my own e-mail but the sender is not my postfix?
[18:45:49] <adaptr> To *is* the sender
[18:45:52] <sidh> cite: then we get back to
[18:45:53] <adaptr> ..or from
[18:45:59] <adaptr> whatever, meh
[18:46:04] <adaptr> juzam: elaborate
[18:46:06] <sidh> status=deferred (temporary failure. Command output: Can't open log file /var/log/mail.log: Permission denied )
[18:46:26] <adaptr> sidh: you're messing with postfix permissions. don't
[18:46:35] <adaptr> !logs
[18:46:36] <knoba> adaptr: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going. also see !have2mung
[18:46:40] <cite> sidh: mail.log or dovecot.log?
[18:47:33] <sidh> both
[18:47:53] <sidh> after the la restart of both dovecot and postfix
[18:48:07] <sidh> i get mail.log again
[18:48:27] <sidh> i chwon mail.log to vmail too
[18:48:35] <sidh> because it is awned by root
[18:48:39] <sidh> owned
[18:49:01] <cite> sidh: mail.log _must_ be owned by root. It's the systems syslog daemon which writes to it.
[18:49:07] <cite> Don't change it's permissions.
[18:49:16] <cite> Instead, find out what else is trying to write to mail.log directly.
[18:50:56] <sidh> /usr/local/etc/dovecot.conf:info_log_path = /var/log/mail.log
[18:51:05] <cite> There.
[18:51:10] <cite> Things will be OK.
[18:51:13] * cite soothes sidh.
[18:51:25] *** DexterF has joined #postfix
[18:51:28] <DexterF> hi
[18:51:54] <sidh> soothes ?
[18:52:13] <DexterF> <- total postfix n00b. need to figure what smtp server postfix talks to for sending. where can I see that info?
[18:52:23] <adaptr> in the logs
[18:52:56] <juzam> postfix should reject all mails if postfix is responsible for the email-address in "from" and "to" but the mail wasn't delivered by postfix
[18:53:16] <RedShift> DexterF: can you rephrase your question?
[18:53:21] <RedShift> I'm not sure I understand
[18:53:24] <sidh> cite: do i have to choose another file ?
[18:53:30] <cite> sidh: For sure.
[18:53:45] <adaptr> RedShift: better avoid the discussion altogether, then
[18:54:38] <DexterF> RedShift, old box runnign postfix. I dont know jack about the postfix conf files and need to check which mail server postfix will talk to when sending
[18:55:22] <RedShift> DexterF: depends, if there's no relayhost defined, postfix will contact the MX record listed for the domain it's attempting to send to
[18:55:42] <RedShift> you can see in the logs which server it's trying to connect to
[18:56:47] <DexterF> RedShift, sitting where? not in /var/log
[18:57:09] <RedShift> DexterF: postfix logs to syslog, so wherever syslog materializes its logs
[18:57:30] <adaptr> !logs
[18:57:31] <knoba> adaptr: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf or grep -rl `postconf -h syslog_name` /var/log/* should tell you where logs are going. also see !have2mung
[18:57:37] <adaptr> sigh...repeatarony
[18:59:01] <cite> Serious case of carpal tunnel syndrome?
[18:59:49] <sidh> cite: i change to a new file called dovecot-mail.log
[18:59:55] <sidh> then status=deferred (temporary failure. Command output: Can't open log file /var/log/dovecot-mail.log: Permission denied )
[19:00:07] <Dominian> what are the permissions ont hat log file?
[19:00:23] <cite> sidh: Did you ever "play root" on a Unix like system before?
[19:00:30] <sidh> after restarting dovecot, the file has been created
[19:01:16] <sidh> as root:wheel owner/group
[19:01:19] *** githogori_ has quit IRC
[19:01:30] <sidh> cite: i didn't create that file
[19:01:43] <sidh> i just specify it in dovecot.conf
[19:01:55] <sidh> so it is dovecot that created it
[19:02:01] <sidh> with root permission
[19:02:13] <adaptr> and it shouldn't
[19:02:21] <adaptr> set your dovecot user properly
[19:02:30] <Dominian> er.. yeah
[19:02:34] <Dominian> dovecot should run as its own user
[19:02:45] <Dominian> my log files for dovecot are owned root.virtual
[19:05:20] <adaptr> mine is owned by dovecot.mail
[19:06:44] <DexterF> dug up the file (/var/log/mail. duh.) now - what's  typical line telling me to what server postfix talked to? guess would be a relay
[19:06:51] <sidh> if you type 'ps faux', who runs the dovecot process for you ?
[19:07:03] <sidh> s/you/your server
[19:07:14] *** denis_ has quit IRC
[19:08:08] <Dominian> adaptr: yeah.. I may have to go through everyting again.. however the group ownership is all that is required iirc... but I could be wrong.
[19:09:42] *** dogmeat has joined #postfix
[19:16:36] *** havvg has joined #postfix
[19:16:45] *** juzam has left #postfix
[19:19:25] *** x-spec-t has quit IRC
[19:27:16] *** BuenGenio has quit IRC
[19:38:10] *** Herljos has quit IRC
[19:43:00] *** denis_ has joined #postfix
[19:45:06] *** amrit|zzz is now known as amrit|wrk
[19:46:50] <DexterF> RedShift, got it, thanks
[19:47:00] *** DexterF has quit IRC
[19:51:50] *** Zeit|awy has quit IRC
[19:52:18] *** Haris_ has joined #postfix
[19:58:19] *** randra has quit IRC
[20:05:29] *** jtaji has quit IRC
[20:09:01] *** hparker has quit IRC
[20:11:32] *** dft has joined #postfix
[20:14:58] *** BuenGenio has joined #postfix
[20:16:15] *** BuenGenio has quit IRC
[20:18:18] *** BuenGenio has joined #postfix
[20:21:35] *** brancaleone has joined #postfix
[20:24:21] <seekwill> weeeeeee
[20:27:02] *** BuenGenio has quit IRC
[20:27:18] *** hparker has joined #postfix
[20:32:08] <sidh> i finally succeed to set up my virtual mail/user server with ldap backend
[20:33:40] *** Pinchiukas has left #postfix
[20:34:25] <sidh> i REALLY thank you very much roe_ f3ew cite and all people who helped me
[20:35:04] <roe_> anytime
[20:36:05] <sidh> now the only thing is I can receive mail for my local account , but i'm still searching why
[20:36:28] <sidh> I can't
[20:36:43] *** afaict has joined #postfix
[20:42:07] *** Motoko-chan has joined #postfix
[20:42:24] *** gonewestcoast has joined #postfix
[20:44:10] <gonewestcoast> Greetings.  Attempting to do a wildcard pcre match via generic mappings, and for some reason the postfix pcre table isn't matching the pattern correctly-- I want to replace ANYUSER at host dot domain.com with ANYUSER at domain dot com, get /^ at domain dot com/ @domain.com in my pcre table doesn't return correct results with a postmap query.
[20:44:30] *** BuenGenio has joined #postfix
[20:53:48] <adaptr> that is not going to do anything
[20:54:22] *** BuenGenio has quit IRC
[20:54:22] <adaptr>  /(.*)\.domain.com/ might
[20:55:01] *** BuenGenio has joined #postfix
[20:57:33] <gonewestcoast> Hmm, let me try it.
[20:58:02] <sidh> every mail in virtual domains are well received, but the mail for the only local account for the real domain are rejected with  "User unknown in relay recipient table"
[20:58:23] <sidh> as said in http://www.postfix.org/ADDRESS_CLASS_README.html
[20:58:23] <adaptr> read that error again
[20:58:51] <sidh> i set local_transport = $myhostname
[20:59:17] <adaptr> your hostname is not a transport
[20:59:24] <adaptr> and that's not what the error is about
[20:59:33] <sidh> but as i already set relay_recipient_maps = ldap:accountsmap
[20:59:49] <afaict> Folks
[20:59:54] <adaptr> sigh.. I can feel plenty of irrelevancies and quite some abstractivism coming
[21:00:02] <afaict> do anyone suggest me a good webmail that sends in html format ?
[21:00:06] <adaptr> sidh: it's a LOCAL account, you dumbass
[21:00:19] <adaptr> why is it being relayed at all ?
[21:00:35] <adaptr> afaict: I like roundcube
[21:00:36] <sidh> for virtual accounts
[21:00:50] <sidh> afaict: i use roundcube too
[21:00:58] <adaptr> yes, I know you have NO FUCKING CLUE what I'm talking about
[21:00:59] <sidh> but i am a dumbass
[21:01:08] <sidh> so make your choice
[21:01:12] <afaict> adaptr but roundcube does not send email in html format . it only sends in txt format. Roundcube does *read* on html format.
[21:01:13] <adaptr> you've made that abundantly clear
[21:01:34] *** githogori has joined #postfix
[21:01:39] <adaptr> afaict: it's a nice webmail client, you know the candidates in the field as well as anyone, take you rpick
[21:01:51] <rob0> !unknown_relay
[21:01:52] <knoba> rob0: Error: "unknown_relay" is not a valid command.
[21:01:59] <rob0> !unknown_virtual
[21:02:00] <knoba> rob0: "unknown_virtual" : \"User unknown in virtual $X table\" means that the recipient domain was found in $virtual_$X_domains but the username@domain was not found in $virtual_$X_maps. ("$X" can be either alias or mailbox .)
[21:02:08] <afaict> uhm thanks.
[21:02:10] *** p4tr0p1 has quit IRC
[21:02:59] <rob0> "User unknown in relay recipient table" is the same as !unknown_virtual with s/virtual_$X_maps/relay_recipient_maps/
[21:03:21] * thumbs steals the rpick from adaptr
[21:04:00] <afaict> thanks folks
[21:04:00] <rob0> take you rpick
[21:04:04] *** afaict has quit IRC
[21:05:07] <adaptr> hey, don't take my rpick!
[21:05:15] <adaptr> it's rare and very valuable to me
[21:06:28] *** BuenGenio has quit IRC
[21:08:16] *** MarkBao has joined #postfix
[21:08:17] *** BuenGenio has joined #postfix
[21:10:36] *** jtaji has joined #postfix
[21:10:46] <adaptr> rob0: can I ask some advice on how to solve a practical problem ?
[21:13:44] <rob0> um ... sure!
[21:13:51] *** BuenGenio has quit IRC
[21:14:05] * rob0 was considering a smartass remark, but decided against it
[21:14:45] <rob0> The practical problem is that thumbs has your rpick?
[21:14:51] <adaptr> that would involve you assumig what my practical problem is
[21:14:57] <adaptr> I would take umbrage
[21:15:09] <adaptr> it's an actual postfix question
[21:15:14] *** BuenGenio has joined #postfix
[21:15:28] <adaptr> and I have no idea how long it will take me to understand the answer, so I am reserving some time for it ;)
[21:15:30] <rob0> oh my ... that would be on topic here! What is the world coming to?!?
[21:15:34] <adaptr> indeed
[21:16:20] <adaptr> we run a system that accepts mail to pretty much any address for a number of domains; this mail is handed off to a specialized processor
[21:16:35] <rob0> bad design, but you know that
[21:16:53] <adaptr> but each of those domains also needs one or more actual mailboxes, i.e. users that exist and get mail delivered locally
[21:17:09] <rob0> per-user transport_maps
[21:17:17] <adaptr> okay, any address that matches some fairly restrictive set of rules, then :)
[21:17:23] *** growltiger_ has quit IRC
[21:17:37] <adaptr> still, billions of potential valid addresses
[21:17:42] <adaptr> and yes, we need it
[21:18:01] <adaptr> per-user, with wildcarding for fallthrough ?
[21:18:14] <rob0> yep
[21:18:24] <adaptr> I thought that would be it, yes - and then what - just set local as the transport ?
[21:18:25] <seekwill> adaptr: Like VERP?
[21:18:34] <rob0> yep
[21:18:48] <adaptr> does The Book have any examples of this ? I have it here
[21:19:06] <rob0> dunno, but transport(5)
[21:19:09] <adaptr> I mean, I am still trying to get to grips with the insanely open-endedness of postfix configuration
[21:19:15] <rob0> does
[21:19:43] <adaptr> you can specify restrictions that contain access maps that conatins regexen that reference databases that fall through to transport maps that select different mailboxen that...
[21:19:52] <adaptr> it's a bit of a WTF to tell you the truth
[21:20:10] <adaptr> I would prefer a diagram, THAT I could understand :)
[21:22:38] *** Zeit|awy has joined #postfix
[21:25:17] <adaptr> ah... I see... hmm need to think on this some more :)
[21:27:46] <seekwill> How much mail are you pushing through?
[21:28:33] <lunaphyte_> meh.  someone put me out of my misery.
[21:29:53] * seekwill takes out his .22
[21:30:26] * lunaphyte_ puts the barrel in his mouth.
[21:31:03] <seekwill> Oh no, we start at the fingers and toes
[21:31:20] <seekwill> I bought this box of 1000 rounds for $5 on ebay
[21:32:25] <lunaphyte_> someone please tell me they're using one of amavis' mechanisms to populate @local_domains_acl (or equiv.) from postfix's virtual_mailbox_domains file.
[21:35:09] *** BuenGenio has quit IRC
[21:35:27] *** BuenGenio has joined #postfix
[21:43:45] *** thetimoo has joined #postfix
[21:45:21] *** BuenGenio has quit IRC
[21:45:41] *** cpm has quit IRC
[21:45:45] *** BuenGenio has joined #postfix
[21:47:36] *** Fallenou has joined #postfix
[21:47:38] <seekwill> sysmonk: Hi
[21:50:42] *** BuenGenio has quit IRC
[21:51:10] *** BuenGenio has joined #postfix
[21:51:24] *** r3r3 has joined #postfix
[21:52:07] <r3r3> guys i m getting a lof of weird stuff when issuing a sudo netsta -p http://pastebin.com/m46dd568c
[21:52:13] <r3r3> is that from postfix?
[21:52:18] <r3r3> and is it normal?
[21:54:31] <Motoko-chan> Looks to be a lot of connections, but master is a Postfix process.
[21:54:54] <r3r3> hmm
[21:55:09] <r3r3> why so many connections? the server is completly idle
[21:55:54] <sysmonk> seekwill: hi :)
[21:56:01] *** BuenGenio has quit IRC
[21:56:21] *** BuenGenio has joined #postfix
[21:56:36] <r3r3> i m really a newbie .. if any one could tell me if it s bad or not
[21:58:05] <seekwill> So just leave it alone :)
[21:58:51] <rob0> A newbie should learn to read logs before asking questions, and if everything is working, trust a little.
[21:59:36] <r3r3> right
[22:00:06] <r3r3> just wanted to know if it s a normal behaviour or if i should get worried before diving into the logs
[22:00:28] <rob0> I generally dive into logs before netstat and other tools.
[22:00:37] <r3r3> thanks for the help rob0
[22:01:22] <thetimoo> it's ok like that r3r3
[22:01:52] <r3r3> alright thank you thetimoo
[22:03:15] *** jimpop has joined #postfix
[22:04:36] *** f3ew has quit IRC
[22:09:33] *** SARGuy has quit IRC
[22:12:53] *** SARGuy has joined #postfix
[22:14:05] *** hkais has joined #postfix
[22:15:15] <hkais> hi, how can I enforce on a relay configuration, that only valid (known) email addresses are forwarded?
[22:16:22] *** BuenGenio has quit IRC
[22:16:52] *** BuenGenio has joined #postfix
[22:22:32] *** stas has joined #postfix
[22:26:08] *** yacc__ has joined #postfix
[22:26:23] <rob0> !relay_recipient_maps
[22:26:23] <knoba> rob0: "relay_recipient_maps" : a configuration parameter in the main.cf: Optional lookup tables with all valid addresses in the domains that match $relay_domains. Specify @domain as a wild-card for domains that do not have a valid recipient list.
[22:26:38] <rob0> !verify
[22:26:39] <knoba> rob0: "verify" : Sender or recipient address verification features: http://www.postfix.org/ADDRESS_VERIFICATION_README.html
[22:26:55] *** BuenGenio has quit IRC
[22:27:23] *** BuenGenio has joined #postfix
[22:31:26] <adaptr> seekwill: how much ? I'd say 50K per day max
[22:32:05] <seekwill> oh
[22:32:12] <seekwill> Just curious
[22:32:13] *** BuenGenio has quit IRC
[22:32:37] <adaptr> I can put it on any hardware that's necessary, so I doubt maps will slow it down any
[22:33:03] *** BuenGenio has joined #postfix
[22:33:04] <adaptr> there'll be a regex access map (or relay map) for the main traffic
[22:36:21] *** MarkBao has quit IRC
[22:38:40] *** havvg has quit IRC
[22:39:00] *** PcPixel has joined #postfix
[22:39:40] <PcPixel> is it possible to use more than one IP address with a reject_rbl_client? ie: reject_rbl_client server.com=127.0.0.1,127.0.0.2, etc.?
[22:40:06] <PcPixel> or would i need seperate statements for each IP
[22:41:11] <adaptr> why do you need IP s at all ?
[22:41:59] <PcPixel> you are correct. technically i dont
[22:42:27] <PcPixel> but in some cases, the rbl's use different IPs to illustrate why they are blocked
[22:42:40] *** yacc_ has quit IRC
[22:42:48] <adaptr> !reject_rbl_client
[22:42:49] <knoba> adaptr: Error: "reject_rbl_client" is not a valid command.
[22:42:53] <adaptr> stupid bot
[22:42:58] <PcPixel> hehehe
[22:43:19] <PcPixel> everything ive found only has a single IP
[22:45:07] <adaptr> but doing it more than once will incur ridiculous overhead
[22:45:22] <adaptr> I'd try fobbing it off to a policy service
[22:45:27] <adaptr> and doing it there instead
[22:45:49] <PcPixel> ok thats fine
[22:45:52] <PcPixel> i was just curious
[22:45:53] <PcPixel> :)
[22:47:25] <adaptr> well, you said "or enter single IPs multiple times", but that will define multiple reject_'s, which will multiply the overhead of doing each one separately
[22:47:46] <adaptr> it's pretty much the reason I only use zen nowadays, as my single reject_
[22:48:08] *** jimpop has quit IRC
[22:48:09] *** penrod has quit IRC
[22:48:20] <adaptr> BTW if there is a way to cache all zen info locally, you could eliminate te overhead
[22:48:44] <RedShift> yes, everything's zen
[22:48:49] <RedShift> mmmmmmmmmzzzzzzzzmmmmmmmmmm
[22:50:56] <seekwill> Hmm.. if you hit a policy service, wouldn't you have to accept the message?
[22:51:08] <seekwill> That would be a lot more overhead...
[22:51:18] <adaptr> not at all
[22:51:34] <adaptr> policy is checked in _restrictions like everything else
[22:51:50] <adaptr> but I meant he could combine those multiple IP checks into one call
[22:52:01] <seekwill> hmm... I thought you were talking about something like amavisd
[22:52:02] <adaptr> first get the actual result from zen, then pa=rse that result
[22:52:13] <adaptr> amavis has nothing to do with policy
[22:52:21] <seekwill> gotcha. sorry
[22:52:40] <adaptr> no problem, I'll just redirect a few day's worth of mail to your root account
[22:52:47] <seekwill> Ok
[22:52:56] <adaptr> policy THAT, appleboy :)
[22:53:01] <seekwill> :P
[22:53:07] *** BuenGenio has quit IRC
[22:53:12] <seekwill> My iPhone can process more mail than your mailserver!
[22:53:19] <adaptr> no it can't
[22:53:29] <adaptr> mine runs at 410MHz, so chances are yours does too
[22:53:36] <adaptr> my mailserver is a dualcore atom @1600
[22:53:43] <seekwill> I clustered my iPod Nanos
[22:53:55] *** PcPixel has quit IRC
[22:53:55] <adaptr> without actual networking ? that's a neat trick
[22:54:03] <seekwill> USB
[22:54:04] <adaptr> if you said Touch, I might fall for it
[22:54:06] <seekwill> To the iPhone
[22:54:12] <adaptr> they have wifi
[22:54:19] *** BuenGenio has joined #postfix
[22:54:25] <seekwill> No need for wifi. I have EDGE
[22:55:20] <adaptr> I wish I had EDGE, no providers here carry it - it's either dumb GPRS or UMTS - or, recently, HSDPA, which I am wanting to get
[23:04:39] <karrotx> if i don't put an IP in transport, will postfix hold the emails?
[23:05:15] <adaptr> what will you put in instead ?
[23:05:31] *** wdp_ has quit IRC
[23:05:57] <karrotx> leave it blank
[23:06:10] <karrotx> i'm trying to migrate mail servers and i want the relay to store all emails
[23:06:25] <karrotx> then when the migration is complete, drop send all email to the new mail server
[23:06:26] <adaptr> that's not how it works
[23:06:32] *** F6F has quit IRC
[23:06:35] <adaptr> a relay relays
[23:06:43] <adaptr> you can hold it in the queue for a period of time
[23:06:44] <karrotx> it cannot relay and hold?
[23:06:47] <adaptr> but you cannot change the relay
[23:06:57] <adaptr> it can if the destination is unreachable
[23:06:58] <karrotx> ok, how can i force a hold?
[23:07:09] <adaptr> badly
[23:07:11] <karrotx> will it bounce backto the sender?
[23:07:12] <adaptr> it's a very bad idea
[23:07:36] <karrotx> do you have a recommendation for migrating email servers?
[23:07:54] <adaptr> migrating a mail server usually involves building a new one and then switching them out
[23:07:58] <seekwill> What do you mean by migrating?
[23:08:13] <adaptr> going to Spain, or Africa
[23:08:39] <karrotx> right, a new one is built; but i have a relay in front
[23:08:52] <karrotx> so i have two server, and i'm going to rsync the data from old  -> new
[23:09:05] <karrotx> but while that is happening i want to stop all writes, and hold all email at the relay
[23:09:15] <karrotx> then when the transition happens, send all held email to the new
[23:09:17] <seekwill> umm
[23:09:32] <seekwill> Mailstore or MTA?
[23:09:38] <seekwill> What is "mail server"?
[23:09:57] <karrotx> mta
[23:10:34] <adaptr> there is on reason to hold the mail, just send it to the new one as soon as it is online, then migrate the data
[23:10:37] <adaptr> *no reason
[23:10:51] <adaptr> your thinking is falalcious
[23:10:55] <adaptr> god fuck it!
[23:11:01] <adaptr> I'm going to stop typing
[23:11:10] <adaptr> I will just think to the fucking screen
[23:11:27] <karrotx> i'm not sure that will work (yet)
[23:11:48] <seekwill> Why not?
[23:11:50] <seekwill> Details!
[23:13:16] <bigtone> karrotx: what you want to do will work - I've tested it and plan to use it
[23:13:18] *** BuenGenio has quit IRC
[23:13:42] <bigtone> IIRC, you want to ... postconf -e "relayhost=someunresolveablename.smoewhere.com"
[23:13:43] <seekwill> Not sure why you want to use rsync
[23:13:47] <bigtone> and ... postfix reload
[23:13:59] <seekwill> Just because it works, doesn't mean it's the preferred way...
[23:14:06] <adaptr> bigtone: that will queue all mail
[23:14:14] <adaptr> bigtone: with no way to get them unqueued again
[23:14:30] <adaptr> better use an access map
[23:14:36] <adaptr> and wildcard everything to HOLD
[23:14:49] <adaptr> at least that's proper procedure
[23:14:53] <bigtone> true, but the advantage of doing this store-before-forward is that if you stuff it up, you can roll back to the existing mail server, without losing anything
[23:15:02] <adaptr> no, you can't
[23:15:14] <adaptr> queued messages already contain the relay
[23:15:17] <adaptr> and you can't change that
[23:15:24] <adaptr> ergo the relay MUST be good
[23:15:31] <bigtone> adaptr: k, I don't know about access maps.  But you can eraccess your mail by just setting the relayhost to point to either the new server (when it's working right) or the old server (if you want to roll back)
[23:15:43] <adaptr> no, you cannot
[23:16:27] <bigtone> hmmm it worked for me.  It failed to deliver them, so it held them in the queue.  When I was ready to roll back, I just reset the relay host and flushed the queue
[23:17:56] <bigtone> but karrotx: don't set relayhost to blank (which you mentionde above) - postfix will then try and resolev the right delivery destination using DNS, which might have undesirable results
[23:18:38] *** bluethundr_ has quit IRC
[23:18:44] <RedShift> some maps have a hold in queue action
[23:19:30] *** aleix has joined #postfix
[23:20:13] <adaptr> yes, I said that, access maps
[23:20:26] <adaptr> and it is not a "hold IN queue" action - it is HOLD - move to the hold queue
[23:21:10] <aleix> i wonder if you can help me solve a problem... after reading the "Per-Client/User/etc. Access Control" manual I still need to go far ahead. What I have is this list that only sasl authenticated users AND members of a group (on an ldap server) should be able to send to... how do i do this?
[23:21:15] <RedShift> adaptr: didn't read all the way back
[23:22:46] <adaptr> aleix: SASL authenticated users can send mail to whomever they please regardless, so nothing needed for them
[23:22:54] <adaptr> as for the LDAP list, use
[23:24:14] <aleix> what... ? :)
[23:24:19] <adaptr> a check_sender_access map AFTER the SASl bit
[23:24:29] <aleix> ok, let me check it!
[23:25:05] <adaptr> in fact, you may want to put it at the very last of your restrictions
[23:26:44] <aleix> wouldn't this be breakable via address spoofin?
[23:27:20] *** havvg has joined #postfix
[23:27:28] *** yacc__ is now known as yacc
[23:27:32] <adaptr> since these are envelope senders, no, not really - you've done spoofing checks earlier
[23:27:45] <adaptr> and you can do sender verification too if you like
[23:29:42] <aleix> mmm... let's see... if a sasl user can send to anyone, then this is not what i'm looking for, right? I need the users to be authenticated and also members of a group... is this what we are doing?
[23:31:37] *** war9407 has quit IRC
[23:31:42] <adaptr> no, you said OR
[23:32:00] <adaptr> oh, wait
[23:32:20] <adaptr> you said AND, but you phrased it so that it actually meant OR
[23:32:25] <aleix> :D
[23:32:28] <aleix> sorry?
[23:32:50] <adaptr> then you want to still put it in afterwards, and do a check_sender_access on those recipients
[23:32:50] <aleix> i've found about avoiding spoofing senders... this is fine now...
[23:34:03] *** BuenGenio has joined #postfix
[23:34:03] <aleix> if a user is authenticated won't the "permit_sasl_auth" avoid further checks?
[23:35:29] <adaptr> in that restriction class, yes - so put that in sender_restrictions, and put the access checkin recipient_restrictions
[23:35:33] <adaptr> they will be checked in turn
[23:35:54] <adaptr> oh, turn of delay_reject too, or they won't be
[23:36:33] <aleix> awesome!
[23:36:46] <aleix> thanks a lot, i'll implement it tomorrow!
[23:36:56] <adaptr> be warned that this will change the way ALL mail is checked for restrictions
[23:37:08] *** hparker has quit IRC
[23:37:30] <aleix> ? :(
[23:37:48] *** hparker has joined #postfix
[23:37:55] <adaptr> !restriction_classes
[23:37:55] <knoba> adaptr: Error: "restriction_classes" is not a valid command.
[23:37:59] <adaptr> dumbass!
[23:38:51] <aleix> oh, i see what you mean, thanks again...
[23:39:54] *** aleix has quit IRC
[23:45:09] *** denis_ has quit IRC
[23:48:55] *** BuenGenio has quit IRC
[23:49:35] *** BuenGenio has joined #postfix
[23:49:38] *** war9407 has joined #postfix
[23:51:05] *** Fallenou has quit IRC
[23:51:40] *** pirho has quit IRC
[23:54:23] *** BuenGenio has quit IRC
[23:55:06] *** BuenGenio has joined #postfix
[23:57:38] *** denis_ has joined #postfix
[23:59:55] *** BuenGenio has quit IRC





top