postfix IRC logs [December 24

[00:00:30] <Dominian> !basic
[00:00:31] <knoba> Dominian: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[00:00:52] <Bullen> cheers
[00:00:59] <Dominian> no problem
[00:03:54] *** binarydud has quit IRC
[00:05:49] *** Azrael_- has joined #postfix
[00:05:50] <Azrael_-> hi
[00:06:34] <Azrael_-> to delete a file from the maildrop-queue is it enough to delete it from the according folder or would be more necessary? (postsuper isn't flexible enough)
[00:08:13] <Dominian> how is postsuper not flexible enough?
[00:08:33] <Azrael_-> postsuper -d {myid} maildrop
[00:08:53] <Dominian> that doesn't explain why it isn't flexible enough
[00:08:59] <Azrael_-> i have 12k ids in a file and dunno how to put them in the according place e.g. using xargs
[00:09:58] *** matt_ has quit IRC
[00:10:01] <Azrael_-> or do i have an option to kill all mails in all queues containing a specific text?
[00:10:17] *** bacaci__ has quit IRC
[00:11:16] <Dominian> man postuper
[00:11:18] <Dominian> er.. postsuper
[00:11:23] <Dominian> seems to detail a way to do something lik ethat
[00:12:49] *** matt_ has joined #postfix
[00:12:57] <Azrael_-> if i had found sth like this in the manpage i wouldn't have asked
[00:13:28] <Azrael_-> got it now
[00:14:18] *** XPCFan has quit IRC
[00:14:25] *** wdp has quit IRC
[00:24:55] <Azrael_-> how can i put a limit onto a user how many mails he is allowed to send per hour?
[00:31:31] <jduggan> sounds like a job for super man
[00:31:32] *** deadpigeon has quit IRC
[00:31:46] <jduggan> failing that, a policy daemon
[00:31:53] <jduggan> www.policyd.org can do exactly that
[00:31:54] <jduggan> =]
[00:33:42] *** jangell has joined #postfix
[00:34:17] *** jeffspeff is now known as jeffspeff[A]
[00:34:17] * jeffspeff[A] is now away - Reason : Auto-Away after 30 minutes
[00:34:45] *** jangell has quit IRC
[00:41:34] <Azrael_-> thx, will take a look
[00:46:43] *** jra has left #postfix
[01:11:55] *** Techdeck has quit IRC
[01:12:10] *** non-sequitir has joined #postfix
[01:22:28] *** Vince42 has joined #postfix
[01:22:56] *** muh2000 has quit IRC
[01:28:29] *** flaccid has joined #postfix
[01:28:47] <flaccid> hi guys im having trouble finding a simple answer on where to configure a local relay domain
[01:32:19] <rob0> What IS a "local relay domain"?
[01:34:01] <flaccid> well i found it rob0 mynetworks param
[01:34:22] <flaccid> i set it to subnet and im all good now
[01:35:17] *** BuenGenio has joined #postfix
[01:36:06] *** F6F has quit IRC
[01:40:21] *** BuenGenio has quit IRC
[01:40:37] *** BuenGenio has joined #postfix
[01:50:33] *** BuenGenio has quit IRC
[01:51:01] *** BuenGenio has joined #postfix
[01:54:50] *** BuenGenio has quit IRC
[01:55:02] <elventails> hi -
[01:55:11] <elventails> i'm having trouble with the workaround isp mail setup on debian
[01:55:27] <elventails> when I'm doing a telnet localhost smtp to test authenticated smtp
[01:55:42] <elventails> I get a "Encryption required for requested authentication mechanism"
[01:55:54] <elventails> can anyone tell me what it means?
[01:56:11] <elventails> afaik I've enabled tls in postfix
[01:56:11] *** flaccid has left #postfix
[01:56:42] <elventails> and generated the certificate file for it..
[01:57:18] <rob0> You seem to have done that, indeed. But telnet(1) is not SSL-capable.
[01:57:58] <elventails> rob0: I'm pretty sure I set this up on another machine - and it returned correctly...
[01:58:03] <lennard> openssl is, thouch
[01:58:07] <lennard> though*
[01:58:16] <rob0> !openssl
[01:58:16] <knoba> rob0: Error: "openssl" is not a valid command.
[01:58:22] <rob0> !s_client
[01:58:23] <knoba> rob0: Error: "s_client" is not a valid command.
[01:58:29] *** havvg has quit IRC
[01:58:39] <rob0> See those two ^^ man pages.
[01:58:41] <lennard> openssl -starttls smtp -connect localhost:smtp
[01:58:51] <lennard> whoops, now I said it all :P
[01:59:03] <rob0> no, you left out s_client
[01:59:09] <lennard> oh
[01:59:14] <lennard> I did, didn't I
[01:59:25] <lennard> I get to blame it on 4 pints of guinness
[01:59:40] <rob0> Or better yet, just use a regular MUA like thunderbird to test.
[01:59:56] <lennard> true
[02:00:17] <lennard> if that doesn't work, openssl, if that doesn't work, testsaslauththingy
[02:00:45] <rob0> No, Signum's howto now uses Dovecot SASL.
[02:01:37] <lennard> oh
[02:01:41] <elventails> rob0: could you tell me why you think it doesn't work?
[02:01:41] <lennard> silly
[02:01:52] <elventails> or how to debug it?
[02:02:06] <lennard> ooh ooh I know!
[02:02:07] <elventails> I'm pretty sure it worked previously on another similar setup
[02:02:10] <lennard> checking the logs :P
[02:02:14] <elventails> and I did use telnet..
[02:05:48] *** githogori has quit IRC
[02:06:54] <rob0> You disregarded what I already told you.
[02:07:14] <elventails> rob0: that telnet is not SSL capable?
[02:07:30] <elventails> in that case - how can I test it?
[02:07:40] <rob0> answered!
[02:10:26] *** war9407 has quit IRC
[02:20:55] *** ming_zym has joined #postfix
[02:27:00] *** xpeed has joined #postfix
[02:32:07] *** r3r3 has joined #postfix
[02:39:13] *** r33 has quit IRC
[02:40:53] *** _Driver_ has quit IRC
[02:40:54] *** growltiger has quit IRC
[02:41:10] *** growltiger has joined #postfix
[02:41:13] *** _Driver_ has joined #postfix
[03:11:28] *** keropok has quit IRC
[03:19:54] *** non-sequitir has quit IRC
[03:28:44] <Bullen> I have a quick question, if I want to set up my mail server to use a domain, do I have to set up some special DNS record or is a simple A record pointing to my (dedicated) IP suffice?
[03:29:18] *** XPCFan has joined #postfix
[03:29:33] <xpeed> a MX Record have to be set.
[03:30:04] <xpeed> and a PTR Reverse Resolution record have to be set too
[03:30:20] <xpeed> just for avoid future problems.
[03:30:37] <Bullen> ok
[03:31:03] <Bullen> what's an MX record and PTR Reverse Resolution?
[03:31:09] <xpeed> it is "seted" or "set" the past participe of the verb "set" ?
[03:31:14] <xpeed> sorry my grammar xD
[03:31:15] <Bullen> set
[03:31:18] <xpeed> oks
[03:31:20] <xpeed> ty
[03:31:20] <Bullen> no worries mate :)
[03:32:03] <Bullen> i'm gonna have a look at my registrar/dns and see if i can get that set up :)
[03:32:07] <xpeed> try searching a little bit about that first =P
[03:32:14] *** m1n3s6 has joined #postfix
[03:32:24] <Bullen> but what's PTR Reverse Resolution and what's it do?
[03:33:00] <xpeed> it is the reverse resolution wich autenticate that your ip is pointing to your domain
[03:33:11] <xpeed> like your domain point to that IP
[03:33:19] <Bullen> ok
[03:33:24] <Bullen> How do i set it up?
[03:33:45] <xpeed> it depends on many things
[03:34:03] <xpeed> are you buying a DNS Servide Resolution?
[03:34:15] <xpeed> are you using a Free DNS Server?
[03:34:22] <Bullen> i'm using namecheap
[03:34:30] <Bullen> so, the one i get with the domains i purchase
[03:34:35] <xpeed> you have to call your ISP Company to request a PTR Rec
[03:34:39] <Bullen> this is what it says
[03:34:44] <xpeed> for your DSL Channel
[03:34:44] <Bullen> ok
[03:34:59] <Bullen> "User (Mail Server's Host Name Required)
[03:34:59] <Bullen>       [Textboxes to enter MX values will appear after you click the Save Changes button] "
[03:35:08] <Bullen> "User Simplified (One Mail Server IP Address Required)
[03:35:08] <Bullen>       [Textboxes to enter MXE values will appear after you click the Save Changes button] "
[03:36:01] <Bullen> i'm on VPS, so i have to contact them to get that set up?
[03:36:24] <Bullen> what problem does it solve? this reverse resoltuion business? :D
[03:37:49] <xpeed> Spam problem
[03:38:05] <xpeed> i mean. without it, you can get a half functional MTA
[03:38:15] <xpeed> but, a lot  of mail servers will reject your mails
[03:39:09] <Bullen> ok
[03:39:20] <Bullen> so i have to contact my VPS provider to have that set up?
[03:40:59] <xpeed> yes.
[03:41:48] <xpeed> in most cases it is the way, but there are some providers who doesn't provide PTR recs, so only solution is change de ISP
[03:42:19] <xpeed> but, i think if you purshase a DNS record , then in it you can get a rDNS rec too
[03:42:26] <xpeed> but never tested it
[03:42:39] <Bullen> ok
[03:43:19] <Bullen> soo, if i can't get that fixed, what would you propose? All i really want to do is to be able to send and recieve email from a domain that i own
[03:43:54] <growltiger> what vps provider?
[03:44:01] <Bullen> cheapvps.co.uk
[03:44:16] <Bullen> a2b2 i think owns it
[03:44:49] <Bullen> eh, vaserve apparently
[03:45:04] <growltiger> linode is a much better deal
[03:45:16] <growltiger> and they let you setup ptr
[03:45:21] <Bullen> well, too late by now :)
[03:45:57] *** CAiRO_ has quit IRC
[03:46:14] *** CAiRO_ has joined #postfix
[03:48:35] *** bancale has quit IRC
[03:48:58] *** bancale has joined #postfix
[03:49:59] <Bullen> but if i run my own DNS server on the VPS i can use this Reverse Resolution service?
[03:50:01] <Bullen> on that dns?
[03:54:23] *** Zeit|awy_ has joined #postfix
[03:56:25] <sahil> linode sucks.
[03:56:35] <sahil> m5hosting, johncompanies... those are legit guys.
[03:57:30] *** Steve[cug] has quit IRC
[03:58:19] *** jangell has joined #postfix
[03:59:18] *** m1n3s6 has quit IRC
[04:00:20] *** Zeit|awy has quit IRC
[04:01:54] <growltiger> linode DOES NOT suck
[04:02:01] <Bullen> asdf
[04:02:02] <sahil> indeed, it _does_ suck.
[04:02:04] <Bullen> i like apples
[04:02:09] <Bullen> oranges SUCK
[04:02:12] <sahil> Bullen: pears.
[04:02:41] <growltiger> i've had zero downtime in over 2 years
[04:02:50] <Bullen> apples are green
[04:02:51] <growltiger> not one minute
[04:03:28] <sahil> downtime is not the sole reason for suckiness of a given hosting provider; ergo, lack of downtime does not define a good vps provider.
[04:03:31] <sahil> booyaka!
[04:03:48] <Bullen> unless you're selling apples, think about the revenue loss!!
[04:03:49] <sahil> sorry, you won't get your referrral for signing someone up.
[04:04:16] * sahil -> out
[04:04:17] <sahil> enjoy, kids.
[04:04:49] <growltiger> linode has done nothing but improve services over time with no additional cost
[04:11:11] *** jangell has quit IRC
[04:13:09] <rob0> If a VPS won't give you a PTR, they're not competitive. It's not like something like that costs them extra, and it sure can cost them a lot of business.
[04:13:48] <rob0> Definitely inquire and complain if they say no.
[04:14:12] <rob0> I bet they do give you a PTR, but you didn't know to ask.
[04:15:33] *** dfack has joined #postfix
[04:17:31] <dfack> PTR record is the reverse resolution for the domain name?
[04:17:32] *** Azrael_- has quit IRC
[04:17:45] *** Azrael_- has joined #postfix
[04:19:11] <growltiger> for the ip
[04:20:59] <dfack> and the IP have to point back to the domain name necesarily?
[04:21:35] *** yajith has joined #postfix
[04:21:38] *** yajith has left #postfix
[04:21:43] *** yajith has joined #postfix
[04:22:47] <growltiger> oui
[04:24:02] <dfack> is that a yes?
[04:24:15] <rob0> !fcrdns
[04:24:16] <knoba> rob0: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : $myhostname should resolve to your IP address, which in turn should resolve to $myhostname. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost .
[04:24:18] <growltiger> si
[04:24:29] *** mavrick61 has quit IRC
[04:25:37] *** mavrick61 has joined #postfix
[04:29:58] <Bullen> !relayhost
[04:29:59] <knoba> Bullen: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination. If your relay host requires authentication see the !saslclient channel factoid.
[04:30:51] <Bullen> AAAA records are same as A records but for ipv6?
[04:32:23] <Bullen> btw, also, if i want tsl/ssl support for postfix, do i need an extra IP for my server?
[04:33:09] *** XPCFan has quit IRC
[04:35:09] *** Haris has quit IRC
[04:35:13] *** Haris_ has joined #postfix
[04:49:07] *** sed_ has quit IRC
[04:55:31] *** jra has joined #postfix
[04:55:46] *** jra has left #postfix
[04:58:20] *** hark has quit IRC
[04:59:25] <sahil> Bullen: no.
[04:59:34] *** jeffspeff[A] is now known as jeffspeff
[04:59:34] * jeffspeff is no longer away : Gone for 4 hours 55 minutes 17 seconds
[05:00:41] <Bullen> ok, good! :)
[05:00:43] <Bullen> thanks
[05:05:38] *** Dreamr_3 has left #postfix
[05:17:18] *** saurabhb has joined #postfix
[05:20:14] *** XPCFan has joined #postfix
[05:20:14] *** Nockian has joined #postfix
[05:29:38] *** jeffspeff is now known as jeffspeff[A]
[05:29:38] * jeffspeff[A] is now away - Reason : Auto-Away after 30 minutes
[05:29:39] *** Nockian has quit IRC
[05:41:51] *** Motoko-chan has joined #postfix
[05:43:59] *** Knoedel2 has quit IRC
[05:51:08] *** Nockian has joined #postfix
[05:54:38] *** jeffspeff[A] has quit IRC
[06:07:14] *** growltiger_ has joined #postfix
[06:10:41] *** Haris1 has joined #postfix
[06:22:42] *** chadmaynard has joined #postfix
[06:29:23] *** spiderbatdad has joined #postfix
[06:31:57] *** spiderbatdad has left #postfix
[06:32:25] *** growltiger_ has quit IRC
[06:32:31] *** growltiger has joined #postfix
[06:34:05] *** githogori has joined #postfix
[06:36:43] <dfack> sombody can please explain to me what is a PTR Record and why it have to be requested to de ISP Company and not to be configured at DNS Server?
[06:37:28] <dfack> i've read many pappers about, but with a DNS Server i always have set reverse resolution
[06:37:41] <growltiger> he who controls the ip address range is he who controls the delegation of ptr records for said ips
[06:38:05] <dfack> but. all ptrs that i have been tested like reverse resolution for gmail etc etc
[06:38:36] <dfack> is resolved by a DNS server isn't it?
[06:38:38] <growltiger> they own their own ip blocks, so yes, they can do their own forward and reverse
[06:38:58] <dfack> PTR != Reverse DNS resolution?
[06:39:12] <dfack> domain --> IP ;   IP --> Domain?
[06:39:31] <growltiger> !fcrdns
[06:39:31] <knoba> growltiger: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : $myhostname should resolve to your IP address, which in turn should resolve to $myhostname. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost .
[06:39:46] <dfack> already read.
[06:39:52] <growltiger> read again
[06:40:00] <dfack> i read twice T_T
[06:40:15] <dfack> i just, confused
[06:41:05] <dfack> look i tell you about DNS stuff because at local DNS servers Bind or Win2003 Servers, PTR Point is just a reverse resolution rec set at the DNS server
[06:41:10] <dfack> ant it works
[06:41:12] <dfack> and*
[06:41:26] <dfack> but at WAN level must be different isn't it?
[06:42:45] <growltiger> if you dont have delegation of the ips you want to have ptr records for, you have to ask for it
[06:43:02] <growltiger> then yes, you can setup rev zones in your dns
[06:43:47] <dfack> but they are complete different to a PTR rec
[06:43:49] <dfack> ?
[06:45:28] <dfack> First a reverse DNS lookup is done to get a list of PTR records
[06:45:40] *** growltiger has quit IRC
[06:45:43] *** growltiger has joined #postfix
[06:45:44] <Motoko-chan> Note that many resolvers can't handle more than one PTR.
[06:46:07] <dfack> growltiger, tell me something, at your mail Systems, your ISP is the one who make the DNS Translation for your domain?
[06:46:25] <growltiger> no, we own several class c ranges
[06:46:41] <dfack> i have a medium mail server
[06:46:47] <dfack> 150 acounts
[06:47:03] <dfack> but, my ISP do not provide PTR servide
[06:47:04] <dfack> service
[06:47:05] <dfack> and
[06:47:28] <Motoko-chan> Whoever handles the reverse map for the IP needs to set up the PTR. If that is you, then you do it, if not, contact who does.
[06:47:32] <growltiger> then you are going to need to use a relayhost or find a different host
[06:47:41] <dfack> other two aditional ISPs who have service at the zone of the building where de DSL Channel is neither offer that service
[06:48:10] <Motoko-chan> dfack, you'll need to do as growltiger wrote.
[06:48:28] <Dominian> Who owns the IP?
[06:48:30] <dfack> ok, i was reading about to solve it but
[06:48:31] <Motoko-chan> Most business-class connections should come with static IPs and the ability to get a PTR set.
[06:48:39] <dfack> Dominian, a ISP
[06:48:59] <Dominian> Your ISP?
[06:49:29] <Motoko-chan> If you are on a residential connection, why the heck are you trying to run your own services?
[06:49:32] <dfack> if i buy a DNS Service for a Record, that DNS could have a Reverse DNS service who translate IP --- > Domain (like a LAN DNS server does)
[06:49:36] <dfack> it could work?
[06:49:40] <dfack> Dominian, yes
[06:49:43] <Motoko-chan> dfack, no.
[06:49:48] <Dominian> dfack: then your ISP needs to configured the PTR
[06:49:53] <Motoko-chan> Whoever is delegated for the IP must set it.
[06:50:06] <Dominian> 160.240.23.216.in-addr.arpa domain name pointer noobfarm.org.
[06:50:11] <Dominian> that's a PTR record
[06:50:12] <Motoko-chan> If that is your provider, then it can only be your provider.
[06:50:24] <dfack> i know, it is just a REVERSE DNS query
[06:50:25] <Dominian> and I don't control that.. my provider does
[06:50:32] <dfack> like any DNS server could do
[06:50:36] <Dominian> dfack: right.. and whoever OWNS that IP has to create the PTR
[06:50:39] <Dominian> dfack: wrong
[06:50:46] *** sed has joined #PostFix
[06:50:47] <dfack> um
[06:50:51] <Dominian> Unless they've delegated the PTR to your DNS server.. then they have to set it for you
[06:51:06] <Dominian> and if you hav eno idea what we are talking about.. pay a consultant.. you're going to break someting.
[06:51:10] <rob0> How is the world going to know who to ask, if not the owner of the netblock?
[06:52:16] <rob0> Sounds like your company is big enough to fuss to the ISP about rDNS. If they don't do it for you, find a better ISP.
[06:52:32] <dfack> ok letme see if ive understand, the Owner of my IP is the only one who can request a PTR for it in the Main DNS Servers at internet is that correct?
[06:52:52] <dfack> all ISPs around do not provide that service
[06:53:12] <f3ew> dfack, then restrict your choice of providers to the ones who do
[06:53:15] <Dominian> They should if they are seling you static IPs
[06:53:21] <Motoko-chan> Um, no main internet servers. If they own the IP they likely control the RDNS themselves.
[06:53:24] <Dominian> and allow you to run mail services
[06:53:38] <dfack> so i'm very fucked up xD, i'll pay a hosting or use a relayhost
[06:53:53] <rob0> any respectable business-class ISP should do rDNS for you, even for a single static IP.
[06:53:59] * Motoko-chan nods
[06:54:11] <Motoko-chan> If you are on residential-class service, you likely won't get the time of day.
[06:54:34] <rob0> unless it's near quitting time when you call ;)
[06:54:34] <growltiger> they are already doing rdns, just not pointing to your hostname
[06:54:44] <growltiger> so, it should not be a big deal for them
[06:54:56] <growltiger> if it is, tell them you are going elsewhere
[06:55:05] <sed> is virtual_alias_maps the place for the virtusertable from sendmail.. (for the most part)?
[06:55:18] <dfack> Host 149.194.189.170.in-addr.arpa. not found: 3(NXDOMAIN)
[06:55:35] <growltiger> ok, well maybe they arent...
[06:55:40] <rob0> Since I don't precisely know what virtusertable is, I can't say.
[06:55:45] <rob0> !virtual
[06:55:45] <knoba> rob0: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[06:55:50] <rob0> !virtual_alias_maps
[06:55:51] <knoba> rob0: "virtual_alias_maps" : a configuration parameter in the main.cf: Optional lookup tables that alias specific mail addresses or domains to other local or remote address. The table format and lookups are documented in virtual(5).
[06:56:17] <dfack> ok, thank you guys
[06:56:30] <rob0> 189.170.in-addr.arpa.   3600    IN      NS      ns1.oxy.com.
[06:56:48] <rob0> 2 NS hosts for the whole /16
[06:56:49] <dfack> i'll will try to solve this thing
[06:56:57] <dfack> that is not my server
[06:57:00] <Motoko-chan> You'd need to contact whoever runs oxy.com's DNS servers.
[06:57:01] <dfack> was just an example
[06:57:16] <Motoko-chan> They maintain the RDNS for that.
[06:57:22] <dfack> Host 62.164.96.190.in-addr.arpa. not found: 3(NXDOMAIN)
[06:57:25] <dfack> thats the one
[06:57:57] <Motoko-chan> Looks like you'd want to contact TELEBUCARAMANGA S.A. E.S.P.
[06:58:07] <dfack> already did
[06:58:10] <growltiger> telechupacabra?
[06:58:15] <dfack> haha
[06:59:19] <rob0> Didn't we have this same discussion about a week ago?
[06:59:54] * Motoko-chan doesn't recall it
[07:07:15] *** dfack has quit IRC
[07:13:09] *** XPCFan has quit IRC
[07:13:45] *** chadmaynard has quit IRC
[07:25:12] *** VaNNi has quit IRC
[07:27:53] *** zenspider has joined #postfix
[07:29:35] *** xpeed has quit IRC
[07:30:34] <zenspider> that "On using IRC" link 404's
[07:34:03] <zenspider> so I had a server go down hard and come up with a messy fsck. mailman's config was affected. I fixed that by backups. But now all the mail I'm sending to the list has 52 recipients (including myself) that are not getting mail because the recip list is too big... my mail config has been untouched for years and years, and nothing else in mailman seems to be different than the backup. anyone have a clue?
[07:34:07] <f3ew> Poke Signum
[07:49:08] *** Haris________ has joined #postfix
[08:08:03] *** kuja has left #postfix
[08:08:55] *** Haris_ has quit IRC
[08:10:37] *** zenspider has left #postfix
[08:17:07] *** xpoint has joined #postfix
[08:17:23] *** Haris_ has joined #postfix
[08:17:24] *** Haris________ has quit IRC
[08:17:35] *** growltiger_ has joined #postfix
[08:17:40] *** growltiger has quit IRC
[08:20:46] *** lunaphyte_ has quit IRC
[08:21:21] <yajith> hi all..
[08:22:10] <yajith> how can i put a custom error message when rejecting mails with the rbl lookups ?
[08:30:58] <yajith> default_rbl_reply and rbl_reply_maps seems like a correct option..but not sure how to use them..
[08:31:00] *** Haris________ has joined #postfix
[08:39:43] *** jeffspeff has joined #postfix
[08:41:28] <harlan> default_rbl_reply?
[08:41:45] <harlan> Hmmm, I was hoping the bot would notice that...
[08:42:24] <harlan> yajith: see main.cf.default
[08:43:34] <yajith> harlan: thanks..tried default_rbl_reply n its working..
[08:43:36] *** growltiger_ has quit IRC
[08:43:43] *** growltiger has joined #postfix
[08:45:11] *** jeffspeff has quit IRC
[08:50:16] *** Haris_ has quit IRC
[09:02:49] *** recon1025 has quit IRC
[09:03:05] *** recon1025 has joined #postfix
[09:09:10] *** Aleons has quit IRC
[09:11:50] *** growltiger has quit IRC
[09:12:14] *** growltiger has joined #postfix
[09:17:57] *** Haris_ has joined #postfix
[09:17:58] *** Haris________ has quit IRC
[09:18:13] *** samix has joined #postfix
[09:40:45] *** Motoko-chan has quit IRC
[09:45:16] *** CAiRO_ has left #postfix
[09:59:41] *** war9407 has joined #postfix
[10:03:42] *** growltiger_ has joined #postfix
[10:03:53] *** growltiger has quit IRC
[10:06:00] *** Zblakany has joined #postfix
[10:09:49] *** pitakill has quit IRC
[10:17:29] *** F6F has joined #postfix
[10:25:22] *** Trengo has joined #postfix
[10:38:19] *** growltiger_ has quit IRC
[10:38:34] *** growltiger has joined #postfix
[10:49:31] *** dactor has joined #postfix
[10:50:48] <dactor> Hello, how can I block any ip that attempts unsuccessfully - lets say 5 times - to log into the mail server to send mail? thanks
[10:54:32] *** neXyon has joined #postfix
[10:54:38] <neXyon> greetings
[10:54:52] <dactor> hi
[10:55:26] *** XPCFan has joined #postfix
[11:03:20] *** dactor has quit IRC
[11:14:52] *** XPCFan has quit IRC
[11:15:22] *** XPCFan has joined #postfix
[11:17:36] *** muh2000 has joined #postfix
[11:17:46] <muh2000> hi
[11:27:07] *** burhan has joined #postfix
[11:27:21] <burhan> is there a way to have postfix send email out on a different IP?
[11:27:34] <burhan> can't seem to locate this information in the wikis
[11:27:50] *** bancale has quit IRC
[11:28:13] *** brancaleone has joined #postfix
[11:33:22] <stockholm> burhan: you can specify a smtp_bind_address = 78.31.8.133
[11:33:37] <stockholm> burhan: that will send out mail on that ip
[11:35:40] *** growltiger has quit IRC
[11:35:43] *** growltiger_ has joined #postfix
[11:46:16] *** wdp has joined #postfix
[11:51:23] *** pirho has joined #postfix
[11:58:05] *** sed has quit IRC
[11:58:08] *** sed has joined #PostFix
[11:58:19] *** sed is now known as Guest61190
[11:58:27] *** Filbert has quit IRC
[12:05:13] *** wdp_ has joined #postfix
[12:07:55] *** wdp has quit IRC
[12:14:27] *** jense has joined #postfix
[12:21:10] *** ming_zym has quit IRC
[12:26:17] *** Macjust has joined #postfix
[12:27:14] *** yajith has left #postfix
[12:30:57] *** CAiRO_ has joined #postfix
[12:31:02] *** wdp_ has quit IRC
[12:31:06] <CAiRO_> hi
[12:31:15] *** wdp has joined #postfix
[12:31:38] <CAiRO_> ive been using a foreign backup mail server in the past but now i found that its a bad idea to use a backup mail server i do not control
[12:31:58] <CAiRO_> unfortunately i cannot remember where ive configured postfix to accept mail from it
[12:32:37] <CAiRO_> what would be a possible place? it seems to skip all rbl checks when mail is sent by the backup mail server
[12:36:58] *** cpm has joined #postfix
[12:41:36] *** cpm has quit IRC
[12:41:39] *** cpm_ has joined #postfix
[12:41:55] *** cpm_ has quit IRC
[12:48:45] <f3ew> what's before the DNSBL checks in smtpd_recipient_restrictions?
[12:51:27] *** growltiger has joined #postfix
[12:52:45] *** growltiger_ has quit IRC
[12:53:33] *** cpm has joined #postfix
[12:54:37] <CAiRO_> smtpd_recipient_restrictions =
[12:54:37] <CAiRO_>             reject_invalid_hostname,
[12:54:37] <CAiRO_>             reject_non_fqdn_sender,
[12:54:37] <CAiRO_>             reject_non_fqdn_recipient,
[12:54:37] <CAiRO_>             reject_unknown_sender_domain,
[12:54:38] <CAiRO_>             reject_unknown_recipient_domain,
[12:54:40] <CAiRO_>             permit_mynetworks,
[12:54:42] <CAiRO_>             permit_sasl_authenticated,
[12:54:46] <CAiRO_>             reject_unauth_destination,
[12:54:48] <CAiRO_>             reject_non_fqdn_hostname,
[12:54:50] <CAiRO_>             reject_rbl_client cbl.abuseat.org,
[12:54:52] <CAiRO_>             reject_rbl_client bl.spamcop.net,
[12:54:54] <CAiRO_>             reject_rbl_client list.dsbl.org,
[12:54:56] <CAiRO_>             reject_rbl_client dul.dnsbl.sorbs.net,
[12:54:58] <CAiRO_>             permit
[12:55:00] <CAiRO_> thats what i currently have
[12:55:08] <pingouin> why dont you use a pastebin instead ?
[12:55:11] <cpm> please don't flood
[12:55:14] <cpm> use a pastebin
[12:55:17] <cpm> read topic
[12:55:41] <CAiRO_> well, xchat didnt display the pastebin part of the topic
[12:55:51] *** plee has quit IRC
[12:56:06] <CAiRO_> sorry for that
[12:56:23] <cpm> it would have had you followed the link in the topic http://workaround.org/moin/GettingHelpOnIrc
[12:56:31] <pingouin> keep this one : http://pastebin.com/
[12:56:58] <cpm> CAiRO_, move your permits to the top, order matters, first match wins
[12:57:06] <Macjust> How can i reject a mail of a host *.hinet.net ?
[12:57:26] <cpm> !cheatsheet
[12:57:27] <knoba> cpm: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[12:57:34] <cpm> Macjust, ^^^
[12:58:07] <CAiRO_> cpm: but that would allow my clients to send mails to non_fqdn domains etc.
[12:58:35] *** XPCFan has quit IRC
[12:59:00] <CAiRO_> maybe i should move the permit_mynetworks to top.. but which mails could reject_invalid_hostname possibly reject that would get accepted by my_networks?
[12:59:09] *** XPCFan has joined #postfix
[12:59:17] <Macjust> thanks you cpm
[13:01:27] <Macjust> Can i known the version of postfix
[13:03:44] *** burhan has quit IRC
[13:04:57] <f3ew> postconf mail_version
[13:05:12] <Macjust> thanks you
[13:07:17] <cpm> CAiRO_, umm, no.
[13:07:24] *** Filbert has joined #postfix
[13:10:12] <cpm> CAiRO_, again, move the permits to the top, in the order you want permits to occur.
[13:28:38] *** neXyon has quit IRC
[13:30:05] *** Southron has joined #Postfix
[13:32:15] *** growltiger has quit IRC
[13:32:19] *** growltiger has joined #postfix
[13:34:59] *** saurabhb has quit IRC
[13:35:10] *** saurabhb has joined #postfix
[13:36:04] *** Knoedel2 has joined #postfix
[13:52:49] *** XPCFan has quit IRC
[13:52:50] *** bigbor has quit IRC
[13:53:43] *** madrescher has joined #postfix
[14:03:50] *** growltiger_ has joined #postfix
[14:03:56] *** growltiger has quit IRC
[14:30:54] <CAiRO_> cpm: i can only do that if i understand what you mean and right now, i dont get it.. thus, again my question: which legit email wouldnt get past those initial reject rules? why would i need to put the permit rules to the top? only non legit email gets filtered by the top rejects
[14:38:10] *** Haris1 has quit IRC
[14:52:03] *** saurabhb has quit IRC
[14:59:33] <xpoint> cpm can cheatsheet be converted to postfwd.cf ?, most of cheatsheet is imho unneeded to use postfix internal restrctions
[14:59:56] <f3ew> xpoint, Ask Jim Seymour
[15:01:22] <xpoint> http://gate.junc.org/postfwd.conf my gift to postfix users that olso use postfwd
[15:08:55] *** pirho has quit IRC
[15:11:28] *** pirho has joined #postfix
[15:16:21] *** XPCFan has joined #postfix
[15:21:13] *** Zblakany_ has joined #postfix
[15:35:15] <jense> thanks xpoint :)
[15:35:56] <xpoint> np
[15:36:54] <xpoint> if you use something in it send me patches / chokolate to me at junc dot org
[15:37:37] <xpoint> i would like to make the rule of reject sender equal recipient
[15:38:01] *** Zblakany has quit IRC
[15:39:12] <jense> I am using postfwd for a few weeks now and need to improve my config. yours show me some new black and whitelists and you have better dynamic checks :)
[15:40:09] <xpoint> oh
[15:41:48] <jense> http://github.com/jensk/mailserver/tree/master/postfwd/postfwd.cf
[15:42:01] <jense> thats my, it works "okay"
[15:53:25] *** madrescher has quit IRC
[15:55:29] *** whistler_tr has joined #postfix
[15:56:32] *** neXyon has joined #postfix
[15:57:00] <xpoint> jense, Rule  15: id->"EQUAL_001"; action->"REJECT sender equal to recipient"
[15:57:00] <xpoint> 	  sender->"==;recipient"
[15:57:00] <xpoint>  < test it
[15:57:10] <neXyon> greetings
[16:00:00] <xpoint> jense, from the docs it should work olso
[16:07:06] <jense> xpoint, I am not sure about if that rule would block some legitimate mail
[16:09:38] <xpoint> test should show me
[16:10:20] *** samix has quit IRC
[16:10:55] <xpoint> ah nice tips is that grep RULES in logs shows what can be made ruoles about olso
[16:12:19] <xpoint> jense, i test after whitelist so it still safe i belive
[16:12:32] <neXyon> I've tried to set up: http://en.gentoo-wiki.com/wiki/Mail_server_using_Postfix_and_Dovecot but I get errors in the mail.log file
[16:12:52] <jense> xpoint, true :)
[16:13:20] * xpoint using gentoo and postfix / dovecot
[16:13:42] <neXyon> Dec 24 16:16:33 radon postfix/pipe[4605]: 2C5032BEE4: to=<postmaster@domain>, relay=dovecot, delay=0.02, delays=0.01/0/0/0.01, dsn=5.3.5, status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot/dovecot.conf) failed: Permission denied )
[16:14:19] <xpoint> mens that dovecot user cant read dovecot.conf
[16:14:35] <neXyon> but with which user does it try to read it?
[16:14:41] *** pirho has quit IRC
[16:14:56] <xpoint> dovecot need read access to dovecot.conf
[16:15:13] <neXyon> but with which user?
[16:15:22] *** Bulten has joined #postfix
[16:15:25] <xpoint> id dovecot
[16:15:27] *** deadpigeon has joined #postfix
[16:15:49] <xpoint> neXyon, dovecot is a user
[16:16:04] *** XPCFan has quit IRC
[16:16:14] <xpoint> your dovecot.conf is owned by root ?
[16:16:21] <neXyon> the dovecot user is only for the login process
[16:16:38] *** XPCFan has joined #postfix
[16:17:26] <neXyon> ah, the mail user...
[16:17:51] <xpoint> dovecot -n
[16:17:57] <xpoint> works ?
[16:18:33] <neXyon> yes
[16:19:45] <xpoint> super
[16:26:43] *** Bullen has quit IRC
[16:30:18] *** mod_cure has joined #postfix
[16:30:47] <mod_cure> how does one configure postfix to listen on ssl port ?  curently its port 25, i want to enable ssl to listen on anotehr port
[16:30:49] *** muh2000 has quit IRC
[16:33:35] <Dominian> !basic
[16:33:36] <knoba> Dominian: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[16:34:14] *** Macjust has left #postfix
[16:34:31] <mod_cure> some isp block port 25
[16:34:43] <mod_cure> is there a way to postfix to use 2 ports ?
[16:34:55] <Dominian> uhh yeah
[16:35:00] <Dominian> I have all kinds of ports open
[16:35:08] *** VaNNi has joined #postfix
[16:35:16] <mod_cure> meaning can i have postfix listen on 25 and other port ?
[16:35:23] <Dominian> yes
[16:35:45] <mod_cure> comast isp blocks port 25
[16:35:56] <mod_cure> they said this: Port 587 uses authentication and is an industry-recommended alternative to port 25.
[16:36:05] <Dominian> !sasl
[16:36:06] <knoba> Dominian: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[16:41:48] *** tobias- has quit IRC
[16:42:01] <f3ew> mod_cure See submission in master.cf
[16:42:06] *** lunaphyte_ has joined #postfix
[16:42:14] <mod_cure> ok
[16:45:43] <mod_cure> maybe i should another port besides 25 for sending  OR open up another additional port for sending
[16:46:13] *** seekwill has joined #postfix
[16:47:07] <mod_cure> can i configure postfix to use another port also ?
[16:54:31] <Dominian> I'm pretty sure comcast or whatever is blocking INCOMING port 25.. not outgoing port 25
[16:55:00] <f3ew> mod_cure you can
[16:55:22] *** tobias- has joined #postfix
[16:55:58] <mod_cure> Dominian, They block outgoing 25
[16:56:02] <mod_cure> f3ew, how
[16:57:12] <neXyon> my next error is: dovecot: Dec 24 16:59:45 Info: auth(default): passwd(postmaster@domain): unknown user
[16:57:27] <f3ew> I would setup a remote host listening on 587, and setup my local server to use relayhost = smtp:ip]:587
[16:57:27] <neXyon> although the user is in the database :(
[16:57:37] * seekwill 's comcast doesn't have blocked outgoing 25
[16:57:50] <f3ew> seekwill, it's regional
[16:57:54] <f3ew> and growing
[16:58:11] <neXyon> xpoint: see my next error :/
[16:58:16] <seekwill> :(
[17:05:39] *** pitakill has joined #postfix
[17:08:34] *** hparker has quit IRC
[17:09:36] *** XPCFan has quit IRC
[17:10:10] *** XPCFan has joined #postfix
[17:18:12] <xpoint> neXyon, postconf -d | grep alias to include the postmaster
[17:18:34] <xpoint> neXyon, ups dovecot is not postfix
[17:19:20] <xpoint> neXyon, the error says dovecot cant see postmaster in the auth tables from sql ?
[17:20:07] <xpoint> it can be solved to make alias before lda
[17:21:29] <xpoint> eg newer make lda to a alias
[17:22:05] *** pitakill has quit IRC
[17:25:59] *** Zblakany_ has quit IRC
[17:31:00] <neXyon> xpoint: it's not an alias problem
[17:31:14] <neXyon> I've created an account named postmaster and the aliases file is right
[17:33:09] *** Fallenou has joined #postfix
[17:33:23] <xpoint> dovecot needs to know the aliases
[17:33:44] <xpoint> but it cat deliver to a alias
[17:33:48] <xpoint> cant
[17:34:25] <xpoint> so postfix need to do postmaster@domain mailbox@domain
[17:36:17] <xpoint> if you have postmaster@domain then remove postmaster in aliases
[17:54:33] *** wdp has quit IRC
[17:58:32] *** wdp has joined #postfix
[17:58:57] *** Lenhix has joined #postfix
[18:12:59] *** wdp has quit IRC
[18:13:17] *** wdp has joined #postfix
[18:14:33] *** hark has joined #postfix
[18:31:03] *** amrit|wrk is now known as amrit|wfh
[18:31:09] * cpm sends all required (postmaster,hostmaster,abuse,etc) for all of his domains to a mailman list, that gets moderated daily. Works really well
[18:31:35] *** lunaphyte__ has joined #postfix
[18:43:45] <neXyon> xpoint: the mailbox is post
[18:43:47] <neXyon> *postfix
[18:44:14] <xpoint> how ?
[18:44:40] <neXyon> I meant I've created a user called postmaster
[18:44:45] <neXyon> not postfix xD
[18:44:50] <xpoint> postfix and dovecot need to agrea on the mailbox part
[18:45:03] <xpoint> 100% in sync
[18:45:10] <neXyon> they use the same database
[18:45:27] <xpoint> else you see that errror with user unknown in dovecot
[18:46:20] *** Vince42 has quit IRC
[18:46:30] <neXyon> but the user exists and the database query in the dovecot configuration also works :/
[18:47:15] <xpoint> postffixadmin setup ?
[18:47:57] *** lunaphyte_ has quit IRC
[18:48:31] <neXyon> what?
[18:48:45] *** growltiger has joined #postfix
[18:48:53] *** growltiger_ has quit IRC
[18:52:00] *** Lenhix has quit IRC
[18:54:41] *** cpm has quit IRC
[18:55:53] <xpoint> neXyon, that guide is basicly wroung bad
[18:56:29] <xpoint> neXyon, newer make catch all domains
[18:57:01] <xpoint> how did you make config.inc.php in postfixadmin ?
[18:57:21] <xpoint> eg can you see role alias in alias ?
[18:59:39] <Guest61190> I was trying to make a catch all using luser_relay = sysadmin   didnt work
[18:59:59] *** Guest61190 is now known as sed_
[19:00:17] <xpoint> if you make postfixadmin add the 4 default alias pr domain, remove them in aliases table should olso be done
[19:02:27] <sed_> how is luser_relay suposed to work?
[19:02:55] <xpoint> neXyon, error i belive you have is that postmaster@domain goes to postmaster
[19:03:22] <xpoint> neXyon, and not in the postfixadmin as postmaster@domain postmaster@domain
[19:03:30] <rob0> !luser_relay
[19:03:30] <knoba> rob0: "luser_relay" : a configuration parameter in the main.cf: Optional catch-all destination for unknown local(8) recipients. By default, mail for unknown recipients in domains that match $mydestination, $inet_interfaces or $proxy_interfaces is returned as undeliverable.
[19:04:03] <rob0> The catchall only works if local_recipient_maps is unset.
[19:04:05] <xpoint> rob0, stop confussing more
[19:04:16] <rob0> huh?
[19:04:45] <rob0> !catchall
[19:04:46] <knoba> rob0: "catchall" : Sending all emails for non-existing users in domain to a special account. See man 5 virtual for the @domain syntax, which applies in virtual_*_maps and relay_recipient_maps. For local(8) delivery, unset local_recipient_maps and see luser_relay. WARNING: catchalls are rarely a good idea. Spammers will abuse them.
[19:04:54] <rob0> note the WARNING
[19:04:58] <sed_> I have all the domains i answer for in virtual_alias_domains is that wrong?
[19:05:06] <rob0> indeed it is wrong
[19:05:19] <sed_> that would be the reason...
[19:09:58] <sed_> moved the domains file to mydestination = /path/to/domains.lit
[19:10:21] *** Southron has left #Postfix
[19:10:57] <sed_> luser still dosent work. it accepts mail for legit users but when I try a non-legit user and legit domin it rejects
[19:14:12] <sed_> Recipient address rejected: User unknown in local recipient table
[19:14:20] <rob0> And I already told you why.
[19:14:46] <rob0> Furthermore I pointed out a WARNING which you should consider. Why do you want a catchall?
[19:15:22] <seekwill> I remember long ago when I thought catchall's were cool
[19:15:39] * rob0 too ... until the first dictionary attack hit
[19:15:48] <seekwill> ouch!
[19:16:24] <rob0> s/the/my/
[19:16:27] <sed_> its how the old sendmail system is set up, guess the owner has not been hit yet
[19:16:49] <seekwill> Time to send a nicely worded email recommendation
[19:16:53] *** cjc has joined #postfix
[19:18:05] <rob0> If the goal is to have dynamic addresses on the fly, recipient_delimiter can do that
[19:19:11] <rob0> recipient_delimiter = . user.tag at example dot com delivers to user at example dot com
[19:19:33] <seekwill> I want to use "recipient_delimiter = e"
[19:19:40] <rob0> :)
[19:20:04] <seekwill> What would happen with multiple delimiters? user.tag.foo at example dot com?
[19:20:18] <rob0> The standard is +, but I have found lots of braindead web programers don't think + can be in email addresses.
[19:21:18] <rob0> I think the first delimiter is the one that counts.
[19:21:45] <seekwill> ah
[19:24:21] <sed_> oic, I disabled local_recipient maps
[19:26:04] <sed_> I have virtual_alias_maps with a list of local users and domains they recive mail to, will thay stop luser_relay?
[19:26:18] <ikaro> do /msg merry-xmas everyone.
[19:27:03] <sed_> do /msg merry-xmas everyone
[19:27:07] <sed_> crap
[19:30:01] <siamba> do /msg merry-xmas channel
[19:35:31] <sysdef> please don't spam!
[19:37:43] <sed_> should the recipiants for the domains I host be in virtual_alias_maps?
[19:39:38] *** pirho has joined #postfix
[19:45:49] *** tanto has left #postfix
[19:47:59] *** growltiger_ has joined #postfix
[19:48:22] *** growltiger has quit IRC
[19:58:32] *** devdas has joined #postfix
[20:14:49] <rob0> You could use virtual_alias_domains, and do the ill-considered catchall[s] in virtual_alias_maps. There are lots of possibilities.
[20:15:32] <rob0> that way, at least you don't have to break local_recipient_maps.
[20:17:25] *** cjc has quit IRC
[20:23:46] *** jtaji has quit IRC
[20:27:45] *** devdas has quit IRC
[20:34:56] *** growltiger_ has quit IRC
[20:35:15] *** growltiger_ has joined #postfix
[20:41:25] *** rehpmag has joined #postfix
[20:57:44] *** growltiger has joined #postfix
[20:57:44] *** growltiger_ has quit IRC
[21:05:20] <sed_> rob0 I did not realize "local_recipient_maps =" had to be there in order to be disabled
[21:05:39] <sed_> luser_relay works now
[21:09:55] *** hparker has joined #postfix
[21:17:29] <rob0> luser_relay = hparker
[21:21:10] <hparker> The secret is out...
[21:30:14] *** BuenGenio has joined #postfix
[21:32:25] *** BuenGenio has quit IRC
[21:32:55] *** BuenGenio has joined #postfix
[21:35:39] *** rimad has quit IRC
[21:42:48] *** BuenGenio has quit IRC
[21:43:14] *** BuenGenio has joined #postfix
[21:47:02] *** ekneuss_ is now known as ekneuss
[21:47:27] *** neXyon has quit IRC
[21:48:06] *** BuenGenio has quit IRC
[21:48:42] *** BuenGenio has joined #postfix
[21:53:36] *** BuenGenio has quit IRC
[21:53:57] *** BuenGenio has joined #postfix
[22:03:48] *** BuenGenio has quit IRC
[22:04:06] *** BuenGenio has joined #postfix
[22:09:38] *** nphase_ has joined #postfix
[22:11:34] *** seekwill has quit IRC
[22:15:13] <xpoint> http://gate.junc.org/postfwd.conf here is my updated postfwd conf rule #15 is nice one :)
[22:17:36] <BuenGenio> evening
[22:18:04] <BuenGenio> sorry about the join/leave flood - over a Sat line, and weather is pretty snowy here
[22:18:57] <BuenGenio> would anyone be able to suggest a good value, (possibly even free) legit SMTP relay, that supports DKIM that I can use as transport for my server?
[22:19:14] *** BuenGenio has quit IRC
[22:19:38] *** BuenGenio has joined #postfix
[22:20:00] <BuenGenio> and even then, I'm told, there's no guarantee mail will get through to Yahoo/Hotmail ...
[22:20:23] <xpoint> BuenGenio, how ?
[22:20:36] <BuenGenio> what how?
[22:20:51] <xpoint> how do you want a server
[22:21:03] <BuenGenio> no, I have a server
[22:21:22] <xpoint> only missing amavisd then ?
[22:21:24] <BuenGenio> but there's a lot of mail that doesn't get delivered to Yahoo, for instance
[22:21:26] <BuenGenio> nope
[22:21:31] <BuenGenio> got Amavis/Clamd
[22:22:05] <xpoint> you are on dynamic ip ?
[22:22:09] <BuenGenio> no
[22:22:21] <BuenGenio> i've gone over the Yahoo MTA guidelines too
[22:22:27] <BuenGenio> the only thing that's missing is DKIM
[22:22:47] <xpoint> dkim is easy in amavisd 2.6.1
[22:23:10] <BuenGenio> the problem is setting up SPF
[22:23:11] <xpoint> with uses Mail::DKIM
[22:23:27] <BuenGenio> the registrar for some reason won't update IN TXT for our domain
[22:23:35] <BuenGenio> at least dig returns an empty TXT...
[22:23:45] <xpoint> every domain on that server need to setup spf on dns
[22:24:16] <BuenGenio> yeh, which is what i'm currently unable to do :(((
[22:24:17] <xpoint> bad dns hoster
[22:24:38] <BuenGenio> don't know really, since I didn't register my client's domain name
[22:24:42] <BuenGenio> it's Enom.com
[22:24:53] <BuenGenio> looks OK...
[22:25:38] <BuenGenio> looks like connection is getting reset again...
[22:25:40] <BuenGenio> fahk
[22:25:52] <BuenGenio> do you copy?
[22:26:01] <xpoint> http://old.openspf.org/wizard.html?mydomain=Enom.com&submit=Go!
[22:26:23] <BuenGenio> no, Enom.com is the registrar! :)))
[22:26:35] <BuenGenio> :)))
[22:26:45] <xpoint> sorry :))
[22:26:58] <BuenGenio> how does this work then?
[22:27:33] <xpoint> give me your domain
[22:27:38] <BuenGenio> steelheadventures.com
[22:28:15] <xpoint> http://old.openspf.org/wizard.html?mydomain=steelheadventures.com
[22:28:21] <xpoint> currently no spf
[22:28:38] <xpoint> but try to follow the wizzard :)
[22:28:57] <BuenGenio> can i paste what i have in my TXT field (accoring to the control panel) here?
[22:29:17] <BuenGenio> it's short anyway: selector1._domainkey IN TXT "k=rsa; t=s; p=MIGfMA.../YQIDAQAB"
[22:29:32] <BuenGenio> this is for @
[22:29:59] <BuenGenio> $ dig steelheadventures.com TXT
[22:29:59] <BuenGenio>  ->
[22:30:03] <BuenGenio> ;steelheadventures.com.         IN      TXT
[22:30:24] <BuenGenio> so, kind of confusing
[22:30:34] <BuenGenio> and it's been 2 days since i updated it...
[22:31:18] <xpoint> if you have this on dns the above wizzard should know it
[22:31:49] <BuenGenio> anyway, it's in the control panel, but not in DNS
[22:31:55] <BuenGenio> (again, according to dig)
[22:31:58] <xpoint> this is not spf
[22:32:11] <xpoint> dont mix dkim with spf
[22:32:24] <BuenGenio> right ok
[22:32:31] <BuenGenio> i'm talking about DKIM + TXT
[22:32:50] <xpoint> so i will stop helping with spf :)
[22:33:03] <BuenGenio> fahk
[22:33:07] <BuenGenio> :)
[22:33:39] <BuenGenio> what should i do?
[22:33:57] <xpoint> you have a older amavisd ?, older as in < 2.6.x ?
[22:34:21] <BuenGenio> 1 sec
[22:34:38] *** BuenGenio has quit IRC
[22:35:18] *** BuenGenio has joined #postfix
[22:35:37] <BuenGenio> 2.5.4
[22:35:46] <xpoint> update
[22:36:11] <xpoint> if you can get hold of 2.6.2 now
[22:37:15] <BuenGenio> will 2.6.1 do?
[22:37:22] <xpoint> yes
[22:37:40] <xpoint> 2.6.2 is just few small bugfixes
[22:37:52] <xpoint> unrelated to dkim
[22:37:57] *** nphase_ has quit IRC
[22:38:01] <BuenGenio> cool, will try
[22:38:06] <BuenGenio> nphase??
[22:38:16] <xpoint> ?
[22:38:16] <BuenGenio> cool...
[22:38:27] <BuenGenio> the world is a freakin' napkin! :))))
[22:38:54] <BuenGenio> ok, will try to update quickly, without updating the whole distro, hehe
[22:39:07] <xpoint> debian ?
[22:39:13] <BuenGenio> Mandriva?
[22:39:36] <xpoint> oh, i dont know much about that os
[22:40:00] <BuenGenio> it's ok, i know where to get the packages
[22:40:08] *** BuenGenio has quit IRC
[22:40:10] <xpoint> super
[22:41:45] *** Bulten has quit IRC
[22:42:31] *** xpeed has joined #postfix
[22:44:12] *** F6F has quit IRC
[22:47:25] *** BuenGenio has joined #postfix
[22:47:45] <BuenGenio> xpoint, have there been any critical configuration changes since 2.5.x?
[22:47:52] <BuenGenio>  can i just keep the existing config?
[22:48:33] <BuenGenio> also, i might need your help with a few points there, if you don't mind...
[22:48:47] <BuenGenio> will you be able to stick around for a bit?
[22:48:56] <xpoint> keep the old config and add dkim confs from 2.6.x would be fine
[22:49:34] <BuenGenio> what should i have as $mydomain
[22:49:46] <xpoint> you still need to read the CHANGLELOG .)
[22:49:50] <BuenGenio> i'm serving several domains
[22:49:58] <BuenGenio> ok, will do.
[22:50:24] <xpoint> $mydomain is same as before
[22:50:53] <BuenGenio> it's set to the name of the default vhost...
[22:50:55] <BuenGenio> is that cool?
[22:51:25] <xpoint> it should be the default reverse ptr domain
[22:52:02] <xpoint> but it worked before with 2.5.4 so do not change it
[22:52:17] <BuenGenio> dig -x 62.149.27.85 PTR
[22:52:34] <BuenGenio> colo27-85.users.colocall.net
[22:52:38] <BuenGenio> whereas before it was something else
[22:53:13] <xpoint> that hostname is totaly unrelated to get dkim working
[22:53:54] <BuenGenio> ok, i got enable_dkim_verification = 1 & enable_dkim_signing = 1 in.
[22:55:03] <BuenGenio> i don't need to change forward_method, right?
[22:55:07] <BuenGenio> it's   forward_method => 'smtp:[127.0.0.1]:10027',
[22:55:52] <BuenGenio> where do i stick the Key?
[22:55:58] <BuenGenio> master.conf
[22:56:01] <BuenGenio> i would guess
[22:56:29] <xpoint> the key need to be in amavisd.conf, but the select is on dns
[22:57:00] <xpoint> amavisd genrsa > domain.key
[22:57:12] <xpoint> if i remember :)
[22:57:25] <BuenGenio> i already got the keys generated
[22:57:34] <BuenGenio> not with amavisd, but with dkim...
[22:57:55] <BuenGenio> i'll just do it again
[22:58:06] <BuenGenio> i liked the key in the first one ;)))
[22:58:06] <xpoint> amavisd need to know with keys is for with domains
[22:59:05] <BuenGenio> here's postconf
[22:59:06] <BuenGenio> http://pastebin.com/m6a7af4d0
[23:00:07] <xpoint> http://www.ijs.si/software/amavisd/amavisd-new-docs.html
[23:01:06] <xpoint> there is no postfix change needed to get dkim working in amavisd
[23:01:12] *** BuenGenio has quit IRC
[23:01:25] *** BuenGenio has joined #postfix
[23:01:44] <xpoint> BuenGenio, see topic about channellog :))))
[23:02:37] <BuenGenio> ok, roger :))
[23:02:38] <BuenGenio> thanks
[23:03:38] <BuenGenio> what about public/private keys?
[23:04:04] <BuenGenio> i remember for the DKIM from sourceforge you had to generate both
[23:05:04] <BuenGenio> what is the 'foo' parameter in dkim_key() ?
[23:06:20] *** BuenGenio has quit IRC
[23:06:50] *** BuenGenio has joined #postfix
[23:07:54] <BuenGenio> ok, that's the selector i guess
[23:08:01] <BuenGenio> do i leave it as foo ?
[23:08:56] <xpoint> if you want to
[23:09:01] *** r33 has joined #postfix
[23:09:23] <BuenGenio> i mean, i have good imagination, but...
[23:09:32] <BuenGenio> if it ain't broke :)
[23:10:00] *** loadk2008 has joined #postfix
[23:10:20] <BuenGenio> ok, so amavisd showkeys definitely shows something along the right lines...
[23:10:38] <xpoint> BuenGenio, then ask on amavisd maillist for specifik problems :)
[23:10:58] <BuenGenio> i will, if there are any
[23:11:03] <BuenGenio> but we're hoping for the best here :)
[23:11:08] <BuenGenio> well, i, for one
[23:11:10] <xpoint> if testkeys shows all ok, then it works
[23:11:27] <BuenGenio> now, do i need to update my TXT records?
[23:11:37] <xpoint> yes
[23:11:46] <BuenGenio> argghh
[23:11:48] <xpoint> so you get testkeys working
[23:12:59] <BuenGenio> xpoint, i can't thank you enough
[23:13:09] <BuenGenio> i'll dig into some more reading...
[23:13:13] *** F6F has joined #postfix
[23:13:34] <xpoint> super, i love amavisd more and more every day
[23:13:46] *** r33 has quit IRC
[23:14:23] *** r33 has joined #postfix
[23:14:58] *** xpeed has quit IRC
[23:26:10] *** r3r3 has quit IRC
[23:28:32] *** Bulten has joined #postfix
[23:31:47] *** BuenGenio has quit IRC
[23:32:14] *** BuenGenio has joined #postfix
[23:37:03] *** BuenGenio has quit IRC
[23:37:38] *** BuenGenio has joined #postfix
[23:40:21] *** F6F has quit IRC
[23:44:30] *** nphase_ has joined #postfix
[23:47:35] *** nphase__ has joined #postfix
[23:47:55] *** BuenGenio has quit IRC
[23:48:09] *** BuenGenio has joined #postfix
[23:48:38] *** pa has quit IRC
[23:51:24] *** lunaphyte__ has quit IRC
[23:54:55] *** Fallenou has quit IRC
[23:59:49] *** deadpigeon has quit IRC





top