August 6, 2009 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
August 6, 2009 [00:00:01] <lunaphyte> felix_da_catz: where are you using tls:// and tls:// ?[00:00:51] <pickcoder> jluedke: you can drop default_process_limit to start with[00:01:53] <jluedke> problem is that backs up legit traffic[00:02:14] <pickcoder> you can also drop smtpd_client_connection_count_limit[00:02:14] <pickcoder> well the "spam" is legit mail at this point[00:02:23] <pickcoder> unless you can identify an IP that's causing the problem[00:02:40] <pickcoder> if it is gmail, then there's not much you can do but try to block specific spam sender FROM[00:03:06] <jluedke> well, i am currently trudging over logs to find offending ip's and senders.[00:03:17] <pickcoder> then there's smtpd_client_connection_rate_limit[00:03:27] *** bronb_ has joined #postfix[00:03:28] <jluedke> If I understand anvil, looks like it keeps track of that info.[00:03:30] <pickcoder> which could help spread the load across clients[00:03:47] <pickcoder> yes..[00:04:55] <jluedke> seems like keeping that hash in memcache might be an ok idea.[00:04:57] <dan__t> What's that utility that I can use to figure out why a mail was delivered to which particular host based on lookup maps yada yada?[00:05:05] *** bronb has quit IRC[00:05:33] <dan__t> postmap?[00:06:05] *** Bad_Religion has quit IRC[00:06:38] <pickcoder> dan__t: postmap lets you query dictionary lookups including mysql, hash, ldap, etc[00:06:47] <pickcoder> as well as build hashed files from text maps[00:06:52] <dan__t> Thank you.[00:06:58] <dan__t> I'm familiar with the latter; not the former.[00:07:01] <dan__t> I'm going to play around with that.[00:07:05] <pickcoder> man postmap[00:07:12] <pickcoder> postmap -q <key> dict:lookup-source[00:09:44] <pickcoder> jluedke: I'm not sure how you plan on attaching memcached[00:10:02] <pickcoder> is the machine at a thrashing point due to swap?[00:10:20] <lunaphyte> !postmapq[00:10:21] <knoba> lunaphyte: "postmapq" : You can check your lookups with the postmap command. Example: if you defined "transport_maps = mysql:/etc/postfix/transport.cf" you may check this mapping by running "postmap -q domain.com mysql:/etc/postfix/transport.cf" and see if it works.[00:10:31] <dan__t> Yea, I see it now.[00:10:33] <dan__t> Very cool.[00:11:53] <jluedke> pickcoder: I am trying to keep smtpd proc from backing up across my cluster when I get slammed.[00:12:28] <jluedke> I think it would be nice to have those settings cluster wide[00:12:50] <jluedke> otherwise people could take advantage of my mx machines one at a time.[00:12:56] <pickcoder> jluedke: don't forget about QoS options with iproute and iptables[00:15:34] *** TomHome has joined #postfix[00:17:20] *** madrescher has quit IRC[00:19:20] *** madrescher has joined #postfix[00:20:55] <pickcoder> jluedke: if you want to reduce the memory footprint of anvil's "cache" then you can drop anvil_rate_time_unit. The problem with doing that is the scale of connection counts, messages per sender, etc changes[00:25:58] <jluedke> not worried about anvils memory footprint so much.[00:26:32] <jluedke> have 20+ mx machines[00:27:20] <jluedke> want to avoid watching them be successfull the firs n times on each machine[00:28:00] *** doomas_FTL has quit IRC[00:38:15] <pickcoder> 20?. geez[00:38:39] *** eanxgeek_ has quit IRC[00:39:17] *** Zblakany has quit IRC[00:40:23] *** wdp has quit IRC[00:41:02] <TomHome> lo[00:50:14] <KB1JWQ> O AHI[00:52:03] *** mezgani has joined #postfix[00:56:01] <pickcoder> lo is loopback[00:56:17] * pickcoder loops home[00:56:19] <pickcoder> bbl[00:56:23] *** pickcoder has quit IRC[00:57:31] *** war9407 has quit IRC[01:11:42] *** seekwill has quit IRC[01:13:12] *** p3rror has quit IRC[01:19:15] *** LinuxCode has joined #postfix[01:19:31] *** jmedina has quit IRC[01:21:46] *** rashed2020 has left #postfix[01:22:42] *** pingouin has quit IRC[01:26:09] <MrGrieves> hello, i followed Sigmund's tutorial on setting up postfix+mysql+dovecot and i'm stuck with postfix bouncing emails with: status=bounced (unknown user:....)[01:26:44] <MrGrieves> all postmap tests seem OK[01:26:59] <MrGrieves> postmap -q example.com mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf[01:27:01] <MrGrieves> oops[01:27:15] <lunaphyte> !tell MrGrieves welcome[01:29:39] *** madrescher has quit IRC[01:29:53] <cite> knoba is overpowered.[01:30:56] *** mactimes has joined #postfix[01:32:00] *** mactimes has quit IRC[01:32:55] *** madrescher has joined #postfix[01:34:34] <MrGrieves> I'm using mysql 5.0.51a-24+lenny1, postfix 2.5.5, dovecot v1.0.15, I already checked the postfix setup with the postmap queries as in Signum'd tutorials, but for some reason, when trying to send mail with telnet, it does bounces the mail. Also, /var/vmail remains empty. Don't know if this is related, but following the tutorial, postfix runs under the postfix user, dovecot under the dovecot... whereas /var/vmail is owned by vmail. The only error message I[01:34:38] *** Vog has quit IRC[01:34:54] *** mactimes has joined #postfix[01:35:15] <lunaphyte> !tell MrGrieves welcome[01:35:25] <MrGrieves> hmm what else have i missed :)[01:35:33] <cite> Logs, postconf -n.[01:36:54] <lunaphyte> looks like you missed the pm from the bot.[01:37:00] <lunaphyte> are you new to irc?[01:37:06] <MrGrieves> no[01:37:18] <MrGrieves> i actually have setup irc servers since 1994 :)[01:37:27] <MrGrieves> got the message[01:37:41] <lunaphyte> oh, so you should be set then. all the info to get you going in the right direction is in the bot's message.[01:37:50] <lunaphyte> !welcome[01:37:50] <knoba> lunaphyte: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[01:37:59] <Dominian> KB1JWQ: ok if I PM?[01:38:42] <Dominian> KB1JWQ: nevermind figured it out lol[01:40:54] <MrGrieves> http://pastebin.com/d5c7b336f and http://pastebin.com/d75ca557f (postconf -n, and logs)[01:41:44] <MrGrieves> never used pastebins before, sorry.. not too often do i ask[01:42:41] <lunaphyte> MrGrieves: looks like you'll want to use postmap to troubleshoot your mysql lookup maps.[01:42:48] <lunaphyte> !tell MrGrieves postmapq[01:43:06] <cite> MrGrieves: alveox.com is in mydestination. Postfix should have screamed murder when you started it.[01:43:24] <lunaphyte> he ay not have things set up correctly, so postfix may not know it's in the sql db.[01:43:29] <lunaphyte> *he may[01:43:42] <lunaphyte> postmap queries will reveal that.[01:43:54] <cite> MrGrieves: If you want alveox.com to be a virtual domain, remove it from mydestination and make sure it is listed in the virtual_domain_maps (check with postmap).[01:44:06] <MrGrieves> oh[01:44:25] <MrGrieves> its in the virtual domain, i'll remove it from mydestination[01:44:36] <lunaphyte> !factoid[01:44:37] <knoba> lunaphyte: "factoid" : something resembling a fact; unverified and often invented information that is given credibility because it contains words that appear to be something you think you ought to know. see http://workaround.org/f=postfix for a list of knoba's factoids.[01:44:40] <cite> MrGrieves: Futhermore, you'll want to replace every "mysql:" with "proxy:mysql".[01:44:56] <cite> MrGrieves: Futhermore, you'll want to replace every "mysql:" with "proxy:mysql:".[01:45:50] <lunaphyte> eh, one step at a time.[01:46:06] <lunaphyte> doing proxymap lookups is by no means a technical requirement.[01:46:19] <cite> lunaphyte: LOOK! It's a Debian/GNU Postfix.[01:46:19] <MrGrieves> woohoo thanks guys[01:46:27] <cite> lunaphyte: He _will_ come back if he doesn't change that.[01:46:34] <MrGrieves> status=sent (delivered via dovecot service)[01:46:49] <lunaphyte> i use postfix on debian without proxymap lookups.[01:47:18] <cite> Because you know how to connect using TCP/IP to 127.0.0.1 or un-chroot smtpd :-P[01:47:26] <cite> That's like, erm, cheating![01:47:56] <lunaphyte> indeed. i prefer network sockets over unix socket any day of the week.[01:48:14] <lunaphyte> *sockets[01:48:37] <MrGrieves> cite, i followed Sigmund's tutorial specifically for lenny, which tells to use "mysql:" - you confirm i should change this to "proxy:mysql" in main.cf ?[01:48:55] <MrGrieves> Signum, oops[01:49:09] <lunaphyte> overall, he's right, it's probably not a bad idea.[01:49:24][01:49:34] <lunaphyte> that's also a fair argument :)[01:49:58] <MrGrieves> now u want me to come back :)[01:50:21] <lunaphyte> how in the world does anybody get anything done with so many compelling arguments for such contradictory concepts?[01:50:51] <cite> Most of the day I don't get the impression humanity get's done much, so...[01:51:28] * lunaphyte smacks the feral apostrophe from cite's hand.[01:51:44] <cite> What's a "feral" apostrophe?[01:51:50] *** orac__ has joined #postfix[01:51:52] <MrGrieves> thanks, cite, lunaphyte[01:52:13] <lunaphyte> one that shouldn't be there ;)[01:52:20] <lunaphyte> MrGrieves: sure thing, you're welcome.[01:54:51] <cite> lunaphyte: I apologize. The later it get's, the harder it is to listen to a podcast in one language and write properly in another one.[01:55:09] <lunaphyte> heh[01:55:31] <lunaphyte> just a pet peeve of mine, no difference really.[01:55:34] *** SARGuy has quit IRC[01:55:59] <lunaphyte> (i'm assuming the most recent offense was intentional) :)[01:55:59] * standon checks to see if this is #english-nazi or #grammarbitch[01:56:41] <lunaphyte> either or both, if i'm around[01:56:46] <cite> This might be completely OT, but: Is Exim still actively maintained? I subscribed to exim-users a few days ago, and compared to postfix-users, it seems pretty dead.[01:56:59] <cite> Ok, that _is_ completely OT.[01:56:59] <lunaphyte> actually, i thought it was grammarnazi[01:57:12] <standon> lunaphyte: it's not. moving on now..[01:57:17] <cite> #nazi-bitches, anyone?[01:57:25] <standon> cite: heh, and postfix-users isn't particularly high traffic... so that is pretty pathetic.[01:59:18] <KB1JWQ> Dominian: Always.[01:59:40] <rob0> I don't think Exim was ever as widely used as Postfix, but that's just a subjective opinion / feeling.[02:00:06] <rob0> well ... I guess I did some crude "google" tests one time[02:00:06] <lunaphyte> it always surprised me that exim was the default debian mta for a while (is it still?)[02:01:31] *** SpiceMan has joined #postfix[02:01:32] *** mezgani has quit IRC[02:01:39] <cite> lunaphyte: I think it's the only MTA you can link against GnuTLS without a major headache.[02:02:04] <lunaphyte> grr, don't get me started on gnutls/openssl.[02:02:06] <cite> lunaphyte: Yes, it's still their default MTA, and yes, it's still not working with almost any mobile phone in existence out of the box.[02:02:11] <cite> hi rob0[02:02:39] <cite> rob0: I guess I'm just not comfortable with "one binary doing it all" anymore.[02:02:57] <cite> But one thing Exim has and Postfix really lacks is a "how it all works together" documentation.[02:03:24] <cite> lunaphyte: Hey, let's start a discussion about GnuTLS vs OpenSSL![02:03:26] <rob0> hmm[02:03:28] <lunaphyte> cite: what's the correlation between an mta and a mobile phone?[02:03:46] <rob0> How is a raven like a writing desk?[02:03:55] <standon> architecture overview is pretty good. and experts can delve into the code which is quite clearly written and documented.[02:04:14] <rob0> Of course I'm mad. We're all mad here![02:04:32] <cite> lunaphyte: Since Exim is linked against GNuTLS, and GnuTLS pads a certain field when presenting a certificate to the client - which nobody else does - most mobile phones fail miserably when trying to submita message.[02:04:52] <cite> standon: There is an architecture overview?[02:04:52] <lunaphyte> oh, wrt tls, i see.[02:04:59] <standon> cite: yes.[02:05:13] <cite> Oh[02:05:19] <cite> I feel stupid now.[02:05:30] <standon> cite: http://www.postfix.org/OVERVIEW.html[02:05:44] * standon never tires of telling people to RTFM[02:06:15] <lunaphyte> serious, are you seriously, i am feeling really stupid now[02:07:48] *** pingouin has joined #postfix[02:12:36] *** madrescher has quit IRC[02:19:10] * rob0 feels stupid too[02:20:21] <thumbs> rob0: it's weekwill's fault.[02:20:27] *** TeckniX has quit IRC[02:28:34] <cite> fsck. I just backed up /etc, /var, /opt and some other directories to an IMAP folder. I HATE copy-paste.[02:31:04] *** digitalmortician has quit IRC[02:31:17] <lunaphyte> oopsies.[02:31:59] *** digitalmortician has joined #postfix[02:32:20] *** F6F has joined #postfix[02:32:24] <thumbs> so my manager just told me today that our work's email server was serving imap over exchange[02:33:00] <thumbs> it kept giving an empty response, randomly, until the admin restarded exchange.[02:33:12] <thumbs> he even chastised me for not using outlook[02:33:34] <KB1JWQ> thumbs: Wow.[02:33:39] <KB1JWQ> thumbs: Just... wow.[02:33:43] <KB1JWQ> thumbs: You run Winders?[02:33:48] <thumbs> no, linux.[02:33:53] <KB1JWQ> Yeah.[02:34:01] <KB1JWQ> That conversation would go a bit differently here.[02:34:05] <thumbs> that was my response... how do you run outlook on linux?[02:34:23] <thumbs> he said... use thunderbird and pop3.[02:34:33] <thumbs> .... pop3.... this isn't 1999.[02:34:45] <KB1JWQ> "You should really run OutLoo--EEEEEEEE!!" continuing on until I open the desk drawer that now temporarily contains his testicles.[02:35:20] <thumbs> seriously, who uses pop3 nowadays?[02:36:03] <KB1JWQ> thumbs: I can't believe it's default in Thunderbird.[02:36:36] <thumbs> yeah.[02:36:55] <thumbs> anyhow, I said I need proper imap support to work, period.[02:37:05] <thumbs> and I'll use whatever fucking email client I choose.[02:37:20] <cite> IMAP is expensive (ressource wise), and there are still freemail services who don't offer imap.[02:37:58] <thumbs> data synchronization with pop is hazardous.[02:38:04] <lunaphyte> i'm still trying to figure out what "imap over exchange" even is *supposed* to mean.[02:38:31] <thumbs> lunaphyte: exchange can provide imap services, apparently.[02:38:38] <KB1JWQ> thumbs: Badly.[02:38:41] <lunaphyte> sure, but...[02:38:42] <cite> Actually, Exchange outperforms Cyrus :-P[02:39:04] <lunaphyte> it's sure has hell not anything over anything else.[02:39:06] <KB1JWQ> cite: When it works.[02:39:40] <cite> ;-)[02:40:17] <thumbs> yeah, it seems to be quite random.[02:40:56] <lunaphyte> when did we go from managers actually being a valuable, meaningful, positive resource to a worthless pile of feces wearing a tie? (credit: jim norton).[02:41:41] <lunaphyte> i'm not terribly old, and i feel i recall a time when managers were a good thing.[02:42:12] <lunaphyte> instead, now they've gone the way of unions.[02:42:44] <thumbs> so now he shifted my account to a 'cheaper' linux box, with dovecot.[02:43:12] <thumbs> he feels like he's punishing me, or something.[02:43:34] <lunaphyte> so who exactly is the mail admin there then?[02:44:35] *** hparker has quit IRC[02:44:36] *** plee has quit IRC[02:45:03] *** bronb_ has quit IRC[02:45:04] *** aixenv has quit IRC[02:45:04] *** Dominian has quit IRC[02:45:04] *** ewook has quit IRC[02:45:04] *** Roconda_ has quit IRC[02:45:04] *** Bogus8 has quit IRC[02:45:04] *** felix_da_catz has quit IRC[02:45:04] *** dan__t has quit IRC[02:45:04] *** lawnchair has quit IRC[02:45:04] *** Tykling has quit IRC[02:45:04] *** js_ has quit IRC[02:45:04] *** dugless has quit IRC[02:45:04] *** palla|putty has quit IRC[02:45:05] *** AdmiralBeotch has quit IRC[02:45:05] *** Mazon has quit IRC[02:45:05] <thumbs> my manager is contracting the service to some hosting company.[02:45:26] <thumbs> the fact that he *asked* for exchange to being with baffles me.[02:45:34] <thumbs> s/being/begin/[02:45:48] *** mactimes_ has joined #postfix[02:48:17] *** hparker has joined #postfix[02:48:24] *** bronb_ has joined #postfix[02:48:24] *** aixenv has joined #postfix[02:48:24] *** Dominian has joined #postfix[02:48:24] *** Mazon has joined #postfix[02:48:24] *** Roconda_ has joined #postfix[02:48:24] *** Tykling has joined #postfix[02:48:24] *** AdmiralBeotch has joined #postfix[02:48:24] *** felix_da_catz has joined #postfix[02:48:24] *** Bogus8 has joined #postfix[02:48:24] *** ewook has joined #postfix[02:48:24] *** dan__t has joined #postfix[02:48:24] *** js_ has joined #postfix[02:48:24] *** dugless has joined #postfix[02:48:24] *** palla|putty has joined #postfix[02:48:24] *** lawnchair has joined #postfix[02:49:26] *** plee has joined #postfix[02:55:46] *** seekwill has joined #postfix[03:00:58] *** ramoni has joined #postfix[03:02:07] *** muh2000_ has quit IRC[03:05:14] *** Skaag has quit IRC[03:09:49] *** bluethundr_ has joined #postfix[03:14:48] *** mactimes has quit IRC[03:17:32] *** ming_zym has joined #postfix[03:20:35] *** cps0 has quit IRC[03:23:56] *** Crell has joined #Postfix[03:25:29] <Crell> Hi all. I have a postfix-based mail server that's been running for some time now, using maildir. I want to start adding server-side mail filtering to it, though. The last time I looked into the subject the answer was "use procmail, and guess as to where to put stuff". Has the situation improved any since then? :-) Is there another alternative, and/or better documentation for procmail when not talking about local mail delivery?[03:29:55] *** mactimes_ is now known as mactimes[03:30:02] *** DonAlex has quit IRC[03:38:09] *** muh2000 has joined #postfix[03:43:06] <Dominian> Crell: look into pysieved[03:43:35] <Crell> What is that?[03:43:50] <Dominian> server-side sieve filtering[03:44:00] <Dominian> and if you use dovecot for imap.. you can implement sieve filtering in[03:44:06] <Dominian> just have to read the dovecot documentation for it[03:44:11] <Crell> I use courier.[03:44:23] <Crell> My main mail client is KMail, though, which claims to support sieve.[03:44:31] <Dominian> doh[03:44:39] <Dominian> well you would have to look into how courier does sieve[03:44:44] <Crell> Hm.[03:45:10] <seekwill> The sieve rule would live on the server, so should be mail-client independent[03:45:17] <Dominian> correct[03:45:20] <Crell> That's what I'm after. :-)[03:45:32] <Dominian> seekwill: unless of course the seive filter being used has an outside port that's accessible[03:45:32] * Crell just had to wipe his main desktop client, which had ~100 filters defined.[03:45:43] <Crell> Not really interested in recreating all of them on a client again, especially when said client is a laptop.[03:46:10] <Dominian> heh[03:46:20] <Dominian> Crell: I keep NOTHING of saving ability on my laptop.. I change distros way too much[03:46:30] <Crell> heh.[03:46:55] <Crell> I try not to, but leaving my laptop on just to filter email while I'm away feels... unpatriotic. Or sacreligious. Or something.[03:48:06] <Crell> So in theory, I should be able to configure filters from a sieve-compatible mail client but they then live on the server thereafter, and survive past the client, da?[03:48:18] <Crell> Assuming I get sieve/courier/postfix talking to each other properly?[03:49:32] <rob0> Who told you to use procmail, and when?[03:50:02] <seekwill> You did[03:50:04] <seekwill> In the future![03:50:23] <rob0> I use recipient_delimiter and .forward* files.[03:50:42] <Crell> rob0: The Interweb, about 3 years ago, 5 years ago, and 8 years ago when last I was asking these questions. :-)[03:51:04] <Crell> Followed by "it's so simple, just see this example file with 500 obscure lines in it. Don't you get it?"[03:51:15] <rob0> Procmail has been abandonware since about '01.[03:51:26] <Crell> Its documentation has at least. :-)[03:51:36] <Dominian> procmail is over-complicated imho[03:51:59] * Crell agrees.[03:52:45] <Crell> Hm. Googling is finding me the same email thread archived on a dozen different sites.[03:52:57] <rob0> When you say, "filtering," you mean sorting into IMAP folders, right?[03:52:59] <Crell> "How do I hook Sieve up to Courier?" "Shouldn't you hook it up to Postfix instead?" "chirp chirp".[03:53:01] <Crell> Yes.[03:53:26] <Crell> I already have spamassassin and clamav in this nest of processes somewhere, doing something, I hope...[03:54:38] <rob0> Oh, content filtering is a poor means of spam control. HELO checks and Zen take out ~95% of all spam, more like 99% for my own.[03:55:28] <Crell> OK, that's not what I'm looking for. I'm looking for a way to pre-filter the 500 messages a day I get into folders based on their mailing list. :-)[03:57:20] <rob0> yeah, and that's probably a sieve thing (unless, like me, you use recipient_delimiter and .forward* files.)[03:57:44] <rob0> (each mailing list goes to list+listname@example)[03:59:43] <Crell> Yeah, sieve. So how do I get sieve and postfix talking to each other? Or sieve and courier and postfix. Or whatever works.[04:02:11] *** docta_v has quit IRC[04:03:19] <thumbs> rob0: what do you think of using spamassasin?[04:04:05] <rob0> I would use SA through amavisd-new at a very heavily spammed site.[04:04:30] <thumbs> rob0: fair enough, I had that in mind actually[04:04:35] <thumbs> rob0: I was just confirming[04:04:55] <rob0> but only after a reasonable pre-DATA defense, of course[04:05:05] <thumbs> yeah[04:05:14] <thumbs> I still need to look into the best way to do that[04:05:26] <thumbs> coming back to mail servers after a few years is a pain[04:05:28] <thumbs> !spam[04:05:35] <knoba> thumbs: "spam" : for you and SPAM for me, we'll all live together in SPAM harmony at SPAM.com[04:07:05] <KB1JWQ> !cheatsheet[04:07:11] <knoba> KB1JWQ: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.[04:08:23] <thumbs> ah, yes.[04:08:24] <thumbs> thanks[04:10:20] *** master_of_master has quit IRC[04:10:23] *** MrDin has joined #postfix[04:12:03] <MrDin> in main.cf I have alias_maps = hash:/etc/aliases and alias_database = hash:/etc/aliases but if I send an email to an alias set up in /etc/aliases it gets rejected[04:13:08] *** master_of_master has joined #postfix[04:14:05] *** ramoni has quit IRC[04:14:50] *** ramoni has joined #postfix[04:15:08] <rob0> !tell MrDin welcome[04:16:56] *** F6F has quit IRC[04:21:12] *** poli_ has quit IRC[04:21:18] *** poli has joined #postfix[04:27:23] *** Dominian has quit IRC[04:27:33] *** Dominian has joined #postfix[04:29:41] *** tjikkun has quit IRC[04:29:41] *** Motoko-chan has joined #postfix[04:32:13] *** felipe` has quit IRC[04:33:01] *** kibombo has joined #postfix[04:33:13] <kibombo> 1343:error:02001002:system library:fopen:No such file or directory:bss_file.c:356:fopen('./demoCA/private/cakey.pem','r')[04:33:27] <kibombo> after doing openssl ca -out itchy.pem -infiles itchy.csr[04:35:40] *** MrDin has quit IRC[04:36:48] <rob0> I guess MrDin didn't feel welcome here![04:41:50] *** ramoni has left #postfix[04:44:39] <kibombo> rob0cop, got any ideas about this little problem?[04:50:30] <rob0> At least two: First, it's not exactly on topic here, but sure, a lot of us are openssl users. Second, './demoCA/private/cakey.pem' is "No such file or directory". Change the path, or change the config![05:02:03] *** seekwill has quit IRC[05:05:44] *** poli has quit IRC[05:05:50] *** poli has joined #postfix[05:05:54] *** will_ has joined #postfix[05:11:28] *** pinoyskull has joined #postfix[05:18:54] *** LinuxCode has quit IRC[05:22:36] *** cwright has joined #postfix[05:23:37] *** orac__ has quit IRC[05:26:47] *** penrod has joined #postfix[05:31:53] *** pickcoder has joined #postfix[05:33:00] *** saurabhb has joined #postfix[05:33:47] *** mactimes has quit IRC[05:35:35] *** mactimes has joined #postfix[05:45:58] *** Thazza has joined #postfix[05:49:20] *** dhx_m has joined #postfix[05:53:50] *** mactimes has quit IRC[05:55:34] <will_> Are there any postfix consulting places?[05:55:45] <will_> Like, full time agencies[05:55:45] <pickcoder> for what specifically[05:55:50] <will_> Postfix/Email[05:56:17] <pickcoder> I guessed that already[05:56:21] <pickcoder> for what consulting type[05:56:29] <will_> A company has an internal mail server and wants someone to call if things go wrong[05:56:30] <pickcoder> config, tuning, bulk mail handling, etc[05:56:39] <pickcoder> heh[05:56:43] <pickcoder> call KB1JWQ[05:56:49] <will_> hehe[05:56:54] <pickcoder> unless rob0 is awake[05:56:54] <will_> KB1JWQ: What's your phone number?[05:56:57] <will_> Oh, I have that[05:57:53] <will_> I wonder if there's a real need for one[05:58:05] <will_> Like Percona is one for MySQL stuff[05:58:05] <pickcoder> well if they're paid on their RHEL support they can call RedHat[05:58:11] *** Crell has left #Postfix[05:58:33] <will_> I wonder how good RHEL support is...[05:58:38] <will_> But they probably won't support cool stuff[05:58:56] <will_> Like Postfix compiled with database support[05:59:00] <pickcoder> so far the response is great. The action is awful[05:59:08] <pickcoder> I'm still waiting for ESB2 support in lm-sensors[05:59:13] <pickcoder> it's been over a year now[05:59:17] <will_> I meant for Postfix-specific stuff[05:59:20] <will_> heh[05:59:28] <will_> Well, that's fine[05:59:29] <pickcoder> (it'll be in the next release, btw)[05:59:52] <will_> Seems reasonable[05:59:59] <pickcoder> but not because I spent 2 months going back and forth with tech support[06:00:04] <will_> But do RHEL support techs have experts in Postfix/email tuning?[06:00:07] <pickcoder> and even providing the patch info[06:00:22] <pickcoder> it's going to be there because they're moving up from 2.6.18...[06:00:26] * pickcoder grumbles[06:00:30] * rob0 is awake[06:00:37] <pickcoder> ANYway[06:01:35] <pickcoder> will_: Hah! I doubt it..[06:01:45] <pickcoder> but they can open a ticket for you, if you'd like.[06:01:46] *** githogori has joined #postfix[06:01:50] <will_> heh[06:02:31] <pickcoder> will_: I think there's a free consulting service already[06:02:35] <pickcoder> postfix-users@[06:02:38] <will_> No[06:02:56] <will_> Some companies want someone to call in the middle of the night to fix stuff[06:03:00] <pickcoder> you can start a service and say "you have people"[06:03:02] <will_> That doesn't come free[06:03:11] <will_> I'm not really looking to start one :)[06:03:22] <will_> Just curious to see if there was one, like Percona[06:03:48] <pickcoder> I would think that there are consulting firms that experience with Postfix config[06:03:55] <pickcoder> ~that have[06:04:04] <will_> I googled. Just seems like IT guys who know how to "yum install postfix"[06:04:20] <pickcoder> one of these days I'll be on my own, so I may start a company[06:04:20] <will_> I wonder who Ralf works for[06:04:30] <will_> pickcoder: Let's do it today!!!!!!!!!!!!!!!!11111111111111111111one[06:04:39] <rob0> Ralf, a university[06:04:54] <pickcoder> uh.. no thanks. The economy is too unstable still. Besides I have a great job.[06:04:56] <will_> University of SMTP[06:05:03] * rob0 is available <bats eyelashes>[06:05:22] <will_> rob0: Really?[06:05:36] <rob0> 'cept ... I don't know nuthin' 'bout fixin' no Posts![06:06:25] <rob0> Sure I'm available, how else do you suppose I would be wasting so much time on here?[06:06:30] <will_> lol[06:06:49] <pickcoder> rob0: retired people chat too[06:06:58] *** Verilium has quit IRC[06:07:29] <will_> My friend is looking to start a company. She's an accountant for Sony, and just wants to handle the business side of things.[06:09:04] * pickcoder scratches head[06:09:14] <pickcoder> what side of e-mail consulting is not "business"?[06:09:27] <pickcoder> printing out invoices?[06:09:34] <will_> heh[06:09:36] <pickcoder> or wait.. we're e-mail consulting[06:09:43] <pickcoder> who wants paper?[06:09:58] <will_> Everyone prints their email![06:10:21] * pickcoder prints chat and reads it in 10s lag time[06:10:33] *** xpeed has joined #postfix[06:10:47] * will_ has expeed[06:11:31] * pickcoder still needs a couple colo quotes[06:11:51] <will_> he.net[06:11:58] <will_> rackspace.com[06:12:11] *** xpeed has quit IRC[06:12:24] <pickcoder> I don't remember rackspace selling colo with hardware[06:12:37] <pickcoder> I don't really want to build a machine and ship it[06:13:37] <pickcoder> I'd like to set up a dedicated 10mb lan with our phone provider[06:13:57] <will_> pickcoder: You rent the server from rackspace[06:14:11] <pickcoder> they didn't have colo pricing for rentals[06:14:13] <will_> They have FANATICAL support[06:14:17] <pickcoder> just for 1-4U space[06:14:26] <will_> I didn't know they did colo[06:14:29] <will_> heh[06:14:44] <will_> If you're using your own hardware, I'd go local[06:14:58] <will_> If you're renting hardware, doesn't really matter[06:15:24] <Dominian> linode ftw[06:15:32] <will_> bah, you and your linode[06:15:42] <will_> Dominian: Did I ask you already? Do they have 24/7 support?[06:15:44] <pickcoder> hm[06:15:52] <Dominian> will_: yes they have 24/7 support[06:15:52] <will_> Their website doesn't say specifically[06:15:55] <will_> ah ok[06:15:55] <pickcoder> actually I was thinking of another company[06:16:00] <will_> Slicehost!!!!!!!!!!!!!!![06:16:01] <Dominian> will_: You file a ticket through yoru dashboard.. it pages them[06:16:07] <will_> Dominian: Yeah, same thing with slice[06:16:11] <Dominian> I've heard good things about slicehost..[06:16:17] <Dominian> however slicehost pricing is what turned me away[06:16:25] <will_> Cheapass[06:16:28] <pickcoder> looks like rackspace will obtain the hardware for you and manage it[06:16:31] <Dominian> will_: you know it[06:16:38] <will_> pickcoder: yeah (good thing in my opinion)[06:17:12] <will_> Dominian: Actually, Linode is "better" in the fact that their slices are 32bit. On a system with 512MB of RAM, every MB counts! (over 64-bit overhead)[06:17:29] <Dominian> yah[06:17:30] <pickcoder> I'm not sure I want a vps[06:17:37] <will_> pickcoder: Depends on your needs[06:17:37] <Dominian> WEll, the only catch I've found..[06:17:41] <Dominian> I can't boot a custom kernel very easily[06:17:48] <will_> heh[06:17:50] <Dominian> its picky.. really picky[06:17:52] <Dominian> pissesme off[06:18:00] <will_> It is a VPS :P[06:18:07] <Dominian> dude..[06:18:09] <Dominian> I have two VPSs[06:18:12] <will_> OMG[06:18:14] <will_> You are so cool[06:18:18] <Dominian> one on linode.. one on another host[06:18:18] <will_> I have two too![06:18:20] <Dominian> both xen[06:18:25] <will_> oh[06:18:30] <Dominian> linode.. custom kernel.. painin the ass[06:18:36] <Dominian> other VPS.. no problems[06:18:45] <will_> Maybe the other one is fully virtualized :P[06:18:46] <Dominian> Then again it all depends on how they have it configured[06:18:52] <Dominian> will_: right[06:19:26] <will_> I think if you go with a VPS, you shouldn't be worrying about stuff like that. Go with a managed server/colo for that kinda stuff[06:19:39] <Dominian> bah[06:19:43] <Dominian> even a vps needs security man[06:19:50] <will_> SELinux![06:19:53] <Dominian> all I wanted was a grsecurity-enabled kernel[06:19:53] <dhx_m> will_: a 64bit system also allows you to do things like perform operations on 8 bytes in a single clock cycle ;)[06:19:56] <Dominian> oh srew SELinux[06:20:06] <will_> dhx_m: Does that matter on a VPS?[06:20:11] <Dominian> SELinux sucks :P[06:20:13] <pickcoder> hm.. he.net may be an option depending on price[06:20:21] <will_> pickcoder: he.net is wickedly fast[06:20:23] <Dominian> I'd rather use AppArmor[06:20:27] <Dominian> he.net is insane[06:20:34] <dhx_m> will_: I guess my point is that you may be more interested in performance over memory in some VPS configurations[06:20:35] <pickcoder> I don't think a dedicated link would be too hard to terminate there[06:20:40] <rob0> I'd use NWLinux.[06:20:42] <Dominian> pickcoder: uhh no[06:20:42] <will_> pickcoder: EVERY mirror I leech off of maxes out my connection... cable or FIOS etc.[06:20:59] <rob0> Which is odd, since I live in the SE.[06:21:18] <will_> dhx_m: True. I don't really care. I just like Slicehost (which is 64-bit) because they're owned by Rackspace[06:21:23] <pickcoder> hmm.. I may consider moving our web server and such if that's the case[06:22:04] <dhx_m> will_: yep the people providing the VPS service are more often than not the most important factor to consider[06:22:24] <Dominian> well linode is definiely reliable[06:22:30] <Dominian> I've had NO issues what so ever with them[06:22:30] <will_> dhx_m: I'm only crazy over them because Dominian uses Linode[06:22:34] <Dominian> and their support is insane.[06:22:38] <Dominian> will_: lol[06:22:42] <will_> I only do things to piss off Dominian[06:22:57] <pickcoder> BGP+ipv4+ipv6 for $2/Mbps[06:23:02] <will_> I mean, can't make fun of him anymore now that he moved off greylisting.[06:23:12] <Dominian> :)[06:23:13] <will_> :)[06:23:15] <Dominian> will_: its gone well btw[06:23:20] <will_> Dominian: Sweet![06:23:34] <dhx_m> pickcoder: which provider is that for? sounds like some nasty bandwidth (cogent?)[06:23:37] <will_> Dominian: I do sorta expect a little false negatives to come through. Did you experience any of that?[06:24:16] <Dominian> not yet[06:24:19] <Dominian> but it may[06:24:32] <pickcoder> dhx_m: that's he.net's current special[06:24:53] <dhx_m> pickcoder: hmmm in that case, not bad :)[06:27:03] <dhx_m> I haven't looked at prices in a while but I seem to remember the cheapest being ~$5-6/Mbps[06:29:16] <pickcoder> I don't really want to move stuff off-site, but if the pricing is good for the bandwidth then I may end up moving a lot of stuff if I can get a dedicated lan drop between here/there[06:30:03] <will_> pickcoder: What is it for?[06:32:11] <pickcoder> at the moment, just core data replication and redundancy[06:32:33] <pickcoder> it the pricing is budgetable then I could potentially move mail and web off-site[06:32:58] <will_> Edge mail sure, but you'd probably want to keep your mailstore inhouse.[06:33:05] <pickcoder> well yeah[06:33:10] <will_> Well, for backup stuff, a VPS could work?[06:33:42] <pickcoder> I doubt i[06:33:43] <pickcoder> it[06:33:49] <pickcoder> the web thing is going to be tricky[06:33:59] <pickcoder> it's integrated into a lot of local data stores[06:34:12] <will_> Depends...[06:34:19] <dhx_m> if it's for a business, just get a dedicated server, the price difference isn't that much more[06:34:26] <pickcoder> if the replication can work over a dedicated link then I may able to setup a mirror of everything[06:34:52] <will_> pickcoder: VPN[06:35:12] <pickcoder> I won't need a VPN if a lan segment can be terminated there[06:35:40] <will_> There?[06:35:43] <pickcoder> the last time I talked to our provider we could get a 10mb link for not much more than a 3MB 'net link[06:35:47] <pickcoder> at the colo[06:36:04] <rob0> I can see it on craiglist now ... "LAN segment needs a job!"[06:36:14] <pickcoder> heh[06:36:19] *** xpeed has joined #postfix[06:37:19] <will_> ah[06:37:23] <pickcoder> of course, an "ethernet link" as they call it, has no IP address, DNS, or any other ISP services[06:37:29] <pickcoder> it's just a routing hop[06:37:41] <will_> You really won't want to VPN that?[06:37:49] <pickcoder> I probably would[06:37:56] <pickcoder> considering the bandwidth[06:38:15] <pickcoder> I'd have to setup a tunnel[06:38:20] <pickcoder> loads of fun[06:38:39] <will_> What are you trying to accomplish?[06:38:44] <will_> Seems like you're making this more complicated :P[06:38:48] <pickcoder> to take over the world?[06:39:13] <KB1JWQ> Who me?[06:39:33] <pickcoder> our servers are highly integrated so making things fail-safe can be complicated[06:39:36] <rob0> KB1JWQ[06:39:49] <pickcoder> unless there is a secure LAN segment to communicate over[06:40:28] <KB1JWQ> will_: Get sorted?[06:40:30] <will_> I still think you're making this more complicated[06:40:34] <will_> KB1JWQ: ?[06:40:38] <pickcoder> will_: won't be the first time[06:40:42] <will_> !!!![06:40:42] <knoba> will_: Error: "!!!" is not a valid command.[06:40:44] <will_> :([06:40:54] <KB1JWQ> will_: You were going to call me? :)[06:41:02] <will_> KB1JWQ: Oh[06:41:03] <will_> No[06:41:09] <will_> Depends on rob0[06:41:57] <will_> But I got sidetracked on AFF[06:42:44] <will_> I can't believe how late it is already[06:44:14] <Thazza> .[06:44:15] <Thazza> .[06:45:36] *** bhagat has joined #postfix[06:45:37] <rob0> huh[06:46:09] <rob0> The fate of the world depends on rob0 !! WE'RE DOOMED !!![06:46:45] <pickcoder> I get to try to organize the pile-o-hardware tomorrow night[06:46:57] <pickcoder> I think gremlins make part replicas at night[06:48:09] <pickcoder> kid's b-day part is saturday. can't believe they'll be 2.[06:48:43] *** xpeed has quit IRC[06:49:15] <dhx_m> I'm stumped at the moment with an inability for postfix to connect to a postgres socket for reading virtual_mailbox_maps... virtual_alias_map and virtual_domains_map work fine, as does postmap -q ... virtual_mailbox_maps[06:49:30] <rob0> Anyway, sure, I'm interested in discussing the project, I can be on call for reasonable rates, and I don't think there are many people better at postfixing than me.[06:49:31] <dhx_m> "warning: connect to pgsql server /var/run/postgresql: could not connect to server: Permission denied??Is the se[06:49:31] <dhx_m> rver running locally and accepting??connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"??"[06:50:04] <will_> rob0: PM?[06:50:05] <rob0> will_: domain nodns4.us, username the same as IRC.[06:50:07] <rob0> sure[06:50:41] <rob0> dhx_m, check directory perms to the socket and the socket perms too.[06:50:51] <pickcoder> dhx_m: chrooted?[06:51:21] <dhx_m> nothing is chrooted, the postfix user is part of the postgres group which has read/write to /var/run/postgresql and the socket file[06:51:49] <dhx_m> I've also used acct (linux process accounting) to ensure that some other user isn't running the 'virtual' process[06:52:12] <dhx_m> I suppose virtual is executed with uid root[06:52:14] <rob0> I don't know if secondary group permissions work, actually. I remember reading that it could only use the UID and primary GID.[06:52:21] <dan__t> 'evening.[06:52:30] <dhx_m> oh hmm, thanks rob0, I'll check that now[06:52:59] <dhx_m> rob0: that sounds like the best idea so far[06:54:04] <pickcoder> bed time[06:54:07] *** pickcoder has quit IRC[06:56:30] <rob0> bedcoder[06:58:20] <dhx_m> hmmm no luck with permissions on the socket (and parent directory) set to 0777[06:59:48] <dhx_m> oh actually it did work that time[06:59:54] <dhx_m> hmmm this could be tricky (with gentoo)[07:00:32] *** Verilium has joined #postfix[07:02:32] *** uqlev has joined #postfix[07:04:31] *** clockspider has joined #postfix[07:08:52] *** tjikkun has joined #postfix[07:16:19] *** p3rror has joined #postfix[07:16:36] *** mactimes has joined #postfix[07:20:49] *** uqlev has quit IRC[07:26:11] *** amrit|wrk is now known as amrit[07:41:36] *** will_ has quit IRC[07:44:29] *** loddafnir has joined #postfix[07:54:30] *** will_ has joined #postfix[08:11:22] *** clockspider_ has joined #postfix[08:19:10] *** sep has joined #postfix[08:23:10] *** xabbuh has joined #postfix[08:24:44] *** dragonheart has quit IRC[08:25:14] *** clockspider has quit IRC[08:31:18] *** cilly has joined #postfix[08:31:47] *** tjikkun has quit IRC[08:33:51] *** felipe` has joined #postfix[08:34:25] *** sophokles has joined #postfix[08:39:00] *** polaru has joined #postfix[08:42:59] <dhx_m> rob0: you're right about virtual/local stripping off supplementary groups from root :([08:43:04] *** milligan_ has quit IRC[08:43:06] *** f3ew has quit IRC[08:45:02] *** diqpib has joined #postfix[08:45:06] *** f3ew has joined #postfix[08:45:42] *** S7 has joined #postfix[08:49:06] *** will_ has quit IRC[08:49:34] <S7> Hi, is there any way to change transport dependent on the sender?[08:50:20] *** brancaleone has quit IRC[08:52:01] <f3ew> No[08:52:12] *** wdp has joined #postfix[08:52:37] <S7> ;\[08:52:51] *** Motoko-chan has quit IRC[08:53:16] <dhx_m> well you could always rewrite/replace the part of postfix which handles that :p[08:54:29] <S7> well, isn't there's sender_based_routing[08:54:44] <S7> and sender_based_relayhost_maps[08:54:56] <S7> can't i manage something with those?[08:55:45] <S7> i've tried with sender_based_routing, it seems it matches the mail from ok to transport table, but then it matches also the rcp to which is not needed and the result is not what i intend[09:02:32] <dhx_m> by sender based... how do you want to distinguish between senders?[09:04:24] <dhx_m> by their IP address?[09:07:31] <S7> by the domain name in mail from[09:07:47] *** Zordrak_ has joined #postfix[09:07:51] <S7> or by the smtpd instance the mail came from if that possible[09:08:08] <S7> i have two ips, smtpd (in master.cf) listening on each[09:08:14] <S7> each ip have it's own domain[09:09:00] <dhx_m> how do you plan to avoid people spoofing the sender to use your different transport method?[09:09:11] <dhx_m> unless that doesn't matter for you[09:09:18] <S7> only local adresses allowed to relay[09:09:48] <S7> and basicly it's for a web application, no real users[09:10:34] <dhx_m> so your server doesn't receive email from public networks?[09:11:40] <S7> nope[09:11:57] *** madrescher has joined #postfix[09:13:46] <S7> http://pastebin.com/m2c394c8c that's my transport, in main.cf there's sender_based_routing = yes[09:14:14] <S7> i don't get it, how i stop postfix from trying resolve the destantion addr as well threw the transport map?[09:15:19] <dhx_m> sender_based_routing was deprecated in 2.3 by sender_dependent_relayhost_maps[09:16:02] <dhx_m> A sender-dependent override for the global relayhost parameter setting. The tables are searched by the envelope sender address and @domain. A lookup result of DUNNO terminates the search without overriding the global relayhost parameter setting (Postfix 2.6 and later). This information is overruled with relay_transport, default_transport and with the transport(5) table.[09:16:13] <dhx_m> as a side note, lol @ DUNNO result[09:16:14] <S7> with sender_dependent_relayhost_maps i can only change relay host, not transport[09:17:14] <S7> or am i totaly miss it?[09:18:14] <S7> so the only solution is get one postfix instance per domain?[09:18:59] <dhx_m> wouldn't you use sender_dependent_relayhost_maps to change the host you want to relay though in the next hop[09:19:24] *** Zordrak has quit IRC[09:20:44] <dhx_m> and then change relay_transport (or some similar setting) to define the transport method for the host(s) you are relaying through[09:21:09] <S7> then i need a host to relay threw, another mail server[09:21:40] <S7> i basicly want to change the helo string to match the mail from[09:21:43] *** psteyn has joined #postfix[09:21:49] <S7> not really relay threw another server[09:21:52] <dhx_m> I don't see why you couldn't host both domains on one server?[09:22:04] <S7> politics.[09:22:10] <S7> it's not my call... ;\[09:22:47] <dhx_m> so mail arrives from @source1.com and you want to relay it to dest1.com[09:22:58] <dhx_m> and mail arrives from @source2.com and you want to relay it to dest2.com[09:22:58] <dhx_m> ?[09:23:58] <S7> mail arrives from @source1.com for whatever at gmail dot com i want the mta say helo to gmail with source1.com[09:24:05] <S7> mail arrives from @source2.com for whatever at gmail dot com i want the mta say helo to gmail with source2.com[09:24:09] *** p3rror has quit IRC[09:24:37] <S7> so it will look like two different mail servers, with two different ips[09:24:46] <S7> with two different domains[09:24:58] <S7> without the overhead of running two postfix instances[09:25:15] <dhx_m> aha[09:26:05] <S7> my orignal idea was creating to smtp transports in master.cf with -o smtp_helo_name and then pass mail to them depending on the sender[09:26:23] <dhx_m> yep[09:26:32] <S7> thought it'll be easier =)[09:26:51] <S7> *to = two[09:30:00] <dhx_m> I wonder if it's possible to play some DNS tricks with CNAME?[09:30:55] <dhx_m> so you create your own gmail1.yourserver.com and gmail2.yourserver.com that both point to the gmail server[09:31:32] <dhx_m> so you set the relay host using sender_dependent_relayhost_maps[09:31:51] <dhx_m> to either gmail1... or gmail2...[09:32:58] <dhx_m> and then you change the transport depending on what the next relay hop is (which is now either gmail1 or gmail2)[09:37:47] *** cilly has quit IRC[09:37:56] <S7> it's a nice idea indeed, but i need send to all isps, not just gmail =)[09:40:39] <dhx_m> in that case you will probably need two instances of postfix?[09:41:01] *** madrescher has quit IRC[09:41:36] <S7> i'm trying to figure it out few days already[09:41:50] <S7> it all comes to two instances[09:42:01] <S7> or hacking postfix[09:42:59] <S7> and i bet it'll take me weeks just to figure out what goes where and i was suppose to finish that server few days ago[09:45:09] *** Robbie__ has joined #postfix[09:45:57] <dhx_m> S7... DNS + SQL wildcards maybe?[09:47:07] *** madrescher has joined #postfix[09:47:09] <dhx_m> *.relay.serverX.yourdomain.com where * is the real destination domain and X is source1/source2[09:47:31] <dhx_m> might need some interfacing magic though ;)[09:53:02] *** war9407 has joined #postfix[09:55:06] <S7> how will i'll change the ip to the right server?[09:55:15] *** idbgthusiexist has quit IRC[09:55:24] <dhx_m> lol postfix developers sure do have a sense of humour... 221 2.7.0 Error: I can break rules, too. Goodbye.[09:55:40] *** wdp has quit IRC[09:56:06] *** F6F has joined #postfix[09:56:40] *** wdp has joined #postfix[09:59:24] <dhx_m> hmm another thought[10:00:12] <dhx_m> or maybe not[10:01:24] *** F6F_ has joined #postfix[10:01:35] *** Thazza has quit IRC[10:01:49] <S7> dhx_m, thank you for your time & effort =)[10:01:57] <S7> i've just finished setting up the 2nd instance[10:02:08] <dhx_m> S7: I'm not really sure how it all works internally so I'm not much help[10:02:17] <S7> seems to work fine, but i bet i'll have problems with dovecot now =)[10:05:49] <dhx_m> sounds fun :)[10:06:16] *** madrescher has quit IRC[10:15:45] *** hever has joined #postfix[10:20:00] <SpiceMan> dhx_m: isnt't virtual domains what you're looking for?[10:21:08] <dhx_m> SpiceMan: for S7's problem?[10:22:03] <SpiceMan> oh, it was his problem?[10:22:12] <SpiceMan> ok, wouldn't virtual domains do?[10:23:24] <dhx_m> SpiceMan: he wanted to change the configuration value smtp_helo_name depending on the sender's email address[10:23:45] <SpiceMan> oh[10:25:00] <SpiceMan> well, since couldn't make it work, maybe is not that simple[10:25:07] <SpiceMan> but the -o sounds easy xD[10:25:27] <S7> the -o is easy, making it depend on the sender not so much =)[10:27:52] <SteveC> Anyone have a way to take maildir files and push them back into SMTP to be processed (in this case they've now got a transport rule to send them to another server)[10:40:51] <dhx_m> smtp_tls_security_level = may... isn't this self defeating?[10:42:01] *** feisar has joined #postfix[10:42:58] *** brancaleone has joined #postfix[10:45:15] *** _bugz_ has quit IRC[10:55:48] *** make has joined #postfix[10:59:39] *** make has left #postfix[11:00:24] <dhx_m> S7: smtp_generic_maps with virtual_alias_maps could potentially allow you to do what you want... but it is a lot of work/hacking around[11:03:03] *** hparker has quit IRC[11:04:00] *** aditsu has joined #postfix[11:04:27] *** _bugz_ has joined #postfix[11:04:55] <aditsu> hi, I'm using postfix with virtual mailboxes; is it possible to define a virtual alias to deliver email to not one but two mailboxes?[11:08:32] *** feisar has quit IRC[11:09:27] *** andy_u has joined #postfix[11:10:26] *** tjikkun has joined #postfix[11:11:53] *** denis has joined #postfix[11:14:36] <Zerberus> aditsu: yes[11:15:02] <aditsu> Zerberus: love those answers :p ok, could you please tell me how?[11:15:14] *** sophokles has quit IRC[11:17:25] <Zerberus> aditsu: man 5 virtual has an example[11:19:59] *** sep has quit IRC[11:21:07] *** dragonheart has joined #postfix[11:21:33] <aditsu> ah, I see.. wonder how to use that with a database[11:23:44] <andy_u> hi i installed postfix on ubuntu jaunty a couple of months ago. i'm using google apps so i didn't configure it for incoming mail. anyway, here's the issue, i just checked my log file at /var/log/mail.info and i saw that it's logging something EVERY minute. is this normal?[11:24:44] *** sep has joined #postfix[11:26:44] <aditsu> Zerberus: if I use a database query such as "SELECT forw_addr FROM mxaliases WHERE alias='%s'", should it return one record with the comma-separated addresses, or multiple records, each one with a single address?[11:28:24] *** AcTiVaTe has joined #postfix[11:28:53] <aditsu> andy_u: logging what?[11:29:26] <Zerberus> aditsu: a comma separated list as like you would get from a hashed map query[11:29:54] <andy_u> ummm...lots of stuff...where can i paste it without flooding the channel?[11:29:58] <aditsu> Zerberus: thanks, I'll try[11:30:20] <andy_u> i mean, i'll paste a portion of it, not all of it or it'll take forever[11:30:42] <_ruben> use a pastebin[11:30:45] <aditsu> andy_u: to a pastebin, such as pastebin.ca, dpaste.com or whatever[11:31:07] <andy_u> ok, sorry, still a newbie in this chat thing[11:32:35] <andy_u> here you go http://pastebin.ca/1520305[11:34:20] <aditsu> o_O something is definitely screwed up[11:35:28] <aditsu> andy_u: first of all, andy at NO-REPLY@quicksite1 dot com is not a valid email address[11:36:23] <andy_u> yeah, i don't know where that came from though...in my scripts (PHP), i used only NO-REPLY at quicksite1 dot com[11:36:34] <aditsu> andy_u: and it seems that you have an empty gid setting somewhere[11:36:37] <andy_u> i don't know where the andy@ came from[11:36:55] *** mactimes has quit IRC[11:38:39] <aditsu> I don't know what could cause those things.. maybe somebody else can help you[11:39:08] <andy_u> oh well, i'll a fresh configure of main.cf[11:39:15] <andy_u> *i'll try*[11:40:35] <andy_u> but thanks...i just wanted some confirmation if this was normal or if it was screwed up.[11:41:06] <andy_u> now that i know it's not normal, i can look for a fix.[11:41:15] <aditsu> andy_u: didn't notice anything normal in your paste[11:41:46] *** S7 has quit IRC[11:44:20] *** Zblakany has joined #postfix[11:46:15] *** UQlev has joined #postfix[11:47:06] *** jense has joined #postfix[11:47:23] <mefiX> hey folks :)[11:48:26] <mefiX> in case i have a mysql-db connected to check_recipient_access, is it possible to use some sort of wildcards within this db? i have several domains and would like to match eatch of them with single rows, is this possible?[11:54:16] *** Zordrak_ is now known as Zordrak[11:58:37] *** Tykling has quit IRC[11:58:39] *** aditsu has quit IRC[12:05:19] *** Tykling has joined #postfix[12:25:27] *** andy_u has quit IRC[12:34:45] *** jtrm has joined #postfix[12:39:31] *** teddy has quit IRC[12:44:06] *** Muhis has quit IRC[12:44:06] *** higuita has quit IRC[12:44:06] *** tomocha6 has quit IRC[12:44:20] *** stephan48 has joined #postfix[12:45:28] *** Muhis has joined #postfix[12:45:28] *** tomocha6 has joined #postfix[12:45:28] *** higuita has joined #postfix[12:47:19] *** cilly has joined #postfix[12:47:58] *** sed__ has joined #PostFix[12:48:51] *** godlie has joined #postfix[12:49:55] <godlie> hi how is it possible to secure my email server that he only takes up messages for relaing from my external ip[12:50:59] <f3ew> !basic[12:50:59] <knoba> f3ew: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[12:51:10] <f3ew> godlie that's the default[12:51:33] *** sed_ has quit IRC[12:51:34] *** Zelest has quit IRC[12:51:46] <godlie> im asking because of an articel on heise.de[12:52:07] <godlie> this articel is about some spammers who use localhost as an rdns enrty[12:52:21] <godlie> and therefore i was thinkin about if my server would be an open relay for them[12:54:10] *** F6F has quit IRC[12:54:22] *** loddafnir has quit IRC[13:03:37] *** ming_zym has quit IRC[13:07:16] *** UQlev has quit IRC[13:09:19] <godlie> so di get it right: if i define mynetworks = 127.0.0.0/8 and mydestination to my hostname and localhost am i safe then?[13:22:09] *** mrbenn has joined #postfix[13:22:18] <mrbenn> hi[13:22:38] <mrbenn> i have Maildir/ set in the home_mailbox setting. But i am not sure if this is the correct thing to do[13:22:41] <mrbenn> can anyone help?[13:23:09] <f3ew> mrbenn if that is what you want, yes[13:23:17] <f3ew> godlie yes[13:23:41] <mrbenn> problem is that i am not sure if that is what i want. My virtual mailboxes are stored in /var/mail/%d/%n[13:23:53] <mrbenn> so should postfix have the home_mailbox set to that same path as well?[13:23:56] <mefiX> in case i have a mysql-db connected to check_recipient_access, is it possible to use some sort of wildcards within this db? i have several domains and would like to match eatch of them with single rows (like user@*), is this possible?[13:23:58] <mrbenn> or am i confusing thjings here[13:24:01] <f3ew> then it isn't. home_mailbox is for local(8), not virtual(8)[13:24:13] <f3ew> local(8) is for domains in mydestination[13:24:28] <f3ew> mefiX not within the DB[13:24:46] <f3ew> you need a regexp table, or a query supporting wildcards[13:24:52] <godlie> f3ew: ok and relay_domains is at default[13:25:14] <mrbenn> well my destinations are set up as mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain[13:27:40] <mrbenn> i only have virtual mailboxes. so should i remove home_mailbox?[13:28:30] *** jtrm has quit IRC[13:31:04] <mefiX> f3ew: but i could create my own qry like <<select ... from ... where alias like '%u*'>> right?[13:31:32] <f3ew> yes[13:31:40] <f3ew> mrbenn it won't matter[13:32:00] <mrbenn> ok, well i have commented it out anyway. just in case[13:32:05] <mrbenn> so i am now looking at the virtual_mailbox_base field.[13:32:18] <mrbenn> should that be set to /var/mail/%d/%n[13:32:21] <mefiX> f3ew: in case of user@domain %s is 'user@domain', %u is 'user' and %d is 'domain' right?[13:32:55] <f3ew> mrbenn I like virtual_mailbox_base = / and virtual_mailbox_maps returns the full path to the maildir[13:33:01] <f3ew> mefiX yes[13:33:11] <mrbenn> ah right. ok[13:33:20] <mrbenn> ill try that[13:36:36] <mrbenn> if i go into webmin and into the postfix module and then check the mail for the user i am testing with then it seems to be looking in /var/mail/ben - even though the path is domain/username in the mailbox table (as returned by the virtual_mailbox_maps param)[13:36:45] <mrbenn> is that a red herring, or is that something i need to look into?[13:37:28] * f3ew doesn't use webmin[13:38:31] <mrbenn> ok ignore webmin for a second then. Let me rephrase it[13:38:43] *** jtaji has quit IRC[13:38:52] <mrbenn> i sent myself a test email and the mail seems to land in /var/mail/ben[13:39:08] <mrbenn> however, i would expect it to go to /var/mail/rawjam.co.uk/ben[13:39:19] *** Dr-Linux|home has joined #postfix[13:39:20] <f3ew> Sounds like that domain is in mydestination ?[13:39:25] <mrbenn> rawjam.co.uk/ben is set in the mailbox table in teh postfix database...[13:39:30] <Dr-Linux|home> i've a question here: http://pastebin.ca/1520392[13:39:34] <f3ew> !debug[13:39:35] <knoba> f3ew: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .[13:39:36] <mrbenn> ah could be. how do i check?[13:39:44] <Dr-Linux|home> please anybody have a look and advice[13:39:59] <f3ew> See the !debug stuff @ mrbenn[13:40:02] <mrbenn> myhostname is set to rawjam.co.uk[13:40:10] <mrbenn> is that OK or is that a no no?[13:40:31] <f3ew> mydestination = $myhostname <=====[13:40:34] <f3ew> See, not virtual[13:40:44] <f3ew> See ADDRESS_CLASS_README[13:40:51] <f3ew> Dr-Linux|home it should just work[13:41:44] <Dr-Linux|home> f3ew: what do you mean? i'm not using sendmail anymore .. but postfix[13:42:04] <f3ew> Dr-Linux|home Postfix provides /usr/sbin/sendmail[13:42:13] <mrbenn> so do i want to move myhostname from the mydestination list?[13:42:41] <f3ew> mrbenn yes[13:42:44] <Dr-Linux|home> f3ew: but i put in a file and i'm not reciving email[13:42:54] <mrbenn> and $mydomain?[13:43:00] <f3ew> Dr-Linux|home so what do your logs say?[13:43:05] <f3ew> mrbenn that should be fine[13:43:38] <mrbenn> thanks. ill try that[13:44:00] <Dr-Linux|home> f3ew: when i rum this command on command prompt it hang on next line:[13:44:01] <Dr-Linux|home> asterisk]$ /usr/sbin/sendmail sshah at i2cinc dot com[13:44:31] <Dr-Linux|home> f3ew: so here i just enter it does show next line but .. kinda hang[13:44:42] <f3ew> Dr-Linux|home start typing :)[13:44:57] <Dr-Linux|home> hehe yeah i did[13:45:43] *** Section1 has joined #postfix[13:46:07] *** diqpib has quit IRC[13:46:40] <Dr-Linux|home> f3ew: what if i put -t infornt of it and run the command on command line?[13:48:40] <Dr-Linux|home> f3ew: it says:[13:48:41] <Dr-Linux|home> No recipient addresses found in header[13:48:44] <mrbenn> ah that worked![13:48:54] <mrbenn> final one. my mailog now says warning: do not list domain rawjam.co.uk in BOTH virtual_mailbox_domains and relay_domains[13:52:34] <Zerberus> Dr-Linux|home: sendmail -t expects input with proper mail headers to read from[13:53:19] <Dr-Linux|home> Zerberus: so do you think my header is fine?[13:53:34] <Dr-Linux|home> question here: http://pastebin.ca/1520392[13:54:59] *** pingo_ has joined #postfix[13:55:45] <Dr-Linux|home> thanks guys[13:55:50] <Dr-Linux|home> i understand now[13:55:54] <Dr-Linux|home> it worked for me[13:56:00] <Dr-Linux|home> thanks f3ew[13:56:29] *** Dr-Linux|home has left #postfix[14:01:30] *** cilly has quit IRC[14:03:08] *** teddy has joined #postfix[14:04:35] *** p3rror has joined #postfix[14:08:48] *** gerhard7 has joined #postfix[14:09:59] *** pingo_ has quit IRC[14:10:37] *** pingo_ has joined #postfix[14:10:42] <pingo_> hey all[14:12:41] <pingo_> got maybe dumb question: is it possible to reject mails from outside with from=something@$mydomain and rcpt to=someotheruser@$mydomain unconditionally? (as its forged spam anyway)[14:15:44] *** Methose has joined #postfix[14:17:15] *** hever has quit IRC[14:18:00] *** hever has joined #postfix[14:18:03] *** f3ew has quit IRC[14:19:04] *** f3ew has joined #postfix[14:23:24] *** pinoyskull has quit IRC[14:23:26] <Methose> I've installed postfix as a part of Nagios on ubuntu 9.04; When using the shell to mail -s {subject} {address}, I receive the message on my hotmail address, but do not receive the message on my gmail, or exchange server. I belive that it must be a rejected because of the sending address, but I am unsure how to configure my main.cf to correct the problem.[14:23:59] <Methose> *believe[14:24:32] <Section1> look mail logs[14:27:44] *** Schmidt has quit IRC[14:31:15] <Methose> when looking in my mail logs, I see that the connection says it is timed out. This mail server is receiving other mail items fine at the same MX record[14:32:40] *** cpm has joined #postfix[14:35:14] <Section1> Methose, i dont know your network setup...but maybe from internel network your postfix cannot connect to the public ip of the MX[14:35:35] <Section1> s/internel/internal/[14:36:02] <Section1> try with telent mx-ip 25 to test the connection[14:36:15] <Section1> grr, telnet mx-ip 25[14:37:01] *** madrescher has joined #postfix[14:39:12] *** saurabhb has quit IRC[14:41:20] <Methose> Section1: thank you very much for the help thus far; yes, interestingly enough I am unable to telnet port 25 to the exchange server.[14:42:16] <Methose> the exchange server is able to receive other SMTP mail, such as pop3 messages from wem ail accounts like hotmailo.gmail[14:43:07] <Methose> s/wem ail/web mail :)[14:53:29] <Methose> thank you for the help, I believe that it might be a firewall issue, so I must sign off to check the configuration. I will be back to inform you how this goes. Thanks again Section1[14:55:05] *** Methose has quit IRC[14:56:11] *** Methose has joined #postfix[14:57:35] <Section1> hehe p3p messages ( ? )[14:57:39] <Section1> pop3[14:59:49] <Section1> !transport_maps[14:59:50] <knoba> Section1: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[15:01:37] *** UQlev has joined #postfix[15:03:59] *** hever has quit IRC[15:04:23] *** cps0 has joined #postfix[15:10:26] *** Methose has quit IRC[15:10:46] *** Methose has joined #postfix[15:14:59] <Methose> ok it does not appear to be a firewall issue. I was thinking that the box was not able to get out of the firewall and back in on the public MX, but it is able to send to other addresses[15:16:23] *** VavaR has quit IRC[15:19:14] <Section1> Methose, use internal ip of the MX[15:20:22] *** [sr] has joined #postfix[15:20:24] <[sr]> howdy[15:20:55] <[sr]> the messages returned by postfix from DSN notifications, are localizable?[15:21:18] <Methose> oh good call, Section1 I am able to telnet to internal IP[15:21:34] <Section1> and use transports_maps[15:21:37] <Section1> on postfix[15:22:59] <Section1> transport_maps[15:24:50] *** laga_ has left #postfix[15:27:07] <Methose> I am unfamiliar with this, I will have to read up on it for a moment[15:28:21] *** bhagat has quit IRC[15:28:43] *** feisar has joined #postfix[15:29:13] *** simprix has joined #postfix[15:29:36] <simprix> I suspect that a user has a virus on their computer. I have a bunch of this in my mail queue. F2E8B142A49A 112999 Thu Aug 6 04:00:09 MAILER-DAEMON[15:29:36] <simprix> (delivery temporarily suspended: connect to mail.microsoft.co.uk[217.64.231.238]:25: Connection timed out)[15:29:47] <simprix> Is there a way I can look and find out what ip they are coming from ?[15:29:59] *** paziek_ has joined #postfix[15:30:30] *** mrbenn has quit IRC[15:30:42] <Methose> Section1: I see how this can correct the internal mail issue, but it does not see how that it will help with sending to gmail addresses?[15:30:54] <theblackbox> hey sorry to post OT, but I'm getting no response anywhere else and figured I might find someone in here - trying to set up squirrelmail with a change_password plugin but I can't figure out how it gets the old password (as it fails to do so and I need to change the query to reflect my postfix db)[15:31:27] <theblackbox> http://tinyurl.com/lrggr2[15:31:27] *** TomHome has quit IRC[15:32:22] <Section1> Methose, you can connect to the gmail mx ?[15:32:29] <Section1> with telnet ?[15:35:47] *** carl- has joined #postfix[15:39:03] <Methose> I cannot[15:40:03] *** cilly has joined #postfix[15:41:31] *** teddy has quit IRC[15:41:52] <Methose> but gmail does not list their MX record (that I can find) and I can telnet hotmail @ 65.55.37.88[15:42:13] <Methose> excuse me they do not list the IP for their MX record[15:43:00] <ewook> eh. dude, there's 5 mx-records for gmail.com.[15:44:03] <ewook> gmail.com mail is handled by 5 gmail-smtp-in.l.google.com.[15:44:09] <ewook> gmail-smtp-in.l.google.com has address 209.85.218.31[15:44:47] *** carl- has quit IRC[15:45:15] *** TeckniX has joined #postfix[15:45:40] <Methose> ok, I'm sorry my mistake. I am able to telnet to 209.85.218.31[15:45:54] *** pingouin has quit IRC[15:47:13] <Section1> so your postfix too is able to connect[15:48:10] *** simprix has quit IRC[15:50:21] <Methose> grrr, correct. I am actually able to connect and send mail to the gmail address.[15:50:37] <Methose> sorry again for the confusion[15:51:28] *** dragonheart has quit IRC[15:51:39] *** gerhard7 has quit IRC[15:55:02] *** denis has quit IRC[15:56:56] *** vys has joined #postfix[15:58:33] *** pingouin has joined #postfix[16:01:46] <pingo_> getting back to my question: is it possible to reject mails from outside with from=anyuser@$mydomain and rcpt to=someotheruser@$mydomain unconditionally as only my server sends mail for $mydomain? (its forged spam that would get delivered localy)[16:06:09] *** denis has joined #postfix[16:10:46] *** godlie has quit IRC[16:18:22] *** bluethundr_ has quit IRC[16:19:37] *** Rockj has quit IRC[16:19:40] *** Rockj has joined #postfix[16:20:08] *** [sr] has quit IRC[16:23:06] *** seekwill has joined #postfix[16:26:56] *** psteyn has quit IRC[16:30:46] *** gerhard7 has joined #postfix[16:35:42] <bronb_> UQlev: You weren't here! , thanks -a lot-, after setting the SPF and DKIM - gmail won't treat it as spam. (even so the From: belongs to a gmail account)[16:37:27] *** sophokles has joined #postfix[16:38:08] *** sophokles has quit IRC[16:46:28] *** SARGuy has joined #postfix[16:51:24] *** UQlev has quit IRC[16:53:53] *** jmedina has joined #postfix[16:56:14] *** Section1 has quit IRC[16:57:49] *** Section1 has joined #postfix[17:00:03] *** pingo_ has quit IRC[17:01:41] *** xabbuh has quit IRC[17:04:53] *** moonth has joined #postfix[17:05:55] *** moonth has left #postfix[17:05:57] *** githogori has quit IRC[17:26:05] *** Robbie__ has quit IRC[17:29:43] *** pickcoder has joined #postfix[17:32:25] *** hever has joined #postfix[17:33:37] *** VaNNi has quit IRC[17:36:42] *** michelem has joined #postfix[17:36:46] <michelem> hello folks[17:38:32] <michelem> qmail has a "delegate" way to handle virtual domains, such that you simply assign some domain to one user, and some tools take care of adding/removing/dispatching/authenticating for that virtual domain[17:39:29] <pickcoder> that's nice.. and?[17:39:29] <michelem> is there anything similar in postfix that doesn't require to manually list all the users on the system and associate to each of them individually the email folder?[17:39:48] <pickcoder> no unless you use something like webmin[17:40:20] <michelem> so what webmin would do is to actually manipulate that big list and recompile the respective db[17:40:26] <pickcoder> I have no idea[17:40:28] <pickcoder> I don't use it[17:40:34] <pickcoder> but it's a GUI config tool[17:40:38] *** vys has quit IRC[17:40:43] <lunaphyte> yeah, that's not really appropriate for the realm of the mta, imo. that's something that should be handled by other software.[17:41:09] <pickcoder> I don't think it's appropriate for any piece of software[17:41:33] <pickcoder> one-way street into hackdom[17:41:59] <pickcoder> configuring virtuals is not that complicated[17:42:00] <michelem> pickcoder: kind of... modularity and replaceability as in unix ?[17:42:16] <pickcoder> you add a domain.. you add a user and/or alias[17:42:23] <michelem> ok let's not start a flame :)[17:42:23] *** githogori has joined #postfix[17:42:42] <michelem> well honestly I think the more separation the better[17:42:45] <rob0> qmail refuses (by design) to validate users ... that is how it can do "wonderful" things like that.[17:43:21] <michelem> rob0: many make a point of that, whereas I don't see a problem, actually I see one in the other approach (spam)[17:43:43] <rob0> Backscatter which results *is* spam.[17:44:15] <pickcoder> speaking of backscatter.. amavis is causing me grief again even after setting most options to D_REJECT[17:44:31] <pickcoder> I'm about to block all incoming mail at this point and set a different return-apth[17:44:34] <pickcoder> ~path[17:44:35] <rob0> I have a domain here ... not in my list of domains, but plagued with backscatter.[17:44:50] <rob0> 1.8 megarejects in July.[17:45:24] *** cilly has quit IRC[17:45:34] <pickcoder> michelem: depending on your virtuals backend choice, you can throw a script together in less than an hour to do what you want[17:45:58] <pickcoder> hash maps are simple and you can easily manipulate them with any language[17:46:07] <michelem> sure sure[17:46:34] <michelem> I just like it better to have them separate and to exploit rules for mapping instead of forcing to list each user along with a custom directory[17:46:37] <pickcoder> MySQL and a PHP script are even simpler if you've got experience with SQL[17:46:50] <michelem> nonono, KISS :)[17:46:56] <rob0> And that will cause you to be a spam source.[17:47:12] <michelem> rob0: oh cmon[17:47:36] <michelem> 1% of backscatter is better than letting spam collect for free bulks of valid email destinations[17:47:56] <pickcoder> what's the difference between mapping users to domains versus assigning virtual mailboxes and domains?[17:47:58] <rob0> Indeed, I have real life experience with this, and backscatter is a huge problem. I've seen it on a friends site totally DoS him.[17:48:03] <pickcoder> you're accomplishing the same task[17:49:27] * pickcoder just sent a request for a colo quote to he.net. \o/ I hope we can get something setup[17:49:34] <pickcoder> I need to set up my torrent server...[17:49:48] <michelem> I see 2 problems: one is annoyance (you repeat lots of stuff), one is reliability (say your admin tool crashes while adding one user, the whole db will be broken)[17:50:14] <pickcoder> my admin tool is vi[17:50:21] <pickcoder> if it crashes the file still exists[17:50:48] *** VaNNi has joined #postfix[17:50:52] <michelem> yes, that one works for us, not when you have 120 domains to let users administer themselves.[17:50:54] <pickcoder> plus, if you don't make backups of primary config files before you make changes, then you have bigger management problems[17:51:12] <michelem> ok anyways, it's not possible and it's not worth flaming on why and how[17:51:19] <pickcoder> it is possible[17:51:24] <pickcoder> if you take the time to write a script to do it[17:51:30] <michelem> ah it is?[17:51:35] <michelem> sorry I didn't get that[17:51:44] <michelem> how?[17:52:00] <michelem> I want to delegate the dispatching to users[17:52:02] <pickcoder> you will need to manage your own list[17:52:09] <michelem> can I map entire domains to something external?[17:52:19] <pickcoder> and have a script build the virtuals configs[17:52:22] * rob0 has low tolerance for spammers, even less for unrepentant ones[17:53:04] <pickcoder> "something external"[17:53:08] <pickcoder> ??[17:53:51] <michelem> pickcoder: easy. "domain1.com handled by unix user X, domain2.net by Y"[17:54:12] <pickcoder> that's up to you, as the admin[17:54:15] <pickcoder> write a script to handle that[17:54:19] <pickcoder> pull configs from ~home[17:54:22] <michelem> put simple, not listing 150000 lines in the virtual conf file for 150000 users[17:54:26] <pickcoder> rebuild the virtuals via cron[17:54:32] <pickcoder> and let the spam flow....[17:54:42] <pickcoder> bbiab[17:54:54] * seekwill perks up[17:54:56] <seekwill> Spam?[17:55:30] <michelem> forget it :)[17:56:12] <rob0> A backscatterer ... spamhaus fodder, if it happens on a large enough scale.[17:56:15] <michelem> it requires a lot of cross validation and solving it to "just write it yourself" does not really back being possible :)[17:56:32] <seekwill> What's the issue?[17:56:51] <michelem> rob0: if you have a spam filter, backscatter won't just leave the machine[17:57:03] <michelem> in fact, backscatter is negligible wrt the volume of regular spam[17:57:10] <seekwill> lol[17:57:22] <cite> Yeah. Right. Filtering NDRs is _such_ a good idea.[17:57:31] <michelem> and the volume of regular spam does depend on the fact that servers that let you validate addresses help so well in purifying the databases of spammers[17:57:53] <cite> Yeah. Right. Spammers are notoriously known for purging their databases of stale addresses.[17:58:04] <michelem> look dude, I don't care[17:58:06] <seekwill> michelem: I think you have a few misconceptions...[17:58:28] *** oekotaco has joined #postfix[17:58:29] <rob0> DJB said it, the faithful believe it, that settles it! Regardless of the facts.[17:58:33] <oekotaco> hi everyone.[17:58:33] <seekwill> But if you don't care, I don't care![17:58:37] <cite> All hail rob0![17:58:39] <michelem> I moved to postfix because it's the only possibility nowadays, and although the claim is that it's sooo simple, I find the configuration sooo messed up and confusing[17:58:50] <rob0> !easy[17:58:51] <knoba> rob0: "easy" : unfortunately, because there are some folks who invest the time and effort to understand things, it makes emailing very easy for lots of other people, which seems to foster the notion that it couldn't possibly be any more complex than clicking send. this, of course, is not the case. as with most things, you get what you put in. also see !maintain[17:58:59] <oekotaco> have a huge problem.. after trying to install amavis i always got a (warning: connect to transport smtp: Connection refused)[17:59:03] <oekotaco> any ideas??[17:59:18] <seekwill> /topic ?[17:59:26] <rob0> !ideas[17:59:26] <knoba> rob0: Error: "ideas" is not a valid command.[17:59:50] <pickcoder> michelem: have you looked to see if there are PHP+MySQL ISP config applications for mail[18:00:13] <thumbs> !rob0[18:00:14] <knoba> thumbs: "rob0" : a pathetic bot that reacts to newly joined users with reciting the !basic factoid :)[18:00:22] <thumbs> !seekwill[18:00:22] <knoba> thumbs: "seekwill" : the guy you wanna chat with when you have postfix related question![18:00:45] <oekotaco> http://pastebin.com/d70b91bb2[18:00:49] <oekotaco> my postconf -n[18:01:05] <oekotaco> only outgoing messages stuck in mailq.[18:01:11] <oekotaco> oncoming mails work fine..[18:01:25] <cite> oekotaco: Show logs and master.c[18:01:28] <cite> +f[18:01:34] <oekotaco> one sec.[18:03:29] <oekotaco> http://pastebin.com/dae054bc[18:03:32] <oekotaco> logfile[18:04:11] <oekotaco> http://pastebin.com/d60b65c56[18:04:14] <oekotaco> master cf[18:05:38] <cite> oekotaco: You deleted the smtp transport. Try executing "postfix upgrade-configuration" or simply add the following line to master.cf:[18:05:55] <cite> oekotaco: smtp unix - - - - - smtp[18:06:36] <oekotaco> thanks i'll try it.[18:06:38] <cite> oekotaco: Do a "postfix reload" afterwards and you should be fine.[18:08:43] <oekotaco> daemon started -- version 2.3.8, configuration /etc/postfix[18:08:51] <oekotaco> but still the same prob.[18:08:59] <oekotaco> warning: connect to transport smtp: Connection refused[18:09:00] <oekotaco> wtf.[18:09:03] <cite> Did you add that line manually?[18:09:05] <pickcoder> wow.. we're getting a decent amount of Armstrong interest[18:09:24] <seekwill> pickcoder: Your new vendor?[18:09:25] <pickcoder> oekotaco: is smtp running?[18:09:31] <pickcoder> seekwill: yeah[18:09:43] <seekwill> pickcoder: Cool![18:09:56] <oekotaco> cite: no.. run upgrade-configuration[18:10:03] <cite> oekotaco: Then add that line.[18:10:14] <oekotaco> i have a line with smtp.[18:10:20] <oekotaco> http://pastebin.com/d60b65c56[18:10:25] <oekotaco> 5.[18:10:34] <oekotaco> or is it wrong?[18:10:46] <cite> That's "smtpd" (last field).[18:10:49] <oekotaco> and i need a 2. with smtp instead of smtpd at the end?[18:10:50] <cite> Not "smtp".[18:10:52] <oekotaco> ah.. ok.[18:10:53] <oekotaco> i see.[18:11:04] <cite> I hate Wietse for this naimg scheme.[18:11:29] <cite> Why an earth did he have to call those two "smtpd" and "smtp"?[18:11:47] <cite> Why not "smtp-agent" or something similar?[18:11:51] <pickcoder> because it's clear to those who know[18:11:53] <pickcoder> :)[18:12:13] <oekotaco> wheee.. great..[18:12:20] <oekotaco> thanks a lot cite[18:12:25] <cite> yw[18:13:54] <oekotaco> #postfix++ :)[18:14:16] <oekotaco> bye, thanks and have a nice day[18:14:20] *** oekotaco has left #postfix[18:16:10] *** githogori has quit IRC[18:17:04] *** f3ew has quit IRC[18:17:45] *** f3ew has joined #postfix[18:18:06] *** hparker has joined #postfix[18:25:42] *** Banshee1 has joined #postfix[18:26:31] *** madrescher has left #postfix[18:26:52] <Banshee1> anyone have a moment to help me with a postfix-ldap question?[18:27:05] <Banshee1> it should be relatively straight forward[18:28:55] <Zordrak> Banshee1: just ask..[18:29:08] <Banshee1> k[18:29:45] <Banshee1> i have ldap lookups happening perfectly fine within postfix... i am using a working ldap transport map....[18:30:31] <Banshee1> the attribute that i have being returned is mailHost (this is on an outbound server.. so mail internal to internal gets routed directly from the outbound to the correct maildrop /server)[18:32:03] <Banshee1> however... in our ou=aliases ldap subtree..... all the aliased addresses in LDAP have multiple "sub" addresses to then deliver to... so.. there is no mailHost attribute[18:32:52] <Banshee1> in which case (naturally).. postfix does it's lookup of our domain and then shoots those emails destined for the aliases under the global address outside to our public inbounds[18:32:52] <michelem> is there any counteradvice in making the virtual process run as postfix user?[18:33:14] <Banshee1> was that for me, michelem?[18:33:25] *** F6F has joined #postfix[18:33:27] <michelem> no, general question[18:34:42] <Banshee1> continuing.... i want to create some way to "rewrite" (though an additonal *.db indexed map) all our aliased addresses to be rwrtitten if matched BEFORE the ldap transport map is checked[18:34:47] <Banshee1> does this make sense?[18:35:03] <Banshee1> siorry for the lengthy desc... just wanted to get all the info out there..[18:37:59] <Banshee1> so.. i want to aliases OU in ldap (that have multiple subaddresses and no mailHost attribute) to also reroute the those subaddresses' mailHosts[18:38:40] *** stephan48 has quit IRC[18:38:55] *** _kjihgf has joined #postfix[18:39:18] <Banshee1> is there a way to have postfix query additonal attributes then take those returns and lookup THOSE users' mailHost attribute.. then finally return and transport accordingly[18:40:53] <rob0> LDAP and transports and multiple queries ... is "relatively straight forward"? I'd hate to see what Banshee1 would call a complicated mess![18:41:40] <Banshee1> my apologies....[18:42:15] <Banshee1> it seems like i could bypass ldap if i had a map that had all the aliases (and there multiple address rewrites) that gets queried[18:42:22] *** loddafnir has joined #postfix[18:42:30] <Banshee1> that was essentially what i was asking[18:42:53] <Banshee1> it's not really a complicated mess....[18:42:54] <rob0> well, an ugly kludge that would work: cron job to pull all the data from LDAP and build maps.[18:43:01] *** _kjihgf has left #postfix[18:43:24] <Banshee1> well these are static and would not be added to (this group)[18:43:40] <Banshee1> what type of map would (or could) this be?[18:43:45] <Banshee1> something virtual?[18:43:48] <Banshee1> or custom?[18:44:26] <Banshee1> ex: a map named alias_rewrites[18:44:33] <Banshee1> containging something like this:[18:45:08] <Banshee1> groupname at domain dot com user1 at domain dot com,user2@domain.com,user3@domain.com[18:45:49] <Banshee1> and then specifying the "type:mapname" in main.cf (and am i restricted to only a certain "type" of map?)[18:46:08] <Banshee1> and i would need this to be queried BEFORE the ldap transport map[18:46:13] <Banshee1> make sense?[18:52:13] *** hever has quit IRC[18:52:22] <lunaphyte> my sense is you can likely do what you want just fine w/ regular ldap queries - i've never not been able to accomplish what i was after when it came to postfix and ldap, but i'm still struggling to understand your goal.[18:52:56] <Banshee1> yeah... sorry... i may have overstated... let me try to encapsulate[18:54:06] <michelem> uhm, I'm having a weird behavior and I suspect I didn't get the chain[18:54:35] <michelem> I have alias_maps = hash:/etc/postfix/aliases and alias_database same. In aliases I have postmaster: my at email dot com[18:54:59] <michelem> I have "localhost" in mydestination.[18:55:26] <michelem> when I telnet to the server and I send to <postmaster>, the real destination is set to <postmaster at myvirtualdomain dot com>[18:55:47] <michelem> this is the first unexpected thing (I expected my at email dot com)[18:56:05] <rob0> !append_at_myorigin[18:56:05] <knoba> rob0: "append_at_myorigin" : a configuration parameter in the main.cf: Append the string "@$myorigin" to mail addresses without domain information.[18:56:35] <michelem> #the second thing is, even then, through "virtual_alias_maps = hash:/blah"[18:56:53] <michelem> rob0: that is "no" here[18:57:06] * rob0 sighs[18:57:50] <michelem> what would that mean?[18:58:16] <michelem> well anyways, I can wear that. The thing that I don't get is why the delivery is given up[18:58:49] <michelem> I have "postmaster at virtdomain dot com postmaster" in the virtual aliases database[18:59:58] <michelem> the error is "(unknown user: "postmaster at virtualdomain dot com")[19:00:05] <pickcoder> michelem: did you run newaliases?[19:00:48] <michelem> I ran postalias and postmap on both dbs[19:00:51] *** polaru has quit IRC[19:00:55] <michelem> on either :)[19:00:59] <michelem> you get it[19:03:51] <michelem> so "virtual_alias_maps = hash:/etc/postfix/virtaliases" contains "postmaster at virtdom dot com my at email dot com"[19:04:29] <michelem> no sorry, the right hand side is "postmaster"[19:05:07] <michelem> and "alias_maps = hash:/etc/postfix/aliases" contains "postmaster my at email dot com"[19:05:21] *** loddafnir has quit IRC[19:05:35] *** clockspider_ has quit IRC[19:06:05] *** cilly has joined #postfix[19:06:55] <michelem> ok, I just specified the final email destination to forward to directly in the virtual alias map.[19:08:22] *** hparker has quit IRC[19:15:31] <rob0> See postconf.5.html#append_at_myorigin , "Note 1".[19:17:59] *** tuxxie has joined #postfix[19:19:00] <tuxxie> How can I have postfix welcome email when an account is created?[19:19:58] <lunaphyte> you can't.[19:20:27] <lunaphyte> that would be done by whatever mechanism is creating the account.[19:20:54] <tuxxie> I am just using adduser[19:21:02] <lunaphyte> sounds good.[19:21:24] <tuxxie> I am not using ldap or mysql do manage users accounts now.[19:21:34] <lunaphyte> cool[19:21:35] <tuxxie> I will look into that thanks[19:21:37] <seekwill> lol[19:21:49] <michelem> uhm, interesting[19:21:53] *** githogori has joined #postfix[19:21:56] <michelem> I wonder why the option is still there then :)[19:22:06] <lunaphyte> sure thing, good luck. your distro's channel might have some insight on modifying the process.[19:22:57] *** plee has quit IRC[19:23:43] *** beawesomeinstead has quit IRC[19:24:21] *** plee has joined #postfix[19:24:46] *** beawesomeinstead has joined #postfix[19:27:43] <rob0> tuxxie if using home_mailbox could simply add a generic mail to the appropriate location under /etc/skel, but indeed, it's an issue for the OS.[19:28:59] <rob0> Said generic mail would not have the recipient's name/address in the To: header, but it would be enough to prevent IMAP clients from complaining that the mailbox doesn't exist.[19:29:07] <penrod> greetings : can anybody assist me on this error ? http://pastebin.ca/1520707[19:29:32] <lunaphyte> a few folks in here have been doing dkim lately - who where they?[19:29:49] <lunaphyte> penrod: what part isn't clear?[19:29:51] <rob0> If it was me, I would do as lunaphyte suggested, and just add a mailx(1) command to the adduser(8) script.[19:30:10] <penrod> lunaphyte : line 78 is a commented line[19:30:26] <lunaphyte> penrod: prove it :)[19:30:59] <rob0> penrod see also master.5.html for syntax.[19:31:01] <tuxxie> rob0: thantk[19:31:37] <penrod> here is the master.cf file http://pastebin.ca/1520710[19:34:38] <lunaphyte> hmm, nothing jumps out at me, actually. i guess i'd try commenting out sections starting with the maildrop entry to see if i could narrow it down.[19:35:30] *** avinson has joined #postfix[19:35:35] <penrod> weird, this a mailserver I had built 6-8 months ago as the main one had a hardware failure. Looks like I should re-install[19:35:45] <lunaphyte> that seems silly.[19:35:50] <lunaphyte> reinstalling is for windows.[19:36:05] <penrod> just re-install postfix, takes 5 minutes[19:36:28] <rob0> My guess is that there's a leading space before maildrop[19:36:48] <penrod> rob0: I shall verify syntax first, thank you[19:36:49] <lunaphyte> why not just troubleshoot what the problem is? probably takes 3 minutes. (and you get the added benefit of learning something).[19:37:13] <penrod> lunaphyte: you are correct. I shall commence.[19:37:26] <rob0> oh, look at line 47[19:37:45] <lunaphyte> ah, indeed, there you go.[19:38:05] <penrod> argh, Mr. humility visits me again, thanks kindly[19:38:08] <lunaphyte> ohhh... did you paste the *entire* master.cf file?[19:38:50] <lunaphyte> my guess is no, and that that line rob0 caught actually *is* line 78[19:43:01] <lunaphyte> c'mon, you owe it to us to fess up! :)[19:44:05] *** cilly has quit IRC[19:44:12] <penrod> weird, as I commented the lines out , the error just moved down further , so I garbbed a backup copy of master.cf and it is working fine now. I wonder how that file got edited, hmmmm, thanks for your help. I have to examine the master.cf that was edited.[19:48:36] <rob0> yeah, I suspected an editing error, you have an admin who's a Windows user, perhaps?[19:54:19] <jluedke> anyone have any useful trick to see how many of the running smtpd's are currently in transaction?[19:55:06] <Banshee1> when you're free rob0: that ldap multi lookup question for aliases thing i was talking about earlier.... i have the basic question here:[19:55:08] <Banshee1> Postfix Address Rewriting[19:55:18] <Banshee1> http://www.postfix.org/ADDRESS_REWRITING_README.html[19:55:28] <Banshee1> says this can happen:[19:55:29] <Banshee1> Replace an address by multiple addresses. For example, replace the address of an alias by the addresses listed under that alias.[19:55:38] <Banshee1> how?[19:55:46] <Banshee1> what is the map name for doing this?[19:55:57] <pickcoder> jluedke: netstat -anp | grep :25 | grep ESTABLISHED[19:56:09] <lunaphyte> !virtual_alias_maps[19:56:10] <knoba> lunaphyte: "virtual_alias_maps" : A configuration parameter in the main.cf: Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses. The table format and lookups are documented in virtual(5).[19:56:12] <pickcoder> of course this will be smtpd and smtp[19:56:35] <pickcoder> you can use awk to trap the second ip:port col and only print those lines[19:56:50] <pickcoder> I rarely need to do that so I don't have syntax handy[19:56:54] *** michelem has quit IRC[19:57:28] <Banshee1> that URL states that rewriting is what i want to do for 1 address to be rewritten to multiple addresses... but then neglects to specifically explain the map name for doing this (at least there is no map on this page w/ that syntax stated)[19:57:37] <Banshee1> rob0 ^[19:57:58] * rob0 is really not very familiar with ADDRESS_REWRITING_README[19:58:32] <pickcoder> jluedke: I suppose you could also tag another grep on there for "smtpd" or "smtp"[19:58:34] <Banshee1> ok.. np.... anybody in here fluid with the address rewriting map types?[19:58:41] <pickcoder> *light bulb*[19:59:14] <jluedke> cool, i was wondering if there was a method without using netstat.[20:01:22] <pickcoder> I'm not aware of a postfix process monitor or status tool[20:01:34] <pickcoder> they're just regular processes so unix tools work[20:04:42] <lunaphyte> Banshee1: that factoid i summoned was for you.[20:04:42] <rob0> Banshee1, yup, I think it means virtual_alias_maps[20:04:53] <jluedke> *nod* just figured someone may be doing something different than me.[20:05:18] <Banshee1> rob0: i was unsure.. but can try and test a few scenarios out[20:05:23] <Banshee1> thank you[20:07:13] *** Muhis has quit IRC[20:09:45] *** Ammler has joined #postfix[20:11:26] <Ammler> is it possible to tell postfix, not accepting mails to the local host from extern?[20:12:01] <Ammler> but I need to accept mails for a virtual domain.[20:12:32] <Ammler> and the system should be able to send mails.[20:13:21] <jmedina> Ammler: yes[20:13:23] <jmedina> !basic[20:13:23] <knoba> jmedina: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[20:13:41] <jmedina> there is a sameple for local transport[20:15:28] *** Bad_Religion has joined #postfix[20:15:57] <defaultro> good afternoon folks. What file should I modify so that Relay Access Denied won't happen on a known ip address?[20:16:31] <pickcoder> !mynetworks[20:16:32] <knoba> pickcoder: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.[20:16:56] <defaultro> thanks[20:16:58] <Banshee1> rob0: bingo dude[20:17:49] <Banshee1> virtual_alias_maps = i can statically override (before my ldap_transport.cf) the non attributed mailHost aliases in our LDAP[20:17:54] <Banshee1> awesome! thanks.....[20:18:43] <Banshee1> and it then looks up in my ldap_transport maps the returned virtual alias map address rewritten individual users[20:18:56] * lunaphyte feels like chopped liver.[20:19:07] <lunaphyte> :)[20:19:31] * rob0 is now known as chopliver[20:19:40] * jeev is now known as rob0[20:20:03] <defaultro> how do I find out if my postfix is allowing smtp relay when a user successfully logged in? Kinda like pop before stmp[20:20:20] <rob0> !relay_denied[20:20:20] <knoba> rob0: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or (1 more message)[20:20:38] <rob0> !pop_before_smtp[20:20:38] <knoba> rob0: Error: "pop_before_smtp" is not a valid command.[20:20:44] <rob0> !pop_b4_smtp[20:20:44] <knoba> rob0: Error: "pop_b4_smtp" is not a valid command.[20:20:51] <rob0> grr[20:20:57] <defaultro> !pop-b4-smtp[20:20:57] <knoba> defaultro: Error: "pop-b4-smtp" is not a valid command.[20:21:00] *** TeraHertz has joined #postfix[20:21:23] <rob0> "pop before smtp" is a terrible idea.[20:21:25] <rob0> !sasl[20:21:27] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[20:21:29] <defaultro> oh ok[20:21:45] <defaultro> ah, maybe I used SASL before[20:22:58] <defaultro> ah :D[20:22:59] <defaultro> smtpd_sasl_auth_enable = yes[20:22:59] <defaultro> smtpd_sasl_authenticated_header = yes[20:22:59] <defaultro> smtpd_sasl_path = private/auth[20:22:59] <defaultro> smtpd_sasl_type = dovecot[20:23:22] *** vys has joined #postfix[20:23:23] <defaultro> so I did it a long time ago :D I've already forgotten how I conifgured my postfix. LOL[20:26:20] *** bxf has joined #postfix[20:26:48] <bxf> I got this error when sending through smtp: warning: SASL: Connect to private/auth failed: No such file or directory[20:26:48] <bxf>[20:27:18] <bxf> dovecote.conf says: path = /var/run/dovecot/auth-client[20:27:37] <bxf> and main.cf says: smtpd_sasl_path = private/auth[20:29:18] <rob0> Use of a relative path there means that it's under your $queue_directory. Surely that would not be "/var/run/dovecot/"? Also note that "auth" != "auth-client"[20:29:22] <rob0> !sasl[20:29:22] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[20:29:50] <defaultro> rob0, found out my sasl is working properly :)[20:33:10] *** Muhis has joined #Postfix[20:33:12] <Ammler> thanks jmedina, but I am not sure, if I find there what I am looking, my host (ammler.ch) has mail at google apps, but it does send system mails from cron or from webapps[20:33:38] <Ammler> and someone also could use my server directly to send mails to ammler.ch, but I don't want that[20:34:07] <rob0> !standard[20:34:07] <knoba> rob0: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html[20:34:12] <defaultro> my user is saying that when he sends the email, he gets a bounced message saying: The mail system host blah.blah.blah(1.2.3.4) said: 554: email at address dot com: Relay access denied(in reply to RCPT TO command). Is that an error on our side?[20:34:32] <rob0> smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject[20:34:40] <rob0> Ammler: ^^[20:35:00] <rob0> !tell defaultro outlook[20:35:14] <defaultro> what[20:36:23] <defaultro> i mean, that is related to relay access denied. I don't think it's related to sasl anymore[20:40:51] *** cilly has joined #postfix[20:45:31] *** LinuxCode has joined #postfix[20:46:53] *** bxf has quit IRC[20:52:06] <KB1JWQ> defaultro: They're not authing.[20:53:23] <rob0> That would be my WAG as well.[20:53:48] * seekwill WAGs KB1JWQ[20:55:06] <KB1JWQ> Eee[20:55:25] <seekwill> PC[20:55:26] <defaultro> so that error was generated by our mail server?[20:55:37] <defaultro> and not the recipient's mail server?[20:56:22] <defaultro> I was confused because of how the error was written[20:57:06] *** bxf has joined #postfix[20:58:05] <bxf> when I set "[20:58:05] <bxf> disable_plaintext_auth = yes[20:58:05] <bxf> " in dovecote, how do I know what connect method outlook is using to retrive mail?[20:58:36] <rob0> defaultro has not showed us an error yet, how could we possibly know what generated it?[21:00:06] <rob0> !tell bxf outlook[21:02:07] *** brancaleone has quit IRC[21:02:14] <defaultro> I did[21:02:18] <bxf> disable_plaintext_auth = yes[21:02:18] <bxf> , but dovecote log shows "method=PLAIN" when outlook retrives mail[21:02:28] <defaultro> rob0, I showed the error earlier[21:02:45] <rob0> See /topic, no, you have only been asking for wild guesses.[21:03:01] <defaultro> let me paste it[21:06:13] <defaultro> http://www.nopaste.com/p/aROlNOpclb[21:08:18] <defaultro> that was forwarded to me by my user when he sent the email[21:09:23] <bxf> knoba, I am using Tbird now. the server responded: does not support security authentication[21:10:37] <rob0> bbiab, perhaps in the time I am gone you will see the /topic and make a useful paste.[21:10:54] <rob0> !welcome[21:10:55] <knoba> rob0: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[21:11:06] <bxf> two questions: how to enable security authentication on postfix? the difference between security authentication and "use secure connection"[21:17:29] *** cilly has quit IRC[21:19:18] *** TeckniX has quit IRC[21:19:37] *** TeckniX has joined #postfix[21:20:17] <defaultro> This is the one from maillog: Aug 5 22:24:23 mail postfix/smtp[7777]: 611F46B0534: to=<some.one at xxxxx dot com>, relay=mail.zzzzzzzzzz.com[128.x.x.x]:25, delay=13080, delays=13059/0.03/21/0.03, dsn=5.0.0, status=bounced (host mail.zzzzzzzzzz.com[128.x.x.x] said: 554 <some.one at xxxxx dot com>: Relay access denied (in reply to RCPT TO command))[21:21:05] *** Banshee1 has left #postfix[21:21:50] <bxf> if authentication is Plaintext, but TLS is used. Does it mean the password is secure?[21:24:01] *** cpm has quit IRC[21:26:36] *** TeckniX has quit IRC[21:26:55] *** TeckniX has joined #postfix[21:40:20] <rob0> !mung[21:40:21] <knoba> rob0: "mung" : Mash Until No Good : the art of obfuscating data which ultimately results in unintentional consequences such as making diagnostics impossible.[21:41:11] <rob0> defaultro, note that your horribly munged log comes from smtp(8), the client, which is trying to send mail through relay=mail.zzzzzzzzzz.com[128.x.x.x]:25, and is being denied this privilege.[21:41:45] <rob0> bxf, yes.[21:42:23] <bxf> rob0, I am a little confused. could you explain what TLS is for and why it is secure?[21:43:05] <rob0> "Security authentication" is not a Postfix term, therefore I don't know how to answer the previous two questions.[21:43:09] <rob0> !tls[21:43:09] <knoba> rob0: "tls" : Short for Transport Layer Security (RFC2246). It adds an additional layer of encryption to protocols such as SMTP, POP3 or IMAP to improve security during transmission over the Internet. TLS features in Postfix are documented here: http://www.postfix.org/TLS_README.html[21:47:37] *** Motoko-chan has joined #postfix[21:49:43] <defaultro> so rob0, based from what you said, my user isn't using our own smtp server. He is using a different smtp. CorrecT?[21:50:14] *** digitalmortician has quit IRC[21:50:20] *** digitalmortician has joined #postfix[21:50:49] <rob0> !smtp!=smtpd[21:50:49] <knoba> rob0: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)[21:51:00] *** Zelest has joined #postfix[21:51:40] <defaultro> I think I wrote it correctly. That's why I mentioned smtp server on the sentence[21:51:55] <defaultro> it's like saying smtp daemon[21:52:54] * rob0 sighs[21:53:15] <rob0> You're very frustrating. Bye.[21:53:33] *** f3ew has quit IRC[21:53:58] <bxf> thank you rob0[21:55:47] <defaultro> oh, what did I do rob0. I'm so sorry if I hurt you. But am i incorrect when I said that?[21:56:09] <defaultro> bxf, what have I done?[21:56:35] <rob0> Incorrect, I don't know, probably. You have refused to follow instructions on how to ask questions that can be answered.[21:56:50] <rob0> Hurt, not really, just frustrated.[21:56:51] <pickcoder> defaultro: first of all, we have no idea what's going on in that log exceprt since you've stripped out the domains and replaced them with meaningless garbage[21:57:09] <defaultro> oh[21:57:13] <pickcoder> secondly, smtp and smtpd are two services that run under postfix. one sends mail. one accepts mail.[21:57:33] <defaultro> but i wasn't talking about services when I said smtp. It was general smtp term[21:57:59] <defaultro> I should have said mail server[21:58:19] *** bxf has quit IRC[21:58:21] <pickcoder> MTA is the proper term for mail transfer/transport agent[21:58:22] <rob0> You pasted a log line from smtp(8), the Postfix CLIENT. I tried to point this out.[21:58:28] <pickcoder> mail server can include IMAP, MAPI, and POP[21:58:37] <defaultro> yep, i stand corrected[21:58:39] <pickcoder> which postfix does nothing with[21:58:55] *** Keizer has joined #postfix[21:58:55] <defaultro> so which log should I pull?[21:59:07] <rob0> s/pasted a/pasted the remnants of a/[21:59:32] <pickcoder> the relay you're using is not allowing you to relay outgoing mail to xxxxxxx.com[21:59:59] <rob0> And why should they? They're zzzzzzzzzz.com after all.[22:00:10] <pickcoder> mail.zzzzzzzzzzzz.com specifically[22:00:11] <defaultro> ah, so that answers why my user is having problem. I am not sure why he is using a different mta on his settings[22:00:34] <rob0> Suucess of Malibu, CA, USA.[22:00:38] <defaultro> I changed it because there are might be some lurkers who can use the domain[22:01:01] <pickcoder> so change it to "my-edge-server.com"[22:01:04] <rob0> Looks like a spammer domain TBH.[22:01:07] <pickcoder> or something that means something[22:01:18] <Keizer> Is there a way to add a catch-all e-mail address for when epople typo the username@myhostname[22:01:31] <defaultro> ok[22:01:36] <rob0> Keizer, sure, but bad idea.[22:01:40] <rob0> !catchall[22:01:40] <knoba> rob0: "catchall" : Sending all emails for non-existing users in domain to a special account. See man 5 virtual for the @domain syntax, which applies in virtual_*_maps and relay_recipient_maps. For local(8) delivery, unset local_recipient_maps and see luser_relay. WARNING: catchalls are rarely a good idea. Spammers will abuse them.[22:01:44] <pickcoder> Keizer; catchalls are bad mmmm'kay[22:01:53] <defaultro> sorry, I usually name domains like that to obscure it[22:02:11] <rob0> add an alias if one particular address is commonly gotten wrong.[22:02:33] <Motoko-chan> I had to handle a customer that had a catchall on their domain.[22:02:36] *** denis has quit IRC[22:02:39] <rob0> Yes, I noticed that you do, and therefore I gave you the !mung factoid.[22:02:44] <Motoko-chan> Complained they had over 1500 spam in a single day[22:04:34] <pickcoder> that's like telling the post office to drop all mislabeled mail for your zip in your front door so you can pick out mail for 100 av(.*)[22:05:11] *** feisar has quit IRC[22:06:36] *** digitalmortician has quit IRC[22:06:39] <pickcoder> more accurately it would be (.+) av(.*) if you're trapping all users for a domain[22:07:10] *** hever has joined #postfix[22:08:11] <pickcoder> we have a user here with an address that's close to a general mailbox name[22:08:46] <pickcoder> the general mailbox is not valid, so it's a bullet in the foot to even do an alias[22:10:08] *** f3ew has joined #postfix[22:10:46] *** cps0 has quit IRC[22:12:01] *** digitalmortician has joined #postfix[22:23:59] *** TeraHertz has quit IRC[22:25:13] *** Vog has joined #postfix[22:25:17] *** mefiX has quit IRC[22:32:20] *** gerhard7 has quit IRC[22:35:32] *** jens_ has joined #postfix[22:36:35] *** jmedina has quit IRC[22:37:52] *** hever has quit IRC[22:48:54] *** jense has quit IRC[22:52:32] *** f3ew has quit IRC[23:01:11] *** vho has quit IRC[23:03:16] *** Revision has quit IRC[23:08:38] *** wdp has quit IRC[23:11:26] *** f3ew has joined #postfix[23:11:39] *** vys has quit IRC[23:15:44] *** seekwill has quit IRC[23:17:50] *** Revision_ has joined #postfix[23:25:05] *** feisar has joined #postfix[23:25:18] *** madrescher has joined #postfix[23:27:40] *** justeco has joined #Postfix[23:29:14] *** Bad_Religion has left #postfix[23:39:27] *** Section1 has quit IRC[23:39:28] *** f3ew has quit IRC[23:44:00] *** f3ew has joined #postfix[23:48:57] *** uqlev has joined #postfix[23:49:38] *** jens_ has quit IRC[23:50:37] *** jens_ has joined #postfix[23:52:33] *** f3ew has quit IRC[23:55:12] *** feisar has quit IRC[23:55:25] *** milko has joined #postfix[23:55:31] <milko> hi![23:56:36] <milko> I'm using python code for use postfix[23:56:37] <milko> http://pastebin.com/m5310207d[23:57:10] *** f3ew has joined #postfix[23:57:16] <milko> the problem is that when I send a mail to "... at gmail dot com" it's ok, but it isn't with "... at hotmail dot com"[23:58:42] <milko> I don't configure nothing about postfix, I only install it, with apt-get install postfix and configure the two things that installation requires[23:59:05] <milko> (I'm sorry for my English, is bad)