[00:00:14] <Sputnikk23> before i go searching, can it be configured to use the local usernames?
[00:00:37] <pickcoder> if you sasl auth mech can use pam then yeah
[00:00:40] <pickcoder> which is the default for dovecot
[00:00:50] <pickcoder> well it is under a lot of distros
[00:00:59] <pickcoder> dunno about centos
[00:01:00] <Sputnikk23> dovecot works.. smtp out doesn't
[00:01:08] <pickcoder> so check your postfix config
[00:01:19] <pickcoder> and look at logs
[00:01:46] *** pwasek has quit IRC
[00:01:51] <pickcoder> logs would seem like the logical starting point
[00:01:58] <Sputnikk23> thats where i started
[00:02:02] <Sputnikk23> hence i know the failure reason
[00:02:19] <pickcoder> and the error was?
[00:02:27] <Sputnikk23> sasl authentication failure
[00:02:35] <pickcoder> pastebin the error example
[00:02:38] <adaptr> he's going to make you beg for it, pickcoder
[00:02:42] <adaptr> <snigger>
[00:03:22] *** jra has quit IRC
[00:03:25] <jiffe> is it possible to use virtual_mailbox_maps in a maildir fashion?
[00:04:04] *** hparker has quit IRC
[00:04:20] <Sputnikk23> http://pastebin.com/m4c6248f4
[00:05:21] <adaptr> jiffe: in a "fashion" ? you mean.. like, leather pants ? spandex ?
[00:05:23] <pickcoder> it doesn't look like a postfix->SASL error
[00:05:33] <pickcoder> it looks like a general auth problem with the client
[00:05:39] <adaptr> jiffe: a mailbox is a mailbox; you can use whatever postfix supports
[00:05:53] <adaptr> !home_mailbox
[00:05:53] <knoba> adaptr: "home_mailbox" : a configuration parameter in the main.cf: Optional pathname of a mailbox file relative to a local(8) user's home directory.
[00:05:58] <adaptr> !maildir
[00:05:58] <knoba> adaptr: "maildir" : a mailbox format introduced by qmail where emails are saved as individual files in a directory structure rather than into a single flat text file. Postfix settings like !home_mailbox and !virtual_mailbox_maps will allow delivery to maildir if the path value returned ends in /
[00:06:03] <jiffe> yes
[00:06:12] <adaptr> "yes" ?
[00:06:37] * pickcoder wants a jewel encrusted mbox
[00:06:44] <adaptr> dovecot doesn't allow PLAIN by default
[00:06:45] *** LinuxCode has quit IRC
[00:06:52] <jiffe> but virtual_mailbox_maps is a list of virtuals I have pointed at directories, they aren't home directories because the users don't exist so home_mailbox is useless, and postfix complains that what I have the users pointed at is a directory
[00:07:00] <Sputnikk23> pickcoder: as in wrong p/w typed in? not the case...
[00:07:17] *** LinuxCode has joined #postfix
[00:07:21] <adaptr> jiffe: a list of virtual what
[00:07:31] <pickcoder> Sputnikk23: as in the login type is wrong
[00:07:40] <pickcoder> plain and login were attempted and failed
[00:07:48] <jiffe> i.e. 'test1 at howaboutnow dot net test1'
[00:07:51] <pickcoder> which means plain text logins are probably disabled in dovecot
[00:08:07] <jiffe> test1 is a directory under virtual_mailbox_base
[00:08:35] *** mxey has left #postfix
[00:09:18] <Sputnikk23> TLS connection established in logs. Then again, plain and login failed
[00:09:35] <adaptr> jiffe: so the factoid went right over your head, eh ?
[00:09:51] <jiffe> the fact that its a directory?
[00:10:22] *** xenoterracide_ has joined #postfix
[00:10:22] <adaptr> !maildir
[00:10:23] <knoba> adaptr: "maildir" : a mailbox format introduced by qmail where emails are saved as individual files in a directory structure rather than into a single flat text file. Postfix settings like !home_mailbox and !virtual_mailbox_maps will allow delivery to maildir if the path value returned ends in /
[00:10:28] <pickcoder> Sputnikk23: look for disable_plaintext_auth in your dovecot conf
[00:10:31] <jiffe> and?
[00:10:36] <adaptr> you didn't read it
[00:10:43] <jiffe> yeah
[00:10:44] <jiffe> one sec
[00:11:18] <xenoterracide_> I need postfix just for sending mail from a website. setting up on ubuntu anyone know what configuration option I should choose?
[00:11:32] *** hparker has joined #postfix
[00:11:35] <pickcoder> xenoterracide_: ask #ubuntu since it's a distro-specific packaging config
[00:12:01] <adaptr> xenoterracide_: postfix doesn't have any configuration options to choose from
[00:12:09] <adaptr> or, rather, it has about 600
[00:12:32] <jiffe> alright, I thought I had done that at some point
[00:12:41] <jiffe> maybe I didn't postmap again or something
[00:12:57] <adaptr> you posted what you had, and it is not correct
[00:13:10] <adaptr> so I can merely deduce that you STILL haven't read the factoid
[00:13:20] <jiffe> its working
[00:13:24] <jiffe> I did catch the /
[00:13:43] <adaptr> postmap it is then
[00:13:52] <adaptr> now go forth and behave!
[00:13:57] <jiffe> thanks
[00:13:58] * pickcoder is still waiting for a return shipping label from the 'egg
[00:14:09] <pickcoder> I think the csr person forgot to request it
[00:14:29] <adaptr> csr ?
[00:14:33] <Sputnikk23> dovecot -n: auth passdb - pam         userdb - passwd                 disable_plaintext_auth is defaulted to no
[00:14:41] <adaptr> customer...service... oh
[00:15:04] <pickcoder> Sputnikk23: and if it's no then plain text SASL can be done
[00:15:06] <adaptr> Sputnikk23: it defaults to YES, unless you have TLS enforced
[00:15:07] <pickcoder> er
[00:15:10] <pickcoder> I meant "yes"
[00:15:27] * pickcoder gives in
[00:15:59] * adaptr takes immediate advantage
[00:16:05] <adaptr> as one does
[00:16:16] * pickcoder needs a drink
[00:16:39] <Sputnikk23> according to the logs, my tls was established though...
[00:17:20] <Sputnikk23> i don't think postfix is using dovecot
[00:17:33] <pickcoder> Sputnikk23: so add -vvvv to the end of the smtpd line in master.cf to increase logging verbosity
[00:17:51] <pickcoder> if that doesn't show specifically where the problem is then I'd be clueless myself
[00:17:52] <Sputnikk23> there is no sasl_type entry in my main.cf
[00:18:14] <adaptr> postconf it
[00:18:19] <adaptr> there is always a default
[00:18:27] <adaptr> prolly courier
[00:18:38] <Sputnikk23> true... have a screen session open w/ that didnt' even think of that... thanks
[00:18:38] <pickcoder> smtpd_sasl_type is "cyrus"  here
[00:18:42] <pickcoder> (default)
[00:19:05] <Sputnikk23> mucho correcto
[00:19:07] <Sputnikk23> same
[00:19:18] <pickcoder> it needs to be dovecot if you're using dovecot's auth socket
[00:19:40] <pickcoder> and if smtpd is chrooted then you will have more fun getting access to the socket
[00:20:05] <adaptr> don't be silly...
[00:20:15] <adaptr> it's one line in dovecot's conf
[00:20:29] <pickcoder> unless other apps are using the default location for the socket
[00:20:34] <pickcoder> then you'll need to change them too
[00:20:50] <pickcoder> or just disable chroot...
[00:21:11] <adaptr> other apps CAN - just not at the same time
[00:24:39] <Sputnikk23> i don't quite understand the difference between tls_auth_only and tls_security_level... reading through postfix pages now
[00:25:47] <adaptr> the tls_ stuff is old, pre-2.4 or some such
[00:25:59] <adaptr> the new stuff is all securiity-level this and security bla that
[00:27:03] <pickcoder> Sputnikk23: security level should be "may" if it's public
[00:27:24] <pickcoder> auth_only simply prevents postfix from saying that it supports SASL unless TLS has been established
[00:27:57] <Sputnikk23> pickcoder: postconf shows all blanks when i grep for security_level
[00:28:14] <pickcoder> if it's only a local server then you can use any of the security options
[00:28:56] *** webchaos has quit IRC
[00:29:21] <pickcoder> Sputnikk23: which is default
[00:29:32] <pickcoder> but if you are using TLS+SASL then it should be "may"
[00:29:52] <pickcoder> and you set smtpd_tls_auth_only to "yes"
[00:30:08] <pickcoder> especially if you are using plaintext login
[00:32:14] *** jra has joined #postfix
[00:33:36] <pickcoder> bbl
[00:33:43] *** pickcoder has quit IRC
[00:35:53] *** Muhis has quit IRC
[00:44:01] *** swarog has quit IRC
[00:46:21] *** hparker has quit IRC
[00:46:44] *** jra has quit IRC
[00:47:17] *** swarog has joined #postfix
[00:58:27] *** paul-- has joined #postfix
[00:59:47] *** hparker has joined #postfix
[01:00:43] *** timotiCK1 has quit IRC
[01:00:58] *** timotiCK has joined #POSTFIX
[01:08:16] *** Skaag has joined #postfix
[01:24:00] *** limx has quit IRC
[01:26:59] *** F6F has quit IRC
[01:27:21] *** F6F_ has quit IRC
[01:29:39] *** timotiCK has quit IRC
[01:41:48] *** Vince42 has quit IRC
[01:48:57] *** xenoterracide_ has quit IRC
[01:51:50] *** Vince42 has joined #postfix
[01:56:47] *** Motoko-chan has quit IRC
[02:07:10] *** Vince42 has quit IRC
[02:21:24] *** Vince42 has joined #postfix
[02:24:35] *** LinuxCode has quit IRC
[02:25:11] *** magyar has quit IRC
[02:26:44] *** cps0 has quit IRC
[02:27:35] *** magyar has joined #postfix
[02:38:33] *** phyrrus has joined #postfix
[02:39:38] *** phyrrus has quit IRC
[02:39:38] *** pingouin has joined #postfix
[02:41:27] *** pingouin has quit IRC
[02:41:32] *** pingouin has joined #postfix
[02:53:02] *** Zeit|awy has quit IRC
[02:55:54] *** Niemi has quit IRC
[02:59:14] *** ming_zym has joined #postfix
[03:20:09] *** pingouin has quit IRC
[03:20:18] *** clockspider has joined #postfix
[03:20:23] *** jimmygoon has joined #postfix
[03:20:31] *** pingouin has joined #postfix
[03:29:44] *** magyar has quit IRC
[03:34:03] *** hparker has quit IRC
[03:35:12] *** seekwill has quit IRC
[03:54:10] *** master_of_master has quit IRC
[03:57:06] <Dominian> KB1JWQ: Did you need something...?
[03:57:52] <KB1JWQ> Dominian: Nah, just saw a newcomer. :)
[03:57:56] <Dominian> ah
[03:58:18] *** master_of_master has joined #postfix
[03:58:51] <kerneld> !DKIM
[03:58:53] <knoba> kerneld: Error: "DKIM" is not a valid command.
[03:58:59] <Dominian> !dkim
[03:59:00] <knoba> Dominian: Error: "dkim" is not a valid command.
[03:59:02] <Dominian> hrm
[03:59:04] <Dominian> !domainkey
[03:59:05] <knoba> Dominian: Error: "domainkey" is not a valid command.
[03:59:10] <Dominian> I know one of the factoids has it
[03:59:22] <Dominian> !domainkeys
[03:59:24] <knoba> Dominian: Error: "domainkeys" is not a valid command.
[03:59:27] <kerneld> Tsok
[03:59:28] * Dominian slaps knoba
[03:59:37] <Dominian> knoba: no.. cause now it will bother me which factoid it is
[03:59:49] <Dominian> !domain_key
[03:59:49] <knoba> Dominian: Error: "domain_key" is not a valid command.
[03:59:50] <Dominian> !domain_keys
[03:59:51] <knoba> Dominian: Error: "domain_keys" is not a valid command.
[03:59:53] <Dominian> BS!
[03:59:59] <kerneld> I know what it is, just wondered if someone had bothered to factoid the postfix centric lowdown
[04:00:00] * Dominian slaps KB1JWQ
[04:00:33] <KB1JWQ> Dunno. :)
[04:00:38] <Dominian> heh
[04:00:44] <kerneld> !KB1JWQ
[04:00:44] <knoba> kerneld: Error: "KB1JWQ" is not a valid command.
[04:00:50] <kerneld> :P
[04:00:53] <Dominian> !rob0
[04:00:54] <knoba> Dominian: "rob0" : a pathetic bot that reacts to newly joined users with reciting the !basic factoid :)
[04:01:29] <kerneld> how about !DS9 ?
[04:01:52] <KB1JWQ> !bro
[04:01:53] <knoba> KB1JWQ: "bro" : KB1JWQ
[04:02:03] <KB1JWQ> !pie
[04:02:05] <knoba> KB1JWQ: "pie" : Postfix Integration Expert: A Postfix certification. The practical portion of the exam involves washing and waxing Dr. Venema's car. See also: !PEE
[04:04:39] *** eye69 has quit IRC
[04:05:03] *** jimmygoon has quit IRC
[04:08:18] *** eye69 has joined #postfix
[04:24:12] *** magyar has joined #postfix
[04:31:59] *** githogori has joined #postfix
[04:33:41] <thumbs> !PEE
[04:33:41] <knoba> thumbs: "PEE" : Postfix Engineering Expert: An advanced Postfix certification. The practical portion of the exam involves causing physical harm to Dan Bernstein (DJB). See also: !PIE
[04:41:38] *** pinoyskull has joined #postfix
[04:56:55] *** bluethundr has joined #postfix
[04:58:23] <dan__t> haha
[05:01:44] *** eye69 has quit IRC
[05:02:27] *** eye69 has joined #postfix
[05:05:42] *** ming_zym has quit IRC
[05:08:06] *** ming_zym has joined #postfix
[05:08:28] *** TheAvatar has quit IRC
[05:10:23] *** TheAvatar has joined #postfix
[05:15:05] <lunaphyte> !dkimcheck
[05:15:05] <knoba> lunaphyte: "dkimcheck" : You can check your spf / dkim / domain-keys settings by sending an email to check-auth at verifier dot port25.com. It will auto-respond with some debug informations about your settings and spam-score. or you can use this wob site: http://www.myiptest.com/staticpages/index.php/DomainKeys-DKIM-SPF-Validator-test
[05:15:12] <lunaphyte> Dominian: that one?
[05:15:38] <kerneld> cool
[05:16:08] <lunaphyte> what did you mean by "the postfix centric lowdown"?
[05:17:13] <kerneld> There any RBL checkers that check IP agains a bunch of different RBL (EG: ones I will never use, but bay be used by someone) and report inclusion?  So I can flush out any black list reports from my re-used VPS ips
[05:18:02] <lunaphyte> !learn dkim as DomainKeys Identified Mail (DKIM) is a method for email authentication that allows an organization to take responsibility for a message in a way that can be validated by a recipient.  this is typically implemented in postfix by means of a milter.  alternatively, existing content filters (e.g. SA) may also have their own implementation mechanism.
[05:18:08] <kerneld> lunaphyte: EG: Howto locations in postfix, supported addons.
[05:18:25] *** scooby2 has left #postfix
[05:19:01] <lunaphyte> my personal recommendation would be dkim-filter, a dkim milter.  alternatively, i believe folks here have also had good experiences implenting it via amavis.
[05:19:03] <lunaphyte> oops
[05:19:08] <lunaphyte> !forget dkim
[05:19:18] <lunaphyte> !learn dkim as DomainKeys Identified Mail (DKIM) is a method for email authentication that allows an organization to take responsibility for a message in a way that can be validated by a recipient.  this is typically implemented in postfix by means of a milter.  alternatively, existing content filters (e.g. amavis) may also have their own implementation mechanism.
[05:19:20] <lunaphyte> !dkim
[05:19:21] <knoba> lunaphyte: "dkim" : DomainKeys Identified Mail (DKIM) is a method for email authentication that allows an organization to take responsibility for a message in a way that can be validated by a recipient. this is typically implemented in postfix by means of a milter. alternatively, existing content filters (e.g. amavis) may also have their own implementation mechanism.
[05:20:09] <lunaphyte> i use dkim milter for signing, and sa for scoring.
[05:21:15] * kerneld needs to be careful implimenting it to ensure users setup their mail clients right.
[05:21:40] <kerneld> EG: My blackbery is going to send vial RIM, so that would be unsigned.
[05:21:46] <kerneld> via RIM.
[05:22:10] <kerneld> Unless I setup BES which I have no intention of doing
[05:22:23] <lunaphyte> blackberries are ickypoo.
[05:22:30] <kerneld> hehe
[05:23:12] <lunaphyte> (my aversion relates more to the social aspects of ownership though)
[05:23:13] <kerneld> so nothing I can do about my blackberry outbound being relayed by RIM?
[05:23:32] <lunaphyte> nope.
[05:24:56] <kerneld> worst case is recipient would drop it as spam, and is thhat going to be the average case for postmasters that have implimented DKIM verification in their content filtering?
[05:25:33] <lunaphyte> i don't think i've had an opportunity to think in depth about the specific technical ramifications of such an environment though, so i'll have to give it some thought.
[05:26:58] <lunaphyte> dkim is way way too far from ubiquitous yet for anyone in their right mind to use it as an empirical designator of message legitimacy.
[05:27:14] <lunaphyte> *ubiquitous enough yet...
[05:28:59] <lunaphyte> er, whatever the hell it was i was trying to say.  i've left my grammar helmet next to my dmt inhaler, it seems.
[05:31:10] <lunaphyte> notably, dkim-milter (often called dkim-filter) was forked just last friday as opendkim - http://www.opendkim.org/
[05:31:58] <lunaphyte> anyway, good luck trying to juice your blackberry.  i'm off to see the wizard.
[05:37:03] *** cilly has quit IRC
[05:39:46] *** Motoko-chan has joined #postfix
[05:44:34] *** aixenv has joined #postfix
[05:45:10] <aixenv> hey so i want one of my linux servers to be able to send mail to one of my domains, whats the best way to accomplish this relay hosts?
[05:45:26] <aixenv> erm rather, AS one of my domains,
[05:45:50] <aixenv> like mx1.foobar.com is sending mail for foobar.com but i want to allow server B to also send on behalf of foobar.com
[05:46:01] *** jense has joined #postfix
[05:47:47] *** jens_ has quit IRC
[05:49:18] <aixenv> anyone?
[05:49:32] *** bluethundr has quit IRC
[05:50:13] <Motoko-chan> Send out directly?
[05:50:22] <aixenv> well here's the deal
[05:50:53] <aixenv> i have this webapp, that someone applys for, and it sends an email to the admin email, well i want the admin email to be $myname at foobar dot com; but like stated foobar.com is handled mx/smtp wise by other servers
[05:51:07] <aixenv> right now im getting relay access denied which id expect because it's trying to send on behalf of foobar.com
[05:51:34] <aixenv> so say you sign up and your signup is bob at yahoo dot com, it'd send a confirmation email to $user at foobar dot com stating that bob at yahoo dot com wants to sign up
[05:52:04] <Motoko-chan> just allow the server the app is on to relay mail through whatever server it is sending through.
[05:53:57] <aixenv> and whats the best way to acccomplish that.. adding the ip to my networks, relay host? im not really sure
[06:02:57] <Sputnikk23> I'm a little confused. I have an incoming/outgoing Postfix server. I'd like to force users using it to send mail out to authenticate securely, but obviously other mail servers out there need to be able to connect to send their mail. Is it possible to secure  a single server and allow both of these or would you need two separate servers?
[06:04:13] *** bluethundr_ has joined #postfix
[06:09:06] <kerneld> Sputnikk23: Sure
[06:09:08] *** bluethundr_ has quit IRC
[06:09:47] <Sputnikk23> whats the general idea? you can't expect other mail servers to have proper credentials
[06:10:07] <kerneld> !smtpd_recipient_restrictions
[06:10:08] <knoba> kerneld: "smtpd_recipient_restrictions" : A configuration parameter in the main.cf: The access restrictions that the Postfix smtpd(8) applies in the context of the SMTP RCPT TO command. See access(5) for an overview of access restriction features. These restrictions control relaying to external domains. Default is to relay only for client IP addresses in $mynetworks; see also !sasl if SMTP AUTH is needed.
[06:10:15] <kerneld> lots of ways to do it
[06:10:16] <Sputnikk23> i can authenticate with a smtp email client, but if i turn it off it works just as well as long as the from is in my domain
[06:11:00] <kerneld> Sputnikk23: No, it works based on the To:
[06:11:07] *** saurabhb has joined #postfix
[06:11:29] <kerneld> From: is forgeable
[06:11:41] <Sputnikk23> so anybody that didn't authenticate is only allowed to send to $mydomain?
[06:11:42] <kerneld> so don't trust it
[06:12:18] <kerneld> Well, anything that would be accepted , eg virtual domains, or mydetinations
[06:12:50] <Sputnikk23> right.. got that...
[06:13:52] <kerneld> if you search around for "smtpd_recipient_restrictions" you will see there are different ways to do it, or : man 5 access ; and go from there
[06:14:01] <Sputnikk23> yeah looking at that now
[06:14:41] <Sputnikk23> then i'm confused... i've checked that i'm not an open relay. i got sasl authentication to work with the local db and cyrus. using thunderbird. but if I turn authentication off it works just as well. i sent mail to my gmail through it
[06:14:50] <Sputnikk23> and i'm not local to it
[06:16:18] *** aixenv has quit IRC
[06:17:45] <Sputnikk23> wait no, i lied. i turn security off. if i turn authentication off i get relay denied... guess I didn't force TLS yet
[06:17:57] <kerneld> did you reload postfix after making config changes?
[06:18:28] <Sputnikk23> yeah... so if I force TLS, am I limiting other mail servers connecting to send mail to my users?
[06:19:01] <Sputnikk23> i guess my confusion rests in, how does postfix differentiate between other SMTP server sending incoming mail, and a user sending mail out. From an authentication perspective.
[06:19:02] <kerneld> Yeah, you prob want that. Don't want to bne authenticating in the plain, etither that or use an auth method that is secure, but best to have a secure socket anyway
[06:19:47] <kerneld> Sputnikk23: other mailservers are not going to try and Auth. They will be delivering mail based on your MX records, or they will be spammers
[06:21:50] <Sputnikk23> so forcing TLS and disabling the ability to send plaintext auth doesn't affect the transactions between other smtp servers?
[06:21:56] <kerneld> Hmm, krix:'s prob from the other day could be done with an access map
[06:22:34] <kerneld> access BCC and DISCARD rules for the same address
[06:22:42] *** lennard has quit IRC
[06:24:29] <kerneld> Sputnikk23: Forcing TLS for Auth - yes.
[06:24:58] <kerneld> smtpd_tls_auth_only = yes
[06:25:23] <kerneld> Not sure if there is another option to force TLS for other than auth
[06:25:33] <Sputnikk23> thats what I don't get.. how does postfix differentiate between other smtp servers and email clients?
[06:25:49] *** lennard has joined #postfix
[06:26:02] <kerneld> Look at the output of EHLO from your SMTP port
[06:26:11] <kerneld> shows features.
[06:27:31] <kerneld> if you don't auth, and are using MAIL To: a local or virtual address, "smtpd_recipient_restrictions" does not apply
[06:27:52] <Sputnikk23> STARTTLS is there
[06:28:28] <kerneld> Sputnikk23: That means it will support it.
[06:28:35] *** RonDutt` has joined #postfix
[06:28:37] <Sputnikk23> yes..
[06:28:58] <Sputnikk23> hmm.. if i force tls my outgoing are getting flagged with spam
[06:28:59] <RonDutt`> I dont have a maillog file, is there any way I can see why its not being created?
[06:29:31] <kerneld> RonDutt`: Check your ditros's syslog config
[06:30:25] <kerneld> Sputnikk23: flag as spam by what?
[06:30:33] <RonDutt`> kerneld what should be in there?
[06:30:53] <kerneld> RonDutt`: handling for the mail facility
[06:31:16] <Sputnikk23> kerneld: spamassassin on the relayhost. but if its plaintext it doesn't flag?
[06:31:18] <kerneld> spliting oof erro severity as well
[06:31:45] <RonDutt`> kerneld "mail.*     -/var/log/maillog" is what I have that has any mention of mail.
[06:32:35] <kerneld> RonDutt`: Also you are prob chrooted, so that needs special setup for your syslog
[06:32:42] <kerneld> to look inside the chroot
[06:34:05] <Sputnikk23> kerneld: so in a sense, if its a public incoming/outgoing mail server its sort of always a half-open relay. If you send it mail to a domain it serves or relays for, it will most likely accept it (not taking into account invalid user, etc..). Aside from that, no one else without authorization?
[06:35:12] <RonDutt`> kerneld no chroot.
[06:36:02] <Sputnikk23> kerneld: odd. it was being flagged for too much whitespace but the same 1-line test message wouldnt' get flagged if not using TLS..
[06:36:19] <kerneld> RonDutt`: You positive?   /dev/log should be getting postfix log data, but in a chroot, that will be in ~postfix
[06:36:53] <RonDutt`> kerneld cat: /dev/log: No such file or directory
[06:37:06] <kerneld> RonDutt`: Really depends on your distro.
[06:39:58] <kerneld> Ron:  logger -p mail.notice "Test syslog"
[06:40:08] <kerneld> what do you get in your log?
[06:41:02] <RonDutt`> kerneld I dont even have a mail log file.
[06:41:51] <kerneld> Should get mail
[06:41:54] <kerneld> err made
[06:42:02] <kerneld> do you have any logging working?
[06:42:16] *** Gerdesas has left #postfix
[06:42:39] <kerneld>  /dev/log not existing doesn't sound right.   ps aux | grep [s]yslog
[06:43:52] <RonDutt`> Well, I officially get the dunce hat for the day...would be nice if syslog was actually running.
[06:44:06] <RonDutt`> thanks kerneld :)
[06:44:37] <Dominian> hehe
[06:49:39] *** will_ has joined #postfix
[06:53:16] *** clockspider has quit IRC
[06:54:29] *** eye69 has quit IRC
[06:54:43] *** eye69 has joined #postfix
[06:55:55] *** clockspider has joined #postfix
[07:09:05] *** ming_zym has quit IRC
[07:15:21] *** scylla has joined #postfix
[07:23:24] *** ming_zym has joined #postfix
[07:27:36] *** hwdyki has joined #postfix
[07:28:31] <hwdyki> does smtp over ssl work only for mail submission for mail clients, or does it work for server to server as well?
[07:30:25] <kerneld> !SSL
[07:30:26] <knoba> kerneld: Error: "SSL" is not a valid command.
[07:30:30] <kerneld> !ssl
[07:30:30] <knoba> kerneld: Error: "ssl" is not a valid command.
[07:30:33] <kerneld> !tls
[07:30:34] <knoba> kerneld: "tls" : Short for Transport Layer Security (RFC2246). It adds an additional layer of encryption to protocols such as SMTP, POP3 or IMAP to improve security during transmission over the Internet. TLS features in Postfix are documented here: http://www.postfix.org/TLS_README.html
[07:30:57] <kerneld> TLS!=SSL
[07:31:32] <kerneld> its negotiated after connection, rather than beneath the connection
[07:32:04] <kerneld> tls is more likely the be used from server to server
[07:35:49] <hwdyki> how does that work? does postfix attempt to use TLS first, followed by non-TLS everytime it tries to relay?
[07:36:43] <kerneld> hwdyki: MTA to MTA will connect with  ELHO and depending on policy, it may try and start TLS ifd it sees it is capable
[07:37:14] <kerneld> http://www.ietf.org/rfc/rfc3207.txt
[07:37:40] *** BlackNet has quit IRC
[07:41:43] *** hwdyki has quit IRC
[07:41:48] *** Vince42 has quit IRC
[07:42:16] *** Vince42 has joined #postfix
[07:42:17] *** BlackNet has joined #postfix
[07:45:14] *** will_ has quit IRC
[07:48:18] *** QWeb has joined #postfix
[07:48:59] *** QWeb has left #postfix
[07:49:02] *** QWeb has joined #postfix
[07:49:04] <QWeb> Hi
[07:50:39] <QWeb> I have some mail stuck in my mailq because some earlier administration resulted in some web based contact forms passing an invalid from header. Is it possibly to edit the items in mailq and fix the from sender address so that the mail sends on the next attempt?
[07:55:35] *** beawesomeinstead has quit IRC
[08:00:31] *** Manish has joined #postfix
[08:01:11] *** scylla has quit IRC
[08:01:15] *** burnersk has joined #postfix
[08:01:35] *** sako has joined #postfix
[08:01:52] <sako> hey guys, up to what point would you say it's ok to use postfix without a database?
[08:02:00] <sako> how many users?
[08:05:16] <QWeb> You should probably use a database for any number of users, since that makes it easier to allow those users to modify their own passwords for example, via a web interface. That said, I personally never got around to configuring a database for mine.
[08:08:39] <QWeb> In terms of functionality it doesn't really make much of a difference, just make sure your passwd file has heavy permissions so if a system user is cracked, that user is unlikely to have read permissions. If you have so many users that your passwd is very large in file size then you should also note that file read times may grow to be larger than the execution time of an SQL statement so at that point a database could perform better.
[08:09:34] *** burnersk_ has joined #postfix
[08:09:38] *** burnersk has quit IRC
[08:09:48] *** burnersk_ has quit IRC
[08:09:57] <QWeb> But you're looking at hundreds of users at least before file size becomes an issue.
[08:10:20] *** kewo has quit IRC
[08:12:04] *** kewo has joined #postfix
[08:12:09] *** poli_ has joined #postfix
[08:14:03] *** xabbuh has joined #postfix
[08:15:52] <kerneld> thousands even
[08:16:04] <kerneld> slapd is pretty fast though
[08:18:51] <QWeb> Mmm, a 67 cent can of Tomato soup mixed with Half & Half cream is actually pretty good
[08:20:09] <kerneld> mix it with beer and lime juice and tabasco and you are going to be on to something nice in the summer
[08:20:28] <kerneld> and worchester sauce
[08:21:00] <QWeb> That sounds somewhat vomit inducing
[08:21:44] <QWeb> But then I never was much of a cocktail lover
[08:21:46] <kerneld> http://www.idasweb.com/images/Modern%20Michelada.jpg
[08:21:47] <ramontayag> hey everyone. i'm new to postfix, though I was able to set it up in Ubuntu. I'm trying out CentOS and as far as my skills go I'm unable to set it up. The problem is, I try sending an email (mail -s "...." email@address) but nothing comes out in the log (/var/log/maillog). Only the start and stop info of postfix is in that log. Where should I look next?
[08:24:39] *** cloxie has joined #postfix
[08:30:04] *** poli has quit IRC
[08:30:07] *** sadf has quit IRC
[08:32:19] *** sophokles has joined #postfix
[08:33:28] *** brancaleone has quit IRC
[08:34:25] *** polaru has joined #postfix
[08:42:58] <ramontayag> any ideas?
[08:46:14] *** beawesomeinstead has joined #postfix
[08:47:00] <kerneld> !basic
[08:47:01] <knoba> kerneld: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[08:47:26] *** Skaag has quit IRC
[08:49:34] <ramontayag> thanks kerneld, but i've read that more than 6 times :) but i'll go read it again
[08:51:33] *** QWeb has quit IRC
[08:56:53] <ramontayag> kerneld: I already have the mail.* -/dev/maillog but I don't get any error messages or anything that tells me where to look next. Have other ideas?
[08:57:12] <ramontayag> sorry not /dev/maillog
[08:57:22] <ramontayag> it's /var/log/maillog
[08:58:51] <ramontayag> Before, on Ubuntu, I'd get an error message as to why it didn't work. but now it's as if I never tried to email in the first place.
[08:59:59] <f3ew> ramontayag are you connecting to the right host?
[09:00:03] *** phyrrus has joined #postfix
[09:00:50] <ramontayag> f3ew: i hope i understood you question, but i'm trying to send from my VPS with postfix installed.
[09:02:08] <f3ew> How?
[09:04:49] <ramontayag> well, just mail -s ".." email@address. i'm pretty sure i made some stupid mistake somewhere since postfix is a mature system already.
[09:05:10] <ramontayag> but i've been trying to get it to send for the past 4 hours i was hoping someone more familiar can point me to the right direction :)
[09:05:20] *** Zblakany has joined #postfix
[09:07:50] *** harobed has joined #postfix
[09:10:39] <ramontayag> f3ew: if there's an error, where should the error come out?
[09:11:14] *** phyrrus has quit IRC
[09:11:35] <ramontayag> based on my syslog, error messages should show in maillog, right? and if "mail" is supposed to send email via postfix, and postfix is up and running, i'm wondering why nothing shows up in maillog
[09:12:11] *** alys has joined #postfix
[09:13:40] *** alys has quit IRC
[09:16:04] *** hever has joined #postfix
[09:26:12] *** klem has quit IRC
[09:27:24] *** Motoko-chan has quit IRC
[09:29:55] *** klem has joined #PostFix
[09:32:30] *** mactimes has joined #postfix
[09:35:25] <f3ew> ramontayag are you sure you are calling the Postfix sendmail?
[09:35:32] <f3ew> Are you logging mail.info?
[09:41:34] *** denis_ has joined #postfix
[09:43:50] <ramontayag> f3ew: how can i make sure? yes, in syslog I put all info into maillog
[09:48:05] <f3ew> ramontayag restart syslogd?
[09:48:47] *** denis_ has quit IRC
[09:50:34] <ramontayag> f3ew: i didn't change anything, it was like that when i opened it, so I didn't restart :)
[09:50:45] *** muh2000 has quit IRC
[09:50:55] *** denis_ has joined #postfix
[09:52:03] *** acalvo has joined #postfix
[09:55:57] *** war9407 has joined #postfix
[09:57:17] *** NoName has joined #postfix
[09:57:29] *** M1Garand has joined #postfix
[09:57:44] *** NoName is now known as Guest54681
[10:00:25] *** emcepe has joined #postfix
[10:01:01] *** denis_ has quit IRC
[10:01:02] *** sophokles has quit IRC
[10:01:02] *** BlackNet has quit IRC
[10:01:02] *** saurabhb has quit IRC
[10:01:02] *** felix_da_catz has quit IRC
[10:01:02] *** WorkRaoul has quit IRC
[10:01:02] *** deadpigeon has quit IRC
[10:01:02] *** sed___ has quit IRC
[10:01:02] *** Slashman has quit IRC
[10:01:02] *** lunaphyte has quit IRC
[10:01:02] *** VaNNi has quit IRC
[10:01:02] *** kfo has quit IRC
[10:01:02] *** tibyke has quit IRC
[10:01:02] *** micols has quit IRC
[10:01:02] *** Zordrak has quit IRC
[10:01:02] *** oekotaco has quit IRC
[10:01:02] *** jonez has quit IRC
[10:01:02] *** Ammler has quit IRC
[10:01:02] *** mcp has quit IRC
[10:01:02] *** loompek has quit IRC
[10:01:03] *** Dominian has quit IRC
[10:01:03] *** js_ has quit IRC
[10:01:03] *** nb has quit IRC
[10:01:05] *** M1Garand is now known as BlackNet
[10:01:09] *** Ammller has joined #postfix
[10:01:11] *** emcepe is now known as mcp
[10:01:37] *** Ammller is now known as Ammler
[10:01:41] <sako> hey all, i dont know if i did something wrong here.. anyone get atmail to work with postfix?
[10:02:05] *** Zordrak has joined #postfix
[10:02:07] *** micols has joined #postfix
[10:02:08] *** oekotaco has joined #postfix
[10:02:12] <sako> i do not use mysql with postfix.. i tried installing the atmail open webmail client and cant get it up and running
[10:02:20] *** Dominian has joined #postfix
[10:02:21] *** js_ has joined #postfix
[10:02:46] *** kfo has joined #postfix
[10:04:46] *** beawesomeinstead has quit IRC
[10:05:33] *** beawesomeinstead has joined #postfix
[10:06:28] *** Ammler has quit IRC
[10:06:28] *** kfo has quit IRC
[10:06:33] *** sed_ has joined #postfix
[10:06:33] *** denis_ has joined #postfix
[10:06:33] *** sophokles has joined #postfix
[10:06:33] *** saurabhb has joined #postfix
[10:06:33] *** felix_da_catz has joined #postfix
[10:06:33] *** WorkRaoul has joined #postfix
[10:06:33] *** deadpigeon has joined #postfix
[10:06:33] *** sed___ has joined #postfix
[10:06:33] *** Slashman has joined #postfix
[10:06:33] *** lunaphyte has joined #postfix
[10:06:33] *** VaNNi has joined #postfix
[10:06:33] *** kfo has joined #postfix
[10:06:33] *** tibyke has joined #postfix
[10:06:33] *** jonez has joined #postfix
[10:06:33] *** Ammler has joined #postfix
[10:06:33] *** loompek has joined #postfix
[10:06:33] *** nb has joined #postfix
[10:06:47] *** tibyke has quit IRC
[10:06:48] *** sako has quit IRC
[10:06:50] *** VaNNi has quit IRC
[10:06:57] *** ming_zym has quit IRC
[10:06:58] *** tibyke has joined #postfix
[10:06:59] *** sed___ has quit IRC
[10:07:04] *** lunaphyte has quit IRC
[10:07:08] *** nb has quit IRC
[10:07:14] *** kfo_ has joined #postfix
[10:07:19] *** lunaphyte has joined #postfix
[10:07:31] *** VaNNi has joined #postfix
[10:07:31] *** Robbie__ has joined #postfix
[10:07:45] *** deadpigeon has quit IRC
[10:07:57] *** Ammler has quit IRC
[10:08:15] *** Ammller has joined #postfix
[10:08:25] *** Robbie___ has joined #postfix
[10:08:33] *** Ammller is now known as Ammler
[10:08:33] *** Robbie__ has quit IRC
[10:11:56] *** beawesomeinstead has quit IRC
[10:11:56] *** mcp has quit IRC
[10:11:57] *** s0ber has quit IRC
[10:11:57] *** Sputnikk23 has quit IRC
[10:11:57] *** theblackbox has quit IRC
[10:11:57] *** aglet has quit IRC
[10:11:57] *** Dyson has quit IRC
[10:11:57] *** anders_l has quit IRC
[10:11:57] *** Radiance has quit IRC
[10:11:57] *** internat has quit IRC
[10:11:57] *** jetole has quit IRC
[10:11:57] *** Signum has quit IRC
[10:11:57] *** jluedke has quit IRC
[10:11:57] *** AllenJB has quit IRC
[10:11:57] *** MatBoy has quit IRC
[10:11:57] *** cyc has quit IRC
[10:11:57] *** davidisko has quit IRC
[10:11:57] *** TwoFix_Work has quit IRC
[10:11:57] *** yosafbridge has quit IRC
[10:11:57] *** jeev has quit IRC
[10:11:58] *** cite has quit IRC
[10:11:58] *** mosez has quit IRC
[10:11:58] *** fumblnoob has quit IRC
[10:11:58] *** chrisq has quit IRC
[10:11:58] *** anders_l_ has joined #postfix
[10:11:58] *** chrisq_ has joined #postfix
[10:11:58] *** davidisk1 has joined #postfix
[10:12:00] *** jluedke_ has joined #postfix
[10:12:00] *** Signum has joined #postfix
[10:12:01] *** AllenJB_ has joined #postfix
[10:12:02] *** mosez has joined #postfix
[10:12:05] *** fumblnoob has joined #postfix
[10:12:05] *** cite has joined #postfix
[10:12:07] *** MatBoy has joined #postfix
[10:12:07] *** Radiance has joined #postfix
[10:12:09] *** cyc has joined #postfix
[10:12:13] *** aglet has joined #postfix
[10:12:15] *** Dyson has joined #postfix
[10:12:15] *** theblackbox has joined #postfix
[10:12:20] *** s0ber has joined #postfix
[10:12:22] *** jetole has joined #postfix
[10:12:23] *** Sputnikk23 has joined #postfix
[10:12:25] *** mcp has joined #postfix
[10:12:26] *** TwoFix_Work has joined #postfix
[10:12:27] *** internat has joined #postfix
[10:12:28] *** yosafbridge has joined #postfix
[10:12:33] *** beawesomeinstead has joined #postfix
[10:15:14] *** AllenJB_ is now known as AllenJB
[10:15:48] *** gerhard7 has joined #postfix
[10:16:51] *** kfo has quit IRC
[10:16:52] *** kfo_ is now known as kfo
[10:16:56] *** digitalmortician has joined #postfix
[10:17:56] *** loompek has quit IRC
[10:19:22] *** mosez has left #postfix
[10:40:36] *** jakan has joined #postfix
[10:41:01] *** polaru has quit IRC
[10:41:07] *** srdan_ has joined #postfix
[10:43:28] <srdan_> is there any better way to insert messages into the postfix queue than using the sendmail command?
[10:45:15] <srdan_> every month our clients send out their billing email and it always takes ages and I'm starting to think that it's because of the program which relies on sendmail to pass the message to postfix
[10:47:30] <jakan> hello, got a problem with "mysql query failed: Unknown column 'email' in 'where clause'" for mailboxes that don't exist localy. lofile: http://pastebin.com/m16f335d anyone got any clue how can i fix it ?
[10:48:32] *** polaru has joined #postfix
[10:58:37] *** Zeit|awy has joined #postfix
[11:05:02] *** F6F has joined #postfix
[11:05:22] <f3ew> srdan_ SMTP
[11:05:37] <f3ew> jakan fix your MySQL query to check the correct column?
[11:05:45] *** nomex has joined #postfix
[11:06:08] <nomex> can i define different mx record for each email adress?
[11:06:42] <f3ew> No
[11:06:49] <f3ew> MX records are per domain
[11:06:59] <nomex> ok f3ew
[11:07:12] <f3ew> See per user transport_maps if they are useful
[11:07:15] <f3ew> !transport_maps
[11:07:16] <knoba> f3ew: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.
[11:08:02] *** sophokles has quit IRC
[11:09:47] <acalvo> Hi
[11:10:00] <acalvo> I've configured postfix+dovecot with ldap backend
[11:10:02] <acalvo> I can log in
[11:10:09] <acalvo> and maildir is cretaed
[11:10:10] <acalvo> created
[11:10:15] <acalvo> but if I try to send a mail
[11:10:18] <acalvo> it does not work
[11:11:24] *** srdan has joined #postfix
[11:13:10] *** srdan_ has quit IRC
[11:15:53] <jakan> f3ew: my query is correct, if i send an email to any virtual mailbox / alias that exista in the database i get no error, i get the error only when the address is invalid
[11:16:27] *** jakan has quit IRC
[11:16:40] <f3ew> acalvo logs?
[11:16:41] <f3ew> !debug
[11:16:42] <knoba> f3ew: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://rafb.net/paste/ .
[11:17:03] <acalvo> f3ew: yes, but it only says that it does not find the recipient and then the mail is bounced
[11:17:16] <acalvo> (which, to be honest, I don't quite understand what it means with "bounced")
[11:17:33] <f3ew> acalvo a bounce was generated?
[11:17:38] <f3ew> Show the logs :)
[11:19:11] <acalvo> f3ew: http://pastebin.com/d4867aea0
[11:21:51] <f3ew> !loopback
[11:21:52] <knoba> f3ew: "loopback" : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains
[11:21:55] <f3ew> See that :)
[11:22:27] <acalvo> f3ew: ok, I'll take a look! thanks!
[11:25:43] <nomex> f3ew: with optional, it means, if no match for redirection then continue with the next router?
[11:26:36] <f3ew> if no user match, then follow the domain
[11:26:37] <f3ew> yes
[11:28:12] *** pingouin has quit IRC
[11:28:41] *** arossouw has joined #postfix
[11:29:20] <arossouw> hi i am using kolab and postfix, i've added check_sender_access and listed the addresses i would like to reject, also ran postmap, but its not working :-(
[11:29:55] *** F6F_ has joined #postfix
[11:33:13] <maloi> problem: i have 1 domain example.com. i want to make that a virtual_mailbox domain, i have adresses like firstname.lastname at example dot com and they should be mapped to loginname at example dot com, i'd do that via virtual_alias_maps but then i have to put example.com in virtual_alias_domains too, and i've read that a domain should only be listet in one them? so what's a clever way?
[11:33:55] *** nomex has quit IRC
[11:35:10] *** henk has left #postfix
[11:36:24] *** pingouin has joined #postfix
[11:40:00] <acalvo> f3ew: do you mind taking a look at my config to see if you see any errors? (I've tried the loopback error, but I think is more related with user not found error)
[11:43:50] <acalvo> http://pastebin.com/d5b9305b5
[11:51:12] *** maxernoult has joined #postfix
[11:51:33] *** maxernoult has left #postfix
[11:51:51] *** normes has joined #postfix
[11:53:35] *** kmq has joined #postfix
[11:56:07] <normes> hi, is it possible to set two mailserver as destination in a transport map for backup purposes? i've tried "* smtp:mailhub1.example.com,smtp:mailhub2.example.com" but that isn't a valid syntax
[12:10:08] *** cilly has joined #postfix
[12:14:24] *** Administrator__ has joined #postfix
[12:14:25] *** RonDutt` has quit IRC
[12:15:30] *** alys has joined #postfix
[12:15:48] *** RonDutt` has joined #postfix
[12:15:52] *** Administrator__ has quit IRC
[12:16:20] *** RonDutt` has quit IRC
[12:16:49] *** RonDutt` has joined #postfix
[12:16:58] *** alys has left #postfix
[12:21:35] * f3ew returns
[12:22:18] *** theblackbox is now known as theblackslab
[12:22:39] *** theblackslab is now known as theblackbox
[12:28:34] *** bluethundr_ has joined #postfix
[12:29:47] *** cpm has joined #postfix
[12:32:34] *** MasterOne has joined #postfix
[12:44:10] <MasterOne> Christop Haas, are you present?
[12:44:30] <MasterOne> I mean Christoph Haas ;)
[12:46:53] <cpm> Oh, he's here awright. But he's good at hiding.
[12:54:45] <MasterOne> Christoph Haas, I have to leave now, but I'll be back in a couple of hours, maybe we find a time to chat (your blog comments are not really suitable for discussions, I posted quite some comments lately, and it's getting pretty confusing), FYI it's especially about the milter-matter just posted on your amavis page (unfortunately it's not shown who posts the comments, except for you)
[12:54:59] *** bluethundr_ has quit IRC
[12:59:31] *** eanxgeek has joined #postfix
[13:05:40] *** Celestar has joined #postfix
[13:09:08] *** st_iron has joined #postfix
[13:09:11] <st_iron> hello all
[13:09:22] <st_iron> I have a very funny error message today
[13:09:25] <st_iron> fatal: root(0): message file too big
[13:09:35] <st_iron> can anyone help me to find out the reason?
[13:10:21] <kmq> did you check your message size limit ?
[13:10:46] <Celestar> I'm trying to set up SMTP AUTH via cyrus-sasl/saslauthd. currently postfix is trying to use /etc/sasldb2, but authentication fails with this error:
[13:10:53] <Celestar> warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
[13:11:05] <Celestar> yet the file is there and the permissions are in order. where am I messing this up?
[13:12:26] <Celestar> also, can I just tell it to use pam to authenticate uses instead of /etc/sasldb2 ?
[13:13:38] <cpm> !ask
[13:13:39] <knoba> cpm: Error: "ask" is not a valid command.
[13:13:43] <cpm> !question
[13:13:44] <knoba> cpm: Error: "question" is not a valid command.
[13:13:47] <cpm> bah
[13:14:39] *** Zeit|awy has quit IRC
[13:15:14] <st_iron> kmq: can it be because of a dns error?
[13:16:06] <kmq> what make you think that could be the case ?
[13:16:13] <cpm> !sasl
[13:16:14] <knoba> cpm: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[13:16:31] <cpm> !sasl_readme
[13:16:32] <knoba> cpm: "sasl_readme" : www.postfix.org/SASL_README.html
[13:17:10] *** F6F has quit IRC
[13:17:11] *** F6F_ has quit IRC
[13:17:18] *** F6F has joined #postfix
[13:18:02] <cpm> Gee, when I googled "fatal: root(0): message file too big" this was the FIRST hit I got: http://www.tek-tips.com/viewthread.cfm?qid=1073614&page=11
[13:18:40] * kmq hopes that site referres to a dns problem...
[13:19:09] <Celestar> cpm: that readme refers to creating a file where a put a user:password map?
[13:19:22] *** st_iron has quit IRC
[13:19:58] <cpm> Celestar, let's back up a bit, like way way up.
[13:20:04] <cpm> Are you using an IMAP server?
[13:20:09] <Celestar> yeah. cyrus
[13:20:13] <cpm> k.
[13:20:31] <Celestar> that part is already working flawlessly
[13:20:57] <cpm> I don't mean this in any kind of harsh way, but since you have chosen to use cyrus, that kinda marks you as a cyrus expert, as all folks who run cyrus are experts. This is evidenced by the complete lack of decent documentation for such an old and excellent system.
[13:21:07] <cpm> So, good luck with all that.
[13:21:19] <cpm> since your imap is working well, the auth backend is working well.
[13:21:40] <Celestar> heh ;)
[13:21:41] <cpm> There is an outside chance, that since postfix by defaul on a lot of systems typically runs in a chroot, that the chroot can't see the
[13:21:49] <cpm> authd
[13:21:50] *** mactimes has quit IRC
[13:21:54] <Celestar> oh ..
[13:21:59] <Celestar> *checks*
[13:22:25] *** Skaag_ has joined #postfix
[13:22:56] <Celestar> cpm: thanks. that was (part of) the problem
[13:25:57] *** srdan has quit IRC
[13:29:23] <Celestar> hm .but only part ;)
[13:32:44] *** aglet has quit IRC
[13:39:11] *** stephan48 has joined #postfix
[13:43:54] <Celestar> cpm:  but I agree with your "lack of decent documentation" :P
[13:51:30] <cpm> Celestar, why some of us went with courier-imap or dovecot a few years back. cyrus is def an excellent product. But it's another case of if you don't already know, then you never will.
[13:53:18] <cpm> Celestar, what are the contents of your smtpd.conf file?
[13:55:08] <Celestar> pwcheck_method: saslauthd
[13:55:50] <Celestar> mech_list: plain login
[13:56:13] <Zerberus> Celestar: and is the daemon running?
[13:56:22] <Celestar> saslauthd? yes.
[13:56:28] <cpm> and you want to check against shadow ?
[13:56:33] <Celestar> against shadow or pam.
[13:56:46] <Zerberus> Celestar: postfix runs chrooted or not?
[13:56:47] <Celestar> imapd uses saslauthd to check against pam, works without problems
[13:56:55] <Celestar> Zerberus: i've disabled chroot for the time being
[13:57:00] <Celestar> Aug 18 13:56:29 ubuntu postfix/smtp[30868]: fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameter
[13:57:06] <Celestar> hm :S
[13:57:29] <cpm> output of saslauthd -v
[13:57:30] <cpm> ?
[13:57:37] <f3ew> smtp != smtpd
[13:57:53] <Celestar> yeah, but I don't like "fatal" anyway ;)
[13:58:04] <Celestar> cpm: authentication mechanisms: sasldb getpwent kerberos5 pam rimap shadow ldap
[13:58:13] <cpm> k
[13:58:18] <cpm> that looks good.
[14:00:23] <cpm> authdaemond_path ?
[14:00:27] <cpm> (from smtpd.conf)
[14:00:59] <Zerberus> Celestar: what does the saslauthd when postfix is trying to use it?
[14:01:29] <f3ew> Yeah, you have smtp_sasl_auth_enable = yes when you probably meant smtpD_sasl_auth_enable = yes
[14:01:34] <f3ew> See the missing D
[14:01:45] <Celestar> f3ew: I have both.
[14:01:49] <f3ew> ah
[14:02:10] <f3ew> Your saslauthd thing is for smtpD
[14:03:34] <Celestar> oh ffs.
[14:03:37] <Celestar> <= n00b
[14:04:10] <Celestar> it works, I had a file permission messup  :S
[14:05:25] <Celestar> thanks guys.
[14:10:58] *** pinoyskull has quit IRC
[14:18:11] *** Manish has quit IRC
[14:20:27] <cpm> is often the case.
[14:20:44] <cpm> gettit working, then sort out the chroot issue.
[14:25:00] *** cilly has quit IRC
[14:25:05] *** cilly has joined #postfix
[14:25:21] *** f3ew has quit IRC
[14:27:53] *** loddafnir1 has joined #postfix
[14:30:00] *** cilly has quit IRC
[14:30:22] *** f3ew has joined #postfix
[14:39:56] *** eanxgeek has quit IRC
[14:39:58] *** cilly has joined #postfix
[14:40:15] *** Skaag_ has quit IRC
[14:41:07] *** Skaag has joined #postfix
[14:42:17] *** _cdc_ has joined #postfix
[14:42:38] *** eanxgeek has joined #postfix
[14:43:37] *** eanxgeek has quit IRC
[14:43:57] *** eanxgeek has joined #postfix
[14:44:23] *** eanxgeek has quit IRC
[14:44:36] *** eanxgeek has joined #postfix
[14:49:39] *** brancaleone has joined #postfix
[14:50:56] *** _cdc_ has quit IRC
[15:08:53] *** polaru has quit IRC
[15:09:15] *** polaru has joined #postfix
[15:09:18] *** Nockian has quit IRC
[15:10:57] *** tjz has quit IRC
[15:13:14] *** polaru has quit IRC
[15:13:40] *** polaru has joined #postfix
[15:14:04] *** hooch has quit IRC
[15:14:11] *** hooch has joined #postfix
[15:16:02] *** dragonbyte has joined #postfix
[15:16:24] <dragonbyte> if I have 2 domains and 1 IP what do I need to do to stop from getting flagged as spam for the reverse lookup not matching one of the domains?
[15:22:59] *** phyrrus has joined #postfix
[15:23:18] *** Nockian has joined #postfix
[15:24:41] <MasterOne> back I am, does not seem, that Christoph passed by in the meantime :(
[15:27:42] <MasterOne> dragonbyte: the reverse dns entry does not have anything to do with the hosted domains, but with the name postfix authenticates itself (as in /etc/mailname)
[15:28:21] *** cps0 has joined #postfix
[15:29:35] <MasterOne> does anybody know, how to use proxy_interfaces in main.cf for a NATed setup?
[15:29:54] <dragonbyte> so the reverse needs to match /etc/mailname but it can send emails from @somethingelse.com without hastle?
[15:31:54] <MasterOne> dragonbyte: that's one of the fundamental things, since you only can have one reverse DNS entry for an IP address, and would be unable to host more than one domain otherwise
[15:33:33] <dragonbyte> I have only ever dealt with having one outgoing mail domain per IP.  Obviously I knew it was possible to make it work cleanly sending multiple domains from one IP, just never got stuck in that situation (not having separate server/ip)
[15:33:54] <dragonbyte> only usually deal with multiple domains being aliased inwards (.com/.net/org) all going to one box while .com is used for all outoging
[15:34:30] *** muh2000 has joined #postfix
[15:35:29] <MasterOne> the reverse dns entry is only relevant for sending emails, and the remote mailserver only needs to be able to check, that the postfix name matches the reverse dns entry, and that one fqdn does not have to be in any relation with the domain used in the sent email
[15:37:30] <dragonbyte> basically so long as the server is who it claims to be it can send as who it wants to send as :)
[15:38:18] <MasterOne> that's what I am actually fiddling around with, having a mailserver behind a NAT
[15:38:28] <dragonbyte> that is what I do
[15:38:49] <MasterOne> http://www.postfix.org/BASIC_CONFIGURATION_README.html doesn't quite explain it well
[15:39:21] <dragonbyte> so should mailname be a FQDN?  I thought it shoudl be just domain.com if you want your emails to be from @domain.com
[15:39:51] <Dominian> !fqdn
[15:39:51] <knoba> Dominian: "fqdn" : the 'Fully-Qualified Domain Name'. It consists of the hostname part and the domain part. 'www.postfix.org' is a FQDN whereas 'www' is not. Only DNS resolvable, fully-qualified domain names (FQDNs) are permitted when domain names are used in SMTP.
[15:39:57] <Dominian> !ptr
[15:39:57] <knoba> Dominian: "ptr" : A PTR record or pointer record, maps an IPv4 address to the canonical name for that host. Setting up a PTR record for a hostname in the in-addr.arpa domain that corresponds to an IP address implements reverse DNS lookup for that address
[15:39:59] <MasterOne> /etc/mailname is the fqdn
[15:40:30] <MasterOne> of the host sending emails
[15:40:33] <Dominian> Your fqdn should be whatever your mail server answers as
[15:41:40] <MasterOne> the question is now, how does proxy_interfaces interact with all the other settings
[15:42:00] <MasterOne> "you need to configure the proxy_interfaces parameter and specify all the external proxy or NAT addresses that Postfix receives mail on"
[15:42:18] <dragonbyte> so how does myhostname and myorigin relate to /etc/mailname?
[15:42:28] <dragonbyte> right now my /etc/mailname is just domain.com not host.domain.com
[15:42:31] <Dominian> if its debian, it all relates to that
[15:42:40] <dragonbyte> so apparently I am doing it wrong :)
[15:42:54] *** beawesomeinstead has quit IRC
[15:43:00] <Dominian> Well /etc/mailname is not postfix-specific.. that is a Debianism
[15:43:24] <dragonbyte> does /etc/mailname even mean anything if you are using myhostname and myorigin set manually?
[15:44:13] <dragonbyte> so the real issue is that myhostname needs to be a FQDN that matches the ptr record?
[15:44:53] <f3ew> It needs to be a FQDN, and should ideally match the PTR
[15:45:32] *** aditsu has joined #postfix
[15:45:46] *** RonDutt` has quit IRC
[15:45:54] <dragonbyte> and myorigin is what shows up after user@ correct?
[15:46:05] *** RonDutt` has joined #postfix
[15:47:00] <aditsu> hi, I have postfix installed, and root receives email from cron in its own user mailbox, how can I make it go to a virtual mailbox instead?
[15:48:46] *** hever has quit IRC
[15:58:26] *** dragonbyte has quit IRC
[16:00:20] *** Muhis has joined #Postfix
[16:01:31] *** beawesomeinstead has joined #postfix
[16:08:57] *** F6F has quit IRC
[16:10:47] *** F6F has joined #postfix
[16:22:01] *** mactimes has joined #postfix
[16:23:38] *** dragonbyte has joined #postfix
[16:28:05] *** Ryushin has joined #postfix
[16:29:11] *** diesel has quit IRC
[16:31:01] *** beawesomeinstead has quit IRC
[16:31:19] *** beawesomeinstead has joined #postfix
[16:38:53] *** cilly has quit IRC
[16:39:31] *** cilly has joined #postfix
[16:42:07] *** LinuxCode has joined #postfix
[16:42:40] *** hever has joined #postfix
[16:43:33] *** hever has quit IRC
[16:44:18] *** hever has joined #postfix
[16:45:37] *** saurabhb has quit IRC
[16:46:22] *** dragonbyte has quit IRC
[16:53:21] *** Skaag has quit IRC
[16:54:51] *** dalurka has joined #postfix
[16:56:35] <aditsu> hi, I have postfix installed, and root receives email from cron in its own user mailbox, how can I make it go to a virtual mailbox instead?
[16:56:43] <Dominian> !virtual
[16:56:43] <knoba> Dominian: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[16:56:45] <Dominian> !alias
[16:56:46] <knoba> Dominian: "alias" : ITYM !alias_maps
[16:56:50] <Dominian> !alias_maps
[16:56:50] <knoba> Dominian: "alias_maps" : a configuration parameter in the main.cf: The alias databases that are used for local(8) delivery. See aliases(5) for syntax details.
[16:59:01] *** CrazyFoam has quit IRC
[17:00:06] *** phyrrus_ has joined #postfix
[17:03:01] *** phyrrus has quit IRC
[17:03:05] *** xabbuh has quit IRC
[17:03:05] *** seekwill has joined #postfix
[17:03:38] *** beawesomeinstead has quit IRC
[17:04:01] *** beawesomeinstead has joined #postfix
[17:06:02] *** pingouin has quit IRC
[17:10:33] *** RonDutt` has quit IRC
[17:10:52] <aditsu> Dominian: oh, cool, it works
[17:11:16] <aditsu> thanks
[17:12:37] <Dominian> np
[17:13:06] *** CrazyFoam has joined #postfix
[17:14:28] *** burnersk has joined #postfix
[17:20:09] *** deadpigeon has joined #postfix
[17:25:45] *** gerhard7 has quit IRC
[17:26:37] *** Celestar has quit IRC
[17:28:38] *** phyrrus_ has quit IRC
[17:35:04] *** hever has quit IRC
[17:35:45] *** pickcoder has joined #postfix
[17:37:13] *** gerhard7 has joined #postfix
[17:43:39] *** CrazyFoam has quit IRC
[17:45:21] *** pingouin has joined #postfix
[17:53:25] *** maloi has quit IRC
[17:55:46] *** irgendwer4711 has joined #postfix
[17:57:22] *** jascotty has joined #postfix
[17:57:33] <irgendwer4711> hi, postfix denied users at port smtps although there are authenticated well
[17:58:07] <irgendwer4711> I used this rule:  smtpd_client_restrictions=permit_sasl_authenticated,reject
[17:59:06] <iasmina> do they
[17:59:14] <iasmina> use in their mail client
[17:59:31] <iasmina> My server requires authentification option ?
[18:00:02] <irgendwer4711> I have configured SSL in client
[18:00:30] <rob0> smtpd_client_restrictions does not control relaying
[18:01:38] <irgendwer4711> I got Client host rejected: Access denied
[18:01:52] *** polaru has quit IRC
[18:02:24] <irgendwer4711> I had configured all relaying stuff in main.cf
[18:02:52] <irgendwer4711> Which paramter are nessessary in master.cf for SSL?
[18:03:31] <rob0> smtpd_recipient_restrictions DOES control relaying. But that error sounds like no AUTH happened, or AUTH failed. See /topic, no more guessing.
[18:04:25] <rob0> Relevant information also includes your smtps - smtpd command lines from master.cf
[18:05:38] *** Robbie___ has quit IRC
[18:06:24] <irgendwer4711> My client said, host do not say any helo
[18:06:37] <irgendwer4711> does not..
[18:06:50] <rob0> huh?
[18:08:08] <irgendwer4711> It says: this host does not print a correct greeting
[18:09:30] <irgendwer4711> http://pastebin.org/9991
[18:10:04] *** hever has joined #postfix
[18:11:23] <irgendwer4711> This config is working without  smtpd_client_restrictions=permit_sasl_authenticated,reject in Master.cf
[18:14:03] <rob0> And that paste includes "postconf -n" at the bottom?
[18:14:23] <rob0> no, I bet not.
[18:14:45] <rob0> "postconf smtpd_delay_reject"
[18:14:56] <rob0> !smtpd_delay_reject
[18:14:56] <knoba> rob0: "smtpd_delay_reject" : a configuration parameter in the main.cf: Wait until the RCPT TO command before evaluating $smtpd_client_restrictions, $smtpd_helo_restrictions and $smtpd_sender_restrictions.
[18:15:26] <rob0> Yours did not wait. The rejection took place at CONNECT.
[18:16:03] <rob0> Another reason why smtpd_recipient_restrictions should have been used.
[18:17:26] <irgendwer4711> yo I think so
[18:17:39] * cpm uses smtpd_rob0_restrictions
[18:19:02] <irgendwer4711> I am confused now
[18:19:56] <irgendwer4711> I only want to mail secure throu port 465
[18:20:30] <rob0> Answer me.
[18:21:21] <irgendwer4711> this was main.cf
[18:22:06] <rob0> !welcome
[18:22:07] <knoba> rob0: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[18:22:22] <rob0> Answer this too: 16:14 < rob0> "postconf smtpd_delay_reject"
[18:22:43] <irgendwer4711> smtpd_delay_reject = no
[18:23:42] <rob0> Keep reading what has already been given you. At least two answers are therein.
[18:24:33] *** jeev has joined #postfix
[18:24:52] *** harobed has quit IRC
[18:24:56] <irgendwer4711> its running, the delay made problems
[18:25:30] <rob0> Why did you set "smtpd_delay_reject = no"? That is not the default. See why?
[18:25:44] *** nb has joined #postfix
[18:25:56] <irgendwer4711> I had uses a sleep in one rule days ago
[18:30:16] <irgendwer4711> forgotten to disabled this other part
[18:30:23] <rob0> The other answer, which can coexist with "smtpd_delay_reject = no", was 16:16 < rob0> Another reason why smtpd_recipient_restrictions should have been used.
[18:32:01] <rob0> smtpd_FOO_restrictions ... the restriction happens at "FOO" in the SMTP dialogue.
[18:33:22] <rob0> client=connection, helo, sender="MAIL FROM", recipient="RCPT TO", data, end_of_data
[18:35:30] *** brancaleone has quit IRC
[18:35:33] <irgendwer4711> yes
[18:36:14] <irgendwer4711> now iths solved#
[18:36:50] *** Skaag has joined #postfix
[18:39:06] <cpm> !submission
[18:39:06] <knoba> cpm: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409.
[18:40:16] * rob0 beats cpm into submission
[18:41:14] * cpm falls over
[18:43:46] *** githogori has quit IRC
[18:44:04] *** clockspider has quit IRC
[18:58:12] *** pickcoder has quit IRC
[19:01:57] *** irgendwer4711 has left #postfix
[19:13:18] *** gerhard7 has quit IRC
[19:21:12] *** jascotty has quit IRC
[19:29:59] <jelly> I thought he liked submission from the get go?
[19:30:02] *** Motoko-chan has joined #postfix
[19:31:50] <Sputnikk23> hahaha
[19:34:19] *** sako has joined #postfix
[19:34:47] <sako> hi everyone, i have been working on setting up my email servers, i don't know what to use for my pop3/imap dovecot or courier.. any suggestions?
[19:35:04] <sako> i hear dovecot is somewhat a pita but it is the faster one out of the 2
[19:36:26] <anonymous> my vote goes to dovecot
[19:36:41] <shasta> i just switched from courier to dovecot on a ~20000 accounts system(s)
[19:38:12] <jiffe> why did you switch?
[19:38:29] *** F6F has quit IRC
[19:40:53] <shasta> quotas, sieve, gives me sasl for postfix out of the box, indexes, etc.
[19:42:40] <jiffe> I see
[19:44:13] *** xenoterracide has joined #postfix
[19:46:11] <xenoterracide> need some advice. I've got all the email accounts hosted w/ google domains because I don't really want to deal with it. I need our webserver to have smtp because I need the site and server to be able to send emails. this server shouldn't receive mail at all. I'm not really sure what the best setup for this is. can anyone offer me some direction?
[19:46:12] <rob0> Dovecot seems to be more actively developed and documented, but that may just be a perception. Dovecot SASL is very nice.
[19:46:32] <rob0> !tell xenoterracide standard
[19:46:50] <rob0> ("null client")
[19:47:00] <rob0> !null_client
[19:47:01] <knoba> rob0: Error: "null_client" is not a valid command.
[19:47:05] <rob0> !nullclient
[19:47:06] <knoba> rob0: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.
[19:47:54] <xenoterracide> thanks rob0
[19:52:47] *** beawesomeinstead has quit IRC
[19:59:30] *** mactimes has quit IRC
[20:00:17] *** amrit is now known as amrit|wrk
[20:12:19] *** beawesomeinstead has joined #postfix
[20:16:04] *** Zygo has quit IRC
[20:16:27] *** Zygo has joined #postfix
[20:16:47] *** al has quit IRC
[20:16:55] <Sputnikk23> i have tls auth setup. using thunderbird as a client - i get denied access to send email outside of @mydomain unless I turn on TLS and authenticate. However, if I send inside @mydomain from my thunderbird client I can turn off TLS and Auth and be allowed to send. Is this normal behavior?
[20:17:07] *** Rockj has quit IRC
[20:17:13] *** eye69 has quit IRC
[20:17:15] *** al has joined #postfix
[20:17:20] *** Rockj has joined #postfix
[20:17:27] *** eye69 has joined #postfix
[20:17:30] <MasterOne> !msa
[20:17:31] <knoba> MasterOne: "msa" : Message Submission Agent : a process which accepts message submissions from MUAs on port 587 known as 'message submission service' using the 'message submission protocol' defined by rfc4409. To enable message submission service in postfix uncomment the relevant lines in master.cf. also see !submission.
[20:18:00] <MasterOne> !submission
[20:18:02] <knoba> MasterOne: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409.
[20:18:24] *** CrazyFoam has joined #postfix
[20:18:53] <MasterOne> what does an email client need to be able to send over submission?
[20:19:00] <MasterOne> !nullclient_software
[20:19:01] <knoba> MasterOne: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include esmtp, ssmtp and nullmailer. also see !msa
[20:19:02] <KB1JWQ> Sputnikk23: Yes, though there can be two reasons for it.
[20:19:27] <KB1JWQ> MasterOne: Something that can pass a set of credentials.
[20:19:44] <KB1JWQ> MasterOne: And of course the ability to speak over 587 in most cases.
[20:20:55] <MasterOne> any idea, what a common configuration option in an email client should look like?
[20:21:50] <Sputnikk23> KB1JWQ: so how would one prevent an outsider from flooding my domain? He can't use it to relay spam to the rest of the world but he can spam my users.
[20:22:05] <KB1JWQ> MasterOne: It'll vary from client to client.
[20:22:09] <MasterOne> my problem is, I wanted to use a second postfix instance for client connects which does not get checked by spamass-milter, and it was recommended to use submission, but I've never seen that before in any client software
[20:22:32] <KB1JWQ> Sputnikk23: Urm... if you require authentication to send email to your users, you'll get no email from the outside world.
[20:22:37] <KB1JWQ> !cheatsheet
[20:22:38] <knoba> KB1JWQ: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.
[20:22:40] <KB1JWQ> Sputnikk23: Go read that.
[20:22:58] <KB1JWQ> MasterOne: Ah.
[20:23:15] <KB1JWQ> MasterOne: Set it to use a username and password, and to use port 587.  You're done.
[20:23:35] *** webchaos has joined #postfix
[20:23:39] <Sputnikk23> KB1JWQ: will do, thank you. I don't require auth to send to my users, which is why I can turn off TLS and Auth and still be able to send to @mydomain. But that leaves a small vulnerability into my own domain
[20:24:07] <KB1JWQ> Sputnikk23: That's... not a vulnerability.
[20:24:09] <MasterOne> so no special ability needed, just use client authentication and tell it to use port 587?
[20:24:15] <KB1JWQ> That's how email WORKS.
[20:24:27] <KB1JWQ> MasterOne: Yup.  Probably want to set up TLS as well, but that's up to you.
[20:24:38] <MasterOne> yes, mandatory tls of course
[20:24:56] <Sputnikk23> KB1JWQ: I guess what I'm wondering is, whats the best way to secure this public server from allowing outsiders to spam my users
[20:25:11] <KB1JWQ> Sputnikk23: And I responded with the !cheatsheet factoid.
[20:25:14] <Sputnikk23> KB1JWQ: i can't tell you how relieving that is to hear... i learned something..
[20:25:44] <MasterOne> I guess that's the only way, because if you plug in spamass-milter in main.cf, even outgoing emails are checked, and you definitely don't want to have spamass mark an outgoing email as spam by accident
[20:25:57] <KB1JWQ> Sputnikk23: Let's think about this for a second.
[20:26:11] <KB1JWQ> Sputnikk23: You have a user at your domain.  I'd like to email that user-- I should be able to, correct?
[20:26:45] <Sputnikk23> mucho correcto
[20:26:56] <KB1JWQ> Sputnikk23: Okay.  Now, you don't know me from anyone else, so I sure don't have authentication credentials for your server.
[20:27:07] <Sputnikk23> correct
[20:27:08] <KB1JWQ> Sputnikk23: So I should logically be able to send a message to that user without that.
[20:27:15] <Sputnikk23> correct...
[20:27:20] <KB1JWQ> Sputnikk23: Now, if I can send your user one message, I can send your user fifty thousand messages.
[20:27:47] <KB1JWQ> There are a number of ways to address that concern, including using various RBLs, rate limiting, etc.
[20:27:52] <Sputnikk23> correct..
[20:28:00] <Sputnikk23> let me guess, in the cheatsheet? :)
[20:28:04] <KB1JWQ> Ding ding ding!
[20:28:08] <Sputnikk23> what do i win?
[20:28:35] <Sputnikk23> KB1JWQ: truth be told, it took me 1.5 days to wrap th at around my head
[20:29:13] <KB1JWQ> Hey, at least you took the time to grasp that.
[20:29:25] *** TeraHertz has joined #postfix
[20:29:41] <seekwill> Spammers
[20:29:42] <rob0> BTW, "inside @mydomain" is a non-sequitur. mydomain is a domain name, it is not a network.
[20:30:11] <KB1JWQ> rob0: I made the same mistake, he meant mail to users @domain
[20:30:30] <Sputnikk23> i got TLS to work, and tried every option to make sure it was secure. and then I kept asking myself - if I forced the TLS Auth issue - how is regular public mail still going through.
[20:30:37] <Sputnikk23> yah, what he said..
[20:30:38] * rob0 just looked at the initial question, did not read the whole discussion.
[20:30:49] <KB1JWQ> rob0: It's sorted, mostly. :)
[20:30:57] <Sputnikk23> that it is...
[20:30:59] <rob0> right, I gathered that :)
[20:31:39] <KB1JWQ> But yeah, I get the impresion Sputnikk23 is a bit new to this.  Sputnikk23: The trick is really to define what you're trying to do precisely; it's a difficult thing to do, particularly when new to postfix.
[20:31:51] <KB1JWQ> Otherwise people like rob0 go prematurely grey. :D
[20:31:54] <Sputnikk23> but yeah.. thank you for reinforcing that.. i was starting to get to that conclusion but i was second-guessing.
[20:32:12] <Sputnikk23> so i had it setup right but didn't know how it worked... haha
[20:32:27] <KB1JWQ> Sputnikk23: You going to be doing a lot with postfix?
[20:32:42] <Sputnikk23> working on an email migration project
[20:32:56] <KB1JWQ> Sputnikk23: do yourself a favor.  Go pick up The Book of Postfix at Amazon.  It explains a lot about this, and is well written.  The O'Reilly book, not so much.
[20:33:03] <Sputnikk23> this old centos admin make a cluser**** (can we swear?) of it
[20:33:05] <rob0> It's no longer premature, I just turned 0x30.
[20:33:21] <thumbs> rob0 is premature?
[20:33:27] <lunaphyte> uh oh
[20:33:30] <Sputnikk23> i'm so worried about these two...
[20:33:31] <Sputnikk23> three...
[20:33:33] <KB1JWQ> rob0: I meant "users like rob0" in the "people who try to help" sense, not the "people who are extremely old" sense. :-D
[20:33:49] <lunaphyte> sure, you say that now.
[20:34:16] *** bluethundr has joined #postfix
[20:34:17] <rob0> /me -- and "try to help"??
[20:34:44] <rob0> s/elp/umiliate/
[20:35:49] <KB1JWQ> Attempt to assist? :)
[20:36:04] <KB1JWQ> Emphasis on the "help," not "try." :)
[20:36:52] <rob0> I help people toward sainthood. If they can remain civil after talking to me, they've got a good start!
[20:37:19] * KB1JWQ books a flight to rob0's town to beat him with a pipe
[20:37:40] <anonymous> 8)
[20:37:44] <KB1JWQ> I was going to phone it in, but that didn't work so well last time.
[20:38:05] <rob0> Ha, no airport! Drive out here, and you might end up like that deer!
[20:38:28] <rob0> A .22 in the eye beats a pipe any day.
[20:39:02] *** bluethundr has quit IRC
[20:39:03] <Sputnikk23> taking orders for deer jerky?
[20:39:28] <rob0> Sure!
[20:40:37] <rob0> Might actually be a good use for it. We didn't have enough refrigerated space to properly age the meat -- it will be tough.
[20:41:35] <rob0> We had an idea how to do it in the chest freezer, but were misled by a crappy thermometer which stops at 0deg-C. :(
[20:41:58] *** Zygo has quit IRC
[20:42:13] <rob0> So, we thought we had it at a stable 0C, but the meat froze.
[20:42:18] *** Zygo has joined #postfix
[20:43:30] *** wsp4th has joined #postfix
[20:44:28] <seekwill> KB1JWQ is also known as the "Tenderiz0r"
[20:44:34] *** eye69 has quit IRC
[20:47:01] <wsp4th> I have about 20 domains that i am hosting 15 of them are just website addresses... no email per say... 4 have MX records pointing offsite and 1 is our company email. Is there a way to set postfix to recieve mail for say  the 15 of them and have it transpose myemaildomain.com over the domain and forward it to our company MTA
[20:48:07] <wsp4th> for example: hostmaster at webdomain dot com becomes hostmaster at myemaildomain dot com?
[20:48:37] *** cilly has quit IRC
[20:52:15] *** LinuxCode has quit IRC
[20:52:16] *** LinuxCode_aw has joined #postfix
[20:53:17] <lunaphyte> most likely.  what have you tried so far?
[20:55:49] <wsp4th> i tried using virtual_alias_domains with virtual_alias_maps but reading over this other howto i just found i think i may have misconfigured it
[20:57:17] *** LinuxCode_aw has quit IRC
[20:57:34] <rob0> The whole question smells of confusion, I'm afraid. It's hard to know where to begin.
[20:58:48] <rob0> This host has one domain as MX, and 19 as Websites? 4 of those are MX'ed elsewhere?
[20:59:31] <rob0> And you want to receive for the 15 now?
[21:04:37] *** shasta has quit IRC
[21:05:24] *** shasta has joined #postfix
[21:06:42] *** nb has quit IRC
[21:10:03] <xenoterracide> http://privatepaste.com/080C99UjdD cause of the error is obvious to me. however I'm not sure why it's being sent by that user@domain where would that stuff be configured?
[21:16:35] <sako> is there anything special that has to be done to get postfix working with postgresql?
[21:16:55] <sako> besides the configurations, like would i have to compile with certain flags?
[21:17:31] <rob0> indeed, it's all there in PGSQL_README
[21:17:37] <rob0> !pgsql
[21:17:38] <knoba> rob0: "pgsql" : http://www.postfix.org/PGSQL_README.html : PostgreSQL support in Postfix
[21:18:16] <xenoterracide> hmm... fixed the domain...
[21:18:24] <xenoterracide>              (connect to oblivionet.com[12.196.18.205]:25: Connection refused)
[21:18:36] <xenoterracide> that's also... localhost...
[21:18:49] <sako> so rob0 when distros offer postfix-pgsql its just compiled with those flags right?
[21:19:03] * cpm uses the rob0 distro
[21:19:26] *** aditsu has quit IRC
[21:19:28] <rob0> sako, one might hope so. Ask them?
[21:20:10] <sako> rob0: the distro i use doesnt have it
[21:20:58] <rob0> Debian (and maybe other Linuxen) uses a dynamic libs patch
[21:21:03] <rob0> !Debian
[21:21:03] <knoba> rob0: "Debian" : Please see /usr/share/doc/postfix/README.Debian for Debian-specific information. This probably applies to Ubuntu and most other Debian-derivative distributions as well.
[21:21:56] <rob0> Wietse says he's somewhat favorable to the idea, but it needs to be ported to other supported platforms before he'll include it.
[21:22:51] *** Skaag has quit IRC
[21:23:08] <cpm> what needs to ported to other platforms?
[21:23:12] <cpm> aside from rob0
[21:24:06] <rob0> the dynamic libs patch
[21:24:29] <rob0> it works on Linux
[21:24:40] <cpm> yeah, but it's such a kludge
[21:25:08] *** cilly has joined #postfix
[21:28:01] *** Banshee1 has left #postfix
[21:28:42] *** Banshee1 has joined #postfix
[21:38:19] *** eye69 has joined #postfix
[21:39:56] *** webchaos has quit IRC
[21:40:09] *** webchaos has joined #postfix
[21:40:39] <xenoterracide> (mail for oblivionet.com loops back to myself) grr... I just want it to be able to send mail to other places...
[21:41:34] *** beawesomeinstead has quit IRC
[21:41:58] *** beawesomeinstead has joined #postfix
[21:49:00] <lunaphyte> why is it a kludge?
[21:50:14] <xenoterracide> muhaha
[21:50:16] <xenoterracide> I win
[21:50:16] *** burnersk has quit IRC
[21:50:29] *** cpm has quit IRC
[21:55:13] *** cilly has quit IRC
[21:56:19] <rob0> !loopback
[21:56:19] <knoba> rob0: "loopback" : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains
[21:58:16] <lunaphyte> !humpback
[21:58:17] <knoba> lunaphyte: Error: "humpback" is not a valid command.
[21:58:28] <lunaphyte> durn
[22:03:50] *** Skaag has joined #postfix
[22:04:03] <lunaphyte> i could go for a nap right now.
[22:04:34] *** bturnbull has joined #postfix
[22:16:42] <rob0> !nap
[22:16:43] <knoba> rob0: Error: "nap" is not a valid command.
[22:16:51] *** wsp4th has quit IRC
[22:18:06] *** xenoterracide has left #postfix
[22:21:41] *** stephan48 has quit IRC
[22:22:45] *** Zygo has quit IRC
[22:23:08] *** Zygo has joined #postfix
[22:28:38] *** internat has quit IRC
[22:28:45] *** Muhis has quit IRC
[22:30:40] *** pickcoder has joined #postfix
[22:38:25] <pickcoder> ugh.. snat is broken again for the newsletter
[22:40:12] *** webchaos has quit IRC
[22:40:25] *** webchaos has joined #postfix
[22:42:11] *** kmq has quit IRC
[22:45:09] *** Zeit|awy has joined #postfix
[22:46:15] <pickcoder> well it demonstrates that many servers are actually using SPF
[23:00:42] *** sadf has joined #postfix
[23:02:09] *** pingouin has quit IRC
[23:04:30] <seekwill> snat?
[23:04:49] <KB1JWQ> seekwill: Source NAT.
[23:04:57] <seekwill> oh
[23:06:14] *** cloxie has quit IRC
[23:06:55] *** Ryushin has quit IRC
[23:11:09] *** hever has quit IRC
[23:20:31] *** nb has joined #postfix
[23:22:02] *** hever has joined #postfix
[23:26:55] *** Zordrak_ has joined #postfix
[23:27:50] *** Guest39788 has joined #postfix
[23:28:59] *** MasterOne has quit IRC
[23:30:02] *** Muhis has joined #Postfix
[23:31:23] <KB1JWQ> I have a resume for someone I have to interview tomorrow.  They claim to know Postfix well.  What fun questions can I trap them with? :)
[23:31:55] <thumbs> KB1JWQ: ask them what an open relay is?
[23:32:01] <thumbs> perhaps that's too basic.
[23:32:03] <seekwill> To greylist or not greylist
[23:32:13] <KB1JWQ> thumbs: No, but it's a good "this interview is now over" question. :D
[23:32:18] <thumbs> yeah.
[23:32:23] <jeev> ask them if they've been in here and gotten harassed by thumbs before
[23:32:36] <KB1JWQ> Yeah, but those are email as a whole concepts.  I've only got about 15 minutes with the dude, I was hoping for something more postfix centric.
[23:32:55] <thumbs> oh, right.
[23:32:55] <seekwill> "Do you know who rob0 is?"
[23:33:03] <thumbs> seekwill: not useful
[23:33:08] <seekwill> False
[23:33:37] <seekwill> Skills are overrated. Interview for personality
[23:33:43] *** Muhis has quit IRC
[23:34:07] *** eanxgeek has quit IRC
[23:34:09] *** Muhis has joined #Postfix
[23:34:55] <seekwill> KB1JWQ: Maybe locations of log files?
[23:35:07] <KB1JWQ> seekwill: Too system dependant.
[23:35:26] <KB1JWQ> He was apparently running a farm on MacOS of all things...
[23:35:54] <thumbs> KB1JWQ: perhaps a question on virtual maps?
[23:36:13] <seekwill> KB1JWQ: He should know how to figure it out
[23:36:46] <KB1JWQ> Hmm.  "How do you generate a main.cf file for your running config?"
[23:39:22] *** Zordrak has quit IRC
[23:39:27] <Zerberus> KB1JWQ: "what are  best practices to fight spam, running postfix?" | "how would you realize a demand that a specfic sender domain can only reach a specific recipient domain?"
[23:41:17] *** cps0 has quit IRC
[23:41:30] *** Zeit|awy has quit IRC
[23:43:27] *** uqlev has joined #postfix
[23:48:23] *** Muhis has quit IRC
[23:50:27] <rob0> What is postconf -n?
[23:50:42] <rob0> virtual_maps is good
[23:51:17] <rob0> something about address classes ... perhaps the most common type of mistake is to confuse classes.
[23:52:21] <rob0> Zerberus: what kind of sender domain, AfriNIC or RIPE?
[23:52:44] <rob0> (attempted Grail reference might have fallen flat)
[23:54:00] <rob0> Seriously, what DO you mean by "sender domain"? That's a good question because it's ambiguous, and failure to recognize that would be a bad sign.
[23:55:00] <rob0> KB1JWQ: Want to interview me? I could be had for a reasonable rate, telecommuting.
[23:55:48] <KB1JWQ> rob0: I'd hire you in a heartbeat if we did that here.
[23:55:53] <seekwill> Who invented Postfix?
[23:56:25] *** LaLeche has joined #postfix
[23:56:37] <rob0> The first programmer was named Alfred E. Postfix.
[23:57:03] <rob0> Disappeared without a trace one day, and Wietse replaced him.
[23:57:27] <LaLeche> rob0, yeah, and the guy who invented the toilet was Thomas Crapper ;)
[23:57:35] <LaLeche> oh shit, that's right
[23:57:53] <LaLeche> :)
[23:58:55] *** pingouin has joined #postfix
[23:59:09] *** Zordrak has joined #postfix
[23:59:32] <rob0> KB1JWQ, I might relocate, at least temporarily.

   August 18, 2009  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >