August 22, 2009 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
August 22, 2009 [00:01:44] *** dragonheart has joined #postfix[00:02:07] *** gebi has quit IRC[00:02:13] *** tris has joined #postfix[00:04:41] *** AbsoluteBeginner has joined #postfix[00:13:18] *** tris has quit IRC[00:14:41] *** s0ber_ has joined #postfix[00:16:39] *** seekwill has quit IRC[00:20:44] *** nuonguy has joined #postfix[00:25:39] *** s0ber has quit IRC[00:30:24] *** war9407 has quit IRC[00:36:01] *** Muhis has quit IRC[00:37:56] *** tris has joined #postfix[00:42:58] *** uqlev has quit IRC[00:46:39] *** pickcoder has quit IRC[00:49:18] *** scan has joined #postfix[00:49:28] <scan> hello all of you[00:49:29] *** pingouin has joined #postfix[00:49:50] <scan> do i need a bunch off different things to have an eamil server up and running?\[00:50:18] <thumbs> !basic[00:50:19] <knoba> thumbs: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[00:50:22] <thumbs> scan: ^^[00:50:45] <pingouin> mail is not easy...[00:50:49] <rob0> First off, a clear goal. Next, a bunch of basic understanding. From then on, yes.[00:52:01] *** AbsoluteBeginner has quit IRC[00:52:41] <pingouin> baah baah bahhooohh , i'm an absolute beginner....[00:53:37] <scan> me 2[00:54:00] <pingouin> david bowie's song ;)[00:55:19] *** tris has quit IRC[00:56:24] <pingouin> aaah Patsy Kensit[00:57:12] <rob0> I would recommend that you guys focus on learning basics, then. Know your OS well, learn your way around the shell, learn IP networking basics ...[00:57:35] <jmedina> and how email works...[00:57:44] <pingouin> the basic postfix help page, is enough for me ;)[00:57:48] <jmedina> postfix is just a part of full solution[00:57:54] <pingouin> all i needed was explain on it[00:58:22] <rob0> Indeed, you can have a running Postfix while you learn all this stuff. I did![00:58:30] <pingouin> postfix/mutt/fetchmail/procmail work on my comp perfectly[00:59:03] <pingouin> my need was also very low, just a send to my ispn smtp[00:59:15] <jmedina> I dont like to recommend automagic solutions, but ubuntu server team did a great job with postfix-dovecot metapackage[00:59:41] <jmedina> just one command and there you go[01:00:07] <pingouin> mail to go[01:11:29] *** AndrewKT has joined #postfix[01:11:29] *** scan has quit IRC[01:12:18] *** tris has joined #postfix[01:14:40] *** jmedina has quit IRC[01:26:58] *** tris has quit IRC[01:28:21] *** tris has joined #postfix[01:34:43] *** tris- has joined #postfix[01:35:07] *** tris has quit IRC[01:36:09] *** tris- is now known as tris[01:38:33] *** andrewfree has joined #postfix[01:41:12] *** Vince42 has quit IRC[01:41:37] *** Vince42 has joined #postfix[01:50:51] *** andrewfree has quit IRC[01:51:15] *** Skaag has quit IRC[01:51:35] *** Skaag has joined #postfix[01:55:34] *** hparker has quit IRC[01:55:46] *** bturnbull has joined #postfix[01:56:28] *** clockspider has joined #postfix[01:59:17] *** mactimes_ has joined #postfix[02:10:28] *** gebi_ is now known as gebi[02:16:11] *** mactimes has quit IRC[02:16:37] *** Internat has quit IRC[02:17:10] *** Guest39788 has joined #postfix[02:18:05] *** bturnbull is now known as bturnbull_afk[02:27:08] *** Internat has joined #postfix[02:32:23] *** githogori_ has quit IRC[02:33:19] *** stephan48 has quit IRC[02:34:52] *** bturnbull_afk is now known as bturnbull[02:35:02] *** Zblakany has quit IRC[02:35:32] *** bjqrn has quit IRC[02:42:56] *** Vince42 has quit IRC[02:44:53] *** Vince42 has joined #postfix[02:46:06] *** Guest39788 has quit IRC[03:00:07] *** snooky has joined #postfix[03:14:02] *** pingouin has quit IRC[03:21:48] *** snooky has quit IRC[03:49:16] *** pingouin has joined #postfix[04:04:08] *** Guest39788 has joined #postfix[04:09:03] *** Motoko-chan has joined #postfix[04:10:35] *** master_of_master has quit IRC[04:13:23] *** master_of_master has joined #postfix[04:19:17] *** bluethundr has quit IRC[04:19:26] *** GoGi has joined #postfix[04:22:25] *** Internat has quit IRC[04:29:57] *** githogori_ has joined #postfix[04:44:20] *** GoGi has quit IRC[04:45:34] *** mactimes_ has quit IRC[04:45:47] *** mactimes has joined #postfix[04:46:15] *** pickcoder has joined #postfix[04:53:56] <pickcoder> what would you consider extremely high traffic for LMTP behind a Postfix server? I.E. what kind of message/minute delivery rate do you see on a regular basis?[05:00:38] <KB1JWQ> Not a clue, don't run it.[05:01:11] *** bturnbull has quit IRC[05:01:43] *** bturnbull has joined #postfix[05:07:02] <pickcoder> pffft[05:07:17] <pickcoder> I'm trying to determine the level of capacity in relation to real numbers[05:07:31] <pickcoder> my little server is hardly a good gauge[05:07:33] <pickcoder> I get mail from cron[05:07:35] <pickcoder> :)[05:11:05] <jeev> i get a decent amount[05:11:08] <jeev> 100 a minute i'd say[05:11:11] <jeev> mostly spam[05:11:30] <pickcoder> well I ran postal with 100 set for threads, recipients per connection, and messages per minute[05:12:09] <pickcoder> it immediately got 'limits reached' errors[05:12:45] <pickcoder> maybe I'm testing the hardness of a rock with C4...[05:12:53] <pickcoder> C-4 that is[05:15:52] <dragonheart> your master.cf file has limits for concurrency that can be raised if your nowhere near your cpu or io limits[05:16:07] <pickcoder> it's not postfix that's the problem[05:16:17] <pickcoder> I'm configuring an LMTP service for mail delivery from it[05:16:29] <pickcoder> s/configuring/developing[05:17:00] <jeev> truthfully i dont know the acronym to LMTP[05:17:33] <pickcoder> local mail transport protocol[05:17:49] <jeev> hmm[05:18:08] <pickcoder> main difference being that LMTP requies that you respond with recipient status codes for each recipient in an envelope, at the time of acceptance[05:18:18] <pickcoder> smtp can accept all or none and then bounce bad recipients[05:19:12] <pickcoder> I do not want to deal with bounce queueing and submission[05:19:53] <pickcoder> it also allows me to respond based on mailbox quotas and just not accept mail for one of several recipients in an envelope[05:19:58] <pickcoder> postfix handles the bounce for me[05:30:45] *** bturnbull is now known as bturnbull_afk[05:30:57] *** Slashman has quit IRC[05:40:15] *** jens_ has joined #postfix[05:40:16] *** shadow98 has joined #postfix[05:55:58] *** ppman has joined #postfix[05:56:40] <ppman> I'm currently migrating a server off of openldap, and postfix and mailman seem to be all that's left using ldap[05:56:51] <ppman> what's the alternative to ldap, and how do I migrate to that?[05:57:23] *** jense has quit IRC[05:58:07] <pickcoder> ppman: how else can you provide a recipient list?[05:58:37] <pickcoder> and/or domains[05:58:47] <ppman> there's got to be an alternative to ldap..[05:59:41] <pickcoder> sure, but how do you plan on storing the recipient/domain list?[06:00:05] <pickcoder> there's MySQL, NIS, hash files, system users[06:00:24] <ppman> either system users or mysql, ideally[06:01:00] <pickcoder> !mysql[06:01:00] <knoba> pickcoder: "mysql" : http://www.postfix.org/MYSQL_README.html is helpful in configuring postfix to talk to a mysql server.[06:01:45] <ppman> okay, but how do I move the ldap stuff into a mysql database?[06:01:48] <Dominian> !virtual[06:01:48] <knoba> Dominian: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html[06:02:07] <pickcoder> ppman: that's a question for a mysql and/or openldap channel[06:02:39] <ppman> I transferred all the posixusers and posixgroups already...[06:02:45] <ppman> I miagine there's more than that..[06:03:19] <pickcoder> I'm not sure why you're undoing an LDAP config[06:03:29] <pickcoder> it's one of the more sane approaches to centralized ident and auth[06:03:40] <ppman> the LDAP config was done in 2006 by an insane person[06:03:46] <pickcoder> so fix it?[06:03:59] <ppman> the owner of the server asked me to get rid of ldap[06:04:07] <ppman> there's only one server, btw.[06:04:13] <pickcoder> oh[06:04:23] <pickcoder> make them all system users then[06:04:25] <pickcoder> :)[06:04:40] <pickcoder> then you can tell the "owner" how to add/remove users and update aliases[06:09:27] *** ppman has left #postfix[06:21:49] *** pickcoder has quit IRC[06:22:22] *** shadow98 has quit IRC[06:54:26] *** Alagar has joined #postfix[07:04:56] *** mactimes has quit IRC[07:05:15] *** mactimes has joined #postfix[07:24:10] *** CrazyFoam has quit IRC[07:24:31] *** CrazyFoam has joined #postfix[07:35:43] *** shinao1 has joined #postfix[07:50:42] *** digitalmortician has quit IRC[07:52:20] *** gerhard7 has joined #postfix[07:57:35] *** Slashman has joined #postfix[08:05:15] *** pinoyskull has joined #postfix[08:32:50] *** Alagar has quit IRC[08:41:44] *** wdp has joined #postfix[08:58:11] *** pinoyskull has quit IRC[09:02:10] *** dragonheart has quit IRC[09:03:01] *** dragonheart has joined #postfix[09:13:33] *** hever has joined #postfix[09:17:00] *** denis has joined #postfix[09:29:03] *** wdp has quit IRC[09:29:18] *** wdp has joined #postfix[09:38:07] *** kfo_ has joined #postfix[09:44:06] *** wdp_ has joined #postfix[09:47:00] *** kfo has quit IRC[09:47:00] *** kfo_ is now known as kfo[09:52:27] *** Motoko-chan has quit IRC[09:55:32] *** war9407 has joined #postfix[10:02:15] *** wdp has quit IRC[10:17:29] *** loddafnir has joined #postfix[10:19:23] *** githogori_ has quit IRC[10:30:27] *** madrescher has joined #postfix[10:38:30] *** wdp_ has quit IRC[10:43:12] *** wdp has joined #postfix[10:44:03] *** wdp has quit IRC[10:44:11] *** paul-- has quit IRC[10:49:42] *** snooky has joined #postfix[10:50:27] *** wdp has joined #postfix[10:50:50] <snooky> hi all[11:04:36] *** wdp has quit IRC[11:06:48] *** wdp has joined #postfix[11:16:07] *** wdp has quit IRC[11:16:25] *** wdp has joined #postfix[11:21:00] *** sophokles has joined #postfix[11:37:07] *** wdp has quit IRC[11:47:17] *** madrescher has quit IRC[11:47:42] *** tjikkun has quit IRC[11:50:38] *** Filbert- has quit IRC[11:57:36] *** Filbert- has joined #postfix[12:00:20] *** stephan48 has joined #postfix[12:09:38] *** freaky|bday is now known as freaky[t][12:13:48] *** shinao1 has quit IRC[12:19:52] *** Skaag has quit IRC[12:20:11] *** Skaag has joined #postfix[12:22:41] *** carl- has joined #postfix[12:23:03] *** Zblakany has joined #postfix[13:07:17] *** Meliorator has quit IRC[13:14:31] *** wdp has joined #postfix[13:16:38] *** gerhard7 has quit IRC[13:18:36] *** kmq has joined #postfix[13:23:07] *** nuonguy has quit IRC[13:24:36] *** carl- has quit IRC[13:25:05] *** carl- has joined #postfix[13:50:53] *** gerhard7 has joined #postfix[13:58:01] *** snooky has quit IRC[13:58:11] *** mactimes has quit IRC[14:00:45] *** clockspider_ has joined #postfix[14:02:05] *** webchaos has joined #postfix[14:05:20] *** clockspider has quit IRC[14:13:43] *** webchaos has quit IRC[14:38:25] *** deface has quit IRC[15:06:33] *** pingouin has quit IRC[15:09:47] *** webchaos has joined #postfix[15:28:26] *** wdp_ has joined #postfix[15:31:42] *** bturnbull_afk is now known as bturnbull[15:33:35] *** madrescher has joined #postfix[15:37:48] *** wdp has quit IRC[15:37:50] *** wdp_ has quit IRC[15:38:31] *** wdp has joined #postfix[15:39:16] *** glamm has joined #postfix[15:39:22] *** dragonheart has quit IRC[15:39:24] *** glamm has left #postfix[15:40:17] *** AbsoluteBeginner has joined #postfix[15:54:18] *** pingouin has joined #postfix[15:56:59] *** gerhard7 has quit IRC[16:14:23] *** cloxie has joined #postfix[16:15:42] *** pinoyskull has joined #postfix[16:20:12] *** sadf has quit IRC[16:31:33] *** gerhard7 has joined #postfix[16:36:39] *** astinus has joined #postfix[16:38:26] *** SuperRoach has joined #postfix[16:39:21] <SuperRoach> Hello, I'm setting up postfix using a tutorial that used webmin. Part of it mentions to use mail as a command to test it works. This command isn't there. Is mail fine to get?[16:40:47] <rob0> Followed you, right up to the last part, "Is mail fine to get?"[16:42:13] *** cbsd has joined #postfix[16:42:13] <rob0> mail(1) is usually BSD mailx, and it's a very minimal MUA. I would recommend testing with something like thunderbird, which actually uses SMTP.[16:42:28] *** AbsoluteBeginner has quit IRC[16:45:42] <cbsd> Hi, im using postfix under OpenBSD i the use of postfix will be only from some local networks added on my_networks, how can i do it for postfix to only accept incoming and outgoin mail from on internal domain, for example my.private.domain that would be $myhostname for the postfix machine[16:46:07] <SuperRoach> sorry rob0. I'm talking from the server end. I wanted to send a test email from the server itself to see if the config works. (running a debian server)[16:51:32] <rob0> SR, it's not a complete test. It only tests sendmail(1) and smtp(8) (outbound).[16:52:13] *** burnersk has joined #postfix[16:52:24] <rob0> Anyway, perhaps what you're asking (I still don't know!) is better suited for #debian?[16:52:45] *** paulez has quit IRC[16:55:11] *** Meliorator has joined #postfix[17:13:08] *** adaptr has quit IRC[17:14:18] *** adaptr has joined #postfix[17:15:37] *** bturnbull has left #postfix[17:16:09] *** pinoyskull- has joined #postfix[17:18:09] *** fabounio has joined #postfix[17:19:51] *** kmq has quit IRC[17:24:51] *** felix_da_catz has quit IRC[17:25:11] *** felix_da_catz has joined #postfix[17:33:21] *** pinoyskull has quit IRC[17:36:05] *** Fallenou has joined #postfix[17:49:35] *** rcsu has joined #postfix[17:56:47] *** pingouin has quit IRC[18:02:16] *** Fallenou has quit IRC[18:03:33] *** vys has joined #postfix[18:07:21] *** webchaos has quit IRC[18:07:38] *** webchaos has joined #postfix[18:10:34] *** muh2000 has quit IRC[18:11:54] *** dalurka has quit IRC[18:18:25] *** Meliorator has quit IRC[18:27:30] *** fabounio has quit IRC[18:28:45] *** fabounio has joined #postfix[18:30:24] *** webchaos has quit IRC[18:30:42] *** glamm has joined #postfix[18:44:10] *** GoGi has joined #postfix[18:55:10] *** Meliorator has joined #postfix[18:55:31] *** hark is now known as hark_[19:02:31] *** hever has quit IRC[19:03:00] *** hever has joined #postfix[19:08:27] *** vys has quit IRC[19:08:48] *** vys has joined #postfix[19:18:19] *** adaptr has quit IRC[19:34:00] <cbsd> hi[19:34:03] *** arnee has joined #postfix[19:34:04] <cbsd> someone up?[19:34:33] <cbsd> i keep on getting this on logs Recipient address rejected: User unknown in local recipient table;[19:34:47] <cbsd> and i got the user added on vmailbox[19:35:02] <cbsd> virtual_mailbox_maps = hash:/etc/postfix/vmailbox[19:35:10] <cbsd> any idea[19:35:14] *** githogori_ has joined #postfix[19:35:23] *** arnee has quit IRC[19:35:30] <rob0> Seems like I gave you the !unknown_local factoid yesterday.[19:35:35] *** arnee has joined #postfix[19:35:42] <rob0> !unknown_local[19:35:42] <knoba> rob0: "unknown_local" : User unknown in local recipient table means that the recipient domain was found in $mydestination but the username was not found in local_recipient_maps (by default: users in /etc/passwd and aliases(5) in /etc/aliases).[19:36:50] <cbsd> the user im sending mail is on /etc/aliases root: user at my dot domain.org[19:38:32] <rob0> Seems like I gave you the !welcome factoid two days ago. Failure/inability to follow instructions means you cannot do this, and I won't try to help.[19:39:22] *** gerhard7 has quit IRC[19:39:46] <cbsd> if u dont wanna help dont do it, but there's more people on the chan that might help[19:44:00] *** webchaos has joined #postfix[19:48:40] *** SuperRoach has quit IRC[19:53:50] <cbsd> i solve the problem :)[19:55:07] <cbsd> but i have define on main.cf virtual_mailbox_base = /var/vmail but the mail im getting is saved on /var/mail and nothing on /var/vmail on the maillog i got no errors or nothing, any idea?[19:57:47] *** SARGuy has joined #postfix[19:58:21] *** SARGuy has left #postfix[20:00:35] *** Southron has joined #Postfix[20:00:47] *** Meliorator has quit IRC[20:03:02] *** Meliorator has joined #postfix[20:03:34] *** Meliorator has quit IRC[20:04:24] *** Meliorator has joined #postfix[20:04:43] *** burnersk has quit IRC[20:11:23] *** magyar has quit IRC[20:12:38] *** pinoyskull- has quit IRC[20:15:16] *** adaptr has joined #postfix[20:23:18] *** sudoer has left #postfix[20:25:55] *** hever has quit IRC[20:26:32] *** hever has joined #postfix[20:32:47] *** magyar has joined #postfix[20:37:07] *** cbsd2 has joined #postfix[20:37:07] *** cbsd has quit IRC[20:37:31] *** cbsd2 is now known as cbsd[20:39:47] *** pingouin has joined #postfix[20:49:06] <cbsd> postfix/trivial-rewrite[31244]: warning: do not list domain my.personal.domain in BOTH mydestination and virtual_mailbox_domains[20:51:20] <cbsd> on my destination i got mydestination = $myhostname, localhost[20:51:20] <cbsd> and on virtual_mailbox_domains = $myhostname[20:51:37] <cbsd> why do i keep getting that warning then?[20:53:14] <Zerberus> cbsd: check where $myhostname is listed[20:53:31] <Zerberus> it is so obvious[20:54:14] <cbsd> myhostname = my.personal.domain[20:54:34] <Zerberus> mydestination = $myhostname, localhost[20:54:36] <cbsd> o[20:54:37] <Zerberus> virtual_mailbox_domains = $myhostname[20:54:39] <cbsd> i see[20:55:03] <cbsd> so i have to take off $myhostname from mydestination and just keep it on virtual_mailbox_domains right[20:55:05] <cbsd> ?[20:55:26] <Zerberus> if you prefer to use virtual rather than local[20:57:21] <cbsd> Zerberus: i just want leave this for internal email only my.personal.domain to send and accept nothing else, what i wanna manage virtual are users[20:57:25] <cbsd> what do u recommend[20:58:19] <Zerberus> sorry, don't understand what you want to achieve[21:00:16] <cbsd> Zerberus: im on a LAN and i want to keep postfix for accept incoming and outgoing mail only from one domain that is local lets say cbsd.domain.org and i want to manage users not adding users on the server machine i wanna manage that virtual or using db[21:00:26] *** UdontKnow has quit IRC[21:03:28] *** mwalling has joined #postfix[21:06:02] <cbsd> Zerberus: look lets say i got some lans 10.0.0.0/24 20.0.0.0/24 192.168.1.0/24 192.168.6.0/24 and those lans i want to permit to send mail only to a specific domain my.personal.domain only from those networks, but i dont want to adduser username on the nix machine with postfix i want to create virtual users only that[21:06:41] *** clockspider_ has quit IRC[21:07:20] *** mwalling has left #postfix[21:07:22] *** wdp has quit IRC[21:07:36] <Zerberus> cbsd: that is a question?[21:07:42] *** wdp has joined #postfix[21:08:06] <cbsd> is just to train to xplain what im trying to do[21:08:16] <cbsd> english is not my native lang im sorry[21:08:16] <Zerberus> cbsd: please read about smtpd_*_restrictions and the doc part explaining a virtual setup[21:08:18] *** clockspider_ has joined #postfix[21:08:25] <cbsd> ok[21:26:51] *** carl- has quit IRC[21:28:06] <cbsd> Zerberus now it work[21:28:18] <cbsd> after i readed about those topics[21:28:20] <cbsd> =)[21:28:51] *** vys has quit IRC[21:29:03] <Zerberus> good :)[21:29:59] *** battor has joined #postfix[21:30:03] <cbsd> Zerberus: one question is there a way to avoid postfix to give help information or server information if a person try to get it using telnet or any other tool[21:30:05] <cbsd> ?[21:30:16] <battor> hi[21:30:32] <adaptr> cbsd: don't screw with the RFCs[21:30:34] <Zerberus> cbsd: why do you care about that?[21:30:39] <adaptr> or go work for MS[21:31:16] <battor> i use postifx alias fuction, but i want change recipient to in header to real recipient; can you help e ?[21:31:36] <cbsd> Zerberus: i just dont want any user to get some kind of info from the server in this case from postfix[21:31:40] <adaptr> !canonical_maps[21:31:41] <knoba> adaptr: "canonical_maps" : a configuration parameter in the main.cf: Optional address mapping lookup tables for message headers and envelopes. The mapping is applied to both sender and recipient addresses, in both envelopes and in headers. This is typically used to clean up dirty addresses from legacy mail systems, or to replace login names by Firstname.Lastname. The table format and lookups are documented in (1 more message)[21:31:52] <adaptr> cbsd: don't screw with the RFCs[21:32:07] <cbsd> why adaptr?[21:32:13] <battor> thanks, I will look it[21:32:13] <adaptr> ...because you have to ask ?[21:32:15] <Zerberus> cbsd: what do you think you would gain from that?[21:32:31] <adaptr> cbsd: any public MTA is *required* to respond to the HELP command with its server capabilities[21:33:00] <cbsd> adaptr: this will be private no internet[21:33:03] <adaptr> that's in the RFCs[21:33:09] <adaptr> "private" how ?[21:33:13] <adaptr> probably not[21:33:26] <cbsd> i mean only some local lan will have access[21:33:49] <adaptr> then even more so - why do you care ?[21:33:51] <cbsd> this will only send mail to one local domain and nothing else[21:34:00] <cbsd> paranoid security maybe[21:34:02] <cbsd> xD[21:34:06] <adaptr> and.. what will it do with all other mail ?[21:34:22] <cbsd> no other mail is allow to come in or out[21:34:32] *** nuonguy has joined #postfix[21:34:33] <adaptr> so it's not a very useful mail server[21:34:41] <cbsd> is private use[21:34:44] <cbsd> =)[21:34:50] <adaptr> that is not the same thing[21:34:56] <adaptr> at all[21:36:20] <cbsd> well the idea is only to accept and recive mail from one host and this will be local[21:36:22] <cbsd> no wan[21:36:48] <adaptr> that's... silly[21:36:59] <adaptr> why bother setting up an MTA at all[21:45:26] *** battor has quit IRC[21:53:51] *** mactimes has joined #postfix[22:01:41] <rob0> adaptr, "HELP" : 502 5.5.2 Error: command not recognized[22:02:05] <adaptr> rob0: that's just your server :P[22:02:07] <rob0> mail_version = 2.6.0-RC2[22:02:23] <adaptr> yes, fuck me, whatever command it is[22:02:27] <adaptr> it's RFC-required, now go away[22:02:34] <rob0> yeah, I should upgrade, but it's not receiving mail from the world[22:03:20] <rob0> maybe you're thinking EHLO?[22:07:00] <adaptr> yeah, probably[22:07:15] <adaptr> and since that's not required... bleh[22:09:08] <cbsd> is there any way for example if i do a telnet host 25 and i write EHLO HELP i get some info, is there a way to deny that info?[22:12:03] <adaptr> !smtpd_discard_ehlo_keywords[22:12:04] <knoba> adaptr: Error: "smtpd_discard_ehlo_keywords" is not a valid command.[22:12:07] <adaptr> yes it is![22:12:12] <adaptr> drat you knoba[22:12:35] <adaptr> anyway, that allows you to remove keywords from the response[22:12:55] <adaptr> mind you they won't actually be disabled, just not advertised[22:13:10] <adaptr> each one has specific options to disable[22:13:17] <cbsd> nice :)[22:13:38] <rob0> Also, simply not supporting a certain feature removes it from EHLO response. :)[22:13:49] <adaptr> I wasn't going to mention that as being too obvious[22:14:21] <adaptr> if he then said "yes of course that's obvious!" I would be devastated and my weekend ruined[22:14:47] <rob0> I think according to the ESMTP standards, a feature not mentioned in the EHLO response will not be attempted by the client. So it should amount to the same thing, unless the client disregards standards.[22:15:05] <adaptr> cough MS cough[22:24:06] *** mactimes has quit IRC[22:26:32] *** Niemi has quit IRC[22:29:10] *** arnee has quit IRC[22:39:42] *** hever has quit IRC[22:41:36] <cbsd> one more question, is there a way to check the mail from: to allow mail from only one domain and reject everyother domain?[22:47:01] <Zerberus> !check_sender_access[22:47:02] <knoba> Zerberus: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.[22:48:26] <adaptr> it is however obviously unreliable[22:48:50] <cbsd> smtpd_sender_restrictions = check_client_access hash:/etc/postfix/myclients[22:48:54] <cbsd> if i add that[22:49:04] *** magyar has quit IRC[22:49:12] <cbsd> the sender will check myclients if is not on myclients wont allow it right[22:49:13] <cbsd> '[22:49:14] <cbsd> ?[22:49:24] *** Southron has quit IRC[22:49:33] *** Southron has joined #Postfix[22:53:36] *** sep has quit IRC[23:00:00] <adaptr> cbsd: no, double fail[23:01:33] *** pingouin has quit IRC[23:02:57] <cbsd> =/[23:03:06] <cbsd> what will that do then adaptr[23:03:51] <adaptr> it will validate the client's host at the sender (mail from) verification stage[23:04:11] <adaptr> neither of which looks like what you asked[23:04:40] <adaptr> you need to read back what people have been telling you[23:04:43] <rob0> What is this, with adaptr being the nice guy, and me being the big meanie?[23:04:47] <rob0> ah that's better :)[23:04:54] <adaptr> you knew it was coming[23:04:59] <rob0> yes I did[23:05:19] <adaptr> we should have some beers - I will bring all my friend[23:06:05] <rob0> Me too. Bringing friends is easy, since I have none. :)[23:07:35] <thumbs> rob0: lies[23:08:16] <adaptr> if you don't sit on his thumbs, I will[23:11:28] *** Zeit|awy has joined #postfix[23:13:22] *** uqlev has joined #postfix[23:27:18] *** dragonbyte has joined #postfix[23:30:59] <dragonbyte> I have a spam scanner setup as my MX record that forwards into an internal mailserver. This seems to work fine.[23:31:10] <adaptr> great![23:31:12] <adaptr> bye[23:31:18] <dragonbyte> However, when the internal mail server tries to relay email outwards through that same server it fails getting relay access denied[23:31:43] <adaptr> why does it try to relay mail through the spam scanner ?[23:32:04] <dragonbyte> basically I am using the spam scanner as a mail gateway[23:33:21] <rob0> !relay_denied[23:33:23] <knoba> rob0: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or (1 more message)[23:33:27] <rob0> !welcome[23:33:28] <knoba> rob0: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[23:34:36] <dragonbyte> disregard[23:34:54] <adaptr> what, you ?[23:34:57] <adaptr> we can do that[23:35:06] <dragonbyte> i am using client/helo/sneder/recipient restrictions individually[23:35:09] *** denis has quit IRC[23:35:40] <dragonbyte> so it was getting hung up in one of the categories that didn't have a permit_mynetworks statement[23:36:27] <adaptr> a mail relay should always have permit_mynetworks set for all incoming traffic[23:36:27] *** Skaag has quit IRC[23:36:33] <adaptr> or else it isn't a mail relay[23:36:42] <adaptr> it's a fuckery waiting to occur[23:36:43] *** Skaag has joined #postfix[23:36:44] <dragonbyte> well it had that for the client and helo sections[23:36:57] <dragonbyte> didn't have that in the sender or recipient restriction sections[23:37:01] <rob0> We often recommend keeping all restrictions under smtpd_recipient_restrictions -- easier to follow and maintain.[23:37:30] <dragonbyte> that was my next question :)[23:38:00] <dragonbyte> i know some of the various restrictions only apply in certain contexts, but do they all work the same if you just put them all in the recipient restrictions section?[23:38:12] <adaptr> the purpose of having separate restriction sections is to be able to control hoow soon they are dropped or refused[23:38:29] <adaptr> but the advantage of putting everything under recipient is that as much as possible will be logged[23:38:36] <adaptr> IFF you have delay_reject set[23:38:40] <rob0> VERY FEW restrictions do not work in smtpd_recipient_restrictions ... the only one I can think of would be reject_unauth_pipelining.[23:39:10] <rob0> right, don't change the default for smtpd_delay_reject[23:39:16] <adaptr> rob0: there are very valid exceptions - say, if you want to use two different sets of restrictions one after the other, because outside of using the sections, there is no way to ORDER or REPEAT them[23:39:19] *** uqlev has quit IRC[23:39:45] <adaptr> say you want to DUNNO a whitelist and them REJECT a blackjlist[23:39:46] <dragonbyte> so basically it depends on what you want out of it as to how to arrange the rules[23:39:57] <adaptr> it depends on how complicated you want to make it, yes[23:40:05] *** pingouin has joined #postfix[23:40:12] <adaptr> for extra fun, refer a map to mysql and insert maps in the mysql map[23:40:19] <adaptr> or regexen[23:40:33] <rob0> or even MORE fun, use a pgsql map![23:40:43] <adaptr> ....why ?[23:40:46] <dragonbyte> rbl in client restrictions prevents them from wasting bandwidth at the cost of losing the extra logging and slightly more complex maintenance[23:41:04] <dragonbyte> is that correct?[23:41:07] <adaptr> dragonbyte: "wasting bandwidth", sure...[23:41:22] <adaptr> the logging more than makes up for the few 100 bytes you accept[23:41:36] <adaptr> and since you ACCEPT them, there is no way you can refuse incoming traffic anyway[23:41:41] <rob0> pgsql has more data types, like for example, doing a check_client_access, you can refer to a cidr table in pg.[23:41:53] <dragonbyte> so what is the benefit to not just having them all in recipients?[23:41:56] <adaptr> any spammer that ignores RFC behaviour can override whatever you do[23:42:16] <adaptr> dragonbyte: I already said that - complex combinations of SEQUENCED rules that are simply not possible in one section[23:42:36] <rob0> The bandwidth waste is minimal, amounts to one TCP packet in and one out, generally.[23:42:46] <adaptr> say, refer to one map in client_ and another in recipient_[23:42:58] <adaptr> both checking *client* access[23:43:35] <adaptr> rob0: isn't client check done at TCP connect ?[23:43:57] <adaptr> so.. wait a bit, EHLO, MAIL FROM, RCPT TO - probably more than one packet[23:44:01] <adaptr> but no more than 3, ever[23:44:12] *** hever has joined #postfix[23:44:15] <rob0> Also, rbl lookups in smtpd_client_restrictions with smtpd_delay_reject=no, you cannot use that smtpd for AUTH clients. (Shouldn't be a problem if your users are on 587, of course.)[23:44:44] <rob0> adaptr, typically pipelined.[23:45:01] <adaptr> is this implied by all modern clients and MTAs ?[23:45:05] <rob0> but sure, it could be 3 each way.[23:45:17] <adaptr> i.e. ius it a default nowadays, without waiting for EHLO ?[23:45:30] <adaptr> or is pipelinging an ESMTP req[23:45:45] <rob0> pipelining is ESMTP, but not required.[23:46:03] <adaptr> but it's an assumed default, if the client starts using it anyway ?[23:46:45] <dragonbyte> ARG wtf...[23:46:47] <dragonbyte> new problem[23:46:58] <rob0> If a client pipelines without saying EHLO or without waiting for the EHLO reply, that's what reject_unauth_pipelining nails.[23:46:58] <dragonbyte> it accepts and attempts to relay now...and errors out with "too many hops"[23:47:08] <rob0> !too_many_hops[23:47:08] <knoba> rob0: "too_many_hops" : In brewing, it means you should add more barley. In Postfix it means you have a mail routing loop. No machine in the loop considers itself the final destination for the looping mail.[23:47:43] <rob0> (And each machine in the loop thinks it should pass to the other.)[23:47:53] <dragonbyte> hrm[23:48:01] <adaptr> !loopback[23:48:01] <knoba> adaptr: "loopback" : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains[23:48:10] <adaptr> that's the minimum case[23:48:21] <dragonbyte> ok I have 3 domains inbound foo.com/.net/.org[23:48:35] <dragonbyte> i have relay_domains = foo.com, foo.net, foo.org[23:49:01] <dragonbyte> what should I be using to tell it to relay those domains inward[23:49:08] <dragonbyte> and any other domain outward[23:49:20] <adaptr> !relay_domains[23:49:21] <knoba> adaptr: "relay_domains" : A configuration parameter in the main.cf: What destination domains (and subdomains thereof) this system will receive mail for and will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter. See also !address_classes[23:49:40] <rob0> Typically with relay_domains, one will need transport_maps.[23:49:51] <adaptr> full system behaviour is typically a combination of several different options[23:49:51] <rob0> !standard[23:49:52] <knoba> rob0: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html[23:50:04] <dragonbyte> well I suspect my relayhost is what is breaking me[23:50:19] <adaptr> e.g., with this use of relay_domains, you need AT LEAST one mention of reject_unauth_destination in a restriction[23:50:39] <adaptr> relayhost has nothing to do with relay_domains[23:50:48] <dragonbyte> yeah..am noticing that[23:51:04] <dragonbyte> trusted that config from another source without reading it heh[23:51:46] <dragonbyte> so which config tells it where to relay the mail in relay_domains?[23:52:18] <dragonbyte> relay_transport = <X> correct?[23:53:58] <rob0> not[23:54:03] <rob0> !relay_transport[23:54:03] <knoba> rob0: "relay_transport" : a configuration parameter in the main.cf: The default mail delivery transport and next-hop information for domains that match the $relay_domains parameter value. This information can be overruled with the transport(5) table.[23:54:30] <rob0> well, perhaps, if they're all the same[23:54:48] <rob0> !transport_maps[23:54:48] <knoba> rob0: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[23:56:26] *** higuita has joined #postfix[23:57:17] <adaptr> dragonbyte: relay_domains doesn't say WHERE to relay anything[23:57:29] <adaptr> it tells postfix WHAT domains to relay mail for