September 2, 2010 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
September 2, 2010 [00:03:21] *** HarryS has joined #postfix[00:03:21] *** shal3r has quit IRC[00:09:24] *** HarryS has quit IRC[00:09:54] *** uqlev has quit IRC[00:10:56] *** jangell has quit IRC[00:12:06] *** Section1 has quit IRC[00:15:28] *** brancaleone has quit IRC[00:25:14] *** superbofh has quit IRC[00:33:21] *** HarryS has joined #postfix[00:35:52] *** untagged has quit IRC[00:39:35] *** HarryS has quit IRC[01:03:24] *** HarryS has joined #postfix[01:06:00] *** hitz_ has quit IRC[01:08:31] *** leroux has quit IRC[01:09:16] *** HarryS has quit IRC[01:18:18] *** kisisten is now known as magyar[01:22:52] *** pyco has quit IRC[01:23:34] *** kooll has quit IRC[01:25:49] *** felipe` has quit IRC[01:43:14] *** Vivek has quit IRC[01:45:24] *** loddafnir has quit IRC[02:05:14] *** HarryS has joined #postfix[02:06:06] *** hever has joined #postfix[02:11:31] *** HarryS has quit IRC[02:25:31] *** BlackBishop has left #postfix[02:35:17] *** HarryS has joined #postfix[02:41:22] *** HarryS has quit IRC[02:41:36] *** pyco has joined #postfix[02:43:07] *** koollman has joined #postfix[02:44:00] *** todd_dsm has quit IRC[02:44:56] *** jtgiri_ has quit IRC[02:54:03] *** bluethundr has quit IRC[02:55:37] *** todd_dsm has joined #postfix[03:03:27] *** robotarmy has quit IRC[03:05:19] *** HarryS has joined #postfix[03:11:17] *** HarryS has quit IRC[03:16:39] *** roobs has left #postfix[03:35:15] *** HarryS has joined #postfix[03:41:27] *** HarryS has quit IRC[03:46:08] *** _neorise-rider_ has quit IRC[03:49:19] *** tharkun has joined #postfix[04:05:19] *** HarryS has joined #postfix[04:11:48] *** HarryS has quit IRC[04:14:00] *** hever has quit IRC[04:17:17] *** Alagar has joined #postfix[04:29:36] *** hever has joined #postfix[04:35:15] *** HarryS has joined #postfix[04:37:22] *** pyco has quit IRC[04:38:33] *** koollman has quit IRC[04:39:44] *** tharkun has quit IRC[04:41:53] *** HarryS has quit IRC[04:45:00] *** grobe0ba is now known as grobe0ba|away[04:46:22] *** LowKey has quit IRC[04:52:42] *** pyco has joined #postfix[04:56:29] *** koollman has joined #postfix[04:58:34] *** rajijoom has joined #postfix[05:05:19] *** HarryS has joined #postfix[05:06:31] *** hever has quit IRC[05:11:19] *** HarryS has quit IRC[05:14:42] *** MAAAAAD has quit IRC[05:18:25] *** jtgiri_ has joined #postfix[05:27:44] *** jangell has joined #postfix[05:28:05] *** lepine has quit IRC[05:28:24] *** MAAAAAD has joined #postfix[05:28:30] *** lepine has joined #postfix[05:35:16] *** HarryS has joined #postfix[05:41:28] *** HarryS has quit IRC[05:48:09] *** jangell has quit IRC[05:56:00] *** jtgiri_ has quit IRC[05:57:40] *** Zelest has quit IRC[05:57:42] *** jtgiri_ has joined #postfix[05:57:45] *** Zelest has joined #postfix[05:58:12] *** _nalle has quit IRC[05:58:32] *** jtgiri_ has quit IRC[05:58:50] *** _nalle has joined #postfix[06:00:52] *** jtgiri_ has joined #postfix[06:03:33] *** jtgiri_ has quit IRC[06:05:20] *** HarryS has joined #postfix[06:10:35] *** jtgiri_ has joined #postfix[06:11:31] *** HarryS has quit IRC[06:13:34] *** jtgiri_ has quit IRC[06:23:31] *** uqlev has joined #postfix[06:26:31] *** pinoyskull has joined #postfix[06:35:24] *** HarryS has joined #postfix[06:38:57] *** JoKoT3 has quit IRC[06:41:14] *** HarryS has quit IRC[06:41:48] *** jtgiri_ has joined #postfix[06:50:47] *** bhagat has joined #postfix[07:05:21] *** HarryS has joined #postfix[07:11:10] *** HarryS has quit IRC[07:25:56] *** henriknj has joined #postfix[07:37:38] *** echelog has joined #postfix[07:38:47] *** uqlev has quit IRC[07:40:00] *** jtgiri_ has quit IRC[07:40:06] *** HarryS has quit IRC[07:46:20] *** henriknj has quit IRC[07:48:09] *** henriknj has joined #postfix[07:49:12] *** kenyon has quit IRC[07:50:15] *** jangell has joined #postfix[07:54:57] *** kenyon has joined #postfix[07:57:26] *** tris has quit IRC[08:00:26] *** tris has joined #postfix[08:04:41] *** googlah has joined #postfix[08:05:21] *** HarryS has joined #postfix[08:06:20] *** kenyon has quit IRC[08:10:06] *** HarryS has quit IRC[08:10:21] *** kenyon has joined #postfix[08:11:47] *** tjikkun has quit IRC[08:28:37] *** henriknj has quit IRC[08:29:25] *** madduck has quit IRC[08:29:46] *** grobe0ba|away is now known as grobe0ba[08:30:12] *** 18VABF756 has joined #postfix[08:32:02] *** tjikkun has joined #postfix[08:32:24] *** 18VABF756 is now known as madduck[08:32:39] *** madduck has quit IRC[08:32:39] *** madduck has joined #postfix[08:35:22] *** HarryS has joined #postfix[08:40:06] *** HarryS has quit IRC[08:46:54] *** rajijoom has quit IRC[08:52:34] *** f3ew has quit IRC[08:52:45] *** weedar has joined #postfix[08:52:54] *** kaushal has joined #postfix[08:53:08] <kaushal> hi[08:54:30] <kaushal> I am configured SMTP-AUTH and TLS with postfix[08:55:03] <kaushal> i still get relay access denied[08:55:14] <kaushal> I can see it in telnet command too[08:55:35] <kaushal> telnet 0 25 250-STARTTLS 250-AUTH PLAIN LOGIN[08:55:40] <kaushal> Please guide[08:56:06] <kaushal> shall i pastebin the configs ?[09:05:22] *** HarryS has joined #postfix[09:07:05] <Aprogas> Yes.[09:07:25] *** f3ew has joined #postfix[09:07:30] *** cilly has joined #postfix[09:08:21] <kaushal> Aprogas, please give me a moment[09:09:05] *** Jippi_moc has quit IRC[09:09:14] *** henriknj has joined #postfix[09:09:41] <kaushal> Aprogas, http://pastie.org/private/ru6brbdfgedtktnztsozq --> main.cf[09:09:53] <Aprogas> If you can use sectioning within the same pastie.[09:10:04] <Aprogas> Also use postconf -n instead of main.cf[09:10:06] *** HarryS has quit IRC[09:10:09] <Aprogas> pastie lets you edit[09:10:10] <kaushal> ok[09:10:53] <kaushal> shall i pastebin the output of postconf -n ?[09:11:46] <Aprogas> In pastie, yes, and section it with "## postconf -n", also paste relevant logs, master.cf if relevant, any included files if relevant.[09:11:58] <kaushal> sure[09:12:46] <Aprogas> http://pastie.org/private/w93tv2bb7yrb8suyjqkqmq make it look like that[09:13:14] *** Wilkins has joined #postfix[09:13:32] <kaushal> ok[09:13:59] *** cga has joined #postfix[09:16:46] <kaushal> Aprogas, http://pastie.org/1133252[09:19:04] <Aprogas> I don't see any logs by cyrus or dovecot; are you sure you configured those correctly?[09:19:43] <kaushal> I have just configured postfix with SMTP-AUTH and tls[09:20:03] <Aprogas> You need to configure the SASL backend too.[09:20:08] <Aprogas> !tell kaushal sasl[09:20:08] <knoba> kaushal: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[09:22:03] *** technoid_ has joined #postfix[09:22:32] <kaushal> Aprogas, ol[09:22:34] <kaushal> ok*[09:23:35] <kaushal> what part i need to look at ?[09:23:46] <kaushal> I mean what i am missing ?[09:24:43] <Aprogas> You must choose either Dovecot or Cyrus; and then look at the part to configure that.[09:25:07] <kaushal> ok[09:25:30] <Aprogas> Are you also going to use SASL to login to a relayhost?[09:25:50] <kaushal> nope[09:26:07] <kaushal> Aprogas, basically I am configuring wikipedia[09:26:18] <Aprogas> I don't follow.[09:27:08] <kaushal> I am using postfix to send emails to new users registering in wikipedia[09:28:45] <Aprogas> Why do you need SASL?[09:28:58] <Aprogas> Just sending mails can be done with a nullclient.[09:29:29] <kaushal> ok[09:29:41] <Aprogas> Who were you expecting would login via SASL?[09:31:13] <kaushal> Aprogas, I am following https://help.ubuntu.com/community/Postfix[09:31:36] <Aprogas> !tell kaushal tutorial[09:31:36] <knoba> kaushal: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their server w/out reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to find hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.[09:31:39] <Aprogas> !tell kaushal nullclient[09:31:40] <knoba> kaushal: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[09:31:44] <_ruben> i figured wikipedia to already have a decent mailing environment[09:35:28] *** HarryS has joined #postfix[09:35:47] *** jtgiri_ has joined #postfix[09:39:22] *** jtgiri_ has quit IRC[09:40:06] *** JoKoT3 has joined #postfix[09:40:20] *** jtgiri_ has joined #postfix[09:41:19] <kaushal> _ruben, hi[09:41:27] <kaushal> i used now dovecot[09:41:31] <kaushal> sasl[09:41:41] <KTL> the "proper way" is a bit resourc-intensive ...[09:41:47] *** HarryS has quit IRC[09:42:44] <Aprogas> kaushal: Who is going to login to your mailserver?[09:43:37] *** jtgiri_ has quit IRC[09:44:08] <kaushal> Aprogas, pardon i did not understand[09:45:46] <Aprogas> SASL is for making people login to your mailserver; why are you setting up SASL?[09:46:33] <kaushal> wikipedia users[09:47:21] <kaushal> Aprogas, sorry[09:47:24] <kaushal> I got it now[09:47:37] <kaushal> so i need to configure postfix as null client[09:47:54] <kaushal> that way it will send email to the newly registered users[09:48:06] <Aprogas> You don't even need Postfix as a nullclient.[09:48:10] <kaushal> whenever they register in the wikipedia[09:48:10] <Aprogas> !tell kaushal nullclient_software[09:48:10] <knoba> kaushal: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include esmtp, ssmtp and nullmailer. also see !msa[09:48:27] <Aprogas> When you say Wikipedia, do you mean your local MediaWiki installation?[09:48:49] <kaushal> on the remote server[09:48:59] <Aprogas> I think Wikipedia already sends emails to new registered users.[09:49:17] <kaushal> ok[09:50:37] <kaushal> Mailer returned: Failed to connect to li195-33.members.linode.com:25 [SMTP: Failed to connect socket: Connection refused (code: -1, response: )][09:50:56] <kaushal> so i have stopped postfix[09:51:01] <Aprogas> Which software produces that error?[09:51:07] <kaushal> wikipedia[09:51:24] <kaushal> shall i pastebin the url ?[09:51:28] <Aprogas> Yes.[09:51:43] <kaushal> https://178.79.139.33/mediawiki/index.php?title=Special:UserLogin&returnto=Special:UserLogout[09:53:58] <Aprogas> I am starting to understand now.[09:54:47] <kaushal> Aprogas, if i comment #mynetworks it perfectly works fine[09:54:55] <kaushal> but its not secure[09:55:08] <Aprogas> I think MediaWiki has a built-in nullclient by default.[09:55:17] <Aprogas> http://www.mediawiki.org/wiki/Manual:$wgSMTP[09:55:36] <Aprogas> But it may be possible for you to just configure the mailserver of your Internet provider there, and login with your information.[09:55:56] <Aprogas> That way your MediaWiki can send email through their mailserver, and you don't need to run a mailserver yourself.[09:56:18] <kaushal> yes if its ISP[09:56:39] <kaushal> I want to run mailserver on my box[09:57:10] <Aprogas> !tell kaushal why[09:57:10] <knoba> kaushal: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[09:59:21] <kaushal> Aprogas, ok[09:59:41] <kaushal> I am very close to my objective[09:59:43] <Aprogas> If you really must insist on using Postfix as a nullclient, don't use a complicated tutorial to set it up.[09:59:57] <Aprogas> !tell kaushal basic[09:59:57] <knoba> kaushal: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[10:00:00] <Aprogas> !tell kaushal standard[10:00:00] <knoba> kaushal: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html[10:02:33] <kaushal> Aprogas, sure and thanks[10:02:37] <kaushal> one last question[10:02:49] <kaushal> Do i need to hardcode $mydomain ?[10:03:05] <kaushal> if i am using postfix as null client[10:03:22] <kaushal> as per http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client[10:03:56] <Aprogas> $mydomain is default for certain other settings, you should set it to something sensible, as well as myhostname and myorigin[10:04:03] *** brancaleone has joined #postfix[10:04:15] <kaushal> ok[10:05:24] *** HarryS has joined #postfix[10:05:37] <kaushal> Aprogas, so comment out this line local unix - n n - - local[10:05:43] <kaushal> in master.cf ?[10:05:50] <kaushal> is that correct ?[10:06:10] <Aprogas> Well, you could go that far yes.[10:06:18] <Aprogas> I just override the local_transport to error:[10:07:22] <kaushal> Aprogas, ok[10:09:37] <kaushal> :?[10:09:39] <kaushal> :/[10:09:43] <kaushal> didnot worked[10:10:05] *** HarryS has quit IRC[10:10:53] <kaushal> finding it really difficult[10:12:46] *** UQlev has joined #postfix[10:14:35] <Aprogas> You are making things more complicated than they need to be.[10:14:46] <Aprogas> Are you sure you cannot just use the mailserver of your ISP ?[10:15:05] <kaushal> I will go with it later[10:15:21] <kaushal> but just wanted to set it up using my mailserver[10:15:21] *** henriknj has quit IRC[10:15:31] <kaushal> I get connect to members.linode.com[67.18.186.61]:25: Connection refused[10:16:00] <Aprogas> Verify that Postfix is running and listening on that port.[10:16:48] *** henriknj has joined #postfix[10:19:54] <kaushal> Aprogas, shall i pastebin the config[10:20:00] <kaushal> I am very near now[10:20:16] <Aprogas> Ok.[10:21:13] <kaushal> Aprogas, http://paste.ubuntu.com/487136/[10:21:33] <kaushal> basically as per your suggestion i am setting up postfix as null client[10:21:58] <kaushal> I am pretty sure I am doing silly mistake[10:22:08] <Aprogas> If you set it up as a nullclient, you still need an ISP mailserver to use.[10:23:18] <kaushal> oh ok[10:23:44] <kaushal> so better option is to comment on #mynetwork ?[10:24:08] <Aprogas> There is no quick-fix or easy-solution. You shouldn't just guess for things, you should understand what the options do.[10:24:46] <Aprogas> You don't seem to need SASL though, so remove the SASL parts of your config.[10:24:48] <Aprogas> !tell kaushal mynetworks[10:24:48] <knoba> kaushal: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.[10:25:08] <Aprogas> Commenting out mynetworks just makes it use the defaults, which I think is the subnets of all interfaces.[10:27:12] *** rajijoom has joined #postfix[10:27:12] <kaushal> Aprogas, ok[10:27:19] <kaushal> it worked this time[10:29:04] <kaushal> Aprogas, is it a good method to comment out #mynetworks ?[10:29:08] <Aprogas> No.[10:29:31] <kaushal> ok[10:29:58] <Aprogas> Although if you set "mynetworks_style = host" it is not so bad.[10:31:36] <kaushal> so host means to be replaced with hostname ?[10:31:49] <kaushal> I mean server hostname ?[10:33:05] <kaushal> got it[10:33:12] <Aprogas> !tell kaushal basic[10:33:12] <knoba> kaushal: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[10:33:19] <Aprogas> Did you read that? It explains all these things.[10:33:54] <kaushal> yeah reading it[10:35:24] *** HarryS has joined #postfix[10:36:15] <kaushal> Aprogas, Thanks a lot[10:36:22] <kaushal> apologies for bugging[10:36:30] <kaushal> it worked as per your suggestion[10:36:48] <kaushal> I put mynetworks_style = host" and uncommented mynetworks[10:36:54] <Aprogas> Don't just stop here now that it works; it is important you understand all aspects of your mailserver.[10:36:59] <kaushal> sure[10:37:08] <kaushal> so that should be fine right ?[10:38:27] <Aprogas> That part, yes.[10:39:42] <kaushal> so it worked using dovecot SASL[10:39:53] <kaushal> Thanks again[10:40:40] <Aprogas> Seems you don't understand half of what I say. :)[10:40:56] <Aprogas> http://www.mediawiki.org/wiki/Manual:$wgSMTP[10:41:21] <Aprogas> If you don't specify that, PHP will use the builtin mail() function, which will likely use the local sendmail binary.[10:41:27] *** HarryS has quit IRC[10:41:35] <Aprogas> But if your SASL works now, I guess that is okay too.[10:41:59] <kaushal> Aprogas, I am not using http://www.mediawiki.org/wiki/Manual:$wgSMTP[10:42:13] <Aprogas> Ok.[10:45:41] *** wdp_aao has joined #postfix[10:46:07] *** brancaleone has quit IRC[10:47:08] *** hever has joined #postfix[10:49:32] *** wdp_aao has quit IRC[10:49:37] *** hever has quit IRC[10:50:31] *** hever has joined #postfix[10:53:50] *** micols has quit IRC[11:03:05] *** Chat8667 has joined #postfix[11:03:41] *** Chat8667 has quit IRC[11:05:29] *** HarryS has joined #postfix[11:06:31] *** brancaleone has joined #postfix[11:06:32] *** TomHome has joined #postfix[11:07:01] *** kaushal has quit IRC[11:11:25] *** HarryS has quit IRC[11:29:46] *** johe|work is now known as johest|w[11:30:16] *** johest|w is now known as johest[11:35:27] *** HarryS has joined #postfix[11:41:45] *** HarryS has quit IRC[11:51:48] *** loddafnir has joined #postfix[12:05:26] *** HarryS has joined #postfix[12:07:45] *** Twinkletoes has joined #postfix[12:11:16] *** HarryS has quit IRC[12:24:44] *** UQlev has quit IRC[12:26:18] *** superbofh has joined #postfix[12:30:06] *** Jippi_moc has joined #postfix[12:35:02] *** cpm has joined #postfix[12:35:32] *** HarryS has joined #postfix[12:37:52] *** henriknj has quit IRC[12:37:52] *** bezourox has quit IRC[12:38:00] *** bezourox has joined #postfix[12:42:47] *** sedstapler has quit IRC[12:51:02] *** technoid_ has left #postfix[12:52:31] *** shal3r has joined #postfix[13:09:46] *** pif has joined #postfix[13:10:07] <pif> hi, can I use a specfic transport according to the sender ?[13:10:19] <pif> not the recipient[13:11:48] *** hever has quit IRC[13:16:41] *** henriknj has joined #postfix[13:27:41] <joschi> pif: http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps[13:32:54] <pif> cool[13:56:52] *** echelog has joined #postfix[13:58:22] *** lawnchair has quit IRC[13:58:56] *** lawnchair has joined #postfix[14:02:13] *** forsberg is now known as fOrsberg[14:06:56] *** swombat has joined #postfix[14:07:16] <swombat> why would some recipients of our (postfix) SMTP generate a bounce with the following message: 550 Administrative Lockout - Inbound not allowed ?[14:07:50] <swombat> (other email servers seem to receive our emails fine)[14:08:25] *** bhagat has quit IRC[14:32:07] *** echelog has joined #postfix[14:32:43] <arossouw> its ok, i'll convince them to use mailman, instead of sending to 2000 recipients[14:37:14] *** wdp_ has joined #postfix[14:38:57] *** uqlev has joined #postfix[14:39:05] *** Section1 has joined #postfix[14:40:56] *** leroux has joined #postfix[14:41:28] *** wdp has quit IRC[14:42:03] *** wdp_ has quit IRC[14:43:35] *** HarryS has quit IRC[14:45:13] *** wdp has joined #postfix[14:49:06] <Aprogas> I don't know a lot about doing bulk mailings; but I should, since I have to start doing them soon.[14:49:31] <Trengo> mailman is better, definitely[14:50:27] <Aprogas> And feed the memberlist for that list from SQL or something?[14:50:51] <uqlev> Aprogas, I wish you fail with bulk mailings and to all others ;)[14:51:19] <arossouw> mailman has web interface, not sure if you can import email lists[14:52:00] <Aprogas> I don't think you want to manage 2000 recipients through checkboxes on a web interface.[14:52:20] <arossouw> oh, you can http://mail.python.org/pipermail/mailman-users/2006-June/051507.html[14:55:36] *** uqlev has quit IRC[14:56:35] <Aprogas> In your central member/customer/employee/etc. administration you should maintain which mailinglists a recipient has opted-in for, then periodically generate a new recipient list from that.[14:59:17] <arossouw> i could write a web application for that[15:00:49] <Aprogas> Doesn't really have to be web-based.[15:01:08] <arossouw> ok[15:01:44] <Aprogas> Just pull the needed addresses from your database and format them into the input-format Mailman wants.[15:02:36] <arossouw> ok[15:05:24] *** TomHome has quit IRC[15:06:27] *** JonnyV has joined #postfix[15:07:35] *** war9407 has quit IRC[15:07:51] *** Mazon has joined #postfix[15:11:29] <swombat> ok, i got them to give our smtp special privileges[15:12:29] <swombat> however, i still get a yahoo-style 451.. "send it again later". And postfix doesn't seem to be wanting to send it again without a prod. What's the default deferred delay in a standard postfix install, and how can I check and/or change it?[15:12:53] <arossouw> is there a way to force outbound mail on postfix to be sent in html , always, or is this a bad idea[15:13:18] <arossouw> people i work for want disclaimers also to contain images, for that you need html[15:14:56] <swombat> I presume bounce_queue_lifetime has something to do with it[15:15:38] <Aprogas> Postfix uses incremental delays; at first it retries in a few minutes, but each retry it increases the time between retries; so as to not hammer a remote server.[15:16:08] <swombat> ah yes, it appears to have retried now[15:16:09] <swombat> thank you![15:16:13] <Aprogas> arossouw: You probably need mimedefang for such things. I never used that, but I can it can convert text to html.[15:16:27] <Aprogas> swombat: Don't play with queues, especially not in response to a greylisting.[15:19:02] *** wdp has quit IRC[15:21:45] *** UQlev has joined #postfix[15:24:16] *** HarryS has joined #postfix[15:26:08] *** Hawkey^atWork has joined #postfix[15:26:31] *** makomi has joined #postfix[15:26:41] <arossouw> Aprogas: ok thanks[15:26:58] *** jim_SFU has joined #postfix[15:31:50] *** magyar has quit IRC[15:32:17] *** magyar has joined #postfix[15:33:29] *** Verilium has quit IRC[15:34:35] *** Verilium has joined #postfix[15:35:37] *** bluethundr has joined #postfix[15:36:09] <Hawkey^atWork> hi guys, could you help me? i've installed postfix right now.. with little help of this... http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu9.04 .. but i cant get new mailboxes workin...[15:36:39] <Hawkey^atWork> when i try to connect via squirrel it says: ERROR: Connection dropped by IMAP server.[15:38:36] *** rajijoom has quit IRC[15:39:23] *** rajijoom has joined #postfix[15:40:02] <Hawkey^atWork> i thought that only think i need to do is make new records in tables.. but its not enough probably..[15:41:45] *** johe|work has joined #postfix[15:42:18] <UQlev> Hawkey^atWork: start from logfiles[15:42:36] <UQlev> Hawkey^atWork: set max debug level[15:42:47] <Aprogas> !tell Hawkey^atWork tutorial[15:42:48] <knoba> Hawkey^atWork: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their server w/out reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to find hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.[15:43:30] <Aprogas> !tell Hawkey^atWork why[15:43:30] <knoba> Hawkey^atWork: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[15:44:05] <Hawkey^atWork> Aprogas: well sorry but i hate ppl like you... if you have no will to help, shut up pls... do not use some bot instead of you...[15:44:23] <Hawkey^atWork> UQlev: hmm will do..[15:44:43] <Aprogas> The bot contains relevant information. I would first like to establish you indeed that you want to do what you seem to be doing, before I can help you further with it.[15:44:49] <Section1> ubuntu-user[15:45:07] <Aprogas> The past few days it happened too often that I helped someone for an hour, only to discover they really only just wanted to use a nullclient for their PHP-scripts.[15:45:24] <UQlev> Aprogas: you are right and bots say tuth, but not everyone goes the same way to their experience[15:46:49] <UQlev> Aprogas: but postfix dox (not howto's) are not for noobs at all[15:47:11] <Aprogas> Establishing what someone really wants should always be the first phase of giving help. Otherwise you are just leading someone in the wrong direction based on false assumptions.[15:47:31] <Aprogas> Postfix documentation is very clear, starts very simple, and can expand on detailed subjects if needed.[15:47:41] *** kl4m has joined #postfix[15:47:48] <Section1> and have examples[15:49:38] <UQlev> Aprogas: for me postfix documents are too general, explaining only key aspects, considering that the rest you know by heart[15:50:01] <kl4m> Hi, after installing postfix I have some mail I need to flush from the sendmail queue. How can I do so?[15:50:47] <Aprogas> UQlev: I've never used SASL myself, but I've helped multiple people fix their SASL, just by going by the documentation.[15:52:29] <UQlev> Aprogas: if you have deep general knowledge of mail-server you can sort out postfix docs. But those docs are not for introduction to mail-servers[15:53:03] *** iarlyy has joined #postfix[15:53:40] <iarlyy> hi there, does anyone has a sample of pipe/policy_service in python?[15:54:51] <UQlev> Aprogas: for some people (including myself) it is important to have working mailserver (!) and learn it slightly varying parameters and options and watch reaction[15:55:13] <Aprogas> !tell iarlyy vague[15:55:13] <knoba> iarlyy: "vague" : Your description and or question is very vague. Please try to describe the problem more precisely. See also: http://workaround.org/moin/GettingHelpOnIrc[15:56:12] <iarlyy> sorry, let me explain[15:58:39] <iarlyy> knoba, Aprogas I would like to know if someone know a python tool/script that filter messages, it configured as a policy service(main.cf:check_policy_service)[15:59:00] <Aprogas> !tell iarlyy knoba[15:59:01] <knoba> iarlyy: "knoba" : an informational bot in this channel (see http://workaround.org/f=postfix)[15:59:21] *** weedar has quit IRC[15:59:24] <Aprogas> Filter based on what criteria? There exists an SPF policyd in python. I think it's called policyd-spf-python or something.[15:59:26] <iarlyy> = ) oops.[15:59:59] <Hawkey^atWork> found it.. UQlev thx ;)[16:00:29] <UQlev> Hawkey^atWork: my pleasure[16:01:03] <iarlyy> Aprogas, hmm.. I'm trying do a similar tool here in python, I need a sample to learn and put my ideas in this python.... understand?[16:01:32] <Aprogas> iarlyy: http://www.postfix.org/addon.html[16:01:49] <Aprogas> iarlyy: Some of those policy servers may be in Python.[16:01:59] <iarlyy> Aprogas, thanks.[16:02:35] <Aprogas> iarlyy: Also https://launchpad.net/pypolicyd-spf/[16:02:58] <UQlev> iarlyy: python problem is incompatibility of the code between major versions[16:03:28] <Aprogas> I think that is a problem for Perl too.[16:03:42] <UQlev> iarlyy: upgrading python may cause collapse[16:03:55] <UQlev> Aprogas: agree about Perl too[16:04:18] <Aprogas> I think Python keeps deprecated functions around for several versions, before eventually removing them, so should be mostly safe.[16:05:21] <Aprogas> Oh, I just noticed Python 3.0 exists, thought they were still in 2.x, and that you meant minor where you typed major version.[16:05:43] <Aprogas> Major versions of software are allowed to break things.[16:05:53] <iarlyy> for understand postfix send a message to my filter, I created a simple py script to read all args($1,$2 ...) and write in a file... but configured it in both main.cf and master.cf, when try send a message on postfix log it returned some errrors (http://fpaste.org/a226/)[16:06:08] <UQlev> Aprogas: I meaned Python 3.x[16:06:10] *** kl4m has quit IRC[16:06:14] <iarlyy> s/postfix/how postfix/[16:06:47] <Aprogas> iarlyy: Did you read the policy readme?[16:06:50] <iarlyy> after write it return action=dunno, just it.[16:06:55] <iarlyy> Aprogas, yes.[16:07:10] <iarlyy> Aprogas, are you talking about http://www.postfix.org/SMTPD_POLICY_README.html?[16:07:15] <Aprogas> Yes.[16:07:19] <iarlyy> I did[16:07:52] <iarlyy> the example on the of the page returns the same I'm doing here(but in py)...[16:08:15] <iarlyy> s/the/the end/[16:09:28] *** Hawkey^atWork has left #postfix[16:11:27] <Aprogas> The example code doesn't seem to follow the notes at the top of the page.[16:12:34] <Aprogas> I think 'return "decision"' should be 'return "action=decision\n\n"'[16:12:55] <Aprogas> Just from glancing at that document for a minute; I never made a policyd myself.[16:16:05] *** wdp has joined #postfix[16:19:02] *** codehotter has joined #postfix[16:19:26] <codehotter> When I send mail from the machine I installed postfix on, the source domain is machinename.domain.tld[16:19:42] <codehotter> I'd like that to be domain.tld instead[16:19:45] <codehotter> is that possible?[16:20:04] <Aprogas> !tell codehotter myorigin[16:20:05] <knoba> codehotter: "myorigin" : a configuration parameter in the main.cf: The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default $myhostname, which is fine for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) set up a domain-wide alias database that aliases each user to user at that dot users.mailhost.[16:21:14] <codehotter> Thanks![16:21:17] <codehotter> That worked perfectly[16:26:29] *** henriknj has joined #postfix[16:26:42] <Aprogas> codehotter: You realise this is the very first thing discussed in the basic readme?[16:27:37] <sysmonk> what basic readme?! i can't find dis button in my UBUNTU server![16:27:59] *** jtgiri_ has joined #postfix[16:29:08] <Aprogas> !tell sysmonk basic :)[16:29:09] <knoba> Aprogas: Error: No factoid matches that key.[16:29:11] *** coin3d has joined #postfix[16:29:16] <Aprogas> !tell knoba smiley[16:29:17] <knoba> Aprogas: Error: No factoid matches that key.[16:30:17] <sysmonk> Aprogas: see, knoba doesn't know where to find that button in UBUNTU SERVER too[16:38:39] *** brancaleone has quit IRC[16:39:30] *** zeitsofa has joined #postfix[16:48:46] *** jtgiri_ has quit IRC[16:50:45] *** possi has joined #postfix[16:50:57] *** possi has quit IRC[16:55:20] *** hever has joined #postfix[16:58:36] *** tharkun has joined #postfix[17:00:15] *** hever has quit IRC[17:11:11] *** kl4m has joined #postfix[17:13:40] *** JonnyV has quit IRC[17:14:12] *** jangell has quit IRC[17:15:45] *** Dingofest2 has joined #postfix[17:19:15] *** smica has joined #postfix[17:19:55] *** makomi has quit IRC[17:27:32] *** Twinkletoes has quit IRC[17:28:10] *** sysmonk has quit IRC[17:28:17] *** sysmonk has joined #postfix[17:28:21] *** makomi has joined #postfix[17:28:45] *** makomi has joined #postfix[17:29:39] *** jangell has joined #postfix[17:31:46] *** UQlev has quit IRC[17:32:38] *** bluethundr has quit IRC[17:33:45] *** bluethundr has joined #postfix[17:33:46] *** JonnyV has joined #postfix[17:34:22] *** sysmonk has quit IRC[17:34:50] *** Hawk|- has quit IRC[17:35:36] *** sysmonk has joined #postfix[17:36:21] *** fOrsberg is now known as forsberg[17:39:34] *** Hawk|- has joined #postfix[17:47:43] *** ssureshot has joined #postfix[17:51:29] *** brancaleone has joined #postfix[17:54:07] *** sysmonk has quit IRC[17:54:44] *** jtgiri_ has joined #postfix[17:56:35] *** LowKey has joined #postfix[17:56:37] *** sysmonk has joined #postfix[17:56:56] *** robotarmy has joined #postfix[18:01:54] *** cga has quit IRC[18:02:08] *** sysmonk has quit IRC[18:02:44] *** sysmonk has joined #postfix[18:07:47] *** Wilkins has quit IRC[18:08:19] *** neorise-rider has joined #postfix[18:11:57] *** rajijoom has quit IRC[18:16:20] *** war9407 has joined #postfix[18:17:42] *** JonnyV has quit IRC[18:19:16] *** NeCRoManTe1 has left #postfix[18:21:39] *** bluethundr has quit IRC[18:21:53] *** bluethundr has joined #postfix[18:22:35] *** bluethundr has joined #postfix[18:28:55] *** sysmonk has quit IRC[18:28:57] *** sysmonk has joined #postfix[18:33:49] *** Alagar has quit IRC[18:34:37] *** _Tassadar has joined #postfix[18:38:14] *** dagni has joined #postfix[18:39:33] <dagni> hi, i sent mail to someone but my logs says " Recipient address rejected: Greylisted for 300 seconds. Please try again later.", 300seconds already passed but i still don't see my postfix re-sending the message again, when my postfix will re-send ? is it configurable ?[18:43:18] *** EGreg__ has joined #postfix[18:43:40] <EGreg__> Hey people. What's the best way to hook Postfix up to a PHP script, so that incoming emails will act like web requests[18:44:17] <jduggan> ...[18:44:52] <jduggan> best you can do is pipe to your script which reads in the email[18:45:02] <EGreg__> aren't there any hooks in postscript[18:45:05] <EGreg__> I think I read you can use filters[18:45:39] <jduggan> !pipe[18:45:40] <knoba> jduggan: "pipe" : the pipe(8) daemon processes requests from the postfix queue manager to deliver messages to external commands. this program expects to be run from the master(8) process manager[18:49:14] *** stpierre has joined #postfix[18:49:57] <adaptr> dagni: postfix has no native greylisting support. ergo, that message was not written by postfix.[18:50:40] <adaptr> EGreg__: pipes are the most elegant solution, generally - but your script will have to be rfc 822-safe to process mail[18:50:44] <Aprogas> dagni: Also Postfix will not parse a text stating "300 seconds" and think "I should try again in 301 seconds", it will use its usual delay mechanism.[18:51:11] <seekwill> heh[18:51:21] <adaptr> Aprogas: silly boy. postfix doesn't read its own logs. no service in the world reads its own logs.[18:51:34] <seekwill> That's why graylisting... blows.[18:51:45] <Aprogas> adaptr: That's what I said, isn't it?[18:51:51] <adaptr> not really[18:52:07] <adaptr> you could have stopped after "postfix will not parse"[18:52:19] <adaptr> it won't even read - it's just not interested[18:52:59] <tharkun> Gentlemen i want to compile the latest greates postfix version (2.8) anyone with a good oneliner to acomplish that ? It seems sqlite support is official as of that version :)[18:53:37] <Aprogas> Either I dropped into a time vortex, or you are using a development vortex.[18:53:40] <Aprogas> erm[18:53:43] <dagni> Aprogas: what is the usual delay time for postfix ?[18:53:47] <Aprogas> My brain dropped into a language vortex.[18:53:51] <Aprogas> Vortexes everywhere.[18:54:13] <Aprogas> dagni: I don't know, I never pay much attention to my queues, they are usually empty.[18:54:23] *** JonnyV has joined #postfix[18:54:33] <dagni> ok thanks[18:54:47] <adaptr> dagni: greylisting does not *delay* mail. only postfix can do that.[18:54:51] <adaptr> the message was rejected[18:54:59] <adaptr> that's what greylisting is[18:55:04] <dagni> yes[18:55:08] <dagni> but it will deliver again[18:55:08] <tharkun> Actually it is a temporary reject[18:55:12] <adaptr> it will not[18:55:16] <adaptr> postfix rejected it[18:55:17] <dagni> IT WILL.[18:55:25] <adaptr> dagni: postfix does not have the message.[18:55:26] <dagni> question is when[18:55:38] <Aprogas> dagni: Pastebin the full logs, incl. the numeric error-codes.[18:55:41] <dagni> adaptr: go check what's greylisting before saying not true..[18:55:42] <adaptr> dagni: either pay attention or figure it out for yourself[18:56:22] <adaptr> tharkun: is 2.8 stable then ?[18:56:27] <cite> adaptr: You fail at reading. He read that message in his logs while _sending_ a mail, so it's probably what the Postfix smtp client logged as the reject reason from the remote site.[18:56:45] <dagni> it arrived[18:56:48] <dagni> 5 minutes ago[18:56:57] <dagni> so the usual postfix delay time after first reject is.. 38 minutes[18:57:00] <adaptr> cite: I fail at lots of things. he fails at providing useful technical details.[18:57:07] <dagni> pretty long but after all - it's delivered ;)[18:57:10] <cite> adaptr: Agreed.[18:57:16] <adaptr> dagni: it's presumably your mail server. go read your config.[18:57:20] <tharkun> adaptr: well according to the postfix site it is not "stable" but what the heck if Wietse uses it. I can take my chances with it :)[18:57:26] * cpm fails at adaptr-ing[18:57:50] <adaptr> tharkun: wietse "uses" whatever he built last night. he lives on the edge.[18:58:05] <cite> tharkun: I recently built some Debian packages for 2.8 - if you are using Debian, you can give them a try.[18:58:11] <adaptr> unofficially, both sqlite and postscreen are good to go, in 2.7, if you can compile it[18:58:30] <adaptr> he just bumpes the version number when he thinks they're good for everyone else[18:59:28] <adaptr> !tell dagni minimal_backoff_time[18:59:29] <knoba> dagni: "minimal_backoff_time" : a configuration parameter in the main.cf: The minimal time between attempts to deliver a deferred message. This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, destination status cache.[18:59:44] <EGreg__> adaptr: why are pipes more elegant than making a filter?[18:59:51] <EGreg__> and what does it take to be rfc 822-safe?[18:59:54] <dagni> adaptr: thanks.[18:59:57] <adaptr> I am eagerly awaiting the day that 2.8 is in my repos - postscreen is sweeeet[19:00:15] <adaptr> EGreg__: pipes are hellaflexible. filters - not so much[19:00:25] *** p3rror has quit IRC[19:00:34] <adaptr> and the pipe receives the entire rfc-822 message, that's why it has to be able to parse it[19:00:41] <adaptr> !pipe[19:00:42] <knoba> adaptr: "pipe" : the pipe(8) daemon processes requests from the postfix queue manager to deliver messages to external commands. this program expects to be run from the master(8) process manager[19:00:51] * cpm deducts 4 coupons from adaptr's account for the use of the 'hella' prefix.[19:00:51] <adaptr> read its man page - it's LONG[19:01:08] * adaptr consumes another Eric Cartman to replenish[19:01:11] *** cga has joined #postfix[19:01:12] <cpm> heh[19:01:59] <tharkun> adaptr: Well living in the edge on postfix seems safe enough for me.[19:02:09] <tharkun> cite: I'll look for them thx[19:02:14] *** brancaleone has quit IRC[19:02:19] <adaptr> oh sure, Wietse's idea of "on the edge" is pretty safe to begin with[19:02:35] <adaptr> cite: would those work for Ubuntu ?[19:02:39] <cite> tharkun: http://debian.incertum.net/ - sources are all there, too[19:02:42] <adaptr> I'm interested[19:03:12] <stpierre> i'm trying to troubleshoot an issue where the from address of a message is not being masqueraded properly. here's postconf -n: http://www.fpaste.org/6f9h/[19:03:20] <cite> adaptr: You'd have to grab the source, install the build dependencies (apt-get build-dep postfix; aptitude -y install libsqlite3-dev), unpack the source (dpkg-source -x *.dsc) and build them (dpkg-buildpackage -rfakeroot)[19:03:30] *** iarlyy has quit IRC[19:03:37] <adaptr> cite: sounds easy enough :)[19:03:38] <stpierre> the message comes from "monitor at analysis1 dot example.com", and I've got this in my logs: Sep 2 12:49:02 smtp2 postfix/cleanup[23264]: masquerade: analysis1.example.com -> example.com[19:03:55] <stpierre> but, of course, on delivery, the From: header remains analysis1.... what am I missing here?[19:04:01] <cite> adaptr: I know that they build on Ubuntu "lucid lynx" - but I have no idea if the SQLite support works at all.[19:04:32] <Aprogas> stpierre: Show contents of canonical too.[19:04:32] <cite> adaptr: Debian (and hence, Ubuntu) are doing some funny things to the different dictionary types (like MySQL, PostgreSQL, LDAP) so that they can be installed as separate packages.[19:05:01] <adaptr> stpierre: masquerade doesn't do shit. canonical_maps is what translates headers[19:05:23] <adaptr> cite: I don't know if I have a bild env on my server, I usually prefer not to....[19:05:39] <Aprogas> I think masquerade can do rfc822-header too.[19:05:40] <stpierre> adaptr: oh, huh. so what exactly _does_ masquerade do?[19:05:44] <Aprogas> !masquerade_classes[19:05:45] <knoba> Aprogas: "masquerade_classes" : a configuration parameter in the main.cf: What addresses are subject to address masquerading.[19:05:52] <cite> adaptr: You can easily create a chroot environment with debootstrap.[19:06:05] * stpierre read http://www.postfix.org/postconf.5.html#masquerade_domains and it sounded like it would do the right thing[19:06:06] <adaptr> stpierre: strip subdomains from hosts to show all senders coming from the MX domain, for example[19:06:23] <adaptr> however, that always concerns *envelope* addresses, not headers[19:06:28] <stpierre> ahhhhhhh[19:06:37] <adaptr> postfix doesn't care a lot about headers[19:06:40] <stpierre> that's the sound of the lightbulb over my head turning on[19:06:56] <Aprogas> stpierre: Type "postconf masquerade_classes" and see what that returns.[19:07:16] <stpierre> it's the default -- envelope_sender, header_sender, header_recipient[19:07:42] <adaptr> for masquerade_domains, as well ?[19:07:46] <tharkun> cite: i wrote down the lenny backport. I will test it first on my laptop. It has a somewhat more complex set up that will let me check how it behaves. The scope of failures it is obviously smaller[19:07:52] <Aprogas> stpierre: I'm still curious what is in your canonical though.[19:07:57] <stpierre> Aprogas: also, canonical only has one line: " at * dot tiger.example.com @tiger.example.com". so probably not relevant[19:08:17] <adaptr> stpierre: okay then, it should be posisble with masquerade - but for foreign addresses, you need canonical[19:08:22] <stpierre> masquerade_domains = example.com[19:08:36] <adaptr> stpierre: where is the paste with your logs[19:08:53] <cite> tharkun: That sounds like a good plan.[19:08:59] <Aprogas> stpierre: Not sure if a hash:-table treats * as a wildcard, but that indeed should not break masquerade[19:08:59] <stpierre> what all logs do you want?[19:09:35] <Aprogas> stpierre: Logs from connect to disconnect of one message that doesn't do what you want.[19:09:44] <stpierre> ok, gimme a sec[19:09:56] <stpierre> do you want anything to have -v for those logs?[19:10:07] <Aprogas> Probably not needed for now.[19:10:29] <stpierre> kk[19:12:28] *** JonnyV has quit IRC[19:14:45] <stpierre> interesting, it looks like it is rewriting the envelope sender: http://www.fpaste.org/jILb/[19:15:39] <adaptr> it certainly will[19:15:42] *** Jippi_mac has joined #postfix[19:15:46] <adaptr> !masquerade[19:15:47] <knoba> adaptr: Error: "masquerade" is not a valid command.[19:15:49] <adaptr> bah[19:15:58] <stpierre> so it's doing 50% of the right thing.[19:16:19] <cite> I just noticed that I have to install Postfix on my workstation (disk broke last week) and configure it for SASL relaying to one of my mail servers.[19:16:33] <cite> I'm just too lazy to actually do it.[19:16:49] <Aprogas> stpierre: Did you study the note in the masquerade_domains documentation?[19:16:53] <adaptr> ah, I'm going to grab those sources from you before I forget[19:17:34] <Aprogas> !tell stpierre local_header_rewrite_clients[19:17:35] <knoba> Aprogas: Error: No factoid matches that key.[19:17:57] <stpierre> Aprogas: do _all_ of those have to match, or any? local_header_write_clients defaults to "permit_inet_interfaces", and "inet_interfaces" is "all", so I figure that should match[19:18:10] <cite> adaptr: wget http://debian.incertum.net/pool/experimental/p/postfix/postfix_2.8+20100728~cite.orig.tar.gz http://debian.incertum.net/pool/experimental/p/postfix/postfix_2.8+20100728~cite-1.dsc http://debian.incertum.net/pool/experimental/p/postfix/postfix_2.8+20100728~cite-1.diff.gz[19:18:14] <adaptr> cite: I can just grab the postfix-2.8-foo tgzs then ?[19:18:21] <adaptr> yes, got it[19:18:30] <Aprogas> stpierre: Is 160.91.194.179 bound to a local interface?[19:18:34] * adaptr goes to man diff[19:18:39] <cite> adaptr: I should probably warn you.[19:18:43] <adaptr> uh-oh[19:18:57] <cite> adaptr: Those packages don't have the usual Debian chroot.[19:19:08] <adaptr> oops[19:19:11] <stpierre> ah, no, that's the sending host. i guess i misread the doco for local_header_rewrite_clients.[19:19:15] <stpierre> thanks![19:19:18] <cite> adaptr: If you are installing them on a system which didn't have any Postfix before, you will not get a chroot'ed Postfix.[19:19:22] <adaptr> well, perhaps it's time I moved my server to slack[19:19:42] <adaptr> it's an interesting experiment, since the configs are dense and go back many years[19:19:44] <cite> adaptr: If you had Postfix on the machine (self compiled, via packages, beamed by Scotty), then there is no difference.[19:20:06] <adaptr> I have 2.7 from ubuntu 10.04, so that's not going to work[19:20:21] <adaptr> but why would the debian packages not work ?[19:20:25] <cite> adaptr: If you upgrade from 2.7 with my packages, all configs are, of course, preseved.[19:20:39] <adaptr> configs schmonfigs. you said chroot and my brain froze[19:20:55] <cite> Fresh Postfix installation only.[19:21:09] <cite> Of course, upgrade/downgrade works with my packages.[19:21:11] <adaptr> chroot is not a "config" ![19:21:24] * rob0 gets a spoon: fresh Postfix with iced adaptr![19:21:25] <adaptr> if it were, people wouldn't bitch about it so loudly[19:21:42] <stpierre> Aprogas: local_header_rewrite_clients = permit_mynetworks fixed it. thanks for helping me find that![19:21:47] <adaptr> rob0: you better be running all slack, or meet with ridicule[19:21:51] <rob0> yum, er, I mean apt[19:21:53] <cite> adaptr: I don't know what you mean.[19:21:55] <cite> hi rob0[19:22:02] <rob0> cite, hi![19:22:27] <Aprogas> stpierre: You should probably keep permit_inet_interfaces too; mynetworks doesn't necessarily include all interfaces.[19:22:30] <cite> adaptr: I think that the chroot itself is set up in the init scripts (I fixed a couple of bugs there when it comes to multiple instances).[19:22:32] <adaptr> I had occasion to fire up the slackware httpd yesterday for the first time. I'm in love.[19:22:58] <adaptr> AND it's got 2.2.16 ;) stick that, ubn00bu[19:23:03] <stpierre> Aprogas: will do, thanks[19:23:46] <adaptr> cite: I thought it was infested throughout - the location changes, permissions needed, scripts that copy needed files, etc.[19:24:18] <cite> adaptr: Well, I was never really glad about the way the Debian packages changed a default Postfix installation.[19:24:38] <adaptr> hasn't Wieste said more than once that chrooting adds only marginal security, and that nobody could prove to him that it was any use ?[19:24:40] <cite> adaptr: So I reverted most of it in my packages, to give you what you'd get if you installed it from source.[19:25:26] <cite> adaptr: But that's all only relevant if that's a first time Postfix installation. During our discussion, I rebuilt the packages on an Ubuntu KVM guest and upgraded from the stock 2.7 - no problems.[19:25:27] <adaptr> makes it all the more doubtful why debuntu decides to run postfix and bind chrooted, but not apache, which is FAR wider used, and much more ABused[19:25:40] <adaptr> okay, I'll give it a shot[19:25:43] <adaptr> thanks[19:25:46] <cite> np[19:25:49] <cpm> question not the brownness![19:26:00] *** stpierre has left #postfix[19:26:03] <adaptr> yeah, all relevance our cpm[19:26:08] * cpm stepped in ubuntu once, tracked it all over the house before he noticed. What a mess.[19:26:18] <adaptr> your wife liked it though[19:26:29] <cite> cpm's wife is messy?[19:26:45] <cpm> not really[19:26:56] <cpm> it stains carpets and smells bad.[19:27:05] <cite> "it"?[19:27:12] <cpm> ubuntu[19:27:18] <cite> o i c[19:27:26] *** codehotter has quit IRC[19:27:28] <cpm> as in, 'Hey, you've got ubuntu on your shoe!' "Oh no!"[19:27:40] <cite> Argh. Half past seven already?[19:27:46] <adaptr> it is in my country[19:27:47] <cite> bbl[19:28:08] <jduggan> half 6 here[19:30:49] <Aprogas> cite: You should see what Debian does to an amavisd-new installation.[19:32:44] <rob0> cpm, is that why the Ubuntu color is brown?[19:32:57] <cpm> rob0, I assume so.[19:33:01] <adaptr> it's building; curious how long that takes on my powerful dualcore atom[19:33:34] <adaptr> amavis is particularly unpleasantly mangled, that's true[19:35:26] *** Matic`Makovec has joined #postfix[19:35:38] <adaptr> doesn't each postfix include an "upgrade-my-config" scriptlet ?[19:35:47] <adaptr> to check it for egregious problems[19:36:07] <rob0> see postfix(1)[19:36:36] <adaptr> I knew you were going to say... well, something involving the documentation[19:48:42] <adaptr> runs fine[19:48:47] <adaptr> at least, it says it runs fine[19:48:57] <adaptr> enabled dnsblog and postscreen, backgrounded the real smtpd[19:49:21] <adaptr> now all I miss is the logs of what spammers were trying to do.... false positives from zen will be impossible to trace, methinks[19:50:19] <Aprogas> I was just reading a postfwd example config where Zen is used as a "one hit one kill" and I was wondering how wise that is.[19:50:51] <adaptr> postscreen basically does the same, although it probably uses the output as well - at least, it logs the result[19:51:00] <adaptr> a 127.0.0.4 is immediately rejected[19:51:05] <adaptr> dunno what that status means[19:51:34] <adaptr> I guess I need to read the updated postscreen docs :)[19:51:36] <Aprogas> I haven't really looked into postscreen yet. Debian is still stuck on 2.5 I believe, so I can postpone that for a while.[19:51:39] <adaptr> !postscreen[19:51:40] <knoba> adaptr: "postscreen" : Server that performs triage on multiple inbound SMTP connections in parallel. More information can be found at: http://www.postfix.org/postscreen.8.html[19:51:49] <adaptr> Aprogas: until 2025, yes[19:52:32] <Aprogas> I am more of a FreeBSD-person myself, but that doesn't play well with PV Xen, so that wasn't really an option.[19:55:13] *** bimbo has joined #postfix[19:55:21] <bimbo> simple question, if I'm using dovecot LDA, is it safe to not have virtual_mailbox_base, virtual_uid_maps, virtual_gid_maps and virtual_mailbox_maps configuration variables set?[19:55:49] <Aprogas> !tell bimbo idfma[19:55:50] <knoba> bimbo: "idfma" : Insufficient Data For Meaningful Answer (perhaps look at the /topic)[19:58:37] <bimbo> sorry, I'm configuring postfix for virtual mail, it'll use mysql for this, I'm using dovecot LDA as mail transport[19:59:03] <bimbo> what else do you need to know? that's the general background information..[19:59:58] <Aprogas> LDA does local delivery, but you are also talking about virtual mail. Which one is it going to be?[20:00:13] <Aprogas> Are all mailboxes going to be backed by real UNIX users?[20:00:36] *** jY has joined #postfix[20:01:03] <jY> is there a way to rewrite all outbound email to 1 email address[20:01:14] <Aprogas> I just noticed Dovecot docs called virtual delivery LDA too, I thought they called that VDA.[20:01:25] <Aprogas> jY: Yes, but are you sure you want this?[20:02:26] <jY> Aprogas, yes.. its on dev/staging machines.. we want all emails to go to a single mailbox so developers can see them[20:02:45] <Aprogas> Do you want to rewrite the From or To address?[20:04:40] <jY> to[20:05:09] <Aprogas> Why don't you just send to the correct address instead? That seems like the simplest solution.[20:05:31] *** kenyon has quit IRC[20:06:00] <jY> yes it does.. but that would require time strap developers to implement it[20:06:33] <Aprogas> !tell jY rewriting[20:06:34] <knoba> Aprogas: Error: No factoid matches that key.[20:06:40] <jY> Aprogas, its ecommerce so when someone places an order emails get sent out to many different parties.. so i want to redirect all outbound to 1 mailbox[20:06:41] <Aprogas> http://www.postfix.org/ADDRESS_REWRITING_README.html[20:06:53] <Aprogas> Do you want to copy, or really redirect?[20:07:16] <jY> no.. a rewrite[20:07:22] <jY> so it never gets to the real person[20:07:27] <jY> would it be a sender_canonical_maps ?[20:07:47] <bimbo> Aprogas: yes it is used for virtual and local delivery too[20:08:04] <Aprogas> jY: That would probably work.[20:10:56] *** kenyon has joined #postfix[20:25:19] <bimbo> so I've configured smtpd to be able to use tls, on port 25 it's working fine but I've configured smtps too in master.cf for port 465, but connections going through there are not being encrypted... do I need any special configuration for this to work?[20:26:05] <cpm> !submission[20:26:05] <knoba> cpm: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[20:27:07] <cpm> bimbo, why are you using smtps?[20:28:20] <adaptr> !smtps[20:28:21] <knoba> adaptr: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[20:28:37] <cpm> yeah, but why?[20:29:30] <adaptr> I am hoping that showing him the badness will make it a moot point[20:29:32] *** forsberg is now known as fOrsberg[20:32:53] <rob0> The badness being that SSLv2 is deprecated, the crypto folks having moved on to TLSv1.[20:33:00] *** dxtr has quit IRC[20:34:06] *** Matic`Makovec has quit IRC[20:34:34] <bimbo> ok, I was using 465 because I was not really aware of the "badness" of it, now I changed that to submission (port 587) but still it won't allow me to connect using tls...[20:35:39] *** jtgiri_ has quit IRC[20:36:41] <Aprogas> bimbo: You are being vague again. State what you want to achieve, pastebin the config you made, pastebin relevant logs and other proof of what happens.[20:37:32] <cpm> openssl s_client -starttls smtp -connect server-ip:587[20:38:22] *** gabrieLwnt has quit IRC[20:38:36] *** gabrieLwnt has joined #postfix[20:41:45] *** weedar has joined #postfix[20:42:58] *** arossouw has quit IRC[20:43:02] *** arossouw has joined #postfix[20:43:24] *** dxtr has joined #postfix[20:44:14] <bimbo> ok thank you guys very much, problems solved![20:45:04] <cpm> yw[20:46:35] *** sphenxes01 has quit IRC[20:49:10] *** sphenxes has joined #postfix[20:53:57] *** kad__ has joined #postfix[20:55:34] *** weedar has quit IRC[20:56:06] *** weedar has joined #postfix[20:56:19] <kad__> heys!! need to ask!! assume my domain = test.com , and my company buy new domain= play.com, Does My Postfix Allow me when i want to send email /receive mail on separate Database ? or i should make a new Postfix Server for the new domain? I've try the "virtual_domains", but this work if i receive any mail to @play.com, it will map to my @test.com accounts!![20:56:35] *** weedar has quit IRC[20:59:18] <Aprogas> Postfix is capable of having different mailboxes for seperate domains on the same Postfix instance.[20:59:43] <Aprogas> There are multiple ways to go about this, and we cannot determine which is most useful for you.[21:00:07] *** brancaleone has joined #postfix[21:00:26] <kad__> Aprogas, is there any link can help me with, i'll be thankfull =)[21:00:32] * cpm thinks what works best, is to set your machine up as a virtual from the outset. This makes these changes down the road trivial.[21:00:33] *** master_of_master has quit IRC[21:01:11] <Aprogas> !tell kad__ virtual[21:01:11] <knoba> kad__: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html[21:01:31] <kad__> Aprogas, thx alot =)[21:01:58] *** jangell_ has joined #postfix[21:02:56] <adaptr> rob0: isn't TLSv1 == SSLv3 ?[21:03:43] *** master_of_master has joined #postfix[21:03:48] *** jangell__ has joined #postfix[21:04:48] *** jangell has quit IRC[21:04:49] *** jangell__ is now known as jangell[21:05:23] *** cga has quit IRC[21:05:33] *** jangell has quit IRC[21:06:35] *** jangell_ has quit IRC[21:09:47] <lunaphyte> close, in many ways, but not technically, no.[21:11:03] *** feisar has joined #postfix[21:12:20] <lunaphyte> smtps/465 can use tls perfectly fine.[21:13:01] <Aprogas> Hostkarma's JMF yellowlist sounds interesting. It could either work great, or be a total failure.[21:15:50] <Aprogas> They have a brownlist too, and a list they couldn't think of a colour for, so they just call it NOBL.[21:29:43] *** mwalling has joined #postfix[21:33:26] *** mwalling has left #postfix[21:36:18] *** cpm has quit IRC[21:37:22] *** dotplus_ has joined #postfix[21:37:22] *** rob0_ has joined #postfix[21:37:24] *** dotplus_ has quit IRC[21:37:24] *** dotplus_ has joined #postfix[21:37:24] *** jdoe_ has joined #postfix[21:37:35] *** Verilium_ has joined #postfix[21:37:35] *** s0ber_ has joined #postfix[21:39:06] *** Zelest_ has joined #postfix[21:39:37] *** Dingofest2 has quit IRC[21:41:22] *** rob0 has quit IRC[21:41:24] *** s0ber has quit IRC[21:41:24] *** dotplus has quit IRC[21:41:24] *** Verilium has quit IRC[21:41:25] *** jdoe has quit IRC[21:41:25] *** Zelest has quit IRC[21:42:13] *** weedar has joined #postfix[21:46:04] *** johe|work has quit IRC[21:46:37] *** Matic`Makovec has joined #postfix[21:47:08] *** johe|work has joined #postfix[21:56:30] *** coin3d has quit IRC[21:57:21] *** coin3d has joined #postfix[22:05:19] *** rooky has joined #postfix[22:06:09] *** al has left #postfix[22:14:02] *** fOrsberg is now known as forsberg[22:16:48] *** rob0_ is now known as rob0[22:26:38] *** Justin_Hopkins has quit IRC[22:28:54] *** Justin_Hopkins has joined #postfix[22:29:42] *** sedstapler has joined #postfix[22:35:51] *** ssureshot has quit IRC[22:38:18] *** NotInternat has quit IRC[22:40:58] *** uqlev has joined #postfix[22:42:42] *** jdoe_ is now known as jdoe[22:44:09] *** SnYDer has joined #postfix[22:44:11] *** cilly has quit IRC[22:44:39] <SnYDer> hi[22:46:54] <Aprogas> !tell SnYDer welcome[22:46:55] <knoba> SnYDer: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[22:47:40] *** cambazz has joined #postfix[22:47:43] <SnYDer> I have a postfix server with virtual domains and users, but there is also a few regular unix accounts; those local accounts are able - of course - to send mails via local submission (omitting smtpd), but I would like to prevent them from sending mails to outside world[22:47:55] <SnYDer> is that possible without separate postfix instance?[22:47:55] <cambazz> hello. can i make postfix listen on port 25, and some other port at the same time?[22:48:34] <cambazz> it is like these ignorant bastards at turkish telekom decided to block all outgoing port 25's from the adsl lines in an attempt to cut spam[22:49:36] *** smica has quit IRC[22:49:41] <seekwill> cambazz: I think a lot of ISPs should do that ;)[22:49:54] *** henriknj has quit IRC[22:50:21] <cambazz> well i think not. incoming port 25, maybe they have right[22:50:29] <cambazz> but outgoing port 25, they have no right[22:50:38] <seekwill> Why?[22:50:49] <cambazz> ethically, they have no right[22:50:52] <seekwill> Why?[22:50:56] <cambazz> why, because i pay for the service[22:51:04] <cambazz> they can not tell me what port to send[22:51:13] <seekwill> If you called them, will they open it up?[22:51:23] <cambazz> no[22:51:43] <seekwill> For 99% of their users, they would submit to a relay[22:51:55] <seekwill> cambazz: Many people won't even accept mail from residential IPs[22:52:03] <Aprogas> Blocking incoming port 25 doesn't block spambots.[22:52:11] <Aprogas> So blocking outgoing port 25 does make sense.[22:52:17] <cambazz> yes, but i dont care about that, i have my own server, and i can not send mail now[22:52:28] <Aprogas> Do you have a business account with them?[22:52:30] <seekwill> cambazz: You represent a very very small minority, unfortunately[22:53:07] <cambazz> well, i am right i know. they got to deal with spambots in another ways.[22:53:17] <Aprogas> SnYDer: Don't give those users permission to relay.[22:53:24] <cambazz> well, so can i, or can i not listen on multiple ports[22:53:26] <Aprogas> SnYDer: How are they submitting mails?[22:53:30] <seekwill> cambazz: You can[22:53:43] <SnYDer> Aprogas: 'mail' command :)[22:53:59] <Aprogas> You can listen on multiple ports, but not send to a remote MX on any other port than 25.[22:54:30] <cambazz> all i need to to is do it from home, my own ip[22:54:37] <Aprogas> !tell SnYDer access[22:54:38] <knoba> SnYDer: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[22:54:55] <Aprogas> !tell cambazz port_25_block[22:54:56] <knoba> cambazz: "port_25_block" : Many consumer-grade ISPs (and some which claim to be for business, such as Godaddy) block outbound port 25/tcp traffic to prevent abuse from their network. If your ISP does this, you should see the !basic and !relayhost factoids. Or, upgrade to business-class service (or change ISP if you already had it.)[22:54:58] <SnYDer> knoba: nop, smtpd is not used in local submission[22:55:22] <SnYDer> Aprogas: that was for you, sorry ;)[22:55:44] <Aprogas> SnYDer: Should this Postfix ever send mail to the outside?[22:56:08] *** Dingofest2 has joined #postfix[22:56:16] <cambazz> well, listen, i am on a remote location. my house is already setup, and i can not do it. unfortunately i need to send one mail, for business, and right now[22:56:25] <SnYDer> yes, because there is also a few virtual domains with users who want to send mails anywhere they want[22:56:31] <seekwill> cambazz: gmail[22:56:32] <cambazz> so i need a simple simple simple solution[22:56:34] <cambazz> no[22:56:52] <cambazz> which config file deals with what ports to listen on[22:57:03] <seekwill> cambazz: Some ISP's have AUP that prohibit running servers on their networks[22:57:03] <cambazz> i did not see it on main.cf[22:57:04] <Aprogas> cambazz: master.cf[22:57:18] <Aprogas> cambazz: But this won't let you send the mail, this is what we keep telling you.[22:57:33] <Aprogas> 8025 inet n - n - - smtpd[22:57:44] <cambazz> why not[22:57:50] <seekwill> lol[22:57:54] <Section1> heh[22:58:00] <cambazz> if i listen on port 25 and port 666[22:58:03] <SnYDer> cambazz: if ISP blocks outgoing 25 they should offer a smtp proxy for people like you[22:58:10] <seekwill> SnYDer: Most do![22:58:16] <cambazz> well they are not, and not at this moment certainly[22:58:32] <Aprogas> cambazz: They probably let you use a mailserver and login with username/password.[22:58:36] <Section1> how can you server reach to port 25 of one MX ?[22:58:40] <Aprogas> You can use that mailserver as relayhost.[22:58:50] <seekwill> cambazz: Are you sure? All of the ISPs I know that block outgoing port 25 offer an alternative solution[22:58:55] <Aprogas> You will need Cyrus-SASL though.[22:59:06] <cambazz> well at this time and hour, i can not reach the call center,[22:59:16] <cambazz> i do have cyrus-sasl and all that[22:59:30] <SnYDer> Aprogas: so what do you think, do I have any chance to find some other solution than separate postfix instance? :)[22:59:37] <cambazz> my mail server is at a data center, and everything works[22:59:50] <Aprogas> SnYDer: Yes.[22:59:50] <cambazz> i just need to reach port 25 of my mail server[22:59:59] <seekwill> cambazz: Why can't you just log into your mail server and send the mail?[23:00:04] <seekwill> It's just for one message, as you said.[23:00:18] <cambazz> yes brilliant idea seekwill[23:00:25] <cambazz> like pine like the old days[23:00:40] <seekwill> :)[23:00:42] <SnYDer> cambazz: like webmail, like the nowadays :)[23:00:43] <seekwill> Or telnet...[23:01:13] <cambazz> i have forgotten all about that[23:01:24] <seekwill> Oh, I thought you were mocking me[23:01:42] <seekwill> It's rare that I actually have "good ideas" as thumbs points out[23:01:47] * rob0 mocks seekwill[23:01:48] <cambazz> no no[23:01:56] * seekwill has been mocked[23:02:10] <seekwill> Where is thumbs?[23:02:31] *** jim_SFU has quit IRC[23:02:36] <rob0> where ARE thumbs ... thumbs is a plural[23:02:50] <Aprogas> SnYDer: You could use a content_filter or milter, or perhaps restrictions can be applied to pickup.[23:03:27] <cite> There, I did it. I configured Postfix on my workstation to send mails using one of my mail servers. After one week of procrastination, I finally did it.[23:03:30] <cite> I feel really good now.[23:03:46] * rob0 high-fives cite[23:03:50] *** Dingofest2 has quit IRC[23:03:52] * cite cheers.[23:03:54] * seekwill spams cite over port 25[23:04:12] <cite> seekwill: actually, that's a pretty good hint.[23:04:15] *** Dingofest2 has joined #postfix[23:04:24] <seekwill> cite: Glad I could hint you[23:04:37] <rob0> I've been wanting to try this procrastination thing, but I keep putting it off.[23:04:45] * cite executes postconf -e inet_interfaces = loopback-only && postfix reload[23:04:57] <SnYDer> Aprogas: yes, I've been thinking about milter as well, there is even 'non_smtpd_milters' parameter, which I can use to define milters that will only affect non-SMTP mails - exactly what I want; I just don't know which milter I could use for that[23:05:15] <SnYDer> Aprogas: I hope I don't need to write my own ;)[23:05:47] <SnYDer> Aprogas: recipient restrictions are only possible for smtpd, afaik[23:05:49] *** Dingofest2 has quit IRC[23:05:51] <rob0> SnYDer, I think the simplest way might be to write a wrapper for sendmail(1) which enforces your access policy.[23:06:12] <rob0> other than that, multiple instance[23:06:18] *** cambazz has quit IRC[23:06:26] <rob0> or, just block the use of sendmail[23:06:39] <SnYDer> rob0: or milter, I just don't know if suitable one exists ;)[23:07:04] *** Dingofest2 has joined #postfix[23:07:13] <SnYDer> rob0: I don't want to block, as I want them to be able to send mails locally, to each other (or to root)[23:07:27] *** uqlev has quit IRC[23:07:35] <SnYDer> (notifications from daemons, etc)[23:07:44] *** Jippi_mac has quit IRC[23:08:23] <rob0> here's a thought, $myorigin as a fake name. Even if they do send out, no site will accept a bad sender address.[23:08:40] <Aprogas> rob0: You'd be surprised. :)[23:08:56] <adaptr> does postscreen blacklist previous hits automatically ?[23:10:22] <SnYDer> rob0: but they can still send it, and I would like to block it on my end instead of forcing the other ones to do that[23:14:39] <cite> SnYDer: Supply a content_filter to pickup in master.cf. As content_filter, use a cloned smtp transport with smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfxi/list_of_mydomains, static:all:REJECT[23:14:51] <cite> SnYDer: Ask rob0 about the "static:foo:bar" syntax, I always get it wrong.[23:15:04] <cite> SnYDer: And replace "smtp transport" with "smtpd demone"[23:15:17] <adaptr> demons![23:15:30] <cite> adaptr: I heard they are everywhere these days.[23:15:34] <Aprogas> I think static: takes only one argument.[23:15:36] <SnYDer> cite: niiice idea :)[23:15:54] <SnYDer> cite: I'll definietely try it![23:16:17] <cite> SnYDer: er... smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfxi/list_of_mydomains, reject[23:16:18] *** jim_SFU has joined #postfix[23:16:25] <cite> I', just too tired right now it seems.[23:16:29] <SnYDer> cite: and you are sure it's posssible to define content_filter for pickup?[23:17:11] <cite> SnYDer: Yes. man 8 pickup mentions it, so does strings /usr/lib64/postfix/pickup | grep content_filter[23:17:26] *** bimbo has quit IRC[23:17:26] <SnYDer> cite: great :)[23:17:38] <SnYDer> cite: thanks a lot![23:18:16] <cite> SnYDer: I have no idea if this actually works :-)[23:18:42] <SnYDer> cite: if it does... I'll come back and let you know :)[23:18:55] <cite> You heard it, folks - he threatened me!!1![23:19:04] <SnYDer> ;D[23:19:25] *** ironm has quit IRC[23:19:44] <cite> adaptr: Did that package compile?[23:19:49] <adaptr> I'm running it[23:19:57] <adaptr> you left, quitter[23:19:59] <SnYDer> ok, thank you all once again and have a good nigh (at least in my country it's night now)[23:20:01] <adaptr> I tole all about it[23:20:33] *** SnYDer has left #postfix[23:20:39] <cite> adaptr: I just read the backlog. Good for you.[23:20:51] <adaptr> does postscreen blacklist previous hits automatically ?[23:20:58] <thumbs> oh hi cite[23:21:04] <cite> Previous hits on what, adaptr?[23:21:05] <adaptr> I couldn't be arsed to read the ENTIRE docs yet[23:21:07] <cite> hi thumbs[23:21:09] <adaptr> blacklists![23:21:18] <adaptr> does it have a me-mo-ry[23:21:30] <Aprogas> !tell adaptr dont[23:21:31] <knoba> adaptr: "dont" : Please don't be rude and repeat questions or shout (ask in all capital letters). No one here gets paid to be here, or to help you. If we waren't busy and we have some time, we might help you if we are able to. If no one here has answered you, it's because we are either unavailable, or we don't know the answer to your question. Just wait a while, and someone might help you. Thanks.[23:21:34] <Aprogas> :)[23:22:02] <cite> adaptr: Nope, it doesn't[23:22:20] <cite> thumbs: We finished our migration from httpd 2.0 to 2.2.16 and from tomcat 4 to tomcat 6.[23:22:29] <thumbs> cite: oh, cool beans.[23:22:32] <adaptr> for instance, you can configure it to only reject on DNSBL after other tests are done (continue, continue, drop) - so it WILL spend more time, but the reason it is ultimately dropped is still the blacklist hit. the first time, I want it to allow more checks, but the subsequent ones, drop it straight away as long as it is in th ecache[23:22:52] <cite> adaptr: postscreen can't do that[23:22:57] <adaptr> that made sense to me straight away, it probably didn't to wietse :P[23:23:04] <adaptr> bagger[23:23:21] <adaptr> I demandz a programming language interface to postfix![23:23:25] <adaptr> wantsit NOW[23:23:40] <cite> adaptr: As of know, postscreen doesn't care it it's slow (apart from dictionary lookups) - it's a single process which is MEANT to crunch through dozens of connections.[23:23:48] <cite> s/know/now/[23:23:55] <cite> adaptr: There _is_ a programming interface.[23:24:08] <cite> adaptr: Three, actually. SMTP, milters and policy demons.[23:24:11] <adaptr> I'm not talking about slow, I am talking about skipping the test entirely while a blacklisted IP is in th ecache[23:24:23] <adaptr> I thought it did do that - what else is the cache FOR[23:24:24] <cite> What would you gain by doing that?[23:24:35] <Aprogas> Postfix should just implement Sendmail rewrite rules.[23:24:47] <adaptr> erm.. allow a blacklisted IP to send mail if it behaves itself for the rest of the convo ?[23:25:05] <adaptr> ideally, a weighted decision on all checks[23:25:16] <adaptr> much the way SA works[23:25:30] <adaptr> SA can do DNSBL checks, but that' safter-queue[23:25:35] <cite> As I said, postscreen can't do that.[23:25:38] <adaptr> I KNEUW![23:25:40] <Aprogas> adaptr: Have you looked into policyd-weight or postfwd ?[23:25:47] <adaptr> I hate policy ds[23:25:53] <adaptr> I have postfwd, too lazy to config it yet[23:26:28] <Aprogas> Me too; but the example real world config looks usable.[23:26:30] <adaptr> sounds like a pain to config - I built 2.8 and got postscreen with 5 minutes of configging. THAT's what I need[23:26:47] <adaptr> if I knew how to build an SMTP server I probably would have[23:27:04] <cite> adaptr: Out of curiosity - did you run into any troubles building it with sqlite support (i.e. did you install libsqlite3-dev)?[23:27:31] <adaptr> it ran as you gave it to me, some warnings during linking I think, but no errors[23:27:40] <adaptr> I haven't actually tried a sqlite map[23:28:03] <cite> Those warnings are actually hints only - and they are all wrong. dh_shlibdeps is misbehaving there. They are no cause for concern.[23:29:44] *** Dingofest2 has quit IRC[23:30:19] *** Dingofest2 has joined #postfix[23:31:39] *** Matic`Makovec has quit IRC[23:31:52] <adaptr> I'm looking at my shiny new logs, looks good[23:31:55] *** jim_SFU has quit IRC[23:32:15] <cite> adaptr: Do you use pre-queue content filtering?[23:32:30] <cite> Forget that question.[23:32:35] <cite> What I wanted to know is in 2.7.[23:38:08] *** zeitsofa has left #postfix[23:39:09] *** makomi has quit IRC[23:41:10] *** feisar has quit IRC[23:42:37] *** Dingofest2 has quit IRC[23:45:29] *** Mark22 has quit IRC[23:47:10] *** Section1 has quit IRC[23:47:40] * adaptr really wanted to answer that question.. oh well[23:50:00] *** Southron has quit IRC[23:53:30] *** kl4m has quit IRC