September 4, 2010 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
September 4, 2010 [00:03:15] * rob0 tries to tweak seekwill's sarcasm detector circuitry[00:03:36] <seekwill> Ouch[00:06:42] *** friskd has joined #postfix[00:07:52] *** uqlev has joined #postfix[00:11:18] <tharkun> adaptr: any special config for awstats ?[00:12:52] *** uqlev has quit IRC[00:12:54] *** wdp has quit IRC[00:21:50] *** wdp has joined #postfix[00:28:11] *** smica has quit IRC[00:37:48] *** ohcibi has left #postfix[00:46:45] <adaptr> tharkun: it's pretty well documented; there's a perl coversion script for your logs, and a config template is included[00:47:06] <adaptr> you may have to fiddle with the whole for a bit, but once set up it runs nightly and works like a charm[01:01:35] <roe> I *hate* when mailserver's bounce/reject emails don't identify themselves.[01:07:46] <tharkun> adaptr: thx I'll look for those[01:07:54] *** tharkun has quit IRC[02:06:42] *** rcsheets` has quit IRC[02:12:46] *** rajijoom has joined #postfix[02:23:15] *** echelog has joined #postfix[02:27:27] *** grobe0ba|jackass is now known as grobe0ba[02:27:27] *** superbofh has quit IRC[02:35:17] *** superbofh has joined #postfix[02:35:53] *** _ruben has quit IRC[02:43:57] *** superbofh has quit IRC[02:47:03] *** loddafnir has quit IRC[02:47:46] *** tharkun has joined #postfix[02:53:47] *** bluethundr has quit IRC[03:01:59] *** _ruben has joined #postfix[03:06:50] <Linex> cannot create file exclusively[03:10:41] *** robotarmy has quit IRC[03:11:26] *** brancaleone has quit IRC[03:14:28] *** officecase has left #postfix[03:22:22] <seekwill> Anyone ever see emailsrvr.com?[03:25:57] <thumbs> seekwill: yes.[03:26:09] <seekwill> Do you know who they are?[03:26:18] <thumbs> seekwill: no[03:26:28] <thumbs> seekwill: but I've seen them.[03:26:29] <seekwill> Emails from that server gets classified as spam, when it shouldn't[03:26:43] <thumbs> seekwill: not here.[03:27:31] <seekwill> Not sure if it's them, or just us[03:28:03] <seekwill> oh, lol[03:28:13] <thumbs> seekwill: umm?[03:28:14] <seekwill> surbl hit[03:37:47] <tharkun> !RBL[03:37:47] <knoba> tharkun: "RBL" : short for "realtime black list". RBLs are DNS zones that can help your mail server to determine if an IP address is trusted. It's a great way to fight spam. See http://www.au.sorbs.net/ http://www.dnsrbl.net/ http://www.spamcop.net/ http://www.mail-abuse.org/ http://www.rfc-ignorant.org/[03:38:48] <tharkun> !DNSBL[03:38:48] <knoba> tharkun: "DNSBL" : DNS zones that can help your mail server to determine if an IP address is trusted. It's a great way to fight spam. See http://www.spamhaus.org/ZEN/ http://www.au.sorbs.net/ http://www.dnsrbl.net/ http://www.spamcop.net/ http://www.mail-abuse.org/ http://www.rfc-ignorant.org/[03:55:29] *** friskd has quit IRC[03:56:15] *** friskd has joined #postfix[04:04:43] *** weedar has quit IRC[04:07:46] *** neorise-rider has quit IRC[04:22:52] *** echelog has joined #postfix[04:24:47] <kad_> when i telnet my Postfix, there's 250-STARTTLS, but why when i configure SMTP to use "TLS" under outlook it fail?[04:25:08] <rob0> !outlook[04:25:08] <knoba> rob0: "outlook" : MS Outlook has numerous problems with TLS and AUTH support. Try using a better client to troubleshoot your Postfix server's AUTH features; then once you know it works, you can go back and break it such that Outlook will work. See the following MS KB article to enable transport logging in Outlook that may be of some help in troubleshooting, http://support.microsoft.com/kb/300479/en-us[04:25:13] <rob0> !tlstest[04:25:14] <knoba> rob0: "tlstest" : starting with OpenSSL 0.9.7, you can test the server-side TLS with the following: openssl s_client -starttls smtp -connect localhost:587 (or 25, accordingly).[04:27:12] <kad_> 9704:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:601[04:29:58] <kad_> try using "Evolution" , same thing[04:30:24] <kad_> i did as "https://help.ubuntu.com/community/Postfix"[04:31:07] <kad_> i check logs: Out: 454 4.7.0 TLS not available due to local problem[04:33:32] *** weedar has quit IRC[04:38:38] *** sherr has quit IRC[04:51:43] *** kad_ has quit IRC[04:59:13] *** robotarmy has joined #postfix[05:09:22] *** MAAAAAD has joined #postfix[05:13:34] *** MAAAAD has quit IRC[05:16:52] *** BlackBishop has joined #postfix[05:26:05] *** tjz has joined #postfix[05:26:09] <tjz> Hey guys[05:26:59] <tjz> i have this error:[05:27:01] <tjz> "Failed to save alias : Failed to regenerate table /etc/postfix/virtual: "[05:27:15] <tjz> any idea what is wrong?[05:27:16] <Trengo> disk full?[05:27:20] <tjz> oh[05:27:26] <tjz> hmm[05:27:35] <tjz> hard disk still have plenty of space[05:27:40] <tjz> about 5gb free space[05:27:55] <Trengo> FS error?[05:27:59] <Trengo> check dmesg?[05:29:09] <tjz> no message related to the error[05:31:08] <Trengo> check whats in /etc/postfix/ ?[05:31:09] <rob0> Not a Postfix error message. You're probably using some kind of frontend which is broken.[05:37:19] *** tharkun has quit IRC[05:43:01] *** hooch has quit IRC[05:44:43] *** hooch has joined #postfix[05:54:29] <tjz> rob0, roger that[05:59:57] *** leroux has joined #postfix[06:08:15] *** omry has joined #postfix[06:14:23] <CrazyFoam> looking at FILTER_README, would it be wrong to return EX_TEMPFAIL when my filter fails? i'd rather defer than bounce[06:25:09] <omry> Hi, I am trying to use startssl certificate with postfix and dovecot, currently I am using a self signed cert. not sure what kind of certificate I need to generate.[06:27:51] *** uqlev has joined #postfix[06:28:57] <CrazyFoam> could my fitler shell script simply be: (/bin/cat | /usr/bin/spamc | /usr/sbin/sendmail -G -i "$@") || ext 75[06:31:25] *** uqlev has quit IRC[06:31:55] *** uqlev has joined #postfix[07:06:15] *** devdas has joined #postfix[07:32:32] *** omry has quit IRC[07:45:51] <standon> rob0: waoh, re: alif's latest post.[07:46:04] <Nombrandue> ok, new fun problem with my now working postfix setup. It is claiming no server TLS certificates are availible, but I have them configured VIA the smtpd_tls settings[07:46:32] <joschi> Nombrandue: are the files accessible by postfix?[07:46:50] <Nombrandue> should be yes, as they are being used by the LDAP configuration[07:47:09] <joschi> Nombrandue: which doesn't mean that the postfix user can access them...[07:47:29] <joschi> Nombrandue: also paste the output of `postconf -n` (see topic!)[07:47:39] <Nombrandue> the virtual user and dovecot can access them[07:48:55] <Nombrandue> offs, I though there was a pastebin in the topic, lol, wait till I dig up a good one and get that info in there[07:50:04] <Nombrandue> http://pastebin.com/6yGSkwn8[07:54:12] <rob0> standon: /msg?[07:55:31] <joschi> Nombrandue: smtp_tls_* != smtpd_tls_*. fix your main.cf if you want your smtp*d* to be able to speak TLS[07:57:46] <Nombrandue> yeah, that worked, now I feel about retarded, thanks though[08:21:01] <CrazyFoam> can i use -ocontent_filter on smtp and pickup that is conditionally executed (for smtp if received from $mynetworks, for pickup if uid != spamd)?[08:46:37] *** sherr has joined #postfix[08:54:31] *** tjz has quit IRC[09:12:26] *** wdp has quit IRC[09:32:18] *** Matic`Makovec has joined #postfix[09:35:23] *** henriknj has joined #postfix[09:59:43] *** smica has joined #postfix[10:00:31] *** loddafnir has joined #postfix[10:01:37] *** hever has joined #postfix[10:11:13] *** wdp has joined #postfix[10:15:37] *** cga has joined #postfix[10:27:16] *** hever has quit IRC[10:28:48] *** hever has joined #postfix[10:32:39] *** hever has quit IRC[10:33:45] *** hever has joined #postfix[10:34:44] *** swombat has joined #postfix[10:36:31] *** cga_ has joined #postfix[10:38:13] <BlackBishop> "[10:38:15] *** cga__ has joined #postfix[10:38:15] <BlackBishop> SMTP server does not support authentication"[10:38:25] <BlackBishop> this is nice :| I wonder what I did wrong ..[10:39:20] <GNU\colossus> do you have a SASL provider set up?[10:40:27] *** cga has quit IRC[10:41:14] <BlackBishop> cyrus-sasl ..[10:41:51] *** cga_ has quit IRC[10:42:22] <BlackBishop> I didn't have it started ..[10:42:29] <BlackBishop> now I get [SMTP: Failed to connect socket: Connection refused :)[10:45:05] <GNU\colossus> do you have the SASL provider create the UNIX socket with the right path?[10:46:15] *** swombat has quit IRC[10:46:21] *** weedar has joined #postfix[10:46:28] <BlackBishop> I can't find its conf :/[10:47:11] <BlackBishop> ow /etc/sysconfig/saslauthd SOCKETDIR=/var/run/saslauthd[10:47:29] *** swombat has joined #postfix[10:50:05] <BlackBishop> by provider you mean the authlib ?[10:50:52] <Aprogas> Have you read the SASL readme? Have you put postconf -n, relevant logs and relevant configs on a pastebin?[10:51:17] <Aprogas> Are you even sure you need SASL altogether?[10:51:31] <BlackBishop> well .. I want courier's authlib + mysql[10:52:08] <Aprogas> So you are making an MSA for a group of clients?[10:53:26] <BlackBishop> yup[10:55:27] <BlackBishop> one second .. why the heck does my /usr/local/postfix/usr/sbin/postconf try to read files from /etc/postfix[10:56:10] <BlackBishop> and why is my /usr/local/postfix/usr/sbin/postfix trying to do /usr/local/postfix/etc/postf/main.cf /usr/libexec/postfix/postfix-script ?![10:56:54] <BlackBishop> he should be using /usr/local/postfix/usr/libexec/postfix/postfix-script :|[10:56:57] *** wdp has quit IRC[10:57:12] <uqlev> BlackBishop, what i your OS, how did you install postfix? source or package?[10:58:01] *** Jippi_mac has joined #postfix[10:58:17] <BlackBishop> source[10:58:52] <BlackBishop> used make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl’ 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib64/sasl2 -lsasl2'[10:59:08] <BlackBishop> and as install_dir I specified /usr/local/postfix and left the rest alone[11:00:47] *** cga has joined #postfix[11:00:50] *** cga__ has quit IRC[11:01:07] <BlackBishop> what did I miss ? :/[11:01:24] <Aprogas> BlackBishop: postconf | egrep 'directory|path' ; set all those up correctly, config_directory should probably be passed before starting Postfix to make sure it finds the right config.[11:01:41] <uqlev> BlackBishop, when you assign dirs manually prepare for troubles, some of them might be hardcoded[11:02:04] <BlackBishop> I just deleted my old /etc/postfix[11:02:13] <BlackBishop> so .. postconf now says ./postconf: fatal: open /etc/postfix/main.cf: No such file or directory[11:02:26] <Aprogas> uqlev: I highly doubt any dirs are hardcoded.[11:02:49] <uqlev> Aprogas, including taken from env[11:03:25] *** rajijoom has quit IRC[11:03:39] <Aprogas> BlackBishop: So direct postconf to the right place. If you want to use non-default locations, you must specify them.[11:06:57] <BlackBishop> hmmm[11:07:01] * BlackBishop sees the problem[11:08:45] *** jonez has quit IRC[11:13:39] *** cga_ has joined #postfix[11:13:45] * sedstapler wonders why distros hesitate with packaging policyd 2.x[11:14:57] <Aprogas> What can policyd 2.x do?[11:15:02] <Aprogas> Sounds rather generic.[11:15:13] <sedstapler> Aprogas: use other databases than just MySQL[11:15:30] *** VaNNi has quit IRC[11:16:01] <Aprogas> Yes, but what does it actually do?[11:16:25] *** cga has quit IRC[11:16:43] <sedstapler> policyd: greylisting, SPF, DNS black listing, possibly more[11:17:15] <sedstapler> Aprogas: I have no experience with it and will probably just use postgrey & policyd-weight instead[11:17:40] <Aprogas> Or postfwd & tumgreyspf; many options available.[11:17:47] <Aprogas> Personally I am going to try without greylisting first.[11:18:10] <sedstapler> Greylisting did wonders to my really old mail accounts that get tons of spam[11:18:20] <sedstapler> and I haven't missed a mail that I knew of in years[11:18:29] <Aprogas> policyd-weight already does those wonders; I am not sure how much greylisting will add to that.[11:19:06] *** master_of_master has quit IRC[11:19:16] <Aprogas> I consider it rude to greylist everybody, so I only want to greylist those that were slightly dubious during postfwd, but not enough to reject. e.g. hitting only 1 DNSBL[11:21:19] <sedstapler> that's a good point[11:23:34] <Aprogas> A policyd can return a restriction (class) so you can use that to decide who to greylist.[11:24:13] <sedstapler> is postfwd capable of greylisting on its own?[11:24:18] <Aprogas> No.[11:25:39] <BlackBishop> now I'm getting somewhere .. Sep 4 05:30:23 yourface postfix/smtpd[22992]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms[11:25:59] *** VaNNi has joined #postfix[11:25:59] *** master_of_master has joined #postfix[11:31:19] <Aprogas> Tip for running multiple policyd's/filters. Run them at ports in order of how they are checked.[11:31:37] <sedstapler> Aye, good tip.[11:31:46] <Aprogas> I have postfwd at 10022, reserved 10023 for tumgreyspf, amavis on 10024, reinject on 10025[11:33:51] <BlackBishop> http://d3xt3r01.pastebin.com/T58WaPi2[11:34:19] <BlackBishop> altough I think postconf read alot of the defaults because my main.cf doesn't have all that stuff :)[11:34:40] *** hever has quit IRC[11:36:04] *** uqlev has quit IRC[11:36:08] <adaptr> BlackBishop: every postfix setting has a default[11:36:51] <BlackBishop> thought so :)[11:37:25] <Aprogas> Where sometimes being unset is the default.[11:38:54] *** cga__ has joined #postfix[11:39:16] <BlackBishop> I think I needed cyrus-sasl-plain too .. now "cannot connect to Courier authdaemond: Permission denied" :)[11:39:23] <BlackBishop> getting better and better[11:40:49] *** brancaleone has joined #postfix[11:42:24] <Aprogas> !tell BlackBishop sasl[11:42:24] <knoba> BlackBishop: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[11:42:33] *** cga_ has quit IRC[11:42:50] *** cga__ is now known as cga[11:43:14] <BlackBishop> chmod o+x /usr/local/courier-authlib/var/spool/authdaemon/ solved that part[11:43:21] *** wdp has joined #postfix[11:44:55] <BlackBishop> and it's working ! :)[11:45:05] * BlackBishop hates paths[11:46:45] *** Alexie has joined #postfix[11:47:18] <sysmonk> actually, paths hate BlackBishop[11:47:23] <BlackBishop> that too[11:47:45] *** xabbuh has joined #postfix[11:47:45] <Alexie> Morning, I've just discovered my postfix isn't passing messages to clamav-milter. I have tested it with the eicar file and it doesn't flag it.[11:47:51] <Alexie> What do I need to check?[11:48:29] <Alexie> # SMTP MILTERS[11:48:29] <Alexie> smtpd_milters = unix:/var/run/clamav/clamav-milter.sock[11:48:29] <Alexie> milter_default_action = accept[11:48:29] <Alexie> <-- in my main.cf file[11:48:31] <sysmonk> your configuration[11:48:35] <Alexie> so i am puzzled as to why it isn't working[11:48:41] <sysmonk> and your reading skills, especially topic reading skills[11:50:52] <Alexie> http://pastebin.com/ERRwnSSH[11:51:20] *** cga_ has joined #postfix[11:52:18] *** xabbuh has quit IRC[11:52:40] *** xabbuh has joined #postfix[11:53:36] <sysmonk> why does everyone only read half of the topic :([11:54:52] <Alexie> !welcome[11:54:53] <knoba> Alexie: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[11:54:55] *** xabbuh has quit IRC[11:55:21] *** cga has quit IRC[12:01:18] *** weedar has quit IRC[12:01:33] <joschi> Alexie: have you checked whether the clamav-milter is working at all? with milter_default_action=accept, you won't notice errors. also check your logs[12:03:05] <Alexie> OK I'll change default action to tempfail and see what happens[12:04:35] <Alexie> Hmm, tempfail isn't flagging errors[12:04:51] <Alexie> I wonder if its bypassing milter for local mail?[12:04:54] *** mandragor has joined #postfix[12:06:19] <Alexie> perhaps I should change master.cf so that incoming mail gets directed to the clamav-milter first for processing[12:10:48] <Aprogas> Are you sure you want to run virusscanning before-queue?[12:14:20] <Alexie> Ok, perhaps if I explain my setup you might be able to suggest the best way to get mails scanned by clamav. Every 15 mins I have a cronjob that runs fetchmail which drops email into postfix for delivery[12:14:52] <Alexie> For some reason this stopped working last June and I did not discover this until last nigtht[12:16:17] <Aprogas> Why fetchmail? You have broken the SMTP-chain already.[12:16:54] <Aprogas> Silently breaking is one of the reason why you wouldn't want to do this in most environments.[12:16:54] <Alexie> I can't get email delivered to me directly, I have to pick it up and drop it into my mailbox[12:17:05] <Aprogas> Why can't you get it delivered directly?[12:17:51] <joschi> Alexie: fetchmail will use the sendmail binary to deliver the mails to postfix. smtpd_milters only acts when smtpd is used[12:18:22] <Alexie> So if I get fetchmail to deliver to the smtpd iit will scan the messages[12:18:23] <Alexie> ?[12:18:37] <Aprogas> I think you should redesign your entire mail delivery.[12:18:57] <joschi> Alexie: just think a minute about it. what would fetchmail do, if it deliverd mail via SMTP to postfix and the mail is rejected?[12:19:10] <joschi> s/deliverd/delivered/[12:19:13] <Aprogas> Who is your MX? If you cannot deliver directly, have the MX use SMTP to deliver on a non-standard port, in an encrypted tunnel, or something like that.[12:19:23] <Alexie> I dion't have a Mx[12:19:28] <Aprogas> That way if something breaks, SMTP will take care of it, with bounces and whatnot.[12:19:41] <Aprogas> Do you have a domain ?[12:19:49] <Alexie> Yes but it's hosted elsewhere[12:19:57] <Alexie> I pick up email from there[12:20:12] <Aprogas> The MX is most likely set to a server run by them.[12:20:57] <Aprogas> Why can't mail be delivered directly to you?[12:21:38] <Alexie> Because my IP changes as I am on a laptop[12:22:03] <Alexie> doesn't fetchmail deliver directly to smtp on port 25?[12:22:59] <Aprogas> I think fetchmail calls the sendmail binary; but it might support SMTP-delivery.[12:23:33] <Alexie> it does, i just checked the docs for fetchmail[12:23:45] <Aprogas> Why are you running a mailserver on a laptop? Even then, I have a somewhat dynamic IP-address too, but I still forward by SMTP from my MX to my personal server.[12:24:32] <Aprogas> I also recommend not running clamav as a milter, but instead setting using clamsmtp. This way Postfix can quickly accept and queue all the mail that fetchmail feeds it; and then scan it on its own time.[12:24:34] <Alexie> I run postfix to deliver the mail from fetchmail to my mailbox[12:24:53] <Aprogas> Hmmppf. Maybe fetchmail can do that for you too.[12:25:07] <Alexie> Aha, clamsmtp might be the answer. I will try that[12:25:11] <Aprogas> Or maybe you can just configure the POP/IMAP host that fetchmail is using in your MUA directly.[12:25:26] <Aprogas> And remove both fetchmail and postfix from the chain.[12:25:44] <joschi> Alexie: http://fetchmail.berlios.de/fetchmail-man.html#9[12:26:11] <joschi> Alexie: but why not use disconnected imap instead? or something like imapsync, offlineimap etc.[12:26:17] <Alexie> joschi: that's right, fetchmail defaults to localhost[12:27:36] <Alexie> joschi: using offline imap would be ideal if I didn't need to scan my mail for viruses[12:27:59] <joschi> Alexie: let the MUA do that in your case[12:28:40] <Alexie> Perhaps I'm confusing MTA with MUA[12:29:05] <joschi> MUA == your mail client[12:29:27] <Alexie> Evolution doesn't do virus scanning, but its antispam faciity works very well[12:39:46] <Alexie> thank you very much, folks, clamsmtp is now working very well[12:39:52] * Alexie is happy[12:40:07] <Alexie> now to test it with an eicar file[12:40:22] <Aprogas> I still think your setup is overly complex.[12:41:00] <Alexie> with content scanning do I still need clamav-milter?[12:41:45] <Aprogas> No, but you will need clamav.[12:41:54] <Alexie> I'm keeping clamav, not to worry[12:43:26] <Alexie> ok now to read the clamsmtp docs on how to get notification if I get sent a virus, if that happens I need to know about it[12:53:48] *** brancaleone has quit IRC[12:53:49] *** makomi has joined #postfix[13:03:25] *** rajijoom has joined #postfix[13:04:46] *** alys has joined #postfix[13:05:02] *** alys has quit IRC[13:16:03] *** SnYDer has left #postfix[13:20:03] *** swombat has quit IRC[13:24:22] *** rajijoom has quit IRC[13:33:00] *** havoc has quit IRC[13:33:52] *** havoc has joined #postfix[13:34:07] <Alexie> ok all done, clamsmtp now working to my total satisfication. Many thanks for pointing me in the right direction[13:34:30] *** grobe0ba is now known as grobe0ba|away[13:42:23] *** Alexie has left #postfix[13:43:01] *** rajijoom has joined #postfix[13:50:40] *** daguz has quit IRC[13:51:04] *** Tom-B has joined #postfix[13:52:58] *** UQlev has joined #postfix[13:53:52] *** smica has quit IRC[13:59:00] *** rajijoom has quit IRC[14:00:27] *** swombat has joined #postfix[14:11:32] *** jense has quit IRC[14:15:18] *** pinoyskull has joined #postfix[14:15:36] *** devdas has quit IRC[14:22:25] *** jense has joined #postfix[14:37:30] *** wdp_ has joined #postfix[14:39:48] *** wdp has quit IRC[14:46:42] *** makomi has quit IRC[14:53:08] *** higuita has joined #postfix[14:54:11] *** cambazz has joined #postfix[14:54:42] <cambazz> hello can anyone hear?[14:55:06] <cambazz> how can I do mutt and postfix[14:55:28] <cambazz> i currently use postfix + cyrus sasl to get mail delivered with imap[14:55:38] <cambazz> but in emergency situations i want console access[14:55:41] <cambazz> pine or mutt[14:55:45] <cambazz> working with maildir[14:57:28] <joschi> cambazz: and what's your question?[14:57:56] <cambazz> well mail in this system gets delivered to /home/user/MailDir/[14:58:37] <cambazz> and inside the Maildir there are files like dovecto.index.cache dovecot... cur/ new/ tmp/[14:58:57] *** pinoyskull has quit IRC[14:59:09] <cambazz> and i want to know if mutt can read these because i have no way of changing how the mail gets delivered[14:59:50] <adaptr> !mutt[14:59:51] <knoba> adaptr: "mutt" : a nifty console-based email client. URL: http://www.mutt.org/ Motto: All mail clients suck. This one just sucks less.[15:00:31] <BlackBishop> cambazz: just configure mutt to connect to your imap ...[15:01:03] <joschi> cambazz: yes, mutt can access Maildir files natively[15:01:14] <cambazz> well this is what i have done and it works[15:01:32] <cambazz> set folder /home/user/Maildir[15:01:40] <cambazz> set mbox spoolfile to the same thing[15:01:49] <cambazz> and set mbox_type=Maildir[15:02:00] <BlackBishop> so the question is ... ?![15:02:08] <cambazz> but i am wondering now what will happen to my thunderbird[15:02:12] <cambazz> i mean imap[15:02:17] <adaptr> it wil esplode!!11[15:02:27] <cambazz> BlackBishop: i think i solved the question[15:11:30] *** makomi has joined #postfix[15:16:08] *** higuita has quit IRC[15:18:49] *** higuita has joined #postfix[15:29:32] *** henriknj has quit IRC[15:34:35] *** jonez has joined #postfix[15:35:54] *** henriknj has joined #postfix[15:38:53] *** cga has joined #postfix[15:40:43] *** cambazz has quit IRC[15:54:48] *** makomi has quit IRC[16:03:54] *** biggimat has joined #postfix[16:04:47] *** famicom has quit IRC[16:05:17] *** famicom has joined #postfix[16:07:14] *** Matic`Makovec has quit IRC[16:08:28] *** pinoyskull has joined #postfix[16:10:17] *** mandragor has quit IRC[16:31:32] *** higuita has quit IRC[16:34:03] *** higuita has joined #postfix[16:41:25] *** UQlev has quit IRC[16:41:54] *** higuita has quit IRC[16:44:23] *** higuita has joined #postfix[16:57:25] *** pkkm has joined #postfix[16:58:21] <pkkm> How to set type to 'Satellite system' (currently it is 'Internet site') without loosing configuration files?[17:00:53] <Aprogas> Are you talking about some magical preconfigurations built into the package of Postfix on your OS? I don't think these are official Postix "modes".[17:02:39] <Aprogas> If you describe what you want your Postfix to do, we can point you in the right direction.[17:02:54] <Aprogas> Many times it turns out people don't even need Postfix at all, what they want to do is much simpler.[17:15:57] <pkkm> I want all mail to be transfered through a smarthost, not directly.[17:16:25] <pkkm> I'm using apt (dpkg) on debian lenny.[17:17:24] <Aprogas> !tell pkkm nullclient[17:17:24] <knoba> pkkm: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[17:18:29] <pkkm> !nullclient_software[17:18:29] <knoba> pkkm: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include esmtp, ssmtp and nullmailer. also see !msa[17:24:05] <pkkm> ok. which nullclient is the best?[17:27:16] <Aprogas> I have no personal experience with any, if you needs are simple and your volume is low, it will hardly make a difference which one you need.[17:31:38] *** uqlev has joined #postfix[17:39:51] <pkkm> I need STARTTLS and multiple autorization types (especially for GMail) and ability to work under high load.[17:40:37] <Aprogas> Find a nullclient that supports those things; I suspect nearly all of them will support TLS and SASL.[17:41:09] <Aprogas> Although you probably want to find out how many emails the smarthost you will use is going to allow you to send.[17:46:43] <pkkm> Very many. It's Google Apps.[17:51:18] *** uqlev has quit IRC[17:52:34] <Aprogas> Seems esmtp is no longer being maintained.[17:59:31] <pkkm> can ssmtp properly handle GMail and Google Apps Mail?[18:00:15] <Aprogas> Seems ssmtp is no longer being maintained either.[18:00:30] <Aprogas> Or maybe it is, hard to find out.[18:10:10] <pkkm> But what is advantage of using a nullclient instead of Postfix?[18:10:22] <pkkm> The writer of bssmtp and maintainer of ssmtp said himself "I have now switched back to using Postfix on my laptop."[18:10:50] <pkkm> And it does not queue messages.[18:12:21] <pkkm> I want my mail delivery program to be able to handle about 2-5 messages per second. It would be better for it to connect once and send mails from some period of time, instead of connecting 5 times / second.[18:13:09] <pkkm> Or is there anything I don't know about that makes nullmailer far more approperiate?[18:19:42] *** kad_ has joined #postfix[18:19:58] *** wdp_ has quit IRC[18:20:20] <kad_> hey need to ask about this info " statistics: max connection rate 4/60s" ( i know this is just statistics but is there any action would take by postfix if it receive many mails within 60 seconds? thx[18:20:48] <Aprogas> The defaults are very permissive, I think only concurrent connections are limited.[18:21:36] *** Southron has joined #postfix[18:21:36] <Aprogas> !tell kad_ tuning[18:21:36] <knoba> Aprogas: Error: No factoid matches that key.[18:21:45] <Aprogas> !tell kad_ performance[18:21:45] <knoba> kad_: "performance" : Having postfix performance issues? See the 'Bottleneck analysis' and 'Performance tuning' pages under the 'Problem solving' section of http://www.postfix.org/documentation.html[18:24:02] *** pkkm has quit IRC[18:26:15] <Aprogas> Tuning readme mostly.[18:27:35] <kad_> ya the "Postfix Performance Tuning"[18:28:03] <kad_> it's important to see =)[18:28:30] <Aprogas> Only if you are having performance issues.[18:35:25] *** pkkm has joined #postfix[18:38:03] <cga> Aprogas: i finally did TLS on smtp. The only thing I'd like to improve is to set smtpd_tls_security_level to encrypt , but you said it's not a good idea because it'll beak things, correct? why?[18:38:38] <Aprogas> If you are an MX, you must be reachable on port 25, and not require TLS or SASL or other such restrictions.[18:38:52] <Aprogas> Requiring TLS on your submission port (587) is fine; in fact, that might be mandatory.[18:41:05] <cga> Aprogas: my MX resides elsewhere, only smtp is on server. i enabled submission in master.cf but how can i check if that is set correctly? if i try to enforce in main.cf as above mentioned, i get this message: (TLS is required, but was not offered by host 127.0.0.1[127.0.0.1])[18:41:46] <Aprogas> What is the role of this server?[18:42:21] <cga> Aprogas: it's my private server w/ blog and mail server.[18:42:43] <cga> and more to come i guess. it's my testbed server where i learn things[18:42:52] <Aprogas> Why does it have a mailserver? Please describe the role of this mailserver.[18:43:03] <Aprogas> You said another mailserver already has the role of MX.[18:43:10] <cga> oh i see[18:43:17] <cga> darn[18:43:18] <Aprogas> So this is your MSA ?[18:44:05] <cga> i'm mistaken. this is my mx too, since DNS mx record point to it. sorry for confusion. i'm still a little practiced (if this is even english :P)[18:44:39] <cga> in short: every part of the mail server reside on this server[18:46:51] <Aprogas> Please give me the pastebin links again to your postconf -n, master.cf and other relevant information. If possible put them on the same pastebin, so I don't need 5 tabs.[18:47:33] <cga> Aprogas: ok[18:50:37] <cga> Aprogas: http://pastebin.com/SCD7dnhT (i hope taht's enough)[18:51:51] *** sherr has quit IRC[18:54:05] <Aprogas> I'd put bl.spamcop.net after zen.spamhaus.org, or remove it altogether.[18:54:32] <Aprogas> zen.spamhaus.org has 159490 entries, bl.spamcop.net 37892[18:54:32] <cga> Aprogas: ok thanks, moving it under[18:55:11] <cga> not good to have both? only first will be used?[18:55:23] <Aprogas> You also seem to use policyd-weight, you might want to remove the reject_rbl's from Postfix restrictions altogether.[18:55:37] <Aprogas> More blacklists increases the chance of false positives, and increases DNS traffic.[18:55:49] <Aprogas> Since zen.spamhaus.org is so big, I think it contains most if not all of bl.spamcop.net[18:56:06] <Aprogas> And you might also be using bl.spamcop.net later in your policyd-weight[18:56:07] <cga> i see, i'm going to improve that now, i was only waiting to finish TLS[18:56:20] <Aprogas> I'm just reading your config linearly.[18:56:27] <cga> of course[18:56:34] <cga> oh sorry...[18:56:46] <cga> i meant: i'm going to improve that now, i was only waiting to finish TLS fisrt.[18:56:54] <Aprogas> I advise against reject_unknown_helo_hostname, that's a little harsh, and policyd-weight already has things to handle that.[18:57:21] <cga> ok[18:57:52] <cga> i still have to understnd how tumgreyspf (only spf) and policyd-weight integrate and work wih postfix.[18:58:51] <Aprogas> Basically Postfix feeds them a bunch of information, and they reply with "action=something" e.g. "action=OK" or "action=REJECT"[18:59:14] <cga> * ...and how to configure them properly[18:59:24] *** xpeed has joined #postfix[18:59:26] <Aprogas> All your options to submission in master.cf are commented out; is that intentional?[18:59:56] <cga> Aprogas: yes because those lines are already in main.cf , wrong?[19:01:00] <Aprogas> You can override main.cf settings in master.cf with -o[19:01:12] <cga> i see[19:01:26] <Aprogas> It is okay to have level=encrypt on submission[19:01:36] <cga> so that enforce there will enforce it only on submission but leave may on smtp?[19:01:41] <Aprogas> And you might want to use a different list of _restrictions for the submission[19:01:57] <cga> ok, those are debian default commented lines[19:01:57] <Aprogas> e.g. remove permit_sasl_auth from your normal restrictions, and put that only on submission[19:02:22] <Aprogas> You might need to clear out some other restriction lists for your submission-service too.[19:02:36] <Aprogas> I prefer grouping all restrictions under recipient, but YMMV.[19:04:12] * cga has to learn a lot still.[19:04:27] <cga> Aprogas: where i can find a good explanation of submission?[19:04:34] <Aprogas> !tell cga submission[19:04:35] <knoba> cga: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[19:04:42] <Aprogas> Oh, that factoid.[19:04:47] <Aprogas> Not sure how useful that .pdf is.[19:04:52] <cga> k[19:06:06] <cga> it says: NOT suitable for mail exchange , that is still valid?[19:06:24] <Aprogas> Submission exists to differentiate between mailservers talking to eachother, and clients submitting their emails to a mailserver. In practice it turned out that while similar, other needs, restrictions, etc. apply to each mode of operation; so it is easier to seperate those.[19:06:46] <Aprogas> That means that mailservers don't talk on eachother's submission port.[19:07:16] <cga> ok[19:09:36] <Aprogas> Unless one mailserver is using the other as smarthost, I guess.[19:15:48] <cga> Aprogas: if i remove permit_sasl_auth from main.cf and leave it only in master.cf under submission i get blocked by spamhaus PBL[19:16:06] <cga> i put it back as it was.[19:16:39] <cga> or can i sove it differently?[19:16:42] <cga> solve*[19:18:05] * cga rolls up[19:18:30] * cga rolls up a cigarette. (damn , today my fingers won't listen to me)[19:25:45] <cga> Aprogas: this is the reject with your suggested config: http://pastebin.com/rdg7fJ0x[19:26:04] *** makomi has joined #postfix[19:26:48] <Aprogas> !tell cga access[19:26:49] <knoba> cga: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[19:26:55] <cga> thanks[19:27:08] <Aprogas> Any _restriction not overriden in master.cf, will be used as in main.cf[19:27:34] <Aprogas> That is why seperating submission is so useful; you can trust your authenticated clients, and skip many of the checks.[19:27:53] <Aprogas> But for your public port, you would do many checks to refuse "bad" mail.[19:28:30] <cga> i see[19:28:32] <Aprogas> So basically if you specify client_restrictions that you don't want to use for submission, you must set them again in master.cf "-o smtpd_client_restrictions=" makes the existing list empty for submission[19:29:25] <cga> i'll read that doc in 5 minutes. i gotta cut my brother's hairs now :/ he's going out and needs me. thanks a lot for now Aprogas, hope to continue this with you later. if possible. i hope you odn;t mind[19:30:03] * cga saves logs[19:34:03] *** sherr has joined #postfix[19:37:19] *** weedar has joined #postfix[19:37:48] *** mtrg has joined #postfix[19:37:49] *** mtrg has joined #postfix[19:38:12] <mtrg> Hello. can I decide which directory a mail goes into via a Milter plugin?[19:38:33] <mtrg> mainly, Junk or Inbox directories, on per user basis[19:50:48] <Zerberus> mtrg: no[19:51:14] <mtrg> so a milter is about allow/drop only[19:51:26] <mtrg> well, ignore that statement[19:51:52] <Zerberus> use the filter language your LDA uses, i.e. sieve[19:52:02] <mtrg> LDA?[19:52:22] <mtrg> such as dovecot?[19:52:51] <kad_> what cause this error " warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory" although "/etc/sasldb2:" found[19:53:20] <mtrg> kad_: permision? i'm n00b, but just a guess[19:53:51] <Zerberus> !tell kad_ chroot[19:53:51] <knoba> kad_: "chroot" : The fifth column in master.cf, if not n , means that the Postfix process described on that line runs in a chroot, see !debug , !queue_directory and files in the examples/chroot-setup subdirectory of the Postfix source archive which show examples of a Postfix chroot environment on a variety of systems[19:54:16] <kad_> i give postfix[19:54:22] <kad_> r+w permission[19:54:54] <Aprogas> kad_: file permissions, chroot, wrong configuration, etc.[19:55:12] <mtrg> chroot makes most sense IMO[19:55:58] <Aprogas> mtrg: sieve, maildrop and procmail can do filtering[19:56:24] *** rajijoom has joined #postfix[19:56:48] *** makomi has quit IRC[20:01:56] *** rajijoom has quit IRC[20:03:23] *** rcsu has joined #postfix[20:19:42] *** hparker has joined #postfix[20:28:46] <kad_> it works not ,[20:29:33] *** kad_ has quit IRC[20:31:04] *** Alagar1 has left #postfix[20:32:26] *** jlaunay has quit IRC[20:36:37] *** hparker has quit IRC[20:38:02] *** pinoyskull has quit IRC[20:41:54] *** tharkun has joined #postfix[20:47:13] <tharkun> cite: I installed the 2.8 .dev of postifix on a squeeze machine. ( I know it is supposed to be for lenny ) It is working like a charm. I have yet to test the sqlite part of it[20:52:43] *** tharkun has quit IRC[20:55:31] *** mtrg has quit IRC[20:55:42] *** mtrg has joined #postfix[21:04:09] *** devdas has joined #postfix[21:05:59] *** Linex has quit IRC[21:15:22] *** wdp has joined #postfix[21:22:32] *** pkkm_ has joined #postfix[21:26:23] *** pkkm has quit IRC[21:43:27] *** makomi has joined #postfix[21:45:46] *** lepine_ has joined #postfix[21:49:00] *** lepine has quit IRC[21:49:20] *** BlackBishop has left #postfix[21:50:10] *** jdoe has quit IRC[21:50:20] *** jdoe has joined #postfix[21:51:59] *** MAAAAAD has quit IRC[21:59:43] *** s0ber_ has quit IRC[22:01:14] *** wdp has quit IRC[22:01:33] *** s0ber has joined #postfix[22:03:04] *** henriknj has quit IRC[22:05:49] *** pkkm_ has quit IRC[22:06:55] *** devdas has quit IRC[22:09:54] *** henriknj has joined #postfix[22:10:10] *** higuita has quit IRC[22:12:02] *** leroux has joined #postfix[22:12:49] *** higuita has joined #postfix[22:16:06] *** leroux has quit IRC[22:22:15] *** uqlev has joined #postfix[22:29:28] *** wdp has joined #postfix[22:35:57] *** smica has joined #postfix[22:54:07] *** ghoti has quit IRC[22:54:19] *** ghoti has joined #postfix[22:54:27] *** weedar has quit IRC[23:05:15] *** TomHome has joined #postfix[23:15:06] *** wdp has quit IRC[23:19:37] *** rcsu has quit IRC[23:39:03] *** uqlev has quit IRC[23:48:24] *** tharkun has joined #postfix