September 20, 2010 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
September 20, 2010 [00:04:46] *** schnoobby has quit IRC[00:11:13] <Aprogas> Whoops, mail forwarding loop. :)[00:21:32] *** neorise-rider has joined #postfix[00:23:33] *** TomHome has quit IRC[00:29:04] *** lepine has quit IRC[00:30:41] *** lepine has joined #postfix[00:36:02] *** Vivek has joined #postfix[00:36:17] *** Vivek has joined #postfix[00:41:37] *** JonnyV has joined #postfix[00:56:35] *** x_or has joined #postfix[01:19:39] <jeremymcs> Aprogas, you can always set up a 2nd or 3rd mx record[01:20:02] <jeremymcs> if its not online, it'll just re-queue it up and try the next in line[01:20:22] *** rmayorga has quit IRC[01:20:51] <Aprogas> I don't want it to disrupt the real mail stream, just get a clone of it.[01:20:58] <jeremymcs> a clone of it ?[01:21:13] <Aprogas> I already fixed it with .forward[01:21:25] <jeremymcs> it'll bounce though, if its not online[01:21:29] <Aprogas> Pipe to procmail || exit 75, pipe to sendmail || exit 0[01:21:46] <Aprogas> It will DNS-fail actually because it is a DHCP dynamic-DNS host. :)[01:22:00] <jeremymcs> still bounce[01:22:01] <Aprogas> My mail setup is a bit weird.[01:22:14] <jeremymcs> not wierd, just cheap .. get a static[01:22:15] <Aprogas> I have permanent soft_bounce on my home mailserver.[01:22:48] <Aprogas> A static unicast addresses for a test mailserver running in a VirtualBox on a workstation? no[01:23:42] <Aprogas> I have a VPS nvidium.soleus.nu that relays to my home mailserver that delivers to procmail and sendmail, of which sendmail goes to the VirtualBox.[01:24:20] <Aprogas> http://pastie.org/private/gspzwtlm5oohfqpl1rpfg[01:24:31] <Aprogas> And yes, I know I should rename from .local[01:26:11] *** rmayorga has joined #postfix[01:26:11] *** rmayorga has joined #postfix[01:30:10] *** bobbyd has quit IRC[01:31:23] <Aprogas> So far DSPAM seems to ignore envelope from/to, and sendmail -f doesn't touch rfc822 from/to, so it doesn't even mess up my training.[02:05:55] *** higuita has quit IRC[02:08:24] *** higuita has joined #postfix[02:10:05] *** lifeofguenter has joined #postfix[02:22:37] *** x_or has quit IRC[02:33:16] <lisa> dspam++[02:40:35] *** pinoyskull has joined #postfix[03:07:55] *** fignew has quit IRC[03:12:05] *** fignew has joined #postfix[03:12:35] *** x_or has joined #postfix[03:15:31] *** rajijoom has quit IRC[03:16:36] *** x_or has quit IRC[03:21:08] *** CrazyFoam has joined #postfix[03:22:06] *** imroot has joined #postfix[03:22:12] <imroot> hey[03:22:15] *** x_or has joined #postfix[03:22:22] <imroot> how can i know wich are the active users ?![03:23:54] <imroot> want to delete unactive users[03:23:59] *** higuita has quit IRC[03:25:10] *** [1]neorise-rider has joined #postfix[03:26:29] *** higuita has joined #postfix[03:26:59] *** neorise-rider has quit IRC[03:26:59] *** [1]neorise-rider is now known as neorise-rider[03:30:37] <jeremymcs> imroot, active for what ?[03:31:14] <imroot> jeremymcs, want to delete old/unactive users[03:31:23] *** x_or has quit IRC[03:31:25] <jeremymcs> in what ?[03:32:23] *** meeso has joined #postfix[03:32:49] *** x_or has joined #postfix[03:33:06] <imroot> postfix! :D[03:33:14] <jeremymcs> postfix doesnt have users[03:33:30] <imroot> mailboxes?[03:33:40] <jeremymcs> possibly .. if your delivering to them[03:33:46] <jeremymcs> are you virtual? mysql?[03:33:49] <jeremymcs> local ?[03:34:12] <meeso> is there a doc somewhere that explains how to setup a mailbox that also is a forward/list when using mysql? I'm having some googling issues atm.[03:34:19] *** wdp__ has joined #postfix[03:34:55] <imroot> local[03:34:55] *** grantbow has quit IRC[03:35:07] <jeremymcs> how many "locals' ?[03:35:37] <imroot> 1[03:35:50] <jeremymcs> so your asking us, how to delete 1 user ?[03:36:39] <imroot> hauiaeiuaeiuaeueahuea[03:36:57] <imroot> <imroot> jeremymcs, want to delete old/unactive users[03:37:16] <imroot> how can i check wich are these users?[03:37:33] <jeremymcs> we dont know, nor can we tell you how[03:37:42] <jeremymcs> unless your logging there logins, no way to tell[03:38:07] <jeremymcs> if u really wanna find out, just delete them all .. and wait for them to contact you[03:38:09] <jeremymcs> :)[03:38:19] *** wdp_ has quit IRC[03:38:47] <imroot> ahhauheaiuaheiuaeihuaheaehea[03:38:48] <imroot> nice[03:38:56] <imroot> i'll do it[03:39:23] *** x_or has quit IRC[03:39:55] <jeremymcs> if your using an imap client on the server .. such as roundcube or squirrel mail .. you could check their last login times ..[03:40:03] <jeremymcs> if thats what they use ..[03:41:11] <imroot> nice[03:41:16] <imroot> neway, thanks[03:46:09] *** x_or has joined #postfix[03:58:24] <CrazyFoam> i have a bunch of hosts where i've disabled local delivery and configured them to relay to my main postfix mail server[03:59:22] <CrazyFoam> one some of these hosts i would like to have aliases to get mail to 'root', etc. to go to a different set of addresses than what is configured on the main mail servers alias[03:59:34] <CrazyFoam> there any way to do that?[04:02:16] <CrazyFoam> maybe local_transport set to relay?[04:02:24] *** imroot has quit IRC[04:03:03] *** UserReg_CL has left #postfix[04:03:06] *** UserReg_CL has joined #postfix[04:09:10] <jeremymcs> eh ?[04:09:22] <jeremymcs> if you just remove the root: entry .. it'll do a lookup[04:11:24] *** x_or has quit IRC[04:13:17] <CrazyFoam> i dont think the relaying hosts are using alias map at all, since local delivery is disabled[04:13:47] <jeremymcs> they have to look something up[04:14:53] *** imroot has joined #postfix[04:15:23] <UserReg_CL> hi, helpme... need what postfix accept 1 unknown sender domain and other not, have this conf postfix: http://pastebin.com/8VnpXkq1[04:17:47] <jeremymcs> eh? rephrase your question please[04:21:25] <imroot> lol[04:22:09] <CrazyFoam> hmmm dead end. aliases definitely only get expanded in local transport[04:22:20] <jeremymcs> yes[04:22:47] <CrazyFoam> is there some way i can expand aliases before sending to the relay?[04:23:14] <jeremymcs> not if your domain is in local[04:23:55] <jeremymcs> or mydestination[04:24:05] <CrazyFoam> mydestination = (empty) is what i've been doing to have all mail hit the relay[04:24:20] <jeremymcs> y not relayhost ?[04:24:35] *** pinoyskull has quit IRC[04:24:52] <CrazyFoam> yeah relayhost set[04:24:59] <CrazyFoam> local_recipient_maps = (empty)[04:25:15] <jeremymcs> mydestination ?[04:25:19] <CrazyFoam> empty[04:26:17] <jeremymcs> so you want root on servera to go to something other than aliases ?[04:27:20] <CrazyFoam> the relay host has aliases for root that are good most the time, but a few hosts connecting to the relay should have root alias changed[04:27:46] <jeremymcs> most of the time ?[04:28:06] <jeremymcs> still not really understanding what your wanting[04:28:12] <CrazyFoam> well 11 out of 14 servers are operated by me and only me, 2 servers are shared with other admins[04:29:02] <CrazyFoam> the way it's setup, there's only one place for alias expansion, on the relay server - 'root' always goes to me[04:29:16] <CrazyFoam> looking for a way to have two of the hosts do alias expansion before sending mail to the relay[04:29:31] <jeremymcs> go local on them[04:29:47] <CrazyFoam> yeah was kind of headed that way...[04:36:56] *** pinoyskull has joined #postfix[04:37:29] *** x_or has joined #postfix[04:44:19] *** Gambaroni has joined #postfix[04:45:02] <UserReg_CL> helpme[04:45:28] <jeremymcs> UserReg_CL, i do not understand your question[04:48:38] <UserReg_CL> jeremymcs: need postfix accept 1 unknown domain and others reject.[04:50:48] <jeremymcs> unknown domain ?[04:51:19] <UserReg_CL> only 1 unknown_domain ("example1.com")[04:51:27] <jeremymcs> smtpd_sender_restrictions = reject_unknown_sender_domain ?[04:51:54] <jeremymcs> smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_checks[04:52:14] <UserReg_CL> only acept unknow_domain.com and other unknown domain reject.[04:52:22] <jeremymcs> etc/postfix/sender_checks =[04:52:30] <jeremymcs> user at domain dot com REJECT[04:52:32] <jeremymcs> user at int dot domian.com OK[04:53:12] <UserReg_CL> ok, thank... (make changes and test )[05:18:51] *** x_or1 has joined #postfix[05:22:11] *** x_or has quit IRC[05:30:33] *** x_or1 has quit IRC[05:36:41] *** pinoyskull has quit IRC[05:37:39] *** x_or has joined #postfix[05:40:18] *** [2]neorise-rider has joined #postfix[05:40:18] *** neorise-rider has quit IRC[05:41:58] *** dragonheart has joined #postfix[05:44:28] *** [2]neorise-rider has quit IRC[05:45:54] *** neorise-rider has joined #postfix[05:46:49] *** MAAAAD has quit IRC[05:47:56] *** pinoyskull has joined #postfix[05:48:10] *** neorise-rider has quit IRC[05:48:43] <UserReg_CL> have "smtpd_sender_restrictions = reject_unknown_sender_domain".[05:48:44] <UserReg_CL> Is there a way to exclude this domain.com from the reject_unknown_sender_domain check?[05:48:58] *** neorise-rider has joined #postfix[05:49:13] <standon> UserReg_CL: yes.[05:49:19] <dragonheart> put a access map for that domain before the reject_....[05:49:43] <UserReg_CL> standon: please, one example. Thank[05:50:42] <standon> !access[05:50:42] <knoba> standon: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[05:50:52] <standon> UserReg_CL: read.[05:51:42] <jeremymcs> standon, ive already given him examples, he didnt get it apparently :([05:54:58] *** [1]neorise-rider has joined #postfix[05:57:06] <standon> jeremymcs: can't force a horse to drink. :)[05:57:23] *** neorise-rider has quit IRC[05:57:23] *** [1]neorise-rider is now known as neorise-rider[05:58:39] *** MAAAAD has joined #postfix[05:59:07] *** guenter has joined #postfix[06:02:18] *** lifeofguenter has quit IRC[06:02:48] *** imroot has quit IRC[06:13:55] *** niki has quit IRC[06:23:40] *** saurabhb has joined #postfix[06:29:44] *** Vivek has quit IRC[06:43:04] *** Vivek has joined #postfix[06:47:48] *** Motoko-chan has joined #postfix[06:49:47] *** shasta has quit IRC[06:50:01] *** UserReg_CL has quit IRC[07:19:42] *** Deus_Ultima_ has joined #postfix[07:20:58] *** Deus_Ultima has quit IRC[07:21:08] *** Deus_Ultima_ is now known as Deus_Ultima[08:01:17] *** johest|w has joined #postfix[08:06:07] *** Vivek has quit IRC[08:20:23] *** will_ has quit IRC[08:22:07] *** e-jones has joined #postfix[08:31:45] *** Motoko-chan has quit IRC[08:44:09] *** neorise-rider has quit IRC[08:44:22] *** tjikkun has joined #postfix[08:44:52] *** UQlev has joined #postfix[08:46:36] *** fOrsberg is now known as forsberg[08:50:34] *** Vivek has joined #postfix[08:50:34] *** Vivek has joined #postfix[08:53:15] *** Matic`Makovec has joined #postfix[09:00:23] *** denis_ has joined #postfix[09:07:18] *** klem has joined #postfix[09:09:24] *** RLGyde has left #postfix[09:15:50] *** Matic`Makovec has quit IRC[09:16:29] *** gdg\BeZOu has joined #postfix[09:17:27] *** Vivek has quit IRC[09:22:18] *** gdg\BeZOu is now known as bezourox[09:38:58] *** bianchi has joined #postfix[09:40:51] *** JoKoT3 has joined #postfix[09:41:52] <bianchi> how to be sure for 100% that all mails are send without fail in past 5 days with postfix?[09:42:38] <ichdasich> bianchi: /var/log/mail.*[09:43:01] <Aprogas> Regularly check your mailq to check for problems, extend your notify_classes to get informed of trouble, etc.[09:43:29] <ichdasich> bianchi: think about using nagios/icinga/whatever for regular checks of mailq size[09:44:49] <bianchi> I have checked my email queue with postqueue -p[09:44:53] <bianchi> and... it's empty[09:45:21] <bianchi> that mean that ... all mails are send sucessufuly[09:45:23] <bianchi> ?[09:45:44] <Aprogas> Not necessarily.[09:47:08] *** Vivek has joined #postfix[09:51:19] <bianchi> Aprogas, so, can u please help me solve this. Mails are not delivered, and I'm not sure if is problem with my server, or something with incoming server...[09:51:27] <Aprogas> I think I misread your question, I thought you were asking how to make sure messages are delivered within 5 days, and how to notice when there is a problem with that.[09:51:35] <Aprogas> !tell bianchi logs[09:51:35] <knoba> bianchi: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[09:51:47] <Aprogas> You should read what ichdasich said.[09:52:36] *** Vivek has quit IRC[09:53:25] *** Jippi_moc has quit IRC[09:55:25] *** Jippi_moc has joined #postfix[09:58:15] <bianchi> thanks[10:00:17] *** johnjay has quit IRC[10:00:47] *** johnjay has joined #postfix[10:05:26] *** Vivek has joined #postfix[10:11:07] *** macsim has quit IRC[10:19:52] *** Jippi_moc has quit IRC[10:25:46] *** madduck__ has quit IRC[10:25:47] *** _ruben has quit IRC[10:26:03] *** _ruben has joined #postfix[10:26:26] *** madduck_ has joined #postfix[10:29:22] *** pinoyskull has quit IRC[10:32:39] *** pinoyskull has joined #postfix[10:38:24] *** dragonheart has quit IRC[10:40:28] *** tomiC has joined #postfix[10:41:34] <tomiC> Ich lese aktuell das Buch "Postfix - Einrichtung, Betrieb und Wartung" und komme an einer Stelle nicht weiter. Bei mir gibt es nach der Installation von Postfix auf Debian Lenny keine Datei mit den Aliases... Kann jemand helfen?[10:43:16] <ichdasich> tomiC: ELANG[10:43:34] <UQlev> tomiC, nicht fenstein[10:44:14] <tomiC> i installed postfix on a debian lenny and wondered that here is no etc/postfix/aliases[10:44:15] <Aprogas> Which alias data are you expecting?[10:45:02] <tomiC> i'm new in postfix and read two books and many tutorials in the internet.[10:45:31] <UQlev> tomiC, may be you are looking for /etc/mail/aliases?[10:46:02] <tomiC> no such file or directory[10:46:26] <Aprogas> It's in /etc/aliases.[10:46:46] <Aprogas> Postfix doesn't care where it is, so long as it matches alias_maps[10:48:00] <tomiC> it's in etc/aliases. i thought it comes with the installation of postfix.[10:48:52] <tomiC> thx for help.[10:48:53] <Aprogas> Just make your own, it's not a very special file.[10:49:39] <tomiC> where do i have to tell the system where this file is?[10:50:27] <Aprogas> !tell tomiC basic[10:50:27] <knoba> tomiC: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[10:51:22] <tomiC> ok thanks[10:51:27] <Aprogas> !tell tomiC why[10:51:28] <knoba> tomiC: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[10:54:32] *** rajijoom has joined #postfix[10:54:50] *** rcsheets has quit IRC[10:55:45] *** shinao1 has joined #postfix[11:04:59] *** shinao1 has quit IRC[11:10:46] *** x_or has quit IRC[11:25:46] *** master_of_master has quit IRC[11:26:39] *** TomHome has joined #postfix[11:28:03] *** master_of_master has joined #postfix[11:28:17] *** rajijoom has quit IRC[11:30:52] *** shadey_ has quit IRC[11:30:55] *** shadey__ has joined #postfix[11:35:59] *** shadey__ has quit IRC[11:36:21] *** cilly has joined #postfix[11:36:30] *** gtim has quit IRC[11:36:49] *** shadey_ has joined #postfix[11:40:57] *** karlgus has joined #postfix[11:43:45] *** dragonheart has joined #postfix[11:43:48] *** cpm has joined #postfix[11:43:49] *** cpm has joined #postfix[11:45:42] *** Alagar has quit IRC[11:55:42] *** EagleWatch has quit IRC[12:12:31] *** Tanguy has joined #postfix[12:12:34] <Tanguy> Hello.[12:14:03] <Tanguy> How would you implement an error message for a deprecated user (in my case, deceased)? Using the transport map to use an error transport for this address, or is there something more appropriate?[12:14:41] <Aprogas> Is this a local or virtual user?[12:15:10] <Trengo> autoresponder with details referring to whoever took his place?[12:15:32] <Aprogas> If a short text is enough, you could use a check_recipient_access too.[12:16:42] <Tanguy> It is a local user.[12:16:49] <Tanguy> Well, it was a local user.[12:17:17] <Aprogas> You could use an autoresponder (sometimes called "vacation reply") as Trengo said.[12:17:37] <Tanguy> Yes, maybe. I wonder which is the best solution.[12:18:13] <Aprogas> Or in a check_recipient_access table something like: user at example dot net 550 short text explaining what happened[12:18:21] <Trengo> the vacation message. you can reply nouser: no such user here: user dead but its ominous[12:19:27] <Tanguy> That would be a strange use of check_recipient_access, I think. I would rather use a transport map.[12:19:50] <Tanguy> Anyway, thank you, I have enough solution, now to choose the one I shall use.[12:20:23] <Aprogas> Why is that a strange use? It checks the intended recipient against a table, and returns an custom error when it matches.[12:20:50] <Tanguy> Yes, indeed, it would be good, in fact.[12:21:19] <Aprogas> I think it can be up to 512-characters long.[12:23:58] <Aprogas> You might use 551 instead of 550, but I don't think a working forward-path has been invented yet, nor does it apply to all religious convictions.[12:25:57] *** shadey_ has quit IRC[12:26:55] *** denis_ has quit IRC[12:37:26] *** denis_ has joined #postfix[12:41:01] *** EagleWatch has joined #postfix[12:42:48] *** au has joined #postfix[12:44:05] <au> Hello, I am wondering when setting up Postfix+Dovecot+MySQL, when doing the mysql prompt for the authorisation process whether I need to change the 'passwdcolumn=password' part?[12:45:42] <Aprogas> I have no idea which mysql prompt you are talking about.[12:46:06] <au> one moment[12:46:11] <Aprogas> Or you doing SQL-backed SASL? That's mostly a Dovecot question, Postfix doesn't implement SASL itself.[12:46:19] <au> was trying to pastebin, but was served a 500 error[12:46:28] <Aprogas> Use a different pastebin.[12:46:33] <au> I am[12:47:58] <au> http://pastebin.ca/1944913[12:51:13] <Aprogas> This isn't really a Postfix question, It's a PAM, MySQL or Dovecot question.[12:51:35] <Aprogas> Personally I'd just skip PAM and make Dovecot call the SQL-table directly.[12:52:45] <au> Ok, but do you know the answer to my question by any chance?[12:55:58] *** famicom has quit IRC[12:56:28] *** famicom has joined #postfix[12:57:06] <Aprogas> No.[12:57:32] <au> ok[13:00:41] *** imroot has joined #postfix[13:05:11] *** zooz has joined #postfix[13:05:19] <zooz> hi[13:05:30] <zooz> I receive a reject message: 552 5.3.4 Message size exceeds fixed limit;[13:05:56] <zooz> # postconf | grep message_size[13:05:57] <zooz> message_size_limit = 40960000[13:06:23] <zooz> it seems like the "message_size_limit" option doesn't work[13:06:41] <Aprogas> Show the exact logs.[13:06:55] <Aprogas> Also account for base64/uuencode and other enlargers.[13:07:35] <zooz> well, I tried to send a message which was 35M[13:07:58] <zooz> do you think "enlargers" can increase the size to >40M ?[13:09:52] <zooz> http://pastie.org/1169794[13:09:59] <zooz> here is the log[13:10:36] <Aprogas> Encoding can easily add about 25% to even 40%[13:10:48] <zooz> alright, let me increase the size[13:11:06] <Aprogas> Email wasn't really meant for large filetransfer.[13:11:07] *** x_or has joined #postfix[13:11:07] *** johest|w has quit IRC[13:11:08] *** x_or has quit IRC[13:11:16] <Aprogas> Can't you upload the file somewhere?[13:12:05] <zooz> well, it's just a file full of zeros[13:12:15] <Aprogas> gzip it then[13:13:59] *** Jippi_moc has joined #postfix[13:14:40] *** johest|w has joined #postfix[13:17:53] <zooz> I increased the message size limit upto 80M and I can send email size 40M[13:18:22] <zooz> the file I was testing with: "dd if=/dev/zero of=somefile.dd bs=1M count=35"[13:18:37] <zooz> and you will get that file, so I do not have to transfer that to you :-)[13:18:42] <zooz> but anyway, thanks[13:18:58] <zooz> I didn't know that encoding can increase the size up to 20-40%[13:21:12] <Aprogas> I think uuencode is 33% and base64 is 37%[13:22:29] <Aprogas> email has to be 7bit-safe, so 50% of your bytes cannot be sent in their original form[13:23:09] <cpm> I wonder why folks don't get that email is e-mail, not e-shipping-parcel-post.[13:23:21] <Aprogas> Use a dropbox, email the link.[13:23:56] <Aprogas> For large text use a pastebin, for images use an imagebucket, for other binary data use a generic dropbox.[13:23:58] <jelly> since base64 uses 8 bits to encode 6 bits, the increase in size, ignoring MIME structure and headers, is (8-6)/6 = 33%[13:24:27] *** imroot has quit IRC[13:25:32] *** UQlev has quit IRC[13:26:01] *** guenter has quit IRC[13:28:04] <Aprogas> You could of course split a large binary file over many emails, each e.g. 1 MB in size, and ship some PAR2 to reconstruct missing emails.[13:29:59] *** denis_ has quit IRC[13:33:55] *** henriknj has joined #postfix[13:43:20] *** UNIX107 has joined #postfix[13:44:32] <UNIX107> Hi all world , i want know difference between devecot and postfix , and if for best work of postfix it s necessary to install dovecot thanks[13:45:39] <UNIX107> wich method that i can use to test postfix if it work or no?*[13:46:19] <Aprogas> Postfix is an MTA, Dovecot is an IMAP/POP3 server.[13:46:42] <cpm> !basics[13:46:42] <knoba> cpm: Error: "basics" is not a valid command.[13:46:46] <cpm> !basic[13:46:47] <knoba> cpm: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[13:46:49] <Aprogas> !why[13:46:49] <knoba> Aprogas: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[13:47:04] <cpm> !welcome[13:47:04] <knoba> cpm: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[13:47:08] <Aprogas> !cpm[13:47:08] <knoba> Aprogas: "cpm" : an operating system originally created for Intel 8080/85 based microcomputers[13:49:14] <Trengo> my first classes were on CPM[13:49:17] <Trengo> CP/M[13:49:25] <Trengo> and MP/M[13:56:58] <UNIX107> How i can test postfix ?[14:02:06] <Aprogas> By talking SMTP with telnet, by sending a test mail from a freewebmail, by sending a local mail to a freewebmail, etc.[14:03:01] <UNIX107> ok thanks[14:03:35] <Aprogas> Why do you need to run a mailserver?[14:04:54] <UNIX107> after my install of postfix i dnt found this line data_directory = /var/lib/postfix in main.cf , that means postfix is not installed well..[14:05:00] <thumbs> !why[14:05:00] <knoba> thumbs: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[14:05:04] <UNIX107> or i will add it manually[14:05:41] <Aprogas> UNIX107: I get the impression you are still new to all this. A mailserver might not be the right thing for you at this point.[14:06:31] <UNIX107> Aprogas yes this is tn first one that i guess to install postfix[14:06:51] <Aprogas> What will you use Postfix for?[14:06:54] <UNIX107> i installed it by yum install[14:07:20] <UNIX107> but i dnt find the line data_directory = /var/lib/postfix[14:07:33] <UNIX107> also in /var/liv i have not postfix[14:08:19] <thumbs> UNIX107: why do you need a mail server?[14:08:53] <UNIX107> to send email for some client as a newsletter[14:09:02] <Aprogas> !tell UNIX107 nullclient[14:09:02] <knoba> UNIX107: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[14:12:15] <UNIX107> My question is about the parametre data_directory and why i can found postfix in /var/lib after installation[14:12:29] <thumbs> UNIX107: a nullclient will suffice in your case.[14:13:39] <Aprogas> !tell UNIX107 nullclient_software[14:13:39] <knoba> UNIX107: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include esmtp, ssmtp and nullmailer. also see !msa[14:13:48] *** lunaphyte_ has quit IRC[14:21:24] *** lunaphyte_ has joined #postfix[14:22:47] *** saurabhb has quit IRC[14:24:23] *** JonnyV has quit IRC[14:26:57] *** cilly has quit IRC[14:28:50] *** cilly has joined #postfix[14:31:33] *** Section1 has joined #postfix[14:31:58] *** UserReg_CL has joined #postfix[14:34:20] *** UNIX107 has quit IRC[14:35:16] *** skymeyer has quit IRC[14:37:55] <UserReg_CL> have "smtpd_sender_restrictions = reject_unknown_sender_domain".[14:39:24] <thumbs> UserReg_CL: yes?[14:39:36] <UserReg_CL> need to exclude this domain.com reject_unknown_sender_domain check?[14:39:39] <UserReg_CL> :)[14:40:15] <Aprogas> Could you rephrase that question?[14:40:55] <thumbs> UserReg_CL: what?[14:41:03] *** juergen_dose has joined #postfix[14:41:05] <thumbs> UserReg_CL: do you know what that restriction does?[14:41:10] *** juergen_dose is now known as car[14:43:33] <UserReg_CL> thumbs: yes.[14:43:43] <thumbs> UserReg_CL: so what's your question?[14:43:45] <UserReg_CL> Is there a way to exclude this domain.com from the reject_unknown_sender_domain check?[14:45:50] <thumbs> UserReg_CL: why?[14:46:39] *** Muhis has joined #postfix[14:46:46] *** Muhis has joined #postfix[14:47:18] <Aprogas> It is possible, but it doesn't make a lot of sense.[14:47:19] *** TomHome has quit IRC[14:47:49] <thumbs> UserReg_CL: re-think your approach.[14:51:16] <UserReg_CL> mmm,[14:52:41] <Aprogas> Is it a domain owned by you?[14:53:13] <UserReg_CL> yes[14:55:18] <Aprogas> Set up an A or MX record for it.[14:59:23] *** JollyRob0 is now known as rob0[15:02:40] *** ruum has joined #postfix[15:05:30] *** suchu has joined #postfix[15:11:24] *** x_or has joined #postfix[15:11:32] *** rhenz has joined #postfix[15:14:33] <rhenz> Ive got a local postfix server without SASL and authentication etc. Everything is ok with it. But now Ive got a silly (windows) smartclient which only could talk to mailserver with auth plain. Is it possible to let postfix ignore the command "auth plain <pw>" ?[15:14:41] *** Nokio has joined #postfix[15:15:24] <Aprogas> Maybe that "silly" client is only trying auth because your server announces it.[15:15:34] <Nokio> Hi all, If i send a mail and it is put on hold for 3 days because it try to send the mail. Can i configure something that i would receive a mail telling me that it can take up to 3 days before the mail is sent? Because for now after 3 days i get a message about a delivery failed... 3 days later is a bit later to know about that possibility?[15:16:23] <Aprogas> Nokio: By default I think a warning is sent after 4 hours, and the message is bounced after 5 days.[15:17:01] <Nokio> thats what i tohugh too but it bounced after 3 days and i didnt get a warning. Would you know where that config is exactly so that i can look into it?[15:18:27] *** Dingofest2 has quit IRC[15:18:46] <Aprogas> Did it get bounced by your own server, or a remote server?[15:19:07] <Aprogas> It's possible a remote MTA was down for 3 days, then went back up, but rejected the message with a permanent error.[15:19:42] *** Dingofest2 has joined #postfix[15:20:09] <Aprogas> !tell Nokio delay_warning_time[15:20:09] <knoba> Nokio: "delay_warning_time" : a configuration parameter in the main.cf: The time after which the sender receives the message headers of mail that is still queued.[15:20:22] *** jim_SFU has joined #postfix[15:23:09] <Nokio> Aprogas, Thanks i think its just whats missing from my configuration file ! ill set it up ! Thanks a lot[15:26:14] *** Nokio has quit IRC[15:32:10] *** Vivek has quit IRC[15:37:40] *** dragonheart has quit IRC[15:44:36] *** henriknj has quit IRC[15:48:39] *** suchu_ has joined #postfix[15:49:20] *** suchu_ has quit IRC[15:50:09] *** dotplus_ is now known as dotplus[15:50:47] *** suchu has quit IRC[15:51:54] *** forsberg is now known as fOrsberg[16:00:46] *** UQlev has joined #postfix[16:12:33] <ruum> Hey guys in ubuntu I am coding C++ and using the wait() funciton[16:13:09] <ruum> now the book I am using says that I can use wait(NULL) but when I tried that the compiler complained[16:13:35] <ruum> so what happened? why is it giving me that error?[16:13:56] <Dominian> uhh[16:14:01] <Dominian> how does this have to do with postfix ruum ?[16:16:29] <cpm> you can run postfix on ubuntu, for those who are fans of correlation=causation, I guess it fits.[16:16:42] <Dominian> right..[16:18:27] <ruum> well last night I had a convo with the guys in here, and they said that I could ask my C++ questions regarding fork() and wait() and other system calls[16:18:48] <ruum> and I am also using Ubuntu, so I think that is related[16:19:05] <ruum> but if I am in the wrong channel please point me elsewhere.[16:20:21] <Dominian> Uhhh unless this is postfix related some how, this isn't support for C++ programming.[16:20:38] <Dominian> might try ##c++[16:20:39] <Aprogas> But Postfix uses wait() too![16:20:46] <Dominian> Aprogas: :)[16:21:21] *** suchu has joined #postfix[16:22:49] *** wdp_aao has joined #postfix[16:23:23] <Trengo> and fork()?[16:25:10] *** suchu has quit IRC[16:27:24] <UserReg_CL> is correct set first at "permit_mynetworks" in smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain, permit_sasl_authenticated ?[16:29:14] <Dominian> UserReg_CL: always good, in my opinion, to have permit_myntworks first and permit_sasl_authenticated second[16:30:03] <UserReg_CL> thank Dominian ![16:30:26] <Dominian> welcome[16:31:39] <sysmonk> Dominian: what's the difference?[16:31:52] <Dominian> sysmonk: with?[16:32:30] <sysmonk> permit_mynetworks,permit_sasl_authenticated permit_sasl_authenticated,permit_mynetworks[16:32:52] <Dominian> none[16:32:53] <sysmonk> 'vs' should be inbeetwin of those two :)[16:33:08] <Dominian> I just have preference in order ;)[16:33:12] <sysmonk> oh :)[16:33:14] <sysmonk> hehe[16:33:29] <Dominian> imho, permit_mynetworks should always be first..[16:33:40] <Dominian> as you will rarely, if ever, want to restrict mynetworks[16:34:22] <sysmonk> well if they both go one after other then you will permit anyway[16:34:36] <Dominian> aye[16:34:43] <jeremymcs> but first check wins[16:35:00] <Dominian> in the case of permit_mynetworks and permit_sasl_authenticated.. I doubt it matters[16:35:01] <sysmonk> the only difference i see could be a performance diff, but even then, you will do smtp auth before smtpd_*_restrictions[16:36:17] <sysmonk> jeremymcs: yes, but then we could talk about how much of your mails come from mynetworks and how much of them come from sasl_authenticated users, and if the second number is bigger then permit_sasl_authenticated wins more than permit_mynetworks[16:36:59] <jeremymcs> i reckon[16:40:13] <ruum> ya guys ##C++ is a beginners channel[16:40:17] *** bluethundr__ has joined #postfix[16:40:27] <ruum> they wouldnt know wtf I am talking about.[16:41:57] *** car has quit IRC[16:42:07] <ruum> lol whoops[16:42:17] <ruum> I was off by a character.[16:42:32] *** ruum has left #postfix[16:43:04] *** imroot has joined #postfix[16:44:02] *** juergen_dose has joined #postfix[16:45:59] *** wdp_aao has quit IRC[16:46:34] *** suchu has joined #postfix[16:51:35] *** juergen_dose1 has joined #postfix[16:52:26] *** juergen_dose has quit IRC[16:53:36] *** e-jones has quit IRC[16:54:41] *** JonnyV has joined #postfix[16:54:54] *** karlgus has quit IRC[16:56:31] *** tsarboni has joined #postfix[16:58:47] <tsarboni> !welcome[16:58:48] <knoba> tsarboni: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[17:04:53] *** tsarboni has left #postfix[17:04:59] *** tsarboni has joined #postfix[17:05:10] *** tsarboni has quit IRC[17:05:47] *** tsarboni has joined #postfix[17:06:13] *** juergen_dose1 has quit IRC[17:07:42] <tsarboni> hi. can someone help me to understand why for to identical emails wih points to a recipient of a non-existent domain, one is soft-bounced by postfix and the other isn't ?[17:07:59] <Dominian> !logs[17:07:59] *** tomiC has quit IRC[17:07:59] <knoba> Dominian: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[17:15:16] <UserReg_CL> hi... please one good document for config postfix ?[17:15:33] <roe> UserReg_CL, postfix.org[17:15:54] <Dominian> !standard[17:15:54] <knoba> Dominian: "standard" : Your question is probably answered in http://www.postfix.org/STANDARD_CONFIGURATION_README.html[17:15:55] <Dominian> !basic[17:15:55] <knoba> Dominian: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[17:15:59] <Dominian> ta dah[17:16:05] <Gambaroni> It looks like the an mail is received, but I don't get it in my inbox in outlook? How can I see my mails from the linux console?[17:16:18] <Dominian> !logs[17:16:18] <knoba> Dominian: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[17:17:07] *** tharkun has joined #postfix[17:19:26] <lisa> !no_logs[17:19:26] <knoba> lisa: "no_logs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.[17:19:36] *** juergen_dose has joined #postfix[17:20:17] *** imroot has quit IRC[17:22:07] *** x_or has joined #postfix[17:22:23] <Gambaroni> Anyone? :)[17:23:02] *** InsolentDreams has joined #postfix[17:23:19] <roe> !tell Gambaroni logs[17:23:19] <knoba> Gambaroni: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[17:23:57] <Gambaroni> roe Yes, there is logged that one mail is received.[17:24:27] <roe> Gambaroni, where was it delivered[17:24:41] <Gambaroni> roe to the mailserver.[17:24:51] <roe> Gambaroni, you're gonna have to read the topic[17:25:47] *** ssureshot has joined #postfix[17:26:58] <UserReg_CL> if need email from domain.com[17:27:22] <Gambaroni> roe ok?[17:29:24] *** LowKey has quit IRC[17:29:43] *** LowKey has joined #postfix[17:38:02] *** nezZario has joined #postfix[17:38:16] <nezZario> i'm having issues getting postfix to understand /etc/aliases[17:38:49] <nezZario> i have a fairly non-standard setup .. I have postfix+mySQL+dovecot as the LDA[17:39:04] <nezZario> i'm trying to make it where root's mail goes to my at virtualaddr dot com[17:39:05] <roe> seems pretty standard[17:39:14] <nezZario> well it's not stock :) is all i'm saying[17:39:57] * roe wonders if all of the pastebin sites are down today[17:41:23] <nezZario> sorry i had to watch the baby for a minute :)[17:43:59] <nezZario> http://pastebin.com/Ld1ZpPGC[17:44:12] <nezZario> you can clearly see the first two bits, /etc/aliases[17:44:27] <nezZario> and in etc aliases, the file is stock except the last line root: my at emailaddr dot com[17:44:44] <roe> ok, and you ran 'newaliases'?[17:45:27] *** au has left #postfix[17:45:57] *** smica has joined #postfix[17:46:22] <nezZario> absolutely[17:46:47] <Gambaroni> if home_mailbox is set to Maildir/ does that specify it is qmail or is it that mailbox is /home/user/Maildir/?[17:47:58] <roe> nezZario, some logs of email getting sent to root[17:48:04] <roe> !home_mailbox[17:48:04] <knoba> roe: "home_mailbox" : a configuration parameter in the main.cf: Optional pathname of a mailbox file relative to a local(8) user's home directory.[17:49:38] <nezZario> actually, roe, I have an issue there[17:49:47] <nezZario> whats a good way to send an e-mail to root? :)[17:50:18] <roe> haha, so how do you know it isn't working?[17:50:26] <nezZario> cron job's e-mail[17:50:42] <roe> using telnet is generally the easiest way[17:50:48] <nezZario> (i actually noticed it because I had a misconfigured cron job that was sending emails every minute0[17:51:44] <nezZario> yeah but what do I put in the to: field? just "root" ?[17:51:52] <f3ew> nezZario yes[17:51:55] <nezZario> i tried sending a email to root@localhost but it bounced back[17:53:01] <roe> logs my kingdom for logs[17:53:46] * tharkun will gladly mail all his logs for a single county[17:53:50] *** juergen_dose has quit IRC[17:54:54] <Gambaroni> roe yes, but that was not the answer to the qeustion[17:55:42] <roe> home_mailbox nor any other parameter specified 'it' as qmail[17:56:12] <Gambaroni> "Specify[17:56:12] <Gambaroni> # "Maildir/" for qmail-style delivery (the / is required).[17:56:13] <Gambaroni> "[17:56:33] *** pinoyskull has quit IRC[17:56:42] <Gambaroni> roe what does that mean?[17:57:01] <roe> if you want to use Maildirs you need to trailing slash[17:57:09] <roe> s/to/the[17:57:40] <UserReg_CL> which is a good e-book?[17:57:51] <Gambaroni> roe I see[18:00:13] * tharkun finally fixed his nick problems :D[18:02:27] <nezZario> Sep 20 12:06:00 mh sendmail[26208]: o8KG60tt026208: to=<ben at mycompany dot com>,ben@plze.com, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=62026, relay=mycompany.com., dsn=5.3.5, stat=Local configuration error[18:02:43] <nezZario> crap, i still put my e-mail in there :)[18:02:47] <nezZario> i tried to hide it heh[18:03:07] *** tsarboni has left #postfix[18:03:09] <nezZario> but roe, that's what it boils down to[18:03:47] *** rlb has quit IRC[18:04:29] <roe> nezZario, can you pastebin logs of postfix starting? Their will probably some more insight there[18:06:12] <Gambaroni> roe thanks, that helped![18:12:08] *** mcp has quit IRC[18:13:50] *** UserReg_CL has quit IRC[18:14:34] *** mcp has joined #postfix[18:18:18] *** henriknj has joined #postfix[18:22:01] <Gambaroni> If I use SSL for the SMTP, is it still port 25 by default?[18:22:37] <seekwill> heh[18:22:50] <roe> don't use ssl[18:22:57] <roe> use TLS and use it on 587[18:23:20] <roe> !submission[18:23:20] <knoba> roe: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[18:23:32] <seekwill> You still need port 25...[18:23:35] <roe> !starttls[18:23:35] <knoba> roe: Error: "starttls" is not a valid command.[18:23:41] <roe> !tls[18:23:41] <knoba> roe: "tls" : Short for Transport Layer Security (RFC2246). It adds an additional layer of encryption to protocols such as SMTP, POP3 or IMAP to improve security during transmission over the Internet. TLS features in Postfix are documented here: http://www.postfix.org/TLS_README.html[18:25:47] *** friskd has quit IRC[18:28:07] *** nezZario has quit IRC[18:28:40] <Gambaroni> roe So I need to uncomment something in master.cf?[18:29:49] <roe> Gambaroni, you need to edit master.cf to enable additional ports, whether or not it is already in your master.cf and commented out is unknown to me[18:30:30] <Gambaroni> roe is it the submission service? or smtps?[18:30:55] <tharkun> !submission[18:30:55] <knoba> tharkun: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[18:31:09] <tharkun> !smtps[18:31:09] <knoba> tharkun: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[18:32:00] <Gambaroni> Thanmks[18:32:04] <Gambaroni> Would I use -o smtpd_enforce_tls=yes[18:32:04] <Gambaroni> -o smtpd_sasl_auth_enable=yes[18:32:04] <Gambaroni> -o smtpd_client_restrictions=permit_sasl_authenticated,reject[18:32:06] <Gambaroni> as well? :)[18:33:40] <roe> seems sensible, although I would probably put smtpd_sasl_auth_enable=yes in main.cf[18:34:30] <Gambaroni> roe true, I already have that.[18:35:09] <Gambaroni> Doesn't dovecot support TLS?[18:35:33] <roe> sure[18:36:15] <Gambaroni> roe I cannot connect when I set to TLS, but setting it to SSL it works.[18:36:27] <roe> pop or imap?[18:36:30] <Gambaroni> imap[18:36:40] <Gambaroni> roe I have protocols = imaps[18:36:46] <Gambaroni> Maybe I would have imap as well?[18:37:32] *** nezZario has joined #postfix[18:38:05] <nezZario> what is ctladdr ?[18:38:39] <roe> nezZario, isn't that a sendmail thing?[18:38:49] <nezZario> wtf..[18:39:00] <nezZario> how can I be sure I don't have sendmail & postfix running at the same time?[18:39:02] <roe> Gambaroni, imaps uses SSL[18:39:03] <nezZario> I have here[18:39:25] <Gambaroni> roe How do I use TLS then? I guess that is better :)[18:39:27] <roe> netstat -p would be onething[18:39:45] <roe> Gambaroni, #dovecot would be able to help you configure dovecot[18:41:46] <nezZario> http://pastebin.com/SifuNEBw[18:41:49] <nezZario> what is my issue here?[18:41:55] *** tharkun has quit IRC[18:43:31] <roe> nezZario, looks like you have a few[18:43:50] <roe> you have a problem with the 'spamass' transport[18:44:06] <nezZario> yeah, i can't even find where spamass is mentioned in master.cf anymore[18:44:09] <nezZario> i commented it out[18:45:23] <roe> can I assume it is a content filter?[18:45:41] <nezZario> it /was/ a content filter[18:45:53] <roe> is it still defined in main.cf?[18:46:06] <nezZario> let me check, it's commented out with @ in master.cf[18:46:10] <nezZario> # i mean[18:47:06] <nezZario> 'spamass' is not found in main.cf ........[18:47:14] <nezZario> ugh, .. now that's bothering me[18:47:39] <roe> is it defined in /etc/postfix/transport?[18:47:42] <nezZario> i had spamassassin but there was some kinda permission issue[18:47:54] <nezZario> so i just turned it off until i could get other issues resolved first[18:48:16] *** tharkun has joined #postfix[18:49:02] <nezZario> no it is not, that file is all #'s (default)[18:49:40] <roe> in /etc/postfix run grep -ri spamass * |grep -v ^#[18:51:09] <nezZario> nothing useful: http://pastebin.com/kR2xurqm[18:54:07] <Gambaroni> roe what could cause this connect to gmail-smtp-in.l.google.com[74.125.43.27]: Connection timed out (port 25)?[18:54:56] <roe> lots of things could cause a connection time out, most of them are out of your control[18:55:17] *** kad__ has joined #postfix[18:55:58] <Gambaroni> roe ok.[19:02:43] *** jfried has joined #postfix[19:05:16] *** nezZario has quit IRC[19:06:03] * cpm puts roe in a time out.[19:06:38] * roe stamps his feet and holds his breath[19:07:32] * tharkun found where the broke ups is[19:08:50] <kad__> why when i use "sasl" with dovecot, under "outlook", i can send mail without "require SMTP authentication"?[19:09:27] <Aprogas> kad__: ok[19:09:50] <kad__> i did: smtpd_recipient_restrictions = permit_mynetworks,permit_tls_clientcerts , permit_sasl_authenticated, reject_unauth_destination[19:11:00] <Aprogas> I guess the system your Outlook is on, is in mynetworks.[19:11:12] <Aprogas> I doubt you really use TLS clientcerts.[19:11:33] <seekwill> I would always use certs[19:11:48] <seekwill> Anything with a username/password, even on "trusted" networks[19:11:57] <seekwill> haha, ESPECIALLY with networks with Outlook/Windows...[19:12:39] <Aprogas> Is a secret key on a Windows machine more secure than a password?[19:13:12] <seekwill> Can be.[19:13:27] <kad__> it's set : mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128[19:13:41] <seekwill> But it's not that. It's the network sniffers.[19:13:58] <Aprogas> !tell kad__ logs[19:13:58] <knoba> kad__: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[19:14:03] <seekwill> Some guy who brings his laptop to work[19:16:14] *** Noobfarm has joined #postfix[19:16:59] <Tom-B> Does anyone have a guide on generating the details from postfix to submit to comodo to for a valid signed certificate (I am aware you can self sign, I'd like a comodo cert)[19:17:40] *** Noobfarm has quit IRC[19:17:50] <seekwill> I got my cert from Thawte[19:18:22] * tharkun is making a corporate CA to avoid this i don't know whoi is speaking over the phone crap[19:19:41] <Tom-B> Comodo are signifcantly cheaper than Thwate[19:20:05] <Aprogas> I think Gandi.net offers one year free SSL for one subdomain with a domain registration.[19:20:08] <roe> most CA are cheaper than thawte[19:20:28] <seekwill> I guess depends on what you need...[19:20:46] <Tom-B> I just wanna cert for mail.dom.tld[19:21:09] <roe> the 'identity' portion of what certs do is, in my opinion, a failure of the protocol[19:23:19] <Tom-B> What attracts me to comodo is they're pretty cheap, pretty recognised and they do a free trial, so I can have a crack at getting it sorted for free[19:23:34] <kad__> i did : smtp_recipient_restrictions = reject_unauth_destination and still i can connect to SMTP and no logs appear[19:24:29] <adaptr> can I have a crack too ?[19:24:31] <adaptr> oh hai seekwill[19:24:40] <seekwill> oh bai!!!!!!!!111[19:24:45] <Aprogas> kad__: pastebin postconf -n and relevant logs[19:25:41] <Tom-B> I thought you had my crack last night, if you didn't who the hell was it?[19:26:02] <adaptr> must have been will, he gets around[19:26:24] *** nezZario has joined #postfix[19:26:28] <Tom-B> kad__: try: permit_mynetworks, permit_auth_destination, reject_unauth_destination, reject[19:26:38] <seekwill> Don't listen to me[19:26:42] <seekwill> I just spam[19:26:51] <Tom-B> We know dear <3[19:26:54] *** cga has joined #postfix[19:27:16] <nezZario> roe did you respond to me?[19:27:47] <Tom-B> kad__ the mails you're sending to are they local?[19:27:51] <Tom-B> the addresses I mean[19:28:36] <kad__> i'm very sorry all :( a mistake was from my inet_interface[19:28:41] <nezZario> Ok well let me resolve this issue first[19:28:43] <nezZario> Sep 20 13:35:01 mh postfix/smtpd[27269]: warning: 208.xx.xx.xx: address not listed for hostname mh.mycompany.com[19:28:52] <nezZario> Why does it keep saying that?[19:28:59] <nezZario> mh.mycompany.com resolves back to the IP[19:29:12] <Aprogas> !tell nezZario fcrdns[19:29:12] <knoba> nezZario: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : $myhostname should resolve to your IP address, which in turn should resolve to $myhostname. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost .[19:29:16] *** UQlev has quit IRC[19:29:27] <Tom-B> Yer you need rdns[19:29:31] <Aprogas> Does it resolve correctly in both directions?[19:29:39] <Tom-B> it's IP -> hostname not hostname -IP[19:29:42] <Tom-B> it's IP -> hostname not hostname -> IP[19:29:48] <nezZario> Yes[19:29:58] <nezZario> The ip resolves to the hostname and the hostname resolves to the Ip[19:30:42] <Aprogas> Not sure what that error derives from, possibly HELO.[19:30:47] <nezZario> from both the local box itself and from my local PC here[19:31:06] <nezZario> i mean, locally on the box itself and from my local pc here[19:31:07] <Aprogas> I get things like "warning: 113.166.177.41: address not listed for hostname localhost", probably some spammer.[19:31:35] <nezZario> well no[19:31:40] <nezZario> the IP and hostname are that of the server[19:32:05] <adaptr> Aprogas: no, localhost is definitely its PTR[19:32:34] <adaptr> but if you mean a spammer that tries to present as localhost to get around restrictions - yeah, could be[19:32:38] *** Matic`Makovec has joined #postfix[19:32:54] <cpm> I get that too Aprogas, exactly, logs are filled with them.[19:32:56] <nezZario> well wtf is wrong with my postfix install?[19:33:14] <Aprogas> nezZario: Tell us the IP-address and hostname, and we'll check it out for you.[19:33:17] <nezZario> i'm having all these off the wall errors with no apparent reason they're happening[19:33:20] <nezZario> if you must[19:33:24] <Aprogas> We cannot help fix DNS issues if you keep details from us.[19:33:26] <nezZario> 208.100.63.215 / echo7.ntertech.com[19:33:42] <nezZario> go ahead, dns should be setup correctly...[19:34:02] <cpm> looks good from here.[19:34:10] <Aprogas> Not from here.[19:34:22] <adaptr> nezZario: what does the log say, also see !topic[19:34:41] <Aprogas> host fails, dig +trace succeeds[19:34:52] <nezZario> host which way?[19:35:02] <nezZario> resolving the IP or hostname?[19:35:30] <Aprogas> resolving the IP[19:35:43] <nezZario> http://pastebin.com/Ld1ZpPGC is my conf[19:35:56] <adaptr> nezZario: you really, seriously, need to read the !topic[19:35:59] <nezZario> eh, i had everything masked out[19:36:27] <nezZario> there's my configuration and I think the error itself is relevant enough error log?[19:36:30] <nezZario> i'm not sure what you're getting at[19:36:38] <Aprogas> ns2.wiscdns.com. doesn't seem very responsive.[19:36:43] <tharkun> rdns is not resolvable from here[19:36:54] <adaptr> nezZario: you don't understand what "read the topic" means ?[19:37:38] <nezZario> No but I don't understand which part I didn't follow, if you have a problem with what I'm doing it would be extremely useful for you to just be direct and say what you want me to do, instead of being vague[19:37:45] <nezZario> let me check the rDNS server though[19:37:50] <nezZario> i don't administrate it but i have root to that thing[19:37:56] <Aprogas> nezZario: type !tell adaptr vague[19:38:23] <adaptr> Aprogas: down, boy![19:38:42] <nezZario> I don't mean to be rude but I posted my conf and posted my error[19:39:05] <adaptr> I don't see the error ? is it in a pastebin ?[19:39:14] <nezZario> do I need to pastebin a 1 line error?[19:39:19] <adaptr> and you're not rude - that's my job[19:39:22] *** cga has quit IRC[19:39:23] <Aprogas> 19:36:04 < nezZario> Sep 20 13:35:01 mh postfix/smtpd[27269]: warning: 208.xx.xx.xx: address not listed for hostname mh.mycompany.com[19:39:24] *** cga_ has joined #postfix[19:39:36] <nezZario> i'll check on the rDNS server if that's the issue though[19:39:37] <adaptr> well, no, but you do have to copy it verbatim. I refuse to read obfuscrap[19:39:43] <nezZario> which is likely[19:39:55] <adaptr> who is 208.bla ? who is mh.mycompany ? who says this / what log ?[19:39:59] <Aprogas> 19:40:48 < nezZario> 208.100.63.215 / echo7.ntertech.com[19:40:45] <Aprogas> nezZario: I think you'll make adaptr happy by posting a few more lines of logs, like from connect to disconnect.[19:40:50] <adaptr> nope, your reverse is dead and/or bad.[19:41:00] <nezZario> well i'm checking on that now[19:41:14] <adaptr> in fact, the reverse delegation is - dunno how braod that is[19:41:20] <nezZario> what do you mean ?[19:41:21] <adaptr> dra! I can't spell worth shit today[19:41:30] <nezZario> i'm not just super awesome at dns[19:41:33] <nezZario> reverse.....delegation?[19:41:35] <adaptr> nezZario: do a dig -x 208.100.63.215 +trace[19:42:19] <adaptr> 215.63.100.208.in-addr.arpa. 86317 IN NS ns2.wiscdns.com.[19:42:21] <adaptr> ;; BAD (HORIZONTAL) REFERRAL[19:42:36] <Aprogas> ns2.wiscdns.com. didn't respond at all to me.[19:42:41] <adaptr> that's bad glue. you need to fix that - better yet, ask somebody who DOES have the authority to alter that sub, to change it for you[19:42:43] <nezZario> i don't get that eror[19:42:47] <adaptr> itdoes not, that's the *glue*[19:43:00] <adaptr> nezZario: that's incredibly irrelevant. WE get that, and that's relevant[19:43:08] <nezZario> i have root on ns1.wiscdns.com[19:43:14] <nezZario> but i don't access to the steadfast crap[19:43:16] <adaptr> who delegated that IP to you ? where does that gleu come from ?[19:43:29] <adaptr> *glue ! I did say about the speling fail, yes ?[19:43:30] <Tom-B> Sure it's not that he simply needs to wait for everything to update?[19:43:39] <adaptr> Tom-B: everything to whut ?[19:43:46] <nezZario> DNS/rDNS hasn't been touched in about a month[19:43:51] <kad__> Tom-B, by the way, it worked with : reject and not reject_unauth_destination like this it work: smtpd_recipient_restrictions = permit_mynetworks,permit_tls_clientcerts , permit_sasl_authenticated, reject as you told me =)[19:43:55] <adaptr> DNS is instantaneous[19:43:57] <nezZario> adaptr, i work for a small vps provider[19:44:03] <nezZario> so i have root on the rDNS box[19:44:13] <nezZario> i grab IP's when i want them and set the rDNS myself[19:44:21] <nezZario> but i didn't setup the stuff up[19:44:23] <adaptr> that's not important. that box will never be queried.[19:44:29] <adaptr> you need to change the *glue*[19:44:36] <adaptr> and yuo probably can't do that[19:44:37] <Aprogas> I don't get the bad referral error, but ns2.wiscdns.com doesn't reply to me.[19:44:37] <Tom-B> What's glue?[19:44:38] <nezZario> the stuff at steadfast?[19:44:46] <Aprogas> Do you have some messed up DNS views configured?[19:44:48] <adaptr> Aprogas: always +trace it[19:44:52] *** cga_ has quit IRC[19:44:52] <Aprogas> adaptr: I do.[19:44:53] <Tom-B> kad__: cool[19:45:31] <nezZario> adaptr: waht do you mean change the glue?[19:45:38] <nezZario> so I can tell "the other guy" to do it[19:45:39] <nezZario> :)[19:45:42] <adaptr> nezZario: ask steadfast[19:45:50] <adaptr> tell him the IP of your nameserver[19:46:02] <nezZario> of *my* nameserver or ns1/ns2 wiscdns ?[19:46:08] <adaptr> that IS your nameserver[19:46:16] <nezZario> well..not really, but ok :)[19:46:22] <adaptr> oh, okay, then don't[19:46:38] <nezZario> well i have another nameserver that i would consider mine that resolves ntertech.com and all my personal stuff[19:46:45] <nezZario> wiscdns is the company's i work for[19:46:54] <Aprogas> nezZario: Your reverse zone should be correctly delegated and correctly configured on the master and all slaves.[19:47:09] <Aprogas> I don't get ns1/ns2, I get ns/ns2[19:47:26] <Tom-B> As do I[19:48:06] <Aprogas> So if multiple of us get different views and different results, something is wrong and should be fixed.[19:48:30] <Tom-B> Kick ban for bad english?[19:48:41] <adaptr> nezZario: the A records for those nameservers should be correctly configured ON THE DELEGATORs' nameservers[19:49:02] <Aprogas> As to "mh.mycompany.com" that doesn't resolve as ntertech nor wiscdns[19:49:19] <Aprogas> So not sure what mycompany.com in there is, or whether mh was also a mung[19:49:28] <nezZario> yes[19:49:38] <nezZario> mh.mycompany.com = echo7.ntertech.com[19:50:06] <nezZario> so i'll complain to my upstream[19:50:23] <adaptr> how much of that IP range should be reverse delegated to you ?[19:50:35] <seekwill> /8[19:50:44] <adaptr> shuttup will[19:51:00] <Aprogas> Back when /8 was still assigned, it wasn't even called /8[19:51:23] <seekwill> What was it called?[19:51:41] <Aprogas> "Class A Networks"[19:51:51] <Tom-B> They're illegal though?[19:52:23] <Tom-B> The wife laughs at my jokes.[19:53:01] <Aprogas> Your wife laughs at you, and the fact that you think she laughs at your jokes.[19:53:24] <tharkun> Aprogas: Ohh that also happens to you :D[19:53:44] <Tom-B> Maybe the fact she laughs at me gets me all hot?[19:54:10] <cpm> who needs to know that?[19:54:13] <roe> I think we have just crossed the line from passing time to off-topic[19:54:25] * cpm sticks his fingers in his ears, , nyaaa nyaaa nyaaaa[19:54:27] <Aprogas> postfwd is pretty nice[19:54:42] <Aprogas> I had to disable postfwd to be able to train my dspam on a test machine[19:54:49] <Tom-B> Noone did, but I wanted to know what his pseudo witty reply would be[19:55:13] <Tom-B> Bah, you're no fun.[19:55:21] <adaptr> oh I came up against an idiotic problem today, I still can't figure out how to do it[19:55:52] <roe> adaptr, make a loop with one lace, wrap the other lace around it, then pull it through to make a bow[19:56:02] <Aprogas> adaptr: with postfwd?[19:56:34] <adaptr> Aprogas: no, postfix. say there's a domain that does catch-all (don't ask stupid questions, automated processing system), which gets delivered via procmail, but with the original recipient (before aliasing)[19:57:05] <adaptr> both the original recipient and the final recipient are not what I want for a few specific addresses - I want the one in the middle[19:57:11] <Aprogas> (I do wildcard-MX with .aprogas.net in mydestination and luser_relay, so I won't grill you about catch-all)[19:57:39] <adaptr> I tried applying mailbox_command_maps and switch procmail back to recipient, but that middle recipient is untouchable - it's either the first one, or the last one.[19:57:49] <Aprogas> Does procmail reinject back into Postfix?[19:58:01] *** uqlev has joined #postfix[19:58:07] <Aprogas> You might employ the receive_override_options=no_address_mappings in some way.[19:58:10] <adaptr> I ended up submitting via a different box, which re-starts the delivery process.. I could potentially have tried SMTP re-injection on the same box, but that is just ewww[19:58:22] <adaptr> yes, I considered it. ewww.[19:58:30] <Aprogas> I do it for Amavis.[19:58:52] <nezZario> oh this jackass[19:59:03] <adaptr> as do I - but I need it to do so for a very small set of addresses, and it's not as if I can mess around with that system indefinitely[19:59:10] <nezZario> one nslookup on ns2.wiscdns.com reveals the retardedness[19:59:22] <nezZario> ns2.wiscdns.com is using the IP of our old T1 line[19:59:30] <adaptr> nezZario: please consider using dns tools from this century![19:59:55] <Aprogas> host is good for shorthand stuff, dig is good for advanced stuff, nslookup is redundant[20:00:37] <adaptr> wiscdns.com. 171685 IN NS ns2.wiscdns.com.[20:00:39] <adaptr> ;; BAD (HORIZONTAL) REFERRAL[20:00:40] <adaptr> again, NO GLUE[20:00:55] <nezZario> zaxs[20:01:00] <adaptr> whoever did that to you - visit them and bring weapons[20:01:13] <adaptr> and yes, the actual A record for ns2 is still there[20:01:31] <adaptr> but neither ns or the entire wiscdns.com domain have valid glule[20:01:36] * seekwill puts glue all over adaptr's body[20:01:37] <adaptr> GULULULE[20:01:39] <adaptr> drat[20:01:46] <adaptr> seekwill: stuff it, or I will come round![20:01:55] <nezZario> just to be clear,[20:01:55] <Aprogas> Doesn't bad horizontal referral mean stuff like "example.org. 3600 IN NS example.org." ?[20:02:06] <seekwill> "im rubber your glue!!!"[20:02:13] <nezZario> you mean steadfast doesn't have a proper record for ns/ns2 wiscdns?[20:02:25] <adaptr> Aprogas: correct. OR, as in this case, foo.com 1234 IN NS ns.foo.com[20:02:28] <adaptr> nezZario: correct[20:03:02] <Aprogas> adaptr: What is bad about foo.com 1234 IN NS ns.foo.com apart from missing trailing dots?[20:03:04] <adaptr> if a delegated zone refers to nameservers inside the delegated zone, there MUST be A records present in the parent zone for those nameservers[20:03:15] <adaptr> Aprogas: whereis the A record for ns.foo.com ?[20:03:19] <Aprogas> Ah, so no glue is also bad horizonal referral.[20:03:22] <adaptr> in the foo.com zone ?[20:03:53] <adaptr> no, it's slightly different. foo.com NS ns.foo.com, lookup SOA for foo.com, damn, ns.foo.com, look up SOA for foo.com, drat! ns.foo.com[20:03:56] <adaptr> it's a loop[20:04:23] <Aprogas> nezZario: http://intodns.com/wiscdns.com show that to whoever is responsible for the nameservers[20:04:25] <adaptr> hence the "horizontal' - it nevers gets out of the parent zone[20:05:10] <adaptr> it asks "who is auth for foo.com ? oh, wait, I am! now, where is ns.foo.com ? I dunno - let's ask whoever is auth for foo.com. now, who is auth for foo.com ?"[20:05:22] <adaptr> ad nasueatus[20:05:33] <adaptr> (actually, dig stops after 50 or so iterations)[20:05:51] <Aprogas> I couldn't replicate the bad referral error in my dig.[20:05:57] <adaptr> they should rename it the "goldfish factor"[20:06:03] <Aprogas> Maybe it's just silent about it.[20:06:28] <adaptr> Aprogas: "your dig" ? I get that on a trace from root. it cannot be different[20:06:56] <adaptr> (a normal recursive trace won't give you a bad referral, either - it just fails the record)[20:07:28] <adaptr> Aprogas: did you overload your roots ? you did, didn't you[20:08:05] <Aprogas> http://pastie.org/private/sf1ns1fqyftoqohngvjza[20:09:25] <adaptr> ah, yes - trace takes the zone root authoritative server, which is ns. your trace apparently used ns2, which does respond[20:09:37] <adaptr> ns. is dead, ns2. is the old one, as he said[20:09:53] <Aprogas> I'm confused now. ns2.wiscdns.com is dead for me.[20:09:54] <adaptr> run it against ns, and/or get the SOA[20:10:36] <adaptr> I cannot get a SOA, or anything else, from ns.wiscdns.com[20:11:52] <Aprogas> Hence my earlier comments about DNS views or other wickedness.[20:11:52] <adaptr> what does dig wiscdns.com soa @208.100.63.215 tell you ?[20:11:56] *** tjikkun has quit IRC[20:12:03] <Aprogas> We are all getting different results.[20:12:18] <adaptr> if he's not very good at dns, as per his earlier comment, I doubt he should be messing with views[20:12:33] <Aprogas> adaptr: shows me glueless root zone[20:13:00] <adaptr> me too[20:13:02] *** kad__ has quit IRC[20:13:05] <adaptr> so that 's definitely broken[20:13:08] *** tjikkun has joined #postfix[20:13:17] <adaptr> nezZario: your own zone is broken. fix it![20:13:21] <Aprogas> When I do the same @ns.wiscdns.com or @ns1.wiscdns.com I get sensible results, @ns2.wiscdns.com times out[20:13:30] <adaptr> I can't reach any of them anymore[20:13:44] <adaptr> I can dig @ that IP, but it doesn't even admit the zone exists[20:13:51] <Aprogas> Is 208.100.63.215 supposed to be a NS for that domain?[20:14:29] <adaptr> it's the PTR for ns.wiscdns.com, ain't it ?[20:14:33] <adaptr> so I would say yes.[20:14:38] *** nezZzZ has joined #postfix[20:14:39] <nezZzZ> sorry[20:14:48] <adaptr> nezZzZ: dig +trace wiscdns.com soa[20:14:50] <nezZzZ> this damn laptop shutsoff if i leave it for 5 freakin minutes[20:14:50] <adaptr> run that[20:14:53] <Aprogas> adaptr: I didn't understand your PTR comment.[20:15:04] <nezZzZ> what do you mean my "own zone" is broke?[20:15:05] <adaptr> scroll back half an hour[20:15:13] <adaptr> it started with a PTR issue[20:15:20] <adaptr> THIS PTR issue[20:15:21] <Aprogas> Yes, I know.[20:15:37] <Aprogas> 208.100.63.215 has broken PTR, but 208.100.63.215 isn't necessarily a nameserver.[20:15:43] *** nezZario has quit IRC[20:15:53] <adaptr> anyway, if it's NOT a nameserver for anything, it should certainly not return the cached root zone[20:16:02] <adaptr> oh it is a nameserver[20:16:09] <adaptr> it responds ;)[20:16:27] <Aprogas> It runs a nameserver, which accidently tries to recurses for us.[20:16:27] <nezZzZ> yes it's my nameserver that points ntertech.com back to that ip[20:16:34] <adaptr> nezZzZ: we mean that many things seem to be broken about wiscdns.com[20:16:49] <nezZzZ> but nothing is broken about the nameserver at 208.100.63.215 right?[20:16:52] <nezZzZ> that's all I need to know[20:16:56] <nezZzZ> because I manage that nameserver[20:17:00] <adaptr> yes, that is completely broken[20:17:01] <nezZzZ> i don't manage wiscdns[20:17:05] <adaptr> it does not know what wiscdns.com is[20:17:23] <adaptr> you said you did - you said yo umanaged that zone[20:17:37] <nezZzZ> i have root, i could fix something if it was simple, but i don't manage it[20:17:41] <nezZzZ> (for wiscdns)[20:17:52] *** nezZzZ is now known as nezZario[20:17:58] <adaptr> then alert the person responsible for that zone, and get them to fix it[20:18:07] <adaptr> this is going nowhere at speed[20:18:10] <nezZario> what should I tell them exactly?[20:18:13] <nezZario> and i'll tell them[20:18:19] <adaptr> I have told you about 3 times now[20:18:27] <nezZario> i mean you said 208.100.63.215 doesn't know what wiscdns is.. should it?[20:18:32] <adaptr> there is no glue for wiscdns.com anywhere[20:18:34] <nezZario> i don't see how it couldn't[20:18:53] <adaptr> if the person responsible doesn't understand what that implies, he should not be managing DNS[20:18:56] *** jan_ has joined #postfix[20:20:20] <nezZario> :) k[20:20:52] *** jfried has quit IRC[20:21:20] <adaptr> you could also gently remind him that playing around with views and glue doesn't help his customers, i.e. you[20:22:33] <nezZario> what do you mean views.. I mean I know what views are -- but I'm just curious how you're saying that's relevant?[20:23:13] <adaptr> what aprogas said - te only rational explanation for us not being able to resolve the same data is if they're playing silly buggers with views and ACLs[20:23:18] *** kad__ has joined #postfix[20:23:32] <adaptr> +trace should ALWAYS return the exact same data regardless of who requests it[20:23:39] <nezZario> i see[20:23:53] <nezZario> k i'll type up an e-mail now[20:24:08] *** Blue-E2 has quit IRC[20:24:11] <kad__> Tom-B, heys!! i notice if i did it like what you told me at end" reject", under the : smtpd_recipient_restrictions=permit_mynetworks,permit_tls_clientcerts,permit_sasl_authenticated,reject", i can't receive mail from external i check logs :Recipient address rejected: Access denied[20:24:46] <adaptr> kad__: correct! congratulations, you have fallen prey to our resident newbietroll[20:25:07] <Dominian> hrm.. new clamav just released to fix a pdf and internal bzip2 issue[20:25:19] <kad__> :P[20:25:42] <Aprogas> !tell kad__ submission[20:25:42] <knoba> kad__: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[20:25:43] <adaptr> !restriction_class[20:25:43] <knoba> adaptr: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html[20:27:02] <nezZario> ok[20:27:05] <nezZario> next issue:[20:27:24] <adaptr> what do you mean, "next" ? :P this should really be solved[20:27:36] <seekwill> DNS isn't important for email[20:27:43] *** gencha_ has quit IRC[20:27:46] <adaptr> seekwill: ah, yes, I forgot.. carry on then[20:27:49] <seekwill> :D[20:28:01] <Dominian> You mean.. I've been doing it wrong for years?[20:28:09] <nezZario> well I can't do anything about it[20:28:11] <nezZario> Sep 20 14:32:11 echo7 postfix/qmgr[26368]: warning: connect to transport spamass: Connection refused[20:28:12] <Aprogas> foreach issue { solvable ? fix() : next issue }[20:28:14] <nezZario> i don't think that's related[20:28:16] <adaptr> Dominian: of course you've been doing it wrong. you need to ask ?[20:28:16] <Dominian> spamass[20:28:17] <Dominian> lol[20:28:26] <nezZario> yes spamass =)[20:28:34] <Dominian> what is tied to the spamass transport?[20:28:35] <adaptr> nezZario: it is not, indeed. however, fail.[20:28:38] <Dominian> if its not up it isn't going to work[20:28:41] <adaptr> Dominian: the spankass MDA[20:28:46] <Dominian> adaptr: ahhh[20:28:48] <Dominian> I've heard of that..[20:28:48] <Aprogas> !tell nezZario master.cf[20:28:49] <knoba> nezZario: "master.cf" : the process configuration file. Each logical line describes how a Postfix service will be run. See "man 8 pipe" for more information.[20:28:52] <Dominian> the BSDM of the MTA world[20:28:54] <Aprogas> !tell nezZario transport_maps[20:28:55] <knoba> nezZario: "transport_maps" : a configuration parameter in the main.cf: Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). See transport(5) for details.[20:29:10] <adaptr> he really doesn't want to be using transport-maps for content filtering[20:29:13] <adaptr> !content_filter[20:29:13] <knoba> adaptr: "content_filter" : a configuration parameter in the main.cf: The name of a mail delivery transport that filters mail after it is queued. Also reference: http://www.postfix.org/FILTER_README.html[20:29:25] <nezZario> yeah before you go spitting bot propaganda at me :P[20:29:25] <adaptr> if you do factoidize, use the right one :)[20:29:44] <nezZario> there is no mention of spamass in transport, master.cf, or main.cf[20:29:45] <Aprogas> adaptr: some tutorials use transport_maps to pull through spamassassin[20:29:54] <nezZario> there /is/ in master.cf i guess but it's commented out with #[20:29:56] <adaptr> nezZario: then it's not a valid transport to use. remove it.[20:30:04] <adaptr> Aprogas: yes, see !tutorial[20:30:05] <nezZario> it is commented out[20:30:19] <nezZario> one sec i'll pastebin[20:30:22] <Dominian> nezZario: postconf -n | grep content_filter[20:30:34] <adaptr> or just ..postconf content_filter[20:30:43] <Dominian> or that[20:30:44] <adaptr> Dominian: you want to lose points as well ? it saddens me[20:30:47] <adaptr> hehe[20:30:47] <Dominian> or postconf -n to beging with[20:30:49] <Aprogas> postconf | grep -i spamass[20:30:57] <Dominian> adaptr: there are a lot of ways to do it..[20:31:00] <adaptr> spankass |grep postconfuse[20:31:03] <Dominian> I just like pickign the most irritating one when you're around.[20:31:10] <adaptr> I KNOW! aren't we having fun ?[20:31:41] <adaptr> Dominian: you forgot to say "alot"[20:31:45] <Dominian> oh yeah[20:31:46] <Dominian> alot[20:31:48] <Dominian> :P[20:32:59] *** juergen_dose has joined #postfix[20:33:55] <nezZario> http://pastebin.com/H8Ffs5XB[20:33:57] <nezZario> there =)[20:34:03] <nezZario> proof i'm an idiot[20:34:07] <nezZario> i mean, not an idiot[20:34:22] <adaptr> nobody said you were, we just like to strongly imply it[20:34:35] <nezZario> no mention of spamass except in commented out lines[20:34:45] <Dominian> When you commented out the -=o content_filter lines.. did you stop and start postfix?[20:34:54] <nezZario> yes absolutely[20:34:58] <nezZario> that's been some time ago[20:35:00] <adaptr> DID you comment out those lines ?[20:35:01] <nezZario> that i commented it out[20:35:10] <adaptr> pastebin master[20:35:34] <nezZario> master is in there[20:36:03] <Aprogas> Show the error in context.[20:36:15] <adaptr> then you have stuff queued for it. postsuper -r ALL to requeue[20:36:21] <Aprogas> erm[20:36:31] <Aprogas> Let's not go there yet. :)[20:36:36] <adaptr> let's go tehre FIRST[20:36:46] <adaptr> it's the only possible solution[20:37:21] <adaptr> the queue is the only place where transports are associated with messages, and if he started this crap while the transport was still in the option but wasn't RUNNING - all mail will be queued FOR THAT TRANSPORT[20:37:30] <adaptr> requeue it![20:38:11] <Aprogas> Maybe we should confirm first that that is in fact the issue.[20:38:17] <adaptr> wanna bet ?[20:38:33] <Aprogas> No, I don't doubt it is the most logical explanation, but I'd like to see mailq confirm it first.[20:38:39] <adaptr> he says that he has never had the spamass transport active. and he says that he DID disable the content filter[20:38:57] <adaptr> so the content filter has been in effect but the transport has never run[20:39:18] <nezZario> http://pastebin.com/dZxd4aaZ[20:39:29] <adaptr> what's that noo ?[20:39:31] <Aprogas> nezZario: check your mailq[20:40:03] <adaptr> Aprogas: if there is nothing in his queue, requeueing won't do anything. he should requeue. shortest path to solution. I win.[20:40:10] <nezZario> ran the requeue[20:40:12] * adaptr wins[20:40:18] <nezZario> look, this is confusing to me[20:40:23] <nezZario> on a side note[20:40:28] <adaptr> endeavour to become unconfused[20:40:39] <Aprogas> adaptr: what if another issue had 15000 mails in his queue?[20:40:49] <adaptr> Aprogas: then they'd all be requeued :)[20:41:03] <adaptr> postfix wil churn away for a few seconds, no biggie[20:41:06] <nezZario> http://pastebin.com/BPsdK3Ec[20:41:18] <nezZario> it requeued 3 messages but i have no messages in my mailq?[20:41:21] *** x_or has quit IRC[20:41:24] <Aprogas> All 15000 of which contained activation sequences to evil robots stored in underground bunkers; activation sequences that had been previously blocked from delivery by time travelling agents, but by requeuing, we ruin the future after all![20:41:57] <Aprogas> adaptr: admit it, my explanation is more plausible[20:42:18] <Aprogas> nezZario: I think mailq defaults to active and incoming, or something[20:42:24] <adaptr> it's not an explanation - I gave an explanation, you merely gave advice :P[20:42:35] <Aprogas> I meant the robot thing.[20:42:35] <adaptr> Aprogas: mailq shows all queues that contain messages[20:42:45] <Aprogas> Maybe I'm confused with qshape.[20:42:50] <adaptr> yers[20:42:52] <nezZario> whhat[20:42:57] <Aprogas> pflogsumm[20:44:33] <nezZario> i think requeue'ing fixed the issues[20:44:47] <adaptr> I know. I already won.[20:44:56] <nezZario> well adaptr since you're on a roll[20:44:58] <nezZario> EXPLAIN THIS ONE[20:45:03] <nezZario> (this was my original issue)[20:45:14] <nezZario> yeah i just have a buttload of issues with my setup[20:45:35] <nezZario> dunno why, ... it was working fine on another server.. moved it over and all hell broke loose[20:45:58] <adaptr> that's not an issue, that's a blind migration. not the smartest move.[20:46:13] <nezZario> well no it wasn't blind[20:46:48] <adaptr> "it worked fine before" is a very urrgh statement[20:46:57] <adaptr> it doesn't contain any useful information[20:47:18] <nezZario> one sec..[20:47:22] <nezZario> this has to do with aliases[20:47:33] <nezZario> in /etc/aliases I can't forward mail to my at virtualmbox dot com[20:47:40] <nezZario> mail for root[20:47:44] <nezZario> it loops back for some reason[20:47:47] <nezZario> you've seen my config right?[20:47:54] <adaptr> what is the exact error[20:48:01] <adaptr> pastebin the entire log from one such attempt[20:49:00] <nezZario> http://pastebin.com/GQiKu3n8[20:49:07] <nezZario> that's what happens to mail addressed to e.g. 'root'[20:49:14] <nezZario> sent from my local system[20:49:24] <nezZario> which are somewhat important[20:50:04] <Aprogas> You are using the wrong sendmail.[20:50:12] <nezZario> oh?[20:50:14] <Aprogas> Kill it with fire.[20:50:17] <nezZario> HOW[20:50:22] <nezZario> see wiat[20:50:26] <seekwill> Sticks and matches![20:50:33] <nezZario> with chkconfig i turned off 'sendmail' and i stopped receiving mail and junk.[20:50:40] <nezZario> so i figured postfix took over 'sendmail'[20:50:43] <seekwill> That's the best antispam[20:50:43] <adaptr> uninstall it completely[20:50:55] <adaptr> nezZario: no. YOU are sresponsible for understanding what your distro does.[20:51:03] <seekwill> Which distro?[20:51:09] <seekwill> RHEL/CentOS has a utility to switch MTAs[20:51:18] <Aprogas> FreeBSD and NetBSD do too.[20:51:19] <adaptr> not knowing what is running is easily more dangerous than running insecure services[20:51:31] <nezZario> I'm usually a netbsd/freebsd guy btw[20:51:40] <nezZario> but i'm currently using centos for my vps's for simplicity[20:51:44] *** todd_dsm has quit IRC[20:51:49] <adaptr> yes, it sounds very simple![20:51:53] *** juergen_dose has left #postfix[20:51:55] <nezZario> it's not......[20:52:38] <seekwill> It is[20:52:40] <seekwill> Which VPS?[20:52:45] <nezZario> my vps.[20:52:54] <seekwill> ok...[20:52:59] <nezZario> hah what do you mean which vps?[20:53:15] <seekwill> Who is your VPS provider[20:53:36] <nezZario> I am my VPS provider[20:53:43] <nezZario> no really.. might as well[20:53:46] <nezZario> fourmannetworks[20:54:00] <seekwill> What do you use?[20:54:08] <nezZario> we use xen[20:54:28] *** Motoko-chan has joined #postfix[20:54:30] <seekwill> How come you're running CentOS but don't have it listed?[20:54:38] <nezZario> because i work for that company.....[20:54:46] <nezZario> and don't want to answer any more questions about them[20:54:51] <seekwill> system-switch-mail[20:54:54] <seekwill> haha[20:54:56] <nezZario> :)[20:54:58] <seekwill> That's the package you need[20:55:25] *** f0rpaxe has joined #postfix[20:57:43] *** MAAAAD has quit IRC[20:58:36] *** MAAAAD has joined #postfix[21:01:24] *** niki has joined #postfix[21:03:20] <nezZario> yep[21:03:22] <nezZario> that worked like a charm[21:03:26] <nezZario> and my usptream is working on the dns issue[21:03:30] <nezZario> thannnnnnnnnnnnkssssssssssss :P[21:16:40] *** juergen_dose has joined #postfix[21:19:24] *** cpm has quit IRC[21:29:57] *** nezZario has quit IRC[21:37:48] *** schnoobby has joined #postfix[21:46:53] *** p3rror has joined #postfix[22:00:18] *** Southron has joined #postfix[22:03:08] *** kad__ has quit IRC[22:06:35] *** lepine has quit IRC[22:07:21] *** schnoobby has quit IRC[22:09:15] *** _ruben has quit IRC[22:09:21] *** cemc has quit IRC[22:12:53] *** dddh has quit IRC[22:13:22] *** juergen_dose has quit IRC[22:14:47] *** Matic`Makovec has quit IRC[22:16:13] *** juergen_dose has joined #postfix[22:19:15] *** cilly has quit IRC[22:23:58] *** superbofh has joined #postfix[22:24:30] <Aprogas> How do I "whitelist" e.g. abuse@ from the milters and content_filter?[22:28:01] <seekwill> topic!!![22:28:26] <thumbs> !tell seekwill welcome[22:28:26] <knoba> seekwill: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[22:28:36] <seekwill> oh[22:29:29] <seekwill> !tell thumbs everything[22:29:30] <knoba> seekwill: Error: No factoid matches that key.[22:29:44] <thumbs> seekwill: don't go inventing a new factoid here for me, either.[22:29:45] *** _ruben has joined #postfix[22:29:54] <seekwill> :D[22:30:33] *** jim_SFU has quit IRC[22:30:48] *** cemc has joined #postfix[22:30:49] *** cemc has joined #postfix[22:34:33] *** dddh has joined #postfix[22:36:44] *** jim_SFU has joined #postfix[22:39:06] *** p3rror has quit IRC[22:39:32] *** uqlev has quit IRC[22:39:47] *** fOrsberg is now known as forsberg[22:40:31] *** p3rror has joined #postfix[22:43:25] *** Southron has left #postfix[22:50:35] *** f0rpaxe has quit IRC[22:54:12] *** kenyon has quit IRC[23:00:19] <tharkun> Does anyone has a 2.8 on a production server yet ?[23:00:27] <adaptr> yep[23:00:33] <adaptr> not a lot of volume though[23:00:42] *** kenyon has joined #postfix[23:01:20] <adaptr> tharkun: cite makes debian packages[23:01:28] <tharkun> adaptr: Is it behaving properly ? I am tempted to put it on a production server but i am kind of scared of a major breakdown[23:01:46] <tharkun> adaptr: yes, i do happend to have the url and i also have it running on a squeeze install[23:01:58] <adaptr> if you're at all unsure, stay with 2.7 or disable postscreen. that has been undergoing rapid development if you follow the list[23:02:10] <adaptr> I think postscreen is becoming stable only this week[23:02:32] <tharkun> adaptr: I'll take a look at the list.[23:02:33] <adaptr> wietse tends to run his nightly builds with soe bravado on unsmall servers,l but then he does know what he's doing...[23:02:37] <adaptr> *some bravado[23:04:19] <adaptr> the beauty of postscreen is that you can run it without dropping any mail. so just duplicate your DNSBLs in postscreen and see how it runs[23:04:31] <adaptr> you can tune your setup before you put it live[23:04:53] <adaptr> and the pregreet is GREAT! it stops an amazing amount of crap[23:05:01] <Aprogas> So postscreen is like a C implementation of postfwd+postgrey ?[23:05:08] <adaptr> !postscreen[23:05:08] <knoba> adaptr: "postscreen" : Server that performs triage on multiple inbound SMTP connections in parallel. More information can be found at: http://www.postfix.org/postscreen.8.html[23:05:15] <Aprogas> Or let me rephrase that: postscreen makes postfwd and postgrey redundant?[23:05:24] <adaptr> it's more than that, as it arbitrates the actual SMTP connections before any mail is accepted[23:05:39] <adaptr> so your box won't get clogged with spam input[23:06:00] <adaptr> a client has to get past postscreen before it connects to SMTP[23:06:04] <Aprogas> Instead your postscreen gets clogged with spam input. :)[23:06:05] <adaptr> hence the "screen"[23:06:12] <adaptr> no, it's light-weight[23:06:19] <adaptr> it's client-based only[23:06:40] <adaptr> so there is no risk in running a 1000 of them in parallel, with only 100 going to the smtpd[23:07:39] <Aprogas> According to pflogsumm, I reject about 93% of mail based on pre-DATA information.[23:07:55] <adaptr> sure, for me, that would be closer to 95%[23:08:06] <adaptr> amavis doesn't havea lot to do which is good since it's expensive[23:08:32] <Aprogas> Oh, I've gone down, 86% now. Yeah my Amavis is pretty quiet too.[23:08:45] <Aprogas> I'm looking into this DSPAM thing though, maybe run it as proxy_filter if I'm brave.[23:08:52] <Aprogas> I run clamav-milter, but the clamd is on another box.[23:08:54] *** jan_ has quit IRC[23:09:13] <adaptr> I looked into dspam many, many years ago. it was horribly unusable then, needing 10K ham /spam to get any percentage[23:09:19] <adaptr> so I sort of gave up :)[23:09:29] <adaptr> I may revisit it whenreports are positive[23:09:39] <Aprogas> Documentation is a mess, three wikis, all outdated; README is confusing, tutorials are crap, etc.[23:09:55] <Aprogas> Don't bother until the documentation becomes good. :)[23:10:38] <adaptr> thanks :)[23:10:44] <adaptr> saves me a looksee[23:11:03] <Aprogas> I'm sure it a great tool, but if its unclear how to use it, that all goes to waste, and only leaves a bad impression.[23:12:07] <Aprogas> I did dive deep enough into the documentation that I'm entranced by it now.[23:12:25] <Aprogas> The steep learning curve has a strange attraction; as if learning some arcane craft.[23:15:19] *** dragonheart has joined #postfix[23:17:18] *** rajijoom has joined #postfix[23:17:20] *** Breaking_Pitt has joined #postfix[23:17:56] <Breaking_Pitt> Guys how can I know that my 465 port is working correctly?[23:18:08] <adaptr> Breaking_Pitt: you don't want to use 465[23:18:20] <Breaking_Pitt> sorry?[23:18:48] <tharkun> !smtps[23:18:48] <knoba> tharkun: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[23:19:07] <tharkun> !submission[23:19:07] <knoba> tharkun: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 2476 and 4409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[23:20:06] <tharkun> Breaking_Pitt: ^^[23:20:22] <Breaking_Pitt> tharkun: I'm reading! :)[23:20:26] <tharkun> bien[23:20:51] <Breaking_Pitt> ja ja ja[23:20:53] <Breaking_Pitt> bien?[23:21:01] <Breaking_Pitt> do you speak spanish?[23:21:17] <tharkun> :D Take a wild guess[23:21:32] <Breaking_Pitt> porque yo hablo español[23:21:40] <tharkun> Gallego[23:21:57] *** Breaking_Pitt has quit IRC[23:22:33] *** todd_dsm has joined #postfix[23:22:58] *** Breaking_Pitt has joined #postfix[23:23:14] <Breaking_Pitt> tharkun: tamén falo galego! xD[23:23:18] <tharkun> no[23:24:22] *** todd_dsm has quit IRC[23:24:37] *** todd_dsm has joined #postfix[23:25:19] <Breaking_Pitt> so I have to use the 587 instead the 465?[23:27:30] <tharkun> yes[23:27:33] <Breaking_Pitt> tharkun: i still have one doubt[23:27:41] <tharkun> shoot[23:27:43] <adaptr> just one ?[23:27:55] <thumbs> only one?[23:27:57] <Breaking_Pitt> right now[23:27:57] *** jim_SFU has quit IRC[23:28:00] <Breaking_Pitt> :([23:28:18] <tharkun> Breaking_Pitt: no les hagas caso, solo pregunta[23:28:38] <Breaking_Pitt> i have to uncoment the submission in master.cf[23:28:50] <tharkun> yes[23:28:52] <Breaking_Pitt> but i have to comment the smtps?[23:28:58] <tharkun> yes[23:29:16] <Breaking_Pitt> and then configure the mail client to use the 587?[23:29:26] <tharkun> yes[23:31:48] *** henriknj has quit IRC[23:32:37] <Aprogas> It is a good idea to require TLS and SASL on 587.[23:34:47] <Breaking_Pitt> any tutorial or info on how to do this Aprogas[23:34:55] <Aprogas> !tell Breaking_Pitt tls[23:34:56] <knoba> Breaking_Pitt: "tls" : Short for Transport Layer Security (RFC2246). It adds an additional layer of encryption to protocols such as SMTP, POP3 or IMAP to improve security during transmission over the Internet. TLS features in Postfix are documented here: http://www.postfix.org/TLS_README.html[23:34:58] <Aprogas> !tell Breaking_Pitt sasl[23:34:58] <knoba> Breaking_Pitt: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[23:35:06] <Breaking_Pitt> ok thanks[23:48:32] *** juergen_dose has left #postfix[23:52:30] *** smica has quit IRC[23:53:21] *** nezZario has joined #postfix[23:58:21] *** x_or has joined #postfix[23:58:39] *** rhenz has quit IRC[23:59:20] *** rhenz has joined #postfix[23:59:31] <Breaking_Pitt> i have enalbed the submision in postfix but when i use it the mail can not be save to the sent folder[23:59:38] <Breaking_Pitt> :?[23:59:57] <adaptr> what is the exact error