[00:00:36] <tessier> jelly-home: Ah, I see. Very interesting...
[00:01:21] <tessier> "Of course, Traffic Control isn’t open source, but that doesn’t mean it’s not easy to get a hold of." er...that's a bummer. I guess I'll pass. It is an interesting idea though.
[00:03:17] *** TomHome has quit IRC
[00:03:43] <adaptr> jelly-home: tc doesn't know anything about anything. it manipulates buckets that result in QoS/CoS settings
[00:05:53] *** Matic`Makovec has quit IRC
[00:06:06]
<alpine_style> i am fetchmailing from a remote mailbox to local linux user and then run through procmail/spamassassin which then forwards to another email address hosted elsewhere - here is my maillog http://pastebin.com/7nwixdM8 ... is the mail making it off this machine? I never see the forwarded mail at the final destination.
[00:06:31] *** smica has quit IRC
[00:07:13] <Aprogas> If you want robust mail delivery, go SMTP until the last mailserver, don't break the SMTP-chain.
[00:07:43] <Aprogas> That log shows a remote server accepting your message.
[00:07:54] <Aprogas> Although it is a bit hard to judge exactly because lack of context.
[00:08:15] <adaptr> Aprogas: in fact, SSH tunnel directly to the intended recipient and deliver right in their mailbox, THAT's secure!
[00:08:46] <alpine_style> Aprogas: any way to make the logs verbose so I can "see" more, the sucker never lands on the final location, but when I send test messages from that same machine via CLI they land fine
[00:09:33] <Aprogas> If the other server says "250 ok", verbose logging of smtp client probably won't add much useful information.
[00:09:58] <Aprogas> It is possibly they classify your mail as virus or spam and silent-drop it.
[00:10:09] <Aprogas> My fingers always type possibly when I mean possible.
[00:10:27] <jelly-home> tessier: I don't care whether a tool is open source or not if it works. However, and orthogonal to that, budget considerations need to be taken.
[00:10:55] <alpine_style> i wonder if because the mail was sent one account and then eventually forwarded to the final destination which differs from that start it causes a problem
[00:11:11] <adaptr> Aprogas: impossibly!
[00:11:28] <jelly-home> inconceivably
[00:11:31] <adaptr> alpine_style: too little context. we said that already
[00:12:51] <tessier> Wow. We've rejected 25,000 emails just in the last few minutes that I have had blocking by reverse lookup tld enabled.
[00:13:21] <adaptr> tessier: which one did you use. the most restrictive one will yield a lot of false positives
[00:13:34] <Aprogas> soft_bounce while playing with restrictions
[00:13:39] <adaptr> and that
[00:13:48] <tessier> adaptr: Which one what did I use?
[00:14:13] *** jidar has joined #postfix
[00:15:14] <adaptr> tessier: did you use reject_unknown_reverse_client_hostname or reject_unknown_client_hostname ?
[00:15:28] <Aprogas> Oh, that's heavy.
[00:15:32] <alpine_style> ok, detail - mail gets sent to customerservice at admindermail dot com which lands on mail01.netplexity.net, fetchmail running on projectpayday.com fetches the mail from mail01.netplexity.com and delivers to local account amcustservice. finally, procmail forwards the mail to support at adminder dot helpserve.com, but it never show up.
[00:15:53] <jidar> just making sure of something here, I currently relay smtp mail via a "/etc/postfix/transport" entry. The host I'm relaying to will be down this evening and I'll want to be sending directly to receiving servers. All I need to do is nuke that entry and run the "postmap /etc/postfix/transport" command, right?
[00:16:07] <Aprogas> I'd have policyd-weight or postfwd defer such hosts to greylist, but not reject them outright.
[00:16:19] <adaptr> alpine_style: show the log from one such message
[00:16:19] *** tfiebig has joined #postfix
[00:16:22] <jelly-home> alpine_style: read qmail logs on relay=adminder.helpserve.com[174.36.110.242]:25
[00:16:37] <jelly-home> alpine_style: it accepted the message, so...
[00:16:48] <adaptr> jidar: are there other transport entries ? why did you use transport for relaying in the first place ?
[00:16:51] *** tfiebig has quit IRC
[00:16:52] <Aprogas> qmail is a liar!
[00:17:02] <adaptr> djb is a loony!
[00:17:20] <jidar> adaptr: we use some outside services for spam filtering and it all gets delivered to a exchange mailbox, so this was easier.
[00:17:30] <alpine_style> lol, hillarious, down with djb and all related doomware
[00:17:42] <jidar> adaptr: the relay is that exchange server, so it doesn't need to go off network to deliver
[00:17:53] *** henriknj has quit IRC
[00:17:54] *** EagleWatch has quit IRC
[00:17:55] <adaptr> alpine_style: qmail hasn't been significantly updated since the previous CENTURY
[00:17:57] <Aprogas> I never used qmail, but I'd never seriously considered it. I seriously considered exim (never used though).
[00:18:04] <jelly-home> alpine_style: it's what you have installed on your server. status=sent (250 ok 1285192333 qp 28526) <- that looks much like a qmail-smtpd response
[00:18:19] <jelly-home> s/have/seem to have/
[00:18:27] *** EagleWatch has joined #postfix
[00:18:33] <Aprogas> I don't even know if adminder.helpserve.com is run by alpine_style.
[00:18:44] <alpine_style> jelly-home: i dont' own the final location - adminder.helpserve.com, but i can check with them
[00:18:59] <jelly-home> alpine_style: how do you know it didn't arrive, then?
[00:19:17] <adaptr> jidar: I don't understand your answers. to control relaying to a specific machine, use relay_recipient_maps and relayhost.it's a lot cleaner than abusing transports, but if you have more than one relay, you will probably have to
[00:19:30] <alpine_style> jelly-home: it's GUI help interface, I logged in and looked and not there, the support folks claim it didn't arrive
[00:19:51] <SelfishMan> tharkun: It's highly recommended that you not reject on backscatter.spameatingmonkey.net
[00:20:13] <Aprogas> SelfishMan: Why?
[00:20:23] <alpine_style> jelly-home: company called Kayako, makes helpdesk websites
[00:20:26] <jidar> adaptr: this wasn't put together by me and I'm hardly a decent postfix admin. I'll do some research on how you are advising me to implement this, but can you verify my previous request. Will that be enough to get this up and running when my relay host goes down?
[00:20:31] *** x_or has quit IRC
[00:20:39] <jelly-home> Aprogas: qmail is a decent framework upon which to build a usable smtp server, using pluggable architecture with "patch file" and "C code" modules.
[00:20:48] <SelfishMan> Aprogas: because the criteria for listing is to send *any* backscatter with no concern for the normal traffic flows from the source
[00:21:34] *** Vivek has quit IRC
[00:21:57] <jidar> adaptr: shit, it looks like I am using a "relay_recipient_maps" as defined by "relayhost = 10.0.x.x" in my main.cf
[00:22:03] <Aprogas> jelly-home: I know Postfix, and I noticed exim is a bit simpler if you want pre-chewed interfacing with clamd, spamd, mailman, and other things it has ready-made plugins/modules/transports/directors/routers for.
[00:22:07] <alpine_style> i ran qmail back in the last millenium, wouldn't touch it these days w/ ten foot pole
[00:22:13] <jelly-home> alpine_style: tell them to look at their ^%$# mail logs, and show them the whole log your B80CD5986A1 message did, which ended up with their machine accepting the message
[00:23:19] <Aprogas> jelly-home: what a peculiar regexp
[00:23:43] <adaptr> jidar: and that does what yuo thought transport_maps did ?
[00:25:41] *** Section1 has quit IRC
[00:25:46] *** x_or has joined #postfix
[00:30:41] <tharkun> SelfishMan: why not reject ?
[00:31:09] <SelfishMan> 18:28:19 < SelfishMan> Aprogas: because the criteria for listing is to send *any* backscatter with no concern for the normal traffic flows from the source
[00:31:10] <jidar> adaptr: yep
[00:31:27] <tharkun> SelfishMan: sorry i just read it
[00:31:36] <SelfishMan> no worries
[00:31:37] * tharkun goes fixing
[00:31:53] <SelfishMan> basically, expect unwanted rejecting
[00:32:41] <adaptr> jidar: excellent! disable them while you need it to, then. I said it would be better :P
[00:32:45] <Aprogas> I don't really know the context of the comment to be honest, and I didn't really understand the reply.
[00:32:45] *** misterJack has quit IRC
[00:32:50] <SelfishMan> The backscatter list is the result of someone using one of my personal addresses in their spam campaign and after that inbox DoS I decided to be an ass in return
[00:33:35] <SelfishMan> well, that was the origin of it
[00:33:53] <seekwill> uh
[00:34:01] <Aprogas> Rejecting mail doesn't generate a bounce from your mailserver, only the mailserver connected to you.
[00:34:03] <seekwill> You want to be an ass to whom?
[00:34:40] <adaptr> u and me, probablee
[00:34:48] <SelfishMan> seekwill: If you can't configure your barracuda or similar appliance to not send me a rejection message because of spam that someone sent using my return address then I'm going to list you on the backscatter list
[00:35:09] *** Vivek has joined #postfix
[00:35:12] <seekwill> oh
[00:35:28] <SelfishMan> I don't care how badly someone configures their mail system(s) until it directly affects me
[00:35:47] <Aprogas> SelfishMan: when you say "rejection message", do you mean a 4xx or 5xx SMTP reply code, or a bounce?
[00:37:23] <Aprogas> Actually bed time for me.
[00:37:28] <Tom-B> nn
[00:37:51] <SelfishMan> tharkun: If you don't mind me asking, why are you looking for an alternative to SEM?
[00:40:08] *** jelly-home is now known as jelly-hme
[00:40:50] *** jelly-hme is now known as jelly-home
[00:42:48] <seekwill> Because SEM sucks!
[00:42:59] <seekwill> Doesn't webscale
[00:42:59] <SelfishMan> seekwill: I don't doubt it one bit
[00:45:18] <tharkun> SelfishMan: Failure tolerance.
[00:45:26] <seekwill> What is SEM?
[00:45:29] <SelfishMan> tharkun: eh?
[00:45:38] <tharkun> seekwill: Spameatingmonkey
[00:45:45] <seekwill> oh
[00:46:17] <tharkun> SelfishMan: Some of the people i work with are having conectivity isues with certain segments of internet
[00:46:23] <tharkun> crappy isp providers
[00:46:34] <adaptr> I keep reading "Shellfishman"
[00:47:14] <SelfishMan> tharkun: What can SEM do to make that less of an issue?
[00:47:25] <seekwill> adaptr: In a crabby mood?
[00:47:34] <adaptr> me ? neva!
[00:47:45] <seekwill> "The goal of this list is to have zero false positives." <-- lol
[00:47:45] <adaptr> are you spying on me AGAIN ?
[00:48:30] *** Vivek has quit IRC
[00:48:30] *** Vivek has joined #postfix
[00:49:22] <tharkun> SelfishMan: I am sorry but you can't. It seems some 3rd world isp providers have sporadic failures to connect to various ip blocks. Having different providers to do dnsbl seems the option. Whenever one is down the other should be up. or Viceversa
[00:50:07] <SelfishMan> damn. I was looking forward to deploying another nameserver in some random part of the world
[00:50:56] <tharkun> SelfishMan: is not dns resolution, since the ip is cached anyways on local machines, but the actual connection to the ip
[00:51:45] <SelfishMan> Seems to me that a more local blacklist server would help
[00:51:57] <seekwill> What I don't like about SEM is that there isn't any good contact for them. It's like a personal project...
[00:52:04] * seekwill might be eating his foot...
[00:52:39] * SelfishMan chuckles
[00:53:03] <adaptr> seekwill: no, but I will assist you in shoving it down your throat, free of charge
[00:53:08] <seekwill> Thanks!
[00:53:16] <adaptr> anything for you
[00:53:21] <SelfishMan> kinky
[00:53:21] <seekwill> You are too nice
[00:54:01] <tharkun> SelfishMan: Yes. That is the optimal solution whenever you need to do one heck of a lot of queries. On low volume servers i can't justify the acquisition of a machine just for that
[00:54:21] <seekwill> VPS!
[00:54:32] <tharkun> seekwill: If you need some salt and pepper don't hesitate to ask. It might taste better
[00:54:45] <SelfishMan> tharkun: I was thinking more along the lines of a SEM operated server in that region
[00:54:48] <seekwill> tharkun: No, my spam tastes good as is!
[00:56:07] <SelfishMan> tharkun: Seriously though, if you can think of anything that you think would help don't hesitate to tell me. Worst thing that will happen is I will say no and maybe kick a puppy
[00:56:10] <SelfishMan> or seekwill
[00:56:25] <seekwill> DONT KICK A PUPPY!
[00:56:30] <Dominian> kicking seekwill is a national past time
[00:56:32] * Dominian kicks seekwill
[00:56:40] <seekwill> Only that grue thing
[00:56:47] * tharkun kicks seekwill
[00:56:48] <seekwill> haha
[00:57:00] <seekwill> Reading "Dominian" makes me think of grues
[00:57:05] <Dominian> heh
[00:57:13] <SelfishMan> I would kick seekwill now but since it is the new hip thing I won't
[00:57:13] <Dominian> SelfishMan: Is there anything WE can do to help SEM?
[00:57:23] <SelfishMan> Dominian: MOAR DATAZ
[00:57:33] <Dominian> What kind of data ya need
[00:57:35] <SelfishMan> use it and provide feedback
[00:57:42] <tharkun> SelfishMan: If i come across a good idea I'll let you know. Even if it is only an idea :D
[00:57:47] <Dominian> Oh I'm using it
[00:57:50] <SelfishMan> just using it provides a lot of data that can be easily mined
[00:57:54] <Dominian> getting ready to setup another smtp gateway that will be using it as well
[00:58:09] <Dominian> just haven't made up my mind if I'm going to use Maia Mailguard or amavisd-new coupled with mailzu-ng...
[00:58:30] <seekwill> Don't get me wrong about SEM. It's just that my clients need something more than a web contact form.
[00:58:32] <tharkun> SelfishMan: I have a few ips that do send spam and SEM does not block them. Particularly from brasil
[00:58:39] <SelfishMan> I have a few code grunts working on SEMv4 that hate me for the amount of analysis that is performed
[00:59:28] <SelfishMan> tharkun: Feel free to randomly /msg me anything that pops up in your face and I'll look into why they aren't listed. Probably just haven't seen any junk from them yet
[01:00:34] <seekwill> SelfishMan: I take it you're one of the guys at SEM?
[01:00:49] *** x_or has quit IRC
[01:01:02] <Dominian> SelfishMan: He is "the" guy behind SEM
[01:01:02] <tharkun> seekwill: He is The Man
[01:01:06] <Dominian> bah
[01:01:07] <seekwill> oh :D
[01:01:11] <Dominian> damn tab completion
[01:01:45] <seekwill> SelfishMan: Have you thought about adding DK/DKIM to the mix? Or are you primarily connect phase type stuff?
[01:02:39] <SelfishMan> Personally, I think DKIM is pointless for filtering mail. Too much crap coming from yahoo and hotmail right now to consider a DKIM signature as a good thing
[01:03:07] <seekwill> How does an RBL block that?
[01:03:08] <SelfishMan> Although I did recently acquire a few of the spammer domains before they could. Seemed to piss them off quite a bit
[01:03:16] <jdoe> ... so don't drop on it, use DKIM for scoring
[01:03:16] <SelfishMan> seekwill: an RBL doesn't
[01:03:17] <jdoe> heh.
[01:03:25] <seekwill> jdoe: yep
[01:03:50] <seekwill> SelfishMan: The point of DKIM isn't to say if you're a spammer or not, but more of domain reputation (vs IP)
[01:04:03] <SelfishMan> jdoe: based on the amount of ham vs spam I see with DKIM it would need a score of 4.9 in SA
[01:04:18] <seekwill> DKIM is also more of a anti-phishing more than antispam
[01:04:58] *** istevenmon_ has joined #postfix
[01:05:04] <seekwill> So maybe it's not your realm...
[01:05:24] *** istevenmon has quit IRC
[01:05:25] *** istevenmon_ is now known as istevenmon
[01:05:47] <tharkun> This are from brasiltelecom.net.br 187.4.201.238 187.4.10.160 They don't get blocked by SEM but they do get blocked by fortinet (one client likes the brand can't help it)
[01:05:54] <tharkun> SelfishMan: ^^
[01:06:55] <jdoe> SelfishMan: I don't believe that, gmail and yahoo both sign, and they're a significant mail volume. It also doesn't say anything about spam at all, it just says "I sent this"
[01:07:06] <jdoe> er, sorry, "it" is DKIM in that sentence...
[01:07:54] <Dominian> of course yahoo uses it
[01:07:56] <Dominian> they came up with the idea
[01:07:59] <Dominian> :P
[01:08:01] <seekwill> DK
[01:08:07] <Dominian> well DomainKeys
[01:08:09] <Dominian> blah blah
[01:08:40] <seekwill> Does the monkey eat phish or just spam?
[01:08:44] <seekwill> :D
[01:09:06] * tharkun gets his new pair of boots to kick seekwill
[01:09:16] <KB1JWQ> Yeah, neat theory, but... :-)
[01:09:28] <seekwill> What theory?
[01:09:37] <KB1JWQ> DKIMm.
[01:09:43] <seekwill> DKIM is awesome
[01:09:51] <seekwill> Just people don't know what it's used for
[01:09:57] <seekwill> jdoe does
[01:10:21] <jdoe> I wouldn't call it awesome, it can break on mailing lists, sometimes... but generally it's good.
[01:10:36] <jdoe> and I mean it's no more broken than SPF, which people inexplicably love :P
[01:10:44] <seekwill> heh
[01:10:46] <Dominian> I detest SPF
[01:10:50] <Dominian> and DKIM
[01:10:56] <Dominian> but I use them because some receiving servers bitch if you don't
[01:10:59] <Dominian> so I add them in so they'll stfu
[01:11:19] <seekwill> Hmm... jdoe, I don't think DKIM would break on mailinglists.
[01:12:39] <seekwill> ah yes. That's right. Mailing lists adds stuff to the body
[01:13:12] <seekwill> Well, in that case, you'd strip the DKIM header and the mailing list would add its own
[01:13:29] <seekwill> That would be more appropriate anyways
[01:14:36] <tharkun> jdoe: nice article, but then To have mail delivered to gmail it is almost a must to have DKIM
[01:14:48] <Dominian> tharkun: not really
[01:14:54] <Dominian> I delievered to gmail just fine without DKIM
[01:14:56] <seekwill> tharkun: I deliver test mail to Gmail all the time, without DKIM
[01:15:21] <seekwill> literally just a subject header "test" and a body "test". Goes in just fine :D
[01:15:54] <tharkun> Well, All the mail sent to gmail from the servers i've ran was delivered directly to junk unless the dkim signature was added. And then some still get delivered there
[01:16:11] <seekwill> I have a US IP :)
[01:16:37] <seekwill> I've noticed that when working out of Asia. Some of the stuff came into junk first :/
[01:16:59] <tharkun> I have some clients ip on US some on England and some on France and it is not geolocated
[01:17:31] *** istevenmon_ has joined #postfix
[01:17:34] <seekwill> ok
[01:17:42] <jdoe> tharkun: ... right. I'm the one saying DKIM isn't a monstrosity :P
[01:18:09] <tharkun> ;)
[01:18:22] *** istevenmon_ has quit IRC
[01:18:27] *** mroe has quit IRC
[01:18:56] <seekwill> boom
[01:19:57] <seekwill> I think phishing is more of a problem than spam.
[01:20:34] <seekwill> Phishing is more of a threat to unsuspecting people than spam.
[01:20:38] <Dominian> I think undereducated morons are the key to phising
[01:20:41] <seekwill> The "general public"
[01:20:45] <Dominian> phishing that is
[01:21:15] *** istevenmon has quit IRC
[01:21:19] <Dominian> "zomg some widowed princess needs my help to get 800Million dollars out of afghanatucky!"
[01:21:30] <seekwill> With widespread use of the intarwebz, everyone having email, people can delete viagra emails. But getting an email saying it's from their bank can be hard to determine
[01:21:40] <Dominian> ha
[01:21:42] <Dominian> not really
[01:21:45] <Dominian> the grammar is usually horrible
[01:21:58] <Dominian> however, some of the urls can be deceiving
[01:21:58] <seekwill> For those phishing, yeah
[01:23:04] <seekwill> Some of the grammar might be horrible, but... uh... do most people say "OMG!!! Bank of America said "who" instead of "whom"!!! It must be a phishing attack!!!!"
[01:23:44] <Dominian> I do
[01:23:45] <Dominian> :)
[01:23:47] *** forsberg is now known as fOrsberg
[01:23:49] <seekwill> heh
[01:23:53] <Dominian> Then again I've got a trained eye :P
[01:23:54] <seekwill> You do a lot of things
[01:23:58] *** _bt has joined #postfix
[01:24:00] <tharkun> Dominian: For the record i have mail letters from year 1950 stating the same facts :D
[01:24:06] <Dominian> tharkun: haha
[01:24:32] <Dominian> hahahaha
[01:24:36] <Dominian> speaking of phisihing scams
[01:24:39] <Dominian> I JUST got one into my Inbox
[01:24:44] <seekwill> I had to do it
[01:24:49] <Dominian> this one from Maybank Services
[01:24:52] <Dominian> which.. I've never heard of
[01:24:53] <seekwill> heh
[01:24:57] <seekwill> Malaysia
[01:25:07] <tharkun> I'll ask my uncle to scan one of those and i'll post it on some picpaste site
[01:25:07] <Dominian> hahahaha
[01:25:08] <Dominian> yep
[01:25:10] <Dominian> malaysia
[01:25:21] <tharkun> Ceylan if my memory serves me right
[01:25:31] <Dominian> We recently noticed several invalid login attempts from ip address 203.82.94.58 to your maybank accountWe recently noticed several invalid login attempts from ip address 203.82.94.58 to your maybank account
[01:25:45] <seekwill> Twice?
[01:25:46] <Dominian> sorry double paste
[01:25:48] <seekwill> oh
[01:26:01] <Dominian> check the IP
[01:26:03] <Dominian> its .my
[01:26:14] <seekwill> Speaking of proper, you ever see people TYPING EMAILS LIKE THIS???
[01:26:35] <Dominian> seekwill: yeah I got one from my "bank": ACCOUNT COMPROMISED!!!!!11
[01:26:44] <seekwill> haha
[01:26:44] <Dominian> I was like "hah.. yah right *delete*"
[01:27:01] <seekwill> haha
[01:27:06] <seekwill> Click here to notify us of any Maybank2u.com "phishing" website
[01:27:21] <seekwill> On the phishing site...
[01:27:25] <Dominian> oh hahahaha
[01:27:31] <Dominian> this actually went to my main account hosted on google apps
[01:27:36] <Dominian> VIA my noobfarm.org domain
[01:27:39] <Dominian> now THATs funny
[01:27:48] <Dominian> I've never used any @noobfarm.org address for a damn thing
[01:27:58] <seekwill> You just did!
[01:28:03] <Dominian> hah
[01:28:05] <seekwill> It's on an irc log now
[01:28:11] <seekwill> published on google
[01:28:35] <Dominian> and...
[01:28:41] <Dominian> it was sent via aol's mail servers
[01:28:56] <seekwill> Maybe a dial up account
[01:29:12] * Dominian moves it to his spam folder
[01:29:25] <Dominian> If anyone needs spam messages for training...
[01:29:29] <Dominian> my google apps account has a shit load
[01:29:30] <seekwill> I really need to get my mail server back up :(
[01:32:24] <seekwill> What was that site that does scanning of an IP to see what ports are blocked?
[01:32:37] * tharkun sends a crane to help seekwill
[01:32:45] <seekwill> A flying one?
[01:33:08] <tharkun> It's long since i last saw one of those but let me check if we have them on stock
[01:33:21] <tharkun> seekwill: pm the ip and i'll nmap it for you
[01:33:31] <seekwill> c-76-121-185-117.hsd1.wa.comcast.net
[01:33:40] <seekwill> I don't believe in private messages!
[01:34:07] <seekwill> And it's not mine :P
[01:36:09] <tharkun> open tcp 80, 110, 113, 139, 143, 445 and 8008 p25 is locally blocked so state is unknown
[01:36:51] <seekwill> 25 is what I wanted :)
[01:37:05] <seekwill> I'll just have to go over there and check :/
[01:40:37] <tharkun> seekwill: the other alternative i had to do the portscan reports that the ip is down. Sorry can't help you there
[01:42:21] <seekwill> no worries, thanks :) hehe
[01:46:22] *** fignew has quit IRC
[01:52:01] *** fignew has joined #postfix
[02:13:27] <SelfishMan> jdoe: I know it doesn't but based on the traffic *I* see from people with DKIM it is an indication of bad mail, not good.
[02:13:51] <SelfishMan> tharkun: 187.4.201.238 has been listed
[02:15:45] <tharkun> SelfishMan: thx, i'll keep an eye on my logs and try to spot the backscatter i get from fortinet. it might help you
[02:21:13] *** sphenxes02 has joined #postfix
[02:22:14] *** MAAAAAD has quit IRC
[02:22:42] *** MAAAAAD has joined #postfix
[02:24:57] *** sphenxes01 has quit IRC
[02:26:34] *** jidar has quit IRC
[02:27:23] <will_> SelfishMan: Did the signatures verify? And define "bad" and "good"
[02:28:02] <SelfishMan> will_: valid signatures because the mail was sent directly through those freemail providers. bad==spam, good=notspam
[02:29:29] <will_> Like I was trying to say before, DKIM is not about spam. it's about authentication
[02:29:49] <SelfishMan> will_: yes, but another person was asking about it for spam filtering purposes
[02:29:56] <will_> What's needed is a database of people who signs DK/DKIM
[02:30:09] <will_> SelfishMan: That person is using it for the wrong reason
[02:30:41] <will_> DKIM is about antiphishing, not antispam. Do you see the difference?
[02:30:45] <SelfishMan> what good would a DKIM DB be? If something has a valid signature then it means *that* server is signing
[02:31:08] <will_> I don't think you get it :)
[02:31:25] <SelfishMan> I'm well aware of the difference. And it isn't about antiphishing, it's about verifying the source domain
[02:32:00] <will_> Depends on how you use it
[02:32:15] <SelfishMan> it doesn't do a think to stop phishing
[02:32:17] <will_> DK is "better" at it, being simpler
[02:32:42] <will_> Ok, nevermind :) you're right.
[02:32:43] <SelfishMan> The numerous DKIM signed phishing message sent through hotmail last week are proof of that
[02:52:53] *** bluethundr__ has quit IRC
[03:10:32] *** nb is now known as i
[03:12:15] *** i is now known as Fedora17
[03:12:23] *** Fedora17 is now known as i
[03:15:33] <tharkun> i: having fun ??
[03:17:02] *** fken has quit IRC
[03:18:42] *** Verilium has quit IRC
[03:34:03] *** tharkun has quit IRC
[03:34:44] *** wdp_ has joined #postfix
[03:38:00] *** wdp__ has quit IRC
[03:41:23] *** uqlev has joined #postfix
[03:55:09] *** Tashia has joined #postfix
[03:55:47] <Tashia> I need help. Postfix for ubuntu linux isn't configuring correctly. PHP is what i'd be using with it.
[04:02:10] *** mroe has joined #postfix
[04:03:59] <KB1JWQ> !welcome
[04:03:59] <knoba> KB1JWQ: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[04:04:02] <KB1JWQ> Tashia: Time to go read.
[04:04:03] <KB1JWQ> :-)
[04:05:00] <Dominian> PHP..?
[04:05:02] <Dominian> !standard
[04:05:05] <Dominian> !basic
[04:05:07] <Dominian> !mta
[04:05:07] <knoba> Dominian: "mta" : Mail Transfer Agent: software that facilitates the transfer of mail messages between hosts
[04:05:19] <mroe> I think I'm glad I missed the question...
[04:08:52] *** rajijoom has joined #postfix
[04:18:22] *** jelly-home has quit IRC
[04:18:50] *** xumpi has quit IRC
[04:27:45] *** Vivek has quit IRC
[04:36:11] *** JonnyV has joined #postfix
[04:39:34] <Tashia> I did the basic configuration. It still won't transfer mail to an external server.
[04:40:37] <mroe> logs?
[04:40:39] <mroe> postconf?
[04:41:45] <Tashia> what log files should i check?
[04:42:42] <mroe> you should check the logs where postfix is logging to
[04:43:08] <Tashia> which are, mail.err and maillog?
[04:43:57] <mroe> it really depends on the distro and your setup
[04:44:01] <mroe> !syslog
[04:44:01] <knoba> mroe: Error: "syslog" is not a valid command.
[04:44:20] <mroe> but it is a good first step to figure out why postfix isn't doing what you expect it to do
[04:44:49] <Tashia> connection time out. I just read that in the log
[04:45:47] <mroe> what daemon logged it?
[04:46:51] <Tashia> postfix smtp
[04:47:06] <mroe> sounds like you found some postfix logs. That's good
[04:47:58] <Tashia> what should i do about the error?
[04:48:36] <mroe> it does seem like you are pretty green when it comes to not just mail administration, but also system administration. Setting up a properly-configured, fully-functional mail server is no easy task. It isn't like setting up a web server or dns server or anything like that. It takes a breadth of understanding that, it seems at least, you don't have. May I ask why you are setting up a mail server?
[04:48:51] <Dominian> !logs
[04:48:51] <knoba> Dominian: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung
[04:51:41] <Dominian> ignore this next factoid.. its for me
[04:51:46] <Dominian> !nullclient
[04:51:46] <knoba> Dominian: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.
[04:51:55] <Dominian> !nullclient_software
[04:51:55] <knoba> Dominian: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include esmtp, ssmtp and nullmailer. also see !msa
[04:52:07] <mroe> !tell Dominian whisper
[04:52:07] <knoba> mroe: Error: No factoid matches that key.
[04:52:11] <mroe> hrm...
[04:52:16] <Dominian> !tell mroe basic
[04:52:18] <Dominian> :P
[04:52:20] <Dominian> hehe
[04:53:13] <mroe> !learn whisper as It can be helpful to send factoids to people without spamming the channel. You can do this by using the following command: !whisper <nick> <factoid>
[04:53:16] <mroe> !whisper
[04:53:16] <knoba> mroe: (whisper <an alias, 2 arguments>) -- Alias for "Misc tell $1 [Factoids whatis $2]".
[04:53:28] <mroe> !tell mroe whisper
[04:53:29] <knoba> mroe: "whisper" : It can be helpful to send factoids to people without spamming the channel. You can do this by using the following command: !whisper <nick> <factoid>
[04:53:40] <Dominian> !whisper dominian basic
[04:53:43] <Dominian> there we go
[04:53:55] <Dominian> mroe: learn something new every day
[04:54:13] <mroe> I'm here to help ;)
[04:58:27] <Tashia> Is there anyway i can get postfix to relay email to an external server?
[04:58:35] <mroe> !relay_host
[04:58:35] <knoba> mroe: Error: "relay_host" is not a valid command.
[04:58:38] <mroe> !relayhost
[04:58:38] <knoba> mroe: "relayhost" : a configuration parameter in the main.cf: The default host to send non-local mail to when no entry is matched in the optional transport(5) table. When no relayhost is given, mail is routed directly to the destination. If your relay host requires authentication see the !saslclient channel factoid.
[04:59:32] <Dominian> You can do relayhost or even transport maps to do it
[04:59:40] <mroe> !transport_map
[04:59:40] <knoba> mroe: Error: "transport_map" is not a valid command.
[04:59:45] <mroe> !transpor
[04:59:45] <knoba> mroe: Error: "transpor" is not a valid command.
[04:59:46] <mroe> !transport
[04:59:46]
<knoba> mroe: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[05:06:06] <Tashia> could the /etc/postfix/transport file not existing be a problem?
[05:06:27] <mroe> only if you want to use it
[05:06:45] <mroe> and if you do, you can create it
[05:06:49] <Tashia> oh. I think i'm using relayhost at the moment
[05:06:58] <mroe> ok
[05:07:51] <Tashia> relay host is blank
[05:08:10] <mroe> then I guess you aren't using it
[05:08:29] *** mod_cure has quit IRC
[05:08:33] <Tashia> relayhost = (default: direct delivery to Internet)
[05:13:02] *** Tashia has quit IRC
[05:13:21] *** Tashia has joined #postfix
[05:21:27] *** ghoti has quit IRC
[05:23:19] <Tashia> What should I put for relayhost in my main.cf file?
[05:24:49] <KB1JWQ> postconf -n to a pastebin.
[05:25:07] <mroe> Tashia, you should put the host you want to relay to
[05:25:20] <mroe> the name kind of gives it away
[05:25:44] *** uqlev has quit IRC
[05:26:17] <Tashia> mroe, what if i want to relay to any mail host, not just 1?
[05:26:27] <KB1JWQ> rob0, seekwill, standon: Back from the honeymoon. Ping.
[05:26:48] <mroe> Tashia, how would you like your mailserver to decide what relayhost to use?
[05:28:53] <Tashia> Not sure if i'm understanding. I'd like for it to just send mail to any host that it is directed to
[05:29:23] <mroe> !super_basic
[05:29:36] <mroe> You are not understanding
[05:29:47] <mroe> you need to read a lot more documentation
[05:30:14] <riversky> Server unexpectedly disconnected: Fatal error: Maildir: No such file or directory
[05:30:18] <riversky> How do i fix that?
[05:30:35] <KB1JWQ> riversky: See the /topic
[05:31:47] *** ghoti has joined #postfix
[05:34:45] *** leroux has joined #postfix
[05:34:53] *** leroux has quit IRC
[05:36:52] *** neogranas has joined #postfix
[05:43:45] *** MAAAAAD has quit IRC
[05:56:03] *** MAAAAAD has joined #postfix
[05:58:16] <Tashia> !basic
[06:00:18] *** neogranas has quit IRC
[06:07:32] *** Motoko-chan has joined #postfix
[06:09:27] *** saurabhb has joined #postfix
[06:09:53] *** riversky has quit IRC
[06:11:06] *** KB1JWQ is now known as KB1JWQ|Jst_Mrd
[06:17:44] *** sebuba has joined #postfix
[06:32:59] <jeev> mazeltoff
[06:33:14] <jeev> name your first child after me and add something jewish at the end
[06:34:20] *** Tashia has quit IRC
[06:35:28] *** JonnyV has quit IRC
[06:35:45] *** pinoyskull has joined #postfix
[06:46:36] *** EagleWatch has quit IRC
[06:52:46] *** anon_ has joined #postfix
[06:52:57] *** mroe has quit IRC
[06:56:57] *** mroe has joined #postfix
[06:59:35] *** pinoyskull has quit IRC
[07:00:22] *** rajijoom has quit IRC
[07:00:29] *** anon_ has quit IRC
[07:00:33] *** pinoyskull has joined #postfix
[07:09:57] *** pinoyskull- has joined #postfix
[07:12:46] *** pinoyskull has quit IRC
[07:21:27] *** navaki has joined #postfix
[07:26:10] *** EagleWatch has joined #postfix
[07:32:31] *** alpine_style has quit IRC
[07:35:13] *** sebuba has quit IRC
[07:53:09] *** johest|w has quit IRC
[08:08:06] *** mroe has quit IRC
[08:08:54] *** famicom has quit IRC
[08:10:54] <navaki> Hi all,I am writing a content filtering script for extracting attachments in postfix.i use ripmime and
[08:10:55] <navaki> want to know how can i access to email for passing it to ripmime inscript?thanks in advance.
[08:11:39] *** EagleWatch has quit IRC
[08:17:37] *** EagleWatch has joined #postfix
[08:17:40] *** hever has joined #postfix
[08:22:54] *** UQlev has joined #postfix
[08:23:45] *** henriknj has joined #postfix
[08:24:19] *** johest|w has joined #postfix
[08:25:58] *** xumpi has joined #postfix
[08:42:30] *** henriknj_ has joined #postfix
[08:43:11] <navaki> anyone can response to me?
[08:43:20] *** henriknj has quit IRC
[08:43:32] *** fOrsberg is now known as forsberg
[08:44:27] *** cilly has joined #postfix
[08:44:28] <UQlev> navaki, repeat your question pls
[08:45:58] <navaki> I am writing a content filtering script for extracting attachments in postfix.i use ripmime and want to know how can i access to email for passing it to ripmime in my script?
[08:47:01] <UQlev> navaki, usually LDA for it: procmail, maildrop
[08:47:37] <UQlev> navaki, you may use .forward file for piping into a script
[08:48:36] <UQlev> navaki, it depends on what stage of the delivery you want to do it
[08:49:12] <UQlev> navaki, if prequeue then amavis
[08:49:54] *** e-jones has joined #postfix
[08:50:07] <navaki> UQlev ,After queue.
[08:50:26] <UQlev> navaki, then use LDA
[08:51:09] <navaki> for extracting attachments what stage is better?i think after queue.
[08:51:35] *** pinoyskull- has quit IRC
[08:52:13] <UQlev> navaki, depends on the purpose of the extraction. Unless it is spam or virus it is better afterqueue
[08:52:50] *** MAAAAAD has quit IRC
[08:52:54] <navaki> UQlev ,no , i want to extract all of attachments from any email.
[08:53:37] *** MAAAAAD has joined #postfix
[08:53:49] <UQlev> navaki, for what reason? to destroy integrity of the message?
[08:55:36] <UQlev> navaki, how will you name and sort extracted files?
[08:57:24] <navaki> UQlev , i want to store them in postfix.with name that it has in MIME file.
[08:57:55] <roe> 'store them in postfix'?
[08:58:01] <UQlev> navaki, they will be not uniq
[08:58:20] <UQlev> navaki, it will be mess
[08:58:26] <roe> postfix is not a storage mechanism
[08:58:43] <UQlev> roe, he might mean on the same server
[08:59:02] <navaki> UQlev,yes,on the same server.
[08:59:11] <roe> and how do user's access them?
[08:59:14] <roe> users*
[09:01:24] <UQlev> roe, it seems sorta school excercise without any practical meaning
[09:02:12] <roe> UQlev, to me it seems like an effort to solve a user problem without training the user
[09:03:21] <roe> either way it is a bad idea
[09:03:24] <UQlev> roe, you mean his user might use MUA with no ability to extract attachment?
[09:03:42] *** henriknj_ has quit IRC
[09:04:02] <roe> UQlev, I was thinking about it from the sending side
[09:04:22] <roe> not receiving.
[09:04:55] <roe> a way to allow his user base to 'send' ungodly large files
[09:05:18] <roe> strip them and post them
[09:07:14] <UQlev> hmm, they can't be very big because other servers' size restriction
[09:08:01] <roe> right, but the 'stripping and posting' allows users to send as large files as they want because he would be doing 'magic' on the server
[09:08:43] <roe> regardless, it is a bad idea
[09:09:11] <UQlev> roe, you are right
[09:13:26] <UQlev> roe, at the beginning there is temptation to use MTA for everything, ignoring other protocols/services
[09:13:55] <roe> yes
[09:14:10] <roe> when all you have is a hammer everything starts to look like a nail
[09:14:21] <UQlev> :)
[09:15:02] *** jelly-home has joined #postfix
[09:18:39] <navaki> UQlev , roe , with storing attachments by postfix , imap server can send emails with links of attachments instead of attachments for users.
[09:19:45] <UQlev> navaki, well, if it makes sens for you and your users keep on doing so
[09:20:16] <roe> navaki, what is the benefit of using http to download attachments over imap?
[09:21:02] <UQlev> he might not allproached ACL yet
[09:22:03] <UQlev> every user will have http folder, or web_dav ;)
[09:22:30] <navaki> roe we can generate dynamic type url and by separating attachments imap will send smaller amount of data
[09:23:19] <roe> you know that the attachment isn't transmitted until it is downloaded, so the traffic will be the same, just split over two protocols
[09:23:36] <UQlev> navaki, you might save in IMAP traffic but it will be used by HTTP later
[09:25:03] <UQlev> navaki, and you will get at least double as much trouble with authentication and permissions
[09:27:53] *** Motoko-chan has quit IRC
[09:31:14] <navaki> UQlev, it will be easier for us to authenticate users via our web application, and since we have a horizontal scale web servers network it would be better to serve files via http, our main goal is a webmail
[09:32:21] <roe> so you aren't talking about using the same server
[09:32:30] <UQlev> navaki, all web-mail clients work perfectly with attachments
[09:34:21] <UQlev> navaki, probably you might want to look at some groupware applications like egroupware, simplegroupware etc
[09:36:04] <navaki> roe,UQlev,thank for your help.whatever, i not get response of my main question.i use ripmime and want to know how can i access to email for passing it to ripmime in my content filter script?
[09:36:58] <UQlev> navaki, you have missed an answer - use LDA
[09:38:00] <roe> navaki, I don't really understand the question, although some of it might be a language barrier
[09:38:21] *** talin has joined #postfix
[09:38:34] <talin> good morning. if an e-mail is stuck in the queue... what is a good way to figure out why?
[09:38:37] <roe> you have a content filter and you want to know how to tie it into postfix?
[09:38:43] <talin> i have checked the content, and it looks fine
[09:38:47] <roe> talin, logs
[09:39:22] <navaki> UQlev, can you more explain about what i have to do about LDA?
[09:39:37] <talin> in the logs i can see him connecting, and i can see the "from=<his address>"
[09:39:44] <talin> but there is no second line saying it was sent
[09:39:59] <roe> talin, show me
[09:40:05] <roe> (in a pastebin)
[09:40:07] <navaki> roe,i want to write one script to extract attachment by content filter in postfix. for extrarcting i use ripmime utility.
[09:40:27] <UQlev> navaki, you have to instruct postfix deliver to LDA, and LDA may pipe your message to any script
[09:41:31] <roe> navaki, ok, so once you write the script you can use the content_filter parameter to integrate it with postfix
[09:41:52] <roe> !content_filter
[09:41:52]
<knoba> roe: "content_filter" : a configuration parameter in the main.cf: The name of a mail delivery transport that filters mail after it is queued. Also reference: http://www.postfix.org/FILTER_README.html
[09:42:13] <navaki> roe , my main problem is in writing script.how to pass email to ripmime utility in my script?
[09:43:01] <roe> navaki, the link should help you
[09:43:10] <navaki> UQlev, How can i instruct postfix deliver to LDA?
[09:43:37] <UQlev> !lda
[09:43:37] <knoba> UQlev: Error: "lda" is not a valid command.
[09:43:48] <roe> !mda
[09:43:48] <knoba> roe: "mda" : Mail Delivery Agent: software that delivers mail messages to individual recipient mailboxes after they've been accepted by an MTA. Postfix includes local(8) and virtual(8) MDAs, or can be configured to use an external one.
[09:44:12] <roe> lda is a subset of mda
[09:47:25] *** Matic`Makovec has joined #postfix
[09:48:57] *** henriknj has joined #postfix
[09:49:08] <talin> roe: those messages in the queue, i find them in the log with the last entry: status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
[09:49:21] <talin> roe: they were able to send yesterday... so i don't quite get what has happened
[09:49:57] <UQlev> talin, seems like service listening 10024 is down
[09:49:57] *** Vivek has joined #postfix
[09:49:57] *** Vivek has joined #postfix
[09:49:57] <roe> looks like amavis is not happy
[09:50:15] *** ghoti has quit IRC
[09:50:36] <UQlev> talin, netstat -an | grep :10024
[09:50:38] <Aprogas> Amavis is a Mail Disappearance Agent.
[09:50:48] <roe> Aprogas, better than mailscanner
[09:50:53] <Aprogas> I suppose.
[09:52:24] <UQlev> talin, it might be clamav upgrade issue
[09:53:12] *** e-jones has quit IRC
[09:53:58] <roe> ugh, I remember 8 months or so ago clam really screwed a large portion of their user base by changing the format in which definitions were formatted
[09:54:02] <roe> that was a long morning
[09:54:35] <roe> "On 15 April 2010 all ClamAV installations older than 0.95 will be disabled."
[09:55:46] *** ghoti has joined #postfix
[10:04:22] *** t3cnerd has quit IRC
[10:08:01] *** johest|w has quit IRC
[10:19:18] *** johest|w has joined #postfix
[10:19:33] <Signum> Moin... I could use a second pair of eyes. Apparently emails from ... at mansion dot com get rejected due to "too many DNS lookups" while checking their SPF entry (tumgreyspf) here. I have checked every mentioned server manually but fail to find the cause.
[10:19:53] <Signum> Usually I find it easier to point out a peer's wrong SPF entry. Like many organisations use several SPF entries and fail.
[10:21:32] <Aprogas> What throws the error "too many DNS lookups" ?
[10:23:22] <talin> UQlev: oh, okay
[10:24:29] <talin> UQlev: netstat -an | grep :10024 returns nothing... and i tried to restart amavis... should i restart clam?
[10:25:06] <roe> Signum, your spf is fine, but you are exceeding the maximum dns lookups
[10:25:14] <UQlev> talin, you should examine your logs first of all: messages, maillog etc
[10:26:14] <roe> Signum, I change a few of those entries to IPs and things should work
[10:26:15] <talin> UQlev: seems like amavis is not working...
[10:27:16] <UQlev> talin, there mist be a reason, reason most probably disclosed in logfiles or in start-message
[10:27:32] <talin> UQlev: start message of amavis? okay, i will check that
[10:27:53] <UQlev> talin, is there start-stop script for amavis?
[10:28:00] <talin> UQlev: yes
[10:28:15] <UQlev> talin, when you run it there might be a message
[10:28:17] <roe> Signum, 10 is the most common limit, and I count 12
[10:28:47] <talin> UQlev: i stopped it and started it
[10:29:02] <talin> UQlev: when i start it, it gives a warning saying that RAMDISK is unstable, but nothing else.
[10:29:19] <roe> hrm actually, I count 10, so it is probably 'less than 10'
[10:29:41] <UQlev> talin, check var/log/messages
[10:29:54] <talin> UQlev: there is nothing there
[10:30:01] <talin> UQlev: related to amavis/clam/postfix
[10:30:34] <UQlev> talin, pastebin FULL output of "natstat -an"
[10:30:48] <UQlev> talin, "netstat -an"
[10:30:51] <talin> UQlev: oki, will do. and thanks a ton for helping me
[10:32:30] <talin> UQlev: oh, there is a 10024 there, but it's . instead of :
[10:32:35] <roe> ha, actually I was correct the first time you have 12 lookups <- Signum
[10:33:50] <UQlev> talin, I asked full output with sockets
[10:35:18] <roe> talin, are you using a ramdisk for something? /tmp maybe?
[10:37:07] <talin> roe: /dev/md0 3.9G 264K 3.6G 0% /var/amavis/tmp
[10:37:10] <talin> roe: that one, i think
[10:38:00] <roe> that is a raid device
[10:38:26] <talin> roe: /var/named/dev and /dev are "devfs"
[10:38:27] <roe> can I see /etc/fstab?
[10:38:42] <roe> (pastebin)
[10:39:17] <UQlev> talin, it seems that all services are running (postfix, amavis, clamd) but whether they can communicate each other depends on your configs
[10:39:47] <roe> what OS is this?
[10:39:58] <UQlev> seems like FreeBSD
[10:40:07] <talin> yes, it is freebsd
[10:40:15] <talin> UQlev: but i haven't changed any configs... and it has been working for months
[10:40:39] <roe> talin, enable debugging in the amavis conf and then start it, and pastebin the logs
[10:41:23] <roe> (make sure all amavis processes are stopped before you start it)
[10:42:15] <talin> oki, i set verbosity 3
[10:42:21] <talin> stopped amavis and started it
[10:42:28] <talin> i can't figure out from the logfile where it logs to though
[10:42:39] <roe> after you stopped it did you run a ps ax |grep amavis?
[10:42:43] <talin> yes
[10:42:49] <talin> all i saw then was "grep amavis"
[10:42:54] <roe> ok good
[10:43:08] <roe> is it configured to log to syslog?
[10:43:31] <talin> DO_VIA_SYSLOG=1
[10:43:36] <talin> i suppose that is "yes"
[10:43:46] <roe> ok, then it probably logs to the same place postfix logs to
[10:43:51] <talin> ah, okay
[10:44:00] <roe> at least that would be my *guess*
[10:44:23] <talin> Sep 23 10:51:34 panzerfaust amavis[38417]: (38417-02) _WARN: Use of uninitialized value in string ne at /usr/local/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/AsyncLoop.pm line 173, <GEN19> line 7670.
[10:44:31] <talin> in /var/log/maillog
[10:44:38] <roe> there should me more than that
[10:45:26] <Signum> roe: Is 10 a fixed limit according to SPF? or might it be an artificial limit of tumgreyspf?
[10:45:43] <roe> Signum, it seems fixed according to the rfc
[10:46:14] <UQlev> talin, perl -v
[10:46:31] <Signum> roe: Alright, thanks. Some business partners have barely any idea of SPF and it's hard to explain what they are actually doing wrong.
[10:46:54] <talin> UQlev: version 5.10.1
[10:47:44] <UQlev> talin, probably you should reinstall Spamassassin
[10:47:59] <talin> UQlev: but shouldn't there be error messages? is that version of perl wrong?
[10:48:10] <roe> Signum, from the RFC "To prevent Denial of Service
[10:48:10] <roe> (DoS) attacks, more than 10 MX names MUST NOT be looked up during the
[10:48:10] <roe> evaluation of an "mx" mechanism (see Section 10). If any address
[10:48:11] <roe> matches, the mechanism matches."
[10:48:55] <UQlev> talin, I can't say it yet, have you done any perlupgrade recently?
[10:49:27] <talin> UQlev: i don't think so, no
[10:49:35] <talin> UQlev: should i try to do that?
[10:49:47] <UQlev> talin, wait
[10:50:27] <UQlev> talin, amavis is perl-application, SA as well, seems like SA can't start because of module problem
[10:50:41] <talin> UQlev: oh
[10:50:43] <roe> when using amavis SA doesn't run
[10:50:48] *** teer has joined #postfix
[10:51:05] <roe> amavis uses the SA rules
[10:51:40] <UQlev> talin, if you start upgrade perl it will affect the whole system
[10:51:53] <talin> UQlev: oh, i see..
[10:52:47] <UQlev> talin, is there separate start-stop script for SA?
[10:53:09] <talin> UQlev: there is one called sa-spamd
[10:53:32] <UQlev> talin, if you restart it are there any messages?
[10:53:55] <talin> UQlev: it's not set to start automatically in /etc/rc.conf,so i can't restart it.. only start/stop
[10:54:10] <talin> UQlev: should i try to start it?
[10:54:20] <UQlev> yes
[10:54:37] <UQlev> because it is not running, no socket
[10:55:27] <talin> UQlev: ps ax | grep spam
[10:55:30] <talin> i see it there now
[10:55:59] <talin> i suppose that amavis normally starts this service automatically? hmm
[10:56:13] <roe> no. Amavis+SA doesn't work that way
[10:56:25] <talin> should i try to flush the postqueue to see if anything disappears now?
[10:56:27] <roe> they are both perl so there is no reason for spamd to run in normal operation
[10:56:36] <talin> roe: oh, i see
[10:57:07] <roe> that is part of what makes amavis+sa efficient, is amavis is the only daemon that runs but it uses all of the SA libraries and rules
[10:59:43] <talin> i don't understand how this could happen over night though
[10:59:52] <talin> maybe i should try to stop and start postfix
[11:00:00] <talin> unless that deletes the mail queue?
[11:00:03] <roe> it hsa nothing to do with postifx
[11:00:36] <roe> talin, what is the uptime of your server, just curious when the last reboot was
[11:01:27] <talin> roe: 121 days
[11:01:41] <talin> that is when i installed it
[11:01:55] <roe> so it wasn't a reboot that caused your issues
[11:01:56] *** henriknj has quit IRC
[11:02:03] <talin> no..
[11:02:30] <talin> any idea how i can remedy this? i did postqueue -f, but they still seem to be in the queue
[11:02:47] <roe> as expected
[11:03:01] <roe> you have two courses of action 1)fix it 2)bypass it
[11:03:09] <talin> roe: bypass amavis?
[11:03:12] <roe> yes
[11:03:26] <talin> roe: when i do tail -n 100 /var/log/maillog | grep sent
[11:03:28] <talin> i see some that are sent
[11:03:42] <talin> does that mean it might be working again?
[11:04:02] * roe looks into his crystal ball
[11:04:15] *** teer has left #postfix
[11:04:23] <UQlev> talin, depends on where does amavis work pre-queue or post-queue
[11:04:39] <talin> UQlev: aah, okay
[11:05:16] <UQlev> talin, messages in queue may be irrelevant to amavis fault
[11:05:43] <talin> it looks like the queue size is dropping a bit...
[11:05:58] <talin> only with a few per second though...
[11:06:56] <UQlev> talin, try to send something to the domain you host on this server
[11:07:33] <UQlev> talin, from outside
[11:08:06] <UQlev> talin, and watch the maillog
[11:09:43] *** Vivek has quit IRC
[11:09:46] <talin> UQlev: this is only for outgoing mail
[11:10:00] <talin> UQlev: this server is not the final destination for any e-mail
[11:10:07] *** Twinkletoes has joined #postfix
[11:10:11] *** sphenxes02 has quit IRC
[11:11:21] *** sphenxes02 has joined #postfix
[11:11:45] *** sphenxes02 has quit IRC
[11:15:51] <talin> UQlev: hmm, if i do "telnet localhost 10024", i see the ESMTP prompt
[11:16:00] <talin> UQlev: maybe starting spamd did help after all, then?
[11:16:26] <UQlev> talin, watch your logfiles
[11:16:44] <Aprogas> Could you rephrase what the problem is? I don't want to read 2 pages of logs.
[11:17:13] <roe> Aprogas, Amavis is throwing perl errors when it starts
[11:17:22] <talin> Aprogas: during the night, amavisd stopped working (i assume, since mails never leave the queue, and there is no mention of amavis in headers)
[11:17:37] <talin> roe: not errors, just warnings, i think?
[11:17:59] <Aprogas> "errors" is too vague
[11:18:31] <roe> sure, but the postfix error ends in: 127.0.0.1[127.0.0.1]:10024: Connection refused)
[11:18:34] <UQlev> Aprogas, started from <talin> roe: those messages in the queue, i find them in the log with the last entry: status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
[11:19:07] <Aprogas> If amavis doesn't run, Postfix cannot connect to it.
[11:19:15] <talin> when i try to "telnet localhost 10024" now, i see the ESMTP banner... so maybe it got fixed when i started spamd, like UQlev suggested
[11:19:20] <Aprogas> If the Postfix reinject smtpd doesn't run, amavis cannot connect to it.
[11:19:26] <Aprogas> Amavis does not use spamd.
[11:19:38] <roe> ^ like I said
[11:19:41] <Aprogas> Amavis is a daemon itself and calls Mail::SpamAssassin directly.
[11:19:46] <talin> hmm, okay
[11:20:19] <talin> Sep 23 11:25:25 panzerfaust amavis[38419]: (38419-12) _WARN: plugin: eval failed: error closing socket: Bad file descriptor at /usr/local/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/DnsResolver.pm line 185, <GEN19> line 42772.
[11:20:36] <talin> lots of those appeared just now
[11:20:43] <Aprogas> Check that directory.
[11:21:04] <Aprogas> Maybe the .pm's are corrupt and need to be rebuilt, ask Perl people how to do that.
[11:21:16] <talin> okay. thank you
[11:21:17] <Aprogas> I meant their binary nativecode or whatever they call that.
[11:21:25] <Aprogas> The "loads faster" stuff.
[11:21:30] <Aprogas> My language is bad again.
[11:21:43] <roe> talin, check to see if libnet-ip-perl is installed
[11:23:20] <Aprogas> Retrace all steps of installing and setting up amavis.
[11:24:34] *** hyper_ch has joined #postfix
[11:25:13] <hyper_ch> hi there, I have a strange problem... for some reasons postfix complains about RBLs not being able to found and rejects all emails with Sender address rejected: Domain not found --> I did disable RBLs and a lot of other checks and reloaded the config, yet still everything gets rejected
[11:25:28] <Aprogas> !tell hyper_ch welcome
[11:25:28] <knoba> hyper_ch: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[11:25:29] *** navaki has quit IRC
[11:26:07] <hyper_ch> hi Aprogas
[11:26:08] *** master_of_master has quit IRC
[11:27:12] <talin> maybe i should reinstall amavis...
[11:27:41] <roe> talin, ^
[11:27:49] <roe> it looks like a bug somewhere
[11:28:06] *** master_of_master has joined #postfix
[11:28:07] <Aprogas> roe: Isn't that for hyper_ch ?
[11:28:27] <Aprogas> I'm so confused, all these questions mangling in my mind.
[11:28:38] <hyper_ch> thx roe
[11:28:43] <Aprogas> Everybody stop being confusing, throw up postconf -n and logs, and ask concrete questions.
[11:29:40] <hyper_ch> ok, this check makes it all go awry: reject_non_fqdn_hostname
[11:29:52] <Aprogas> postconf -n and logs
[11:30:09] <roe> actually I was still looking into talin's issue
[11:30:25] <roe> his problem seems to be not uncommon
[11:31:38] <UQlev> roe, problems with perl are quite common :)
[11:31:44] <Aprogas> I saw RBL, and hyper_ch said RBL, so everything is confusing.
[11:32:24] <hyper_ch> the problem remains
[11:33:55] <talin> roe: yep, it looks like it. i suppose upgrading amavis is my best choice then...
[11:34:23] <hyper_ch> for some reasons postfix can't resolve domains anymore
[11:34:32] <hyper_ch> everything fqdn needs to be turned off
[11:34:36] <Aprogas> So fix your DNS.
[11:34:43] <hyper_ch> and also unkonwn sender domain
[11:34:44] <roe> hyper_ch, those look like greylisting logs (450 errors)
[11:34:46] <hyper_ch> Aprogas: dons works fine
[11:34:53] <hyper_ch> roe: greylisting comes later
[11:35:06] <hyper_ch> s/dons/dns
[11:35:13] <roe> it is the next line
[11:35:15] <Aprogas> pastebin.ca is broken for me past few days
[11:35:18] <Aprogas> use another pastebin please
[11:35:20] <talin> crap, i am already using the latest amavis...
[11:35:37] <roe> talin, it isn't an amavis issue, it is an SA issue
[11:35:58] <talin> roe: ah
[11:36:54] <hyper_ch> Aprogas: when I take out reject_unknown_sender_domain from the smtpd recipient restrictions it works again
[11:37:23] <Aprogas> hyper_ch: dig rijnegom.com
[11:38:30] <Aprogas> Your DNS is broken.
[11:38:54] <Aprogas> Check resolv.conf and your nameserver (if you run one).
[11:39:24] <hyper_ch> hmmmm... weird
[11:41:36] <hyper_ch> how did that happen
[11:42:05] <roe> you're asking us how your dns broke?
[11:42:43] <Aprogas> The nameserver you are using might have gone down, your resolv.conf might have gone wrong because of wrong DHCP server information, so many reasons.
[11:43:44] <hyper_ch> Aprogas: it's a dedicated server... and I think it got moved in the datacenter
[11:44:03] <hyper_ch> the backup from sept 22, at 03:00 is still right
[11:44:44] <Aprogas> Backup?
[11:45:01] <Aprogas> Don't restore a backup because DNS is broken.
[11:45:39] <hyper_ch> the backup made at that point still has the correct info in the resolv.conf
[11:49:27] <Aprogas> So you only restored the resolv.conf then I hope. :)
[11:49:47] <Aprogas> Check your datacenter to make sure you use the right nameserver, not some temporary old one that is going shutdown in a week.
[11:56:17] <hyper_ch> Aprogas: yeah, still don't know for sure what's going on here
[11:56:25] <hyper_ch> resolvconf should have kept the right ns info
[11:56:34] <hyper_ch> also bind9 complains about fetchmail
[11:56:34] <Aprogas> I don't know either.
[11:56:45] <Aprogas> I don't know if you run dhclient, I don't know if you run cron-scripts that touch resolv.conf.
[11:56:58] <Aprogas> If resolv.conf changes, something has changed it; that is all I can know from here.
[11:58:42] <hyper_ch> Aprogas: it's a dedicated server with dedicated ip addresses
[11:58:44] <hyper_ch> no dh client
[11:58:50] <hyper_ch> no cron that should touch resolv.conf
[11:59:00] <hyper_ch> the resolvconf binary should manage resolv.conf
[11:59:10] <Aprogas> I have no idea what that is.
[11:59:24] <Aprogas> In a datacenter, usually the nameserver doesn't change, or you run your own.
[11:59:28] <rob0> nor, what there is to "manage"
[12:00:07] <roe> resolveconf is a tool that is often used in a dhcp enviroment to override dhcp settings, in a static environment there isn't really any need for it
[12:01:31] <hyper_ch> there was a reason why I used it.... but I forgot why
[12:02:28] <rob0> rm /etc/named.conf ; named ; echo nameserver 127.0.0.1
[12:02:38] <Aprogas> I use dhclient.conf to override dhcp
[12:02:41] <rob0> that's how hard it is to run your own nameserver
[12:03:02] <roe> Aprogas, yup, that is also an option
[12:03:08] <Aprogas> rob0: Won't that by default recurse for the whole internet? :)
[12:03:13] <rob0> nope
[12:03:19] <Aprogas> Only localhost then?
[12:03:32] <rob0> I think it will recurse for locally-attached networks.
[12:03:58] <rob0> "localnets" in named.conf ACL
[12:04:14] <Aprogas> You just deleted named.conf
[12:04:28] <Aprogas> And you echo'd a nameserver to stdout
[12:04:49] <rob0> the point being, you do not need a named.conf to do recursion, and oops
[12:04:50] <roe> I'm glad I'm not the only one that didnt' follow rob0 oneliner
[12:05:10] <rob0> rm /etc/named.conf ; named ; echo nameserver 127.0.0.1 > /etc/resolv.conf
[12:05:16] <Aprogas> In a datacenter, you might as well use their nameserver.
[12:05:29] <rob0> until crap like this happens?
[12:05:29] <Aprogas> You probably have at least 100 Mbit line to it.
[12:05:31] <roe> that makes a bit more sense
[12:05:42] <Aprogas> The crap was the resolv.conf got nuked, not the nameserver.
[12:05:56] <rob0> ah, PEBKAC
[12:06:16] <Aprogas> You shouldn't do business with a datacenter that cannot manage a nameserver. :)
[12:06:24] <rob0> anyway, I always run my own, that way I know what's going on and don't get blindsided
[12:06:50] <Aprogas> I run my own to serve my own zone, but then I just use it too anyway.
[12:06:51] <roe> your nameserver should still user their nameservers as forwarders no?
[12:07:01] <rob0> Spamhaus is less likely to block little old me, more likely to block that datacenter's nameserver.
[12:07:36] <Aprogas> I suppose.
[12:07:37] <UQlev> roe, not obviously, unless they give you other option
[12:07:38] <rob0> Forwarders are a bad idea.
[12:08:34] <Aprogas> On the other hand, if the datacenter applies for special class at spamhaus, and all their clients use their nameserver, caching saves some lookups on spamhaus NS.
[12:09:06] <rob0> not necessarily. Maybe, but that's far from certain.
[12:09:28] <Aprogas> This whole channel is being far from certain this morning. :)
[12:10:07] <rob0> KB1JWQ|Jst_Mrd: welcome back
[12:14:22] *** skyweb has joined #postfix
[12:16:17] *** henriknj has joined #postfix
[12:30:28] *** MAAAAAD has quit IRC
[12:30:55] *** MAAAAAD has joined #postfix
[12:36:13] *** feisar has joined #postfix
[12:42:55] *** redfox has left #postfix
[12:43:53] *** sebuba has joined #postfix
[12:45:12] *** sebuba has quit IRC
[12:49:04] *** henriknj has quit IRC
[12:54:43] *** xumpi has quit IRC
[12:56:07] *** henriknj has joined #postfix
[12:57:54] *** UQlev has quit IRC
[13:19:15] *** henriknj has quit IRC
[13:25:23] *** hever has quit IRC
[13:25:49] *** hever has joined #postfix
[13:29:27] *** Aqaz has joined #postfix
[13:31:09] *** xabbu has joined #postfix
[13:32:43] *** ihtraum has joined #postfix
[13:33:51] *** cpm has joined #postfix
[13:47:36] *** famicom has joined #postfix
[13:52:07] *** saurabhb has quit IRC
[13:57:12] *** uqlev has joined #postfix
[14:02:01] *** sphenxes has joined #postfix
[14:05:51] *** henriknj has joined #postfix
[14:10:53] *** uqlev has quit IRC
[14:14:38] *** juergen_dose has joined #postfix
[14:16:12] *** uqlev has joined #postfix
[14:16:52] *** sebuba has joined #postfix
[14:17:51] <sebuba> !welcome
[14:17:51] <knoba> sebuba: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[14:18:42] *** juergen_dose is now known as car
[14:20:24] *** uqlev has quit IRC
[14:30:07] <KB1JWQ|Jst_Mrd> rob0: Thank you, sir.
[14:32:58] *** kakulukia has joined #postfix
[14:37:22] *** Aqaz_ has joined #postfix
[14:39:17] *** Aqaz has quit IRC
[14:39:25] *** Aqaz_ has quit IRC
[14:39:42] *** Aqaz_ has joined #postfix
[14:41:22] *** suchu has joined #postfix
[14:41:59] *** suchu has quit IRC
[14:44:10] *** forsberg is now known as fOrsberg
[14:45:05] *** Aqaz_ has quit IRC
[14:45:26] <sebuba> Hello
[14:46:10] *** Section1 has joined #postfix
[14:46:47] *** denis_ has joined #postfix
[14:46:59] <sebuba> I have a question, nis there any difference to the postfix reload postfix upgrade-configuration? I did a configuration change and will not stop the postfix
[14:47:10] <sebuba> *is there any difference to the postfix reload postfix upgrade-configuration? I did a configuration change and will not stop the postfix
[14:47:38] <Aprogas> I think upgrade-configuration is meant for transitioning from an older version.
[14:48:00] *** Aqaz has joined #postfix
[14:48:05] <Aprogas> Usually that probably gets invoked by your package manager after an update.
[14:48:26] <KB1JWQ|Jst_Mrd> postfix reload won't fix everything; sometimes you need to do a full restart.
[14:48:29] <KB1JWQ|Jst_Mrd> Depends on what you've changed.
[14:48:48] <KB1JWQ|Jst_Mrd> I usually just bounce the service myself.
[14:49:02] <cpm> !reload
[14:49:02] <knoba> cpm: Error: You don't have the owner capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified.
[14:49:03] <Dominian> changes to master.cf normally require a stop and start
[14:49:05] <sebuba> I change the virtual
[14:49:10] <cpm> !restart
[14:49:10] <knoba> cpm: "restart" : There is no postfix restart command. There is postfix stop, postfix start, or postfix reload. Changes made to master.cf and some functional changes to main.cf will require a stop and a start in order to take effect. OR When edit thou thine master.cf, restarteth thou thine Postfix, lest ye die!
[14:49:54] <KB1JWQ|Jst_Mrd> sebuba: Why not just restart the postfix service? :-)
[14:49:54] <sebuba> and in virtual?
[14:50:39] <sebuba> KB1JWQ|Jst_Mrd, My application is running and can not stop
[14:51:01] <KB1JWQ|Jst_Mrd> sebuba: Your application can't take a quarter second of the smtp service being unavailable?
[14:51:11] *** Aqaz_ has joined #postfix
[14:51:31] *** smoking_kiddo has joined #postfix
[14:51:35] <sebuba> KB1JWQ|Jst_Mrd, no ...
[14:51:40] <KB1JWQ|Jst_Mrd> Unless it was coded by an idiot, it most likely can. :-)
[14:51:51] *** KB1JWQ|Jst_Mrd is now known as KB1JWQ
[14:52:06] <sebuba> KB1JWQ|Jst_Mrd, :P
[14:52:25] <KB1JWQ> The SMTP spec itself is designed for intermittent unavailability.
[14:52:38] <KB1JWQ> Hence the "queue and retry" phenomenon.
[14:52:41] <smoking_kiddo> hi, is there an easy way to block email from specific sender to specific receiver? i tried with smtpd_recipient_restrictions & smtpd_restriction_classes combo, but does not work
[14:53:51] <sebuba> ok ok, but the question is, did a change in the virtual, I can only do this?
[14:53:56] *** Aqaz has quit IRC
[14:54:12] <sebuba> postmap /etc/virtual ; postfix reload
[14:54:15] <sebuba> ?
[14:54:18] <sebuba> ops
[14:54:27] <sebuba> postmap /etc/postfix/virtual
[14:55:14] *** TomHome has joined #postfix
[14:57:06] <sebuba> haha reload work ! :)
[14:58:12] <sebuba> thanks all
[14:58:25] *** Aqaz_ has quit IRC
[14:58:59] <kakulukia> lo there .. i got a slight problem: it seems that postfix cant handle multiple ips for a connected client :/ 84.254.120.69 is trying to send mail for news.schneider.de - its listed as mx, but its first ip is 84.254.120.70 - is there a way to let it pass the "address not listed for hostname mx6.emp-mail.de" rejection?
[14:59:13] <KB1JWQ> Depending on the map you don't even need to reload postfix.
[14:59:51] *** JonnyV has joined #postfix
[15:02:45] *** alpine_style has joined #postfix
[15:02:58] <thumbs> I use mysql!
[15:03:36] <KB1JWQ> Genius!
[15:03:55] <KB1JWQ> kakulukia: Say what?
[15:05:42] *** Aqaz_ has joined #postfix
[15:06:19] <kakulukia> KB1JWQ - that seems to have 2 ip addresses but nslookup delivers the other one resulting in postfix rejecting the client
[15:06:35] *** fOrsberg is now known as forsberg
[15:06:43] <Aprogas> You can put 4 days between a stop and start without significant problems (other than mail delay).
[15:06:50] *** Aqaz_ is now known as Aqaz
[15:07:23] <KB1JWQ> kakulukia: postconf -n and a log entry showing this to a pastebin please.
[15:07:51] <kakulukia> KB1JWQ ok, one sec
[15:09:08] <smoking_kiddo> again: can someone please help me how to reject email by recipient AND sender?
[15:17:33] <kakulukia> smoking_kiddo look at my config that i just posted
[15:17:56] <kakulukia> there are some examples :D
[15:17:58] *** TomHome has quit IRC
[15:18:28] *** Aqaz has quit IRC
[15:19:28] *** alpine_style has quit IRC
[15:21:13] <smoking_kiddo> kakulukia but i need to reject only a specific sender and only for a specific recipient, tried to google and use what i found but none seemed to work. i have to go now though, bbl
[15:25:36] <kakulukia> smoking_kiddo - well in this case i suggest u tell the recipient to add a custom filter rule .. i as a server admin would never wanna administrate such a list and i dont think you want to either ;D
[15:27:01] *** sjrussel has joined #postfix
[15:27:50] *** wdp_ is now known as wdp
[15:27:55] *** wdp has quit IRC
[15:27:55] *** wdp has joined #postfix
[15:29:09] <kakulukia> KB1JWQ: any idea how to solve this
[15:31:24] *** szonek has joined #postfix
[15:31:59] *** bluethundr_ has joined #postfix
[15:33:14] <szonek> hi, is there a way to relay one mail address to one IP and all other mail to another?
[15:33:37] <cpm> !goal
[15:33:37] <knoba> cpm: "goal" : describe your goal, not what you think the solution is
[15:34:44] <szonek> okay, i want to relay all but one mail to our antispam system
[15:35:10] <szonek> don't relay one adress (test at something dot com), relay all other
[15:35:30] *** talin has quit IRC
[15:35:55] <szonek> this one exception should be sent directly
[15:36:26] *** freaky[t] has quit IRC
[15:36:44] <cpm> see man transport
[15:36:54] <cpm> !transport
[15:36:54]
<knoba> cpm: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html
[15:38:04] <kakulukia> cpm: nice bot system -- does it have something for my problem, too?
[15:39:22] <szonek> !impotence
[15:39:22] <knoba> szonek: Error: "impotence" is not a valid command.
[15:39:31] <szonek> nope, it doesn't
[15:39:41] <szonek> kakulukia: sorry i had to do it ;P
[15:39:46] <szonek> thanks cpm
[15:39:51] <kakulukia> hehe
[15:40:06] <kakulukia> did u have a look at it?
[15:41:39] <szonek> kakulukia: me? at transport?
[15:43:04] <kakulukia> nope .. just saw that u joined after i posted it
[15:43:31] *** Aqaz has joined #postfix
[15:44:32] <kakulukia> that mailserver has 2 ip addresses and get rejected because postfix only gets the wrong one somehow :/
[15:44:52] <kakulukia> i cant find a solution to that :(
[15:45:56] *** freaky[t] has joined #postfix
[15:49:45] <szonek> cpm can apparently :)
[15:50:25] <kakulukia> hmmmm cpm .. its not me having 2 ips but the client trying to deliver mail
[15:50:31] *** xabbu2003 has joined #postfix
[15:50:50] <cpm> kakulukia, that's a DNS issue. Fix your dns.
[15:51:04] *** xabbu has quit IRC
[15:52:08] <kakulukia> can u point me to a page for that?
[15:53:52] <kakulukia> cpm, it postfix using nsloopup or the host command?
[15:55:41] *** Verilium has joined #postfix
[15:55:50] <soosfarm_> urrrrgh... some of my mailservers are listed on backscatter.org
[15:56:21] <lunaphyte_> well, stop accepting mail that you don't intend to deliver.
[15:56:26] <lunaphyte_> !mantras
[15:56:26] <knoba> lunaphyte_: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls.
[15:58:40] *** jim_SFU has joined #postfix
[16:00:46] *** hever has quit IRC
[16:00:47] *** ghoti has quit IRC
[16:02:31] <szonek> cpm: i want to use sender_dependent_relayhost_maps, i need to create regexp file with one entry containing mail which i want to exclude (test at something dot com) but i don't know what should i put if i want to send mail direct for this address?
[16:02:47] <cpm> szonek, why?
[16:02:53] <szonek> why what? :)
[16:03:07] <cpm> "i want to use sender_dependent_relayhost_maps"
[16:03:25] <cpm> that's a kludgy and awkward thing to do. Why do it? I've NEVER heard a good reason. Just curious if you have one.
[16:04:04] <szonek> cpm: i thought it's the easiest way to exclude one mail from sending it to relayhost?
[16:04:15] <kakulukia> cpm, just curious .. what do u get as a result of 'nslookup mx6.emp-mail.de'
[16:06:40] *** denis_ has quit IRC
[16:06:49] <cpm> szonek, transport.
[16:07:06] <cpm> user at domain dot tld smtp:[xxx.xxx.xxx.xxx]
[16:07:07] <cpm> done
[16:07:23] *** UQlev has joined #postfix
[16:07:31] <soosfarm_> lunaphyte_: well... I can't really keep 1500000 mail customers from not using catchalls since they have been able to do it since 2004, at least
[16:08:07] <szonek> cpm: what if i want one mail to go direct and all other through relayhost?
[16:08:16] <cpm> if you have one and a half million customers, why are you asking us anything? Obviously, , ,
[16:08:40] <cpm> szonek, state you goal again, this time, tell the whole story.
[16:09:07] <soosfarm_> I haven't asked anything yet cpm
[16:09:13] <soosfarm_> and why would I not ask?
[16:09:34] <soosfarm_> oh, I meant 150k customers anyway
[16:10:14] <szonek> cpm: right now i have smtp server which relays all mail to our barracuda spam & virus firewall 800, i want exclude one mail address from being relayed and send all mail from it directly from smtp
[16:10:41] <cpm> szonek, use transports.
[16:10:57] <cpm> okay, that's the third time.
[16:11:03] <szonek> ;-D
[16:11:06] <cpm> :)
[16:11:46] <szonek> third time's the charm
[16:12:44] *** ghoti has joined #postfix
[16:12:53] <kakulukia> cpm, well .. obviously its not a dns problem on my side but on the client .. thx for the paste!
[16:14:02] <szonek> cpm: okay but what should i put as nexthop if i want to send it directly?
[16:16:54] *** Aqaz has quit IRC
[16:19:05] <cpm> szonek, I see, I misapprehended your issue.
[16:23:21] *** cilly has quit IRC
[16:24:35] *** xro has joined #postfix
[16:24:50] *** tharkun has joined #postfix
[16:25:39] *** Blue-E1 has joined #postfix
[16:26:49] *** cilly has joined #postfix
[16:26:55] <xro> hi, i would like to access //localhost/postfixadmin/admin but not from localhost... what i have to modify?
[16:27:50] <Aprogas> !postfixadmin
[16:27:50]
<knoba> Aprogas: "postfixadmin" : used for managing email accounts through a web interface (http://high5.net/postfixadmin/). Further, this channel is for issues regarding postfix. For postfixadmin support, please try the postfixadmin mailing list or the postfixadmin channel.
[16:28:29] <xro> knoba>, thanks
[16:28:30] *** EagleWatch has quit IRC
[16:29:12] *** stope has quit IRC
[16:31:54] *** hever has joined #postfix
[16:34:18] <Aprogas> !knoba
[16:38:44] *** misterJack has joined #postfix
[16:42:47] *** misterJack has quit IRC
[16:44:10] *** kakulukia has quit IRC
[16:45:25] *** misterJack has joined #postfix
[16:53:28] <szonek> cpm: any idea? :[
[16:56:30] *** Blue-E1 has quit IRC
[16:58:05] *** xro has quit IRC
[17:03:40] *** Thaxll has joined #postfix
[17:05:07] <Thaxll> Hello I've a question, I've 2 ips on a server and need that inbound connections use the same IP for outbound connections I tried : 192.168.0.52:smtp inet n - n - - smtpd -o smtpd_banner=test-lan#2 -o inet_interfaces=192.168.0.52 -o smtp_bind_address=192.168.0.52 but it doesn't seem to work why ?
[17:07:58] <tharkun> !tell Thaxll welcome
[17:07:58] <knoba> Thaxll: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[17:08:00] <UQlev> Thaxll, 2 separate MICs or IPaliases on 1 NIC?
[17:08:16] <UQlev> NICs
[17:08:23] <Thaxll> 2 aliases on 1 NIC
[17:08:49] <UQlev> Thaxll, then such a separation makes no sense
[17:09:05] <Thaxll> Why not ?
[17:09:13] <Thaxll> If you have 2 domaines on 2 IPs
[17:09:40] <UQlev> Thaxll, you may have thousands domains on 1 IP
[17:09:41] <Thaxll> For exemple you don't want IP#1 send emails for domains #2
[17:10:03] <tharkun> Thaxll: it is common practice to have several domains over 1 ip
[17:10:05] *** jamesmacleod has joined #postfix
[17:10:31] <Thaxll> I know :) But is some cases, you need to separate IPs / domains
[17:10:35] <Thaxll> in*
[17:10:36] <UQlev> Thaxll, if you want fully separate run jales
[17:10:46] <UQlev> jails
[17:11:13] <Thaxll> something similar to what i've wrote won't work ?
[17:11:16] <shasta> or separate postfix instances (which is easier with 2.7)
[17:17:10] <Thaxll> Hmm ok, thanks i've to compile postfix so ;)
[17:18:07] *** JonnyV has quit IRC
[17:18:32] *** JonnyV has joined #postfix
[17:19:58] *** tgywa has joined #postfix
[17:20:03] <tgywa> Hello
[17:20:04] <tgywa> can I set sender address inmailx ?
[17:20:17] <tgywa> can I set sender address in mail/mailx ?
[17:22:25] *** Twinkletoes has quit IRC
[17:23:25] *** hever has quit IRC
[17:27:53] <tharkun> !tell tgywa welcome
[17:27:53] <knoba> tgywa: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[17:30:19] *** VaNNi has quit IRC
[17:30:49] *** VaNNi has joined #postfix
[17:31:34] *** JUSEF has joined #postfix
[17:32:41] <JUSEF> i want configure postfix on centos, who can help me
[17:33:11] *** Aqaz has joined #postfix
[17:33:11] <Dominian> !basic
[17:33:12] <JUSEF> if it possible i want an exemple of the configuration text file
[17:33:13] <Dominian> !standard
[17:33:32] <Dominian> JUSEF: This isn't for hand holding... you'll need to read those above factoids and probably look at the /topic before you continue...
[17:34:42] <JUSEF> ok
[17:34:47] <JUSEF> thnx
[17:36:09] *** sm has joined #postfix
[17:36:31] <sm> g'day all
[17:36:34] *** passthru has quit IRC
[17:38:08] <sm> I want my vps mail server to be a smarthost for my netbook. I think that requires adding the netbook's ip address to the server's mynetworks list. But this dynamic ip address will probably change. How can I configure this permanently ?
[17:38:34] *** JonnyV has quit IRC
[17:39:20] <UQlev> sm, why don't setup your MUA sent to your server (as SMTP outward)?
[17:39:55] <UQlev> sm, using submission with auth and ssl
[17:40:20] <UQlev> sm, because 25 port is usually blocked by ISP
[17:40:55] <sm> UQlev: I'm doing that now (without auth/ssl) and it works, but my messages from the netbook get a high spamassassin score due to RCVD_IN_PBL
[17:41:21] <UQlev> because from dynamic IP
[17:41:24] <sm> my theory is it's because these dynamic ip addresses are not intended to send mail directly, I'm supposed to use a smarthost
[17:41:44] <tharkun> sm: your theory is right
[17:42:00] <sm> yay, progress
[17:42:34] <sm> so I want to relay via my server, by adding myself to mynetworks - right ? Or did I miss a better suggestion there
[17:42:58] <UQlev> sm, forget about using mynetworks
[17:43:26] <tharkun> sm: wrong, use submission and sasl and you will not have any problems
[17:43:32] <UQlev> sm, with dynamic IP it will not work
[17:44:29] <tharkun> sm: mynetworks is usually for lazy people to set up a lan based mail server. Eventually it can be abused but since you control all the players in the game you can allways pull the plug of certain machines
[17:44:40] <sm> ok. submission and sasl. I'm confused but I've done this before, guess I need to re-read some stuff
[17:44:43] <tharkun> The above is solely my opinion
[17:44:56] <tharkun> !submission
[17:45:00] <tharkun> !sasl
[17:45:00]
<knoba> tharkun: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[17:45:45] <UQlev> sm, aren't you going to use any mail-client like Thunderbird or so?
[17:45:55] <sm> ah yes.. so I should be using this with any satellite machines
[17:46:09] <sm> UQlev: yes, but I also need the system mta to work, eg for sending darcs patches
[17:47:15] *** ghoti_ has joined #postfix
[17:47:17] <sm> my darcs patches have been getting silently ignored, and now I think I know why
[17:47:29] <sm> thanks a lot, all
[17:47:45] * tharkun silently ingnores sm patches
[17:48:01] <tharkun> :D
[17:50:07] *** JUSEF has left #postfix
[17:51:06] *** ghoti has quit IRC
[17:51:30] *** JonnyV has joined #postfix
[17:54:09] *** xumpi has joined #postfix
[17:54:30] *** smica has joined #postfix
[17:54:56] *** Aqaz has quit IRC
[17:55:48] *** jfried has joined #postfix
[17:56:19] *** Aqaz has joined #postfix
[17:56:28] *** Aqaz has quit IRC
[17:57:08] *** Aqaz has joined #postfix
[17:58:38] *** ghoti_ is now known as ghoti
[17:59:56] *** UQlev has quit IRC
[18:03:55] *** jamesmacleod has quit IRC
[18:05:36] <seekwill> KB1JWQ: Welcome!
[18:06:26] *** Aprogas has quit IRC
[18:06:52] *** ib-mobile_ has quit IRC
[18:07:01] *** ib-mobile_ has joined #postfix
[18:07:49] *** xumpi has quit IRC
[18:08:39] *** JonnyV_ has joined #postfix
[18:08:55] *** hyper_ch has left #postfix
[18:09:39] *** JonnyV has quit IRC
[18:12:42] *** Jippi_moc has quit IRC
[18:15:48] *** JonnyV_ has quit IRC
[18:17:37] *** tgywa has quit IRC
[18:17:59] *** uqlev has joined #postfix
[18:30:10] <Thaxll> I'm a little confused, multiple instances was made for different main.cf / master.cf right?
[18:30:40] <lunaphyte_> chances are slim you need postmulti.
[18:31:00] *** sebuba has quit IRC
[18:31:06] <Thaxll> Ok I think I need to explain my issue, probably you'll tell me the best way to do it
[18:31:15] <lunaphyte_> that is a great idea.
[18:31:16] <KB1JWQ> seekwill: Howdy.
[18:31:46] <Thaxll> I need to route emails according to the from, if from = domain1.com it should use IP#1 ect ... i've multiple IPs on the same NIC
[18:32:26] *** jamesmacleod has joined #postfix
[18:33:19] <seekwill> lunaphyte_: A lot of people think they need it but really don't?
[18:34:03] <lennard> Thaxll: I think I'd solve that using multiple smtp transports and some transport_maps stuff, not postmulti
[18:35:05] <lunaphyte_> indeed
[18:36:02] <lunaphyte_> seekwill: well, i wouldn't say that a lot of people think they need it. there aren't really that many that think they need it, but the vast majority of the ones that think they do don't.
[18:36:29] <lennard> I just love postfix documentation
[18:36:40] <seekwill> Well, that depends on volume
[18:36:45] <cpm> in point of fact, I've never yet seen a real legit reason for it. it's arguable that there are clients who actually want it, but I've never heard of a client willing to actually pay for it, so, fail.
[18:37:10] <lennard> above problems just makes me look at man smtp for a few seconds... if I had to figure this out for exim, I'd have to spend much longer :)
[18:37:13] <seekwill> With multiple SMTP transports, can you define throttling rates?
[18:37:20] <seekwill> For each IP
[18:37:30] <lunaphyte_> sure
[18:38:37] <seekwill> What was the use case for postmulti?
[18:38:43] *** sm has quit IRC
[18:39:10] <seekwill> Or was someone bored one day and decided to hack one together?
[18:40:01] *** biodegabriel has joined #postfix
[18:40:02] <lennard> I've cursed its non-existence when replicating an exim setup which used multiple queue lifetimes once
[18:40:35] <lennard> (and retry times, for that matter)
[18:40:49] <biodegabriel> Hey all, How do I test to make sure my smtp server is open and ready? does 'telnet smtp.example.com 25' work?
[18:41:05] <lunaphyte_> sure
[18:41:16] *** istevenmon has joined #postfix
[18:41:27] <lennard> also, watching spam flowing in (but not out) is a pretty solid indication :P
[18:41:34] <biodegabriel> So, this means my port is blocked? "Connection refused
[18:41:34] <biodegabriel> telnet: Unable to connect to remote host"
[18:41:43] <lunaphyte_> not necessarily.
[18:41:53] <biodegabriel> lunaphyte_: OK
[18:41:54] <istevenmon> hi guys i am getting this in my logs, why could be causing it, and should i worry about mail not being delivered or is it only an adevertisement Sep 23 11:18:40 mail postfix/smtpd[26457]: warning: Illegal address syntax from unknown[192.168.80.101] in RCPT command: <'mromero at ieps dot gov.ec'>
[18:42:03] <lunaphyte_> it means telnet was unable to do what you told it to do.
[18:42:27] <jduggan> istevenmon: youshouldnt ' ' quote email addresses
[18:42:34] <lennard> istevenmon: from a mailserver point of view you shouldnt worry
[18:42:47] *** e-jones has joined #postfix
[18:42:51] <lennard> although 192.168.80.101 is misbehaving, so if you're responsible for that one as well you should :P
[18:43:22] <istevenmon> misbehaving in the sense it is writing the mail address wrong?
[18:43:30] <istevenmon> or it could be virus or something like that
[18:43:39] *** e-jones has quit IRC
[18:43:43] <lennard> could be either
[18:43:44] <jduggan> probably some kind of virus
[18:43:50] <seekwill> Could be both!
[18:43:54] <jduggan> or a really poorly written app
[18:43:57] <jduggan> =]
[18:44:06] <lennard> but misbehavior is more common in spam/virus situation then in legitimate situations
[18:44:13] <istevenmon> i think people is using thunderbird to send emails
[18:45:01] * seekwill uses Thunderbird...
[18:46:24] <istevenmon> if the mail address is between quotes '' it means the mail wont be delivered? because i have lots of those warnings from all users
[18:47:58] <lennard> I cant be sure, but I expect it wont get delivered
[18:47:58]
<biodegabriel> lunaphyte_: when i'm logged into my server i can telnet into port 25 and i get my ESMTP server (http://pastie.org/1177144) this means i have an smtp server running right? But it might not be accessible from outside?
[18:48:09] <lennard> your logs are the only ones which can tell :P
[18:48:21] <lunaphyte_> biodegabriel: sounds reasonable to me.
[18:48:41] <lennard> it is by far the most likely explanation
[18:48:42] <biodegabriel> lunaphyte_: ok
[18:48:44] <lennard> not the only one ;0
[18:48:47] <lennard> ;), even
[18:49:33] <istevenmon> lennard: :( all the mails i see are sent with quotes :(
[18:50:19] *** sebuba has joined #postfix
[18:50:20] <lennard> istevenmon: I suppose you *could* have your postfix misconfigured to add those somehow
[18:50:36] <lennard> but that'd be a really odd thing to do
[18:51:05] <istevenmon> lennard should i paste the config for you to see it?
[18:51:36] <lennard> well, not for me, 'cause I'm about to go and make dinner, but you could look at the topic for general hints on how to get help :)
[18:52:53] <istevenmon> hope you can have a look at it when you come back
[18:53:14] *** sm has joined #postfix
[18:54:14] *** xabbu2003 has quit IRC
[18:59:28] <biodegabriel> lunaphyte_: so i've tested my smtp server internally by doing "telnet smtp.example.com 25" and sending an email with EHLO mail from, rcpt to etc..... and it worked. but this was all done internally, logged in as root. thing is, it never asked me for a password or username, i just telneted and was able to send an email. how do i test this from the outside? i want to know if my smtp servers are blocked from the outside.
[18:59:42] *** jamesmacleod has quit IRC
[19:02:38] <thumbs> biodegabriel: you should never require auth on port 25.
[19:02:42] <thumbs> !submission
[19:03:19] <biodegabriel> lunphyte_: OK, but what prevents anyone from using my smtp server for themselves?
[19:03:34] <Thaxll> relay =
[19:03:50] <biodegabriel> oh
[19:03:52] <biodegabriel> right
[19:05:05] <thumbs> biodegabriel: 25 is for delivering, 587 is for relaying
[19:13:10] <biodegabriel> thumbs: ok, please tell me what's missing in my setup if i can use the smtp server internally on port 25, but i can't get an external email client to use it...
[19:13:39] *** emcepe has joined #postfix
[19:13:44] <thumbs> biodegabriel: where is the server hosted?
[19:14:15] <biodegabriel> thumbs: on my cloud server. mediatemple VE
[19:14:37] <thumbs> biodegabriel: what's the IP?
[19:15:12] <biodegabriel> 205.186.156.133
[19:15:39] <thumbs> biodegabriel: works fine from here.
[19:16:21] *** mcp has quit IRC
[19:18:03] <biodegabriel> thumbs, well, i'm trying to configure gmail to use my smtp server to send mail (to get rid of the "on behalf of" line in the emails), but when i put in my smtp.example.com info, it says "We are having trouble authenticating with your other mail service. Please try changing your SSL setting. If you continue to experience difficulties, please contact your other email provider for further instructions."
[19:21:42] <biodegabriel> thumbs: actually, when i check off "always use ssl" it says it can't reach the server. when i uncheck that, it says 'having trouble authenticating..."
[19:21:50] *** Aqaz has quit IRC
[19:22:34] *** Aqaz has joined #postfix
[19:23:51] <tharkun> biodegabriel: what is your fqdn ?
[19:24:02] <biodegabriel> tharkun: i don't know what that is.
[19:24:15] <tharkun> fully qualified domain name :)
[19:24:25] <biodegabriel> tharkun: i can forward and receive email just fine though.
[19:24:27] <tharkun> user at domain dot tld
[19:25:32] <sebuba> HELP
[19:25:35] <tharkun> Only advice i can figure is that you make sure that you are pointing google to your domain and not directly to your MX record
[19:27:37] <biodegabriel> How do I access my smtp server from the outside world? can i do that from Terminal?
[19:27:53] <biodegabriel> tharkun, thumbs ^
[19:28:04] <sebuba> , lacked an argument in my command here in irc, sorry
[19:30:55] <thumbs> sebuba: ok, you may rejoin #mysql
[19:31:39] *** biodegabriel has quit IRC
[19:35:18] *** uqlev has quit IRC
[19:51:01] *** feisar has quit IRC
[19:52:22] *** henriknj has quit IRC
[19:55:21] *** Verilium has quit IRC
[19:58:06] *** Aqaz is now known as Lavanya
[20:05:12] *** Verilium has joined #postfix
[20:07:15] *** ServerCrash has joined #postfix
[20:08:46] <ServerCrash> Hi, can anyone point me to step by step quide for installation and setting up postfix multiple sessions
[20:09:16] <ServerCrash> i basically host 10 websites on a server and have 10 ips, now i need a whitelabel mailing for each domain
[20:09:46] <ServerCrash> i read that postfix multiple session can provide whitelabel to each mail account
[20:11:37] <cpm> see what I mean?
[20:11:56] <ServerCrash> ?
[20:12:13] *** biodegabriel has joined #postfix
[20:13:01] <ServerCrash> i think postfix 2.6 ownwards multi instance is inbuilt
[20:15:18] <adaptr> !postmulti
[20:17:12] <tharkun> Why on earth would someone need such kind of configuration when using a single mail relay should be a more efficient solution ?
[20:17:19] *** sjrussel|work has joined #postfix
[20:20:11] <cpm> s/should be/is
[20:20:40] *** sjrussel has quit IRC
[20:20:58] <cpm> tharkun, it's not a need, it's a want. Lots of folks wanted this capability, so wishes were granted.
[20:21:25] <cpm> does allow for a more virtual, errr, virtual environment.
[20:22:22] <lunaphyte_> ultimately, it applies to whomever it applies to, but generally, it's aimed towards environments in which there are multiple administrative partitions within a single os.
[20:25:37] <lunaphyte_> to respond to the question though, just as 10 instances of apache are not necessary for a computer providing 10 websites, multiple instances of postfix are not necessary simply because a computer has more than one interface. that would be quite silly.
[20:25:39] *** Lavanya is now known as Azaq
[20:25:56] *** shasta has quit IRC
[20:27:18] *** jim_SFU has quit IRC
[20:27:59] *** Azaq has quit IRC
[20:28:16] *** Azaq has joined #postfix
[20:28:30] *** Azaq is now known as Qwert
[20:29:30] *** hesco has quit IRC
[20:32:42] *** jim_SFU has joined #postfix
[20:35:10] *** shasta has joined #postfix
[20:35:53] *** hesco has joined #postfix
[20:39:17] *** schnoobby has joined #postfix
[20:44:16] *** smoking_kiddo has quit IRC
[20:48:29] <ServerCrash> finally got postfix 2.7 installed :)
[20:48:43] <ServerCrash> now need to know how to disable my sendmail and switch over to postfix
[20:49:00] <ServerCrash> as mailing agent on linux
[20:54:23] *** istevenmon_ has joined #postfix
[20:55:57] *** istevenmon has quit IRC
[20:55:59] <biodegabriel> Hello again, so I've been reading up on smtp and ssl but i'm still not clear on something. i'm configuring gmail to use my own smtp server when it sends mail, but i'm not sure which username and password to supply. the form asks for 'smtp server' 'username' and 'password'. is the username the same one from my 'vi /etc/postfix/virtual' file?
[20:56:03] *** istevenmon_ is now known as istevenmon
[20:57:40] <biodegabriel> should i create a user just for smtp access?
[21:01:54] *** uqlev has joined #postfix
[21:02:56] *** uqlev has quit IRC
[21:03:50] *** sm has left #postfix
[21:06:35] *** Aprogas has joined #postfix
[21:11:20] <lunaphyte_> !tell biodegabriel smtpauth
[21:11:20]
<knoba> biodegabriel: "smtpauth" : a feature that allows road-warriors (trusted users which are outside your network) to send mail via your mail server. The user needs to send a username and password which allows him/her to relay email. See: http://www.postfix.org/SASL_README.html
[21:12:07] <biodegabriel> knoba: do i want dovecot or cyrus, which one is easier to configure and setup?
[21:12:11] <biodegabriel> thanks for the info BTW
[21:12:21] <lunaphyte_> !tell biodegabriel knoba
[21:12:21] <biodegabriel> lunaphyte_: thx
[21:12:35] <lunaphyte_> i generally encourage dovecot.
[21:12:41] <biodegabriel> ok
[21:12:45] *** istevenmon_ has joined #postfix
[21:12:48] * cpm generally discourages lunaphyte_
[21:12:56] <adaptr> I advocate pigeondog
[21:13:01] <biodegabriel> hahah
[21:13:03] *** uqlev has joined #postfix
[21:13:03] * lunaphyte_ feels discouraged
[21:13:08] <adaptr> or manbearpig, depending on the season
[21:13:18] <lunaphyte_> flyingspaghettimonster
[21:13:42] <adaptr> that's not a real fantasy creature!
[21:15:17] *** cpm has quit IRC
[21:16:15] *** istevenmon has quit IRC
[21:16:25] *** istevenmon_ is now known as istevenmon
[21:19:30] <biodegabriel> what does knoba Steven Seagal do?
[21:19:33] *** confound has quit IRC
[21:19:37] *** confound has joined #postfix
[21:22:10] *** henriknj has joined #postfix
[21:25:01] *** Qwert has quit IRC
[21:26:27] <jelly-home> biodegabriel: google knoba's factoids
[21:26:49] <jelly-home> oh, you were already pointed to those. Hm.
[21:27:13] <jelly-home> why the question then
[21:33:29] <ServerCrash> any gui or web tool for managing postfix and multiple instances ?
[21:34:47] <biodegabriel> lunaphyte_: does SASL do the same thing as SSL?
[21:35:53] *** car has left #postfix
[21:37:26] *** jim_SFU has quit IRC
[21:40:45] *** TomHome has joined #postfix
[21:41:05] <ServerCrash> cool ..sender_dependent_default_transport_maps
[21:41:19] <ServerCrash> i guess this takes away the need of multiple instances
[21:41:44] <ServerCrash> now that one can directly map sender with ip
[21:43:45] <ServerCrash> for some reason or other i find postfix heard to configure, i have installed it and now dont know what to do next
[21:44:01] <ServerCrash> my requirement is that i have 3 ips on server and have 3 domains hosted
[21:44:19] <ServerCrash> each domain needs to send mail from its own ip
[21:44:32] <ServerCrash> can anyone suggest how to start with
[21:44:44] <ServerCrash> i am confused with postmulti and sender_dependent_default_transport_maps
[21:44:56] <ServerCrash> which one is more suitable?
[21:46:32] <uqlev> ServerCrash, what will you do having 100 domains or 1000?
[21:47:03] <ServerCrash> uqlev, no 100 domains, i will have say 10 odd domains with 10 ips
[21:50:32] <uqlev> ServerCrash, what is your OS?
[21:51:02] <ServerCrash> centos 5.4, i just installed postfix 2.7
[21:52:58] <Thaxll> sorry i'm curious but there is a yum package of postfix 2.7?
[21:52:59] *** istevenmon has quit IRC
[21:53:06] *** szonek has quit IRC
[21:53:06] *** ssureshot has quit IRC
[21:53:06] *** gencha has quit IRC
[21:53:06] *** intelinsider has quit IRC
[21:53:06] *** sebbow has quit IRC
[21:53:06] *** lunaphyte_ has quit IRC
[21:53:06] *** sherr has quit IRC
[21:53:06] *** benizac has quit IRC
[21:53:06] *** psilo2 has quit IRC
[21:53:07] *** lennard_ has quit IRC
[21:53:11] *** psilo2 has joined #postfix
[21:53:12] *** lennard_ has joined #postfix
[21:53:20] *** intelinsider has joined #postfix
[21:53:25] *** szonek has joined #postfix
[21:53:30] *** lunaphyte_ has joined #postfix
[21:53:31] *** gencha has joined #postfix
[21:53:33] *** sherr has joined #postfix
[21:53:41] *** ssureshot has joined #postfix
[21:53:52] *** istevenmon has joined #postfix
[21:54:59] <ServerCrash> Thaxll, search postfix-2.7.0-1.pcre.mysql.sasl2.rhel5.i386.rpm on google
[21:58:57] <biodegabriel> lunaphyte_: i'm setting up SASL and when i get to the point where i test it ("telnet localhost 25") it connects and then disconnects after about one second. Any idea why that's happening?
[21:59:07] <thumbs> Dominian: hahah @ #freenode
[21:59:39] <ServerCrash> any postfix 2.7 related ebook ?
[22:00:02] <Dominian> thumbs: dude.. I fucking hate that guy
[22:00:02] <adaptr> !manual
[22:00:16] *** Tom-B has quit IRC
[22:01:26] *** biodegabriel has quit IRC
[22:02:57] <thumbs> Dominian: there. Humiliated.
[22:04:34] <seekwill> What guy?
[22:04:59] *** schnoobby has quit IRC
[22:05:32] *** ServerCrash has quit IRC
[22:07:02] <thumbs> seekwill: bagira
[22:07:37] *** biodegabriel has joined #postfix
[22:07:43] <seekwill> Who
[22:07:46] <seekwill> ?
[22:09:43] *** lunaphyte_ has quit IRC
[22:09:50] <GNU\colossus> biodegabriel, your MTA's log might :)
[22:09:56] <biodegabriel> GNU\colossus: ok
[22:11:25] <uqlev> biodegabriel, have you already posted "postconf -n" ?
[22:11:35] *** sebbow has joined #postfix
[22:12:39] <seekwill> And netstat?
[22:13:51] <Dominian> thumbs: humiliated?
[22:13:51] *** henriknj has quit IRC
[22:14:21] <seekwill> Logs
[22:15:16] <seekwill> "fatal" is usually pretty bad
[22:15:29] <thumbs> Dominian: oh, being exposed as an ass and troll to all the other users.
[22:15:31] <seekwill> You never want to be hit by a fatal shot. Only warning shots
[22:15:44] <biodegabriel> i guess i need to re-read my README files.....
[22:15:47] *** Sky[x] has joined #postfix
[22:15:48] <seekwill> Oh, mailing list gossip!
[22:15:55] *** EagleWatch has joined #postfix
[22:16:12] <seekwill> thumbs: Send me the email! :) I want to see!
[22:16:15] <Sky[x]> how to setup auto replay for some specific account ?
[22:17:31] *** sjrussel|work has quit IRC
[22:19:11] *** sjrussel has joined #postfix
[22:20:08] <uqlev> biodegabriel, ep 23 16:15:36 ve postfix/smtpd[30330]: fatal: no SASL authentication mechanisms
[22:20:38] <uqlev> biodegabriel, seems you have neither currus nor dovecot
[22:21:44] <biodegabriel> uqlev: yeah, it's strange cause i'm followign a tutorial, and they tell you to test your setup (telnet localhost 25) and then in the next section, they tell you to install dovecot. doh! i guess i haven't done anythign wrong yet, except follow stupid instructions.
[22:22:46] <uqlev> biodegabriel, may be instructions are not that stupid
[22:23:17] <seekwill> biodegabriel: Yep. Not all tutorials are very accurate ...
[22:26:40] <biodegabriel> seekwill, uqlev why is it looking for cyrus? where do i change that? I've installed dovecot, but it's stil fatal-ing, cause it's looking for cyrus?
[22:27:26] <biodegabriel> oh wait, i found it. :) seekwill uqlev
[22:27:56] <uqlev> biodegabriel, you have to mention auth mechanism in your main.conf
[22:28:45] <uqlev> biodegabriel, otherwise default is cyrus
[22:28:55] <biodegabriel> got it
[22:29:51] *** necro has joined #postfix
[22:29:57] *** necrodearia has quit IRC
[22:31:50] <biodegabriel> uqlev: the postfix sasl docs say to set smtpd_sasl_path to "private/auth" but i don't have such a folder, should i just create one?
[22:32:13] <uqlev> no
[22:32:32] <uqlev> biodegabriel, it is not a foldr, it is socket
[22:32:46] <biodegabriel> uqlev: right. well, where else could my dovecot socket be? any clues? :)
[22:32:57] <uqlev> it is created by dovecot, you should mention it in dovecot.conf
[22:33:06] <biodegabriel> ok
[22:33:30] <uqlev> biodegabriel, in freebsd it is /var/spool/postfix/private
[22:33:47] <biodegabriel> ok
[22:34:29] <uqlev> biodegabriel, give me a link to your manual
[22:36:05] *** sebuba has quit IRC
[22:36:19] <uqlev> postfix dox are not for newbies
[22:37:00] <uqlev> you can't use it as working manuals those are like review
[22:37:19] <biodegabriel> uqlev: understood
[22:37:24] *** nysander has joined #postfix
[22:37:39] <nysander> hello
[22:38:11] <tharkun> !tell nysander welcome
[22:38:11] <knoba> nysander: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[22:39:16] <nysander> hello, i've read a lot of documentation but found problem that adding domain to mysql domain table require postfix reload
[22:39:44] <nysander> before reload i got 554 relay access denied and after delivery is ok
[22:39:57] <nysander> any ideas why?
[22:40:34] <nysander> is there some caching done in memory?
[22:40:56] *** lunaphyte_ has joined #postfix
[22:41:05] *** sebuba has joined #postfix
[22:41:53] <uqlev> nysander, I guess it is normal to reload postfix if you change any config or tables
[22:42:24] <nysander> but i've used mysql to have my configuration easily changeable
[22:42:26] <uqlev> nysander, postfixadmin should manage it automatically
[22:42:38] *** misterJack is now known as misterjack
[22:42:50] <biodegabriel> uqlev: at what point does dovecot create the socket? when i restart postfix?
[22:42:51] <nysander> i dont use postfixadmin, clear mysql editing
[22:43:17] <uqlev> nysander, then reload manually
[22:43:27] <nysander> but i'll test if its true after adding some more
[22:44:41] *** lunaphyte_ has quit IRC
[22:45:04] *** lunaphyte_ has joined #postfix
[22:47:30] *** ihtraum has quit IRC
[22:48:59] *** Thaxll has quit IRC
[22:54:11] *** sjrussel has quit IRC
[22:56:16] *** hever has joined #postfix
[22:58:57] *** sjrussel has joined #postfix
[23:01:02] *** riversky has joined #postfix
[23:01:13] *** hever has quit IRC
[23:04:16] *** fignew has left #postfix
[23:09:12] <biodegabriel> uqlev: do i have to configure /etc/dovecot/dovecot.conf and /etc/dovecot.conf?
[23:10:02] <uqlev> biodegabriel, I have no idea for your OS, I need only 1 dovecot.conf
[23:10:37] <Aprogas> I need approximately 37 dovecot.conf files.
[23:10:40] <biodegabriel> well dovecot comes with a .conf file, and the postfix docs are talking about about another oen.
[23:10:51] <Aprogas> I think the Postfix docs are talking about the same one.
[23:12:07] <uqlev> Aprogas, I guess 37 with includes?
[23:14:38] <biodegabriel> uqlev when is the dovecot socket created? after this "/etc/init.d/dovecot restart" ?
[23:14:40] *** nysander has quit IRC
[23:15:09] <uqlev> yes
[23:15:28] <biodegabriel> does dovecot have any logs?
[23:15:37] <biodegabriel> i can't find any
[23:15:53] <uqlev> biodegabriel, default logs in maillog
[23:16:00] <biodegabriel> ok
[23:18:00] *** istevenmon has quit IRC
[23:19:02] *** sebuba has quit IRC
[23:20:15] *** sjrussel has quit IRC
[23:20:29]
<biodegabriel> http://pastie.org/1177853 dovecot starts up ok, but postix still can't find the socket. there's no socket being created, right?
[23:20:32] <biodegabriel> uqlev: ^
[23:20:49] *** superbofh has quit IRC
[23:20:50] <biodegabriel> the private folder has no auth socket in it, is what i'm trying to say.
[23:21:22] <uqlev> biodegabriel, have you read link I gave you?
[23:21:38] <biodegabriel> yes, it doesn't apply to my os, i'm on ubuntu lts 10.04
[23:22:23] <uqlev> then do whatever applies to your OS
[23:25:06] <riversky> Error while Reconnecting to IMAP Account's mailbox directory is not owned by the correct uid or gid:
[23:25:10] <riversky> anyone help me pklz
[23:26:17]
<biodegabriel> the plot thickens... http://pastie.org/1177868 dovecot is running, but still not socket... i'm about the give up :(
[23:26:25] <uqlev> riversky, what IMAP server do you run?
[23:26:33] <riversky> postfix
[23:26:42] <rob0> !imap
[23:26:42]
<knoba> rob0: "imap" : IMAP is an application layer Internet protocol that allows a client (MUA) to access mailboxes on a remote server (see: http://en.wikipedia.org/wiki/IMAP). Postfix does not provide IMAP (or POP3) service; see !courier or !dovecot for common IMAP/POP3 choices.
[23:27:47] <uqlev> biodegabriel, do you expect I will ask you do not give up?
[23:27:59] <biodegabriel> uqlev: no, i'm just venting. it's my fault. i'm in over my head
[23:28:04] <biodegabriel> i got so far though!
[23:28:04] <uqlev> biodegabriel, just GIVE UP
[23:28:40] *** jeremymcs has quit IRC
[23:28:53] <biodegabriel> uqlev: NEVER!! LOL
[23:28:54] <uqlev> biodegabriel, I was walking around postfix about a year or so
[23:29:25] <uqlev> biodegabriel, and before I ran qmail for 7 years
[23:29:46] <uqlev> biodegabriel, MTA is not simple application
[23:30:19] <Aprogas> biodegabriel: I didn't scroll up, has anyone mentioned chroot yet?
[23:30:42] <Aprogas> !tell biodegabriel debian
[23:30:42] <knoba> biodegabriel: "debian" : Please see /usr/share/doc/postfix/README.Debian for Debian-specific information. This probably applies to Ubuntu and most other Debian-derivative distributions as well.
[23:30:47] <Aprogas> !tell biodegabriel chroot
[23:30:47] <knoba> biodegabriel: "chroot" : The fifth column in master.cf, if not n , means that the Postfix process described on that line runs in a chroot, see !debug , !queue_directory and files in the examples/chroot-setup subdirectory of the Postfix source archive which show examples of a Postfix chroot environment on a variety of systems
[23:32:20] *** GoGi has joined #postfix
[23:33:30] <biodegabriel> i'm gonna read up some more and start over later tonight. i think i thrashed too much to start debugging my setup. thanks so much for your help!!! uqlev
[23:33:45] *** biodegabriel has left #postfix
[23:35:27] *** jfried has quit IRC
[23:44:08] *** henriknj has joined #postfix
[23:49:28] *** smica has quit IRC
[23:54:08] *** uqlev has quit IRC
[23:57:29] *** rhenz has quit IRC
[23:57:35] *** sebuba has joined #postfix
[23:58:50] *** sebuba has quit IRC
September 23, 2010 