May 26, 2011 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 26, 2011 [00:00:26] *** roe_ has joined #postfix[00:00:26] *** roe_ has joined #postfix[00:03:22] *** Gatto has joined #postfix[00:07:07] *** Belial__ has quit IRC[00:08:58] *** loddafnir has quit IRC[00:09:41] *** brancaleone has joined #postfix[00:17:01] *** mivok has quit IRC[00:29:39] *** e-anima_afk has quit IRC[00:29:45] *** brancaleone has quit IRC[00:34:56] *** hparker has quit IRC[00:36:52] *** Gatto has quit IRC[00:42:13] *** weta has quit IRC[00:43:08] *** weta has joined #postfix[00:45:34] *** gremset_ has joined #postfix[00:46:19] *** gremset has quit IRC[00:51:19] *** uqlev has joined #postfix[00:57:53] *** Zeit|awy has quit IRC[01:01:27] *** bezourox has quit IRC[01:02:04] *** TomHome has quit IRC[01:03:49] *** TomHome has joined #postfix[01:04:04] *** on1ald has quit IRC[01:05:16] *** Timmooo is now known as Timzzzz[01:05:58] *** bezourox has joined #postfix[01:08:25] *** dragonheart has joined #postfix[01:18:53] *** echelog has joined #postfix[01:19:00] *** Mazon has joined #postfix[01:19:29] <thumbs> adaptr: apparently, yes.[01:22:36] *** dragonheart has quit IRC[01:25:16] *** kli0rf has quit IRC[01:25:33] *** kli0rf has joined #postfix[01:32:17] *** Cthulhu_Dawn has quit IRC[01:33:45] *** Cthulhu_Dawn has joined #postfix[01:36:28] <thumbs> Corey: stop flickering![01:40:49] <seekwill> Flickr[01:43:26] *** uqlev has quit IRC[01:45:43] *** jmedina has joined #postfix[01:46:10] <tharkun> Gentlemen i read an article that it is recomended that the encryption of a dns lookup should be checked. Meaning a safe way to do dns lookups. Is it possible to do it in bind and if so where should i look for the docs?[01:46:25] <tharkun> Sorry echan[01:49:16] <seekwill> Why would DNS lookups need to be encrypted?[01:50:01] <tharkun> seekwill: I don't have the article at hand. It was more like you needed to fetch a hash and a key to verify it[01:50:02] <seekwill> To prevent MITM?[01:50:24] <seekwill> So you know you're talking to your server and not a poisoned DNS server?[01:50:25] <thumbs> to prevent weeksill interference.[01:50:33] <seekwill> oooh[01:50:54] <tharkun> seekwill: something like that.[01:51:01] <tharkun> thumbs: aloha[01:51:06] <thumbs> hola.[01:51:24] <thumbs> tharkun: como esta senor?[01:51:30] <jimpop> go to any starbucks and tcpdump for dns queries. It's amazing what people around you are doing, working for, etc.[01:51:39] <seekwill> hehe[01:51:52] <tharkun> thumbs: muy bien gracias. Y usted?[01:52:00] <seekwill> !fooP[01:52:01] <knoba> seekwill: Error: "fooP" is not a valid command.[01:52:03] <thumbs> muy bien! gracias![01:52:04] *** seekwill has quit IRC[01:52:26] <tharkun> jimpop: I once tried it but i collapsed the accespoint ;P[01:52:36] <jimpop> nice[01:54:55] <thumbs> tharkun: abburido con el instalacion de windows xp[01:55:49] <tharkun> thumbs: aburrido? Si es una delicia instalarlo :D[01:58:04] <thumbs> haha[01:58:07] <thumbs> typo![01:58:34] <tharkun> Suuuuuuuure xD[02:02:56] *** dragonheart has joined #postfix[02:04:26] <thumbs> ok, it's dinner time, and I'm hungry. I was thinking burritos.[02:06:03] <tharkun> Anyway. Same here. Time to go home and work from there[02:08:30] *** hever has quit IRC[02:18:54] *** on1ald has joined #postfix[02:36:42] *** echelog has joined #postfix[02:37:02] *** Mazon has joined #postfix[02:51:02] *** Mazon has joined #postfix[03:04:21] *** echelog has joined #postfix[03:04:28] *** will has joined #postfix[03:05:06] *** Mazon has joined #postfix[03:06:16] *** master_of_master has quit IRC[03:10:06] *** tharkun has quit IRC[03:10:11] *** tharkun has joined #postfix[03:10:13] *** master_of_master has joined #postfix[03:18:05] *** eyecue has joined #postfix[03:25:46] *** gremset has joined #postfix[03:26:46] *** gremset_ has quit IRC[03:54:38] *** asb_ has quit IRC[03:54:58] *** asb has joined #postfix[04:07:00] *** Timzzzz is now known as Timmooo[04:25:25] *** Timmooo is now known as Timzzzz[04:28:04] *** eckirchn__ has joined #postfix[04:32:29] *** eyecue has quit IRC[05:00:31] *** hparker has quit IRC[05:07:01] *** tuxick has quit IRC[05:07:12] *** Tabmow has quit IRC[05:07:28] *** Tabmow has joined #postfix[05:16:36] *** signpost has joined #postfix[05:20:15] *** MAAAAAD has joined #postfix[05:22:05] <signpost> could someone point me to docs on how to set-up a transport map based on the sender's domain?[05:22:22] <signpost> I need everything but a few domains to be sent directly, and the specified domains to go through amazon ses[05:22:33] <signpost> I've got it set up to where I can set amazon as the default transport, and it all works[05:22:56] <signpost> the docs I found seemed to involve specifying another smtp server, or something[05:23:44] *** MAAAAD has quit IRC[05:25:46] <signpost> at this point I'm willing to send someone a pizza[05:28:17] *** beginer has joined #postfix[05:30:05] <signpost> beginer: you wouldn't happen to be a postfix expert, would you?[05:30:07] <rob0> Search postconf.5.html for all instances of "sender_dependent". But sorry, I charge more than pizza![05:30:24] <beginer> signpost, i am a postfix beginer[05:31:28] <signpost> rob0: what if raise the offer to lava cakes as well[05:31:30] <signpost> :D[05:31:50] <signpost> rob0: just kidding; thanks for the manpage[05:33:48] *** tuxick has joined #postfix[05:33:54] <signpost> rob0: hurray, looks like what I need![05:35:03] <rob0> Note, some of those options require 2.7+.[05:37:40] <signpost> rob0: good to know. I happen to be on 2.8.2[05:38:40] <rob0> good (wo)?man[05:41:08] <signpost> I am a dude[05:50:44] *** signpost has quit IRC[05:57:32] *** eckirchn__ has quit IRC[05:59:27] *** eckirchn__ has joined #postfix[06:04:53] *** echelog` has joined #postfix[06:05:21] *** vici0us has quit IRC[06:05:53] *** echelog` has quit IRC[06:09:47] *** echelog has joined #postfix[06:11:55] *** eckirchn__ has quit IRC[06:11:55] *** master_of_master has quit IRC[06:11:55] *** marchelly has quit IRC[06:11:55] *** iamchrisf has quit IRC[06:11:55] *** Toerkeium has quit IRC[06:11:55] *** ikonia has quit IRC[06:11:55] *** Zborg has quit IRC[06:11:55] *** koollman has quit IRC[06:11:55] *** Bracki has quit IRC[06:11:55] *** mick_laptop has quit IRC[06:11:55] *** hachiya has quit IRC[06:11:55] *** fOrsberg has quit IRC[06:11:55] *** mutante has quit IRC[06:12:32] *** eckirchn__ has joined #postfix[06:17:26] *** ikonia has joined #postfix[06:18:28] *** sep has joined #postfix[06:18:43] *** will has quit IRC[06:19:42] *** AcTiVaTe has joined #postfix[06:28:08] *** war9407 has quit IRC[06:30:46] *** mu574n9 has joined #postfix[06:31:43] *** eckirchn__ has quit IRC[06:32:08] *** tolkor has quit IRC[06:36:52] *** tolkor has joined #postfix[06:37:00] *** eckirchn__ has joined #postfix[06:38:01] *** rob0 has quit IRC[06:38:08] *** rob0 has joined #postfix[06:38:08] *** rob0 has joined #postfix[06:42:02] *** tolkor has quit IRC[06:42:29] *** tolkor has joined #postfix[06:42:46] *** skopii has quit IRC[06:42:48] *** master_of_master has joined #postfix[06:42:48] *** marchelly has joined #postfix[06:42:48] *** iamchrisf has joined #postfix[06:42:48] *** Toerkeium has joined #postfix[06:42:48] *** mutante has joined #postfix[06:42:48] *** Zborg has joined #postfix[06:42:48] *** koollman has joined #postfix[06:42:48] *** Bracki has joined #postfix[06:42:48] *** mick_laptop has joined #postfix[06:42:48] *** fOrsberg has joined #postfix[06:42:48] *** hachiya has joined #postfix[06:43:04] *** skopii has joined #postfix[06:51:06] *** loddafnir1 has joined #postfix[06:52:31] *** dragonheart has quit IRC[07:05:30] *** beginer has quit IRC[07:05:30] *** beginer has joined #postfix[07:06:33] *** _nalle has quit IRC[07:06:47] *** _nalle has joined #postfix[07:08:53] *** tjikkun has joined #postfix[07:08:54] *** tjikkun has joined #postfix[07:15:45] *** tolkor has quit IRC[07:16:14] *** tolkor has joined #postfix[07:29:47] *** codeshah has joined #postfix[07:29:59] *** BuenGenio has joined #postfix[07:30:03] <BuenGenio> good day[07:30:09] <BuenGenio> got a bit of a problem[07:30:57] <BuenGenio> I added 10.85.200.53, which is our Synology DiskStation backup, to mynetworks; restarted postfix; but when I try to send a test email from it see this in the logs:[07:30:57] <BuenGenio> NOQUEUE: reject: RCPT from unknown[10.85.200.53]: 554 5.7.1 <unknown[10.85.200.53]>: Client host rejected: Access denied;[07:39:53] <BuenGenio> OK, correction - it works by sending on port 25, but not on submission or 1025, which is another port we have opened[07:45:49] *** dh__ has quit IRC[07:46:05] *** dh has joined #postfix[07:49:08] *** mu574n9 has quit IRC[07:51:33] *** basho__ has joined #postfix[08:01:18] <pj> BuenGenio: first off...[08:01:22] <pj> !tell BuenGenio welcome[08:01:22] <knoba> BuenGenio: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[08:01:37] <BuenGenio> i'm all ears ^_^[08:01:37] <pj> BuenGenio: and also, why on earth did you open port 1025?[08:01:38] *** on1ald has quit IRC[08:01:56] <BuenGenio> it's a legacy setting the company employed to avoid Great Firewall issues in the past[08:02:07] <pj> ok[08:02:21] <pj> well, please follow the instructions in the /topic[08:02:50] <BuenGenio> do you really want my postconf -n ?[08:03:01] <pj> yes, and your relevant logs[08:03:16] <pj> we would not be asking for it if we didn't want it.[08:03:26] <BuenGenio> the relevant logs I already pasted[08:03:42] <pj> !tell BuenGenio relevant_logs[08:03:42] <knoba> BuenGenio: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[08:04:23] *** on1ald has joined #postfix[08:04:33] <BuenGenio> http://pastebin.com/6p1ATM27[08:04:50] <BuenGenio> pj, what else do you need apart from the NOQUEUE line?[08:04:52] <BuenGenio> NOQUEUE: reject: RCPT from unknown[10.85.200.53]: 554 5.7.1 <unknown[10.85.200.53]>: Client host rejected: Access denied;[08:04:59] <BuenGenio> that's pretty self explanatory, no?[08:05:12] <pj> pretty much, but sometimes there are other things that help.[08:05:27] <BuenGenio> only connect from unknown[10.85.200.53][08:05:27] <BuenGenio> immediately preceding it[08:05:33] <BuenGenio> and lost connection after RCPT from unknown[10.85.200.53][08:05:38] <BuenGenio> immediately after[08:05:39] <pj> !paste[08:05:39] <knoba> pj: "paste" : do not paste more than 2 lines in the channel. A pastebin is a way to share larger amounts of data with others, without flooding the channel with garbage. try http://pastebin.com or http://paste.debian.net (or use google and find your own). don't forget to tell us the url where you pasted the text[08:05:42] <pj> ^^^^^^^^[08:05:47] *** Zeit|awy has joined #postfix[08:05:54] *** eckirchn__ has quit IRC[08:06:02] <BuenGenio> point is - the relevant log is 2 lines long[08:06:05] <BuenGenio> ^^[08:06:30] *** Pinchiukas has joined #postfix[08:06:49] <pj> also can you pastebin your master.cf file?[08:07:26] <BuenGenio> ok here http://pastebin.com/EdWB2q7w[08:09:04] <BuenGenio> master.cf: http://pastebin.com/T5156fPe[08:09:30] *** codeshah has quit IRC[08:11:01] <Pinchiukas> SSL_accept error from unknown[<IP>]: -1[08:11:06] <Pinchiukas> What does this mean?[08:11:08] *** on1ald has quit IRC[08:12:54] *** pj has quit IRC[08:13:18] *** on1ald has joined #postfix[08:15:05] *** hever has joined #postfix[08:22:18] *** gerhard7 has joined #postfix[08:24:20] *** _Tassadar has quit IRC[08:26:59] *** UQlev has joined #postfix[08:40:48] *** e-jones has joined #postfix[08:50:13] *** TomHome has quit IRC[08:52:12] <Pinchiukas> Anybody?[08:59:53] *** breaker313 has joined #postfix[09:06:02] *** mailme_gx has joined #postfix[09:06:12] *** jujugre has joined #postfix[09:06:32] *** cyrilz_ has joined #postfix[09:06:32] *** zorg1 has joined #postfix[09:07:53] *** zorg1 has quit IRC[09:08:12] *** cyrilz_ has quit IRC[09:09:24] <mailme_gx> hi guys, I have a system working fine with pg 8.4 using jdbc on linux, when I setup a test enviromnet with pg 9.0 using jdbc on windows I have a problem reading (or storing) bytea values, where should I start looking? the version of jdbc driver or the changes in 8.4 and 9.0 reguarding collation?[09:11:54] * UQlev wonders wheter #postfix & #postgres have merged[09:14:52] <cmihai`> 0_o[09:16:04] *** ChrisA132 has joined #postfix[09:16:38] *** ChrisA132 has quit IRC[09:19:08] <mailme_gx> lol[09:19:20] <mailme_gx> me always makes the same mistake sorry guys[09:20:30] *** mailme_gx has left #postfix[09:21:37] *** spiekey has joined #postfix[09:21:39] <spiekey> hello![09:22:26] <spiekey> i have set smtp maxproc to 10 in my master.cf, but i still get 99 master processes: netstat -nap | grep -c master --> 99[09:22:33] <spiekey> what am i doing wrong?[09:22:47] *** breaker313_ has joined #postfix[09:23:15] *** breaker313_ has quit IRC[09:23:17] *** breaker313 has quit IRC[09:23:29] *** breaker313 has joined #postfix[09:25:00] *** UQlev has quit IRC[09:26:56] *** pj has joined #postfix[09:27:41] <pj> meh[09:27:44] <pj> had a power cut[09:32:14] *** Pinchiukas has quit IRC[09:32:31] *** Pinchiukas has joined #postfix[09:32:32] *** Pinchiukas has joined #postfix[09:32:43] *** Pinchiukas has left #postfix[09:33:58] <Aprogas> Hmm.. interesting, a spam that passed greylisting.[09:35:00] <pj> is it not beyond reason for a spammer to actually follow RFCs?[09:35:14] <tuxick> ?[09:35:19] <Aprogas> Seems to be a low-traffic spammer who has repeatedly hit me recently. I was wondering why more spam was getting through.[09:35:36] <pj> ahhhh, yep[09:36:09] <pj> ya know, the idea with spam has always been more is better ... I wonder if the opposite may actually be true as it would allow spam to more easily fly under the radar.[09:36:36] <tuxick> they use all methods they can think of anyway[09:37:12] <tuxick> wondering what'd happen if the shit gets beaten out of rokso top 20[09:37:24] <tuxick> they're KNOWN criminals[09:37:33] <tuxick> so how come they're not stopped?[09:38:36] <pj> who knows, some kind of conspiracy maybe? or maybe knowing and proving are two different things.[09:38:44] <Aprogas> They live in countries were law enforcement is busy with other things, presumably.[09:39:00] *** Motoko has quit IRC[09:39:18] <Aprogas> This spammer seems to change IP-address but also netblock every few mails.[09:39:49] <pj> hrmmmmmm, botnet[09:40:08] <Aprogas> Fails FCRDNS though, but I only greylist in response to that, I don't reject just for failing FCRDNS.[09:40:45] <pj> yep, failing fcrdns seems to suggest botnet, imo.[09:41:18] <Aprogas> I disagree. FCRDNS is usually dependent on the owner of the netblock, not the security of the system.[09:41:37] <Aprogas> Although there may be some correlation between shitty datacenters and infested hosts.[09:42:17] <pj> you said it was different netblocks, also botnets tend to be on end-user windoze machines where the ISP doesnt' give FCRDNS and that is out of control of the spammer.[09:42:40] <Aprogas> Not all different netblocks. Like 4-5 from the same netblock, then the older mails from another netblock.[09:42:55] <Aprogas> My ISP does FCRDNS on my home-connection but it's still in PBL/DUL.[09:43:12] <pj> well, easy way to find out, what are the netblocks? do they appear to be home ISPs?[09:43:44] *** abramart has joined #postfix[09:44:15] <Aprogas> Royal Online Marketing, Inc. LOGICWEB (NET-173-244-43-0-1) 173.244.43.0 - 173.244.43.255[09:44:51] <Aprogas> The other netblock seems to be owned by LogicWeb as well.[09:45:23] <pj> oh wow, spamming from his own netblocks, that is just idiotic.[09:48:04] *** _bugz_ has quit IRC[09:48:26] <Aprogas> The other block is a /20[09:49:01] <Aprogas> Actually the Marketing block is part of:[09:49:02] <Aprogas> LogicWeb Inc. LOGICWEB (NET-173-244-32-0-1) 173.244.32.0 - 173.244.63.255[09:49:07] *** e-anima has joined #postfix[09:49:41] <Aprogas> So that's a /19[09:50:54] *** mitchlovin has quit IRC[09:54:27] <Aprogas> [aprogas at enki:/home/aprogas/Maildir/ dot Junk/cur]% find . -newermt "1 month ago" -print0 | xargs -0 grep -l "^X-Greylist: " | wc -l 21[09:54:37] <Aprogas> Hmm.. my irssi wrapped that into one line.[09:59:56] <adaptr> pj: feel free to implement a policy server that keeps detailed records of what domains submit from which netblock :)[10:00:07] <pj> lol[10:00:08] <adaptr> it could be a useful additional score[10:00:25] <pj> I'm sure it could be, heh[10:00:28] <adaptr> well, spam happens mostly in bursts, so it wouldn't have to keep a long history[10:00:34] <adaptr> a weekor so at most, say[10:00:45] <adaptr> I would gladly give up a gigabyte for such a feature[10:01:03] <pj> yeah, well I hardly have the time, unfortunately[10:01:50] <adaptr> wouldn't actually be that big, either. timestamp + counter + ip + domain, say 64 bytes per entry, or 15-100 in SQLite[10:02:02] *** _bugz_ has joined #postfix[10:02:09] * robtone feiert immer einen tag spaeterI wanted to do that in a distributed fashion[10:02:24] <robtone> but rather for netblock/ip, helo and counter[10:02:30] <robtone> err[10:02:38] <robtone> I wanted to do that in a distributed fashion[10:02:48] *** athemiya has quit IRC[10:02:51] <adaptr> no, HELO is always random for large spam. way too much data[10:03:02] <robtone> mh[10:03:10] <adaptr> of course, if the PTR domain doesn't even exist, don't bother - I always reject unknown domains[10:03:15] <robtone> keeping in mind that random helos and insane helos are filtered out anyway[10:03:21] <adaptr> so you store timestamp, counter, IP, and verified PTR[10:03:33] <robtone> yep[10:03:36] <adaptr> that could even be a flag[10:04:04] <robtone> or only ptr and counter ;)[10:04:19] <adaptr> it would be more interesting to store directly than have to query the PTR every second[10:04:26] <robtone> err[10:04:26] <adaptr> but it should still expire[10:04:33] <robtone> nevermind, i wanted to achiev something else[10:04:34] *** Guest67131 has quit IRC[10:04:41] <adaptr> who doesn't[10:04:43] <robtone> I wanted a sender-list which blocks also google and yahoo abusers[10:04:50] <robtone> distributed[10:04:55] <adaptr> blocking spam is never the goal, but the fuckers just won't go away[10:05:22] *** mitchlovin has joined #postfix[10:05:39] *** cmihai` has quit IRC[10:05:41] <robtone> like exchanging hashed senders that were verified as spam by SA[10:05:47] <adaptr> the entire spam industry yields perhaps a few million dollars a year, but stopping it is a billion-dollar industry[10:05:57] *** cmihai` has joined #postfix[10:06:15] *** loompek has joined #postfix[10:06:21] <adaptr> the big players love spam - norton/symantec, CA, etc.[10:08:37] <pj> true, people are willing to shell out loads of money to not be bothered by spam.[10:13:21] *** devurandom has quit IRC[10:17:13] * robtone is not willing[10:17:37] *** r0han` has joined #postfix[10:18:59] *** abramart has quit IRC[10:26:41] *** abramart has joined #postfix[10:26:53] *** devurandom has joined #postfix[10:28:37] <Aprogas> Seems logicweb does have an anti-spam AUP so I sent an abuse-report.[10:31:06] <Aprogas> I find it somewhat hard to believe they've been blissfully unaware of this spammer since may 5th, but it's worth a try.[10:31:19] *** UQlev has joined #postfix[10:31:24] <pj> yeah[10:33:52] *** r0han` has quit IRC[10:40:53] <Aprogas> These spams are pretty obvious in their content by the way, but my pre-DATA spam-control was so effective, I don't spamfilter on content anymore.[10:41:07] <Aprogas> So perhaps the rest of the internet is just discarding them.[10:44:18] *** ^Zaz has joined #postfix[10:50:04] <UQlev> yes, policyd-weight does good job itself[10:51:46] <UQlev> the only weak spot if it is From: <>[10:53:32] <Aprogas> I use postfwd since a while.[10:54:50] <robtone> UQlev, if a new version comes out, it will also be possible to filter out DSN which are too much RBL listed etc[10:55:26] <BuenGenio> pj, so you're back :)[10:55:49] <robtone> UQlev, the problem is just, the sender domain was often a "good scorer", if that is missing, then I fear much more trouble than with accepting it[10:56:02] <Aprogas> I dread the day that spammers (re)discover that postfix doesn't apply restrictions to "rcpt to:<postmaster>"[10:56:41] <pj> BuenGenio: yes[10:56:59] <robtone> UQlev, and multirecpient dsn can be blocked with postfix[10:57:05] <BuenGenio> did my logs scare you?[10:57:20] <robtone> the rest is for SA and friends[10:57:29] <pj> BuenGenio: why would they scare me?[10:57:41] <BuenGenio> because you ran away shortly after :)[10:57:52] <pj> as I said, I had a power cut.[10:58:12] *** Gatto has joined #postfix[11:00:05] <UQlev> robtone: i see[11:00:38] <^Zaz> I'm trying to write a simple bash script to send email through my isp's smpt server; using postfix would be overkill y/n?[11:00:58] <^Zaz> smtp*[11:01:07] <Aprogas> !nullclient[11:01:07] <knoba> Aprogas: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[11:01:20] <pj> meh, beat me to it Aprogas[11:01:38] <Aprogas> You can still beat me to !nullclient_software[11:01:52] <pj> lol, he can check that one himself[11:01:56] *** wdp has joined #postfix[11:01:57] *** wdp has joined #postfix[11:02:01] <^Zaz> thanks guys ^^[11:11:11] *** JoKoT3 has quit IRC[11:11:56] *** devurandom has quit IRC[11:12:36] *** sahip has joined #postfix[11:14:23] <sahip> testing[11:17:15] <sahip> okay, I want to do something simple and I need a simple guide for it. I have read some basic guides on how smtp works, and from what I can tell, all I actually need, as a single computer in my home to send mail is, set relayhost, and smtp_sasl_password_maps, right?[11:18:06] <sahip> Whatever I see online starts by saying that I copy 40 lines first... I do not want that[11:18:54] <sahip> I don;t know anything at all about networking but I want to know what I am doing too[11:21:38] <sahip> well, if nobody is here, I will just come back later[11:21:54] *** sahip has quit IRC[11:22:59] <BuenGenio> pj, as much as I would love to sit and read the channel logs all day - I had a fire to put out at work... ^_^[11:23:15] <BuenGenio> I'm serious, there's a lot of cool stuff happening here[11:23:43] <pj> BuenGenio: that's nice, you still need help?[11:23:49] <BuenGenio> yes please[11:24:12] <BuenGenio> relevant logs: http://pastebin.com/EdWB2q7w[11:24:19] <BuenGenio> master.cf: http://pastebin.com/T5156fPe[11:24:25] <pj> BuenGenio: then you probably should have said so, for all I knew you solved your problem while I was walking around here lighting candles.[11:24:32] <BuenGenio> it's ok[11:24:36] <BuenGenio> i just got back myself[11:25:12] <pj> BuenGenio: according to your master.cf you will reject all connections to submission to 1025 that are not SASL authed.[11:25:34] <pj> !smtpd_client_restrictions[11:25:34] <knoba> pj: "smtpd_client_restrictions" : a configuration parameter in the main.cf: Optional SMTP server access restrictions in the context of a client SMTP connection request.[11:25:44] <pj> BuenGenio: ^^^^^^^^^^[11:26:04] <BuenGenio> ah, that makes sense[11:26:07] <BuenGenio> it's also true[11:26:08] <pj> grrrrr, nice of the factoid to link to something, heh[11:26:20] <pj> anyways, it's in the postconf(5) man page[11:26:24] <BuenGenio> thanks[11:26:53] <pj> yw[11:26:56] <BuenGenio> I thought mynetworks had precedence over other settings[11:27:07] <pj> no, not really[11:27:16] <BuenGenio> apparently....[11:27:31] <pj> you would need permit_mynetworks (I think, I didn't look that up, tbh).[11:28:08] <pj> and again, not sure why you['re using 1025 for submission, heh[11:35:17] *** marchelly has quit IRC[11:35:30] *** marchelly has joined #postfix[11:36:47] *** busta has joined #postfix[11:37:38] *** n0sq has quit IRC[11:39:12] *** zedd has joined #postfix[11:40:54] *** marchelly has quit IRC[11:41:15] *** busta has quit IRC[11:43:37] *** sphenxes has quit IRC[11:44:51] *** ChameleonSys has quit IRC[11:45:15] *** ChameleonSys has joined #postfix[11:45:20] *** sphenxes has joined #postfix[11:49:42] *** n0sq has joined #postfix[12:00:04] *** devurandom has joined #postfix[12:02:58] *** JoKoT3 has joined #postfix[12:14:18] *** Pinchiukas has joined #postfix[12:52:25] *** wame has quit IRC[12:54:43] *** xray_tsk has joined #postfix[12:55:29] <xray_tsk> Hello! Is it possible with postfix to log subject of rejected via dnsbl e-mails ?[12:58:17] *** devurandom has quit IRC[12:59:18] *** UQlev has quit IRC[13:01:04] *** cpm has joined #postfix[13:01:04] *** cpm has joined #postfix[13:01:20] *** devurandom has joined #postfix[13:06:21] <Corey> xray_tsk: No, as the reject occurs before DATA.[13:09:10] <xray_tsk> Is it possible to delay reject until DATA arrive?[13:15:39] *** TomHome has joined #postfix[13:18:07] *** cilly has joined #postfix[13:21:45] *** axscodes has joined #postfix[13:22:26] <axscodes> http://pastebin.com/PsSs2qrJ <-- hi gusy, can someone traceout whats the usual problem for this. i added the new domain via postfix admin...[13:23:53] *** ^Zaz has left #postfix[13:27:35] <pj> !tell axscodes loopback[13:27:35] <knoba> axscodes: "loopback" : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains[13:28:07] *** Cain has quit IRC[13:28:33] <pj> May 27 03:24:15 mx postfix/smtp[2158]: CC5B85C02B: to=<axscode at drupalph dot org>, relay=none, delay=0.11, delays=0.1/0.01/0/0, dsn=5.4.6, status=bounced (mail for drupalph.org loops back to myself)[13:28:43] <pj> axscodes: ^^^^^^^^^^^[13:30:21] *** uqlev has joined #postfix[13:31:10] <axscodes> forgot to list yoru domain in mydestination or virtual_alias_domain ? where can i find this?[13:32:17] <pj> if you're adding the domain to postfix admin it would be virtual_mailbox_domains, and you need to show us the info requsted of you in the /topic.[13:32:31] <axscodes> it seems i found main.cf, what should be my entries on mydestination ? im using mysql actually for this... postfix with mysql[13:32:58] *** Cain has joined #postfix[13:33:38] <axscodes> http://pastebin.com/8feGKySf <-- postconf -n[13:34:51] <pj> axscodes: what do you get with: postmap -q drupalph.org proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf[13:36:07] *** roe_ has quit IRC[13:36:09] <axscodes> nothing?[13:36:22] *** roe_ has joined #postfix[13:36:22] *** roe_ has joined #postfix[13:36:25] <pj> that should be returning something[13:36:33] <pj> since it doesn't postfix doesnt' see the domain[13:37:03] <axscodes> but in mysql i can see drupalph.org on domain table of postfix database[13:37:07] <pj> pastebin the contents of /usr/local/etc/postfix/mysql_virtual_domains_maps.cf (mask out the db password from your paste).[13:37:43] *** Cain has quit IRC[13:38:40] *** lunaphyte has quit IRC[13:38:52] *** jwing has quit IRC[13:39:10] *** lunaphyte has joined #postfix[13:39:11] <axscodes> http://pastebin.com/UYRCR1km[13:40:23] <pj> axscodes: what is the value of the backupmx and active columns in the drupalph.org row?[13:40:41] <axscodes> 1 and 1[13:41:06] <pj> that query won't return the row unless backupmx is '0'[13:41:53] <axscodes> ok so ill update that[13:41:57] <pj> ok[13:41:59] <axscodes> is there a way on postfixadmin ?[13:42:05] <pj> I don't know.[13:42:05] <axscodes> to fix this or should i manually do it[13:42:07] <axscodes> ok[13:42:10] <axscodes> gimme a sec[13:42:15] <pj> postfixadmin is beyond the scop[e of this channel[13:42:19] <pj> it is not part of postfix.[13:43:05] <axscodes> ok[13:45:17] *** cilly has quit IRC[13:45:34] <axscodes> it returns drupalph.org now on the postmap[13:47:35] <axscodes> and now i can receive mail[13:47:44] <pj> :-)[13:47:49] <axscodes> that is really quick trace, thanks a lot..[13:47:54] <axscodes> what really happends?[13:48:09] *** Cain has joined #postfix[13:49:46] <pj> what do you mean?[13:50:14] <axscodes> whats the meaning of backupmx 1[13:50:32] <pj> I don't know. It means whatever you have decided that it means.[13:50:44] <pj> it has no particular meaning to postfix afaik.[13:51:16] <axscodes> ah, ic..[13:51:27] <axscodes> hehe.. thats weird..[13:51:35] <pj> judging from the name of the field it likely means that postfix is a secondary (not primary) MX for the domain.[13:51:43] <axscodes> yeah.. looks like..[13:52:04] <axscodes> how can i add mail box to drupalph.org manually? right now im using postfixadmin[13:52:33] <pj> since you're using mysql you would add an entry to the corresponding mysql table.[13:52:49] <tuxick> the joys of using clickheres[13:52:53] <pj> ...which is all that postfixadmin would do.[13:53:36] <pj> for the most part, all that postfixadmin does is read and write rows in various mysql tables.[13:54:51] *** breaker313 has quit IRC[13:54:59] <axscodes> i think it only uses one table for this right..[13:55:13] <axscodes> so i will try to add..[13:55:18] <axscodes> ok i think one more question..[13:55:24] <axscodes> on the password column[13:55:32] <axscodes> how will i know what crypt to use?[13:56:37] <pj> that depends on what crypt your IMAP/POP3 server and SASL AUTH server uses.[13:56:45] <pj> usually it's plain text, but not always.[13:57:09] <axscodes> its scrambled, so i think its not plain text.. where can i find this config?[13:57:11] <pj> at any rate, postfix does not work with the password directly.[13:57:42] <pj> axscodes: in your dovecot config.[13:57:49] *** Twinkletoes has joined #postfix[13:59:06] <axscodes> ic.. checking out..[13:59:34] <pj> it would also be in your postfixadmin config.[14:00:30] *** patdk-wk has joined #postfix[14:00:39] *** ChameleonSys has quit IRC[14:01:04] *** breaker313 has joined #postfix[14:01:26] <axscodes> hmm it says md5[14:01:36] <axscodes> chekcing on postfix admin[14:03:31] <axscodes> $CONF['encrypt'] = 'md5crypt';[14:03:44] <axscodes> and $CONF['authlib_default_flavor'] = 'md5raw';[14:04:26] <pj> ok, again, you are beyond the scope of this channel.[14:04:45] <pj> postfix does not know or care how your passwords are stored.[14:05:17] <axscodes> yes, ill be going somewhere for this.. thanks a lot for the help and for the tips[14:05:29] <pj> yw[14:11:36] *** sphenxes has quit IRC[14:12:57] <axscodes> crypt() of php looks like the result. thanks a lot...[14:14:02] <pj> yw[14:14:43] *** TomHome has quit IRC[14:19:35] *** uqlev has quit IRC[14:21:40] *** KaiForce has joined #postfix[14:25:04] *** cilly has joined #postfix[14:28:27] *** beginer has quit IRC[14:33:16] *** Belial_ has joined #postfix[14:42:36] *** pj has quit IRC[14:42:52] *** cilly has quit IRC[14:45:51] <ujjain> Are here ASSP users?[14:46:28] *** jwing has joined #postfix[14:47:18] <Pinchiukas> Anyone can give me any hints where a X-Postfix-Sender header comes from? :)[14:50:48] <sysmonk> it's a DSN header[14:55:42] *** ChameleonSys has joined #postfix[14:56:33] <cpm> it comes from the underverse[14:57:22] <sysmonk> cpm comes from it[14:57:44] <cpm> 'till underverse comes![15:12:11] *** sjrussel has joined #postfix[15:20:28] *** Belial__ has joined #postfix[15:20:45] <Pinchiukas> I happen to be an MX for a certain domain from which email is sent to unexisting addresses. For some reason I'm getting the DSNs to my admin email box (maybe because the from address in those emails doesn't exist). What do I have to change to no loger get someone elses DSNs?[15:21:27] *** Belial_ has quit IRC[15:23:03] *** krzee has quit IRC[15:31:54] *** UQlev has joined #postfix[15:39:02] <Pinchiukas> Maybe it's delivered to the postmaster in that case?[15:42:36] *** myztic has joined #postfix[15:43:06] <Aprogas> Pastebin one of those DSNs with full headers please.[15:45:22] *** myztic has quit IRC[15:47:01] *** ujjain is now known as ujjain|afk[15:47:19] *** ujjain|afk is now known as ujjain[15:47:42] *** breaker313 has quit IRC[15:47:57] *** ujjain is now known as ujjain|afk[15:50:56] *** brancaleone has joined #postfix[15:52:13] *** Section1 has joined #postfix[15:52:26] *** ujjain|afk is now known as ujjain[15:55:02] *** creis has quit IRC[15:55:23] *** creis has joined #postfix[16:00:43] *** Katibe has joined #postfix[16:10:41] *** Subzeronoh has quit IRC[16:11:52] <Tykling> how can I add a header to all outgoing mail ? I've been trying to PREPEND and match all messages, but I am failing for some reason[16:13:04] *** SubZero_ has joined #postfix[16:13:17] *** hparker has joined #postfix[16:13:18] *** hparker has joined #postfix[16:19:34] <Aprogas> Tykling: Check the topic for instructions on what information we need.[16:27:07] *** lunaphyte has quit IRC[16:38:26] *** ssureshot has joined #postfix[16:41:25] *** e-jones has quit IRC[16:41:26] *** p3rror has quit IRC[16:55:39] *** UQlev has quit IRC[17:02:30] *** mambaw has joined #postfix[17:07:25] *** Twinkletoes has quit IRC[17:11:48] *** gremset has quit IRC[17:21:12] *** Tom-B has joined #postfix[17:21:33] <xray_tsk> Sorry for repeated question, but is it possible to tell postfix to delay reject action until all data will received, even if the host is blacklisted in dnsbl? I want to log subjects of rejected e-mail.[17:21:48] <xray_tsk> data means SMTP DATA[17:33:58] *** gremset has joined #postfix[17:38:37] <Aprogas> There is such a thing as end_of_data_restrictions but I don't recommend letting major amounts of spam get all the way to end-of-DATA before rejecting it.[17:39:01] <Aprogas> Why are the subjects so important?[17:40:27] <xray_tsk> We need it for a while to be sure, that there is no useful mail dropped. I understand the overhead of such processing, but we really need it for some days.[17:41:11] <Aprogas> When I reject mail, I add a message to contact postmaster at aprogas dot net for questions or problems.[17:41:41] <Aprogas> Any human reading the DSN (generated by their mailserver) can then contact me if they believe they were unjustly rejected.[17:41:53] <Aprogas> Mail to postmaster is not subject to the same restrictions in my configuration.[17:44:32] *** tharkun has quit IRC[17:44:32] *** tharkun has joined #postfix[17:45:01] *** ced117 has joined #postfix[17:47:16] <xray_tsk> Aprogas: do you sending email to sender on any reject?..[17:49:12] <Aprogas> No, I customise the reject message. So after "RCPT TO" they will see something like:[17:49:15] <Aprogas> 554 5.7.1 <j.jongmans at aprogas dot net>: Recipient address rejected: Blocked - contact postmaster at aprogas dot net for help - Multiple DNSBLs [rbl:zen.spamhaus.org:<http://www.spamhaus.org/query/bl?ip=117.198.107.118>; rbl:b.barracudacentral.org:<http://www.barracudanetworks.com/reputation/?pr=1&ip=117.198.107.118>][17:53:07] <spiekey> Hello![17:53:21] <xray_tsk> Okay... One more question then - how to change 554 message ?[17:53:39] <spiekey> i have one host that delivers a lot of mails to one of my mailserver. How can i prevent postfix to block it if it tries to many invalid addresses?[17:54:22] <xray_tsk> reject_unverified_recipient in smtpd_recipient_restrictions[17:54:32] <xray_tsk> spiekey: ^^ that's solution for your question[17:55:17] <spiekey> i just set that[17:55:24] *** mambaw has quit IRC[17:55:30] *** vho\ has quit IRC[17:56:15] *** vho has joined #postfix[17:56:55] <xray_tsk> Hmm. And unverified_recipient_reject_code = 550 should be set, if you really shure, that all works as should[17:57:54] <spiekey> yey![17:57:57] <spiekey> i did that too! :)[17:58:11] <spiekey> smtpd_recipient_restrictions = reject_unverified_recipient[17:58:11] <spiekey> unknown_local_recipient_reject_code = 550[17:58:11] <spiekey> unverified_recipient_reject_code = 550[17:58:47] <spiekey> hmm...now i get: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit[17:59:15] <Aprogas> xray_tsk: That specific message is created by postfwd, but that just returns a Postfix access(5) result.[17:59:28] <Aprogas> Don't touch the reject_codes, the defaults are correct[18:00:12] <xray_tsk> Aprogas: as far as I remember, the default is 450. i.e. temporary error[18:00:28] <Aprogas> Recipient verification can fail due to temporary problems, I don't recommend a permanent error.[18:00:31] <Aprogas> !verify[18:00:32] <knoba> Aprogas: "verify" : Sender or recipient address verification features: http://www.postfix.org/ADDRESS_VERIFICATION_README.html[18:00:44] <Aprogas> I think that restriction does something other than you both expect.[18:01:50] <xray_tsk> Aprogas: "The unverified_recipient_reject_code parameter specifies the numerical response code when an address is known to bounce (default: 450, change into 550 when you are confident that it is safe to do so). "[18:02:11] <Aprogas> Are you confident that it is safe to do so?[18:02:34] <lunaphyte_> i set that to 550 on all my systems.[18:02:41] <xray_tsk> I sure in my own solution.[18:03:07] <Aprogas> lunaphyte_: What if address verification fails due to some temporary malfunction? Won't that reject otherwise valid mail?[18:03:26] <lunaphyte_> sure.[18:03:30] <lunaphyte_> i'm not worried about it though.[18:03:33] <Aprogas> Ok.[18:03:38] <xray_tsk> Aprogas: as far as I remember, on temporary error it will return temporary error.[18:03:41] <Aprogas> You are a braver man than I.[18:03:45] <xray_tsk> I tested that in january.[18:04:20] <xray_tsk> I.e. 550 will returned only if postfix get negative response from remote server.[18:04:39] <xray_tsk> In all other situation it will return temporary error.[18:04:50] <lunaphyte_> i'd rather the almost nonexistent risk of permanently rejected mail than the much greater risk of recurring harassment because i'm saying things are temporary all of the time.[18:04:58] <Aprogas> Well, I guess that is one of the few reject_codes you could change, but mostly you want to leave those alone.[18:05:05] <xray_tsk> lunaphyte_: me too[18:05:32] <xray_tsk> Aprogas: no one will change code without reason :) this code should be changed, if all is set up and tested.[18:06:03] <xray_tsk> As in postconf specified...[18:10:15] <lunaphyte_> but...[18:10:25] <lunaphyte_> there is a bigger, more important question here...[18:10:55] <lunaphyte_> exactly what sort of recipient verification are you doing?[18:11:24] *** mambaw has joined #postfix[18:17:20] *** ikonia has quit IRC[18:18:00] *** jujugre has quit IRC[18:18:30] *** spiekey has quit IRC[18:18:31] *** youknowh1 has joined #postfix[18:19:14] *** Matic`Makovec has joined #postfix[18:19:22] *** madduck__ has joined #postfix[18:20:31] *** youknowho has quit IRC[18:28:39] *** roe has joined #postfix[18:35:34] *** cilly has joined #postfix[18:37:38] *** Bracki has quit IRC[18:40:10] *** KaiForce has quit IRC[18:42:10] *** Mark22 has quit IRC[18:42:10] *** Mark22 has joined #postfix[18:49:21] *** Tykling has quit IRC[18:49:30] *** shal3r has quit IRC[18:50:07] *** Tykling has joined #postfix[18:57:40] *** signpost has joined #postfix[18:57:59] <signpost> adaptr: I googled using sender_dependent_default_transport_maps and found you being a jerk to someone[18:58:01] <signpost> hahaha[18:58:36] <Aprogas> And you just had to come here to say that?[18:58:58] <signpost> no, I have a few questions[18:59:08] <signpost> but I think his behavior's completely inappropriate for freenode[18:59:14] <jelly> that's a better reason to come in here than most others[18:59:44] <signpost> I was doing my due dilligence by googling and reading docs first, before asking questions[19:00:03] <Corey> signpost: But rather than asking your question you come in here to first mock one of the channel regulars?[19:00:06] <Corey> Not smart.[19:00:18] <Aprogas> Unsure about what you tried to achieve with your comment.[19:00:32] <signpost> sorry to upset the postfix priesthood[19:00:45] <Corey> http://media.tumblr.com/tumblr_lk0ej8ZC8p1qc3ioj.jpg[19:01:10] <signpost> Corey: I can send you the logs I've found googling, and am going to send them over to freenode staffers either way[19:01:18] <signpost> you guys don't need to treat newbs like shit[19:01:28] <Aprogas> We don't.[19:01:47] <Corey> signpost: Let me save you some time. :-)[19:01:49] <Aprogas> But if someone comes in here and as opening line mocks one of us, it sort of sets a certain mood.[19:01:58] <Corey> signpost: Channel ops are free to run their channels however they'd like.[19:01:59] <Aprogas> You could of course apologise, ask your questions, and be helped.[19:02:29] <cpm> or even just go about asking the questions, following the guide in the channel topic, and set all this personal stuff aside.[19:03:29] *** cilly has quit IRC[19:04:41] *** ionte has quit IRC[19:06:36] *** ionte has joined #postfix[19:14:01] *** devurandom has quit IRC[19:14:19] *** devurandom has joined #postfix[19:21:54] *** ssureshot has quit IRC[19:21:54] *** mitchlovin has quit IRC[19:21:54] *** weta has quit IRC[19:21:54] *** daguz has quit IRC[19:21:54] *** jumperboy has quit IRC[19:21:54] *** thumbs has quit IRC[19:21:54] *** sugar_skymeyer has quit IRC[19:21:54] *** jdoe has quit IRC[19:21:54] *** jense has quit IRC[19:21:54] *** jelly has quit IRC[19:21:54] *** dentifrice has quit IRC[19:21:55] *** doomas has quit IRC[19:21:55] *** path has quit IRC[19:21:55] *** sebbow has quit IRC[19:21:55] *** vn has quit IRC[19:22:14] *** KaiForce has joined #postfix[19:22:48] *** ssureshot has joined #postfix[19:22:48] *** mitchlovin has joined #postfix[19:22:48] *** weta has joined #postfix[19:22:48] *** daguz has joined #postfix[19:22:48] *** path has joined #postfix[19:22:48] *** jumperboy has joined #postfix[19:22:48] *** thumbs has joined #postfix[19:22:48] *** sugar_skymeyer has joined #postfix[19:22:48] *** dentifrice has joined #postfix[19:22:48] *** jdoe has joined #postfix[19:22:48] *** vn has joined #postfix[19:22:48] *** jense has joined #postfix[19:22:48] *** jelly has joined #postfix[19:22:48] *** doomas has joined #postfix[19:22:48] *** sebbow has joined #postfix[19:23:24] *** gremset has quit IRC[19:23:40] *** gremset has joined #postfix[19:24:33] *** brancaleone has quit IRC[19:37:41] *** empity has quit IRC[19:48:41] *** mambaw has quit IRC[20:01:23] *** hparker has quit IRC[20:08:49] *** brancaleone has joined #postfix[20:22:25] *** hparker has joined #postfix[20:22:25] *** hparker has joined #postfix[20:22:28] *** cilly has joined #postfix[20:23:16] *** _bugz_ has quit IRC[20:28:09] *** war9407 has joined #postfix[20:35:07] *** theemstra has joined #postfix[20:36:23] <jimpop> everybody can go to hell, imho. if you don't like that, complain to chanops. :-)[20:37:44] <theemstra> jimpop: what have we done?[20:38:24] *** axscodes has left #postfix[20:38:25] <jimpop> exactly! nothing that has cost you anything, other than your time, and nothing less valuable than what I have paid for.[20:38:36] <jimpop> ;-)[20:38:58] * thumbs blames Corey[20:38:58] *** _bugz_ has joined #postfix[20:39:01] <jimpop> the general bitching and angst is free (and midly beneficial)[20:43:11] <Corey> Indeed.[20:43:18] <Corey> did signpost ever mention ehwat its problem was?[20:43:47] <jimpop> iirc, he/she had a transport question late lastnight[20:44:17] <thumbs> Corey: http://www.amazon.ca/dp/0553801473/ref=pe_155250_20000700_pe_epc_t1[20:44:44] <Corey> thumbs: Already preordered.[20:44:54] <thumbs> Corey: ok.[20:45:48] <jimpop> new chan topic: How can you expect the noob to breath on it's own if you don't slap it asap[20:45:50] *** _bugz_ has quit IRC[20:46:12] <jimpop> ;-)[20:46:19] <signpost> Corey: yeah, I have a sender dependent transport in there, but it's not being used. I'll debug it myself though[20:46:30] <signpost> a mail server just became my responsibility[20:52:21] *** theemstra has quit IRC[20:53:03] *** lunaphyte has joined #postfix[20:58:04] *** cpm has quit IRC[20:59:44] *** signpost has quit IRC[21:00:43] *** theemstra has joined #postfix[21:00:57] <theemstra> goodevening, is here someone that could help me configuring postfix in combination with dovecot (virtual users)?[21:01:26] *** _bugz_ has joined #postfix[21:02:15] <Aprogas> Probably.[21:07:01] <theemstra> that would be very nice[21:07:24] <Aprogas> !ask[21:07:24] <knoba> Aprogas: "ask" : Please regard http://workaround.org/getting-help-on-irc and don't ask to ask, just ask. (after you've read 'getting help')[21:08:25] *** roe has quit IRC[21:09:01] <theemstra> im working on a mailserver, with postfix and dovecot, and i would like virtual users, the postfix incoming mail part is working.[21:09:31] <theemstra> but i have no idea how to combine it well[21:09:38] <theemstra> the configuration[21:11:44] *** cilly has quit IRC[21:11:53] *** ikonia has joined #postfix[21:12:38] *** ikonia has quit IRC[21:13:15] *** ikonia has joined #postfix[21:22:00] *** ncode has joined #postfix[21:24:02] *** pj has joined #postfix[21:28:32] *** ced117 has quit IRC[21:43:06] *** Zeit|awy has quit IRC[21:46:12] *** Cthulhu_Dawn has quit IRC[21:46:28] <adaptr> well, at least I dont have to doubt about putting him on the no-fly list[21:48:51] *** MAAAAAD has quit IRC[21:49:08] *** MAAAAAD has joined #postfix[22:00:20] <Aprogas> theemstra: Check the topic for instructions.[22:01:06] *** gremset has quit IRC[22:01:22] *** gremset has joined #postfix[22:04:48] *** Lenhix has joined #postfix[22:12:57] *** sjrussel has quit IRC[22:19:50] *** basho__ has quit IRC[22:25:48] *** krzee has joined #postfix[22:27:48] *** theemstra has left #postfix[22:33:40] *** Belial_ has joined #postfix[22:34:33] *** Belial__ has quit IRC[22:34:51] *** yaaar has joined #postfix[22:36:03] <yaaar> wow...so i've been using "reject_rbl_client bl.spamcop.com" in my recipient restrictions forever. but this morning i see that some of yahoo's outgoing servers are blocked in it[22:36:12] <yaaar> that strikes me as unacceptable[22:37:38] <jimpop> yaaar: what if those servers are sending spam.....[22:38:25] <jimpop> or are you someone who believes that some companies are too big to leak spam?[22:38:30] <yaaar> jimpop: yes, i'm sure that they are. but blocking all mail from yahoo is just not a realistic possibility[22:38:57] <yaaar> the users will revolt![22:39:03] <jimpop> yaaar: it's not "all mail". yahoo have thousands of servers[22:39:18] <jimpop> just the ones doing the spamming are/were listed[22:40:03] <yaaar> ok, that much is true. but the user doesn't choose what server he sends through. which is to say that a certain percetage of the time their mail will bounce. at random. and from looking at the logs, that percentage appears to be high[22:40:23] <jimpop> indeed, at least for this week[22:40:31] <yaaar> which is also to say that our phone will ring because "people can't send me emails!"[22:40:39] <jimpop> if those users want better service, they should pay for better service[22:40:43] *** gerhard7 has quit IRC[22:41:13] <yaaar> and of course they will react incredulously when we claim that our 10-person operation is doing everything right and the multibillion dollar multinational is effing things up[22:41:23] <Aprogas> Not many DNSBLs are suitable for a 1-hit-reject policy, usually a scoring system is better.[22:41:52] <Aprogas> zen.spamhaus.org probably is safe to use as a 1-hit-wonder though.[22:41:54] <yaaar> Aprogas: is there a way to implement such a system simply in the postfix config? ie without some external framework?[22:42:00] <jimpop> Aprogas: very very true words, often overlooked by many[22:42:09] <yaaar> Aprogas: yeah, i have zen and spamcop as the only two[22:42:13] <Aprogas> You can use postscreen in 2.8.x or a policyd in earlier versions.[22:42:20] <yaaar> which has worked pretty well up to now[22:42:27] <Aprogas> DNSBLs don't always stay good.[22:42:36] <Aprogas> Sometimes you have to switch one out for a better one.[22:43:18] <yaaar> yeah, that's ultimately why i dropped in....to find out if spamcop had become overzealous and see if folks were moving from that to some other rbl[22:43:22] <jimpop> yaaar: if you only use one or two rbls, have you considered what happens if your usage increases and those rbls block your queries?[22:43:43] <yaaar> jimpop: no, i had not considered that[22:43:48] <yaaar> what happens?[22:44:04] <yaaar> wide open? or completely shut?[22:44:05] * jimpop wonders what level of over zealousness is appropriate for a single spam[22:44:13] <jimpop> yaaar: depends[22:44:16] <Aprogas> http://www.intra2net.com/en/support/antispam/index.php_sort=accuracy_order=desc.html[22:44:34] <yaaar> i remember when spamhaus blackholed the world...[22:44:46] <yaaar> at least i think that's who it was[22:44:55] <Aprogas> You can also use a more complicated system combining whitelists, yellowlists and blacklists.[22:44:55] <yaaar> definitely a widely used one at the time[22:45:10] <yaaar> yeah, i'd really like to keep things pretty simple if at all possible[22:45:20] <jimpop> no single rbl is perfect, nor permanent[22:45:29] <Aprogas> Servers from Yahoo would usually be on a yellowlist, where yellowlist is the idea that the IP-address is no indication for spamminess and shouldn't be considered for white- nor blacklisting.[22:45:34] <jimpop> if you want to save yourself some trouble next year, fix the problem today[22:46:02] *** KaiForce has quit IRC[22:47:59] *** jwing has quit IRC[22:51:48] *** Timzzzz is now known as Timmooo[23:02:00] *** Matic`Makovec has quit IRC[23:04:53] *** brancaleone has quit IRC[23:07:15] *** brancaleone has joined #postfix[23:14:36] *** hever has quit IRC[23:15:25] *** Belial_ has quit IRC[23:20:30] *** dall has joined #postfix[23:20:37] <dall> hello everybody[23:23:36] <dall> I have a strange problem....... i have configured a domain with a dedicated IP that i'm using as MX server.... like: mail.example.com then i have many domains like domain1.com - domain2.com - domain3.com all these domains have the same MX server (set on the DNS)...... i really do not understand WHY domain1.com and domain2.com CAN send email to gmail.com but domain3.com NOT.............there are the same DNS record[23:23:36][23:24:33][23:24:49] <jimpop> !tell dall spf[23:24:49] <knoba> dall: "spf" : sender policy framework - an extension to SMTP that allows to identify and reject emails from spoofed/forged email senders. SPF is just a TXT or SPF record in your DNS zone in a special format. See: http://www.openspf.org/[23:25:04] <dall> jimpop, i SET spf[23:25:12] <dall> all these domains has the SPF[23:25:23] <dall> i only allow the MX to send email[23:25:24] <jimpop> what about matching PTR records[23:25:32] <dall> yes[23:25:49] <dall> my mx server has the correct PTR (mail.example.com)[23:26:12] <jimpop> check the gmail headers, of the email in the spam folder, it might reveal something[23:26:26] <dall> i do not permit spam...i use ---> v=spf1 mx -all i only permit my mx server to send email for that domain[23:26:36] <dall> jimpop, i tried but it's really really strange...because...[23:26:44] <dall> one moment i post it to you[23:28:15] <dall> jimpop, Received-SPF: pass (google.com: domain of clienti at domain3 dot it designates xxx.xxx.xxx.xxx as permitted sender) client-ip=xxx.xxx.xxx.xxx;[23:28:27] <dall> jimpop, Authentication-Results: mx.google.com; spf=pass (google.com: domain of clienti at domain3 dot it designates xx.xxx.xxx.xxx as permitted sender) smtp.mail=clienti at domain3 dot it[23:28:39] <dall> my email pass the spf check[23:29:06] <jimpop> have you checked the IPs for any rbl listings?[23:29:51] <dall> yes...it is good is not listed....[23:29:57] <dall> the question is...[23:30:08] <dall> why domain1 and domain2 can send email and not domain3[23:30:17] <dall> the wwebsite has the same IP address[23:30:26] <dall> and using the same MX[23:30:55] <jimpop> i don't know. i have a similar setup and can send from all domains to gmail[23:30:59] <dall> domain1 domain2 domain3 CAN send to HOTMAIL that has very high spam filter.......but not to gmail (only domain3) :/[23:31:30] <dall> i can send emails to gmail only the third domain NOT...[23:31:34] <dall> very strange.[23:33:10] *** sphenxes has joined #postfix[23:34:55] <pj> dall: same exact email content?[23:35:10] <dall> yes[23:35:20] <pj> dall: what are the domain names in question?[23:35:30] <dall> the same... i wrote 5-6 lines[23:35:39] <dall> can i show them in public ?[23:35:59] <pj> dall: that's entirely up to you[23:36:06] <dall> btw the domain i CAN'T send to gmail is: consulenzarapida.it[23:36:18] <pj> and the other two?[23:36:35] <dall> one of them is: linuxarena.com[23:37:21] <pj> what's the other one?[23:37:29] *** hever has joined #postfix[23:37:37] <dall> egotive.com[23:37:48] <dall> these 3 domains[23:38:00] <pj> ok, well, it could just be the fact that it's a .it domain making the difference[23:38:07] <pj> .it domains are known for sending spam.[23:38:18] <dall> :)[23:38:23] <dall> are the italian spammers? :D[23:38:37] * pj shrugs, just an observation, heh[23:38:40] <dall> btw yes the only difference is .it the other are .com[23:38:48] <dall> eheh yes[23:38:52] <pj> one min[23:38:56] <dall> ok thanks[23:39:51] *** BobLfoot has joined #postfix[23:40:07] <pj> different registrar as well[23:40:07] <jimpop> dall: the consulenzarapida.it has a null spf record[23:40:19] <dall> null ?[23:40:22] <jimpop> "v=spf1 mx -all"[23:40:32] <jimpop> that says this domain doesn't send legitmate email[23:40:40] <jimpop> doh[23:40:44] <jimpop> i see the mx now[23:40:46] <jimpop> :-)[23:40:48] <pj> heh[23:40:57] <jimpop> dark in here, power went out[23:41:06] <pj> ahhhh, yep[23:41:07] *** gremset_ has joined #postfix[23:41:07] <dall> yes there is the SPF[23:41:11] <dall> thank a look at http://network-tools.com/default.asp?prog=dnsrec&host=consulenzarapida.it[23:41:32] <pj> well, the only thing I can think of is that you are beling blocked based on the domain name itself.[23:41:33] <dall> *thank = take :P[23:41:52] <dall> hmm really?[23:42:14] <dall> strange hotmail has very high spam filter but i can send email to @hotmail account......very strange[23:42:27] <pj> they are all different[23:42:34] <dall> the DNS are good i do not see problems...[23:42:36] <dall> ?[23:42:46] <pj> I mean hotmail, vs google, vs yahoo, etc[23:42:59] <pj> I wouldn't take much stock in the fact that hotmail is just fine[23:43:07] <dall> ah yes[23:43:24] <dall> you are true...but it's very strange because i have the same configuration for these 3 domains...[23:43:35] <dall> the first two are ok....the last no :/[23:45:23] *** gremset has quit IRC[23:45:42] <BobLfoot> Probably Dumb question but I could use help ; postconf -n == http://fpaste.org/Fks9/ and /var/log/maillog == http://fpaste.org/gXMR/ i am following the instructions at http://wiki.centos.org/HowTos/postfix and http://wiki.centos.org/HowTos/postfix_restrictions and failing the simple telnet test of my postfix server. The user is the local non-priv user ; do I need to add his uname to a recipients table somewhere that wasn't mentioned in the HowTo.[23:46:21] <pj> dall: read through this doc and make sure you're doing everything they suggest: https://mail.google.com/support/bin/answer.py?answer=81126[23:46:29] <dall> ok[23:46:37] <dall> pj, thank, I read it right now[23:47:05] <pj> if you still have problems move onto this page: https://mail.google.com/support/bin/answer.py?answer=17205[23:47:13] <dall> pj, hmmm DKIM <----- i think i have to use it[23:47:25] <pj> dall: it will help.[23:48:44] <jimpop> dall: yes, dkim will help with gmail[23:49:12] *** Gatto has quit IRC[23:49:49] <dall> do you have any tutorial to understand how to install it...how it works[23:49:54] <dall> (i'm using ubuntu)[23:50:00] <pj> !dkim[23:50:00] <knoba> pj: "dkim" : DomainKeys Identified Mail (DKIM) is a method for email authentication that allows an organization to take responsibility for a message in a way that can be validated by a recipient. this is typically implemented in postfix by means of a milter. alternatively, existing content filters (e.g. amavis) may also have their own implementation mechanism.[23:50:15] <pj> gah, that should have a link, meh[23:50:33] <pj> just google for: postfix dkim[23:51:11] <dall> ok perfect[23:51:17] <dall> domainkey is the same?[23:51:18] <dall> old?[23:51:27] <pj> domainkey is the predecessor to dkim[23:51:45] <jimpop> dall: http://www.howtoforge.com/quick-and-easy-setup-for-domainkeys-using-ubuntu-postfix-and-dkim-filter[23:52:06] <jimpop> and http://www.postfix.org/MILTER_README.html[23:52:32] <jimpop> as well as: https://help.ubuntu.com/community/Postfix/dkim-milter[23:52:54] <dall> wonderful[23:52:56] <dall> perfect![23:52:56] <dall> ok[23:53:00] <dall> thank you![23:53:10] <pj> !tell BobLfoot tutorial[23:53:10] <knoba> BobLfoot: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their server w/out reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to find hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.[23:54:02] <dall> jimpop, are you using DKIM ?[23:54:10] <dall> pj, you too?[23:54:11] <jimpop> dall: yes[23:54:21] <pj> dall: yes[23:54:30] <dall> hmmmm i MUST use it[23:54:30] <dall> :D[23:54:32] <BobLfoot> knoba: I read thru the Centos Doc package that came when postfix was isntalled and unfortuantely while I've programmed copmuters for 36 years - since the days of relay logic, I'm not enough of a rocket scientist to understand the docs[23:54:59] <jimpop> dall: in the past, dkim is what solved my delivery to gmail problems[23:55:22] <pj> BobLfoot: according to your log there is no local user "bob" for the email to be delivered to.[23:55:28] <dall> ok... I Must must use it[23:55:29] <dall> :D[23:55:40] <dall> jimpop, i little confused....thank a look at[23:55:48] <dall> the link you gave me https://help.ubuntu.com/community/Postfix/dkim-milter[23:55:54] <BobLfoot> pj thats right the local use is Bob and the mail was addressed to Bob[23:56:00] <adaptr> BobLfoot: the log is saying that Bob at lfoothome dot selfip.net is not a local user.[23:56:06] <pj> right, Bob[23:56:18] <dall> i read... dkim-milter is a milter-based application (dkim-filter) which plugs in to Postfix to provide DomainKeys Identified Mail service for your. NOTE: Starting with Ubuntu 10.04, dkim-filter is deprecated. Use the opendkim package instead. Configuration is generally similar to dkim-filter, but it is still actively maintained.[23:56:32] <BobLfoot> That's really funny since I am logged into the box as Bob right now using irssi to chat with you[23:56:41] <adaptr> BobLfoot: that means that either A. bob is not a local user or alias, B. lfoothome.selfip.net is not in mydestination, or C. both.[23:56:42] <dall> i don't understand.......is it DKIM or domainkey?[23:56:44] <jimpop> dall: the same guy wrote both[23:57:11] <jimpop> dall: to be clear, the same guy wrote opendkim and dkim-milter[23:57:30] <pj> adaptr: could it be a case-folding issue? what does postfix do with the case of usernames?[23:57:42] <adaptr> it lowercases all localparts[23:57:51] <pj> adaptr: ahhh, that's what I thought[23:57:51] <adaptr> before cleanup(8) comes into play[23:57:51] <jimpop> dkim-milter is from sendmail.net, opendkim is the "open" release of it since MSK left sendmail.com[23:57:57] <pj> so if the system user is "Bob" ...[23:58:02] <pj> it will be looking for "bob"[23:58:04] *** gremset_ has quit IRC[23:58:04] <adaptr> in fact, I think that's one of the things cleanup(8) does[23:58:05] <pj> and not find it.[23:58:06] *** jense_ has joined #postfix[23:58:16] <BobLfoot> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain[23:58:22] *** gremset has joined #postfix[23:58:27] <BobLfoot> oops ment to add an explanation with that[23:58:29] <adaptr> BobLfoot: try it. alias Bob to bob in /etc/aliases[23:58:30] <pj> BobLfoot: see what I just said: ^^^^^^^^^^[23:58:30] <jimpop> dall: both opendkim and dkim-milter are nearly identical in config files, etc[23:58:38] *** jense has quit IRC[23:58:45] <dall> jimpop, so i have to install opendkim[23:58:57] <jimpop> dall: yes, that will work[23:59:08] <BobLfoot> pj working on that suggestion now thanks[23:59:08] <dall> it's new[23:59:13] <dall> the first is deprecated[23:59:20] *** zedd has quit IRC[23:59:27] <dall> dkim-filter <----- deprecated[23:59:30] <jimpop> dall: the same info on those urls will help, just might be /etc/opendkim.conf instead of /etc/dkim.conf.[23:59:53] <jimpop> dall: the same guy wrote both