May 30, 2011 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
May 30, 2011 [00:03:40] *** Norman_Bates has quit IRC[00:23:42] *** rob0 has joined #postfix[00:23:42] *** rob0 has joined #postfix[00:28:47] *** e-anima has quit IRC[00:32:00] *** uqlev has quit IRC[00:36:51] *** Jaac has joined #postfix[00:45:50] *** higuita has joined #postfix[00:46:26] *** Zeit|awy has quit IRC[00:46:36] *** Zeit|awy has joined #postfix[00:51:12] *** wdp has quit IRC[00:51:17] *** Zeit|awy has quit IRC[00:57:57] *** Jaac has quit IRC[01:03:38] *** Floo has quit IRC[01:14:30] *** milligan has quit IRC[01:20:28] *** milligan has joined #postfix[01:25:36] *** tianshiz_ has quit IRC[01:34:41] *** dragonheart has joined #postfix[01:44:42] *** basho__ has quit IRC[01:45:16] *** kuhkatz has quit IRC[01:48:43] *** Jaac has joined #postfix[01:59:50] *** Jaac has quit IRC[02:01:43] *** nokia3510 has quit IRC[02:07:47] *** nokia3510 has joined #postfix[02:10:16] *** Jaac has joined #postfix[02:45:10] <yashy> Can anyone help me debug postfix+SASL on debian?[02:45:26] <yashy> May 29 17:35:59 vps postfix/smtpd[7579]: warning: SASL: Connect to private/auth failed: No such file or directory[02:45:26] <yashy> May 29 17:35:59 vps postfix/smtpd[7579]: fatal: no SASL authentication mechanisms[02:45:41] <yashy> yet ps auwx | grep sasl shows it running[02:46:14] *** milligan has quit IRC[02:50:28] *** milligan has joined #postfix[02:51:40] <lunaphyte> did something say it wasn't running?[02:51:54] <lunaphyte> and shows *what* running?[02:57:45] *** jfried has quit IRC[02:57:50] <yashy> root 32731 0.0 0.2 8668 784 ? Ss 06:48 0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -n 5[02:59:51] <lunaphyte> is there a particular reason you're using cyrus rather than dovecot?[03:01:52] <yashy> Perhaps that's the issue, I am using dovecot :D How do I resolve?[03:01:59] <lunaphyte> huh?[03:02:40] <yashy> What part didn't you understand?[03:02:55] <pj> private/auth is for dovecot sasl, I think[03:03:01] <pj> not cyrus sasl[03:03:13] <Tabmow> !tell yashy sasl[03:03:13] <knoba> yashy: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[03:03:56] <pj> sounds like you're mixing up the directions for cyrus sasl and dovecot sasl[03:04:01] <lunaphyte> private/auth auth is just a path. it has no empirical relationship to any one particular product.[03:04:41] <lunaphyte> yashy: you say you're using dovecot, but the line you shared from the output of ps is cyrus. which is it?[03:05:29] <pj> lunaphyte: private/auth is typically used with dovecot sasl.[03:06:16] <lunaphyte> typically, yes.[03:06:23] <yashy> I think maybe I did mix together cyrus and dovecot then, but my intentions are just to run dovecot[03:06:31] <lunaphyte> then get rid of cyrus.[03:06:37] <yashy> How?[03:06:41] <lunaphyte> saslauthd is cyrus[03:06:45] <lunaphyte> how? uh...[03:06:51] <lunaphyte> how did it get on your computeR?[03:06:55] <lunaphyte> undo that.[03:07:09] <pj> lunaphyte: right I was just referring to it as an indication that he was confgiuring for dovecot[03:07:10] <yashy> ahh I thought saslauthd was authentication hooks for cyrus or dovecot[03:07:21] <lunaphyte> authentication hooks?[03:07:25] <yashy> no need to be a dick, I'm just asking for help.[03:07:30] <lunaphyte> sasuthd is a program.[03:07:47] <pj> yashy: no, saslauthd is just the cyrus implementation.[03:07:53] <lunaphyte> excuse me? are you calling me a dick?[03:08:05] <yashy> pj: ok thanks, so deleting saslauthd now and hopefully I'm off to the races :)[03:08:39] <pj> yashy: I doubt it, just because you delete program A doesn't mean that program B will magically start to work.[03:08:54] <lunaphyte> not sure what exactly you mean by "deleting" saslauthd, but that's unlikely to be wise.[03:09:36] <lunaphyte> and he still needs to respond to my inquiry about his apparently blatant insults to those from which he's seeking help.[03:09:36] *** master_of_master has quit IRC[03:09:55] <yashy> pj: I've installed both, so if removing saslauthd doesn't resolve it I'll reinstall dovecot[03:10:04] <lunaphyte> why?[03:10:18] <lunaphyte> that would not be terribly logical.[03:10:34] <pj> yashy: you can re-install dovecot all you want, if you don't configure it properly and configure postfix properly it will not work.[03:11:16] *** master_of_master has joined #postfix[03:11:25] <yashy> pj: of course. As I mentioned, i though saslauthd was secure authentication for dovecot, so I'd configured both[03:11:35] <pj> certainly you can probably remove saslauthd, you don't need it and aren't using it, but that's not the cause of your problem.[03:11:51] <lunaphyte> i also would not blindly remove saslauthd. since in order to do that properly, you'll need to remove the sasl2-bin package, you will also be removing other things, which may depend on it.[03:12:03] <yashy> saslauthd -- sasl authentication server[03:12:16] <lunaphyte> err, which may have other things that depend on those things.[03:12:21] <yashy> It just says it's an authentication server, no mention of cyrus or dovecot[03:12:29] <pj> yes, true, sometimes saslauthd is a dependancy for other stuff that you need (stupid but true).[03:12:48] <pj> yashy: saslauthd is the cyrus authentication server.[03:13:02] <lunaphyte> well, my point was that sasl2-bin contains other things aside from just saslauthd.[03:13:08] <yashy> so dovecot has it's own tls/ssl authentication built in?[03:13:22] <lunaphyte> now we're talking about tls?[03:13:31] <lunaphyte> i get the feeling you're conflating things.[03:13:34] <pj> yashy: the tls/ssl has nothing to do with the authentication server.[03:13:42] <pj> that is done by postfix[03:13:57] <yashy> ok, thanks for the clarification.[03:16:10] <yashy> removed the sasl stuff from main.cf and email seems to have been sent, sweet :D[03:16:26] <lunaphyte> that's a bit alarming.[03:17:24] <yashy> thanks pj, appreciate the help![03:17:33] <pj> yeah, this could very well mean that you just created an open relay[03:18:03] <lunaphyte> funny. i wonder if he's /ignored me in his client, or if he is simply visually ignoring me.[03:18:21] <yashy> pj: How can I verify? I have my IP in mynetworks.[03:18:28] <pj> heh, who knows, we've been sayign much the same thing to him, just in different workds[03:18:38] <lunaphyte> yup. just another fragile ego.[03:19:02] <pj> yashy: ok, then you're probably just authenticating with your IP[03:19:08] <pj> but you're not passing any sasl auth.[03:19:09] <lunaphyte> can't handle it if he's not coddled and handheld and talked to in just the exact right way he wants.[03:19:16] *** codeshah has joined #postfix[03:20:12] *** BuenGenio has joined #postfix[03:20:56] <lunaphyte> my fault, i suppose. i assumed he wanted help and information, not counseling.[03:21:05] <pj> heh[03:21:26] <yashy> pj: I'm glad you're able to discern the difference between the two tones.[03:21:34] <lunaphyte> haha[03:21:38] <lunaphyte> !tell yashy sweet[03:21:38] <knoba> yashy: "sweet" : http://sweet.nodns4.us/[03:22:04] <yashy> helpful vs trolling[03:22:15] <lunaphyte> condescending too. what a great way to alienate those who you're asking for help.[03:22:50] <pj> yashy: I'm conveniently ignoring the fact that you called lunaphyte a dick earlier. He is normally very helpful and has been no less helpful to you even though you resorted to name calling him for some reason why I do not understand.[03:23:04] <pj> The fact that he uses different language to me is irrelevent.[03:25:18] <jimpop> seems to be a common occurance here.... getting called a dick/etc[03:26:20] <lunaphyte> yeah, we have a lot of people pass through here who can't handle it if they're not talked to like babies and spoon fed.[03:26:43] <lunaphyte> it's okay though. it's good to know that right out of the gate, so things can be handled accordingly.[03:27:14] <lunaphyte> that way we know what to expect for the remainder of their stay.[03:29:59] <jimpop> alternatively perhaps you don't have the stomach for dealing with people needing to be spoon fed.[03:30:28] <lunaphyte> oh, i can stomach it just fine.[03:30:30] <jimpop> it's ok, if that's the case. just might be a stress reliever to move on[03:31:01] <lunaphyte> that's the key though. this is not #commercial_consultant_support[03:31:16] <jimpop> right, it's volunteer[03:31:25] <jimpop> no expections for volunteer work[03:31:26] <thumbs> I know exactly what to do with folks that expect spoon feeding[03:31:26] <jimpop> ;-)[03:32:35] <lunaphyte> i'm here [and so are the vast majority of the others here who regularly help] to help those who have tried already very hard to help themselves. it is an insult to everyone in this channel who help [whether it's ok with them or not] to be treated in such a way as those who come in here because they perceive irc as an alternative to putting any effort in themselves.[03:33:01] <jimpop> true dat[03:33:34] <thumbs> I don't accept lazyness in my channels any more.[03:33:37] <jimpop> it's also cruel to extract tense words against those not sure of their footing[03:33:47] <lunaphyte> i like to ask questions when helping people, rather than spelling things out for them. i find that the knowledge they gain and the realizations that occur tend to be a bit more rewarding and fit in better with their internal structures than simply allowing them to "cheat off of me".[03:34:02] <yashy> pj: trolling is antagonistic and even if it ends up with the solutions you're looking for, it's a lot easier dealing with someone like yourself who prioritize on issue resolution without the additional baiting.[03:34:22] <thumbs> yashy: you have not been trolled.[03:34:52] <lunaphyte> also, it's a great mechanism for exposing those who are like that, since they inevitably get combative and belligerent.[03:35:12] * jimpop breaks out the candles and incense[03:35:42] <jimpop> kum by ya..... :-)[03:36:22] <yashy> thumbs: That were debating it means we have. He's demonstrably a successful troll. I'm not the first, and won't be the last. Back to postfix related discussions from my perspective :D[03:36:27] <yashy> we're[03:36:57] <thumbs> yashy: if you want to call him a troll, we can ensure that you don't get further help here. It's your choice.[03:37:26] <jimpop> yashy: avoid the name calling, it's the safest path[03:39:16] <yashy> jimpop: we all stoop in the heat of the moment, I assure you it's not a regular occurance.[03:40:10] <jimpop> yashy: correct. but when one or the other stoops, it's not best to identify it. move around it[03:42:08] <yashy> jimpop: agreed![03:45:41] <pj> yashy: I really fail to see how he was trolling, through our entire discussion lunaphyte was giving almost the exact same advice that I was, just with different wording. How is that trolling?[03:46:07] <pj> and fact is, regardless of what else he was doing, he *was* trying to help you, and was not asking anything in return.[03:47:07] <pj> ...and also, if I had a dollar for every time I'[03:47:27] <pj> I've seen someone's tone get mis-percieved in IRC chat I would be a rich man.[03:48:05] <lunaphyte> that's really the best part about all of this.[03:48:44] <pj> this is text, there is no "tone" and when you try to apply a "tone" to the text that you see you will usually be wrong.[03:53:09] *** ujjain is now known as ujjain|afk[03:55:55] *** Jaac has quit IRC[04:01:21] *** Jaac has joined #postfix[04:20:27] <Tykling> I just put two shiny new servers in production this evening[04:20:46] <Tykling> just watching the maillog now, almost ready to go to bed[04:21:28] <Tykling> feels almost surreal that I finally got the old server replaced :)[04:24:54] <Tykling> and it went very smoothly, postfix is so pleasant to work with :)[04:25:19] <Tykling> very happy and very tired, I'm off to bed, nn all[04:27:19] *** justdave has quit IRC[04:27:31] *** justdave has joined #postfix[04:28:48] *** Motoko has joined #postfix[04:33:26] *** MatBoy has quit IRC[04:52:44] *** udoprog has quit IRC[04:54:02] *** krzee has quit IRC[05:05:06] *** udoprog has joined #postfix[05:16:16] *** MAAAAD has joined #postfix[05:19:31] *** MAAAAAD has quit IRC[05:51:44] *** yosafbridge has quit IRC[05:51:58] *** yosafbridge has joined #postfix[05:56:43] *** yosafbridge has quit IRC[05:57:48] *** yosafbridge has joined #postfix[06:14:43] *** beginer has joined #postfix[06:38:39] *** hever has joined #postfix[06:42:51] *** hever has quit IRC[07:20:59] *** Slydder has joined #postfix[07:59:12] *** loddafnir has joined #postfix[08:03:24] *** tharkun has quit IRC[08:13:41] *** weedar has joined #postfix[08:19:28] *** gerhard7 has joined #postfix[08:26:32] *** tharkun has joined #postfix[08:47:27] *** UQlev has joined #postfix[08:56:34] *** breaker313 has joined #postfix[08:59:05] *** tarpsocks has quit IRC[09:01:23] *** jfried has joined #postfix[09:03:12] *** udoprog has quit IRC[09:03:26] *** tarpsocks has joined #postfix[09:03:39] *** tarpsocks is now known as Guest54000[09:06:05] *** Alagar has joined #postfix[09:07:44] *** udoprog has joined #postfix[09:09:49] *** bezourox has joined #postfix[09:09:52] *** codeshah has quit IRC[09:13:49] *** jujugre has joined #postfix[09:15:32] *** zorg1 has joined #postfix[09:15:33] *** cyrilz_ has joined #postfix[09:15:36] *** zorg1 has quit IRC[09:15:37] *** cyrilz_ has quit IRC[09:20:06] *** e-anima has joined #postfix[09:20:26] *** Lujeni has joined #postfix[09:34:20] *** |xnay has joined #postfix[09:36:03] *** Motoko has quit IRC[09:37:18] *** kuhkatz has joined #postfix[09:37:18] *** kuhkatz has joined #postfix[09:42:58] *** jfried has quit IRC[09:43:36] *** jfried has joined #postfix[09:44:46] *** brancaleone has joined #postfix[09:51:54] *** brancaleone has quit IRC[09:56:35] *** failure has joined #postfix[09:56:46] *** amir has quit IRC[09:59:05] *** JoKoT3 has joined #postfix[09:59:45] *** UQlev has quit IRC[10:02:18] *** dubphil has joined #postfix[10:03:44] *** e-anima has quit IRC[10:04:06] <dubphil> Hello, I don't know if it is a postfix issue or a procmail issue, since I have put a system wide procmailrc in /etc/procmailrc the owners of the delivered mail in the Maildir of my users are owned by root:mail, any idea where to correct this ?[10:06:15] *** e-anima has joined #postfix[10:07:31] *** dragonheart has quit IRC[10:08:08] <Aprogas> How do you invoke procmail?[10:08:55] <Aprogas> I think a mailbox_command is executed at the recipients uid, but a mailbox_transport or local_transport is not.[10:09:16] *** amir has joined #postfix[10:38:43] *** hever has joined #postfix[10:46:56] *** Timzzzz is now known as Timmooo[10:47:00] *** wdp has joined #postfix[10:47:08] *** wdp has quit IRC[10:47:08] *** wdp has joined #postfix[10:58:01] <|xnay> so I've managed to create a successfull login/pass user with postfix, dovecot and mutt, but I get an error when I try to send a mail saying the mail has been blocked. Is this related to sasl?[11:17:33] *** Timmooo is now known as Timzzzz[11:22:27] <dubphil> Aprogas: sorry had an emergency, I call procmail with postfix mailbox_command[11:23:50] <Aprogas> Maybe the procmail binary is setuid root when it doesn't need to be.[11:23:58] <pj> !tell |xnay welcome[11:23:58] <knoba> |xnay: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[11:24:07] <dubphil> I have this in main.cf : local_transport = local[11:24:30] <dubphil> Aprogas : ok I check this[11:25:43] <|xnay> pj: it's not really helpfull when every response I get to any question is the "!tell" thingie[11:26:19] <|xnay> I've been replied with it at least 4 times, despite my effort to get pointers to wether my ideas to problems are correct or not. I am not looking for people to do it for me[11:26:55] <dubphil> |xnay what says the logs exactly ?[11:26:57] <pj> |xnay: there is important info in the channel /topic for you, you need to follow those directions to get help here.[11:27:41] <pj> and if you don't like answers from factiods I'm sure there are paid consultants that are willing to hold your hand.[11:28:11] <|xnay> I bet there are people on the internet who are not factoids who are willing to help aswell =)[11:28:30] <pj> |xnay: by all means, you are welcome to seek them out.[11:28:42] <|xnay> and the error is "550 5.7.1 :127.0.0.3:Client host*ip* blocked using 88.blocklist.zap[11:28:51] <plee> |xnay, most people here will help you, but we cant read your mind, or look at what's on your screen[11:29:11] <pj> |xnay: I'll give you one more and see if you get the hint...[11:29:17] <pj> !tell |xnay spellitout[11:29:17] <knoba> |xnay: "spellitout" : You've been asked kindly to read /topic, but still don't seem to get it. First, Do Not Paste to the channel, use a pastebin. Please take the output of the command postconf -n and a section of your logs that clearly illustrate your issue and put those to a pastebin. When you ask your question, include the pastebin link[11:29:53] <dubphil> Aprogas: you are right /usr/bin/procmail has this : -rwsr-s-r-x[11:30:24] <|xnay> well, I guess I wont get any help here until I read all the manuals and documentation and whatnot regarding postconf, dovecot, sasl.[11:30:33] <dubphil> I never do this, it looks that is the default ubuntu behavior, can I safely remove the setuid ?[11:30:46] <plee> |xnay, that's not what people are telling you[11:31:02] <pj> |xnay: you won't get help here as long as you refuse to provide the info we are asking you for that we need to determine what your problem is.[11:31:28] <|xnay> people are telling me that for me to tell you what the problem is, I need to know how all of these report their errors, and which parts of them are necessary when I dont really know this from beforehand[11:31:29] *** iamchrisf has quit IRC[11:31:42] <|xnay> *these programs[11:31:58] <dubphil> the error is self explanatory[11:32:04] <|xnay> if I had time, I wouldnt resort to asking people silly low-end questions[11:32:20] <pj> |xnay: you are asked for a section of your logs and the output of a very specific command. How is that difficult?[11:32:28] <plee> |xnay, let me really spell it out for you : On your console, type in : postconf -n and take the output to a pastebin, then do the same with your logs.[11:32:57] <dubphil> what is 88.blocklist.zap ?[11:34:19] *** timo84 has joined #postfix[11:34:38] *** TomHome has joined #postfix[11:34:52] <|xnay> I'm not gonna pastebin the logs for security reasons. Too much for me to edit.[11:35:29] <pj> |xnay: if you are not willing to give us the tools to help you then I'm afraid you will not get the help you need here.[11:35:53] <|xnay> postconf -n is this, btw: http://pastebin.com/7Kdm447d[11:36:34] *** n0sq has quit IRC[11:36:36] <|xnay> pj: that is why I ask if my suspicions make sense, so that I can pursue those trains of thought[11:36:50] <|xnay> its not like I want to do the pastebin back and forth and have you tell me how retarded of a guy I am[11:36:53] <|xnay> :P[11:38:05] <|xnay> also, its work related, so I cant just go around posting anything without knowing the repercussions it might have[11:38:39] <pj> |xnay: it's good that you've finally shown this but we really need to see the logs as well. In fact, I need to see the logs usually before I even can make much from the postconf -n.[11:39:19] <pj> and I'm not sure what is in the logs that you're afraid of showing us.[11:39:39] <dubphil> |xnay you can paste privately and give a timeout to the paste[11:39:56] <pj> dubphil++[11:40:03] <pj> I usually do that myself[11:40:24] <dubphil> pj: you have your own pastebin ?[11:40:31] <pj> no[11:40:43] <pj> I usually just use pastebin.com[11:40:58] <pj> but it's not really important which pastebin you use[11:41:27] <dubphil> so what are you doing yourself then ?[11:41:42] <pj> dubphil: what you just advised.[11:41:50] <dubphil> ah ok[11:42:00] <pj> I do that, set the paste as private and give it a timeout.[11:42:16] <|xnay> I'll take the log and edit whatever I think might not be OK for me to show.[11:42:22] <pj> ok[11:42:41] <pj> |xnay: this may help, as we don't want the entire log...[11:42:51] <pj> !tell |xnay relevant_logs[11:42:51] <knoba> |xnay: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[11:43:15] <pj> |xnay: so I want to see all log messages from *one* email.[11:43:35] <pj> and that shouldn't be too much to edit, though I prefer that you do not munge anymore than is strictly necessary.[11:50:32] *** n0sq has joined #postfix[11:54:43] <|xnay> http://pastebin.com/qGTQdkfy[11:55:57] <pj> |xnay: those are copies of emails, not log entries[11:56:12] <pj> !tell |xnay log[11:56:12] <knoba> pj: Error: No factoid matches that key.[11:56:14] <pj> !tell |xnay logs[11:56:14] <knoba> |xnay: "logs" : postfix logs to the mail facility of syslog. Something like grep -i `postconf -h syslog_facility` /etc/syslog.conf should tell you where logs are going. also see !no_logs and !have2mung[11:56:31] <pj> |xnay: this is how to find your postfix logs ^^^^^^^^^^^[11:57:49] <|xnay> well, I dont have an /etc/syslog.conf[11:58:34] <pj> |xnay: what linux distro are you running?[11:58:40] <|xnay> DEBIAN 5.0[11:58:45] <|xnay> oops, sorry[11:58:46] <|xnay> caps[11:59:37] <pj> |xnay: debian usually logs to /var/log/mail.log[12:00:22] <|xnay> however, my initial question was regarding those logs, about the blocksite[12:00:29] <|xnay> or mails, if you will.[12:01:07] <pj> right, well, to say for sure what is happening I need to see a bit more info, but it looks to me like the remote server is blocking your mail server's IP address.[12:01:54] <pj> I can't give yo details because you've munged too much out and because I can tell a lot better from your postfix logs than from the contents of those emails.[12:02:02] <|xnay> considering the fact that I have not yet installed the SSL, could that be the reason?[12:02:21] <pj> the message you are getting specifically says it doesn't like your IP address.[12:02:49] <pj> host *[*] said: 550 5.7.1 :127.0.0.3:Client host * blocked using 88.blocklist.zap; Mail from IP banned.[12:03:27] <pj> you've masked out essential details that could allow me to help you further, though.[12:03:38] <|xnay> yeah, I am in the process of getting the logs you want[12:04:32] <|xnay> is there a command for copying an entire logfile in nano? or is vi better?[12:04:32] <pj> also, that error message goes on to tell you exactly what you need to do.[12:04:50] <pj> |xnay: less is fine[12:05:01] <pj> you don't need to edit the log file[12:06:10] <pj> |xnay: I'll give you the short answer...[12:06:29] <|xnay> pm'ed unedited[12:06:34] <pj> To request removal from this list please forward this message to delist.forefront at messaging dot microsoft.com[12:07:41] <|xnay> can I reply to it using mutt?[12:08:00] <pj> I dont' know, I don't use mutt[12:08:07] <|xnay> alrighty[12:08:14] <pj> I imagine you can, but it specifically says, "forward".[12:08:31] <|xnay> yes, reply. Thats what I meant, ofcourse.[12:08:34] <|xnay> lol[12:08:35] <|xnay> FORWARD[12:08:38] <|xnay> damn brain[12:08:41] <pj> uh huh[12:19:06] *** Aprogas has quit IRC[12:20:19] *** udoprog has quit IRC[12:21:35] *** mu574n9 has joined #postfix[12:28:01] *** Aprogas has joined #postfix[12:34:47] *** brancaleone has joined #postfix[12:44:58] *** mu574n9 has quit IRC[12:46:08] *** mu574n9 has joined #postfix[12:54:59] <failure> !tell failure retry[12:54:59] <knoba> failure: Error: No factoid matches that key.[12:55:42] *** BuenGenio has quit IRC[13:00:22] *** zver has joined #postfix[13:00:28] *** Ixnay has quit IRC[13:00:51] *** Ixnay has joined #postfix[13:07:09] <zver> Hello! Can you help me? I have interesting issue with my postfix. I wrote with details on http://dpaste.com/548222/ Thank you for your attention.[13:10:26] <failure> zver: whats your load ?[13:10:53] <zver> failure: small..[13:11:42] <failure> strange[13:12:43] <zver> failure: I have LA about 4-5. but It's server with 16 cores and 80Gb ram[13:13:13] <failure> do you have alot of disk io ?[13:13:40] <failure> is 4-5 in load only wait ?[13:14:02] <zver> failure: No, disk utilization is 3%[13:14:13] <zver> failure: 4-5 is Load average.[13:14:26] <zver> I have other services on this server too.[13:14:43] <Aprogas> Is mail.ru an external mailserver, i.e. one that is not run by you[13:15:22] <failure> 250-mx14.mail.ru ready to serve <-- i cant connect to that on port 25[13:15:23] <zver> Aprogas: yes, mail.ru is external server. I have many mails for this domain.[13:15:31] <Aprogas> They may be tarpitting you.[13:15:57] <Aprogas> Or they just have a very slow before-queue content filter.[13:15:58] <zver> failure: try 94.100.176.20[13:16:17] <zver> Aprogas: I thing about tarpitting too...[13:16:29] <Aprogas> Make sure you are not sending spam to them.[13:16:34] <zver> mail.ru is biggest mail-service in our country[13:16:39] <failure> data[13:16:39] <failure> 354 Go ahead[13:16:39] <failure> test[13:16:39] <failure> .[13:16:40] <failure> 550 spam message discarded.[13:16:53] <failure> did get respons fast[13:17:02] <Aprogas> And lookup if they have any postmaster-guidelines.[13:17:20] <Aprogas> If you send large volumes of mail to big mail providers, you need to follow their guidelines.[13:17:25] <sysmonk> mail.ru is one of those hotmail like mail services which suck a lot[13:17:44] *** Slydder has left #postfix[13:17:49] <Aprogas> I suppose in some cases speed of delivery may even go up by lowering concurrency and recipient limits.[13:18:03] <dubphil> Aprogas: thanks it was the setuid bit set to procmail binary, what is the use to set this setuid bit ? I have remove it, it is safe then ?[13:18:26] <Aprogas> dubphil: In my opinion it is unsafe to keep the setuid bit, and definitely safe to remove it.[13:18:53] <Aprogas> If you invoke procmail via local(8) by mailbox_command, local(8) will run as root and invoke the mailbox_command at the privs of the uid of the recipient[13:18:53] <dubphil> why damn ubuntu set this by default...[13:19:12] <Aprogas> But if you invoke procmail via another scheme, the setuid bit is needed to deliver to user mailboxes.[13:19:27] <Aprogas> Personally I have much more faith in Postfix local(8) than procmail when it comes to quality of code and security.[13:19:46] <rob0> Right. The better question is "why use procmail at all?"[13:19:58] <failure> :P[13:20:28] <dubphil> rob0: to filter the spam[13:20:52] <dubphil> in the right imap folder[13:21:33] <Aprogas> zver: You seem to be using a higher-than-default smtp_destination_concurrency_limit; this *may* be cause for mail.ru to tarpit you.[13:21:57] <dubphil> in fact I never search if it is possible to do it with postfix alone[13:22:14] <zver> Aprogas: ok, thank you[13:22:22] <zver> failure: thank you too :)[13:22:28] <Aprogas> dubphil: Have a look at sieve and/or maildrop.[13:22:29] *** brancaleone has quit IRC[13:22:49] <Aprogas> procmail works but has its downsides[13:22:53] <rob0> Most spam should be rejected by postscreen(8) or smtpd(8). Amavisd-new for content filtering after queue can do +spam address tagging, so procmail is not needed.[13:23:21] <Aprogas> I still use procmail, but only because I haven't converted to sieve yet, because I am lazy, and my current setup works.[13:27:20] <failure> zver: :)[13:32:49] <rob0> All my delivery sorting is done by means of recipient_delimiter, so .forward+extension works well. And I don't need content filtering for spam.[13:34:05] <dubphil> rob0: you want your spam to fall in your main folder ?[13:37:02] <rob0> huh? I get very little. "JHD". As I said, postscreen(8) blocks almost all of it.[13:37:45] <dubphil> what does mean the (8) each time you refer to a postfix agent ?[13:38:00] <rob0> Manual section 8[13:38:09] <dubphil> ok[13:38:33] <dubphil> no fear of false positives ?[13:39:06] <Aprogas> False positives aren't that bad if the reject-reason is clear, and you offer an alternate means of contact.[13:39:27] <Aprogas> Most spammers don't send to postmaster@ and abuse@ anymore, so you can exempt those addresses from your spamfilter.[13:39:36] <rob0> My postscreen restrictions are safe. Relying on content filtering is not safe.[13:40:03] <rob0> err, postscreen "rules" and smtpd "restrictions".[13:40:47] <dubphil> is there a sort of howto configure postscreen, it looks nice ;))[13:40:51] <Aprogas> Kan postscreen run in front of exim?[13:40:58] <Aprogas> s/Kan/Can/[13:41:04] <rob0> Also, a new feature is smtpd_reject_footer, which allows you to give a sender a message[13:41:17] <rob0> !postscreen[13:41:17] <knoba> rob0: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[13:41:49] <rob0> and in a few days I will have a link to my talk about it[13:42:31] <Aprogas> rob0: Do you mean with a continued line like "550-foo\n550-bar\n550 blep"[13:43:00] *** kuhkatz has quit IRC[13:43:51] <rob0> in the meantime, http://postfix.nodns4.us/~rob0/postscreen.html[13:44:59] <rob0> Aprogas: smtpd or postscreen does the line wrapping I think[13:45:09] *** |xnay has quit IRC[13:45:20] <rob0> all you do is give it the string to use[13:45:23] <dubphil> rob0: you must keep updated the dnsbl lists isn't it ?[13:46:04] <Aprogas> Review your choice of DNSBLs once a year or so.[13:46:07] <rob0> indeed, but I'm happy with my choices[13:46:32] <dubphil> what are the criterias ?[13:47:23] <sysmonk> you look at how much 'likes' does it have[13:48:00] <rob0> I have written up that part already.[13:48:14] <dubphil> sysmonk: where do I check this ?[13:48:26] <sysmonk> um, facebook?[13:48:29] <sysmonk> :)[13:48:48] <dubphil> sysmonk: arf i'm an asocial :)[13:49:10] <Aprogas> http://www.intra2net.com/en/support/antispam/index.php_sort=accuracy_order=desc.html[13:49:13] <dubphil> unsocial in english[13:49:24] *** zver has quit IRC[13:49:36] <wdp> joar[13:49:41] <wdp> die asozialen eben[13:49:43] <wdp> :D[13:49:48] <wdp> denglisch[13:55:41] *** kuhkatz has joined #postfix[13:55:41] *** kuhkatz has joined #postfix[13:56:12] *** mu574n9 has quit IRC[13:58:19] *** mu574n9 has joined #postfix[14:12:14] *** Cain` has joined #postfix[14:13:59] *** Cain has quit IRC[14:13:59] *** Cain` is now known as Cain[14:15:49] *** mu574n9 has quit IRC[14:23:24] *** TomHome has quit IRC[14:26:20] *** dubphil has quit IRC[14:26:40] *** beginer has quit IRC[14:34:15] *** creis has joined #postfix[14:41:06] <sep> is it possible to get postfix to check dns MX records _before_ attempting local delivery. ?[14:45:08] <madduck_> why would our mailserver discard/reject .MOV attachments?[14:45:21] <madduck_> sep: what are you trying to do?[14:48:17] <sep> madduck_, have a server that are both incoming (smtp mx) and outgoing (smtp auth), for many domains. it's from a isp we adopted. and it's become a problem that some domains are moved away, without the admins knowing about it. so it still deliver locally mail sent by smtp auth users for domains that it still thinks is local. if i could make it check mx before local delivery i could buy myself some days to do the cleanup of the domains moved away, and configu[14:48:18] <sep> re separate server for MX incoming mail.[14:50:11] <madduck_> I think I am understanding you. I do not think this is possible with postfix by itself[14:50:59] <sep> feared that, when i could find nothing about it in docs or google[14:51:05] <madduck_> but it might be trivial to write a checker script that runs from cron and pesters the admin. ;)[14:52:07] <sep> humm now that was an idea[15:09:33] *** ujjain|afk is now known as ujjain[15:10:05] *** zerobravo76 has joined #postfix[15:12:08] *** eshat has joined #postfix[15:12:40] <rob0> sep, someone posted about that on postfix-users just 2 days ago. The key is to have a separate MSA and MTA. Your MSA looks up MX for everything, delivers nothing locally/virtually.[15:13:18] <eshat> Hi all, I've got a lot of rejected messages when checking pflogsumm, is there a better way to analyse this?[15:14:27] <eshat> mailgraph is configured so I see, that there is a high amount of rejected mails in a specific time, I think there are some loops involved[15:15:37] <eshat> I hope this is the support channel[15:17:07] <Aprogas> rob0: Is an empty mydestination a good idea on such a MSA?[15:18:25] <sep> rob0, that's my plan.[15:19:29] <pj> sep: there was just a discussion about this on the mailing list.[15:19:32] <pj> check the archives.[15:19:40] <sep> thanks[15:19:48] <f3ew> eshat, logs are human readable[15:19:58] <f3ew> Aprogas, yes[15:20:26] <f3ew> sep, local configs will always override remote ones[15:21:36] *** pj has quit IRC[15:21:46] *** BuenGenio has joined #postfix[15:26:18] <rob0> Aprogas, if it was a different instance on the same machine, I would do that. If a separate [virtual] machine, I'd set it up for mydestination=$myhostname, where myhostname is a name under my control.[15:26:48] *** Section1 has joined #postfix[15:27:16] <Aprogas> For postmaster@ and abuse@ and some other critical accounts for the MSA itself?[15:30:00] <rob0> and cron, sure[15:34:14] <jujugre> Hi there, is there a list available with all most used RBL?[15:34:24] *** gerhard7 has quit IRC[15:35:22] <Aprogas> http://www.sdsc.edu/~jeff/spam/cbc.html http://www.intra2net.com/en/support/antispam/index.php_sort=accuracy_order=desc.html[15:35:36] <Aprogas> Those are statistics of number of entries in the blacklists and accuracy, but not usage statistics.[15:37:00] *** hparker has joined #postfix[15:37:07] *** hparker has joined #postfix[15:38:19] <jujugre> Aprogas: Thank you, I'm looking for some list to add to my conf, which one do you use?[15:39:09] <rob0> http://postfix.nodns4.us/~rob0/postscreen.html is what I use, but: 1) it's rather conservative, so you might want to be more aggressive; and 2) it doesn't include a writeup about each selection and why it was scored that way.[15:39:24] *** hever has quit IRC[15:46:37] <zerobravo76> hi all[15:47:11] <zerobravo76> I have a problem with postfix, my question on one forums: http://tinyurl.com/4yms5zw[15:47:32] <zerobravo76> can anyone help?[15:49:03] <jimpop> that tiny url links to http://178.162.185.243/image/?di=151306763329[15:50:45] <jimpop> add a 14 on to the end of that[15:51:24] * jimpop wonders why a bot doesn't auto expand funky urls here[15:51:28] <zerobravo76> tnx :)[15:51:54] <zerobravo76> http://178.162.185.243 is my private picture share server[15:52:11] <jimpop> please use a public one[15:52:16] <zerobravo76> ok[15:52:30] <jimpop> no one here wants to visit your private forum nor see all your private pictures[15:53:02] <jimpop> least of all, being tracked by your private server.....[15:53:36] <zerobravo76> true[15:53:41] <zerobravo76> my mistake, sorry[15:54:15] <zerobravo76> here is from tinypic http://i51.tinypic.com/2zqg4uq.jpg[16:00:33] <lunaphyte> !tell zerobravo76 welcome[16:00:33] <knoba> zerobravo76: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[16:01:27] *** geek_cl has joined #postfix[16:03:43] *** UQlev has joined #postfix[16:04:04] *** eshat has quit IRC[16:05:39] *** RoUS has joined #postfix[16:06:56] <RoUS> greetings. can someone point me to a page describing how to have some users receive mail in mbox format and others in maildir? so far all i've found makes it look like it's all or nothing..[16:07:17] <lunaphyte> delivery using local or virtual?[16:07:43] <lunaphyte> [and more importantly, why do you want to do this?][16:07:52] *** brancaleone has joined #postfix[16:07:59] <rob0> Delivery is not the problem (in either case.) Mailbox access / IMAP is the problem.[16:08:08] <rob0> !maildir[16:08:08] <knoba> rob0: "maildir" : a mailbox format introduced by qmail where emails are saved as individual files in a directory structure rather than into a single flat text file. Postfix settings like !home_mailbox and !virtual_mailbox_maps will allow delivery to maildir if the path value returned ends in /[16:08:57] <RoUS> not sure how to answer the first question.[16:09:25] <rob0> For local(8), use a .forward file to override the default as desired. For virtual(8), simply alter the path returned in virtual_mailbox_maps.[16:09:48] <lunaphyte> if you provide the information as requested in the channel /topic, you will be providing the answer.[16:09:54] <RoUS> for the second, because i'm importing an imap user who's already set up in maildir[16:10:25] <rob0> so if you want mbox, just migrate that maildir to mbox[16:11:02] <RoUS> rob0: except i *don't* want mbox. there are about 8 GiB of messages involved. :-([16:11:09] <Aprogas> Seems there is no home_mailbox_maps[16:12:08] <rob0> so if you want maildir, migrate the mbox mailboxes to maildir[16:12:14] <RoUS> i'm a casual postfix user; i don't mess with it enough to have all its details in my memory.[16:13:03] <rob0> Maybe if we had a /topic, it could tell you what information to provide.[16:13:09] *** brancaleone has quit IRC[16:13:16] <Aprogas> rob0/lunaphyte: Do you think a feature request for home_mailbox_maps has any chance of being implemented?[16:13:23] <RoUS> rob0: so it really is all or nothing, then. what i hoped for was to be able to set up this one user in maildir format.[16:13:45] <rob0> Aprogas, I don't see the need; as I said, there's .forward for local.[16:13:57] <lunaphyte> RoUS: even if you did, then what? how would your imap server deal with it?[16:13:59] <Aprogas> Yes there is, but it is a bit indirect.[16:14:01] <rob0> RoUS, I already answered you.[16:14:06] <RoUS> rob0: i get the point about the topic. since i'm not trying to troubleshoot a problem, but asking a howto, i didn't think it necessary.[16:14:13] <rob0> 14:10 < rob0> Delivery is not the problem (in either case.) Mailbox access / IMAP is the problem.[16:14:28] <rob0> 14:11 < rob0> For local(8), use a .forward file to override the default as desired. For virtual(8), simply alter the path returned in virtual_mailbox_maps.[16:14:53] <lunaphyte> it sure sounds like you're trying to troubleshoot a problem to me.[16:15:16] <lunaphyte> Aprogas: home_mailbox_maps would also be a bit contradictory.[16:15:29] <RoUS> rob0: i don't think it is. my existing pop users are having no trouble. i brought over the maildir and it can be accessed via dovecot. so i think the clients are fine wrt access.[16:15:44] <RoUS> postfix isn't handling this guy's mail yet.[16:16:13] <rob0> Dovecot will only do maildir OR mbox, with a few complex exceptions.[16:16:29] <RoUS> rob0: and the 'alter the path' suggestion sounds like my fix.[16:17:04] <RoUS> rob0: dovecot is currently doing only maildir, so that's not an issue. only for this user. all my other users are pop3.[16:18:35] *** gerhard7 has joined #postfix[16:18:53] <rob0> zerobravo76, if we were to go looking at your picture, what would it show us? Is there a reason why you can't put the information in a text pastebin?[16:19:54] <RoUS> so i will pursue that. i apologise for being too much of a postfix neophyte to ask my question intelligently. and i wish there were a trifle less snark, but you get what you pay for. cheers![16:20:29] *** RoUS has left #postfix[16:26:15] *** wdp has quit IRC[16:27:39] *** amir has quit IRC[16:29:06] *** dscastro has joined #postfix[16:29:12] *** dscastro has left #postfix[16:31:51] *** amir has joined #postfix[16:37:07] *** hever has joined #postfix[16:45:47] *** sphenxes has quit IRC[16:48:22] *** brancaleone has joined #postfix[16:50:11] <zerobravo76> rob0 I can, pic is only screenshoot from one forum, that I don't write again[16:51:11] <jimpop> rob0: i looked at the public pic, it's std config stuff and some text questions at the bottom[16:51:23] <zerobravo76> http://pastebin.com/QfG3KM2c[16:51:36] <lunaphyte> ah, there we go.[16:52:10] <lunaphyte> but sadly, it seems he didn't read the welcome factoid i shared with him, nor the channel /topic.[16:52:33] <rob0> !unknown_virtual[16:52:33] <knoba> rob0: "unknown_virtual" : \"User unknown in virtual $X table\" means that the recipient domain was found in $virtual_$X_domains but the username@domain was not found in $virtual_$X_maps. ("$X" can be either alias or mailbox .)[16:52:45] <jimpop> heh, always trolling... ;-)[16:52:53] <lunaphyte> yup, that's me.[16:53:11] <jimpop> you should have your own meme :-)[16:53:28] <rob0> why "smtpd_delay_reject = yes"? Bad idea.[16:53:40] <rob0> !mung[16:53:40] <knoba> rob0: "mung" : Mash Until No Good : the art of obfuscating data which ultimately results in unintentional consequences such as making diagnostics impossible.[16:54:03] <rob0> ^^ another bad idea to mung domain names when you are having routing problems.[16:55:21] <rob0> /etc/mailname is a Debian patch. It is:[16:55:25] <rob0> !myorigin[16:55:25] <knoba> rob0: "myorigin" : a configuration parameter in the main.cf: The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default $myhostname, which is fine for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) set up a domain-wide alias database that aliases each user to user at that dot users.mailhost.[16:55:34] <rob0> not relevant, most likely.[16:55:46] *** geek_cl has quit IRC[16:57:52] <rob0> oh, it IS relevant, because you're making the mistake of using unqualified addresses in your virtual_alias_maps[16:58:56] *** BuenGenio has quit IRC[16:59:30] <rob0> if you want local delivery use "user@localhost" rather than just "user" in virtual_alias_maps. Also add "localhost.$mydomain" to mydestination. Finally, review this:[16:59:33] <rob0> !basic[16:59:33] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[16:59:35] *** fraff has joined #postfix[17:00:00] <fraff> !routing[17:00:00] <knoba> fraff: Error: "routing" is not a valid command.[17:01:57] <fraff> hi all (except bots), can someone point me to documentation about header routing ? (header already added with PREPREND)[17:03:47] *** sphenxes has joined #postfix[17:07:46] *** geek_cl has joined #postfix[17:11:12] <rob0> Headers do not control routing.[17:12:31] <fraff> are you a (very slow) bot ? :)[17:13:03] <fraff> can't /regexp/ FILTER smtp:host feature control routing[17:13:05] <fraff> ?[17:14:20] *** geek_cl has quit IRC[17:15:03] <rob0> To some extent, with a few gotchas, such as with multi-recipient mail, yes. Doesn't sound like a good idea to me.[17:15:06] <rob0> !goal[17:15:06] <knoba> rob0: "goal" : describe your goal, not what you think the solution is[17:16:13] <f3ew> fraff what are you trying to achieve[17:16:28] <f3ew> You could use a check_header_access with a FILTER[17:16:37] <rob0> huh?[17:16:41] *** kaos__ has quit IRC[17:16:48] <f3ew> err, header_checks[17:17:04] * f3ew uses that to control what goes to a content_filter[17:17:15] <fraff> we have 2 compagnies, the "main" and "new", when the new send mails to the "main", it goes trought MXs then, antispam machine (spambrobe, slow) then exchange[17:17:40] <fraff> I try to add a route for mails from "new" to go directly in exchange[17:18:06] <f3ew> why not use transport_maps for mail going to "main"?[17:18:14] <fraff> adding an header on "new" postfix sounds a good idea to me, it may not be as you said[17:19:29] <fraff> f3ew: source routing ?[17:19:50] *** brancaleone has quit IRC[17:21:11] <fraff> I need source routing, what is not from "new" must go through antispam[17:23:25] *** breaker313 has quit IRC[17:26:25] <rob0> So maybe separate your MSA from MX. That could be done in different instances.[17:28:15] <fraff> !msa[17:28:15] <knoba> fraff: "msa" : Message Submission Agent : a process which accepts message submissions from MUAs on port 587 known as 'message submission service' using the 'message submission protocol' defined by rfc4409. To enable message submission service in postfix uncomment the relevant lines in master.cf. also see !submission.[17:29:21] *** Maliel has joined #postfix[17:29:36] *** Maliell has quit IRC[17:30:04] <rob0> Bypassing content filtering for submission mail is risky, because if one of your users has a virus, content filtering may be the only way to stop it.[17:30:26] *** geek_cl has joined #postfix[17:33:52] *** Maliel has quit IRC[17:34:47] *** Maliel has joined #postfix[17:36:03] *** BuenGenio has joined #postfix[17:40:14] *** BuenGenio_ has joined #postfix[17:40:28] *** zerobravo76 has quit IRC[17:42:31] <UQlev> rob0: I have not seen alive viruses for 6-7 years :) it is not in fassion nowadays[17:42:57] *** BuenGenio has quit IRC[17:43:29] <UQlev> most of infections via websites[17:44:53] *** zerobravo76 has joined #postfix[17:44:55] <fraff> UQlev: there are 400 users on my LAN, I got loads of viruses trapped by squid but also loads trapped by clamsmtpd[17:46:18] <UQlev> fraff: lucky you, I have a way fewer users and my clamd.log is clean for many years[17:48:29] <fraff> I have a "syslog screen" next to me and some /usr/bin/logger un clamd.conf, this is kind of fun[17:48:39] <fraff> s/un/in/[17:50:30] *** Lujeni has quit IRC[17:50:54] *** tharkun has quit IRC[17:50:54] *** tharkun has joined #postfix[17:58:04] *** Lujeni has joined #postfix[18:08:07] *** kuhkatz has quit IRC[18:10:20] *** shal3r has joined #postfix[18:11:54] *** BuenGenio_ has quit IRC[18:18:36] *** gratnam11 has joined #postfix[18:18:56] <gratnam11> can someone help me migrate from qmail to postfix[18:19:43] <f3ew> gratnam11, install postfix, configure Postfix, stop qmail, start postfix[18:19:57] <UQlev> :)[18:20:02] <gratnam11> i want to keep all my old mails[18:20:11] <gratnam11> on the server[18:20:33] <gratnam11> thats pop3 that handles that isn't it?[18:20:35] <jimpop> postfix only delivers email, it doesn't keep email[18:20:55] <gratnam11> okay so i need to move from vpopmail to dovecot[18:21:03] <gratnam11> anyone one done it before?[18:21:19] <UQlev> gratnam11: I have done it[18:21:55] <f3ew> gratnam11, do one thing at a time[18:23:33] *** brancaleone has joined #postfix[18:25:59] <UQlev> gratnam11: I did qmail+vpopmail+courier-imap -> qmail+vpopmail+dovecot > postfix+dovecot[18:28:03] *** codeshah has joined #postfix[18:28:41] *** fraff is now known as fraff_[18:28:55] <UQlev> gratnam11: but you can install from the beginning postfix+dovecot and copy all your messages to new maildirs[18:29:03] *** BuenGenio has joined #postfix[18:31:09] <UQlev> gratnam11: but if you will keep on using mailblasters with postfix you will get the same problem like with your qmail[18:31:22] <gratnam11> yeah i know[18:31:57] <gratnam11> i want to set up a second mail server for redundancy[18:32:44] <UQlev> gratnam11: on the same IP?[18:32:52] *** mu574n9 has joined #postfix[18:33:00] *** jujugre has left #postfix[18:33:14] <gratnam11> no differnt ip same hostname[18:33:20] <gratnam11> would that work?[18:33:20] *** BuenGenio has quit IRC[18:33:43] <UQlev> gratnam11: do you have static IP?[18:33:46] <gratnam11> yes[18:35:11] *** codeshah has quit IRC[18:35:55] <gratnam11> but i want it both the servers to be able the have access to all the mails incase primary one goes down[18:36:00] <gratnam11> whats the best way to do this[18:36:33] <gratnam11> scp the mails?[18:36:50] <UQlev> gratnam11: how many accounts do you handle?[18:41:16] <gratnam11> like 40 domains[18:41:36] <gratnam11> i don't know the exact number of accounts[18:41:47] <gratnam11> but not too high though[18:42:00] *** weedar has joined #postfix[18:42:00] <gratnam11> maybe like 300 to 400 accounts[18:44:05] *** brancaleone has quit IRC[18:44:13] *** mu574n9 has quit IRC[18:45:30] *** davlefou has joined #postfix[18:45:51] <gratnam11> how do i copy all the account information to postfix?[18:46:14] *** mu574n9 has joined #postfix[18:46:14] <gratnam11> or is this something that needs to be done manualy[18:46:50] <UQlev> gratnam11: I guess you will need sql for it[18:47:18] <gratnam11> qmail is not using sql right now[18:47:38] <UQlev> not sure if there any importing tools from vpopmail to mysql[18:47:52] <gratnam11> let me do a search on google[18:48:27] <Aprogas> Are we talking about a backup MX or a backup IMAP?[18:48:43] <UQlev> gratnam11: you may keep using dovecot+vpopmail with postfix if you wish[18:49:02] <gratnam11> oh even better[18:49:13] <gratnam11> so just keep using postfix with vpopmail[18:49:19] <gratnam11> i didn't know you can do that[18:49:23] <UQlev> dovecot may authenticate against vpopmail[18:49:28] <gratnam11> i am new to this system admin stuff[18:49:33] <gratnam11> i see[19:00:02] *** david__ has joined #postfix[19:02:08] *** UQlev has quit IRC[19:03:04] *** kuhkatz has joined #postfix[19:03:04] *** kuhkatz has joined #postfix[19:04:00] *** davlefou has quit IRC[19:19:07] *** slune has joined #postfix[19:19:35] *** davlefou has joined #postfix[19:22:04] *** timo84 has quit IRC[19:23:33] *** david__ has quit IRC[19:25:29] *** menageapost has joined #postfix[19:26:28] *** Ixnay has quit IRC[19:27:34] *** menageapost has quit IRC[19:27:59] *** menageapost has joined #postfix[19:31:13] <menageapost> Hi, I have a question :)[19:32:06] *** Ixnay has joined #postfix[19:32:18] <tharkun> Oh god not again. WE DO NOT KNOW IF THERE IS LIFE ON OUTERSPACE.[19:32:36] *** Guest54000 is now known as tarpsocks[19:32:47] *** tarpsocks has quit IRC[19:32:47] *** tarpsocks has joined #postfix[19:32:52] <menageapost> I am trying to get postmulti to work (there is life on outerspace... there is no life on earth)[19:33:05] <menageapost> and I got it to work... except for tls and sasl[19:34:28] <menageapost> I have it working on the prime instance... and I copied the various sasl and tls items over to the new conf... .copied the directories over to /var/spool/postfix-outerspace[19:34:57] <menageapost> but it isnt working.... although the ehlo gives me starttls it doesnt give me auth plain[19:36:02] <menageapost> my setup is from the linode setting up ubuntu dovecot and postfix weith system accounts (uses dovecot for sasl authd)[19:37:17] *** BuenGenio has joined #postfix[19:38:40] *** brancaleone has joined #postfix[19:39:05] *** david__ has joined #postfix[19:43:00] *** davlefou has quit IRC[19:44:31] <menageapost> Gentlemen and ladies this is driving me nuts[19:44:53] *** Sieg has quit IRC[19:45:09] <menageapost> is this something with the chroot? has anyone got a postmulti working with authentication?[19:45:12] *** Sieg has joined #postfix[19:45:14] *** tarpsocks is now known as tarpdocks[19:52:52] *** weedar has quit IRC[19:55:44] <lunaphyte> why do you think you need postmulti?[19:55:53] <lunaphyte> !tell menageapost goal[19:55:53] <knoba> menageapost: "goal" : describe your goal, not what you think the solution is[19:57:02] <menageapost> the goal is multiple domains/multiple ips/single host.... (well actually 1 domain 1 ip (multiple times))[19:58:29] <lunaphyte> no need in any way for postmulti to do that.[19:58:37] *** davlefou has joined #postfix[20:00:19] <menageapost> really even with multiple certs? I looked at binding the ip in master.cf and that worked great coming in, but I couldnt get it to go out the same ip[20:01:02] <menageapost> btw.. I have been in unix a long time... but I have spent most of it avoiding email... hahaha[20:01:24] <lunaphyte> correct - even with multiple certs.[20:02:04] *** gratnam11 has quit IRC[20:02:23] <menageapost> ok...what should I do? :)[20:02:38] *** david__ has quit IRC[20:02:41] <lunaphyte> you've read the channel topic?[20:04:10] <menageapost> i.e. this -> The Postfix MTA || See !debug and provide a pastebin URL of relevant logs and "postconf -n" output before asking questions / check your logs / know your unix basics || On using IRC: http://workaround.org/getting-help-on-irc || Bot info: http://workaround.org/f=postfix || Channel log: http://echelog.matzon.dk/?postfix[20:04:28] *** gratnam11 has joined #postfix[20:04:55] <lunaphyte> yup.[20:05:20] <lunaphyte> so once you provide the requested details, we can go from there.[20:05:40] <lunaphyte> pick one specific thing that is not working as you like, and we'll focus on one item at a time.[20:06:34] <Aprogas> Tip: expand on "but I couldnt get it to go out the same ip[20:07:57] <menageapost> ok... My latest stuff has been focusing on postmulti since... I read somewhere somehow that it was a good idea.... in order to do that... I need to rebuild my server... which I am more than glad to do...[20:08:09] <menageapost> but it will be about 20 or 30 minutes[20:09:34] <menageapost> If that is what you guys recommend (i.e. doing it without postmulti) I will be back in an hour or so[20:10:40] <menageapost> And, thanks.. if I had any hair to pull out ... it would have been long gone![20:13:26] <Aprogas> Tip: put your postfix configuration into a source repository (for this purpose I recommend git) so you can easily go back to an earlier state.[20:14:25] <menageapost> ooooo great point! Ok, be back soon. thanks[20:15:21] *** hparker has quit IRC[20:19:13] *** david__ has joined #postfix[20:22:52] *** davlefou has quit IRC[20:29:31] *** wdp has joined #postfix[20:29:31] *** wdp has joined #postfix[20:32:24] <jimpop> rob0: still around?[20:33:17] <jimpop> rob0: seeing "No route to host" from sdlu to you[20:37:02] *** david__ has quit IRC[20:39:44] * lunaphyte wonders why not using postmulti would require a server be rebuilt[20:39:45] *** david__ has joined #postfix[20:42:38] *** Franklin has joined #postfix[20:45:43] *** BuenGenio has quit IRC[20:48:25] <menageapost> because it is easier for me to start witha clean slate :) and fairly quick[20:48:47] <menageapost> I did a lot a messin' where I shouldn'a been messin'[20:49:15] <wdp> errm[20:49:26] <menageapost> and it is a testserver with nothing on it... so no biggie[20:49:29] <wdp> how do you guys handle spam in form of mailer daemons[20:49:34] <wdp> which come to postmaster@[20:50:15] <Aprogas> Don't set postmaster@ as envelope-from on outgoing mails.[20:50:20] <wdp> i didnt.[20:50:27] <wdp> some spammer took it.[20:50:35] <wdp> and used it in some web mail thingy or something.[20:50:54] <wdp> From: "ambros warren" <postmaster at xxxx dot >[20:50:54] <wdp> To: "israel cary" <azulcuidados at citynet dot net.ar>[20:50:55] <Aprogas> I have no strategy for that, my strategy for keeping postmaster@ spam-free is just hoping.[20:51:13] <Aprogas> rfc822-from is not necessarily envelope-from[20:51:16] <wdp> i never sent such a mail, tho i get a mailer daemon.[20:51:26] <wdp> from a lot of spanish providers.[20:51:29] <jimpop> it happens all the time[20:51:36] <wdp> nothing you can do about that?[20:51:39] <Aprogas> You can perhaps mitigate this problem somewhat by setting up SPF and/or DKIM, so that other mailservers will detect the postmaster address as falsified.[20:51:41] <jimpop> filter it out[20:51:53] <wdp> i thought abuse@ and postmaster@ shouldnt be filtered.[20:52:06] <jimpop> correct. but then you get spam[20:52:14] <wdp> oh. i can get the logic.[20:52:16] <wdp> :p[20:52:16] <jimpop> so if you don't want spam, filter it out[20:52:17] <jimpop> ;-)[20:52:27] <wdp> mhm.[20:52:32] <wdp> just funny. never recieved anything there[20:52:37] <wdp> and now got 10 mailer daemons at once.[20:52:47] <jimpop> fwiw, i filter role accounts and i don't give a damn if it bothers anyone else on the internet :-)[20:52:47] <wdp> increasing.[20:52:54] <wdp> 3 more just now.[20:53:03] <lunaphyte> there is nothing wrong with apply a content filter to all incoming mail, including that which is address to addresses required by various rfcs.[20:53:25] <lunaphyte> however, there *is* something wrong with doing more than simply labeling incoming mail.[20:53:31] <jimpop> to:postmaster@ seems to be on the rise, targetted attempts to a technical audience[20:53:44] <jimpop> specifically used equipment sales[20:53:53] <Aprogas> So far I have been spared from those.[20:54:42] <wdp> i guess[20:54:50] <wdp> redirecting postmaster@ to /dev/null[20:54:57] <wdp> isn't good practise?=[20:55:01] <lunaphyte> god no.[20:55:01] <wdp> :>[20:55:16] <jimpop> redirect to to /var/mail/saved-for-later-review[20:55:31] <wdp> maybe i could write an auto responder for that[20:55:35] <lunaphyte> just properly set up your recipient restrictions and postscreen configuration, and then use a suitable content filter for mail that is ultimately accepted.[20:55:38] <wdp> "dear writer, we'll respond in a half year"[20:55:53] <wdp> backscatter is teeh evil[20:55:54] <lunaphyte> but really, as i said, this has nothing to do with those special addresses in particular.[20:56:03] <lunaphyte> it's just the sane way to run a mail server in general.[20:56:04] <jimpop> don't do that, you'll be labelled a backscatter ;-)[20:56:19] <wdp> i remember i read something about that in some document of some jim[20:56:23] <wdp> forged emails[20:56:32] <wdp> anti uce sheet or something[20:56:33] <wdp> mhhhm[20:56:38] <jimpop> yep[20:56:41] <wdp> but i guess that thing is completly out of date now[20:56:49] <jimpop> better to spool-n-review, or discard[20:57:52] *** david__ has quit IRC[20:58:13] <wdp> maybe i should write a policy daemon myself. which is looking in the content of each incoming mail, whether its a mailer daemon with "no mailbox here by that name"[20:58:20] <wdp> if yes, reject[20:58:28] <lunaphyte> i wouldn't waste my time.[20:58:43] <wdp> well, i have to sort em out manually[20:58:47] <wdp> so im wasting my time already.[20:58:55] *** amir has quit IRC[20:59:14] *** david__ has joined #postfix[20:59:15] <wdp> <lunaphyte> just properly set up your recipient restrictions and postscreen configuration, and then use a suitable content filter for mail that is ultimately accepted.[20:59:16] <wdp> yo[20:59:22] <wdp> still havent looked much into postscreen yet[20:59:34] <wdp> u think that'll help at those things?[20:59:40] <lunaphyte> well formed recipient restrictions and use of postscreen will render the amount of accepted mail to a minimum. the remainder, properly classified by a content filter and delivered to a spam mailbox, is trivial to manage. look at them if you want to, delete them if you don't.[20:59:53] <lunaphyte> every little bit helps.[21:00:18] <wdp> good task for the weekend then i guess.[21:01:39] *** amir has joined #postfix[21:05:06] *** weta is now known as rossand[21:05:37] *** mu574n9 has quit IRC[21:09:22] *** rossand is now known as weta[21:11:01] *** david__ has quit IRC[21:12:22] *** Matic`Makovec has joined #postfix[21:16:58] *** weedar has joined #postfix[21:19:08] *** pr3d4t0r has joined #postfix[21:19:11] <pr3d4t0r> Greetings.[21:21:47] <pr3d4t0r> Q. SASL AUTH - saslauthd, Postfix running; testsaslauthd confirms user, password OK; Postfix listening on ports 25 and 587. When trying to connect from outside the network the server says "warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory" - all daemons confirmed running. Can you please give me some pointers on how to troubleshoot this? Thanks in[21:21:49] <pr3d4t0r> advance.[21:22:19] <rob0> jimpop, sigh, yes, our DC in South Bend, IN is out of power since the severe storms there on Sunday.[21:23:32] <rob0> and the generator failed[21:26:22] *** on1ald has quit IRC[21:27:13] <thumbs> rob0: your other server is still up[21:29:07] <rob0> yes, but it's not a MX[21:30:28] <thumbs> rob0: the :66.. one.[21:30:39] <rob0> right[21:32:13] *** kale has quit IRC[21:32:18] *** axisys has quit IRC[21:33:46] *** pj has joined #postfix[21:36:18] *** justdave has quit IRC[21:36:43] *** kale has joined #postfix[21:37:57] *** Franklin has quit IRC[21:39:00] <jimpop> rob0: ok, you got 5 days.... ;-)[21:39:53] *** kale has quit IRC[21:39:54] *** Maliel has quit IRC[21:40:22] *** Maliel has joined #postfix[21:41:41] <rob0> Power should be back any time, and generator fixed tomorrow.[21:43:41] <lunaphyte> we were very fortune, i think.[21:44:04] <lunaphyte> what came through in our area did no damage, but lots of damage in battle creek, east of us.[21:45:45] <robtone> power to the people![21:46:12] *** Franklin has joined #postfix[21:47:33] <robtone> oh, sounds stormy. *cnn*[21:47:40] *** gratnam11_ has joined #postfix[21:48:28] *** gratnam11 has quit IRC[21:48:33] *** gratnam11_ has quit IRC[21:50:02] <rob0> lunaphyte is not too far from there, right?[21:50:25] <lunaphyte> we're about an hour north of south bend.[21:51:26] <rob0> Three Rivers (St. Joseph County, MI) was hit pretty hard according to the electric co. website.[21:52:28] <rob0> still almost 2000 customers (16%) with no power[21:53:05] <lunaphyte> that's about 30 mi south of here.[21:53:25] <lunaphyte> brutal day for no power today too.[21:54:30] <thumbs> why? It's nice and warm.[21:55:20] <rob0> Our ISP needs a better SLA with the electric co., make them consider us a higher priority![21:59:20] <Aprogas> Normalcy bias keeps those things from being signed until after it became a big problem.[22:06:03] <jdoe> anyone have any tips or gotchas for sender_dependent_default_transport? I've tried http://www.kutukupret.com/2010/01/02/postfix-bind-sender-domain-to-dedicated-outgoing-ip-address/ (with 2.8) but it always uses the default_transport.[22:07:01] <tharkun> !transport[22:07:01] <knoba> tharkun: "transport" : transport(5) The optional transport(5) table specifies a mapping from email addresses to message delivery transports and next- hop destinations. Look at: http://www.postfix.org/transport.5.html[22:08:23] <tharkun> jdoe: also man 5 transport 's first few lines will tell you how to check that you have made a correct transport list[22:08:44] <jdoe> tharkun: I read that, but apparently all I've taken from it is "this should work." -- I've got default_transport defined as well, according to that (and common sense I guess) sender_dependent_default_transport should trump it.[22:09:01] <jdoe> tharkun: yeah, the postmap line shows the expected transport.[22:09:16] <jdoe> but not the one postfix is actually using.[22:09:55] *** gratnam11 has joined #postfix[22:09:59] *** zorg1 has joined #postfix[22:10:57] <jdoe> guess I should scrape together postconf etc.[22:13:30] <tharkun> jdoe: usual mistake is to mismatch the type of table on main.cf and the one used when using postmap[22:16:48] *** gratnam11 has quit IRC[22:18:21] *** gratnam11 has joined #postfix[22:19:50] *** s0ber_ has joined #postfix[22:20:14] <jdoe> tharkun: I don't think that's my problem, but maybe you can tell me: http://pastebin.com/NfSCW1Tm (postconf -n), http://pastebin.com/74A3yq5F (master.cf) and http://pastebin.com/mUifigwY (sender_dependent_default_transports)[22:20:37] *** Toerkeium has joined #postfix[22:20:38] *** runev has joined #postfix[22:21:14] *** Toerkeium has quit IRC[22:22:09] *** s0ber has quit IRC[22:22:21] *** s0ber_ is now known as s0ber[22:22:50] <jdoe> (I lied, apparently I don't have default_transport defined right now)[22:22:50] *** gongoputch1 has joined #postfix[22:23:20] *** _dev_urandom has joined #postfix[22:23:40] *** neonoe_ has joined #postfix[22:23:51] *** micols_ has joined #postfix[22:23:56] *** wolfffff1 has joined #postfix[22:24:17] *** Toerkeium has joined #postfix[22:24:22] *** sphenxes01 has joined #postfix[22:24:31] *** madduck__ has joined #postfix[22:24:38] *** Shuro__ has joined #postfix[22:24:39] *** fahadsadah_ has joined #postfix[22:25:03] *** Tyklol has joined #postfix[22:26:10] *** soosfarm has joined #postfix[22:26:11] *** jan_ has joined #postfix[22:27:11] *** sphenxes has quit IRC[22:27:14] *** Tykling has quit IRC[22:27:15] *** tomocha66 has quit IRC[22:27:15] *** madduck_ has quit IRC[22:27:15] *** fahadsadah has quit IRC[22:27:15] *** gothos has quit IRC[22:27:15] *** micols has quit IRC[22:27:15] *** neonoe has quit IRC[22:27:15] *** gongoputch has quit IRC[22:27:15] *** soosfarm_ has quit IRC[22:27:15] *** wolfffffi has quit IRC[22:27:15] *** failure has quit IRC[22:27:15] *** higuita has quit IRC[22:27:15] *** Patrickdk has quit IRC[22:27:15] *** patdk-wk has quit IRC[22:27:15] *** P1ersson has quit IRC[22:27:16] *** devurandom has quit IRC[22:27:16] *** runev_ has quit IRC[22:27:16] *** Shuro has quit IRC[22:27:16] *** fraff_ has quit IRC[22:27:16] *** failure has joined #postfix[22:27:52] *** fraff_ has joined #postfix[22:27:53] *** fraff_ has joined #postfix[22:28:02] *** patdk-wk has joined #postfix[22:28:03] *** Patrickdk has joined #postfix[22:29:40] *** higuita has joined #postfix[22:30:13] *** P1ersson has joined #postfix[22:30:56] *** Cain has quit IRC[22:35:29] *** Cain has joined #postfix[22:39:09] *** eduardok has joined #postfix[22:42:25] <eduardok> guys, I want to send a copy of e-mails sent to a given number of users to another server (their accounts), how could I do this?[22:43:05] <pr3d4t0r> The issue was the postfix user not part of the saslauthd group, and invalid permissions in $CHROO/var/run/saslauthd - it's working now. Thanks anyway :)[22:51:15] *** mu574n9 has joined #postfix[22:51:43] *** codeshah has joined #postfix[22:53:13] *** e-anima has quit IRC[22:55:15] *** eduardok has quit IRC[22:55:51] *** brancaleone has quit IRC[22:58:12] *** Timzzzz is now known as Timmooo[23:02:15] *** hever has quit IRC[23:03:36] *** gerhard7 has quit IRC[23:06:52] *** ealfie-1493 has joined #postfix[23:07:02] <ealfie-1493> hello everyone[23:07:36] <ealfie-1493> I understand that email forwarded by the local daemon goes to the cleanup daemon[23:08:13] <ealfie-1493> is there a way to filter (by header_checks for instance) only email that is going to be forwarded?[23:10:00] <rob0> !goal[23:10:00] <knoba> rob0: "goal" : describe your goal, not what you think the solution is[23:11:25] *** ealfie-1493 has left #postfix[23:11:28] *** ealfie-1493 has joined #postfix[23:11:35] <ealfie-1493> hello everyone[23:12:13] <ealfie-1493> is there a way to apply filters (like header_checks) only to email that is about to be forwarded by the local daemon ?[23:13:02] <jimpop> !tell ealfie-1493 smtp_header_checks[23:13:02] <knoba> jimpop: Error: No factoid matches that key.[23:13:05] <jimpop> doh[23:13:12] <jimpop> ealfie-1493: you want smtp_header_checks[23:13:32] <ealfie-1493> ok, i guess my postfix version is old enough by now...[23:13:33] <rob0> really?[23:13:39] <jimpop> header_checks are for smtpD[23:13:59] <ealfie-1493> I gues 2.3 has no support for (client) smpt_header_checks[23:14:09] <jimpop> probably[23:14:15] <jimpop> !tell ealfie-1493 upgrade[23:14:15] <knoba> jimpop: Error: No factoid matches that key.[23:14:18] <jimpop> damn[23:14:20] <jimpop> ;-)[23:14:28] <thumbs> !tell jimpop downgrade[23:14:29] <knoba> thumbs: Error: No factoid matches that key.[23:14:32] <jimpop> lol[23:14:42] <jimpop> ealfie-1493: you really should upgrade[23:14:49] <ealfie-1493> ok[23:15:00] <jimpop> knoba: Y U no upgrade?[23:15:00] <ealfie-1493> anyway, after upgrade[23:15:01] *** Matic`Makovec has quit IRC[23:15:14] <ealfie-1493> is that the best practical way to implement it?[23:15:27] <jimpop> pretty much.[23:15:39] <jimpop> the only alternative would be a milter[23:15:40] <ealfie-1493> I want to prevent users from forwarding already tagged spam (by means of their ~/.forward)[23:15:57] <rob0> ah, !goal[23:16:04] <tharkun> bingo[23:16:25] <jimpop> how is it i already knew that?[23:16:42] <rob0> I would use recipient_delimiter and a different .forward+spam[23:17:30] <jimpop> i think he/she wants to drop email that gets .forwarded by lusers[23:17:40] <ealfie-1493> no, no[23:17:57] <ealfie-1493> There is a spam filter that tags messages[23:17:57] <jimpop> incoming spam that hits a .forward should get dropped, not reflected[23:17:59] <rob0> I don't think smtp_header_checks can prevent sending something. It can only strip a header.[23:18:08] <ealfie-1493> like adding X-Spam-Status: Yes[23:18:10] <jimpop> DISCARD?[23:18:49] <ealfie-1493> so, cleanup daemon makes no distinction on which daemon handled the message?[23:19:14] <rob0> postconf.5.html#smtp_header_checks "Actions that change the delivery time or destination are not available.[23:19:17] <rob0> "[23:19:39] <jimpop> would that include DISCARD?[23:19:44] <rob0> DISCARD is a destination[23:19:59] <jimpop> k[23:20:44] <tharkun> ealfie-1493: If you are stoping the emails on a loophole. Is the same thing as originally discarding it which is by itself not a good idea.[23:20:48] <tharkun> see !mantras[23:22:57] <jimpop> ealfie-1493: so in sort, there is no way to discard outbound spam via header checks.[23:22:58] *** hever has joined #postfix[23:23:14] <ealfie-1493> thanks jimpop[23:23:14] <jimpop> ealfie-1493: but you can use a milter to do such[23:23:49] <ealfie-1493> should it be an smtp milter or non smtp milter?[23:24:01] *** Section1 has quit IRC[23:24:03] <rob0> or, have the content filter add a +spam tag to the LHS, with a different .forward+spam :)[23:24:28] <tharkun> aloha rob0 how is life[23:24:41] <thumbs> don't talk to me about life![23:24:45] <jimpop> i suspect he's not doing the content filtering, or may not always be doing the content filtering[23:25:02] <ealfie-1493> I have 2 postfix boxes[23:25:30] <ealfie-1493> box 1 is an mx with postfix + spamassasin after queue filter[23:25:43] <ealfie-1493> box 2 is where email delivery is done (w/dovecot lda)[23:26:17] <ealfie-1493> by now, there's no 'filtering' done in box 2[23:26:21] <rob0> MILTER_README.html "Postfix 2.3 does not implement requests to replace the message body."[23:26:57] *** pr3d4t0r has left #postfix[23:27:15] <tharkun> thumbs: Having trouble with the dog?[23:27:18] <ealfie-1493> i would want to use the tagging donde in box 1 to prevent users having spam forwarded by their ~/.forward[23:27:21] <rob0> Amavisd-new can do the user+spam@domain tagging, when spamassassin identifies spam.[23:27:56] <ealfie-1493> rob0: i'd have to look the side effects on the dovecot lda[23:28:22] <rob0> If you don't want to go the easy way, you could use procmail or similar, with a recipe which checks headers.[23:28:37] <ealfie-1493> (box 1 uses spampd, that is a primitive but very functional perl daemon that uses spamassassin)[23:29:08] <thumbs> tharkun: it's a quote from Douglas Adams[23:29:21] <rob0> tharkun, life is hot. Summer, and can't afford to run the air conditioner.[23:29:23] <ealfie-1493> rob0: thanks, but I guess can't use procmail since I'm using dovecot's deliver lda[23:29:40] <jdoe> ealfie-1493: can do it with sieve[23:29:46] <jimpop> the only problem with relying on .forward+spam and/or procmail, is it can be overridden by the lusers[23:29:50] <jdoe> (assuming you're using pigeonhole or whatever)[23:29:51] <tharkun> thumbs: I've never heard of him before (Not that proficient in English literature)[23:30:00] <ealfie-1493> I see[23:30:06] <thumbs> tharkun: The hitchhiker's guide[23:30:12] <tharkun> rob0: Still on the market ?[23:30:16] <tharkun> thumbs: thanks[23:30:22] <rob0> tharkun, si[23:30:31] <jimpop> ealfie-1493: why not run SA/spamd on the second server?[23:30:33] <tharkun> vaya, suerte[23:30:47] <ealfie-1493> jimpop: historical reasons[23:30:51] <jimpop> ok[23:30:55] <ealfie-1493> anything fundamental[23:31:19] *** geek_cl has quit IRC[23:31:25] <ealfie-1493> jimpop: or you mean both boxes running sa?[23:31:51] <jimpop> both, or the one box connecting to SA on the other box[23:32:11] <jimpop> iirc, you can run spamd against a remote spamasssasin[23:32:25] <ealfie-1493> yes[23:33:48] <ealfie-1493> i guess the easiest way in this case would be to upgrade dovecot to use pigeonhole instead of cmusieve.[23:33:49] <ealfie-1493> pigeonhole allows one to define two mandatory global sieve filters , one is executed before the user's sieve script and the other after that[23:34:11] <jimpop> so add the spamass-milter to postfix on box #2, and have it talk to spamassassin on box #1[23:34:13] <ealfie-1493> so I would transform .forward files in user's sieve filters, and forbid ~/.forward[23:34:41] <jimpop> or that. ;-)[23:34:47] <ealfie-1493> and have a global "pre-execute" sieve filters which puts spam in a fixed folder[23:35:11] <rob0> It's also about making a silk purse from a sow's ear. Same-envelope forwarding is trouble.[23:35:14] <ealfie-1493> only problem would be some user wanting their tagged spam delivered to their inbox[23:35:44] <ealfie-1493> rob0: do you suggest something like srs?[23:36:01] <jimpop> have the milter on box #2 act on outbound (smtp) mail[23:36:18] <ealfie-1493> jimpop: thanks[23:36:48] <ealfie-1493> thanks everyone, I'll be doing some tests this week[23:37:29] <ealfie-1493> rob0: i'm sorry, english is not my native language[23:37:55] <ealfie-1493> rob0: i don't understand the metaphore[23:38:24] <rob0> yeah, sorry. I'm just saying it's a mess, not something I would care to support.[23:39:41] <rob0> Your content filtering has to be at least as aggressive as any remote site to which you might be forwarding. And hope they're not using SRS et al.[23:40:54] <ealfie-1493> rob0: sure, but the content is by now tagged and delivered to a Junk folder, but by now if a user has a .forward file messages are forwarded[23:41:02] <ealfie-1493> tagged or not[23:41:16] *** Kalavera_ has joined #postfix[23:41:49] <jdoe> Could anyone give me a hand with sender_dependent_default_transports? 2.8 snapshot from january (openbsd), despite postmap showing me what I'd expect from the map file, it keeps using the default transport for everything: http://pastebin.com/NfSCW1Tm (postconf -n), http://pastebin.com/74A3yq5F (master.cf) and http://pastebin.com/mUifigwY (sender_dependent_default_transports)[23:41:54] *** slune has quit IRC[23:42:54] <tharkun> jdoe: fix your map. first try with a simple map then throw some regexp into it. I suspect you are failing with the regexp ( i am no expert on those)[23:43:29] *** krzee has joined #postfix[23:45:15] <jdoe> tharkun: I'm trying postmap -q with the addresses I'm sending from, it's showing me the right transport (and the regex is *super* simple), I don't think that's the problem.[23:45:30] <rob0> Which one of those pastes has the whole thing including the logs which show the problem?[23:46:14] *** ealfie-1493 has left #postfix[23:47:23][23:48:22] *** AcTiVaTe has quit IRC[23:50:35] <rob0> !restriction_classes[23:50:35] <knoba> rob0: "restriction_classes" : see !restriction_class[23:50:38] <rob0> !restriction_class[23:50:38] <knoba> rob0: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html[23:51:39] <jdoe> rob0: ... son of a. Thanks. Reading comprehension isn't my strong point apparently, I think I'm getting hung up on the difference between "From:" and the envelope sender address.[23:57:23] <Kalavera_> ok rob0 thnak you[23:57:29] *** Kalavera_ has quit IRC