Switch to DuckDuckGo Search
   February 6, 2012  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | >

Toggle Join/Part | bottom
[00:04:14] *** soosfarm has quit IRC
[00:06:20] *** soosfarm has joined #postfix
[00:09:20] *** wdp_ has quit IRC
[00:09:23] *** failure has quit IRC
[00:09:29] *** failure has joined #postfix
[00:10:17] *** doorp has quit IRC
[00:11:33] *** googlah has quit IRC
[00:18:22] *** wdp has quit IRC
[00:18:43] *** googlah has joined #postfix
[00:26:22] *** jkfod has quit IRC
[00:27:10] *** Motoko has joined #postfix
[00:59:17] *** al4nc4ds has joined #postfix
[01:19:00] *** tharkun has quit IRC
[01:19:42] *** al4nc4ds has quit IRC
[01:20:59] *** master_of_master has quit IRC
[01:22:53] *** master_of_master has joined #postfix
[01:29:05] *** todd_dsm has quit IRC
[01:30:32] *** tharkun has joined #postfix
[01:57:12] *** Belial_ has quit IRC
[01:58:47] *** orzo has joined #postfix
[01:59:49] <orzo> I would like to deliver mail to root@hostname1 to one user, while root@* goes to a different user which is specified in aliases
[01:59:57] <orzo> what's the best way to do that?
[02:07:13] <jimpop> orzo: virtual users
[02:07:20] <jimpop> !tell orzo virtual
[02:07:20] <knoba> orzo: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[02:11:39] <orzo> okay, im reading that
[02:27:33] *** echelog has joined #postfix
[02:27:49] <rob0> And just leave the domains where you don't want namespace separation in mydestination.
[02:30:41] <orzo> so i would leave hostname1 in mydestination so that joe@hostname1 goes to unix user joe for any joe on the box except root and they'd have no entries in the virtual aliase file which would only have a root@hostname1 entry?
[02:31:46] <orzo> can a hostname be in both the virtual aliases and in mydestinations?
[02:32:06] <orzo> "NEVER list a virtual alias domain name as a mydestination domain! " guess not heh
[02:32:17] <lunaphyte> you must mean mydestination, but no.
[02:33:17] <orzo> well im trying to reroute root@hostname1 while leaving it to deliver all other *@hostname1 as it would with mydestination
[02:34:05] <orzo> and its unfortunately distinct from root@hostname2 where hostname2 is in mydestination
[02:38:04] <lunaphyte> we can provide actual help once you supply the details as directed by way of the channel /topic.
[02:46:44] *** Toerkeium has quit IRC
[02:51:33] *** higuita has quit IRC
[02:51:44] *** orzo has left #postfix
[02:52:30] *** osmosis has joined #postfix
[02:53:13] <osmosis> now that I have postfix receiving mail correctly, and imap with dovecot, are there any suggestions on how I should go about setting up support for virtual hosts?
[03:02:00] *** Ditzi has quit IRC
[03:07:18] *** higuita has joined #postfix
[03:11:19] *** dragonheart has joined #postfix
[03:11:43] *** BuenGenio has joined #postfix
[03:12:23] *** danblack has quit IRC
[03:18:45] <thumbs> !virtual
[03:18:45] <knoba> thumbs: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[03:30:45] *** dragonheart is now known as danblack
[04:01:43] *** josefig has joined #postfix
[04:01:59] <josefig> hello, I'm getting this error: ERROR: Connection dropped by IMAP server on squirrelmail, this is my log http://pastie.org/3325158 for postfix
[04:02:36] *** MaximusColourum has quit IRC
[04:02:44] <lunaphyte> i don't see any postfix log messages in that pastebin
[04:05:12] <josefig> lunaphyte, I guess is from courier not from postifx
[04:05:30] <lunaphyte> oh. but you are asking for help here? i'm confused.
[04:05:33] <thumbs> ah, then the courier folks might need to intervene
[04:05:45] <thumbs> they have their own separate channel, too.
[04:05:54] <josefig> yes I'm looking for help, thanks
[04:06:06] <lunaphyte> ah, good deal.
[04:06:24] *** josefig has left #postfix
[04:07:06] <treshoem> I have the following error: http://pastebin.com/P3gsHmQg Any assistance addressing it would be appreciated
[04:08:04] <lunaphyte> oh, you've got smtp auth [sasl] enabled for smtp. turn that off.
[04:08:14] <lunaphyte> smtp auth is for submission, not smtp.
[04:08:24] <lunaphyte> [it's also not properly configured, it would seem]
[04:14:04] <treshoem> Thank you, its seems to be working now
[04:14:10] <thumbs> :)
[04:14:45] <lunaphyte> hey, neat.
[04:16:37] <treshoem> I wonder how long it will take to get it working with postfixadmin, mysql, dovecot and roundcube webmail
[04:17:42] <lunaphyte> probably quite a while. that's a lot of stuff to learn.
[04:19:46] <treshoem> I found a guide, but it seems out of date / inconsistent
[04:20:08] <thumbs> be wary of 'guides' or 'howtos'
[04:20:14] <lunaphyte> what do you mean "but?
[04:20:24] <thumbs> most are misleading :)
[04:20:41] <lunaphyte> that's like saying i found a pile of dig shit, but it smells bad.
[04:20:43] <lunaphyte> *dog
[04:20:47] <lunaphyte> damnit.
[04:27:42] <rob0> dig shot
[04:28:25] <jimpop> digg it
[04:28:45] * jimpop wonders if digg is even still around
[04:31:14] <thumbs> it is!
[04:32:41] *** eskp has joined #postfix
[04:32:46] <eskp> hi all
[04:33:04] <eskp> just trying to send an external email from my server
[04:33:24] <eskp> getting Relay access denied; from=<> to=
[04:33:43] <eskp> my other server has the same configuration and all works fine
[04:34:09] <lunaphyte> oh, when you join a channel, make sure you read the channel /topic first, and follow the instructions there.
[04:34:25] <lunaphyte> you don't want to just immediately begin speaking. it's rude.
[04:34:49] * rob0 holds off on the !relay_denied factoid, seeing that it was a bounce
[04:37:18] <thumbs> I tried to stick a big tape on rob0's mouth once, but he kept trying to talk
[04:39:59] <thumbs> he just can't stop!
[04:40:23] *** josefig has joined #postfix
[04:40:37] <josefig> now I'm getting this error http://pastebin.com/UyyNXuyZ :P, hello again.
[04:41:14] <thumbs> josefig: how did you install postfix?
[04:41:40] <lunaphyte> looks like you need to go back through the documentation for sasl config again.
[04:41:49] <thumbs> !sasl
[04:41:49] <knoba> thumbs: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[04:41:56] <josefig> I followed this guide http://www.howtoforge.com/virtual-users-and-domains-with-postfix-courier-mysql-and-squirrelmail-centos-6.2-x86_64
[04:42:28] <lunaphyte> oh, we only support the software's documentation here. not guides written by random people.
[04:42:53] <josefig> I know, sorry I'm not sysadmin :P
[04:43:02] <lunaphyte> why aren't you using the software's documentation? it's written by people who know a lot about the software and how it works.
[04:43:11] <lunaphyte> right, that's what i'm saying.
[04:43:47] <lunaphyte> if you're not a sysadmin [e.g. not experienced with this sort of thing], you'll definitely want to use the software's documentation. not a tutorial or howto. those aren't for beginners.
[04:44:27] <lunaphyte> to use a tutorial or howto, you have to be advanced - very experienced, so you can tell what pats of it to use and when the author doesn't know what they're talking about.
[04:45:07] <josefig> lunaphyte, thanks you're right
[04:45:14] <rob0> mmmmf! mmgrrm
[04:45:22] <lunaphyte> kind of a pitfall, i guess. but t is what it is.
[04:45:30] <lunaphyte> josefig: sure, you're welcome.
[04:45:45] <lunaphyte> the other benefit of using the documentation is that you can get free help from us here.
[04:47:13] <josefig> actually, I will remove all what I did and start over
[04:48:24] *** xxzz has joined #postfix
[04:49:58] <rob0> mmf
[04:50:26] <lunaphyte> i sure how you shaved earlier.
[04:50:29] <lunaphyte> *hope
[04:50:32] <jimpop> biting that tongue sure must hurt
[04:52:38] *** D-Boy has quit IRC
[04:52:40] *** Guest8383 has joined #postfix
[04:54:36] *** Cain has quit IRC
[04:54:54] *** Guest8383 has quit IRC
[04:55:16] *** D-Boy has joined #postfix
[04:56:25] *** Cain has joined #postfix
[05:05:21] *** lunaphyte_ has quit IRC
[05:27:51] *** chadmaynard has quit IRC
[05:28:09] *** MAAAAD has quit IRC
[05:28:38] *** lunaphyte_ has joined #postfix
[05:28:38] *** lunaphyte_ has joined #postfix
[05:41:05] *** MAAAAD has joined #postfix
[05:54:58] *** eskp has quit IRC
[05:55:57] *** eskp has joined #postfix
[05:57:12] *** morphje has joined #postfix
[05:57:13] *** xxzz has quit IRC
[05:59:02] *** sebbow has quit IRC
[05:59:34] *** sebbow has joined #postfix
[06:18:02] *** morphje has quit IRC
[06:18:08] *** n0sq has quit IRC
[06:26:16] *** eskp has left #postfix
[06:27:08] *** l1nuxman has quit IRC
[07:01:28] *** chadmaynard has joined #postfix
[07:09:07] *** krzee has joined #postfix
[07:10:04] *** xpeed has quit IRC
[07:24:46] *** josefig has quit IRC
[07:25:50] *** vicapow has joined #postfix
[07:25:59] *** vicapow has left #postfix
[07:58:20] *** milligan is now known as java__
[07:58:48] *** java__ is now known as milligan
[08:00:24] *** krzee has quit IRC
[08:15:03] *** feisar has quit IRC
[08:27:28] *** xxzz has joined #postfix
[08:32:05] *** wdp has joined #postfix
[08:32:05] *** wdp has joined #postfix
[08:33:02] *** gerhard7 has joined #postfix
[08:50:16] *** wdp_ has joined #postfix
[08:52:41] *** krzee has joined #postfix
[09:14:10] *** breaker313 has joined #postfix
[09:19:41] *** zeshoem has joined #postfix
[09:23:22] <zeshoem> How do I setup the admin user for postfix admin?
[09:27:01] *** tjikkun_work has joined #postfix
[09:36:54] *** Motoko has quit IRC
[09:49:19] *** e-anima has joined #postfix
[09:50:49] *** davlefou_ is now known as davlefou
[09:50:55] *** davlefou has joined #postfix
[09:51:57] <_ruben> zeshoem: try #postfixadmin instead
[09:58:38] *** danblack has quit IRC
[10:11:46] *** Steve_The_Pirate has joined #postfix
[10:21:57] *** abrawass has joined #postfix
[10:22:31] *** bezourox has joined #postfix
[10:22:32] <abrawass> Hello
[10:25:31] <abrawass> is there someone here ?
[10:25:37] <Zerberus> no
[10:26:01] <abrawass> so kind ... !
[10:26:59] <abrawass> hmm i came here to find some help about postfix ... can enlight me Zerberus ?
[10:27:10] <Zerberus> !welcome
[10:27:11] <knoba> Zerberus: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[10:28:19] <abrawass> it's something very specific, i never find this case anywhere else
[10:30:34] <Zerberus> abrawass: then describe it in a sufficient way and see if someone can help
[10:30:53] <abrawass> yes i'm going to describe it with algo
[10:30:57] <abrawass> if (mail dest = @myfirm.com)
[10:31:03] <abrawass> send to mylansmtp
[10:31:09] <abrawass> else if (mail src = @myfirm.com)
[10:31:15] <abrawass> send to internetsmtp
[10:31:20] <abrawass> else reject it
[10:31:39] <abrawass> is it possible to do ?
[10:31:53] <Zerberus> check for restriction classes
[10:33:23] <abrawass> so i finish to explain ...
[10:33:45] <abrawass> i have already a transport map with authorizated users
[10:34:03] <abrawass> all the adress with @myfirm.com
[10:34:44] <abrawass> i know that i have to use sender_dependent relayhostmap
[10:37:59] <abrawass> but when incoming mail from @myfirm.com arrives there is going to have loops
[10:39:09] <abrawass> if in the relay map for sender dependant mail from @myfirm.com are sent to internetsmtp when the destination is @myfirm.com
[10:40:08] <abrawass> i don't know how to write "in any case if the dest is @myfirm.com then send it to mylansmtp"
[10:41:18] *** [diablo] has joined #postfix
[10:43:43] *** Cain has quit IRC
[10:43:44] *** D-Boy has quit IRC
[10:44:43] *** Cain has joined #postfix
[10:44:57] *** D-Boy has joined #postfix
[10:46:05] *** internat has quit IRC
[10:47:03] *** internat has joined #postfix
[10:56:38] <abrawass> Zerberus .. in fact my question is to know which restriction class gots the priority
[10:56:58] <abrawass> are they treted in the order of writing ?
[11:02:14] *** tuxcrafter has left #postfix
[11:04:28] <osmosis> how can I check if postfix is using SASL?
[11:09:19] *** xabbuh has joined #postfix
[11:13:53] <pj> abrawass: it sounds like you're trying to mix submission with smtp, this is a bad idea.
[11:14:33] <pj> osmosis: telnet to the server and see if it offers SASL
[11:14:56] <pj> !tell abrawass submission
[11:14:57] <knoba> abrawass: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf
[11:20:34] <abrawass> pj no i don't use port 587
[11:20:43] <abrawass> i receive mail on port 25
[11:20:46] <pj> abrawass: I know, I am saying you should be.
[11:20:54] <abrawass> oh ok
[11:21:38] <pj> abrawass: you are trying to use sender email address as an indicator of submission status, this is bad because sender is easily spoofed and it will turn you into a spam relay.
[11:22:41] <pj> you really need to be using SASL authentication for that, and by using a separate port for submission it makes things much easier to customize postfix features for submission vs mail exchange.
[11:22:43] <abrawass> yes i know but i need my external users to use this smtp
[11:23:17] <abrawass> ok so 587 for ext users with sasl
[11:23:22] <pj> right
[11:23:38] <abrawass> and 25 for all incoming ?
[11:23:50] <pj> and you know that email is all submission and you know that any email coming in on port 25 is incoming ... exacty
[11:24:07] <pj> you separate them into seperate ports (services) and it becomes much easier to manage.
[11:24:37] <abrawass> yes ! thx i didn't think to that !
[11:25:30] <abrawass> i'd better use to two machines ? ( these are vm)
[11:26:26] <pj> you can if you want, but it's not necessary.
[11:26:37] <pj> I do it on one VM
[11:27:00] <abrawass> ok so ... there are two main.cf ?
[11:27:19] <pj> no
[11:27:34] <pj> you make cusomizations in master.cf
[11:27:58] <pj> look in master.cf there is a commented entry for submission, uncomment it and tweak as appropriate.
[11:29:09] *** BuenGenio has quit IRC
[11:29:12] <pj> you can override config entries in master.cf with -o lines.
[11:30:43] *** MaximusColourum has joined #postfix
[11:35:35] <wdp_> is there some good page with a comparison of dnsbl's?
[11:37:17] *** D4rKr0W`afk is now known as D4rKr0W
[11:37:48] <pj> honestly I don't know. I have seen some discussion of it at various times on the ml.
[11:37:59] <pj> I just use zen and find it to be fine for my needs.
[11:41:16] <abrawass> so for submission don't need to explicitly tell postfix it's port 587
[11:41:21] <abrawass> right, pj ?
[11:41:34] <pj> you are in master.cf
[11:41:38] <abrawass> yes
[11:41:51] <pj> the line starts with submission, that is the port
[11:42:01] <abrawass> ok !
[11:42:24] <pj> if you look up submission in your /etc/services file you will see it shows 587
[11:43:02] <pj> !tell abrawass master.cf
[11:43:02] <knoba> abrawass: "master.cf" : postfix master process configuration file. each logical line describes how a postfix service will be run. see man 5 master or http://www.postfix.org/master.5.html for more information. also see !master
[11:47:04] <osmosis> i have virtual_uid_maps = static:5000 setup properly for postfix . Why is my log showing, dovecot: User myuser@myhost not allowed to log in using too low UNIX UID 106(postfix) (see first_valid_uid in config file)
[11:48:34] <pj> osmosis: you would have to ask on #dovecot
[11:49:28] *** D4rKr0W has left #postfix
[12:07:17] *** cypher707 has joined #postfix
[12:13:26] *** cypher707 has quit IRC
[12:17:55] *** krzee has quit IRC
[12:21:23] *** cypher707 has joined #postfix
[12:33:13] *** bezourox has quit IRC
[12:33:13] *** tharkun has quit IRC
[12:33:13] *** markdark has quit IRC
[12:33:13] *** leprechau has quit IRC
[12:33:13] *** Dominian has quit IRC
[12:33:13] *** folivora has quit IRC
[12:33:13] *** pdtpatrick has quit IRC
[12:33:13] *** Verilium has quit IRC
[12:33:14] *** pyco has quit IRC
[12:33:28] *** Dominian has joined #postfix
[12:33:52] *** leprechau has joined #postfix
[12:34:57] *** pj has quit IRC
[12:34:58] *** bezourox has joined #postfix
[12:34:58] *** tharkun has joined #postfix
[12:34:58] *** markdark has joined #postfix
[12:34:58] *** folivora has joined #postfix
[12:34:58] *** pdtpatrick has joined #postfix
[12:34:58] *** Verilium has joined #postfix
[12:34:58] *** pyco has joined #postfix
[12:46:11] <osmosis> where do I change the maildir path?
[12:48:42] *** pj has joined #postfix
[12:52:14] *** Section1 has joined #postfix
[12:52:55] <osmosis> why am I getting postfix/smtpd[11084]: NOQUEUE: reject: RCPT from
[12:53:01] <osmosis> when I try to send out
[13:01:32] <osmosis> i googled and its backscatter mail. This is to a legitimate recipient though
[13:02:37] <osmosis> virtual_alias_domains
[13:03:21] <osmosis> hmm...i have virtual_alias_maps though
[13:04:33] *** jelly has quit IRC
[13:05:13] *** jelly has joined #postfix
[13:13:57] *** cypher707 has quit IRC
[13:15:07] <osmosis> how come I see nothing running on 465? Though I have all the TSL options enabled already.
[13:16:10] *** biggi_mat has joined #postfix
[13:20:07] *** xxzz has quit IRC
[13:22:17] <osmosis> "TCP network port 587, which is reserved for email client applications." if its for email client apps, why does postfix listen on it?
[13:22:20] *** biggi_mat has quit IRC
[13:22:29] *** snearch has joined #postfix
[13:26:16] *** cpm_ has joined #postfix
[13:26:16] *** cpm_ has joined #postfix
[13:28:42] <jelly> osmosis: it's listening, waiting for any client applications to connect and give it mail
[13:29:03] <osmosis> jelly, whats the difference between 465 and 587?
[13:29:11] *** eshlox has left #postfix
[13:29:12] <jelly> 122
[13:29:19] <osmosis> ha ha
[13:29:47] <osmosis> do they both do the same thing? should I only enable one of them?
[13:29:58] <jelly> !smtps
[13:29:58] <knoba> jelly: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.
[13:30:26] <osmosis> thunderbird mail seems to default to 465 still.
[13:31:21] <jelly> osmosis: Thunderbird tries everything it can. It ought to work well if you have just the submission (tcp/587) open with no smtps (tcp/465) at all.
[13:31:50] <buki> thunderbird's "autoconfig" sucks
[13:32:01] *** a_ok has joined #postfix
[13:32:06] <osmosis> what about 'smtp' and 'relay', should I comment those out?
[13:32:12] <jelly> its sucking is in the eye of the beholder
[13:32:27] *** biggi_mat has joined #postfix
[13:33:26] <jelly> osmosis: smtp is for receiving mail from the internet, if you have one or more domains this server is supposed to receive mail for.
[13:33:49] <osmosis> thunderbird wont connect on 587
[13:33:55] <osmosis> works on 465 though
[13:33:57] <osmosis> i have both open
[13:34:35] <lunaphyte> thunderbird will connect on 587 just fine
[13:35:09] *** chadmaynard has quit IRC
[13:35:39] <osmosis> lunaphyte, have any suggestions why its timing out?
[13:36:02] *** MaximusColourum has quit IRC
[13:36:03] <osmosis> netstat shows 587 listeing on my server
[13:36:18] *** m1nish has joined #postfix
[13:37:06] <lunaphyte> i haven't seen any data provided such that we could help.
[13:37:11] <osmosis> it wants STARTTLS and not SSL/TLS
[13:37:37] <lunaphyte> starttls *is* ssl/tls. maybe you mean starttls vs. smtps?
[13:38:12] <osmosis> when I switched my thunderbird config from ssl/tsl to starttls, it started working, no more connection timeout
[13:38:51] <jelly> lunaphyte: Thunderbird calls a direct-to-ssl socket "SSL/TLS", contrasted with STARTTLS and no ssl at all.
[13:38:51] <lunaphyte> i suppose ssl/tls is meant to mean smtps.
[13:38:56] <jelly> yes
[13:39:02] <lunaphyte> that is RETARDED nomenclature.
[13:39:55] <jelly> it's quite clear when you see all the three options next to each other
[13:40:35] <lunaphyte> it should be clear empirically, not relatively.
[13:41:30] <jelly> and I should have a pony
[13:42:07] <cpm_> no pony
[13:43:30] <osmosis> any suggestions on how to fix a Relay access denied error? using mysql maps
[13:44:17] *** cpm_ has quit IRC
[13:44:40] <osmosis> postfix/smtpd[11084]: NOQUEUE: reject: RCPT from
[13:45:18] <Zerberus> !welcome
[13:45:18] <knoba> Zerberus: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[13:46:05] <osmosis> Relay access denied; http://www.postfix.org/VIRTUAL_README.html says to look at virtual_alias_domains , but thats blank for me because I am using virtual_alias_maps
[13:47:00] <osmosis> virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf seems all good
[13:47:33] <osmosis> table = alias; select_field = goto; where_field = address;
[13:47:40] <Zerberus> osmosis: the target domain must be defined either as local or virtual
[13:48:19] <osmosis> virtual_transport = virtual ?
[13:48:30] <osmosis> is that what you are referring to?
[13:50:13] <osmosis> yes, i see in the DB, each domain is 'virtual' for transport
[13:51:39] <osmosis> maybe its my smtpd_recipient_restrictions
[13:55:36] <osmosis> ah, i think the relaying was just being denied because i wasnt sending encrypted
[13:57:21] <osmosis> yes that was it. sending via 587 is working now
[13:58:12] <osmosis> server to server delivery still happens on 25 though?
[14:00:06] *** mcrilly has joined #postfix
[14:00:14] <pj> [01:33] <osmosis> thunderbird wont connect on 587 ... osmosis check your firewall.
[14:01:06] <pj> heh. nm
[14:01:13] <pj> as for your other questions ...
[14:01:26] <pj> !tell osmosis congrats
[14:01:27] <knoba> osmosis: "congrats" : Congratulations! You have a postfix problem. There are lots of people in this channel who would love to help you but in order to provide you anything better than a guess please take the output of postconf -n and some !relevant_logs and !paste them into a pastebin. Once you have done this then someone will be available to help you shortly.
[14:02:10] <mcrilly> You forgot to include the 'PayPal' aspect and the per-hour charges in that FAQ output :P
[14:02:23] <pj> lol
[14:02:28] * jelly loves the paypal aspect
[14:02:36] <osmosis> anyone take bitcoins?
[14:02:51] <folivora> :p
[14:03:00] <jelly> no monopoly money kthx, plz convert them yourself, first
[14:03:15] <mcrilly> Bitcoins. Are they still going?
[14:03:24] <pj> yeah, apparently
[14:03:28] <jelly> amazingly (amusingly?) yes
[14:03:44] <pj> or at least I haven't heard anything about it stopping.
[14:06:11] <osmosis> everything seems to be working now, here is the output of postconf -n if you want to see if I have anything strange in it, http://dpaste.com/698341/
[14:06:11] <jelly> apparently the exchange rate to USD recovered a bit http://bitcoincharts.com/charts/mtgoxUSD#rg360ztgSzm1g10zm2g25zv
[14:06:36] <jelly> (not implying that USD isn't monopoly money)
[14:06:59] <osmosis> !relevant_logs
[14:07:00] <knoba> osmosis: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.
[14:07:10] <pj> osmosis: you appear to have duplicates
[14:07:10] <mcrilly> I'll stick to good old GBP - it's survived a few hundred years :P
[14:07:16] <pj> !tell osmosis duplicates
[14:07:16] <knoba> osmosis: "duplicates" : the following can be used to list redundant settings defined in main.cf: (postconf -d; postconf -n) | sort | uniq -d
[14:09:30] <osmosis> pj, im not finding the dups in main.cf though
[14:09:39] <osmosis> the sort did have output
[14:10:00] <pj> they will be in main.cf
[14:10:22] *** jkfod has joined #postfix
[14:10:55] <osmosis> (postconf -d; postconf -n) | sort | uniq -d
[14:10:58] <osmosis> i just put that right into bash?
[14:11:06] <pj> yes
[14:11:22] <pj> that will tell you which settings are duplicates of the default settings.
[14:11:56] <osmosis> ah, so its not duplicate lines...just redundant from the defaults and can be commented out?
[14:12:05] <pj> yes
[14:13:42] *** haidz has joined #postfix
[14:15:21] <osmosis> got them all, not finding config_directory = /etc/postfix though
[14:15:43] <pj> don't worry about that one.
[14:15:52] <osmosis> cool
[14:16:14] <osmosis> about port 25... when communicating to another mail server, does it encrypt traffic?
[14:16:42] <pj> that depends on your settings and the capabilities of the other server.
[14:17:06] <osmosis> is there a setting I can check to make sure my side is taken care of?
[14:17:29] <osmosis> only thing left for postfix I can think of right now
[14:17:58] <osmosis> cant believe everything is working actually. it only took me 3 days
[14:18:31] *** lorimar has joined #postfix
[14:18:52] <osmosis> to get postfix /dovecot / postfixadmin/ squirrelmail /mysql / maildir vhosts working.
[14:18:53] <pj> osmosis: smtpd_use_tls = yes ... this is an obsolete setting
[14:19:04] <lorimar> Hi all. I'm a bit new to postfix administration and could use some help understanding how/why a previous admin set things up the way they did and what I'm doing wrong.
[14:19:48] <sysmonk> he probably ruined the config just after he got his redundancy letter
[14:19:48] <pj> !smtpd_use_tls
[14:19:48] <sysmonk> hehe
[14:19:48] <knoba> pj: "smtpd_use_tls" : Obsolete main.cf setting to enable STARTTLS in smtpd(8). For Postfix 2.3 and later, see http://www.postfix.org/postconf.5.html#smtpd_tls_security_level instead.
[14:20:08] <pj> osmosis: ^^^^^^^^^
[14:20:39] <pj> !tell lorimar welcome
[14:20:39] <knoba> lorimar: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[14:20:52] <sysmonk> hello factoid guru pj
[14:21:01] <pj> lol
[14:21:31] <pj> osmosis: also I think you may not understand what the smtp_* settings are for
[14:21:48] <pj> !tell osmosis smtp!=smtpd
[14:21:48] <knoba> osmosis: "smtp!=smtpd" : Postfix smtp_* and smtpd_* configuration parameters have different meanings. smtp_ = client and smtpd_ = server, the client-side sends mail whilst the server-side receives mail. (smtp = client = sends mail) (smtpd = server = receives mail)
[14:21:59] <sysmonk> pj: tried making /alias /say !$1 ?
[14:21:59] <sysmonk> ;)
[14:22:13] <pj> huh?
[14:22:15] <pj> heh
[14:22:18] <lorimar> basicly, we have two postfix servers. Our actual imap/smtp server, and a second server that filters spam on incoming external email. both of these servers have a relay_recipient_map entry for our ldap server. in addition, our primary mail server has a local /etc/aliases file with some static email addresses.
[14:22:46] <pj> sysmonk: nope, haven't tried an alias for the factoids yet, heh
[14:23:06] <lorimar> Any time this aliases file changes, a postmap hash db is generated and then scp'ed over to our spam server, which then references is in the relay_recipient_maps as "hash:/etc/postfix/example_etc_aliases"
[14:23:06] <osmosis> commented out #smtpd_use_tls = yes , and put in smtpd_tls_security_level = may
[14:23:13] <sysmonk> pj: nah, it would each of your sentences start with !, so each of them would be a factoid :P
[14:23:38] <pj> osmosis: you already had smtpd_tls_security_level = may
[14:23:44] <pj> lol
[14:24:03] <osmosis> ah, good catch
[14:24:29] <lorimar> I've just replaced our primary email server and it is now running a newer version of postfix than the spam server (2.6.6 vs 2.3.3) and it seems that the spam server is unable to read the postmaped hash file from the new email server
[14:24:37] <pj> at any rate, to answer your previous question, that setting means that postfix will use opportunistic encryption.
[14:24:58] <lorimar> is there any way I can force the newer version of postmap to output a copy of the hash db that can be read by the older version of postfix?
[14:24:59] <pj> this is generally what you want for port 25 connections.
[14:25:51] <pj> lorimar: why not just copy the text file over and postmap it?
[14:26:09] <lorimar> pj: run the postmap directly on the spam server?
[14:26:38] <sysmonk> yep
[14:26:42] <pj> yes, just copy the text version over to the older server and postmap it from there.
[14:26:44] <lorimar> I have no idea. this was how it was set up by the previous admin and I had assumed he had a reason for doing it that way
[14:26:55] <lorimar> since i'm pretty new to postfix
[14:27:27] <sysmonk> well, in this case he doesn't need to run any crontab on the spam server, as postfix recognizes the updated db file
[14:27:44] <sysmonk> whereas with copying over and postmapping it on spam server will need a crontab to do i
[14:27:49] <pj> well, if the two servers have different versions of berkley db or possibly even other differences then the binary hash file will not be compatible between the two.
[14:28:13] <sysmonk> although, if you're copying over with scp, then you probably use pub keys, then you probably can postmap it through ssh with your initial script
[14:28:22] <pj> yep
[14:28:59] <lorimar> they do definitely have different versions of berkley db (4.3.29 vs 4.7.25)
[14:29:21] <pj> right, different versions are not known to have compatible db formats.
[14:29:31] <lorimar> yes, we do use pubkeys so i could have the cronjob that is running on the email server already do the postmap on the spam server
[14:29:35] <sysmonk> then again, if you have 2 servers, one them is only antispam, then i don't see a reason to duplicate the alias maps as the spam server should parse it and return to the postfix server/lmtp for delivery
[14:30:33] <pj> sysmonk: backscatter?
[14:30:33] <lorimar> if we didn't duplicate the alias maps, how would the spam server know those addresses existed?
[14:30:56] <sysmonk> pj: _for delivery_, not for bounces :P
[14:31:07] <sysmonk> and imho the first postfix server should to recipient validation
[14:31:21] <pj> usually the first server is the spam server
[14:31:37] <lorimar> pj: for external email, the spam server is the first
[14:31:47] <sysmonk> oh, that changes the situation
[14:31:50] <pj> right, that's what I figured.
[14:32:07] <sysmonk> you've started talking about the email server first, and not antispam, so i realized it was your main server
[14:32:10] <pj> hence the spam server needs a list of valid recipients to avoid backscatter.
[14:32:26] <sysmonk> lorimar: and who does email delivery to outside?
[14:32:36] <sysmonk> i.e. local user send an email, how does it get delivered?
[14:33:00] <lorimar> a local user sends out email via the primary email server, not via the spam filtering server
[14:33:29] <lorimar> outgoing email is not filtered by the spam server
[14:33:34] * patdk-wk sends all email to the outside spam server
[14:33:35] <sysmonk> then it's possible just to have recipient validation on spam server
[14:33:37] <patdk-wk> even internal emails
[14:34:31] <lorimar> the spam server is pretty heavily loaded as it is, i'd rather not tax it even more
[14:34:47] <pj> lorimar: I'm assuming you have the spam server separate to split the load of anti-spam. You may want to look into upgrading postfix to 2.9 which has postscreen, which when properly set up will greatly decrease the load on your spam server, highly possibly even to the point where you don't need a separate spam server.
[14:35:00] * patdk-wk hopes they never tax an email server, I already pay enough taxes
[14:35:17] <pj> at least you should probably look into it to reduce the load on your spam server.
[14:35:29] <lorimar> pj: all antispam is handled by "sophos puremessage" which runs on the spam server
[14:35:35] <sysmonk> eek
[14:35:43] * sysmonk hides from solutions like that
[14:35:59] <lorimar> set up before my time and i have no documentation on how it was configured :(
[14:36:09] <pj> lorimar: postscreen is a pre-queue tool that eliminates the vast majority of spam before it is even queued, hence it greatly reduces the anti-spam load.
[14:37:11] <lorimar> interesting. so i should be able to run postscreen in addition to my sophos instance?
[14:37:17] *** ssureshot has joined #postfix
[14:37:44] <patdk-wk> if your sophos machine has postfix on it, would be simple
[14:37:49] <patdk-wk> if not, still possible, just harder
[14:38:02] <pj> well, you need postfix to run postscreen (I suppose it may be possible to run it without postfix but I'm not about to try it)...
[14:38:16] <lorimar> yes, the sophos machine is already running postfix (and this is the anti-spam server I've been talking about in regards to postmap)
[14:38:41] <pj> with a solution of postscreen configured with one or more dnsbl's, followed by other checks and spamassassin and clamav properly configured you will have a very good anti-spam solution, imo.
[14:39:11] <patdk-wk> I only have on issue with postscreen :(
[14:39:11] <pj> well, just upgrade postfix on the spam server and put postscreen in ahead of sophos, then
[14:39:17] <patdk-wk> with it wasn't so dns heavy
[14:39:30] <lorimar> do you have any good documentation (besides the man page) that you could reccomend?
[14:39:33] <pj> well, it helps if you run your own DNS server.
[14:39:39] <lorimar> we do
[14:39:51] <pj> !postscreen
[14:39:51] <knoba> pj: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html
[14:39:58] <pj> heh, just the man page.
[14:40:25] <pj> but that is very good documentation
[14:41:03] <pj> when I first started running postscreen I would just sit and watch all the spams get zapped in my logs.
[14:41:52] <patdk-wk> pj, that hardly helps
[14:42:04] <patdk-wk> I have always run my own dns servers
[14:42:12] <patdk-wk> and my dns usage has come up 10x since using postscreen
[14:42:28] <lorimar> grrr...rhel's repos only go up to postfix 2.6.6
[14:42:33] <patdk-wk> cause every single connect now, causes dns lookups
[14:42:40] <pj> patdk-wk: how many dnsbl's do you use?
[14:42:56] <patdk-wk> pj, does it matter? 10x more, doens't matter how many where in use
[14:42:59] <pj> and dns lookups are a lot faster than deep scanning.
[14:43:02] *** jarr0dsz has joined #postfix
[14:43:10] <patdk-wk> I'm not doing deep scaning
[14:43:11] <Dominian> patdk-wk: are you using a caching name server for your mail server lookups?
[14:43:22] <patdk-wk> but postscreen can block bad helo, and other things without deepscanning
[14:43:22] <pj> well, sure, each dnsbl is another lookup
[14:43:36] <pj> yes, true
[14:43:45] <patdk-wk> Dominian, no, I'm using devnull
[14:43:59] <Dominian> um ok
[14:45:21] <patdk-wk> just seems postscreen dns is only useful for small email sites
[14:45:32] <patdk-wk> or if you serve your own rbl's to feed it
[14:45:46] <Dominian> Use a caching name server
[14:45:47] * Dominian shrugs
[14:45:56] <patdk-wk> Dominian, what does that have to do with this at all?
[14:46:02] <thumbs> dnsmasq~!
[14:46:07] <patdk-wk> yes, I use caching dns servers, yes tehy don't help
[14:46:10] <Dominian> You're complaining about postscreen doing all these rbl lookups
[14:46:14] <patdk-wk> thumbs, I would so crash dnsmasq
[14:46:27] <patdk-wk> my caching dns server currently has a few million entries in it
[14:46:28] *** MaximusColourum has joined #postfix
[14:46:32] <thumbs> patdk-wk: would you?
[14:46:39] <Dominian> I see.
[14:46:49] <Dominian> How many email accounts do you manage?
[14:46:52] <patdk-wk> chewing up 6gigs of ram
[14:46:57] <thumbs> oh.
[14:47:08] <Dominian> Sounds ot me like the caching needs to be tweaked to clear entries faster
[14:47:16] <Dominian> how long are you holding cached entries for?
[14:47:26] <patdk-wk> Dominian, as long as the ttl says it's allowed
[14:47:27] <Dominian> are you waiting on true TTL or are you clearing them out yourself?
[14:47:28] <lunaphyte_> that's defined by the record owner.
[14:47:36] <patdk-wk> if I cached less, it wouldn't work as good as it does
[14:47:43] <Dominian> I see
[14:47:49] <patdk-wk> and most rbl's are for 5min or 1hour
[14:48:02] <Dominian> lunaphyte_: Yeah I know how TTL works
[14:48:08] <pj> that is the main dilemma of IPv6 dnsrbls
[14:48:19] <Dominian> Just saying, if the caching is killing that much ram.. tweak the name server to clear out entries faster
[14:48:28] <patdk-wk> Dominian, why?
[14:48:32] <Dominian> if that isn't an option, get more ram.
[14:48:36] <patdk-wk> I said lack of caching is the issue
[14:48:40] <patdk-wk> not lack of ram
[14:48:48] <Dominian> Well, pick a point to be upset about
[14:48:53] <Dominian> :)
[14:48:54] <patdk-wk> the amount of dns requests
[14:48:55] <Dominian> You're confusing me.
[14:49:03] <patdk-wk> the cache isn't maxing out the ram I allocated it
[14:49:09] <patdk-wk> cause the TTL's aren't large enough for that to happen
[14:49:10] <Dominian> that's good
[14:49:27] <Dominian> SO you're saying you want postscreen to cache more of the data?
[14:49:34] <patdk-wk> no
[14:49:46] <patdk-wk> I don't want it to fire dns requests for every connection
[14:50:02] <patdk-wk> like, check helo, BEFORE doing dns
[14:50:06] <lorimar> ok, so if I have the spam server itself generate the postmap, is there any cli command I can do to verify that it can be read on that server before I try pushing these changes live?
[14:50:11] <Dominian> patdk-wk: ah
[14:50:29] <pj> ahhh, right, have you requested this on the ml?
[14:50:31] <patdk-wk> so that 20% of bad servers don't get hit up with dns requests
[14:50:48] <rob0> postscreen does not look up client rDNS nor any sender/recipient DNS
[14:50:55] <patdk-wk> pj, na, I need to get on the maillist sometime, once I locate it :)
[14:51:09] <rob0> The only DNS queries postscreen makes are DNSBLs
[14:51:15] <Dominian> patdk-wk: http://www.postfix.org/postconf.5.html#postscreen_greet_action
[14:51:21] <rob0> and actually dnsblog does those
[14:51:22] <Dominian> patdk-wk: maybe that's part of your problem?
[14:51:41] <Dominian> set postscreen_greet_action to drop possibly?
[14:52:00] <pj> Dominian: that won't help if the greet test comes *after* the dnsbl test
[14:52:14] <Dominian> pj: according to that page.. the greet tests are done BEFORE rbl
[14:52:20] <Dominian> unless I"m reading something wrong
[14:52:45] <pj> you must be reading a different page than I am
[14:53:04] <Dominian> http://www.postfix.org/POSTSCREEN_README.html
[14:53:04] <rob0> the dnsblog queries go out as soon as the connection is made
[14:53:10] <Dominian> interesting..
[14:53:22] <Dominian> Wonder if there's a way to change that behavior to be more on target with what patdk-wk is talking about
[14:53:29] <Dominian> would make sense to do greet first then do dnsbl
[14:53:32] <pj> Dominian: I'm reading the man page
[14:53:36] <Dominian> bu tI'm sure Wietse has a reason for it
[14:53:38] * rob0 missed the first part of this :)
[14:53:55] <patdk-wk> rob0, just attempting to limit the amount of dnsblog usage
[14:54:12] <pj> rob0: patdk-wk wants the dnsrbl queries done after the greet tests to reduce the load on his dns server.
[14:54:30] <Dominian> Ok yeah I was reading wrong.
[14:54:37] <patdk-wk> well, to reduce the load on the dnsrbl servers
[14:54:47] <patdk-wk> mainly cause they use low ttl's
[14:55:26] <lunaphyte_> this is a great example of why trying to force low ttls down people's throats is brain dead.
[14:55:30] <pj> well, you're damned either way, low TTL means you hit them more often, high TTL means your DNS cache takes up ore RAM.
[14:55:44] <patdk-wk> not really
[14:56:02] <pj> well, either way I get why you want to run the greet tests first.
[14:56:05] <patdk-wk> it will only use as much ram as you configure it to use
[14:56:18] * patdk-wk wonders about dns ttl rewriting :)
[14:56:41] <patdk-wk> greet, and maybe pipeline
[14:56:45] <patdk-wk> I think that is all that is really possible
[14:56:54] <pj> I think that would require a change to the source code, best thing to do is post to the ml so wietse will read it.
[14:57:37] *** telmich has joined #postfix
[14:57:38] <telmich> good day
[14:58:33] <pj> patdk-wk: alternatively, you can axe the dnsbl lookups from postscreen alltogether and do them from smtpd instead.
[14:58:51] <patdk-wk> pj, yep, that is what I have done
[14:59:02] <patdk-wk> just wished it was smarter like postscreens
[14:59:12] <pj> right, fair enough.
[14:59:52] <pj> postscreen has more flexibility with the dnsbls
[15:00:40] <patdk-wk> yep, switched all my rbl's to all in one, types
[15:00:48] <patdk-wk> and was having postscreen/spamass use them
[15:00:55] <pj> yep
[15:00:57] <patdk-wk> so it wouldn't do multible lookups
[15:01:04] <patdk-wk> can do that with reject_client_rbl
[15:01:47] <pj> well, for my needs I've found that just using zen is enough, but my server isn't all that high traffic.
[15:01:58] <telmich> I'm having trouble to find out why postfix does not accept/use my alias configuration: alias_maps = hash:/etc/postfix/aliases and alias_database = $alias_maps is setup; running newaliases also updates /etc/postfix/aliases.db; but sending mails to root creates an entry in the queue to root at brief dot localdomain (my notebook); there is a root: my at mailbox dot com entry in /etc/postfix/aliases; anyone a hint on what I may be doing wrong?
[15:02:28] <patdk-wk> !tell telmich welcome
[15:02:29] <knoba> telmich: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[15:02:37] <patdk-wk> also, don't use other peoples domains in your examples
[15:02:50] <pj> !example
[15:02:50] <knoba> pj: "example" : Example.TLD has been reserved for examples in generic top-level domains (com,net,org) and many other TLDs. Please do not use real Internet names as examples.
[15:03:54] <telmich> !debug
[15:03:54] <knoba> telmich: "debug" : http://www.postfix.org/DEBUG_README.html : a good starting point for how to deal with problems and to report information to those who might help. Post your information in a pastebin such as http://pastebin.ca/ or http://dpaste.com/
[15:04:36] <rob0> !append_at_myorigin
[15:04:36] <knoba> rob0: "append_at_myorigin" : Append the string"@$myorigin" to mail addresses without domain information. WARNING: do not change this without understanding what it means, see http://www.postfix.org/postconf.5.html#append_at_myorigin
[15:05:09] <rob0> telmich, ^^
[15:06:27] <telmich> thanks, a different config error was the reason [fatal: main.cf configuration error: mailbox_size_limit is smaller than message_size_limit]
[15:07:17] *** BuenGenio has joined #postfix
[15:07:38] *** telmich has left #postfix
[15:08:42] <patdk-wk> hmm, a happy customer? that's different
[15:08:54] <rob0> he'll be back
[15:09:07] <patdk-wk> with a shotgun?
[15:09:45] <rob0> don't know, but I strongly suspect there was more than one problem.
[15:09:57] <pj> hehehe
[15:10:10] <pj> there was something similar on the ml earlier today.
[15:17:53] *** JoKoT3 has joined #postfix
[15:32:03] <osmosis> what is saslauthd for? I dont think I installed it.
[15:32:12] <patdk-wk> cyrus sasl
[15:33:28] <osmosis> is it for the older 465 smtp?
[15:33:40] <pj> no]
[15:33:44] <patdk-wk> !sasl
[15:33:44] <knoba> patdk-wk: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[15:34:31] <pj> what distro osmosis?
[15:34:33] <osmosis> smtpd_sasl_type = dovecot
[15:34:35] <osmosis> ubuntu
[15:34:51] <patdk-wk> then postfix isn't using it
[15:35:16] <pj> hrmmmm, don't know about ubuntu, but some distros (stupidly) install cyrus-sasl as a dependancy for postfix, even though postfix doesn't explicitly need it.
[15:35:39] <patdk-wk> pj, depends on you definition of need :)
[15:35:49] <patdk-wk> postfix needs it for outgoing auth
[15:35:55] <pj> patdk-wk: well, true
[15:35:59] <patdk-wk> doesn't need saslauthd, but just cyrus libs
[15:36:01] <pj> needs it for certain features
[15:36:21] <patdk-wk> but incoming auth, it's optional
[15:36:45] <pj> cyrus libs is different again
[15:37:20] <pj> but anyways, the vast majority of installs don't use sasl at all, I think it's stupid for distros to make it a dependancy of postfix.
[15:37:28] <osmosis> this howto is suggesting i add a line for dovecot to the master.cf , is that necessary? i havent seemed to need it. http://goo.gl/B10hU
[15:37:57] <patdk-wk> yay for random howto's
[15:38:03] <patdk-wk> !tell osmosis goal
[15:38:03] <knoba> osmosis: "goal" : describe your goal, not what you think the solution is
[15:38:36] <pj> osmosis: you only need a dovecot line if you're using dovecot for your delivery agent.
[15:38:36] <osmosis> not trying to do anything right now. just browsing the howto to understand. my setup seems to be working without issue
[15:39:17] <pj> !tell osmosis tutorial
[15:39:17] <knoba> osmosis: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their server w/out reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to find hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.
[15:39:32] <patdk-wk> man, that howto makes things so complex
[15:39:48] <patdk-wk> should delete the whole saslauthd/pam section
[15:40:15] <pj> is it another one that tells you to use dovecot and cyrus-sasl?
[15:40:18] <patdk-wk> he even configures dovecot auth for postfix
[15:40:21] <patdk-wk> but doesn't use it
[15:40:29] <patdk-wk> ya
[15:40:32] <pj> sheesh
[15:40:51] <pj> there are way too many of those out there.
[15:41:27] <pj> it's a linode tutorial? sheesh.
[15:42:14] <patdk-wk> I love the comments :)
[15:42:20] <patdk-wk> I had to edit saslauthd to get imap working :)
[15:42:27] <pj> wow
[15:43:16] <patdk-wk> oh, a good comment
[15:43:27] <patdk-wk> this guide solved my problems: .... (url to dovecot wiki :)
[15:44:20] <pj> lol
[15:44:40] <pj> and yes, they do tell you to add a dovecot transport but then don't appear to use it.
[15:45:04] <patdk-wk> well, that is also I don't think a working dovecot line
[15:45:11] <patdk-wk> looks so minimalistic
[15:45:25] <pj> yeah, good thing it's not used
[15:45:26] <pj> heh
[15:45:57] <pj> dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -a ${recipient} -d ${user}@${domain}
[15:46:05] <pj> that's mine, and is actually used.
[15:46:39] <pj> I need it for sieve
[15:47:21] *** ssureshot has quit IRC
[15:47:33] <patdk-wk> close to mine
[15:47:40] <patdk-wk> but I stopped using it a year or so ago, using lmtp
[15:47:50] <pj> ahhhh, yep
[15:52:29] <pj> ok, I'm off to bed
[15:54:24] <osmosis> dovecot wiki is recommending that line in master.cf as well, http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL
[15:54:43] <osmosis> for 'LDA delivery' , not sure what that is
[15:55:32] <patdk-wk> that would be a normal wiki page
[15:56:44] <patdk-wk> http://wiki.dovecot.org/LDA/Postfix
[15:57:29] <osmosis> why would dovecot go into the postfix master process config? doesnt make sense to me since dovecot is not part of postfix
[15:57:45] <patdk-wk> you don't get what the master.cf file is then
[15:58:09] <patdk-wk> it lists all services
[15:58:22] <patdk-wk> you just created a dovecot-lda service, to deliever mail
[15:58:26] <patdk-wk> therefor it needs to be in there
[15:58:37] <patdk-wk> now iwth lmtp, you don't have to, there is already a lmtp entry in there
[15:59:07] <osmosis> everything is working fine without it..why does it need to be in there?
[15:59:16] <patdk-wk> who said it had to be?
[15:59:21] <patdk-wk> only if you want to use it
[15:59:34] <osmosis> "how a client program connects to a service" does that mean the master.cf defines host postfix communicates with other services?
[15:59:54] <patdk-wk> yes
[16:00:24] <patdk-wk> that is why there is a line for everything, smtp, smtpd, relay, virtual, local, probably amavis, ...
[16:00:48] <osmosis> ok, added
[16:00:53] <patdk-wk> configuration of those is normally done in main.cf though
[16:01:06] <patdk-wk> normally only added to master.cf if you need to *override* something
[16:01:15] <patdk-wk> like, creation of a, submission, service
[16:01:40] <patdk-wk> for me, also, I have 3 different cleanup services
[16:01:53] *** abrawass has quit IRC
[16:01:56] <osmosis> cleanup of what
[16:02:04] <patdk-wk> !cleanup
[16:02:05] <knoba> patdk-wk: "cleanup" : The cleanup(8) daemon processes inbound mail, inserts it into the incoming mail queue, and informs the queue manager of its arrival. http://www.postfix.org/cleanup.8.html
[16:03:25] *** Mr_O has joined #postfix
[16:04:09] <Mr_O> hi
[16:20:09] <Mr_O> i need some help. migrating from our postfix to google apps i'd like postfix to distribute aliases to the boxes at google rather than the local ones.
[16:21:35] <Mr_O> i have our postfix receiving emails from google but i still need it to handle aliases and send back mails to google boxes.
[16:22:57] *** jarr0dsz has quit IRC
[16:23:11] *** jarr0dsz has joined #postfix
[16:26:10] *** jarr0dsz has quit IRC
[16:27:52] *** xpeed has joined #postfix
[16:31:37] *** xabbuh has quit IRC
[16:42:32] *** jkfod has quit IRC
[16:43:17] *** wdp_ has quit IRC
[16:49:59] *** jkfod has joined #postfix
[16:55:36] *** [diablo] has quit IRC
[16:57:52] *** wdp_ has joined #postfix
[17:08:57] *** Toerkeium has joined #postfix
[17:12:09] <toxboi> Is there a way to save bounced email messages in mailq ?
[17:12:33] <toxboi> so that it can later retry to send the message?
[17:17:38] <Mr_O> hi
[17:17:46] <wdp_> hi
[17:18:49] <Mr_O> how to prevent local distribution of aliases to mailbox and have email sent outside ?
[17:27:19] *** breaker313 has quit IRC
[17:27:29] *** snearch has quit IRC
[17:29:00] *** hjbehling has quit IRC
[17:29:09] *** hjbehling has joined #postfix
[17:30:24] *** Steve_The_Pirate has quit IRC
[17:30:33] *** googlah has quit IRC
[17:30:44] *** tightwork has quit IRC
[17:30:49] *** BlackMagik1 has quit IRC
[17:30:57] *** googlah has joined #postfix
[17:31:05] *** BlackMagik1 has joined #postfix
[17:31:21] *** havoc has quit IRC
[17:31:28] *** havoc has joined #postfix
[17:31:53] *** Steve_The_Pirate has joined #postfix
[17:32:41] *** BlackMagik1 has left #postfix
[17:33:25] *** Natureshadow has joined #postfix
[17:36:34] *** bezourox has quit IRC
[17:38:08] *** osmosis has quit IRC
[17:43:31] *** tjikkun_work has quit IRC
[17:47:45] *** TehRabbitt-Work has joined #postfix
[17:48:15] <TehRabbitt-Work> is it possible to receive mail on a port other than 25? in other words, if my ISP is blocking port 25, is there a way to still receive mail or do I need to get them to open 25
[17:48:50] <jelly> Mr_O: don't make postfix think the domain is local?
[17:49:51] <rob0> For a domain to receive Internet mail from the world, some host somewhere has to be accepting mail for it on port 25.
[17:50:31] <rob0> That host might relay it on elsewhere ... using whatever port you want.
[17:56:14] *** Steve_The_Pirate has quit IRC
[17:56:14] *** FainaUkraina has joined #postfix
[17:57:03] *** ced117 has joined #postfix
[17:59:51] *** BuenGenio has quit IRC
[18:00:46] *** kevincampion has joined #postfix
[18:00:50] *** TehRabbitt-Work has left #postfix
[18:00:53] <kevincampion> hello
[18:03:04] <kevincampion> What's the term of a Postfix configuration who not send directly attchments into email but into a file server ? and add a link into email to download attchments
[18:03:59] <rob0> that is not a feature of Postfix. You would need to find some kind of content filtering software (maybe a milter) that does that.
[18:04:48] *** a_ok has quit IRC
[18:05:01] <kevincampion> ok
[18:05:34] <patdk-wk> hmm, I have no idea what software does that, in the unix world, besides dovecot
[18:05:44] <patdk-wk> but dovecot doesn't do it exactly that way
[18:10:31] *** hjbehling has quit IRC
[18:11:21] <kevincampion> I say "Postfix" because it's for sending to external : people will download attchments by file server
[18:15:50] <twobithacker> shouldn't be difficult to do with a content filter, but I don't know of anything out of the box to do that
[18:16:32] <twobithacker> of course, you'd have to try and figure out if image/* attachements are for inline display with text/html, or if they're just attached images
[18:16:57] <rob0> yes, could get ugly
[18:22:38] <patdk-wk> kevincampion, in that case, make life easy, use horde webmail, it supports that natively
[18:23:43] *** Mr_O has quit IRC
[18:23:45] <patdk-wk> what is always fun, is to see how many hits, a file gets that is linked that way
[18:23:54] <patdk-wk> due to all the virus/spam/url/... scanning on the email
[18:24:52] <kevincampion> member:patdk-wk, employees use Outlook or Thunderbird
[18:25:06] *** pdtpatrick has quit IRC
[18:25:40] <kevincampion> and we have "message size 11341293 exceeds size limit 10240000" in log when they send email with "big" attchments
[18:27:01] *** vpopov has joined #postfix
[18:27:38] <patdk-wk> edit the postfix error message to respond with:
[18:27:38] <patdk-wk> http://office.microsoft.com/en-us/outlook-help/send-large-files-to-other-people-HA101961699.aspx
[18:27:51] *** pdtpatrick has joined #postfix
[18:29:30] *** mcrilly has quit IRC
[18:29:40] <kevincampion> we doesn't have microsoft servers
[18:29:40] <patdk-wk> nice, outlook supports it, if you setup sharepoint
[18:29:51] <patdk-wk> who said anything about microsoft servers?
[18:30:13] <patdk-wk> you have outlook, and outlook == microsoft client
[18:40:35] *** inf_l00p has quit IRC
[18:42:10] <kevincampion> thx, I will search it tomorrow
[18:42:14] *** kevincampion has quit IRC
[18:43:23] *** ciklid has joined #postfix
[18:43:49] *** Motoko has joined #postfix
[18:51:13] *** jjamfd has joined #postfix
[18:54:36] *** l1nuxman has joined #postfix
[18:55:55] *** tjikkun has joined #postfix
[18:55:55] *** tjikkun has joined #postfix
[18:56:18] *** ninjai has joined #postfix
[18:57:40] <ninjai> hey guys, my old mail server didn't get denied entry for some mail servers when I'd send email with it. I noticed in the metadata or whatever it is, it says Received: by atari (Postfix, from userid 1005). But my new server says: "Received: from atari.mywindowsdomain.com (atari [127.0.0.1])". How do I fix this?
[18:59:34] <patdk-wk> that doesnt make any difference
[18:59:38] <patdk-wk> but sounds like your issue is
[18:59:51] <patdk-wk> !fcrdns
[18:59:51] <knoba> patdk-wk: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost
[19:04:38] *** folivora has quit IRC
[19:08:49] *** Steve_The_Pirate has joined #postfix
[19:10:03] *** clustermagnet has joined #postfix
[19:10:43] *** folivora has joined #postfix
[19:10:52] *** clustermagnet has left #postfix
[19:12:35] *** seekwill has joined #postfix
[19:12:38] *** seekwill has joined #postfix
[19:15:02] *** jkfod has quit IRC
[19:18:48] *** m1nish has quit IRC
[19:30:41] *** jarr0dsz has joined #postfix
[19:36:33] *** Onepamopa has joined #postfix
[19:36:36] *** Onepamopa has left #postfix
[19:42:49] <ninjai> patdk-wk, thanks for the link... so it sounds like I have to somehow change the way FCrDNS stuff is on my server?
[19:43:55] <patdk-wk> I dunno
[19:44:05] <ninjai> ok :(
[19:44:06] <patdk-wk> but based on the very very very little amount of info supplied
[19:45:07] *** gpkfr has joined #postfix
[19:45:47] *** hobodave has quit IRC
[19:45:50] <rob0> It's true: people who give a complete description of the problem are more likely to get useful answers.
[19:47:36] *** snearch has joined #postfix
[19:48:38] *** voldial has quit IRC
[19:53:37] *** gpkfr has left #postfix
[19:54:16] *** Section1 has quit IRC
[20:02:01] *** pj has quit IRC
[20:02:01] *** higuita has quit IRC
[20:02:02] *** patdk-wk has quit IRC
[20:02:02] *** megaTherion has quit IRC
[20:02:02] *** felipe` has quit IRC
[20:02:02] *** RadoQ has quit IRC
[20:02:02] *** hparker has quit IRC
[20:02:02] *** gencha has quit IRC
[20:02:02] *** tomocha66 has quit IRC
[20:02:03] *** hydh has quit IRC
[20:02:03] *** adaptr has quit IRC
[20:02:03] *** Tormin has quit IRC
[20:02:03] *** nido has quit IRC
[20:02:03] *** fahadsadah has quit IRC
[20:02:03] *** Timzzzz has quit IRC
[20:02:04] *** Zborg has quit IRC
[20:02:04] *** viezerd has quit IRC
[20:02:04] *** waldvogel has quit IRC
[20:02:04] *** RecQuery has quit IRC
[20:02:04] *** madduck has quit IRC
[20:02:08] *** viezerd has joined #postfix
[20:02:16] *** Zborg has joined #postfix
[20:02:16] *** nido has joined #postfix
[20:02:16] *** Zborg has quit IRC
[20:02:16] *** Zborg has joined #postfix
[20:02:19] *** adaptr has joined #postfix
[20:02:19] *** adaptr has joined #postfix
[20:02:19] *** patdk-wk has joined #postfix
[20:02:21] *** pj has joined #postfix
[20:02:23] *** RadoQ has joined #postfix
[20:02:28] *** hparker has joined #postfix
[20:02:29] *** gencha has joined #postfix
[20:02:34] *** Tormin has joined #postfix
[20:02:46] *** hydh has joined #postfix
[20:03:26] *** ssureshot has joined #postfix
[20:03:29] *** madduck has joined #postfix
[20:04:17] *** higuita has joined #postfix
[20:05:35] *** megaTherion has joined #postfix
[20:07:07] *** fahadsadah has joined #postfix
[20:07:18] *** Timmooo has joined #postfix
[20:10:00] *** felipe` has joined #postfix
[20:12:08] *** RecQuery has joined #postfix
[20:12:08] *** RecQuery has joined #postfix
[20:14:50] *** tomocha66 has joined #postfix
[20:16:05] *** breaker313 has joined #postfix
[20:20:57] *** wsmsg has joined #postfix
[20:22:30] *** ciklid has quit IRC
[20:24:39] *** cilly has joined #postfix
[20:26:46] *** ciklid has joined #postfix
[20:29:24] <higuita> anyone knows if i can setup a postfix, that if a certain domains is getting 450 errors, my servers should forward/relay the email to another remote server?
[20:30:09] <higuita> smtp_fallback_relay seens to be to ALL domains, and i just want one (and it doesnt seens to accept maps)
[20:37:55] <seekwill> You generally want to keep those messages on that IP so you can build your reputation
[20:38:23] <seekwill> Or, if you're hitting throttles, just balance the traffic better
[20:40:07] <higuita> not, is not that... a certain domain is full of bad emails and this makes the mailq the postfix slow... i want to trow those to other secondary servers so i dont have to see that trash
[20:40:37] <higuita> maybe one day they will clean those accounts, but just now, i want to keep my system cleaner
[20:40:51] <higuita> but i found a way... i was already close enough :)
[20:41:00] *** ced117 has quit IRC
[20:41:00] *** _marix has quit IRC
[20:41:00] *** beerbro has quit IRC
[20:41:01] *** fbh has quit IRC
[20:41:17] *** xabbuh has joined #postfix
[20:41:40] <higuita> its just create a transport for that domain (ex: trash: ) and define the trash as a smtp -o smtp_fallback_relay=[ip] in master.cf
[20:41:45] *** ced117 has joined #postfix
[20:42:26] <higuita> so this way, valid email is keep in the main server, trash is sent to a old one until they expire or the user clean up the quotas
[20:42:57] <higuita> thanks anyway seekwill :)
[20:43:06] <seekwill> umm ok :)
[20:44:17] *** _marix has joined #postfix
[20:44:58] *** abbe has quit IRC
[20:50:07] <pj> higuita: be careful when you do that if you hit a greylist and then resend from a different IP address you will very likely get another 450 back.
[20:50:13] *** fbh has joined #postfix
[20:54:25] *** blomqvist has joined #postfix
[21:03:29] *** vpopov has quit IRC
[21:06:11] *** zgr has joined #postfix
[21:06:50] *** zgr has left #postfix
[21:11:01] *** amir has quit IRC
[21:16:08] *** hjbehling has joined #postfix
[21:16:48] *** __Christian__ has joined #postfix
[21:17:03] *** xabbuh has quit IRC
[21:17:42] *** hjbehling has quit IRC
[21:18:11] *** hjbehling has joined #postfix
[21:24:02] *** amir has joined #postfix
[21:28:08] *** breaker313 has quit IRC
[21:34:37] *** gustav has joined #postfix
[21:45:45] *** Mr_O has joined #postfix
[22:05:23] *** ced117 has quit IRC
[22:06:12] *** __Christian__ has quit IRC
[22:06:14] *** xabbuh has joined #postfix
[22:20:48] *** pigdude has joined #postfix
[22:21:09] <pigdude> i notice postfix is listening on 25, 465, and 587. do i need all of those?
[22:21:37] *** hjbehling has quit IRC
[22:22:25] *** k1ckn1ck has quit IRC
[22:22:31] *** danblack has joined #postfix
[22:22:39] *** danblack has joined #postfix
[22:23:04] <lunaphyte_> you certainly don't want 465. that's not used any longer, and shouldn't have ever been turned on.
[22:23:23] <lunaphyte_> wether or not you want 25 and 587 depend on what the role of the mail server is.
[22:23:26] <lunaphyte_> *whether
[22:25:52] <pigdude> lunaphyte_, right now i only use it for aliases, but in the future i will use it as a full mail server. how do i disable 465?
[22:27:01] <lunaphyte_> i don't know what "use it for aliases" means.
[22:27:25] <rob0> "aliases" is not what I would call a "role"
[22:27:32] <lunaphyte_> you disable smtps [465] by commenting out the respective line in master.cf
[22:27:34] <pigdude> rob0, virtual aliases
[22:27:43] <pigdude> forwarding mail
[22:27:57] <pigdude> in any case ... let me paste my master.cf
[22:28:01] <lunaphyte_> so it is an mx?
[22:28:14] <lunaphyte_> it is referenced in dns by way of an mx record?
[22:29:59] *** todd_dsm has joined #postfix
[22:30:28] <pigdude> lunaphyte_, yes
[22:30:41] <lunaphyte_> then you need smtp [port 25]
[22:31:05] <lunaphyte_> we would typically call that the roll of an mta
[22:31:08] <lunaphyte_> *role
[22:31:13] <pigdude> yes, that sounds right
[22:31:20] <pigdude> sorry, having a hard time getting master.cf to a paste
[22:31:25] <rob0> roll tide?
[22:31:34] <rob0> why do you need to paste?
[22:31:39] <Dominian> If you have perl.. pastebin.slackadelic.com has a pastebin script you can use
[22:31:57] <rob0> the question was answered ... comment out the smtps line[s]
[22:32:57] <pigdude> rob0, oh, ok, i saw that online in one place, but i was concerned it might kill 587
[22:33:02] <pigdude> rob0, is 587 also `smtp`?
[22:33:08] <lunaphyte_> 587 is submission
[22:33:17] <pigdude> oh ok
[22:33:18] <pigdude> thanks!
[22:33:28] <lunaphyte_> currently *very* *very* similar to smtp, but technically *not* the same thing
[22:33:32] <pigdude> i'm trying to make my server a bit more secure, closing unnecessary ports, and such
[22:34:23] <lunaphyte_> another good way to improve security is to not offer submission services on smtp. that's often overlooked.
[22:34:54] <pigdude> lunaphyte_, dont' mail clients typically need that port in their configuration?
[22:35:05] <pigdude> lunaphyte_, what happens if i turn off submission?
[22:35:05] <lunaphyte_> mail clients?
[22:35:10] <pigdude> lunaphyte_, thunderbird etc
[22:35:14] <pigdude> lunaphyte_, mutt
[22:35:15] <lunaphyte_> you wouldn't turn off submission.
[22:35:26] <lunaphyte_> mail clients use submission. they don't use smtp.
[22:35:26] <pigdude> oh, i see
[22:35:29] <Dominian> Submission is how you want authenticated clients to send email
[22:35:44] <pigdude> ok, and by default does postfix allow smtp to handle submission?
[22:35:57] <Dominian> that's a whole other port
[22:35:58] <pigdude> i see what you were saying now
[22:36:05] <pigdude> is that 465 that i am closing?
[22:36:08] <Dominian> submission is in master.cf which in turn, when uncommented, opens up port 587 for submission
[22:36:12] <pigdude> right
[22:36:18] <Dominian> 465 is smtps
[22:36:21] <pigdude> lunaphyte_, said "to not offer submission services on smtp"
[22:36:22] *** jkfod has joined #postfix
[22:36:28] <pigdude> maybe i didn't fully understand what he meant
[22:36:33] <Dominian> so yes, if you comment out smtps line in master.cf it will effectively kill 465
[22:36:45] <lunaphyte_> pigdude: yes, by default, when submission is configured, those characteristics will also be seen on port 25 [smtp]
[22:37:55] <pigdude> lunaphyte_, i see. how can i prevent this?
[22:38:29] <lunaphyte_> i like to use restriction classes, and macros[variables]
[22:38:45] <lunaphyte_> but that might be confusing for a beginner
[22:38:45] <pigdude> ah, that must be too advanced for me right now
[22:38:48] <pigdude> yes
[22:38:56] <pigdude> i certainly dont' want to have services open that don't need to be
[22:39:17] <lunaphyte_> the "easy" way is to simply set -o overrides in master.cf for only submission.
[22:40:05] <pigdude> here's what i have now for smtp and submission: http://paste.pocoo.org/show/547006/
[22:40:49] <lunaphyte_> oh, surprising.
[22:40:58] <lunaphyte_> pastebin postconf -n
[22:43:00] <kreign> I don't suppose any of you can offer some general insight on which 'spam filter transports' databases are worth migrating from one host to another when doing an upgrade (eg. spamassassin, dspam, etc.)
[22:44:22] <pigdude> lunaphyte_, http://paste.pocoo.org/show/547010/
[22:44:39] <lunaphyte_> kreign: with spamassassin, usually the bayes db
[22:45:03] <lunaphyte_> pigdude: line 26 shouldn't be there.
[22:45:14] <lunaphyte_> that turns it on for both smtp and submission
[22:45:21] <pigdude> lunaphyte_, ah, i see
[22:45:32] <kreign> lunaphyte, i"m guessing you don't run much of anything else aside from S/A?
[22:45:49] *** gerhard7 has quit IRC
[22:45:52] <lunaphyte_> pigdude: along with permit_sasl_authenticated in line 25
[22:46:10] <lunaphyte_> lien 31 can go away
[22:46:12] <lunaphyte_> *line
[22:46:32] <lunaphyte_> kreign: i guess not. just amavis and friends
[22:46:51] *** ciklid has quit IRC
[22:47:53] <pigdude> lunaphyte_, ok, nmapping again now :^)
[22:48:17] <kreign> lunaphyte, i'm having a difficult time understanding how master.cf works. would you describe it's functionality as a 'chain' or a hierarchy, of service definitions which mail passes through?
[22:50:29] <lunaphyte_> i guess you could say that. it's much more than that though, and serves a much simpler concept.
[22:51:10] <lunaphyte_> it's just a config file which tells the main postfix process how to run all of the other various postfix processes that are needed to perform whatever tasks the server has been configured to perform.
[22:52:00] <pigdude> lunaphyte_, thanks for helping me harden my postfix install, i'm sure i have much more i can do, but this is good for today
[22:52:10] <lunaphyte_> sure, you're welcome
[22:52:17] *** pigdude has left #postfix
[22:53:34] <kreign> lunaphyte, lol you could use the same description for pretty much every 'scheduler' type software.
[22:54:16] <kreign> postfix seems like it'd make a pretty good base for a hostile sentient computer being.
[22:54:55] *** Mr_O has quit IRC
[22:59:44] *** Steve_The_Pirate has quit IRC
[23:06:10] <higuita> pj: (about the fallback_relay and greylist) thanks, but the outgoing IP is the same for both servers, so not a problem (also, its just for one domain, without greylist)
[23:06:29] *** chadmaynard has joined #postfix
[23:06:48] *** Aprogas has quit IRC
[23:07:58] *** twobithacker has quit IRC
[23:08:04] *** twobithacker has joined #postfix
[23:09:44] *** jkfod has quit IRC
[23:13:09] *** Aprogas has joined #postfix
[23:23:41] *** Natureshadow has quit IRC
[23:25:25] *** lampe2 has joined #postfix
[23:28:32] <lampe2> hey i can not revice mail from the internet to my domian and i can not send from the internet throu my server. when i wane recive a mail i get this error: Recipient address rejected: User unknown in local recipient table;
[23:29:16] <Zerberus> !welcome
[23:29:16] <knoba> Zerberus: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[23:30:41] <lampe2> postconf -n http://pastebin.com/fwsawCbf
[23:32:57] <Zerberus> lampe2: remove lazarski.me from $mydestination
[23:34:26] <lampe2> done
[23:34:33] <Zerberus> lampe2: and what's your SASL type?
[23:36:07] *** e-anima has quit IRC
[23:36:27] <Zerberus> lampe2: having 46.38.0.0/16 in $mynetworks is not recommended as that's public routable address space, though TCP/IP is not that easy to fake
[23:37:06] <lampe2> so i can remove it ?
[23:38:23] <lunaphyte> imo mynetworks should be empty entirely.
[23:38:27] <waldi> Zerberus: routable or not is irrelevant. relevant is: does he control all the space
[23:38:57] <rob0> and if so ... yikes, hire someone to sort it out.
[23:39:02] <lunaphyte> and i *highly* doubt you should have an entire /16 in there.
[23:39:24] <waldi> someone how asks here is unlikely to manage a /16
[23:40:04] <waldi> lunaphyte: not at all. my university have that complete /16 there
[23:40:26] <Corey> waldi: A public /16?
[23:40:37] <Corey> waldi: Congratulations, your university is "part of the problem."
[23:40:50] <waldi> Corey: no problem at all
[23:40:51] <Zerberus> that's not atypical for a university here in Germany
[23:41:04] <twobithacker> at any rate, that /16 isn't assigned to just one person
[23:41:09] <waldi> Corey: it is used over 70%
[23:42:18] <lampe2> my update postconf -n http://pastebin.com/QAS68NTr
[23:42:25] <waldi> (and yes, it is early registration space)
[23:43:37] <Zerberus> lampe2: congratulations, now you are no longer able to send mail through webaccess
[23:44:34] <lampe2> Zerberus, okay and why?
[23:44:39] <Zerberus> lampe2: why did you remove lazarski.me from both local(8) and virtual(8)?
[23:45:10] <Zerberus> lampe2: set "mynetworks = 127.0.0.0/8"
[23:45:20] <waldi> Zerberus: mydestination includes it
[23:45:46] <lampe2> and lazarski.me is in mydestination
[23:46:30] <waldi> lampe2: don't change maximal_backoff_time and minimal_backoff_time
[23:46:50] <waldi> move all restrictions to smtpd_recipient_restrictions
[23:47:12] *** pdtpatrick has quit IRC
[23:47:18] *** pdtpatrick has joined #postfix
[23:47:20] <waldi> remove smtpd_sasl_auth_enable from main.cf and enable the pre-defined submission service in master.cf
[23:47:23] <Zerberus> lampe2: is lazarski.me a Zarafa domain or just internetinnovations.de?
[23:47:39] <lampe2> lazarski.me is the zarafa domian
[23:47:50] <Zerberus> lampe2: then you failed
[23:48:28] <lampe2> iam failing all the time today....
[23:48:56] *** pdtpatrick has quit IRC
[23:49:08] <waldi> go, get some sleep
[23:49:12] *** chadmaynard has quit IRC
[23:49:14] *** pdtpatrick has joined #postfix
[23:50:58] <lampe2> now i cant send revice from webaccess or MUA :(
[23:55:07] <lampe2> postconf -n nr3... http://pastebin.com/i5xqbi1t
[23:55:26] *** wdp has quit IRC
[23:56:40] <Zerberus> lampe2: if lazarski.me shall be your Zarafa domain, then change your $myhostname and add lazarski.me to $virtual_mailbox_domains
[23:57:44] <lampe2> okay but this i dont get. this is the global domian so why to virtual ?
[23:58:44] <Zerberus> lampe2: because your transport to Zarafa's dagent lmtp is setup through virtual(8)
[23:58:45] <rob0> changing myhostname might not be a good idea
[23:59:01] <rob0> change mydestination if that is the problem
[23:59:34] *** Tykling has quit IRC
[23:59:51] <Zerberus> I do not like a hostname be a domain
[23:59:56] <Zerberus> but personal preference
top

   February 6, 2012  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | >