Switch to DuckDuckGo Search
   February 12, 2012  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | >

Toggle Join/Part | bottom
[00:00:28] *** penrod has joined #postfix
[00:00:55] *** davlefou_ has joined #postfix
[00:03:41] *** snearch has quit IRC
[00:04:25] *** davlefou has quit IRC
[00:11:19] *** Steve_The_Pirate has joined #postfix
[00:12:34] *** e-anima has quit IRC
[00:19:56] *** uqlev has quit IRC
[00:24:17] *** localhost has joined #postfix
[00:31:40] *** cps0 has quit IRC
[00:46:56] *** MAAAAAD has quit IRC
[00:47:35] *** MAAAAAD has joined #postfix
[00:49:54] *** raltonen has quit IRC
[00:51:40] *** rcsu has quit IRC
[00:58:05] *** danblack has joined #postfix
[01:06:43] *** m1chael has quit IRC
[01:09:37] *** beerbro has quit IRC
[01:12:29] *** gustav has joined #postfix
[01:12:33] *** m1chael has joined #postfix
[01:20:59] *** nutron has quit IRC
[01:22:33] *** master_o1_master has quit IRC
[01:24:06] *** master_of_master has joined #postfix
[01:29:25] *** sphenxes has quit IRC
[01:35:09] *** wdp has quit IRC
[01:43:10] *** hparker has joined #postfix
[01:43:10] *** hparker has joined #postfix
[01:45:59] *** m1chael has quit IRC
[01:47:34] *** freaky[t]_ has quit IRC
[01:47:44] *** freaky[t]_ has joined #postfix
[01:48:10] *** m1chael has joined #postfix
[01:48:14] *** arnoldB has quit IRC
[01:48:14] *** Krooks has quit IRC
[01:48:34] *** Linex has joined #postfix
[01:50:45] *** arnoldB has joined #postfix
[01:51:10] *** gratnam11 has joined #postfix
[01:54:42] *** arnoldB has quit IRC
[01:54:48] *** arnoldB has joined #postfix
[02:05:17] *** hparker has quit IRC
[02:06:12] *** cilly has quit IRC
[02:07:28] *** krzee has quit IRC
[02:08:56] *** m1chael has quit IRC
[02:15:22] <jimpop> cite: wiki.d.o/alien
[02:24:51] *** chalced is now known as chalcedony
[02:32:06] *** Steve_The_Pirate has quit IRC
[02:38:14] *** m1chael has joined #postfix
[02:38:25] *** cilly has joined #postfix
[03:02:37] *** m1chael has quit IRC
[03:09:42] <jimpop> alien --to-rpm <debian_package>
[03:10:26] <jimpop> alien --to-deb <rpm_package>
[03:10:31] <jimpop> http://wiki.debian.org/Alien
[03:16:55] *** gratnam11 has quit IRC
[03:28:14] *** penrod has quit IRC
[03:28:26] *** danblack has quit IRC
[03:28:40] *** penrod has joined #postfix
[03:30:29] *** gratnam11 has joined #postfix
[03:31:22] *** gratnam11 has left #postfix
[03:31:50] *** danblack has joined #postfix
[03:35:37] *** m1chael has joined #postfix
[03:43:58] *** gratnam11 has joined #postfix
[03:48:14] *** m1chael has quit IRC
[03:53:07] *** penrod has quit IRC
[03:53:40] *** penrod has joined #postfix
[04:07:30] *** gratnam11 has quit IRC
[04:12:50] *** penrod has quit IRC
[04:13:41] *** penrod has joined #postfix
[04:14:37] *** m1chael has joined #postfix
[04:22:23] *** chadmaynard has joined #postfix
[04:22:27] *** chadmaynard has joined #postfix
[04:26:38] *** m1chael has quit IRC
[04:33:07] *** elektriks has joined #postfix
[04:33:44] <elektriks> is there any way to configure mail storage with Maildir so that it behaves like gmail? Meaning, all mail in folders are also found in an All Mail folder..
[04:34:59] *** xxzz has joined #postfix
[04:37:22] <danblack> elektriks: probably something you could do in the imap settings. I can't think of anythign on the postfix side
[04:38:01] <elektriks> ok, thx
[04:51:28] *** Tabstar is now known as Tabmow
[04:58:25] *** mambaw has joined #postfix
[05:05:14] *** newbie has joined #postfix
[05:05:16] *** xxzz has quit IRC
[05:05:40] *** newbie is now known as Guest90998
[05:11:08] *** elektriks has quit IRC
[05:11:24] *** newbie|3 has quit IRC
[05:11:24] *** davlefou__ has joined #postfix
[05:16:56] *** davlefou_ has quit IRC
[05:18:27] *** m1chael has joined #postfix
[05:19:06] *** MAAAAD has joined #postfix
[05:19:28] *** elektriks has joined #postfix
[05:22:10] *** MAAAAAD has quit IRC
[05:23:14] *** failure has quit IRC
[05:25:22] *** master_of_master has quit IRC
[05:25:32] *** master_of_master has joined #postfix
[05:28:49] *** failure has joined #postfix
[05:32:47] *** m1nish has joined #postfix
[05:34:45] *** internat has quit IRC
[05:34:45] *** Zethrok_ has quit IRC
[05:34:45] *** Emotelecom has quit IRC
[05:35:14] *** m1chael has quit IRC
[05:37:07] *** haidz has quit IRC
[05:37:36] *** tmberg_ has joined #postfix
[05:37:52] *** adayleryan has quit IRC
[05:37:52] *** tmberg has quit IRC
[05:37:58] *** Praise has quit IRC
[05:38:13] *** haidz has joined #postfix
[05:38:47] *** adayleryan_ has joined #postfix
[05:38:50] *** Zethrok has joined #postfix
[05:39:16] *** Praise has joined #postfix
[05:40:06] *** internat has joined #postfix
[05:40:06] *** Emotelecom has joined #postfix
[06:00:45] *** sahil has quit IRC
[06:00:45] *** sahil has joined #postfix
[06:05:16] *** l1nuxman_ has quit IRC
[06:06:24] *** l1nuxman_ has joined #postfix
[06:07:17] *** elektriks has quit IRC
[06:10:40] *** n0sq has quit IRC
[06:12:11] *** cilly has quit IRC
[06:13:39] *** cilly has joined #postfix
[06:41:21] *** kmmndr has quit IRC
[06:55:07] *** DogWater has quit IRC
[06:59:04] *** penrod has quit IRC
[06:59:04] *** DogWater has joined #postfix
[06:59:04] *** penrod has joined #postfix
[07:00:36] *** Guest63897 is now known as roe
[07:00:43] *** roe has joined #postfix
[07:14:19] *** gerhard7 has joined #postfix
[07:19:10] *** tmberg_ has quit IRC
[07:19:11] *** tmberg_ has joined #postfix
[07:19:16] *** tmberg_ is now known as tmberg
[07:26:46] *** gerhard7 has quit IRC
[07:29:06] *** nowthatsamatt has joined #postfix
[07:33:20] *** nowthatsamatt has left #postfix
[07:52:09] *** gerhard7 has joined #postfix
[08:00:12] *** Motoko has joined #postfix
[08:38:35] *** danblack has quit IRC
[08:47:34] *** m1nish has quit IRC
[08:47:50] *** l1nuxman_ has quit IRC
[08:50:38] *** snearch has joined #postfix
[08:59:41] *** penrod has quit IRC
[09:04:04] *** penrod has joined #postfix
[09:05:17] *** nokia3510 has joined #postfix
[09:26:40] *** xxzz has joined #postfix
[09:28:14] *** nutron has joined #postfix
[09:29:42] *** Motoko has quit IRC
[09:32:05] *** snearch has quit IRC
[09:41:46] *** krzee has joined #postfix
[09:47:17] *** biggi_mat has joined #postfix
[09:51:10] *** penrod has quit IRC
[09:51:57] *** npmapn has joined #postfix
[10:01:54] *** rGeoffrey has quit IRC
[10:01:59] *** rGeoffrey has joined #postfix
[10:05:00] *** sphenxes has joined #postfix
[10:22:57] *** matt1982 has joined #postfix
[10:46:04] *** gratnam11 has joined #postfix
[10:46:23] *** superkuh has joined #postfix
[10:55:56] <superkuh> First, thanks for the recommendation to abandon courier and cyrus ssl and all that jazz a couple weeks back. Dovecot's auth smtp is so much easier to get working.
[10:58:09] <superkuh> I've been following the workaround.org squeeze guide and have everything working fine now, but I'm a bit confused about the SQL 'PRIMARY KEY (`id`)' when adding a catchall address. I get an error when I leave it as '1' like I did for everything else. Is there a system to chosing the id? Or should I just use '2'? http://superkuh.com/postfix-mysql-catchall.txt - has my relevant config details and examples of error output.
[10:58:46] *** Blaster has left #postfix
[11:00:34] *** penrod has joined #postfix
[11:12:30] *** penrod has quit IRC
[11:19:26] *** gerhard7 has quit IRC
[11:27:51] <superkuh> Ah, right. Any number will work then.
[11:32:09] *** ced117 has joined #postfix
[11:33:24] *** m1chael has joined #postfix
[11:37:58] *** m1chael has quit IRC
[11:39:15] *** snearch has joined #postfix
[11:46:33] *** gerhard7 has joined #postfix
[11:46:36] *** davlefou__ is now known as davlefou
[11:46:40] *** davlefou has joined #postfix
[11:47:58] *** xxzz has quit IRC
[12:05:01] *** jkfod has joined #postfix
[12:09:46] *** Natureshadow has joined #postfix
[12:14:45] *** gustav is now known as beerbro
[12:16:43] *** cilly has left #postfix
[12:21:34] *** penrod has joined #postfix
[12:26:56] *** e-anima has joined #postfix
[12:30:41] *** krzee has quit IRC
[12:35:30] *** morphje has joined #postfix
[12:40:50] <morphje> while reading: http://www.freesoftwaremagazine.com/articles/focus_spam_postfix (and as in most howto's i found) the recipient restrictions end in permit. I wonder what the use if for a default permit in recipient_restictions? when comparing to for example a firwall, the default action is always (should be) drop/deny. anyone care to give me some insight?
[12:55:32] *** penrod has quit IRC
[13:02:10] *** krzee has joined #postfix
[13:10:58] *** snearch has quit IRC
[13:18:58] *** mi has joined #postfix
[13:25:06] *** zastaph has joined #postfix
[13:33:26] *** npmapn has quit IRC
[13:40:45] *** m1chael has joined #postfix
[13:44:36] *** beerbro has quit IRC
[13:44:36] *** beerbro has joined #postfix
[13:45:30] <joschi> morphje: if the permit restriction (yeah, it's an oxymoron) was missing only authenticated senders (i.e. by smtp-auth or because of their ip addresses) could deliver mails to you.
[13:46:10] <joschi> morphje: if you want to build a purely sending smtp-server (e. g. a pure relayhost) this is fine. if you're hosting some mailboxes with on that system, it's not
[13:50:10] *** gerhard7 has quit IRC
[13:59:58] <morphje> permit restriction.... thanks for explaiing that
[14:03:21] *** gerhard7 has joined #postfix
[14:03:21] *** penrod has joined #postfix
[14:10:07] *** mBull has joined #postfix
[14:17:10] *** penrod has quit IRC
[14:27:57] *** wdp has joined #postfix
[14:34:48] *** vpopov has joined #postfix
[14:52:13] *** Bry8Star has quit IRC
[14:54:28] *** Bry8Star has joined #postfix
[14:55:01] *** Natureshadow has quit IRC
[14:58:14] *** mbutubuntu has joined #postfix
[14:59:02] *** Bry8Star has quit IRC
[15:01:24] <mbutubuntu> hello folks, I'm aften attached by some Taiwan [baby] spammers :-)
[15:01:27] <mbutubuntu> *often
[15:02:02] <mbutubuntu> all messages are rejected because not qualified HELO or thanks to rbl usage
[15:02:34] *** m1chae has joined #postfix
[15:02:47] *** m1chael has quit IRC
[15:04:05] *** Natureshadow has joined #postfix
[15:04:08] *** m1nish has joined #postfix
[15:05:05] <mbutubuntu> is there any way lo launch an external program when postfix receives this kind of "bad" requests?
[15:06:24] <rob0> IIUC what you are asking, you should use a policy service.
[15:06:28] <rob0> 1policy
[15:06:34] <rob0> !policy
[15:06:34] <knoba> rob0: "policy" : Postfix smtpd(8) policy protocol, http://www.postfix.org/SMTPD_POLICY_README.html , for complex and intelligent restrictions
[15:19:00] *** m1chae has quit IRC
[15:25:45] *** penrod has joined #postfix
[15:35:54] <jduggan> rob0: i see your sqlite issue got patched, saw your name in the changelog
[15:36:30] *** mbutubuntu has quit IRC
[15:38:29] *** m1chael has joined #postfix
[15:38:37] *** penrod has quit IRC
[15:38:42] <rob0> jduggan, yup, and apparently it had existed in all of 2.8.x
[15:53:48] *** mBull has quit IRC
[16:32:11] *** bnitica has joined #postfix
[16:34:33] <bnitica> !welcome
[16:34:33] <knoba> bnitica: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.
[16:43:28] <bnitica> I am trying to install postfix on a CentOS 5.7 following this guide: http://workaround.org/ispmail/etch I am stuck on Step 7 (testing the email using telnet)
[16:43:42] <bnitica> from the log: fatal: pipe_command: execvp /usr/lib/dovecot/deliver
[16:46:22] *** penrod has joined #postfix
[16:48:31] *** ced117 has quit IRC
[16:50:24] *** ced117 has joined #postfix
[16:51:15] *** gratnam11 has left #postfix
[16:52:47] <Patrickdk> bnitica, heh, you aren't going get far
[16:52:59] <Patrickdk> following a debian tutorial on a centos system :)
[16:53:27] <rob0> unless you are very well versed in how your OS does things
[16:53:32] <Patrickdk> yep
[16:53:45] <Patrickdk> and hopefull know some about the other one, also
[16:53:46] *** jwing has quit IRC
[16:54:30] <bnitica> yes I know that is a debian tutorial, I am new at linux, and the link was provided by an admin :) which said I shouldn't have issue
[16:54:58] <bnitica> I have installed postfix dovecot etc using yum
[16:55:16] <bnitica> from centosPlus (for having the mysql support)
[16:56:40] <bnitica> I see that deliver is in /usr/libexec/dovecot/, I mad the change in the master.cf but didn't worked
[17:04:57] *** rcsu has joined #postfix
[17:08:03] <bnitica> so if I change the /usr/lib/dovecot/deliver with /usr/libexec/dovecot/deliver it dooesn't fire anymore the pipe_command error but it says: Feb 12 06:42:22 server postfix/pipe[17399]: 789897DC165: to=<office at xxxxx dot com>, relay=dovecot, delay=10676, delays=10676/0.02/0/0.02, dsn=4.3.0, status=deferred (temporary failure)
[17:11:27] <rob0> If you're new at Linux, why do you need an "ISP-style" mail server?
[17:11:50] <Patrickdk> it's cool :)
[17:12:23] <rob0> How many domains will you be hosting? How many users?
[17:12:50] *** nOStahl has joined #postfix
[17:12:52] <nOStahl> hi guys
[17:13:00] <nOStahl> im looking to setup my first email server setup
[17:13:08] *** penrod has quit IRC
[17:13:12] <bnitica> this one thing, anothers are: I am a programmer and I am using my VPS server for all other the things, horintg, media delivery etc, but I think not this is the the point
[17:13:28] <bnitica> if I am new I am not allowed to learn? :)
[17:14:03] <rob0> If you try to bite off more than you can chew, you will choke, not swallow.
[17:14:06] <lunaphyte> whoring?
[17:14:40] *** sphenxes has quit IRC
[17:14:41] <Patrickdk> bnitica, you don't learn from setting things up the most complex way to start
[17:14:47] <Patrickdk> and defently not from tutorials
[17:14:47] <bnitica> @rob0 thank you very much for the advise! but I am ok with my choosing...
[17:14:53] <Patrickdk> you learn from starting small, and adding to it
[17:15:03] <bnitica> wow guys
[17:15:04] <bnitica> so
[17:15:12] <bnitica> I can't find help on my issue here?
[17:15:21] <nOStahl> im looking for some reading on setting up postfix with virtual domain emails
[17:15:27] <nOStahl> can someone point me in the right direction
[17:15:32] <Patrickdk> bnitica, your issue isn't postfix
[17:15:33] <rob0> !basic
[17:15:33] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.
[17:15:39] <Patrickdk> bnitica, your issue is dovecot
[17:15:50] <rob0> after you understand !basic, look to
[17:15:54] <rob0> !virtual
[17:15:54] <knoba> rob0: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html
[17:16:03] <bnitica> ok, thank you for the links and advices guys
[17:16:50] *** mi has quit IRC
[17:18:34] *** matt1982 has quit IRC
[17:18:54] *** wdp has quit IRC
[17:21:03] <bnitica> by the way: the links doesn't help me, I know how to set it for virtual domains
[17:21:48] <bnitica> any of you does know where to find help with my dovecot issue? I am searching on google and after 1-2 hours didn't find a solution but I'll keep searching
[17:22:04] <lunaphyte> searching on google? why?
[17:22:28] <bnitica> :) where?
[17:22:34] <lunaphyte> is there some problem with the software's documentation?
[17:22:34] *** FainaUkraina has quit IRC
[17:22:39] <Zerberus> bnitica: the links were for nOStahl
[17:22:59] <bnitica> ah, right, sorry!
[17:23:26] *** wdp has joined #postfix
[17:23:26] *** wdp has joined #postfix
[17:25:14] <nOStahl> Zerberus, when installing postfix it asks if I should go with no configuration or internet site or internet site with smarthost?
[17:26:01] <Zerberus> nOStahl: sounds to be Debian
[17:26:08] <nOStahl> aye
[17:26:20] <nOStahl> ubuntu server
[17:26:26] <rob0> The links are for both.
[17:26:29] <lunaphyte> if it were me, i'd go with no configuration
[17:26:44] <nOStahl> im looking to setup email for several of my sites
[17:27:20] <lunaphyte> what does "setup email for several of my sites" mean?
[17:27:44] <nOStahl> imap, low traffic, one server virtual hosts
[17:28:27] <nOStahl> my only friend that's setup an email server did his over 7 years ago and does not remember the finer details of it -- it just keeps working heh
[17:28:56] <rob0> How many domains will you be hosting? How many users?
[17:29:18] <nOStahl> 6 or 7 sites maybe 20 users
[17:30:36] *** m1chael has quit IRC
[17:33:56] <rob0> then a flat-file based virtual alias system with local(8) delivery will be best and easiest.
[17:37:28] *** mroe has joined #postfix
[17:37:28] *** mroe has joined #postfix
[17:37:44] <nOStahl> https://help.ubuntu.com/community/Postfix im following this atm
[17:37:51] <nOStahl> on part about configuring mailbox format
[17:38:21] *** jkfod1 has joined #postfix
[17:39:18] *** jkfod has quit IRC
[17:39:27] *** npmapn has joined #postfix
[17:39:32] <lunaphyte> oh, we don't support howtos here.
[17:39:51] <lunaphyte> we do support the documentation included with the software though.
[17:40:29] <nOStahl> this is the community documentation that came with postfix on ubuntu :P
[17:41:04] <lunaphyte> not sure what you're getting at. you're trying to get us to support it?
[17:41:30] <nOStahl> if you dont know then you dont have to respond
[17:41:36] <lunaphyte> wrong
[17:41:44] <nOStahl> besides I did not ask a question
[17:41:46] <nOStahl> I made a statement
[17:42:10] <lunaphyte> no one said you asked a question.
[17:42:28] *** bnitica has left #postfix
[17:50:54] *** p3rror has quit IRC
[17:55:57] *** m1chael has joined #postfix
[17:57:08] *** mi has joined #postfix
[17:57:44] *** Steve_The_Pirate has joined #postfix
[17:59:27] <rob0> nOStahl, as I said before, I'd recommend !basic and then !virtual
[17:59:55] <rob0> I wouldn't expect a Ubuntu Postfix howto to be very good, TBH.
[18:00:20] <nOStahl> I've not had many problems with ubuntu documentation as of late
[18:00:34] <nOStahl> just make sure your not reading something from back in 6.0 days heh
[18:01:20] <rob0> Such tutorials (MOST Postfix/virtual ones) are typically written by people who are lacking in understanding. And that one in particular might be one of the ones with SASL confusion.
[18:01:51] <rob0> and no, I am not sure whether I have reviewed that one or not
[18:02:06] <nOStahl> https://help.ubuntu.com/community/PostfixBasicSetupHowto im over on this one atm
[18:04:01] *** pyther has joined #postfix
[18:12:32] <nOStahl> hrmm when doing a netcat email it says relay access denied
[18:13:21] <pyther> What controls setting controls who can and can't send mail through the smtp server?
[18:13:54] *** raltonen has joined #postfix
[18:14:19] *** nowthatsamatt has joined #postfix
[18:15:56] <thumbs> !mynetworks
[18:15:57] <knoba> thumbs: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.
[18:16:07] <thumbs> pyther: do you use sasl?
[18:16:51] <pyther> thumbs: well I have sasl setup, and it works, I did this a while ago, but I don't see anything in the config that is allowing sasl
[18:17:04] *** p3rror has joined #postfix
[18:17:05] *** nowthatsamatt has left #postfix
[18:17:27] <pyther> smtpd_recipient_restrictions doesn't have anything with accepting mails from my client does it?
[18:18:15] *** krzee has quit IRC
[18:18:21] <thumbs> pyther: that's mynetworks
[18:19:38] <pyther> thumbs: http://paste.pocoo.org/show/549832/
[18:20:02] <pyther> what excatly is going on there?
[18:20:47] <pyther> is it saying on port 587 only allow sasl_authentication and reject everything else?
[18:21:15] <joschi> pyther: what *exactly* is your problem?
[18:21:36] <pyther> joschi: I don't have a problem, just trying to understand how things work
[18:21:42] <joschi> pyther: and yes, on the submission port (587/tcp) only authenticated clients can send mail according to your configuration
[18:22:30] <rob0> smtpd_recipient_restrictions is what controls relaying, not client restrictions
[18:22:38] <rob0> no they can't
[18:22:38] *** penrod has joined #postfix
[18:23:25] <pyther> rob0: so then what controls client submissions?
[18:23:45] <rob0> on 587 per that pastebin, only authenticated who happens to be in mynetworks can send mail outside the server.
[18:23:47] <wdp> weee all life on a yelloooow submarineeeeee
[18:24:41] <pyther> rob0: so outside of the network I won't be able to send email to my server via submission even if I'm authenticated?
[18:25:08] <rob0> < rob0> smtpd_recipient_restrictions is what controls relaying, not client restrictions
[18:25:24] <pyther> ok, so then whan controls client connections?
[18:25:37] <rob0> what does that mean?
[18:25:42] <rob0> !access
[18:25:42] <knoba> rob0: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.
[18:25:53] <rob0> ^^ might clear up some of your confusion
[18:26:04] *** nutron has quit IRC
[18:26:14] <pyther> ok, I'll take a look
[18:26:15] *** m1chael has quit IRC
[18:26:46] <pyther> What I want, allow interal host to send email to my server with no authentication, allow external host to send email to my server with authentication
[18:27:47] <rob0> set smtpd_recipient_restrictions accordingly
[18:30:38] *** penrod has quit IRC
[18:30:40] *** m1chael has joined #postfix
[18:31:04] <pyther> rob0: why wouldn't I want to modify smtpd_client_restrictions
[18:31:39] <rob0> you can if you like. Won't control who can relay, however.
[18:33:49] <pyther> rob0: let me see if I got this right. With my current setup, local clients can realy and send messages, connection through submission can only send (not relay) if authenticated, right?
[18:37:09] <rob0> right. Change s/-o smtpd_cl/-o smtpd_recip/ for submission and authenticated clients can relay anywhere.
[18:37:47] <pyther> So can clients outside of my network send mail to port 25 and get it delivered?
[18:39:20] <rob0> I guess the sample submission line assumes that you put permit_sasl_authenticated in your main.cf smtpd_recipient_restrictions
[18:40:07] <rob0> that is what SASL_README tells you to do
[18:40:45] <rob0> but if you don't want to allow user submission on port 25, you don't do it that way (I don't)
[18:45:04] <pyther> rob0: I guess I don't understand what is preventing unathenticated users from sending mail on port 25 outside of $mynetwork
[18:48:36] <pyther> Maybe I have a basic misunderstanding, when I'm using thunderbird as sending a message, am I acting like as a relay?
[18:48:59] <lunaphyte> yes
[18:49:11] <lunaphyte> more specifically, postfix is acting as an msa.
[18:49:11] *** Steve_The_Pirate has quit IRC
[18:49:45] <lunaphyte> but port 25 wouldn't be used when thunderbird communicated with postfix, unless they were set up wrong.
[18:50:34] <rob0> reject_unauth_destination prevents relaying. I thought that was covered in !access, but not sure.
[18:52:06] <pyther> lunaphyte: I have thunderbird setup to send mail on port 25 on my local lan
[18:52:08] <pyther> is that wrong?
[18:52:10] <lunaphyte> yes
[18:52:25] <lunaphyte> port 25 is for servers to communicate with each other. not for clients to communicate with servers.
[18:52:35] <pyther> why does it work? :P
[18:52:45] <pyther> not that I'm arguing it is wrong I'm just curious
[18:52:46] <lunaphyte> that's irrational logic.
[18:52:59] <lunaphyte> the same reason you can drive around on a donut indefinitely
[18:53:37] <pyther> so when using port 25, thunderbird is acting like a relay?
[18:53:41] <lunaphyte> the reason is works is because, at the moment, the smtp protocol and the submission protocol just happen to coincidentally be effectively identical protocols.
[18:53:46] <lunaphyte> no.
[18:53:53] <lunaphyte> mail clients would never be relays.
[18:53:56] <lunaphyte> mail servers would be.
[18:54:12] <lunaphyte> but i think you're getting too hung up on the word relay, and what it might mean
[18:55:15] <pyther> How does this work? smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination is set as so, I'm outside my lan, and I try to send an email to my server, what happens for that to get rejected/denied?
[18:56:19] <lunaphyte> !tias
[18:56:19] <knoba> lunaphyte: "tias" : Try It And See
[18:56:25] <rob0> Anyone in the world can send mail to your authorized destinations. (Domain names you host.)
[18:58:01] *** m1chael has quit IRC
[18:58:04] <pyther> so if you try to send a mail to my server, in thunderbird, to a gmail account, since I don't host gmail.com, it is going to reject it, right?
[18:58:27] <rob0> that's what reject_unauth_destination means
[18:58:56] <lunaphyte> as long a it's properly configure, of course.
[18:59:02] <rob0> doesn't matter if it's thunderbird or MSexchange or random ratware.
[18:59:44] <pyther> but I can send mail to other places because smtpd_recipient_restrictions = permit_mynetwork
[18:59:47] <pyther> right?
[19:00:22] <rob0> *permit_mynetworks (plural, spelling counts)
[19:00:53] <pyther> ok got that
[19:02:29] <lunaphyte> these days, i generally discourage use of mynetworks
[19:03:01] <pyther> so then smtpd_client_restrictions restricts who can connect to the submission service, right?
[19:03:24] <lunaphyte> only worry about smtpd_recipient_restrictions. everything should be kept there.
[19:03:30] *** davlefou_ has joined #postfix
[19:04:11] <pyther> so then I should remove smtpd_client_restrictions from my master.cnf file? http://paste.pocoo.org/show/549832/
[19:04:32] <lunaphyte> no. just change client to recipient
[19:05:02] *** l1nuxman_ has joined #postfix
[19:05:34] *** davlefou has quit IRC
[19:05:51] <lunaphyte> you should have more than just those restrictions, btw
[19:06:41] <pyther> lunaphyte: so in that case, when using submission, smtpd_client_restrictions would be overridden, right?
[19:06:47] <lunaphyte> no
[19:06:51] <lunaphyte> it's just doesn't apply
[19:07:01] <lunaphyte> *it just doesn't
[19:07:48] <pyther> so, permit_mynetworks won't be allowed when using submission, in other words
[19:08:30] <pyther> lunaphyte: what other restriction should I have?
[19:12:45] <kyconquers> is there a way to not only see how many domain patterns there are but also to use that for a search? ie: john at example dot com searches for domain=%2 but john at sales dot example.com searches for domain=%3.%2
[19:15:21] *** mi has quit IRC
[19:16:15] <pyther> lunaphyte and rob0 thakns for the help and putting up with me, I think I have a much better understanding now
[19:21:33] *** mac_ has joined #postfix
[19:21:36] <mac_> hey
[19:21:39] *** mac_ is now known as mac-
[19:21:48] <lunaphyte> pyther, at minimum, you should always have reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_pipelining - before any other restrictions.
[19:21:55] <mac-> I wish to ask you about permit_sasl_authenticated option
[19:22:24] <mac-> I'm not sure if this option is set that means only SSL/TLS clients will be processed or also SSL/TLS will be
[19:22:27] <mac-> ?
[19:22:59] <lunaphyte> sasl [authentication] has nothing to do with tls [encryption]
[19:23:31] <Patrickdk> luna, except when using client certs?
[19:23:34] *** davlefou_ is now known as davlefou
[19:23:38] *** davlefou has joined #postfix
[19:23:47] <mac-> I see
[19:24:09] <mac-> but the key information for me is now if plain clients will be processed with this option set or not
[19:24:48] <kyconquers> I was thinking if a could add perl i would just use something like this http://pastebin.com/X0qBFGeU
[19:25:26] *** morphje has quit IRC
[19:26:25] <lunaphyte> Patrickdk: we don't need to confuse people who are almost certainly not asking about that with edge cases.
[19:26:33] <pyther> lunaphyte: ok thanks it says I should set smtpd_helo_required = yes, is there any reason for a smtp client not to send a helo
[19:26:49] <Patrickdk> :)
[19:27:14] <mac-> maybe I will ask in other way
[19:27:45] <mac-> which option will allow plain authentication - just login and password ?
[19:27:45] <mac-> :)
[19:28:06] <mac-> now I'am able to process users with SASL
[19:28:28] <Patrickdk> !sasl
[19:28:29] <knoba> Patrickdk: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[19:28:47] <mac-> but got Relay access denied when trying to send mail without SASL
[19:28:49] <Patrickdk> postfix doesn't care what authenication method you want, login, plain, ....
[19:28:53] <Patrickdk> as that is handles by sasl
[19:29:15] <mac-> then this is case on Dovecot side ?
[19:29:19] <mac-> i.e.
[19:29:38] <Patrickdk> how should I know?
[19:29:48] <mac-> but the case is with connection on 25 port
[19:29:53] <mac-> this is Postfix port
[19:30:08] <mac-> and it occurs when trying to send mail
[19:30:16] <mac-> not during receiving
[19:30:39] <Patrickdk> why does that matter?
[19:30:44] <Patrickdk> what port you connect to?
[19:34:29] <mac-> well I'm sending mails without any problems using secure auth by 465 port
[19:34:43] <mac-> but can't by 25 without SASL
[19:34:55] <mac-> then got Relay access denied
[19:35:10] <Patrickdk> why do you want to run sasl on port 25? that is just a bad bad idea
[19:35:13] <Patrickdk> !submission
[19:35:13] <knoba> Patrickdk: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf
[19:35:37] <mac-> Patrickdk: no, I have SASL on 465 port
[19:35:45] <Patrickdk> why?
[19:35:48] <Patrickdk> !smtps
[19:35:48] <knoba> Patrickdk: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.
[19:36:55] <Patrickdk> mac-, the fact you can't figure this simple thing out, shows you don't understand the basic config syntax of postfix
[19:37:03] <Patrickdk> but being as that is, you shouldn't do that anyways
[19:38:48] *** penrod has joined #postfix
[19:40:16] <mac-> what simple thing ?
[19:40:18] <pyther> lunaphyte: again I really appreciate the help!
[19:42:50] <mac-> !submission for smtps
[19:42:50] <knoba> mac-: Error: "submission" is not a valid command.
[19:55:46] *** l1nuxman_ has quit IRC
[19:58:26] *** m1nish has quit IRC
[19:59:21] *** raltonen has quit IRC
[20:07:12] *** m1chael has joined #postfix
[20:11:34] *** m1chael has quit IRC
[20:18:01] *** krzee has joined #postfix
[20:18:01] *** krzee has joined #postfix
[20:18:14] *** empity has quit IRC
[20:21:49] *** penrod has quit IRC
[20:26:12] *** vpopov has quit IRC
[20:28:39] *** nOStahl has quit IRC
[20:30:36] *** chadmaynard has quit IRC
[20:41:54] *** snearch has joined #postfix
[20:51:56] *** jwing has joined #postfix
[20:57:00] *** empity has joined #postfix
[20:57:47] *** morphje has joined #postfix
[20:58:23] <rob0> !tell mac- relay_denied
[20:58:23] <knoba> mac-: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).
[21:02:48] *** m1chael has joined #postfix
[21:05:40] *** zastaph has quit IRC
[21:07:50] *** m1chael has quit IRC
[21:09:43] *** n0sq has joined #postfix
[21:09:46] *** npmapn has quit IRC
[21:12:55] *** penrod has joined #postfix
[21:14:34] *** sepski has quit IRC
[21:17:56] *** hparker has joined #postfix
[21:27:24] <lunaphyte> pyther: sure thing, you're welcome
[21:50:14] *** ghoti_ is now known as ghoti
[21:50:24] *** jkfod1 has quit IRC
[21:52:32] *** m1chael has joined #postfix
[21:58:03] *** gerhard7 has quit IRC
[22:12:13] *** penrod has quit IRC
[22:15:55] *** xpeed has joined #postfix
[22:17:24] *** penrod has joined #postfix
[22:26:32] *** krzee has quit IRC
[22:32:26] *** sphenxes has joined #postfix
[22:39:34] *** morphje has quit IRC
[22:40:34] *** m1chael has quit IRC
[22:57:01] *** penrod has quit IRC
[23:02:31] *** rober has joined #postfix
[23:08:39] *** ced117 has quit IRC
[23:18:48] *** Natureshadow has quit IRC
[23:23:22] *** danblack has joined #postfix
[23:27:55] <Tabmow> Hmmm, since the upgrade to 2.9 I get a hell of a lot of postconf warnings...
[23:32:27] *** ssureshot has quit IRC
[23:32:48] <rob0> heh, btdt :)
[23:33:20] *** ssureshot has joined #postfix
[23:34:03] *** badaptr has quit IRC
[23:34:19] *** badaptr has joined #postfix
[23:34:19] *** badaptr has joined #postfix
[23:34:32] *** pj has quit IRC
[23:34:49] <rob0> my first "make upgrade" with the new postconf had $((17 * $numErrors)) complaints. It was ugly.
[23:37:25] *** pj has joined #postfix
[23:38:45] *** snearch has quit IRC
[23:40:04] *** adayleryan has joined #postfix
[23:41:22] *** kli0rf has quit IRC
[23:41:39] *** e-anima has quit IRC
[23:42:14] *** adayleryan_ has quit IRC
[23:43:22] *** kli0rf has joined #postfix
[23:48:43] *** krzee has joined #postfix
top

   February 12, 2012  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | >