June 15, 2012 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
June 15, 2012 [00:03:58] *** jkfod has joined #postfix[00:05:26] *** robinho86 has left #postfix[00:05:40] *** pearson has joined #postfix[00:07:30] *** pearson has left #postfix[00:07:46] *** xiong_chiamiov has joined #postfix[00:07:52] <xiong_chiamiov> !debug[00:07:52] <knoba> xiong_chiamiov: "debug" : http://www.postfix.org/DEBUG_README.html : a starting point for how to deal with problems and to report information to those who might help. Post information including NON-verbose logs in a pastebin such as http://pastebin.ca/ or http://dpaste.com/[00:17:48] <tharkun> !tell xiong_chiamiov welcome[00:17:48] <knoba> xiong_chiamiov: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[00:24:07] *** Telgalizer has joined #postfix[00:25:16] *** Telgalizer has quit IRC[00:26:09] *** p3rror has joined #postfix[00:28:38] *** gongoputch has quit IRC[00:31:57] *** Zeit|awy has quit IRC[00:32:05] *** Zeit|awy has joined #postfix[00:35:07] *** mambaw has quit IRC[00:36:33] *** Zeit|awy has quit IRC[00:37:04] <xiong_chiamiov> ... being able to see error messages helps a lot with debugging[00:37:14] * xiong_chiamiov apparently doesn't know syslog-ng as well as he thought[00:39:09] *** xiong_chiamiov has quit IRC[00:39:56] *** jkfod has quit IRC[00:40:59] *** jkfod has joined #postfix[00:49:04] *** d3c has quit IRC[00:53:18] *** d3c has joined #postfix[00:53:49] *** TomHome has joined #postfix[00:55:35] *** nokia3510 has quit IRC[01:02:34] *** elex1111110 has quit IRC[01:10:34] *** danblack has joined #postfix[01:16:36] *** shinao1 has quit IRC[01:16:55] *** jkfod has quit IRC[01:31:25] *** gongoputch has joined #postfix[01:40:52] *** d3c has quit IRC[01:46:11] *** sphenxes has quit IRC[01:56:07] *** jkfod has joined #postfix[01:58:25] *** jkfod has quit IRC[02:08:23] *** Tykling has quit IRC[02:09:43] *** Tykling has joined #postfix[02:10:15] *** Tykling has quit IRC[02:11:12] *** mBull has joined #postfix[02:15:27] *** elico has quit IRC[02:16:43] *** Tykling has joined #postfix[02:17:30] *** TomHome has quit IRC[02:57:23] *** Areckx has quit IRC[03:09:03] *** mfridh has quit IRC[03:10:47] *** mBull has quit IRC[03:16:03] *** chadmaynard has joined #postfix[03:33:49] *** PatrickDK has quit IRC[03:33:58] *** nuomi has joined #postfix[03:36:12] *** danblack has quit IRC[03:37:36] *** batphone has joined #postfix[03:37:47] <batphone> can someone recommend a good how-to for getting postfix up and running using TLS?[03:38:02] <batphone> i see a lot of stuff on the web but am using an instance of EC2 for a personal website[03:38:12] <batphone> not much specific to that, although this seems somewhat redhat based[03:38:45] <batphone> i see a lot of date to the material i am finding and the postfix documentation itself for TLS is less specific than i need to be productive with it[03:39:16] *** PatrickDK has joined #postfix[03:39:24] *** danblack has joined #postfix[04:01:58] *** Bry8Star has quit IRC[04:04:17] *** chadmaynard has quit IRC[04:04:53] *** nuomi has quit IRC[04:07:49] *** failure has quit IRC[04:11:58] <lunaphyte> hot sure what you mean by howto and stuff on the web, but the documentation is what is supported here[04:12:02] <lunaphyte> *not sure[04:18:19] *** Bry8Star has joined #postfix[04:19:48] *** nuomi has joined #postfix[04:55:18] *** Tabstar has joined #postfix[04:55:31] *** Tabstar is now known as Guest24442[04:56:37] *** evilTabstar is now known as Tabmow[04:56:41] *** Tabstar_ has joined #postfix[04:57:12] *** Tabstar_ is now known as evilTabmow[05:08:19] *** MAAAAD has quit IRC[05:11:13] *** elex1111110 has joined #postfix[05:19:37] *** chadmaynard has joined #postfix[05:21:20] *** MAAAAD has joined #postfix[05:38:08] *** elex1111110 has quit IRC[05:40:56] *** lawnchairr has left #postfix[05:44:50] *** nuomi has quit IRC[05:55:09] *** TomHome has joined #postfix[06:00:49] *** elex1111110 has joined #postfix[06:06:33] *** chadmaynard has quit IRC[06:11:58] *** cilly has quit IRC[06:14:01] *** cilly has joined #postfix[06:14:15] *** elex1111110 has quit IRC[06:18:36] *** MAAAAAD has joined #postfix[06:21:57] *** MAAAAD has quit IRC[07:34:21] *** mi has joined #postfix[08:00:05] *** batphone has quit IRC[08:04:14] *** prooz has quit IRC[08:09:10] *** prooz has joined #postfix[08:11:51] *** bisoc has joined #postfix[08:12:28] *** Zeit|awy has joined #postfix[08:17:46] *** mfridh has joined #postfix[08:18:36] *** gerhard7 has joined #postfix[08:45:06] *** mi has quit IRC[09:15:04] *** getoffmalawn has joined #postfix[09:16:29] *** master_of_master has quit IRC[09:18:29] *** master_of_master has joined #postfix[09:19:13] *** rzimmermann has joined #postfix[09:24:59] *** tjikkun_work has joined #postfix[09:34:44] *** MondoBizzarro has joined #postfix[09:46:55] <getoffmalawn> We have a bunch of emails in a queue, going to a server, the MX records for the server have been changed. But the existing records stay in the queue with the error "Mail transport unavailable". I have tried a restart, reload, flush, sendmail -q, and I'm unsure what else to try.[09:47:37] <getoffmalawn> I want postfix to relookup the DNS records for all messages in the queue.[09:48:13] <getoffmalawn> I'm running a local name server as well, and the DNS records are well and truly up to date and correct.[09:48:20] <getoffmalawn> Also tried requeueing the messages.[09:49:25] <sysmonk> getoffmalawn: mail TRANSPORT unavailable[09:49:45] <sysmonk> you've removed a transport from master.cf[09:49:58] <pj> !tell getoffmalawn congrats[09:49:58] <knoba> getoffmalawn: "congrats" : Congratulations! You have a postfix problem. There are lots of people in this channel who would love to help you but in order to provide you anything better than a guess please take the output of postconf -n and some !relevant_logs and !paste them into a pastebin. Once you have done this then someone will be available to help you shortly.[09:50:36] <pj> getoffmalawn: in addition to the above please also put your master.cf in a pastebin.[09:55:35] *** gongoputch has quit IRC[09:55:57] <getoffmalawn> master.cf has not changed - will send it through shortly.[09:56:33] <getoffmalawn> Mail is working for all other servers, it's just this one that's a problem.[09:56:59] <getoffmalawn> Is there a way I can clear postfix's MX cache?[09:57:54] <pj> getoffmalawn: you're barking up the wrong tree, just provide the info that you have been asked for and we'll be able to tell you what the problem is.[09:58:14] *** wdp has joined #postfix[09:58:15] *** wdp has joined #postfix[10:02:37] *** milligan has quit IRC[10:05:38] <getoffmalawn> Pastebin appears to be down - here's the master.cf and postfix -n output: http://sillyfrog.com/tmp/postfixconf.txt[10:05:51] <getoffmalawn> It's been sanitised slightly, so some config may look a little strange.[10:05:57] *** morse has quit IRC[10:06:24] <pj> getoffmalawn: and relevant logs?[10:09:42] *** milligan has joined #postfix[10:14:56] <getoffmalawn> Sure: http://sillyfrog.com/tmp/postfixlogs.txt[10:15:00] <getoffmalawn> Sanitised as well.[10:19:38] <pj> getoffmalawn: can you pastebin /etc/postfix/transport please.[10:21:29] <getoffmalawn> Thanks heaps - someone else has been messing with the /etc/postfix/transport file. All good now.[10:21:43] *** e-anima has joined #postfix[10:21:46] <getoffmalawn> Sorry to waste your time.[10:21:48] <pj> heh, yep, figures[10:22:57] *** morse has joined #postfix[10:22:59] *** GieltjE has joined #postfix[10:24:58] *** e-anima has quit IRC[10:25:27] *** getoffmalawn has quit IRC[10:27:01] *** morse has quit IRC[10:27:46] *** e-anima has joined #postfix[10:37:22] *** morse has joined #postfix[10:38:43] *** doomas has quit IRC[10:48:48] *** doomas has joined #postfix[10:54:51] *** himik has joined #postfix[11:00:35] *** benteaa has quit IRC[11:04:09] *** sphenxes has joined #postfix[11:06:07] *** himik has quit IRC[11:06:48] *** himik has joined #postfix[11:18:46] *** benteaa has joined #postfix[11:21:15] *** morse has quit IRC[11:26:24] *** Steve_The_Pirate has joined #postfix[11:34:38] *** [diablo] has joined #postfix[11:34:38] *** [diablo] has joined #postfix[11:40:08] *** morse has joined #postfix[11:45:44] *** morse has quit IRC[11:49:02] *** bhagat has joined #postfix[11:50:55] *** p3rror has quit IRC[11:55:47] *** UQlev has joined #postfix[12:04:53] *** p3rror has joined #postfix[12:09:38] *** Steve_The_Pirate has quit IRC[12:27:09] *** danblack has quit IRC[12:29:59] *** TomHome has quit IRC[12:33:20] *** snearch has joined #postfix[12:34:06] *** koshie has quit IRC[12:34:16] *** koshie has joined #postfix[12:35:19] *** koshie has quit IRC[12:35:29] *** koshie has joined #postfix[12:40:54] *** morse has joined #postfix[12:44:11] *** nocturnal has joined #postfix[12:44:29] <nocturnal> is it standard for sasl authdaemon to log cleartext and encrypted forms of passwords in mail.log for each login?[12:44:37] <nocturnal> my smtpd.conf is only two lines, no log_level set[12:45:27] *** danblack has joined #postfix[12:49:08] *** adrian15 has joined #postfix[12:49:09] *** koshie has quit IRC[12:49:19] *** koshie has joined #postfix[12:50:53] <adrian15> When editing main.cf if I have something like : " mydestination = " (without the double quotes of course). mydestination is supposed to be blank or ... it isn't defined which means that it's set to its default value? Thank you.[12:52:52] *** p3rror has quit IRC[12:53:10] <sep> adrian15, http://www.postfix.org/postconf.5.html#mydestination ; it's set to blank[12:54:57] <adrian15> sep: And that's true for all the settings in main.cf then? I mean it's you put: something = something is set to blank ? I mean... The field I'm interested in is relay_domains.[12:56:30] *** jkfod has joined #postfix[12:57:54] *** koshie has quit IRC[12:58:10] *** koshie has joined #postfix[12:58:26] <UQlev> adrian15: you may always see current values with postconf -n[12:59:47] *** UQlev has quit IRC[13:00:07] <adrian15> UQlev: Ok. relay_domains is empty... so... Ok.. I'll wait for the answer on the ML. I thought I could find the answer on myself. I will study a bit on classes and that's it.[13:01:17] *** Facefox has quit IRC[13:07:05] *** localhost has quit IRC[13:07:25] *** Facefox has joined #postfix[13:07:59] *** Creamz has quit IRC[13:08:25] *** localhost has joined #postfix[13:08:51] *** Creamz has joined #postfix[13:10:00] *** Facefox has joined #postfix[13:16:44] *** p3rror has joined #postfix[13:23:02] *** sep has quit IRC[13:23:24] *** Facefox has quit IRC[13:25:38] *** jkfod has quit IRC[13:25:56] *** Facefox has joined #postfix[13:29:18] *** rzimmermann has quit IRC[13:29:33] *** Facefox has joined #postfix[13:29:37] *** sep has joined #postfix[13:30:26] *** Facefox has joined #postfix[13:30:57] *** p3rror has quit IRC[13:32:02] *** Facefox has joined #postfix[13:33:14] *** Facefox has joined #postfix[13:38:50] *** Facefox has joined #postfix[13:39:11] *** jkfod has joined #postfix[13:46:47] *** jkfod has quit IRC[13:58:12] *** jkfod has joined #postfix[14:04:40] *** p3rror has joined #postfix[14:05:27] *** gerhard7 has quit IRC[14:08:17] *** feisar has joined #postfix[14:08:29] *** Section1 has joined #postfix[14:09:35] <feisar> hi, I was just looking through my logs and it would appear that although Google connects to my server using TLS Microsoft doesn't. Have other people spotted similar things?[14:09:58] <PatrickDK> years ago, yes[14:11:06] <feisar> I find it quite surprising that MS don't use TLS when connecting[14:11:18] <feisar> there's not really a reason not to is there?[14:15:35] *** p3rror has quit IRC[14:17:23] *** bhagat has quit IRC[14:17:44] *** tryfan has joined #postfix[14:17:58] <tryfan> hi all[14:19:53] <tryfan> I've successfully rewritten the recipient domain of incoming mail, and it's queueing and going out. This is in preparation for a migration. I'm no rewriting mail that hasn't been migrated and inserting new. to the recipients once migrated[14:20:59] <tryfan> The problem is *while* the address is being migrated. I want to send it to null.<domain.tld> but it doesn't rewrite again when the queue is run[14:21:18] <tryfan> I guess I'm looking for a solution that rewrites recipient domains in the queue[14:22:59] <tryfan> postsuper -r will do it I guess...[14:27:48] *** tryfan has left #postfix[14:29:43] *** p3rror has joined #postfix[14:38:45] *** danblack has quit IRC[14:40:07] *** MondoBizzarro has quit IRC[14:48:12] *** shinao1 has joined #postfix[14:49:13] *** localhost has quit IRC[14:54:45] *** shinao1 has quit IRC[14:57:07] *** shinao1 has joined #postfix[15:05:55] *** shinao1 has quit IRC[15:13:55] *** shinao1 has joined #postfix[15:14:11] *** ikonia is now known as ikonia_[15:14:14] *** ikonia_ is now known as ikonia[15:22:14] *** kaneda^ has joined #postfix[15:22:49] *** phenom is now known as [l33t][15:22:50] *** snearch has quit IRC[15:22:51] <kaneda^> hey all, i'm having an issue where i see a connection incoming to the smtpd but it times out through my mail client. the MTA is on debian squeeze and the client is thunderbird on windows[15:23:28] <kaneda^> it says "connect from ..." then after a couple of minutes "lost connection after UNKNOWN from ..."[15:23:47] <kaneda^> i've fixed this before, but i can't remember how[15:26:03] <Zerberus> tcpdump the connection[15:28:19] *** Southron has joined #postfix[15:29:03] <kaneda^> Zerberus, i did, and then when i saw packets coming in i checked the mail log[15:29:10] <kaneda^> which shows a connection and then after a couple of minutes a disconnect[15:29:23] <kaneda^> when i telnet in i at least see an auth attempt when i do an auth attempt[15:29:28] <kaneda^> no such luck through my mail client[15:29:41] <Zerberus> kaneda^: it is important to analyse the payload - packets as tcp stack or smtp protocol?[15:30:19] <Zerberus> you may have an MTU problem or on higher level an smtp communication problem between client and server[15:30:54] *** [l33t] is now known as phenom[15:33:07] <kaneda^> Zerberus, it's probably something simple, but i'll grab the tcpdump logs[15:33:16] <kaneda^> just letting it time out naturally so you can see the final packets[15:34:40] <kaneda^> http://pastie.org/private/krqwrbm1btfd1lfzhnvvw[15:34:45] <Zerberus> kaneda^: it is easier if you run "tcpdump -i any -p -s 0 -w /var/tmp/postfix.pcap host $your_client_ip" and then analyze that later using wireshark[15:35:02] <kaneda^> it's not a lot of traffic[15:35:41] <Zerberus> even TCP fails[15:35:57] <kaneda^> i'm not really sure what's goin on here[15:36:04] <Zerberus> why are you using port 465 and SSL? is you client configured for that[15:36:11] <kaneda^> Zerberus, yes[15:36:16] <kaneda^> thunderbird supports smtps[15:36:34] <Zerberus> deprecated protocol[15:36:41] <kaneda^> oh?[15:37:03] <Zerberus> use STARTTLS on submission (port 587)[15:37:13] *** p3rror has quit IRC[15:37:20] <kaneda^> ok[15:37:22] <kaneda^> one sec[15:37:33] <Zerberus> but Postfix has to be configured for that![15:38:18] <Zerberus> does "openssl s_client -connect postfix_ip:465" work from client host?[15:39:15] <kaneda^> Zerberus, yes, i need to reconfigure postfix for tls[15:39:42] *** UQlev has joined #postfix[15:40:53] <kaneda^> ok, 587 is set up but i need to get our ISP to open up 587 in the hardware firewall[15:41:12] <kaneda^> the openssl version for tls just includes starttls at the end right?[15:41:33] <Zerberus> I do not understand your last question[15:41:55] *** Jaac has quit IRC[15:41:57] <Zerberus> openssl s_client -connect ... -starttls <- that will test STARTTLS[15:42:18] <Zerberus> right[15:42:29] <kaneda^> ok, so on the box (using the fqdn) i can connect to 587 using tls[15:42:46] <kaneda^> should be good to test from my mail client once the ISP opens up 587[15:44:47] <patdk-wk> isp to open up 587?[15:44:54] <patdk-wk> you have one insane isp[15:45:21] <kaneda^> nah, it's the legacy of our last admin[15:45:30] <kaneda^> he was paying for a hardware firewall that we can't directly manage[15:45:39] <kaneda^> needless to say after i fired him i cancelled the hardware order[15:46:04] <kaneda^> BUT, it's paid until the end of the month, so i have to talk to my ISP every time i want ports opened[15:51:05] *** p3rror has joined #postfix[16:01:21] *** Jaac has joined #postfix[16:01:53] *** Jaac has quit IRC[16:02:31] *** enoch has joined #postfix[16:02:39] *** enoch has joined #postfix[16:02:40] <enoch> hi[16:02:55] <enoch> i have a question a little bit out of topic...[16:03:10] *** enoch has left #postfix[16:03:16] *** enoch has joined #postfix[16:04:01] <enoch> i have to send some newsletters from my postfix server using php, how can i make gmail and other "big" providers display images and css?[16:04:27] <kaneda^> hmm? your mail client must be capable of html messages, gmail is already html capable[16:05:41] <kaneda^> Zerberus, what's -s 0 in what you sent me before?[16:05:59] <kaneda^> and what could analysis of that pcap file do for me?[16:06:29] <Zerberus> kaneda^: -s is snaplength and 0 unlimits it[16:06:37] <kaneda^> ok, what's snaplength?[16:06:45] <Zerberus> kaneda^: if you don't do that you have the full info for a later analysis[16:06:50] <Zerberus> payload[16:06:54] <kaneda^> ahhh, cool[16:07:05] *** elex1111110 has joined #postfix[16:07:29] <kaneda^> so is there something wrong w/ doing something like "tcpdump -nn 'host <MYHOST> and port 587'"[16:07:40] <Zerberus> kaneda^: and for wireshark analysis I thought there would have be more content to check[16:07:49] <kaneda^> ok, waht sort of info can i get from wireshark analysis?[16:07:57] <kaneda^> i ahve wireshark but mostly i'm just monitoring an interface to see if i get ACKs[16:08:03] <Zerberus> kaneda^: everything going over the wire[16:08:30] <kaneda^> ok, so i still have to know what each packet maens, it's not going to do an analysis and let me know what's going on[16:08:49] <enoch> kaneda^: on thunderbird i have to click "display remote content", but on the gmail webmail i can't see the css[16:09:45] <kaneda^> enoch, in gmail click "see original message" or source or whatnot[16:09:50] <kaneda^> is there css/html embedded?[16:12:31] <enoch> mhhh[16:13:08] <enoch> where can i enable it? in the header?[16:13:18] <kaneda^> not sure, i'm just learning myself ;p[16:13:23] <enoch> lol[16:13:29] <kaneda^> i'm guessing the type of mail being sent can be configured in your client[16:13:34] <kaneda^> i.e., plaintext vs html[16:13:39] <enoch> php is my client ;)[16:13:41] <kaneda^> right[16:13:49] <kaneda^> so i'd look up php + send html mail[16:15:26] <kaneda^> enoch, odds are php is using the mail client on your box[16:15:34] <kaneda^> so you might consider looking at postfix/sendmail config depending on what you're running[16:17:04] <kaneda^> i'm running roundcube on top of postfix/dovecot and i think that it takes care of html messages actually (and it's a PHP client)[16:21:22] <UQlev> kaneda^: it seems that enoch doesn't care to read messages with php client, he wants to send spam which can download from external sites components of web-message[16:21:35] <kaneda^> lol @ spam[16:21:48] <kaneda^> if gmail doesnt display it it probably considers the sender untrusted[16:22:01] * kaneda^ twiddles thumbs, waits for ISP to respond[16:22:27] <thumbs> hey, leave my thumbs alone![16:22:47] * kaneda^ hides[16:31:56] *** [diablo] has quit IRC[16:33:33] *** Facefox has quit IRC[16:35:28] *** ced117 has joined #postfix[16:35:29] *** ced117 has joined #postfix[16:36:31] *** elex1111110 has quit IRC[16:42:37] *** Facefox has joined #postfix[16:50:14] *** gerhard7 has joined #postfix[16:52:04] *** jkfod has quit IRC[16:53:28] *** p3rror has quit IRC[16:53:28] <jwing> Is there any way to enforce / enable an ID + Password authentication between 2 mail servers (e.g. postfix mta -> postfix mta)? I've been asked to enable such, but I can not think of any way to enable that.[16:54:40] *** shinao1 has quit IRC[16:56:18] <roe> sure there is[16:56:24] <roe> but not sure what the point is[16:56:50] <lunaphyte> yeah, what's the goal? why?[16:56:51] <jwing> How?[16:57:01] <roe> !smtpd_auth[16:57:02] <knoba> roe: Error: "smtpd_auth" is not a valid command.[16:57:05] <roe> !smtp_auth[16:57:05] <knoba> roe: Error: "smtp_auth" is not a valid command.[16:57:10] <lunaphyte> !smtpauth[16:57:10] <knoba> lunaphyte: "smtpauth" : a feature that authenticates trusted users for submitting email to postfix. See !sasl.[16:57:11] <roe> oh come on knoba[16:57:13] <jwing> Well.. the goal is to enable "strong authentication" between 2 mail servers in different "security zones".[16:57:27] <roe> knoba, I see how it is, you like lunaphyte better than I[16:57:39] <jwing> yeah.. that's user -> server auth. How do you configure postfix to do such?[16:58:09] <tharkun> jwing: Is this server -> server secure connection going to have lots of traffic?[16:58:11] <roe> you configure the sending server to use a username and password when sending to the server in question[16:58:28] <roe> but it isn't going to really result in "strong authentication"[16:58:38] <roe> whatever that is[16:58:59] <jwing> tharkun: it will have bursts of heavy traffic[16:59:01] *** Driver has quit IRC[16:59:10] <roe> jwing, what is the motiviation[16:59:23] <roe> what are your pointy haired bosses trying to prevent[16:59:59] <jwing> security protocols. Security rules. Basically, they want to lock down communication between 2 servers in 2 security zones so the servers can refuse based upon id/password.[17:00:12] <jwing> vs simple firewall rules.[17:00:32] <lunaphyte> in this particular example, what are each of these two server actually for?[17:00:54] <jwing> mail being transferred from one security zone to another for delivery three[17:00:56] <jwing> there[17:01:15] <jwing> or further relaying.. as needed[17:01:27] * tharkun wonders why not set up a vpn and sent traffic through it. Disallowing rest of the world mail on both servers[17:01:46] <jwing> they'd still want id/password.. even w/ the vpn :)[17:02:08] <lunaphyte> well, the answer to your question is in the factoids that have been shared with you so far, but one can't help but wonder about the bigger picture. something doesn't smell right.[17:02:20] <tharkun> iptables to filter everything else[17:03:01] <jwing> the bigger picture is simply... general rules for any server to server communication between security zones.[17:03:26] <jwing> It's not a matter of intelligence in regards to what specifically is happening. It's a large blanket rule.[17:04:45] *** Facefox has quit IRC[17:05:27] <roe> one might suggest that the rule is flawed, if for no other reason, than using certificates probably makes more sense than a username nad password[17:05:30] *** shinao1 has joined #postfix[17:06:10] *** Facefox has joined #postfix[17:06:18] <jwing> yeah.. I agree. Even proposed. But PHB security guys only know one thing.[17:06:19] *** Facefox has quit IRC[17:06:50] *** Facefox has joined #postfix[17:07:00] <jwing> firewalls do exactly what they want w/o the moronic overhead of repetitive authentication.[17:07:49] *** p3rror has joined #postfix[17:08:05] *** rmayorga has quit IRC[17:09:36] <jwing> ok.. if I enable the smtp auth.. will that require an auth for each mail message sent? Or will the protocol allow for one auth as long as the current communication channel is alive?[17:10:14] *** Facefox has joined #postfix[17:11:28] *** rmayorga has joined #postfix[17:12:31] *** tjikkun_work has quit IRC[17:17:03] *** UQlev has quit IRC[17:18:07] <patdk-wk> one auth per connection[17:18:20] <jwing> ok.. thanks[17:21:26] *** amir has quit IRC[17:26:27] *** amir has joined #postfix[17:26:54] *** Driver has joined #postfix[17:27:30] *** d3c has joined #postfix[17:27:35] *** robinho86 has joined #postfix[17:35:22] *** tr-808 has quit IRC[17:36:11] *** tr-808 has joined #postfix[17:36:14] *** tr-808_ has joined #postfix[17:38:18] *** wdp has quit IRC[17:38:26] *** Driver has quit IRC[17:41:36] *** elex1111110 has joined #postfix[17:41:37] *** tr-808_ has quit IRC[17:41:37] *** tr-808 has quit IRC[17:42:30] *** tr-808 has joined #postfix[17:43:35] *** tr-808_ has joined #postfix[17:47:25] *** wimpog has joined #postfix[17:47:30] *** tr-808 has quit IRC[17:48:11] *** Driver has joined #postfix[17:48:18] *** tr-808 has joined #postfix[17:48:37] <wimpog> what do I change in postfix settings for proper reverse DNS? Currently, when I telnet to it on port 25 it shows 220 with the actual server host.[17:49:05] *** tr-808_ has quit IRC[17:49:14] <patdk-wk> you don't?[17:49:56] <wimpog> patdk-wk: I don't what?[17:49:57] *** kiri has quit IRC[17:49:58] *** tr-808_ has joined #postfix[17:50:16] <patdk-wk> change postfix settings for proper reverse dns[17:51:04] <wimpog> patdk-wk: the problem is that it currently shows the actual hostname of the server as it is defined by the hosting provider, under a different domain.[17:51:58] <patdk-wk> !tell wimpog basic[17:51:58] <knoba> wimpog: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[17:52:04] <wimpog> patdk-wk: my domain is different. They told me it has to be my domain in order for them to create a reverse dns record.[17:52:28] <patdk-wk> dns has nothing to do with postfix[17:53:06] *** tr-808 has quit IRC[17:53:11] <wimpog> patdk-wk: ok, well. What do I do then? My postfix server currently does not have a reverse DNS entry.[17:54:03] *** tr-808 has joined #postfix[17:54:19] <patdk-wk> well, then you need to get one[17:54:20] <roe> wimpog, add a reverse dns to your authoritative zone[17:54:54] <wimpog> patdk-wk: roe: reverse DNS is done by my hosting provider.[17:55:11] <roe> wimpog, then have them add it[17:55:43] *** tr-808_ has quit IRC[17:55:47] <patdk-wk> I still don't get it[17:55:52] <patdk-wk> you want us to add your reverse dns?[17:56:01] <thumbs> patdk-wk: YES YES DO IT[17:56:27] <wimpog> patdk-wk: roe that's what I told them. But here is the problem. They told me they need to map it to MY domain name, but Postfix responds with the default domain name which is THEIRS.[17:56:31] *** tr-808_ has joined #postfix[17:56:59] <roe> huh?[17:57:14] <patdk-wk> so?[17:57:23] <patdk-wk> first steps first, get your reverse dns fixed[17:57:24] <roe> postfix responds to tcp connections[17:57:39] <roe> it doesn't know anything about DNS[17:57:43] <patdk-wk> if they require you do have your dns working first, fix your dns[17:57:44] <wimpog> patdk-wk: roe thumbs so if I give them aaa.com to set up reverese dns for but postfix shows bbb.com, then it does no good[17:57:48] <patdk-wk> none of this depends on postfix[17:58:27] <patdk-wk> !example[17:58:27] <knoba> patdk-wk: "example" : Example.TLD has been reserved for examples in generic top-level domains (com,net,org) and many other TLDs. Please do not use real Internet names as examples.[17:58:27] <roe> wimpog, I think you need to read a bit more[17:58:27] <wimpog> patdk-wk: roe that's what I'm trying to figure out what to do here.[17:58:53] <roe> !tell wimpog welcome[17:58:53] <knoba> wimpog: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[17:59:05] <wimpog> patdk-wk: so it doesn't matter what Postfix banner is?[17:59:14] <patdk-wk> on receive? nope[17:59:17] *** tr-808 has quit IRC[17:59:39] <patdk-wk> doesn't even need reverse dns[18:00:09] *** tr-808 has joined #postfix[18:00:20] <wimpog> patdk-wk: I read that it is used to validate the origin of messages[18:00:53] <patdk-wk> the *banner* is only used on receive, and you don't validate yourself, you validate the sender[18:01:19] <patdk-wk> therefor everything you said is pointless[18:01:30] <patdk-wk> now if you want to fix your *helo*, that is a different story[18:01:35] *** Jaac has joined #postfix[18:01:39] <wimpog> patdk-wk: I'm really confused now[18:01:58] *** tr-808_ has quit IRC[18:02:40] <patdk-wk> maybe you should start with understand how email works[18:02:53] <patdk-wk> then you will know what your asking[18:03:05] *** tr-808_ has joined #postfix[18:03:16] <wimpog> patdk-wk: this is what I have: server.mydomain.com CNAME server.hostingprovider.com[18:03:34] <patdk-wk> ok, you defently don't know how email works[18:03:46] *** feisar has quit IRC[18:03:59] <wimpog> patdk-wk: well, tell me[18:04:09] <patdk-wk> Idon't have time to spend a week telling you[18:04:13] <patdk-wk> get yourself a book[18:04:32] <wimpog> patdk-wk: which book in particular?[18:04:39] *** MaximusColourum has joined #postfix[18:04:45] <patdk-wk> I perfer all the smtp rfc's[18:05:00] *** tr-808 has quit IRC[18:05:25] *** adrian15 has left #postfix[18:05:37] <wimpog> patdk-wk: well, the problem is, I need to get it working today. That's the task I was given[18:05:57] <patdk-wk> better start reading[18:06:05] <wimpog> patdk-wk: I use mxtoolbox.com to validate my settings, and reverse DNS is the only problem I have left now[18:06:12] *** tr-808 has joined #postfix[18:06:44] <thumbs> and it's a trivial one to fix, and unrelated to postfix :)[18:07:11] * patdk-wk doesn't get peoples obsession with cname's[18:07:15] <wimpog> thumbs: would you be so kind to advice?[18:07:25] <patdk-wk> considering they aren't valid for email servers at all[18:07:48] <wimpog> thumbs: I'd certainly prefer not to change postfix settings, if possible, because everything else is working[18:08:10] <wimpog> patdk-wk: well, that's good to know. Should I remap to IP addresses?[18:08:11] <thumbs> wimpog: you don't need to play with postfix![18:08:13] *** tr-808_ has quit IRC[18:08:27] <wimpog> thumbs: that's good![18:08:33] <patdk-wk> thumbs, he needs one postfix change, likely, but LOTS of dns changes[18:09:03] *** shinao1 has quit IRC[18:09:06] <patdk-wk> as the postfix change will take 2min or less[18:09:10] <patdk-wk> and dns could take >24hours[18:09:14] <patdk-wk> I would start on dns :)[18:09:27] *** tr-808_ has joined #postfix[18:09:48] <wimpog> patdk-wk: the DNS is lowered[18:10:17] *** Silowyi has joined #postfix[18:10:18] * patdk-wk raises DNS $10[18:10:35] <wimpog> patdk-wk: I mean the DNS TTL is lowered[18:11:27] *** tr-808 has quit IRC[18:12:26] *** tr-808 has joined #postfix[18:12:58] <Silowyi> Is there a way to have two mailboxes such that every message to either mailbox is delivered to both? Aliases can be used, but they have to be two separate mailboxes.[18:13:48] *** Steve_The_Pirate has joined #postfix[18:14:29] *** shinao1 has joined #postfix[18:15:12] *** tr-808_ has quit IRC[18:16:15] *** tr-808_ has joined #postfix[18:17:23] *** tr-808 has quit IRC[18:18:23] *** tr-808 has joined #postfix[18:21:55] *** tr-808_ has quit IRC[18:22:02] *** Facefox has quit IRC[18:22:51] *** tr-808_ has joined #postfix[18:23:13] *** tr-808 has quit IRC[18:23:37] <wimpog> ok, I get now a warning: "Warning - Reverse DNS does not match SMTP Banner" in mxtoolbox. Is this something to worry about?[18:24:27] *** tr-808 has joined #postfix[18:25:36] *** cornfeed has joined #postfix[18:25:39] <cornfeed> hello[18:26:34] <wimpog> cornfeed: hello[18:28:37] *** tr-808_ has quit IRC[18:29:07] <roe> wimpog, you should fix it[18:29:31] <wimpog> roe: could you please tell what exactly I should fix and how?[18:29:33] *** tr-808_ has joined #postfix[18:29:38] *** tr-808 has quit IRC[18:29:45] <roe> !banner[18:29:45] <knoba> roe: Error: "banner" is not a valid command.[18:29:51] <roe> !smtp_banner[18:29:51] <knoba> roe: Error: "smtp_banner" is not a valid command.[18:29:54] <roe> !smtpbanner[18:29:54] <knoba> roe: Error: "smtpbanner" is not a valid command.[18:29:59] <wimpog> roe: why don't you just tell me[18:30:19] <patdk-wk> !myhostname[18:30:19] <knoba> patdk-wk: "myhostname" : a configuration parameter in the main.cf: The internet hostname of this mail system. The default is to use the fully-qualified domain name from gethostname(). $myhostname is used as a default value for many other configuration parameters.[18:30:23] <roe> because I don't remember the actual config parameter[18:30:35] *** tr-808 has joined #postfix[18:30:44] <roe> !smtpd_banner[18:30:44] <knoba> roe: "smtpd_banner" : a configuration parameter in the main.cf: The text that follows the 220 status code in the SMTP greeting banner. Some people like to see the mail version advertised. By default, Postfix shows no version.[18:31:00] *** Facefox has joined #postfix[18:31:20] <wimpog> roe: both thumbs and patdk-wk told me I don't need to change anything in postfix[18:31:31] <patdk-wk> that isn't what I said :)[18:31:36] *** MaximusColourum has quit IRC[18:31:40] <roe> actually what they said is you don't need to change anything in postfix to set your rdns correclty[18:31:42] <patdk-wk> I said, you likely have 1 change to make[18:31:45] <cornfeed> i am having a serious problem....at one point I had setup amavis filtering. right now that is causing a problem so I removed it from everything. but even after restarting and reloading postfix, it still thinks it needs to use private\smtpd-amavisd....here are my configs..http://dpaste.org/M9HHt/[18:32:27] <cornfeed> even though i removed it I still get warning: warning: connect to transport private/smtp-amavis: Connection refused[18:32:28] <patdk-wk> cornfeed, that isn't a postconf -n[18:32:33] <cornfeed> sorry[18:32:52] <patdk-wk> and any existing email will go to the existing destination, likely you need to requeue your emails[18:33:10] <wimpog> roe: thanks roe[18:33:21] <cornfeed> http://dpaste.org/jYwON/patdk-wk:[18:33:29] <cornfeed> patdk-wk: http://dpaste.org/jYwON/[18:34:03] <roe> wimpog, you should also probably read a !basic because this is all covered in the docs[18:34:29] <patdk-wk> cornfeed, looks ok[18:34:38] <patdk-wk> likely you jsut need to requeue, I'm not sure how to do that though[18:34:42] <patdk-wk> as I have never needed to[18:34:55] *** tr-808_ has quit IRC[18:35:21] *** tr-808 has quit IRC[18:35:31] <wimpog> roe: If I were given 1-2 weeks to do this, then I would probably start reading the basics, but if I was told to do this by the end of today, then you get my situation...[18:35:46] <cornfeed> thanks!!!!!!!![18:35:56] *** tr-808 has joined #postfix[18:36:13] <roe> wimpog, are you going to have to continue to support it?[18:36:29] <wimpog> roe: yes[18:36:46] *** tr-808_ has joined #postfix[18:36:53] <wimpog> roe: I agree, I do need to read on it, and probably will[18:36:53] <roe> then you should read !basic as this is all covered in the docs[18:37:18] <wimpog> roe: if you can suggest a book, I'd be thankful.[18:37:25] <wimpog> !basic[18:37:25] <knoba> wimpog: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[18:37:39] <roe> the postfix documentation is some of the best I've seen[18:37:44] <roe> start there[18:37:49] <roe> oreilly makes a decent book too[18:38:30] <wimpog> roe: does it also explain the proper DNS settings, etc.?[18:38:38] <roe> !super_basic[18:38:38] <knoba> roe: "super_basic" : Setting up an 'Email Server' has many moving parts. If you don't understand what you are doing, start here: http://en.wikipedia.org/wiki/E-mail#Operation_overview[18:38:49] <roe> that gives you a broader picture of all of the pieces[18:39:26] <roe> !fcrdns[18:39:27] <knoba> roe: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost[18:39:31] <roe> so does that[18:40:22] <wimpog> roe: thanks[18:40:27] <roe> knoba knows all[18:41:33] *** tr-808 has quit IRC[18:41:46] <wimpog> roe: thanks anyway[18:41:57] <wimpog> patdk-wk: thank you too.[18:41:59] *** tr-808 has joined #postfix[18:42:03] <wimpog> thumbs: thanks![18:42:11] *** tr-808_ has quit IRC[18:42:50] *** tr-808_ has joined #postfix[18:46:36] <wimpog> I have another question. If I want an internal SMTP server that would deliver mail sent to it locally and block its port 25 on the firewall, so that others cannot try to send mail to it. Will that cause validation/reverse DNS problems, or something else?[18:47:14] *** tr-808 has quit IRC[18:47:55] *** tr-808 has joined #postfix[18:48:21] *** tr-808_ has quit IRC[18:48:57] *** tr-808_ has joined #postfix[18:48:57] <roe> as long as your dns is configured correctly then it shouldn't be a problem[18:49:21] <wimpog> roe: thanks![18:49:34] *** Facefox has quit IRC[18:49:46] *** Steve_The_Pirate has quit IRC[18:50:37] <wimpog> roe: from what I read I need an A record, an MX record and a PTR record. Instead of an A record I have a CNAME record, I do have an MX record and my provider configures the PTR record.[18:50:58] *** p3rror has quit IRC[18:51:31] *** Facefox has joined #postfix[18:52:16] <wimpog> roe: is it a problem that I have the CNAME record instead of the A record?[18:52:49] <roe> your server doesn't have an A record?[18:52:53] *** tr-808 has quit IRC[18:53:18] <roe> what is it cnaming to?[18:53:43] *** tr-808 has joined #postfix[18:53:46] *** tr-808 has joined #postfix[18:53:46] <roe> I think I know where your confusion is[18:53:57] *** tr-808_ has quit IRC[18:54:21] <roe> the name of the server is not relevant to the domain with which it servers mail for[18:55:02] *** tr-808_ has joined #postfix[18:55:48] <roe> that is awkwardly worded[18:55:50] <wimpog> roe: my hosting provider assigns default server names in its domain, so I just created a hostname in my domain that points to that default hostname[18:56:13] <roe> if your server name is foo.bar.com then the mx record for your domain should reflect that[18:56:20] <roe> it doesn't matter what your domain name is[18:56:40] <wimpog> roe: my server is foo.bar.com CNAME baz.qux.net[18:56:40] <roe> understand?[18:56:52] <roe> don't use the cname[18:57:03] <roe> or rename your server[18:57:18] <wimpog> roe: then I also have smtp.bar.com MX 10 foo.bar.com[18:58:54] *** tr-808 has quit IRC[18:58:59] <wimpog> roe: so do you suggest to change it from CNAME to IP?[18:59:52] *** tr-808 has joined #postfix[18:59:53] <wimpog> roe: do you see how I have two DNS records: one CNAME and one MX? Why is CNAME a problem?[19:00:18] *** tr-808_ has quit IRC[19:00:58] *** tr-808_ has joined #postfix[19:01:02] *** Facefox has quit IRC[19:01:30] *** Facefox has joined #postfix[19:04:08] *** uqlev has joined #postfix[19:04:13] *** Facefox has joined #postfix[19:04:53] *** tr-808 has quit IRC[19:05:17] *** p3rror has joined #postfix[19:05:41] *** tr-808 has joined #postfix[19:05:57] *** tr-808_ has quit IRC[19:06:19] *** Alagar has joined #postfix[19:06:48] *** tr-808_ has joined #postfix[19:08:47] *** Facefox has joined #postfix[19:10:48] *** tr-808 has quit IRC[19:10:55] <wimpog> roe: how about this… I have two hostnames for my server - one general - foo.bar.com, which is an A record, and one for smtp - smtp.bar.com, which requires an A and an MX record. Since both foo.bar.com and smtp.bar.com, can I make smtp.bar.com CNAME foo.bar.com? or should smtp.bar.com still be an A record?[19:11:30] *** tr-808 has joined #postfix[19:13:57] <patdk-wk> why would smtp.x require a A or MX?[19:14:17] <patdk-wk> normal people don't do, wimpog at smtp dot x[19:14:45] <patdk-wk> wimpog, you really need to understand how dns works, and this isn't the place for it[19:15:43] <wimpog> patdk-wk: this is an SMTP only server[19:15:56] <patdk-wk> so?[19:16:14] <wimpog> patdk-wk: what about smtp.gmail.com?[19:16:22] <patdk-wk> what about it?[19:16:50] <wimpog> patdk-wk: you confuse me[19:16:51] <patdk-wk> people don't do, wimpog at smtp dot gmail.com and smtp.gmail.com doesn't have an mx record[19:17:22] <wimpog> patdk-wk: so I don't need an mx record for my mail server?[19:17:37] <patdk-wk> you don't even know what dns entries are used for what[19:17:44] <patdk-wk> so you have no hope in setting up dns correctly[19:17:56] <wimpog> patdk-wk: that's what you keep telling[19:17:58] <patdk-wk> but no, smtp.x normally would never have an mx entry[19:18:08] <wimpog> patdk-wk: but I read this: http://www.ipswitch.com/support/ics/guides/IMailServer/8_2/IMailGSG8_2HTML/Output/Appendix%20A%20dns4.html[19:18:16] <patdk-wk> I keep telling you that, cause you failed to understand it[19:18:35] <patdk-wk> that webpage has it right[19:18:39] <patdk-wk> you just failed to read it[19:19:20] * patdk-wk notes the lack of smtp.example.com ANYWHERE on that page[19:19:44] <wimpog> patdk-wk: I used smtp as an example. could be qux.bar.com[19:20:04] <patdk-wk> your examples fail, cause you can't create an example then[19:20:11] <patdk-wk> in this channel we deal with real names[19:20:20] <patdk-wk> or using example[19:20:22] <patdk-wk> !example[19:20:22] <knoba> patdk-wk: "example" : Example.TLD has been reserved for examples in generic top-level domains (com,net,org) and many other TLDs. Please do not use real Internet names as examples.[19:20:37] <patdk-wk> if you can't use example correctly, I can't help you, stick to real names[19:20:55] <wimpog> patdk-wk: I don't think you want to help[19:21:10] <wimpog> patdk-wk: you just keep saying that I don't understand this and that, that I failed in this and that[19:21:10] <patdk-wk> nope, cause you just keep failing at everything we attempt to help you with[19:21:21] <patdk-wk> you failed to read the document you posted[19:21:30] <patdk-wk> you fail to create meaningful examples[19:21:41] <patdk-wk> then you blame your poor examples on over mung[19:21:42] <patdk-wk> !mung[19:21:42] <knoba> patdk-wk: "mung" : Mash Until No Good : the art of obfuscating data which ultimately results in unintentional consequences such as making diagnostics impossible.[19:22:03] <patdk-wk> how can anyone want to help you, when they can't even figure out what you mean[19:22:23] <wimpog> roe: helped me quite a bit, and one other person from another forum[19:24:14] <wimpog> so I'm not sure that what I say is totally meanigless[19:24:30] <patdk-wk> your domain is bar.com?[19:24:32] <wimpog> patdk-wk: but if you like to make fun of people for not understanding something, then so be it[19:24:36] <patdk-wk> and your mailserver is smtp.bar.com?[19:25:10] <wimpog> patdk-wk: yes. This is not an SMTP server for this domain, it is used for other purposes.[19:26:04] <wimpog> patdk-wk: this is just a server that has postfix running on it. It does not receive/send mail for the bar.com domain, there is another server for this purposes[19:26:28] <roe> wimpog, the patdk-wk is making is that you are in way over your head and it doesn't matter what your PHB ask for, there is a lot to undestand before you can successfully configure a mail server. And it isn't this channel's responsibility to hold your hand[19:26:49] <roe> a mail server is a complex beast[19:27:12] <roe> it generally takes me about a week to configure a basic mailserver[19:27:13] <patdk-wk> hmm, sounds like you want a relay server[19:27:18] <patdk-wk> if it doesn't handle email accounts[19:27:21] <patdk-wk> there is no point to anything[19:27:30] <patdk-wk> no A/MX/CNAME/... nothing at all is required[19:28:24] <patdk-wk> this is the issue[19:28:30] <wimpog> patdk-wk: yes, a relay, but it should still pass all the validations, like reverse DNS[19:28:33] <patdk-wk> it took that long to figure out you wanted a relay server[19:28:36] <patdk-wk> you didn't ask for it[19:28:44] <patdk-wk> you kept confusing the fact with MX dns entries[19:29:16] <wimpog> patdk-wk: no MX records needed?[19:29:29] <patdk-wk> MX is ALWAYS optional[19:29:34] <patdk-wk> but normally you want them[19:29:39] <wimpog> patdk-wk: I have that[19:29:40] <patdk-wk> but they are only used for RECEIVING email[19:29:50] <wimpog> patdk-wk: yeah, this one sends only[19:29:57] <roe> !mxrecord[19:29:57] <knoba> roe: "mxrecord" : a DNS resource record specifying a host name that Internet mail for a recipients' domain is to be routed to. The host name assigned to the MX record must have a corresponding A record, not a CNAME and the MX record host name must not be expressed as an IP address literal. A domain can have multiple exchangers with multiple MX records having varying levels of priority.[19:30:01] <patdk-wk> since your not receiving from the general public, they won't be used[19:31:20] <wimpog> patdk-wk: but I do need A or CNAME if I want to specify a different hostname[19:31:51] <patdk-wk> it doesn't matter[19:31:57] <roe> why do you care about your hostname so much?[19:31:59] <patdk-wk> you can do whatever you want[19:32:11] <wimpog> patdk-wk: say, the server is a.bar.com (A xxx.xxx.xxx.xxx). and I want another hostname (b.bar.com) can the b be a CNAME of a?[19:32:32] <wimpog> roe: because we have other systems that have it different[19:32:49] <wimpog> roe: so it would be easier for me to simply add a CNAME than to tell people to change in other systems[19:32:52] <roe> that half-sentence doesn't make sense[19:33:04] <patdk-wk> this is why I said don't use fake names[19:33:10] <patdk-wk> use real hostnames and domains[19:33:19] <patdk-wk> there is way too many A's in that sentence[19:33:23] <patdk-wk> to know what a each a is[19:33:55] <wimpog> roe: lower a - server, upper A - DNS record (it is always case sensitive) :)[19:34:13] <patdk-wk> a cname a[19:34:19] <patdk-wk> you cant loop a cname[19:34:21] <patdk-wk> that would be evil[19:34:38] <roe> I'm expending too much energy following this conversation[19:34:40] <wimpog> patdk-wk: no, but b.bar.com CNAME a.bar.com[19:35:01] <wimpog> patdk-wk: and a.bar.com A XXX.XXX.XXX.XXX[19:35:06] <patdk-wk> do you know the o'connor company?[19:35:21] <wimpog> patdk-wk: all I'm asking is that valid for a relay server[19:35:27] <patdk-wk> cause I still seriously doubt you own bar.com[19:35:39] <wimpog> patdk-wk: no I don't[19:35:43] <patdk-wk> then don't use it[19:35:49] <patdk-wk> I don't know how many times I have to say that[19:35:50] <wimpog> patdk-wk: too long to type the real one[19:35:51] <patdk-wk> !example[19:35:51] <knoba> patdk-wk: "example" : Example.TLD has been reserved for examples in generic top-level domains (com,net,org) and many other TLDs. Please do not use real Internet names as examples.[19:36:06] <wimpog> patdk-wk: ok, I get it[19:36:08] <patdk-wk> sorry, it's too long for me to help you, if you can't follow basic policy[19:36:09] *** elex1111110 has quit IRC[19:36:10] <wimpog> patdk-wk: let me try again[19:36:27] <patdk-wk> it's extreemly rude to steal other peoples domains[19:36:48] <wimpog> patdk-wk: testing.example.com A xxx.xxx.xxx.xxx[19:37:05] <wimpog> patdk-wk: smtptesting.example.com CNAME testing.example.com.[19:37:14] <wimpog> patdk-wk: how about that?[19:37:27] <wimpog> patdk-wk: no, I don't steal :)[19:37:32] <patdk-wk> as long as you never do, user at smtptesting dot example.com[19:37:44] *** enoch has quit IRC[19:37:55] <patdk-wk> you can do whatever you feel like, with it[19:38:08] <wimpog> patdk-wk: that should never happen is this is outgoing server only, does not accept mail or anything like that[19:38:52] <wimpog> patdk-wk: and I still do have that MX record, but I guess there is no harm in it[19:39:26] <patdk-wk> mx?[19:40:17] <wimpog> patdk-wk: smtptesting.example.com MX 10 testing.example.com[19:40:47] <patdk-wk> do you know the rules about using cname?[19:40:52] <wimpog> patdk-wk: not correct/needed?[19:40:53] <patdk-wk> you just completely broke dns[19:41:01] <patdk-wk> completely invalid[19:41:13] <wimpog> patdk-wk: what's invalid?[19:41:23] *** cornfeed is now known as zz_cornfeed[19:41:25] <patdk-wk> having ANYTHING beside CNAME[19:42:02] <wimpog> patdk-wk: what if I change that CNAME to A?[19:42:26] <patdk-wk> then MX is ok[19:42:29] <patdk-wk> but still, why?[19:42:43] <wimpog> patdk-wk: ok, let me fix that first[19:42:43] <patdk-wk> you claimed your not sending email to user at smtptesting dot example.com[19:42:56] <patdk-wk> therefor MX isn't needed at all[19:42:59] <wimpog> patdk-wk: deleting it. I do now see the CNAME restriction[19:43:06] <wimpog> patdk-wk: just read aobut it[19:43:10] <patdk-wk> hell, smtptesting.example.com isn't needed at all, except for your own usefulness[19:44:23] <wimpog> patdk-wk: yes, it is not, but, some systems already have it in their settings, so I cannot change it there[19:45:18] <wimpog> patdk-wk: well, it all comes down to being simpler than what I had/thought[19:45:44] *** jkfod has joined #postfix[19:46:23] <wimpog> patdk-wk: one more thing can testing.example.com be a CNAME instead of an A?[19:46:49] <patdk-wk> I can't remember if chaining cnames is valid[19:46:58] <patdk-wk> and what is testing.example.com?[19:47:33] <wimpog> patdk-wk: just a server[19:47:48] <patdk-wk> isn't everything, just a server[19:47:53] <patdk-wk> atleast if it isn't a workstation, or phone[19:48:35] <wimpog> patdk-wk: what in particular would you like to know[19:48:45] <patdk-wk> what it is :)[19:48:45] <wimpog> patdk-wk: but in general it is a unix server[19:49:01] <patdk-wk> how does it fit into this whole scenario[19:49:09] <wimpog> patdk-wk: testing.inresonance.com is currently an A record[19:49:39] <wimpog> patdk-wk: yeah, here that's the real one[19:49:50] <patdk-wk> well, we explained all the limitations[19:49:57] <patdk-wk> is it the *target* of a MX entry?[19:50:09] <wimpog> patdk-wk: not anymore[19:50:24] <patdk-wk> then it can be whatever you want, and doesn't matter to email atleast[19:51:02] <wimpog> patdk-wk: thanks[19:52:18] <wimpog> patdk-wk: I just found that chaning CNAMES is valid[19:53:19] *** d3c has quit IRC[19:55:29] <wimpog> patdk-wk: anyway, thanks for the help, sorry for the confusion, I was/still am under pressure here, but at least I have this figured out…[19:56:31] *** gongoputch has joined #postfix[20:00:32] <wimpog> patdk-wk: I think, I understand these things better now![20:00:40] <wimpog> patdk-wk: will need to read more[20:03:27] *** jkfod has quit IRC[20:04:20] *** jkfod has joined #postfix[20:06:01] *** jkfod has quit IRC[20:06:37] *** jkfod has joined #postfix[20:12:12] *** GieltjE has quit IRC[20:14:09] *** shinao1 has quit IRC[20:19:47] *** tr-808 has quit IRC[20:21:10] *** uqlev has quit IRC[20:25:15] *** tr-808_ is now known as tr-808[21:02:15] *** magyar has quit IRC[21:08:55] *** elex1111110 has joined #postfix[21:10:55] *** Southron has left #postfix[21:14:39] *** elex1111111 has joined #postfix[21:15:33] *** elex1111110 has quit IRC[21:31:06] *** jkfod has quit IRC[21:31:43] <jwing> Any ideas why this saslauth setup w/ postfix is failing? http://pastebin.com/UmW10XR0[21:31:58] <jwing> The same username/password obviously works when tested w/ testsaslauthd.[21:33:37] <patdk-wk> I should hope that wouldn't work[21:33:43] <patdk-wk> type your password correctly[21:34:59] *** p3rror has quit IRC[21:35:02] *** shinao1 has joined #postfix[21:35:35] <jwing> ?[21:35:51] <jwing> it's base64 encoded for plain auth[21:35:54] <patdk-wk> your passwords don't match[21:36:08] <patdk-wk> AHl6cG9zdGZpeABGJToye159SDoqO197Zm0=[21:36:15] <patdk-wk> how come my base64 is different from yours then?[21:36:24] <jwing> :/[21:36:41] <jwing> I just used the result from the perl command to encode it[21:36:57] <patdk-wk> and like I said, you can't type your own password correctly :)[21:38:02] <jwing> not sure how you figure. I put the string in a decoder and it reports right[21:38:18] <patdk-wk> heh?[21:38:22] <jwing> http://www.webpan.com/Customers/Email/base64_conversion.htm[21:38:28] <jwing> I tossed the encoded string into that.[21:38:38] <jwing> It comes back NULLusernameNULLpassword[21:38:42] <jwing> just like it is supposed to[21:38:58] <patdk-wk> yes it does[21:39:07] <patdk-wk> but just not the same password as used in testsaslauthd[21:39:12] <patdk-wk> so what password is correct?[21:39:18] <patdk-wk> I would assume the testsaslauthd one[21:39:29] <jwing> oh..geez[21:39:38] <jwing> yeah.. lost a character somewhere :)[21:40:29] <jwing> much better.[21:40:37] <jwing> least my test/validation was working. :))[21:48:21] *** magyar has joined #postfix[21:48:22] *** magyar has joined #postfix[21:54:25] *** wimpog has quit IRC[22:04:21] *** Section1 has quit IRC[22:19:03] *** MAAAAAD has quit IRC[22:20:37] *** jeev has quit IRC[22:21:14] *** snearch has joined #postfix[22:24:52] *** shinao1 has quit IRC[22:25:49] *** shinao1 has joined #postfix[22:27:29] *** elex1111111 has quit IRC[22:28:05] *** elex1111111 has joined #postfix[22:30:43] *** cirox has joined #postfix[22:30:57] *** wdp has joined #postfix[22:35:31] *** snearch has quit IRC[22:42:43] *** bvenkat_ has joined #postfix[22:44:34] *** cirox has quit IRC[22:53:35] *** cirox has joined #postfix[22:56:41] *** wdp has quit IRC[23:07:49] *** Allex944 has joined #postfix[23:08:09] *** himik has quit IRC[23:17:07] *** gerhard7 has quit IRC[23:18:47] *** d3c has joined #postfix[23:22:31] *** cirox has left #postfix[23:22:35] *** cirox has joined #postfix[23:23:39] <cirox> !welcome[23:23:39] <knoba> cirox: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[23:28:02] *** enoch has joined #postfix[23:28:06] *** enoch has joined #postfix[23:28:07] <enoch> hi all[23:28:16] <enoch> a question a little bit out of topic :P[23:29:43] <enoch> i have a postfix server but my mail are rejected from some providers with this reason: "poor mta reputation"[23:30:34] <enoch> checking on http://www.senderbase.org/senderbase_queries/detailip?search_string=95.169.188.222 im not getting a real help :( what can i do?[23:35:35] *** ced117 has quit IRC[23:35:41] <Zerberus> enoch: ask the postmasters[23:38:00] <enoch> Zerberus: im the postmaster![23:38:11] <enoch> but i only own this ip in the range[23:39:20] <Zerberus> enoch: I mean, ask the postmaster of the recipient side why they count you with bad reputation[23:40:16] <enoch> Zerberus i tryied but they're idiots[23:40:17] <Zerberus> they may demand SPF / DKIM records you do not have, you may send too many mails in short time to their systems without noticing them you send legitimate newsletters[23:40:40] <enoch> i have spf record ...[23:43:15] <enoch> is the dkim record needed?[23:43:38] <enoch> but why senderbase does not display the owner of my ip?[23:52:49] <jwing> recipients make their own rules as to why they accept/reject email. You can only determine a resolution by talking to them.[23:54:31] <jwing> enoch.. is your dns set up correctly? i.e. mail relay has the same name as the reverse of the ip?[23:54:41] <jwing> that's an easy one to do if it's not done[23:55:15] <jwing> 122.188.169.95.in-addr.arpa. 86316 IN PTR ns.km36824-13.keymachine.de.[23:55:42] <jwing> that's what I get for that IP.. is your mail server identified as such?[23:55:58] *** kaneda^ has left #postfix[23:56:41] <jimpop> i don't get that result[23:57:00] <jimpop> ~$ host 95.169.188.222[23:57:01] <jimpop> 222.188.169.95.in-addr.arpa domain name pointer mail.icmedia.it[23:57:09] <jimpop> ~$ host mail.icmedia.it.[23:57:10] <jimpop> mail.icmedia.it has address 95.169.188.222[23:57:10] *** elex1111111 has quit IRC[23:57:35] *** enoch has quit IRC[23:57:44] <jwing> hmm..wonder if there's a middle cache somewhere[23:57:45] <JPT> ah, jwing, you have a typo there ;)[23:57:49] <JPT> 122 != 222[23:57:53] <jwing> ah.. well close :)[23:58:19] <JPT> :)[23:58:42] <jwing> so.. hopefully.. the mail server is id'ing itself as 'mail.icmedia.it'[23:59:13] <jwing> forward/reverse does look good