June 18, 2012 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
June 18, 2012 [00:07:20] *** wdp_ has quit IRC[00:10:50] *** jkfod has quit IRC[00:16:17] *** viddy has quit IRC[00:16:18] *** prooz has quit IRC[00:22:12] *** nowthatsamatt_ has joined #postfix[00:23:58] *** nowthatsamatt_ has quit IRC[00:37:33] *** viddy has joined #postfix[00:37:36] *** prooz has joined #postfix[00:53:59] *** buki_ is now known as buki[00:58:40] *** echelog has joined #postfix[00:58:49] *** Mazon has joined #postfix[01:02:23] *** Alagar has quit IRC[01:02:45] *** Hans67521 has quit IRC[01:05:03] *** nowthatsamatt_ has joined #postfix[01:05:31] *** danblack has joined #postfix[01:06:10] *** nowthatsamatt_ has quit IRC[07:18:49] *** echelog has joined #postfix[07:18:53] *** jeev has quit IRC[07:20:14] *** redbeard|ghostbe has joined #postfix[07:20:27] *** jeev has joined #postfix[07:26:53] *** Motoko has quit IRC[07:36:58] *** Terminus- has joined #postfix[07:37:24] <Terminus-> hello. i added "maildrop_destination_recipient_limit = 1" in my main.cf but it doesn't appear when i run postconf. is this normal?[07:43:31] *** gerhard7 has joined #postfix[07:43:37] *** redbeard|ghostbe has left #postfix[07:43:37] *** redbeard|ghostbe has joined #postfix[07:43:44] *** happymeerkat has joined #postfix[07:45:08] *** redbeard|ghostbe has left #postfix[07:45:14] *** jeev has quit IRC[07:46:29] *** rotbeard has joined #postfix[07:46:57] *** jeev has joined #postfix[07:53:38] *** on1ald has joined #postfix[07:53:46] *** rotbeard has left #postfix[07:54:02] *** rotbeard has joined #postfix[07:54:28] <rotbeard> so[07:54:38] <rotbeard> jeah, i can speak to channel :)[07:54:40] <rotbeard> Terminus-, after reloading your config, postconf -n should display that[08:10:42] <Terminus-> rotbeard: i've been reloading my config and it still doesn't show, even with -n.[08:10:50] <Terminus-> rotbeard: this is on centos 6 with stock postfix.[08:11:22] <Terminus-> also on zimbra 7.2 with the postfix it comes with. same thing.[08:12:05] *** Coiby has joined #postfix[08:12:20] <Terminus-> in any case, i think i was on a wild goose chase. i thought the recipient limit was the cause of my errors. turns out i was being stupid coz i specified parameters to maildrop but not the config file and that caused the error.[08:12:44] *** Motoko has joined #postfix[08:13:45] <Coiby> Hi, how can I control the email-sending frequency of local network? It's send too fast and the emails are blocked by some servers.[08:15:08] <rotbeard> Terminus-, it is the same on my postconf :) mom[08:15:53] *** jonez has quit IRC[08:16:52] <Terminus-> rotbeard: yeah... in any case maildrop hacked into zimbra works now. =D[08:17:20] <rotbeard> Coiby, look at default_destination_concurrency_limit parameter[08:20:25] <rotbeard> Terminus-, I found some hint on a mailing list: if you haven't had a maildrop transport in your master.cf, this parameter isn't use[08:21:00] <Terminus-> rotbeard: but i do have a maildrop transport in both cases. and it works.[08:21:08] <Coiby> rotbeard: I'm checking it now. Thanks![08:21:39] <rotbeard> Terminus-, O.o k[08:22:19] <rotbeard> Coiby, you can read this for further details http://www.postfix.org/QSHAPE_README.html[08:23:34] <Coiby> rotbeard: thanks:)[08:26:17] *** danblack has quit IRC[08:27:46] *** Coiby has left #postfix[08:29:07] *** jonez has joined #postfix[08:40:43] *** jwing has quit IRC[08:44:50] *** danblack has joined #postfix[08:47:42] *** UQlev has joined #postfix[08:53:08] *** Motoko has quit IRC[08:56:24] *** Motoko has joined #postfix[08:56:50] *** Silowyi has quit IRC[09:00:06] *** nutron has quit IRC[09:00:06] *** jwing has joined #postfix[09:14:00] *** wdp has joined #postfix[09:14:01] *** wdp has joined #postfix[09:17:03] *** master_of_master has quit IRC[09:18:13] <BuenGenio> how do I quickly flush the mail queue? we have 800 messages sitting there, but while the old ones are bening sent new ones come in...[09:18:19] <BuenGenio> postqueue -f doesn't really do the job[09:18:47] *** master_of_master has joined #postfix[09:18:49] <BuenGenio> should I disable smtpd pam module for now?[09:21:29] <pj> postqueue -f is the way to do it.[09:22:03] <rotbeard> are the mails in the deferred queue?[09:22:10] <rotbeard> maybe postfix flush can help[09:23:43] <BuenGenio> yes, they are in deferred queue[09:23:48] <BuenGenio> it's not quick enough[09:24:31] <rotbeard> is your server under load? 800 mails aren't sooo many imho[09:24:36] <Motoko> What do you mean by "being sent"?[09:24:44] <BuenGenio> no load[09:24:46] <Motoko> Like to an inbound server, or to outside?[09:24:46] <BuenGenio> 0.67[09:24:50] *** Jakey has joined #postfix[09:25:14] <BuenGenio> not sure - just seing the total no of messages in the queue[09:25:21] *** e-anima has joined #postfix[09:25:36] <BuenGenio> I don't know why they got stuck there in the first place[09:26:00] <Jakey> so i dont' know why after configuring smtp auth[09:26:07] <BuenGenio> usually we handle 15/20 messages per second, which is enough for the queue to clear itself pretty much instantaneously[09:26:23] <Jakey> i connect through "telnet mail smpt" but i dont get the 220 ESMTP postfix" message?????????????????????????????????????????????????[09:27:17] <Motoko> BuenGenio, check "mailq" output.[09:27:25] <Motoko> See if there is a message for why.[09:28:07] <BuenGenio> it was 740 about a minute ago...[09:28:14] <Jakey> hello??????[09:28:17] <Jakey> anyone know ??????????[09:28:29] <Jakey> how do i troubleshoot my smpt-auth problem[09:28:37] <Motoko> Jakey, check maillog first of all.[09:29:06] <Jakey> i don't get that[09:29:10] <Jakey> theres no log for it[09:29:15] <Jakey> i delete it and try it[09:29:17] <Jakey> but no logs[09:29:23] <pj> !tell Jakey no_logs[09:29:23] <knoba> Jakey: "no_logs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.[09:30:19] <Jakey> like i said theres was a mailogs in /var/logs[09:30:34] <Jakey> but then i deleted it and try to connect to it again[09:30:38] <Jakey> i also restart the server[09:30:41] *** danblack has quit IRC[09:30:45] <Motoko> restart syslogs.[09:30:47] <Motoko> syslogd[09:30:49] <pj> you may need to touch it after deleting it.[09:31:14] <Motoko> It holds that file open and won't make a new file unless you restart it or cycle the logs.[09:31:22] <pj> and syslogd might be rsyslogd or something else.[09:31:28] <Motoko> Right.[09:31:56] <Jakey> i delete it through this cmd rm -f /var/log/maillog[09:32:06] <Jakey> but i'll try to restart the syslogd[09:32:20] <BuenGenio> queue isn't clearing itself fast enough!![09:32:36] <BuenGenio> aaahhh - 1075 messages now[09:32:43] <pj> yep, that will delete it alright, but as Motoko has said, restarting postfix will not reopen the file, you need to restart the syslog daemon to do that.[09:32:52] <Jakey> k[09:32:59] <Motoko> BuenGenio, what does mailq show?[09:32:59] <Jakey> whats the syslogd daemon[09:33:12] <Jakey> i try syslogd but not found[09:33:16] <BuenGenio> Motoko, list of 1000+ messages[09:33:21] <Motoko> Any status info?[09:33:27] <BuenGenio> *[09:33:30] <BuenGenio> meaning it's sending[09:33:30] <Motoko> If they are deferred, there must be a reason.[09:33:56] <BuenGenio> tail -f /var/log/mail.log shows they are being sent[09:34:13] <Motoko> For example: "(connect to v8233.vps.masterhost.ru[90.156.211.147]: Connection refused)" will show on the second line.[09:34:16] <BuenGenio> tail -f /var/log/mail.log | egrep '(warning|error|fatal|panic)'[09:34:16] <BuenGenio> - nothing[09:34:59] <BuenGenio> apart from an odd Jun 18 15:31:22 cyclon postfix/smtpd[25838]: warning: hostname ABTS-TN-Static-047.29.165.122.airtelbroadband.in does not resolve to address 122.165.29.47: No address associated with hostname[09:35:12] <Motoko> Well, that might be part of it.[09:35:20] <Motoko> Is your rdns configured properly?[09:36:21] <sysmonk> how is taht related to the error[09:36:24] <pj> Motoko: what distro are you running?[09:36:38] <Motoko> pj, why do you ask?[09:36:50] <pj> oh, sorry, that was for Jakey, actually[09:37:00] <pj> Jakey: ^^^^^^^[09:37:03] <Jakey> k[09:37:15] <Motoko> sysmonk, error message looks like a DNS/RDNS issue.[09:37:29] <sysmonk> Motoko: right, of the client which is connecting, not the server[09:37:52] <Motoko> Oh, I guess so. Reading too quick...[09:38:22] <BuenGenio> anyway, how do I flush the freaking queue - FAST?[09:38:28] <BuenGenio> it's growing......[09:38:42] <Motoko> BuenGenio, where are the messages trying to go? Outbound?[09:38:48] <Motoko> To an internal server?[09:38:50] <BuenGenio> mostly[09:38:53] <BuenGenio> out[09:39:01] <BuenGenio> 50/50?[09:39:17] <Motoko> Well, then something is preventing them from being sent out if they are in defer.[09:39:54] <BuenGenio> something DID[09:39:57] <BuenGenio> but not anyway[09:39:59] <BuenGenio> anymore[09:40:16] <BuenGenio> again - the queue is being filled up FASTER than mail is being SENT[09:40:56] <Motoko> http://www.postfix.org/QSHAPE_README.html[09:41:09] <Motoko> http://www.porcupine.org/postfix/doc/rate.html#destination[09:41:21] <Motoko> http://www.postfix.org/TUNING_README.html#rope[09:41:28] <BuenGenio> in fact I think we're talking about the active queue[09:42:16] <Motoko> http://www.postfix.org/TUNING_README.html#proc_limit[09:45:40] <BuenGenio> started seeing this[09:45:40] <BuenGenio> enabling PIX workarounds: disable_esmtp delay_dotcrlf[09:46:25] *** Zeit|awy has quit IRC[09:47:04] *** tjikkun_work has joined #postfix[09:47:34] *** scientes has quit IRC[09:47:38] <BuenGenio> queue keeps increasing[09:47:52] <sysmonk> poor guy, probably need to hire a sysadmin :([09:48:02] <BuenGenio> dropeed off a little now[09:48:20] *** gavimobile has joined #postfix[09:48:21] <BuenGenio> sysmonk, did you mean a sysmonk?[09:48:24] <BuenGenio> LP[09:48:26] <BuenGenio> :P[09:48:28] <UQlev> BuenGenio: have you got httpd running on the same server?[09:48:39] <sysmonk> BuenGenio: that's also possible[09:48:47] <BuenGenio> yes, why?[09:49:18] <BuenGenio> look, as I already said: load average: 0.52, 0.59, 0.59[09:49:32] <UQlev> BuenGenio: may be some trojan script injecting messages[09:50:37] <UQlev> BuenGenio: do you have pflogsumm installed?[09:51:33] <BuenGenio> not yet[09:51:35] <BuenGenio> installing[09:51:56] <UQlev> install it and show report please[09:52:08] <gavimobile> hey folks, would it be silly if I added this configuration to my master.cf file? anvil_rate_time_unit = 5s & smtpd_client_message_rate_limit = 1[09:53:31] <gavimobile> I want to allow my server no more than 1 email to be sent out every 5 seconds, if attempted to do more, the mail should be put in the queue[09:54:31] <UQlev> gavimobile: what are you going to gain?[09:54:31] <BuenGenio> UQlev, it's quite slow[09:55:03] <UQlev> BuenGenio: what is slow?[09:55:04] <gavimobile> UQlev: im trying to gain a limitation for the ammount of emails which can be sent at one time[09:55:16] <BuenGenio> pflogsumm[09:55:22] <BuenGenio> I don't know if it's even doing anything[09:55:24] <BuenGenio> just sitting there[09:55:47] <UQlev> BuenGenio: do you have daily split of your maillog?[09:55:56] <BuenGenio> almost[09:56:06] <BuenGenio> weekly =)[09:56:28] <UQlev> BuenGenio: what command did you use to run pflogsumm?[09:56:56] <gavimobile> I could really use the advice[09:57:23] <BuenGenio> pflogsumm -d today[09:58:04] <jduggan> gavimobile: policyd[09:58:09] <UQlev> BuenGenio: missing maillog file[09:58:17] <gavimobile> jduggan: is that with selinux?[09:58:23] <BuenGenio> UQlev, man says it will dump to stdout[09:58:28] <BuenGenio> if missing log[09:58:41] <jduggan> gavimobile: policyd has nothing to do with selinux, but it should have no problem running[09:58:52] <UQlev> BuenGenio: missing input log[09:59:04] <BuenGenio> oh[09:59:05] <BuenGenio> ok[09:59:10] <BuenGenio> duh[09:59:24] <gavimobile> jduggan: I was hoping for a simple postfix solution[09:59:47] <gavimobile> im using ispconfig, and I don't know if policyd might effect the workings of ispconfig[10:00:14] <UQlev> BuenGenio: I run with /usr/local/bin/pflogsumm /var/log/maillog > 001[10:00:43] <jduggan> gavimobile: its two extra lines to the main.cf... it shouldnt have any impact as such[10:00:43] <BuenGenio> was looking for an html option[10:00:47] <BuenGenio> no[10:01:06] <gavimobile> jduggan: ill have a look[10:01:06] <gavimobile> thanks[10:05:15] <BuenGenio> UQlev, don't see anything weird[10:05:32] <gavimobile> jduggan: no, I decided against it by just looking at the requirements of the software[10:05:48] <gavimobile> will the lines I posted above work?[10:06:00] <UQlev> BuenGenio: can you show me full output?[10:06:15] <BuenGenio> UQlev, sent you the link[10:06:15] <gavimobile> anvil_rate_time_unit = 5s & smtpd_client_message_rate_limit = 1[10:06:49] *** rzimmermann has joined #postfix[10:18:13] *** Terminus- has quit IRC[10:20:17] *** Motoko has quit IRC[10:20:29] *** Terminus- has joined #postfix[10:22:48] *** Steve_The_Pirate has joined #postfix[10:25:55] *** Steve_The_Pirate has joined #postfix[10:26:13] *** Terminus- has quit IRC[10:27:44] *** davlefou has quit IRC[10:28:10] *** Terminus- has joined #postfix[10:44:14] *** sphenxes01 has joined #postfix[10:44:21] *** sphenxes01 has quit IRC[10:46:01] *** davlefou has joined #postfix[10:46:15] *** davlefou has joined #postfix[10:53:14] *** danblack has joined #postfix[10:55:07] *** Hans67521 has joined #postfix[11:22:13] *** danblack has quit IRC[11:25:08] *** wdp_ has joined #postfix[11:33:41] *** Areckx has quit IRC[11:41:43] *** on1ald has quit IRC[11:44:32] *** on1ald has joined #postfix[11:54:28] *** Riviera has quit IRC[11:57:20] *** Riviera has joined #postfix[12:04:02] *** [diablo] has joined #postfix[12:05:30] *** jcputter_ has joined #postfix[12:16:39] <torvald> Ref yesterday, policyd-weight from debian apt whitout the sample-config will lookup the RBL rbl.ipv6-world.net which is no longer in use - therefor giving my a 4.25 score on every mail. -_-[12:21:07] *** ohcibi_ is now known as ohcibi[12:22:16] *** Szaszka has joined #postfix[12:25:37] *** jkfod has joined #postfix[12:31:25] *** Alagar has joined #postfix[12:33:52] <pj> torvald: interesting, makes sense.[12:44:52] <Szaszka> Dear Postfix Gurus! I have a problem configuring Postfix (version 2.8.9) to work with Sympa (version 6.1.7). Can someone of You give me a little help, please?[12:44:59] *** nics` has joined #postfix[12:45:28] <Zerberus> !tell Szaszka welcome[12:45:28] <knoba> Szaszka: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[12:49:00] *** nics` has quit IRC[12:49:54] *** nics has joined #postfix[12:50:12] <nics> Hi everybody, I want all mails addressed to root on several machines (e.g. root at host1 dot home, root at host2 dot home) to be delivered to one single root mailbox local on my postfix machine (root at mailer dot home). How can I achieve this? I'm pretty new to postfix and mailing in general. My first attempt was to let the hosti.home use my mailer.home as a smarthost, but then, I have to list every hosti in main.cf's mydestination to avoid loops. Is there[12:50:12] <nics> [12:48] a better or canonical way to achieve this?[12:54:22] <Szaszka> I put the 'sympa at example dot com sympa-companyname' line in the /etc/postfix/virtual file and the 'sympa-companyname: "| /usr/libexec/queue sympa at example dot com"' line in the /etc/postfix/aliases. After that I executed the 'postmap /etc/postfix/virtual' and the 'postalias /etc/postfix/aliases' commands. Then I sent a mail to the sympa at example dot com address, but the '/usr/libexec/queue sympa at example dot com' is not executed, insted of this[12:56:56] <Szaszka> What I'm doing wrong?[12:57:41] <Szaszka> Why the line 'sympa-companyname: "| /usr/libexec/queue sympa at example dot com"' in the /etc/postfix/aliases file is not processed?[13:01:39] <Jakey> exit[13:02:22] *** UQlev has quit IRC[13:02:33] *** Hans67521 has quit IRC[13:02:33] *** jcputter_ has quit IRC[13:06:02] *** danblack has joined #postfix[13:13:30] *** d3c has joined #postfix[13:28:19] *** rsc has joined #postfix[13:28:43] <rsc> Is it possible to use multiple IP addresses in Postfix for outbound e-mail? By default, only one IP address is used.[13:39:13] *** nics` has joined #postfix[13:40:15] <Szaszka> Hm... I tried the following: I put the 'nonexistinguser at example dot com nonexisting-companyname' line in the /etc/postfix/virtual file, and the 'nonexisting-companyname: root' line in the /etc/postfix/aliases file. After that I sent an e-mail to the nonexistinguser at example dot com address, but it was not delived into the mailbox of the root user, instead the following error was put in the maillog: 'lmtpunix[13754]: verify_user(user.no[13:40:38] *** nics has quit IRC[13:41:05] *** gerhard7 has quit IRC[13:41:53] *** lunaphyte_ has left #postfix[13:41:57] *** lunaphyte_ has joined #postfix[13:47:21] *** danblack has quit IRC[13:54:07] *** cilly has quit IRC[13:56:35] *** cilly has joined #postfix[14:00:50] *** gerhard7 has joined #postfix[14:06:08] *** mfridh has quit IRC[14:07:28] <tuxick> trying to use a remote filter via smtpd_proxy_filter, getting "queue file write error"[14:13:49] <tuxick> is that cause by smtpd_client_connection_count_limit being reached or is it actually failing to connect to proxy?[14:17:25] *** ipnoz_ has joined #postfix[14:19:50] *** ipnoz has quit IRC[14:24:10] *** Section1 has joined #postfix[14:29:00] *** snearch has joined #postfix[14:35:55] *** nowthatsamatt_ has joined #postfix[14:43:58] *** mfridh has joined #postfix[14:45:26] *** Belial has joined #postfix[14:46:58] *** Belial has joined #postfix[14:54:05] *** robinho86 has joined #postfix[14:54:17] *** michiwend has joined #postfix[14:55:45] <tuxick> when using smtpd_proxy_filter like this: http://pastebin.ca/2162524 i get "warning: connect to Milter service unix:/var/run/milter-regex/sock: No such file or directory" etc[14:55:58] <tuxick> while at certain point the milter is used after all[14:56:06] <tuxick> how can i prevent this?[14:56:51] <michiwend> hi @all, i installed postfix with mysql-backend to manage virtuall domains. i have 2 domains. Is it required to set the mx record of the second domain to the same my primary one has or can i use mail.myseconddomain.tld as an mx record?[14:57:15] <lunaphyte_> michiwend: that's fine[14:57:46] <tuxick> i'm assuming it's a chroot issue?[14:58:02] <michiwend> lunaphyte, what do you mean?[15:00:10] <lunaphyte_> huh?[15:00:20] <lunaphyte_> i mean doing that is fine.[15:00:42] <michiwend> lunaphyte, the second thing, mail.myseconddomain.tld ?[15:00:49] <lunaphyte_> dude.[15:00:52] <michiwend> ok[15:00:55] <lunaphyte_> you asked one question.[15:00:59] <michiwend> ohm[15:01:09] <michiwend> ok :)[15:01:13] <lunaphyte_> ;)[15:01:29] <michiwend> but, the reverse lookup will fail, or?[15:01:43] <lunaphyte_> fail how?[15:01:49] <michiwend> ip --> mail.myfirstdomain.tld[15:02:09] <lunaphyte_> consideration for ptr records isn't relevant until after max records have been looked up[15:02:38] <lunaphyte_> *mx records[15:03:07] <michiwend> ok[15:03:36] *** jkfod has quit IRC[15:04:27] <michiwend> so there is no risk, that mails are recognized as spam from other mailservers?[15:04:37] <michiwend> because of this mx record[15:05:08] <michiwend> that's my biggest fear Oo[15:06:39] <tuxick> doesn't seem to matter if i set chroot in master.cf :/[15:07:02] <lunaphyte_> you will always have that problem, but it will not result from that arrangement for an mx record.[15:08:52] <michiwend> ok thx lunaphyte ![15:09:15] *** MaximusColourum has joined #postfix[15:09:56] <lunaphyte_> sure thing[15:13:39] *** nowthatsamatt_ has quit IRC[15:28:34] *** rotbeard has quit IRC[15:30:57] *** shoonya has joined #postfix[15:48:04] *** gavimobile has quit IRC[15:54:43] *** robinho86 has quit IRC[16:21:09] *** nics`` has joined #postfix[16:21:14] *** Sheogorath has quit IRC[16:23:49] *** nics` has quit IRC[16:27:39] *** wdp has quit IRC[16:32:41] *** [diablo] has quit IRC[16:36:55] *** shoonya has quit IRC[16:39:22] *** Silowyi has joined #postfix[16:41:31] *** keeker has joined #postfix[16:43:06] <keeker> Does anyone know if it's possible to rewrite the from address of an email after it has been used for sender_dependent_relayhost_maps ?[16:49:42] *** elex1111112 has joined #postfix[16:52:27] *** rmayorga has quit IRC[16:56:46] *** rmayorga has joined #postfix[16:56:47] *** rmayorga has joined #postfix[16:56:48] *** GieltjE has joined #postfix[17:00:17] *** Bry8Star_ has joined #postfix[17:00:34] *** Bry8Star has quit IRC[17:01:04] *** Bry8Star_ is now known as Bry8Star[17:04:01] <rob0> That seems like a strange solution. What is the real issue? And why not just send using the desired sender address?[17:06:14] *** mroe has joined #postfix[17:06:15] *** mroe has joined #postfix[17:07:38] <keeker> rob0 I'm using the sender address to select the appropriate mail relay[17:07:55] <keeker> but would like the emails to appear uniform to all receivers[17:08:08] *** tjikkun_work has quit IRC[17:08:54] <keeker> it looks like I may need to use a header check instead if I wish to keep the sender addresses the same but then I can't seem to remove that header either[17:13:13] *** Toerkeium has quit IRC[17:14:20] <rob0> Well that certainly clears things up.[17:16:54] *** MaximusColourum has quit IRC[17:16:59] *** jonez has quit IRC[17:17:43] <keeker> mail relay is being selected via engagement metrics to protect IP reputation[17:18:17] <lunaphyte_> certainly an odd approach.[17:18:41] <keeker> if you know an easier way to have emails identical to the end user while differentiating a specific relay to postfix I am all ears :)[17:19:06] <lunaphyte_> well, you can't, since the rmote host will see the messages coming from different source addresses.[17:19:10] <lunaphyte_> *remote[17:19:29] <keeker> I was hoping to rewrite the address after the relay host is selected[17:19:47] <lunaphyte_> different source ip addresses[17:20:04] <keeker> the same servers will be sending either messages[17:20:49] <keeker> I'm thinking mult instance might be a better solution[17:20:53] *** GieltjE has quit IRC[17:20:53] <keeker> *multi[17:21:08] *** wdp_ has quit IRC[17:21:17] <lunaphyte_> that wouldn't matter.[17:21:25] <rob0> um, there is no connection between the envelope sender and the From: header.[17:21:35] <rob0> Anyone who is bulk mailing should know this.[17:21:41] <lunaphyte_> if the messages come from different source addresses, they simply cannot be identical.[17:21:54] <lunaphyte_> nothing you do could ever change that.[17:23:02] <rob0> identical to the end user / victim -- that is easy.[17:28:19] *** rzimmermann has quit IRC[17:28:22] <keeker> rob0 I'm not spamming[17:28:41] <keeker> this is legit mail that people actually read[17:29:02] <keeker> I'm just shifting unengaged users to a secondary stream before I stop mailing to them at all[17:30:05] *** jonez has joined #postfix[17:30:40] <rob0> why are you getting defensive? What does it matter to you what I might think? The point is: you seem to be missing some basics about bulk mail. If money is involved, it might be worthwhile for your company to outsource it.[17:31:00] <rob0> !esp[17:31:00] <knoba> rob0: "esp" : Email Service Provider[17:31:08] <keeker> rob we have an ESP[17:31:17] <keeker> that is our relays[17:31:26] <keeker> also the sender envelope is connected to the from address[17:31:39] <keeker> which is what I'm trying to seperate[17:31:42] <rob0> WHY is the envelope connected to From:?[17:31:46] <rob0> so do it[17:31:49] *** chadmaynard has quit IRC[17:31:54] <keeker> lol why are you so angry?[17:32:05] <keeker> I'm seeking some peer guidance?[17:32:08] <rob0> Why are you so sensitve?[17:32:13] <lunaphyte_> who is angry?[17:32:27] <rob0> You are not my peer. You do not seem to understand much about mail.[17:32:36] <keeker> lol[17:32:47] <rob0> And you're calling me "angry" for pointing it out.[17:33:01] <keeker> rob0 I know tons about mail[17:33:10] <keeker> postfix is not my first choice of mta[17:33:21] <rob0> Fix the problem in the right place: the software where the mail is generated.[17:33:26] <keeker> I'm just looking for some configuration advice[17:33:33] <rob0> and you got it[17:33:41] <keeker> that is what I'm doing[17:36:31] <keeker> there is no need to be so undeservedly arrogant[17:36:56] <lunaphyte_> name calling isn't welcome here[17:37:18] <lunaphyte_> and certainly serves no purpose to your goals.[17:37:41] <keeker> well it's not like rob0 is capable of helping me, that much is obvious[17:37:56] <lunaphyte_> not really[17:38:53] <keeker> do you have any ideas on the best way to accomplish my desired goal lunaphyte?[17:48:05] *** elex1111112 has quit IRC[17:48:24] *** znull has joined #postfix[17:49:42] <znull> hello, does postfix 2.3.3 has tlss implemented? i'm trying to send emails to gmail and i'm getting 502 5.5.1 Error: command not implemented[17:52:13] <rob0> TLS support began in 2.2.[17:55:52] *** robinho86 has joined #postfix[18:00:18] *** phenom has quit IRC[18:02:34] *** Steve_The_Pirate has quit IRC[18:14:50] *** phenom has joined #postfix[18:22:13] *** rotbeard has joined #postfix[18:27:38] *** snearch has quit IRC[18:32:52] <jeev> what's the best way to filter out all countries but the US ;)[18:35:54] <rob0> There is no simple, absolute way to do that. And in many cases it's not as good an idea as it might seem: you never know when you might get legitimate correspondence from other countries.[18:37:08] <rob0> There are country-based DNSBLs. I have no idea how accurate any of those are. You can also get lists of ARIN network assignments.[18:41:00] <jeev> i'm afraid to deal with country-based dnsbl's[18:41:04] <tuxick> milter-regex[18:41:13] <tuxick> i use that to filter APNIC[18:44:49] <tharkun> jeev: how do you plan to filter the multitude of foreign domains that have vps hosted on the us?[18:45:50] <tharkun> jeev: also how do you plan on screening the (one heck of a lot) of users that do live in the us but have their acounts hosted on some other country where their providers has their servers?[18:48:03] *** Szaszka has left #postfix[18:48:22] <rob0> That's what I mean. It cannot be absolute.[18:50:40] <rob0> Also it's worth noting that the USA is (and always has been) #1 in spam production, http://www.spamhaus.org/statistics/countries/ ... 2x China, the #2 spam country.[18:50:56] <jeev> i've just got a system i took over with postfix, it has some spam i'd like to filter out, it isn't mine so i can't really mess around, also they dont care if all other countries are filtered out.[18:51:01] <jeev> most of their spam comes from oversea's[18:51:53] <jeev> maybe i'll add a few more rbl's but i dont know, they're using spamcop and zen[18:52:33] <jeev> i use spameatingmonkey, zen, psbl, barracuda[18:53:05] <tharkun> !tell jeev cheatsheet[18:53:06] <knoba> jeev: "cheatsheet" : http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control.[18:53:13] <tharkun> WFM[18:54:06] *** scientes has joined #postfix[18:54:31] *** Hans67521 has joined #postfix[18:57:23] *** spiderr has joined #postfix[18:58:09] *** sysmonk has quit IRC[18:58:38] <spiderr> is there an "accept_rhsbl_sender" equivalent? this returns 0 search results: https://www.google.com/search?sugexp=chrome,mod=9&sourceid=chrome&ie=UTF-8&q=postfix+%22accept_rhsbl_sender%22[18:58:47] *** sysmonk has joined #postfix[18:59:31] <thumbs> jeev is full of good ideas, as usual[18:59:53] <spiderr> basically if a client domain is my local rbldnsd whitelist, I want to let through postfix and let spamassassin chew on it.[19:01:51] <jeev> thumbs, nobody has murdered you yet ?[19:02:15] <spiderr> if it is not in my whitelist, I'd like to block at the gateway for things that appear in my dnsbl to prevent and exepnsive amavis+spamassassin scan[19:03:44] <rob0> spiderr, if a feature is not documented, it does not exist.[19:03:47] <rob0> !google[19:03:47] <knoba> rob0: "google" : Those who use Google before reading the Postfix documentation, if fortunate, end up at http://www.postfix.org/ . If not, they end up in a jumble of bad questions, misleading or wrong answers, and outdated information.[19:03:51] *** morse has quit IRC[19:04:32] <rob0> Also, you seem to have some confusion about the meaning of "sender" vs. "client" as used in smtpd(8) restrictions.[19:05:03] <rob0> There is a "permit_dnswl_client" feature as of Postfix 2.8.[19:06:07] *** TheAvatar has quit IRC[19:07:17] *** morse has joined #postfix[19:09:42] <spiderr> rob0, ah thanks, permit_dnswl_client is great. I'm boat anchored to 2.2 at the moment due to being anchored to SLES 10. but that is a separate problem.[19:13:12] <lunaphyte> not sure why using a particular os would impose something silly like that, but indeed it is a separate problem.[19:13:49] <rob0> If 2.2 implemented the policy protocol (I think it did) you can use a policy service to do the same thing as permit_dnswl_client. I definitely would upgrade that, however. 2.5 is no longer supported, and 2.2 was EOL in 2007.[19:15:39] <tharkun> spiderr: building yourself a new package of postfix is a piece of cake. You get all the security features you can imagine plus a few nice little secrets that make life easier on you. ( /me loves postscreen)[19:16:16] <spiderr> k. currently moving the RHEL 6. current SLES10 are on paravirtualized XEN. We can upgrade the postfix across them all easily, but better answer is to finish the RHEL6 move.[19:16:25] <lunaphyte> yikes.[19:16:54] <lunaphyte> but again, not sure why that would have anything to do with the software that runs on it.[19:19:11] <tharkun> spiderr: you know your workflow. Just make sure that you take a look at the timedrift you can have on Xen. It is a nice little bugger that on some combinations of kernels appears randomly[19:20:57] <spiderr> noted. these guys have been humming for 5 years with little trouble and lots of abuse[19:21:36] <patdk-wk> yep, and don't attempt to run ntp on it[19:22:40] <tharkun> patdk-wk: I solved my isue running ntpd. Is there some other x vs. y version of kernels that it also fails?[19:23:14] <patdk-wk> ya[19:23:29] <patdk-wk> there is a whole writeup and what kernel options to pass, depending on host/guest versions[19:23:44] <patdk-wk> you can solve it with ntp, it's not ideal, and you have to make other xen adjustments[19:29:05] * tharkun writes down on his TODO "Ditching Xen for Kvm is looking better every day"[19:29:13] <patdk-wk> heh[19:29:19] <patdk-wk> depends on what you do, but ya[19:29:35] <patdk-wk> xen has lower overhead, and scales better[19:29:41] <patdk-wk> but kvm has less *issues*[19:30:34] <tharkun> I'm not a virtualization guru. But the few databases I run they do run on real hw. The rest I really do not mind.[19:31:17] <spiderr> per rob0, I guess I am confused between client and sender. man 5 postconf I am still not sure.... seems rules have changed between 2.2 and pf.org docs _client is the connected client IP and _sender is the MAIL FROM domain?[19:35:46] *** Belial has quit IRC[19:36:40] *** Belial has joined #postfix[19:37:11] *** Belial has quit IRC[19:38:08] <lunaphyte_> err, wha? *don't* run ntp?[19:38:36] <patdk-wk> lunaphyte useless to run ntp in xen, cause xen will keep *resetting* the time, after ntp *sets* it[19:38:53] <patdk-wk> unless you go, and disable that, and restart your xen guests[19:39:06] <lunaphyte_> well that just seems brain dead. surely you can turn that nonsense off somewhere in xen?[19:39:12] <patdk-wk> you can[19:39:15] *** Belial has joined #postfix[19:39:17] <lunaphyte_> ah, that's good.[19:39:30] <patdk-wk> just one more thing to confuse people :)[19:40:59] <rob0> _client is the connected client IP *or* verified reverse hostname; _sender is the MAIL FROM address.[19:42:06] *** keeker has quit IRC[19:51:09] *** TheAvatar has joined #postfix[19:52:13] <spiderr> rob0, thanks. this is a bit confusing.. first I would reject by IP (reject_rbl_client) followed by reject_rhsbl_reverse_client then reject_rhsbl_client then reject_rhsbl_sender ? are any of those redundant?[20:01:21] *** uqlev has joined #postfix[20:04:04] *** Belial has quit IRC[20:04:51] *** Belial has joined #postfix[20:10:54] *** Belial has quit IRC[20:11:42] *** Belial has joined #postfix[20:12:13] *** Belial has quit IRC[20:12:42] <rob0> Don't make up features that you don't have. There is no reject_rhsbl_reverse_client.[20:13:48] *** Belial has joined #postfix[20:15:23] *** Belial has quit IRC[20:16:01] *** Belial has joined #postfix[20:18:46] *** shinao1 has joined #postfix[20:20:45] *** Belial has quit IRC[20:21:30] *** Belial has joined #postfix[20:25:44] *** Areckx has joined #postfix[20:26:06] *** uqlev has quit IRC[20:31:20] *** inf_l00p has quit IRC[20:31:58] *** inf_l00p has joined #postfix[20:33:40] *** nics`` has quit IRC[20:39:17] *** cvelde has joined #postfix[20:43:20] *** Dominian has quit IRC[20:43:44] *** Dominian has joined #postfix[20:50:29] *** Hans67521 has quit IRC[20:51:10] *** Hans67521 has joined #postfix[20:51:44] *** heller_barde has joined #postfix[20:55:26] *** elex1111112 has joined #postfix[21:14:44] *** iocc has joined #postfix[21:14:54] <iocc> .[21:15:27] <Corey> ?[21:15:51] <OpenSys> hello, can i make rules from "sender_dependent_relayhost_maps" goes first then rules in "transport_maps" ?[21:15:58] <iocc> how do I tell postfix what IP it should use to send mail? inet_interfaces = mail.flashdance.cx, localhost doesnt help.[21:16:19] <rob0> !smtp_bind_address[21:16:20] <knoba> rob0: "smtp_bind_address" : a configuration parameter in the main.cf: An optional numerical network address that the SMTP client should bind to when making a connection.[21:16:28] <iocc> thanks[21:20:17] <iocc> smtp_bind_address = 193.228.143.2, 2a00:1a28:1152::2[21:20:23] <iocc> seems to be wrong syntax[21:20:34] <Dominian> the Ipv6 has to be enclosed in [ and ][21:20:39] <iocc> oh ok[21:23:43] <iocc> Jun 18 21:23:18 flashdance postfix/smtp[17972]: fatal: smtp_connect_addr: bad smtp_bind_address parameter: 193.228.143.2, [2a00:1a28:1152::2]: Name or service not known[21:23:49] <iocc> nope it doesnt work so well :/[21:26:48] <iocc> oh its... smtp_bind_address and smtp_bind_address6[21:27:21] <rsc> is it possible to use a bunch of IP addresses for smtp_bind_address on a random base?[21:30:16] <patdk-wk> NO![21:30:17] *** wdp has joined #postfix[21:30:17] *** wdp has joined #postfix[21:30:20] <lunaphyte_> why?[21:30:25] <thumbs> wait, wait what?[21:30:58] <iocc> bah[21:31:01] <iocc> it doesnt work[21:31:11] <iocc> tcp 0 0 193.228.143.143:34242 83.168.203.34:25 ESTABLISHED[21:31:23] <iocc> I got this now:[21:31:24] <iocc> smtp_bind_address = 193.228.143.2[21:31:24] <iocc> smtp_bind_address6 = 2a00:1a28:1152::2[21:31:36] <iocc> hmmm..[21:32:29] <iocc> I dont get it. Why doesnt it work?...[21:33:02] <rob0> how is that not working?[21:33:12] <jimpop> iocc: postconf -n | grep inet_protocols[21:33:13] <rob0> 193.228.143.143:34242 is you[21:33:39] <iocc> It sends mail with 193.228.143.143 and not 193.228.143.2 like it should.[21:33:54] <jimpop> nm[21:34:02] <iocc> jimpop: it says: inet_protocols = all[21:34:03] * jimpop goes for ice cream[21:35:58] *** ssureshot has quit IRC[21:36:02] *** ssureshot1 has quit IRC[21:52:15] <spiderr> rob0, i see http://www.postfix.org/postconf.5.html#reject_rhsbl_reverse_client - are you saying that doesn't exist? I obviously don't have on 2.2, however I've already rebuilt 2.8 rpms, and am running it on a unlisted test server. It's not like documentation is particularly clear if it is redundant to call reject_rhsbl_reverse_client vs reject_rbl_client since the latter can be "the connected client IP *or* verified reverse hostname"[21:53:07] <rob0> afk, will read/answer later[21:56:39] *** Section1 has quit IRC[22:02:45] *** michiwend has quit IRC[22:02:58] *** biggi_mat has quit IRC[22:17:57] *** sphenxes has quit IRC[22:22:45] *** JPT has quit IRC[22:22:53] *** JPT has joined #postfix[22:24:12] *** uqlev has joined #postfix[22:24:30] *** rotbeard has quit IRC[22:25:09] *** uqlev has quit IRC[22:26:34] *** Hans67521 has quit IRC[22:30:54] *** sphenxes has joined #postfix[22:33:58] *** Hans67521 has joined #postfix[22:40:43] *** jkfod has joined #postfix[22:42:24] *** jkfod has quit IRC[22:48:21] *** corretico has joined #postfix[22:56:31] *** gerhard7 has quit IRC[22:56:46] <tharkun> spiderr: man 5 postconf |less +/^" reject_rhsbl_reverse_client"[22:59:29] <spiderr> tharkun, thanks. I see docs on my version now. My question is that if I wanted to domain blacklist to reject, do I use reject_rhsbl_reverse_client followed by reject_rhsbl_sender, or is the reverse order better. or do I need reject_rhsbl_client as well...[23:00:26] <tharkun> spiderr: understand each one of the restrictions, they are aplied in order. How do you want your server to work?[23:00:59] <tharkun> spiderr: think of this restriction as iptables, you compare one rule at a time if you get a match then you aply it else you go on to the next one.[23:01:24] <spiderr> i want to reject as quickly as possible. CLIENT is known first, however, the reverse takes time, and if someone gives MAIL FROM a blacklist domain, i'd like to reject immediately[23:01:42] <tharkun> spiderr: order accordingly :)[23:03:43] <spiderr> so I'd go reject_rhsbl_sender first I guess, though that comes in second after HELO since a reverse takes time?[23:03:59] *** Alagar has quit IRC[23:06:21] <tharkun> spiderr: have you heard about postscreen?[23:09:04] <tharkun> !tell spiderr postscreen[23:09:04] <knoba> spiderr: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[23:14:53] *** Praise has quit IRC[23:15:57] *** Praise has joined #postfix[23:16:21] *** nutron has joined #postfix[23:16:22] <spiderr> tharkun, nice. I have not. postscreen looks great.[23:22:29] *** micols has quit IRC[23:22:58] *** elex1111113 has joined #postfix[23:23:07] *** milligan has quit IRC[23:23:33] *** milligan has joined #postfix[23:25:01] *** kenyon has quit IRC[23:25:18] *** elex1111112 has quit IRC[23:26:24] *** kenyon has joined #postfix[23:30:20] *** mroe has quit IRC[23:32:00] *** micols has joined #postfix[23:38:05] *** wdp has quit IRC[23:40:01] *** aindilis2 has joined #postfix[23:40:50] *** MaximusColourum has joined #postfix[23:40:51] *** corretico has quit IRC[23:43:39] *** corretico has joined #postfix[23:45:17] *** micols has quit IRC[23:45:47] *** corretico has quit IRC[23:46:09] *** jwing has quit IRC[23:46:32] *** jwing has joined #postfix[23:46:55] *** micols has joined #postfix[23:49:34] *** corretico has joined #postfix[23:53:25] *** Areckx has quit IRC[23:59:44] *** scientes has quit IRC