June 21, 2012 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | >
June 21, 2012 [00:04:11] *** uqlev has quit IRC[00:08:10] *** mroe has joined #postfix[00:15:36] *** shinao1 has quit IRC[00:21:17] *** Aprogas has quit IRC[00:23:39] *** shinao1 has joined #postfix[00:24:36] *** Aprogas has joined #postfix[00:28:06] *** p3rror has joined #postfix[00:35:37] *** robinho86 has left #postfix[00:37:46] *** will_ has quit IRC[00:49:23] *** danblack has joined #postfix[00:52:54] *** will_ has joined #postfix[00:53:13] *** elex1111113 has quit IRC[00:56:44] *** e-anima has quit IRC[01:02:19] *** heller_barde has quit IRC[01:03:12] <jimpop> !tell knoba botsnack[01:03:13] <knoba> knoba: "botsnack" : Mmmm, tasty[01:08:01] <tharkun> !tell jimpop stop feeding the bot[01:08:01] <knoba> tharkun: Error: No factoid matches that key.[01:09:09] <jimpop> lol[01:12:36] *** famicom has joined #postfix[01:18:33] *** jkfod has quit IRC[01:31:30] *** shinao1 has quit IRC[01:50:22] *** MaximusColourum has joined #postfix[01:53:29] *** wimpog has quit IRC[01:54:52] *** mifadir0 has joined #postfix[01:55:28] *** mifadir0 has left #postfix[01:55:44] *** mifadir has joined #postfix[01:55:48] * mifadir Hello[01:56:10] <mifadir> i can send email from postfix but i can't receive them![01:56:45] *** tremon has joined #postfix[01:57:01] <tremon> !welcome[01:57:02] <knoba> tremon: "welcome" : welcome to #postfix! if you're joining for the first time, or are new to irc, the first thing you'll want to do is read the channel topic (/topic). it includes crucial instructions on how to effectively ask for help here, and what data you should include with your questions. the degree of success you'll have is directly related to how effectively you're able to follow those guidelines.[01:57:53] *** alfplayer has joined #postfix[01:58:16] *** mifadir has left #postfix[01:58:26] <tremon> hi all, simple question: can postfix talk lmtp as server? Everything I've found so far is only about using portfix as lmtp client icw cyrus[02:03:21] <rob0> no[02:04:39] <tremon> ok thx. simple answer too :)[02:06:00] <rob0> It's not considered an important feature to implement, so don't expect it soon.[02:07:30] <tremon> ah ok. I have an alternative, so it's not much of a problem. I just don't like having to speak full smtp on a local unix socket :)[02:08:16] *** amir has quit IRC[02:12:53] <rob0> If anything, LMTP would be more verbose, because of the per-recipient status.[02:14:26] *** Areckx has joined #postfix[02:15:29] <tremon> well it's for a dspam filter, I wanted to use lmtp to re-inject the scanned message. That transport already has recipient_limit=1, but I get your point[02:16:50] *** MaximusColourum has quit IRC[02:20:03] *** amir has joined #postfix[02:44:30] *** ChaozZBubi is now known as chaozzbubi[02:47:27] *** corretico has quit IRC[02:58:58] *** jimpop has quit IRC[03:00:25] *** nihe has quit IRC[03:08:09] *** tremon has quit IRC[03:08:29] *** nihe has joined #postfix[03:09:27] *** mfridh has quit IRC[03:18:06] <will_> What's the problem with talking "full SMTP" on a local socket?[03:22:18] <rob0> I guess it was the false assumption that "L" in LMTP might mean mean "lightweight".[03:22:55] <will_> lol[03:30:24] *** snadge has joined #postfix[03:30:38] *** KatelyNix has joined #postfix[03:37:25] <KatelyNix> My server's getting hit by waves of cutwail bot spam. 100-1000 connections/hr from multiple IPs all over the globe; usally 10-20 connections over a 10 min span per IP. RBLs (spamhaus and barracuda) are blocking virtually all of them.[03:37:37] <KatelyNix> So, the work's getting done. Can I lessen the effect at all?[03:37:44] <KatelyNix> I've been reading here, http://www.postfix.org/TUNING_README.html#conn_limit; not sure if this is the right approach. Or, idoI just live with the multiple-connection noise, since blocking IS working.[03:38:31] <KatelyNix> s/idol/should i/[03:38:40] <will_> What "effect" are you experiencing? Just noise in the logs?[03:39:41] <KatelyNix> will_: Hi. That, plus I assume the unncessary DNS queries. Perhaps more. Don't have a good sense of 'should I care' yet.[03:40:13] <KatelyNix> Getting really anoyed while I watch the logs probly doesn't count too much ...[03:40:35] <will_> KatelyNix: As you get more and more volume, that noise gets more common. Nothing to really worry about. You may consider not logging those in the first place.[03:41:07] <will_> KatelyNix: Many of my deployments experience a 90% spam rate. There's little reason to log those in the first place[03:41:53] *** Funhouse has quit IRC[03:42:09] <KatelyNix> will_: To date, I've treated logging as a toggle -- on or off. Haven't turned off for just RBL's. That a Postfix function, or do you mean @ syslog config?[03:42:58] <will_> Whatever meets your requirements :)[03:45:02] <KatelyNix> will_: What works, works. I'd _like_ to do it "in Postfix". digging through the gzillion pages of docs for the magic ...[03:45:36] <will_> I don't know how to do it in Postfix, sorry. Ask rob0![03:46:18] <snadge> i need to delete a whole bunch of mail from a specific address from the mail queue[03:46:31] <snadge> which i've done before but I forgot to write how i did it[03:49:16] <KatelyNix> I think 'anvil' may be the ticket ...[03:51:06] <KatelyNix> Hm "These limits must not be used to regulate legitimate traffic: mail will suffer grotesque delays if you do so. The limits are designed to protect the smtpd(8) server against abuse by out-of-control clients.". I'm not sure this qualifies :-/[03:52:34] <will_> What would you like to "do in Postfix"? Disable the logging? I thought that's what you wanted[03:52:44] *** D-Boy has quit IRC[03:52:48] *** Almtesh has quit IRC[03:53:29] *** tabakhase has quit IRC[03:53:39] <KatelyNix> will_: Yep. Down the usual documentation rabbit hole. syslog's easier.[03:54:03] <will_> I don't think anvil does logging stuff. I'm pretty sure it[03:54:08] <will_> s done via syslog anyway[03:54:24] *** Almtesh has joined #postfix[03:54:50] <KatelyNix> will_: Good enuf. I'm not proud.[03:55:03] <will_> Aww :([03:55:33] <KatelyNix> heh. Too much effort.[03:55:49] *** D-Boy has joined #postfix[03:55:54] <will_> Lazy bastard![03:58:16] *** PigDude has joined #postfix[03:59:03] <PigDude> I am getting relay access denied sending from my home machine here. It says RCPT FROM is my ISP's hostname for my address.[03:59:21] <PigDude> I haven't had this problem before, why am I getting that weird RCPT FROM ?[03:59:27] <will_> What changed![03:59:35] <PigDude> will_, this is my first attempt[03:59:35] *** tabakhase has joined #postfix[03:59:46] <PigDude> will_, with this server[03:59:48] <will_> You said this didn't happen before. Before what?[03:59:59] <PigDude> when I set up postfix in the past i did not see this issue[04:00:02] <will_> oh[04:00:03] <rob0> Postfix logs to syslog, either verbose (bad idea) or regular. You can control syslog facility and verbose vs. normal, and certain TLS-specific logging settings, but otherwise, you get what you get.[04:00:18] <PigDude> shouldn't RCPT FROM be the sender address?[04:00:21] <rob0> The workaround: grep -v what you don't want to see.[04:00:27] <KatelyNix> will_: Thx[04:00:28] <will_> PigDude: There is no RCPT FROM[04:00:30] *** KatelyNix has left #postfix[04:00:52] <PigDude> will_, ah, sorry, it is NOQUEUE: reject: RCPT from pool-72-75-35-1[04:00:54] <will_> rob0: You can't disable logging?[04:01:00] <PigDude> will_, (with thehostname continugin)[04:01:25] <PigDude> will_ Relay access denied; from=<thomas at oinksoft dot com>[04:03:04] <rob0> will_, you can send it to an unused facility. That's the only way.[04:03:25] <PigDude> would this fall under smtpd_sender_restrictions?[04:04:45] <PigDude> i have permit_mynetworks permit[04:04:56] <PigDude> i also uncommented permit_sasl_authenticated, restarted, no luck[04:05:03] <rob0> "RCPT": rejection was done in response to "RCPT TO". "from pool-72-75-35-1...", that is the client who was rejected.[04:05:21] <PigDude> I am using dovecot for the auth, and that works fine for imap .... i am using same credentials[04:05:36] <PigDude> rob0, yea, that's my home machine's hostname, truncated[04:05:36] <rob0> !relay_denied[04:05:36] <knoba> rob0: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).[04:06:33] <rob0> A !relay_denied rejection is reject_unauth_destination in smtpd_recipient_restrictions[04:07:02] <PigDude> YES, I HAVE THAT[04:07:05] <PigDude> caps, sorry[04:07:23] <PigDude> i thought that is a good thing to have?[04:08:34] *** FainaUkraina has joined #postfix[04:09:00] <rob0> more than "good", it is required.[04:09:41] <PigDude> ok[04:10:11] <PigDude> so what do i do about this?[04:10:36] <PigDude> mydestination is oinksoft.com[04:10:42] <PigDude> and that is the user i am sending as[04:11:21] <will_> All I can think about is bacon[04:11:38] <rob0> IIUC what you are asking, you probably want to enable and use SASL AUTH.[04:11:42] <rob0> !sasl[04:11:42] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[04:12:34] *** jimpop has joined #postfix[04:19:37] *** patdk-wk has quit IRC[04:19:59] <PigDude> rob0, oh, thanks[04:20:22] <PigDude> rob0, silly me, i had sasl auth commented out in that block[04:23:00] <snadge> the manual page for postsuper gives invalid advice[04:23:30] <snadge> the example on how to remove specific mail from the mail queue[04:25:21] <snadge> for starters "tail +2" is apparently wrong and should be "tail -n +2"[04:28:06] <pj> snadge: post to the ml, then[04:28:25] <snadge> and the man page contains invalid characters.. sigh[04:28:44] <snadge> so you cant just simply cut and paste the examples.. you have to substitute ' and `[04:29:18] <pj> snadge: stop complaining in here and post to the ml so weitse will see it and fix it.[04:29:35] <jimpop> or just google pfdel[04:32:47] <pj> jimpop: sure, but if there's a documentation error then weitse needs to know about i.[04:32:50] <pj> *it[04:33:28] <pj> anyways, I have to run out.[04:33:56] <snadge> okay.. well i may post to the mailing list about it then.. i seem to have it sussed now[04:35:08] <rob0> hmmm, it looks cut/pasteable to me[04:37:34] *** PigDude has left #postfix[04:38:35] <jimpop> i've used "tail +2" in the past, not sure what *nix it was on, but it did work at one time.[04:38:52] <jimpop> doesn't seem to work on modern day linux[04:39:17] <snadge> the man page has strange ' characters in it[04:39:31] <jimpop> that's just a terminal error[04:39:55] <jimpop> it's probably not strange under other terminal/lang settings[04:40:25] <snadge> using the default terminal settings on rhel 5[04:40:38] <snadge> US english or whatever it is[04:40:51] <jimpop> probably a rhel5 packaging issue then[04:41:07] <snadge> actually.. LANG=en_AU.UTF-8[04:41:16] <snadge> its probably a UTF issue[04:45:32] <snadge> interesting.. changing to en_US.iso88591 makes it worse[04:48:08] <snadge> can someone else look at man postsuper and tell me wtf the character is between awk and BEGIN[04:48:18] <snadge> it looks like a backwards back tick[04:48:56] <snadge> ´ .. if i paste it in this ascii terminal it looks like a couple of box lines[04:50:42] <rob0> ´ oh hmmm, that's not a backtick[04:52:54] <snadge> i substituted it with ' and it appeared to work[04:53:07] <snadge> backtick is probably wrong[04:53:50] <snadge> since that would substitute the output of a shell command wouldn't it?[04:54:20] <snadge> but postsuper failed to delete the messages from the queue anyway.. sigh[04:54:21] <rob0> ' is probably right, but it looks more like ` to me[04:54:54] <snadge> it looks like a backwards ` to me yeah[04:54:58] <snadge> or mirrored[04:55:07] <rob0> um, you should test the awk expression before feeding it to postsuper[04:55:11] <snadge> forward tick? *shrugs*[04:55:24] <snadge> yeah i did.. it spits out a list of message ids.. which seems correct[04:56:01] <rob0> and piping that list to "postsuper -d -" does nothing?[04:56:28] <snadge> it runs for a while[04:56:41] <snadge> then after it finishes.. if i type mailq.. they're all still there[04:57:36] *** nuomi has joined #postfix[04:58:44] <snadge> looking at the output of mailq compared with the tail/grep/awk/tr[04:59:10] <snadge> it looks like its doing the right thing.. stripping the * and all the junk off and only matching lines with the source email address[04:59:29] <snadge> so postsuper is just not deleting any of the messages[05:02:09] <snadge> if i manually run postsuper -d with the msg id of the first result.. its not deleting it[05:02:35] <rob0> I suppose it's time for the "L" word.[05:03:41] <pj> I don't see any backticks in there myself, apart from the tail command being wrong and the fact that that looks like a long ugly mess to me, it looks fine.[05:04:00] <pj> I pasted it into an editor.[05:05:42] <snadge> ergh.. you dont want to know why it wasnt working[05:05:46] <pj> I'd probably use perl instead of awk, though.[05:06:05] <snadge> mail server runs zimbra now.. other admin thought that would be a great idea[05:06:13] <pj> ugh[05:06:19] <pj> you're joking[05:06:22] <snadge> /opt/zimbra/postfix/sbin/postsuper and /usr/bin/postsuper[05:06:29] <snadge> are completely seperate things[05:06:51] <snadge> that makes me want to cry[05:06:56] <pj> yeah, no kidding[05:07:30] <snadge> its taken a couple of hours to do what should've been a 5 minute job[05:07:57] <pj> ask the "other admin" if he'd like tp pay for the extra time out of his picket.[05:08:01] <pj> *pocket[05:08:09] <snadge> pfdel looks nifty.. but its not quite as flexible as the awk example[05:08:14] <pj> btw, what version of postfix is in zimbra now?[05:09:25] <snadge> mail_version = 2.7.5[05:09:48] <pj> heh, so they *still* haven't managed to get a version of postfix in there that includes postscreen.[05:10:16] <snadge> i havnt heard of postscreen.. this is a relatively new thing?[05:10:25] <pj> !tell snadge postscreen[05:10:25] <knoba> snadge: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[05:10:34] <pj> also you probably want to know this...[05:10:38] <pj> !tell snadge zimbra[05:10:38] <knoba> snadge: "zimbra" : Zimbra uses a prepackaged version of postfix that is configured via zimbra's console tools. Any and all hand changes made to zimbra's postfix configuration will be overwritten by the zimbra configuration. That Zimbra just happens to use postfix is inconsequential. For zimbra support, see http://www.zimbra.com[05:10:57] <snadge> yeah its a giant turd[05:11:27] <snadge> but it has clicky clicky gui things.. there must have been some attraction to it anyway[05:11:35] <pj> heh[05:11:37] <snadge> i dont know what it is.. it wasnt my doing[05:12:22] <pj> they sell a full-blown MTA "solution" and make it sound easy, like fill in a GUI form and you too can have your very own mailserver.[05:12:37] <pj> and the fact is that running a mailserver isn't easy, and it's not supposed to be.[05:13:49] <snadge> i wonder if postscreen would help this particular situation.. a dev misconfigured an application that was installed[05:13:59] <snadge> and it just spammed his inbox[05:14:13] <snadge> mail server is still working.. just slowly and has a huge backlog to process[05:14:57] <pj> postscreen won't fix your other applications.[05:15:06] <pj> it's great, but it's not magic[05:15:37] <pj> also, assuming that the backlog is already in the queues then postscreen is completely out of the picture anyways.[05:16:55] <snadge> right. i was just thinking had i had something like that setup before this happened[05:17:12] <snadge> this isnt something that happens very open.. last time was 2 years ago, and my notes wern't very specific about how i fixed it[05:17:31] <snadge> but i would've manually deleted all messages in the queue that matched a particular source address (which they all did)[05:18:04] <pj> right, well what would expect postscreen to have done that would have prevented the flood?[05:31:47] *** nuomi has quit IRC[05:37:22] *** MaximusColourum has joined #postfix[05:41:00] <snadge> yeah i guess theres nothing that can be really done about that[05:41:17] <snadge> apart from detect that the same message has been sent to the same recipient more than n times[05:41:25] <snadge> and automatically bin them or something, instead of trying to process them[05:41:38] *** alfplayer has left #postfix[05:41:43] <rob0> What did you have? Relaying ratware?[05:44:08] <pj> snadge: a policy deamon that detects the flood and defers the emails would be good.[05:44:22] <pj> ...and notifies you[05:44:40] <pj> that would give you time to find and fix the problem at the source without having to reject the emails outright.[05:47:31] *** nuomi has joined #postfix[05:49:01] *** MaximusColourum has quit IRC[05:50:09] *** MAAAAAD has quit IRC[05:50:55] <rob0> oh, so it was not a spambot?[05:52:16] <snadge> no.. it was some misconfigured software[05:52:25] <snadge> one of the devs installed.. for video relaying or something[05:52:27] <pj> rob0: I got the impression that it was a web app or something like that gone wild, that doesn't preclude it being a spambot filling in forms on the app, though.[05:52:59] <snadge> it had managed to generate 60,000 messages or so.. in less than 24 hours[05:53:23] *** patdk-wk has joined #postfix[05:53:28] <snadge> they're gone now.. i guess the solution is.. dont spam yourself ;)[05:53:57] <snadge> after all.. maybe someone would want a script to send them 60,000 messages in less than 24 hours[05:54:01] <snadge> who knows[05:55:01] <pj> right, well if you defer them then you don't have to sit there with the messages in your queue and try to manage them. It's up to the app to resend them.[05:55:58] <pj> you could just reject them if you prefer, but either way I think a policy daemon is the way to go about it.[05:56:06] <rob0> Relaying ratware will do that, and it will get you blacklisted.[05:58:54] *** nuomi has quit IRC[06:03:33] *** MAAAAAD has joined #postfix[06:07:59] *** elex1111113 has joined #postfix[06:09:39] *** cilly has quit IRC[06:13:22] *** cilly has joined #postfix[06:14:37] *** nuomi has joined #postfix[06:24:35] *** elex1111113 has quit IRC[06:53:03] *** Motoko has joined #postfix[07:08:11] *** chad has joined #postfix[07:09:39] *** jwing has quit IRC[07:21:21] *** devxdev has joined #postfix[07:25:33] *** jkfod has joined #postfix[07:25:44] *** jkfod has quit IRC[07:26:31] *** Bry8Star has quit IRC[07:30:36] *** Bry8Star has joined #postfix[07:31:55] *** nuomi has quit IRC[07:48:38] *** Belial has quit IRC[07:54:01] *** jwing has joined #postfix[07:54:58] *** nuomi has joined #postfix[08:01:30] *** devxdev has quit IRC[08:01:55] *** k-man has joined #postfix[08:03:07] <k-man> i want to move my mail system from a err... normal, file based actual users type system to a vhost system, is there any tools for assisting migrating of emails from maildir into a database for the vhost?[08:04:21] *** gerhard7 has joined #postfix[08:04:23] *** jonez has quit IRC[08:13:34] *** abramart_ has joined #postfix[08:17:26] *** jonez has joined #postfix[08:20:38] *** Tabmow has quit IRC[08:21:27] <pj> k-man: virtual hosting does not mean that the emails are not stored in files.[08:22:47] <pj> you seem to be confusing two separate tasks, one is moving from local delivery to virtual delivery and the other is changing from maildir to some sort of db based delivery.[08:23:16] <k-man> pj, ah yes you are right[08:24:18] <k-man> well, i want to move from local delivery to users maildir, to virtual delivery - doesn't have to be in a db[08:24:36] <k-man> but I would like to be able to use postfixadmin to manage the setup[08:25:03] <pj> ok, well read up on virtual and make a plan. Generally speaking migrating the emails is easy as long as you have a good understanding of where the emails are now and how they're stored and the same for where you want them to end up...[08:25:08] <pj> !tell k-man virtual[08:25:08] <knoba> k-man: "virtual" : a way to configure additional domains and user accounts (that do not need to exist in your /etc/passwd). See: http://www.postfix.org/VIRTUAL_README.html[08:25:52] <pj> right, postfixadmin requires a db to hold mailbox, user info and other info, but you don't actually store the messages themselves in the db.[08:26:13] <k-man> pj, oh right - ok[08:27:01] <pj> map it all out, make a plan, take things one step at a time and test extensively before committing to any individual changes.[08:27:15] <pj> that's the best advice I can give you.[08:27:25] <k-man> so i could maybe take a two step approach to the migration? first migrate to virtual, and then migrate the users to a db so postfixadmin can amange it[08:27:43] <k-man> ok, thanks for the advice[08:27:59] <pj> k-man: right, that is what I would do, and then the third stpe would involve installing and configuring postfixadmin itself.[08:28:10] <k-man> pj, ah of course[08:28:31] <pj> but you should study postfixadmin before actually doing the first two steps[08:28:45] <pj> so you know how you want your filesystem and db to look when you plan them[08:29:08] <k-man> ok, will do[08:29:32] <k-man> for some reason i thought postfix could store the actual emails in the db[08:29:37] <pj> good luck, and if you get stuck on any individual steps just ask.[08:29:53] <pj> postfix can't, but there are delivery agents that work with postfix that can.[08:29:58] <pj> !tell k-man dbmail[08:29:58] <knoba> pj: Error: No factoid matches that key.[08:29:59] <k-man> thanks - its a long term goal. i don't think i'll be embarking on it for the next few weeks[08:30:01] <pj> hrmmmm[08:30:07] <pj> well, something like that, heh[08:30:38] <k-man> but i just wanted to have an idea of the direction to look in[08:30:46] <pj> just out of curiosity, what version of postfix are you on now, and what OS/distro/version, etc?[08:30:56] <k-man> debian stable[08:31:31] <k-man> poxtfix: 2.7.1-1+squeeze1[08:31:41] <pj> hrmmmm, ok, I'm not a debian person, so I can't really help you with anything deb specific.[08:31:55] <pj> you may want to consider a postfix upgrade while you're at it.[08:32:03] <k-man> oh thats ok, i'm fairly comfortable with debian itself[08:32:29] <pj> postfix 2.7 is still supported (by postfix), but it lacks certain features that come in handy in newer versions.[08:32:32] <k-man> oh yeah 2.7.1 is a bit old by the looks of things[08:33:04] <pj> like I would recommend that after all is said and done you look into postscreen, which is available with postfix 2.8.x and later.[08:33:09] <pj> !tell k-man postscreen[08:33:09] <knoba> k-man: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[08:33:41] <pj> I'm pretty sure you can get postfix 2.9.x from backports, btw.[08:33:51] <k-man> oh right[08:33:57] <k-man> postscreen sounds interesting[08:34:52] <pj> it is very much worth looking into.[08:35:32] <k-man> what is the term for non-virtual hosting?[08:35:37] <k-man> plain old hosting?[08:36:46] <k-man> actually, the virtual bit I need is just users, not hostname[08:38:21] <pj> bare-metal[08:38:32] <pj> anyways, I have to go[08:38:44] <k-man> ok, thanks for the pointers pj[08:38:56] <pj> or is referred to as "dedicated hosting" by the hosts themselves.[08:42:15] *** davlefou has joined #postfix[08:43:15] *** Silowyi has quit IRC[08:44:32] *** davlefou has quit IRC[08:44:32] *** davlefou has joined #postfix[09:05:44] *** Motoko has quit IRC[09:09:21] *** UQlev has joined #postfix[09:09:59] *** tjikkun_work has joined #postfix[09:12:40] *** zorg1 has joined #postfix[09:15:06] *** master_of_master has quit IRC[09:18:29] *** master_of_master has joined #postfix[09:21:45] *** cilly has left #postfix[09:33:55] *** k-man has quit IRC[09:34:38] *** k-man has joined #postfix[09:41:04] *** nuomi has quit IRC[09:41:57] *** nuomi has joined #postfix[09:48:15] *** kaos01_ has joined #postfix[10:03:45] *** Jakey has quit IRC[10:06:04] *** Jakey has joined #postfix[10:13:09] *** rzimmermann has joined #postfix[10:25:05] *** Areckx has quit IRC[10:29:14] *** rotbeard has joined #postfix[10:37:34] *** Tabmow has joined #postfix[10:38:50] *** Soehnke has joined #postfix[11:04:59] *** e-anima has joined #postfix[11:09:31] *** taipres has joined #postfix[11:09:40] <taipres> does postfix use a lot of mem?[11:09:57] <JPT> mh... define "a lot"[11:10:53] <taipres> 128mb or more?[11:12:29] <JPT> mh... my small setup seems to consume about 64mb in total right now... i might be wrong, but i guess it's not that much ;)[11:14:30] *** mfridh has joined #postfix[11:14:32] <taipres> what all do you have setup[11:14:39] <taipres> just posfix, or dovcot or what?[11:16:16] *** nuomi has quit IRC[11:16:50] <JPT> just postfix[11:17:02] <JPT> dovecot might consume about the same[11:17:18] <JPT> spamassassin will probably consume more[11:17:24] <taipres> so does postfix allow sending as well as receiving?[11:17:39] <taipres> want to set this up so can access with thunderbird to check mail and send mail[11:18:07] <JPT> hm.. then you will need another component for pop3 or imap[11:18:31] <JPT> postfix does smtp (and lmtp for more specific purpose)[11:18:59] <taipres> guess i'll use Dovecot for pop3[11:19:05] *** mi has joined #postfix[11:25:45] <UQlev> taipres: clamav uses a way more than postfix itself[11:26:44] <taipres> not gonna install clamav[11:27:20] <UQlev> taipres: you may want only nullclient[11:28:51] <taipres> what is that[11:29:21] <UQlev> something you may want[11:29:52] <UQlev> smaller than postfix[11:31:14] <taipres> A null client is a machine that can only send mail. It receives no mail from the network, and it does not deliver any mail locally. A null client typically uses POP, IMAP or NFS for mailbox access.[11:31:47] <UQlev> bravo[11:32:28] <taipres> looks complicated to stup[11:32:31] <taipres> setup[11:33:28] <UQlev> postfix is non easy-peasy either[11:34:51] <taipres> typical linux, over complicated[11:34:57] <taipres> may just write my own mail server in C++[11:35:14] <UQlev> right!..[11:35:15] <taipres> instead of trying to configue this big pig[11:35:30] <UQlev> good luck[11:36:33] <UQlev> taipres: how many servers you have already done?[11:38:27] *** UQlev has quit IRC[11:40:58] <taipres> I have the backend framework almost already written up if that's what you're askin, uses epoll+pthreads[11:41:10] <taipres> i'm also pretty familiar with the pop3 protocol, and smtp[11:41:23] <taipres> my only roadblock would be the mx record lookup stuff[11:41:42] <JPT> that's going to be interesting, i guess[11:44:09] <taipres> if I go that route it'll be barebones and do just what I need it to[11:44:18] <taipres> not a 1000+ line config file![11:44:27] <taipres> like what I just nano'd :([11:47:55] *** snearch has joined #postfix[11:49:20] *** cpm has joined #postfix[11:49:21] *** cpm has joined #postfix[11:52:27] <taipres> looks like my domain registrar supports email forwarding[11:52:48] <taipres> so that solves the pop3 issue[12:08:40] *** Alagar has quit IRC[12:26:11] *** FainaUkraina has quit IRC[12:27:46] *** OpenSys has quit IRC[12:28:20] *** OpenSys has joined #postfix[12:29:44] *** Coiby has joined #postfix[12:30:56] *** cpm has quit IRC[12:32:08] <Coiby> Hi, how can I avoid this problem: "statistics: max connection rate 1/60s statistics: max connection count 1 for... statistics: max message rate 1/60s... statistics: max cache size 1"? I already add these lines "smtpd_client_connection_count_limit = 100 smtpd_client_connection_rate_limit = 80 smtpd_client_message_rate_limit = 80". It seems it's not working.[12:41:24] *** kaos01_ has quit IRC[12:44:20] *** taipres has quit IRC[12:59:54] *** morse has quit IRC[13:04:03] *** morse has joined #postfix[13:07:20] *** hparker has quit IRC[13:12:25] *** Coiby has quit IRC[13:27:47] *** famicom has quit IRC[13:28:11] *** Coiby has joined #postfix[13:29:47] *** famicom has joined #postfix[13:30:00] *** hparker has joined #postfix[13:30:00] *** hparker has joined #postfix[13:30:03] *** nysander has joined #postfix[13:30:37] <nysander> hello[13:30:54] *** elex1111113 has joined #postfix[13:31:09] <nysander> is razor, pyzor, dcc filters already alive, because as I see its developement ended years ago, do its servers are active and respond to queries?[13:35:01] *** Cerise has quit IRC[13:37:12] *** Cerise has joined #postfix[13:41:28] *** fbh has quit IRC[13:44:39] *** xcrracer has joined #postfix[13:46:02] *** fbh has joined #postfix[13:58:15] *** p3rror has quit IRC[13:59:58] *** mi has quit IRC[14:00:30] *** chaozzbubi is now known as ChaozZBubi[14:09:56] *** KippiX has joined #postfix[14:11:35] *** p3rror has joined #postfix[14:15:22] *** davlefou has quit IRC[14:16:45] *** elex1111113 has quit IRC[14:25:52] *** gerhard7 has quit IRC[14:29:38] *** d3c has joined #postfix[14:30:09] *** Coiby has left #postfix[14:46:11] *** p3rror has quit IRC[14:48:50] *** dailylinux has joined #postfix[14:48:52] <dailylinux> hello[14:49:07] <dailylinux> i'm a bit confused about port 465 vs 587 for postfix[14:49:25] <dailylinux> 465 does require clients to use SSL certs while 587 doesn't?[14:49:33] <dailylinux> are both secure pports?[14:49:48] *** robinho86 has joined #postfix[14:51:31] <JPT> umm... one of them is smtps, which is deprecated[14:51:42] <JPT> the other one uses TLS which is fine[14:54:46] <patdk-wk> dailylinux, or to say it more simply, BOTH should use ssl certs[14:54:56] <patdk-wk> one does ssl before it starts, one does it after it starts[14:55:36] <dailylinux> i see[14:55:55] <rob0> !smtps[14:55:56] <knoba> rob0: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[14:56:13] <dailylinux> so clients using port 587, using Thunberbird, does it have certs in the client?[14:56:46] <dailylinux> rob0, thx[14:56:54] <dailylinux> patdk-wk, thx[14:57:11] <dailylinux> and 25 is pure plain text transmission?[14:57:16] <rob0> You can check certificates if you want. I don't consider it worth the bother.[14:57:45] <rob0> 25 is for mail exchange (server-to-server), with or without TLS.[15:00:03] <dailylinux> ah, ok[15:00:28] <dailylinux> but standard email clients use 25 for out going email server[15:00:33] <dailylinux> ah[15:00:40] <dailylinux> :)[15:00:55] <dailylinux> hmm[15:01:23] <dailylinux> so on which port does a standard client like Thunderbird "deliver" email to the server?[15:01:45] *** p3rror has joined #postfix[15:02:06] <dailylinux> also, i do wonder, i do we avoid clients sending their passwords in plain text?[15:02:20] <dailylinux> is that achieved with STARTTLS on 587[15:02:29] <JPT> !submission[15:02:29] <knoba> JPT: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[15:02:55] <JPT> that's where thunderbird and other mail user agents will submit their outgoing mails[15:03:07] <dailylinux> ok[15:03:08] *** will_ has quit IRC[15:03:13] <JPT> concerning encryption, i guess it's starttls...[15:03:23] <JPT> yup[15:03:41] *** Belial has joined #postfix[15:03:45] <dailylinux> ok[15:03:46] <dailylinux> :)[15:03:53] <dailylinux> thanks for clarifications[15:04:31] <dailylinux> so server-to-server communications can use SSL/TLS on 25?[15:04:46] <dailylinux> so email contents aren't sent in plain text?[15:05:06] <dailylinux> i guess that needs to be setup[15:05:32] *** dp has joined #postfix[15:05:34] <JPT> i guess they'll use that starttls option, too. because there might be mail servers out there that just do not support tls[15:06:05] <JPT> or the guy who configured them disabled it... i have to admit that i never got into that topic[15:06:26] *** mfridh has quit IRC[15:06:27] <dp> I'm using virtual users via mysql, but I want to know if it's possible to have one of those users run a script on mail receipt, instead of delivering to a mailbox. Could I just create a new transport specific for that user, for that type of thing?[15:06:47] *** nysander has quit IRC[15:09:25] *** danblack has quit IRC[15:12:34] <rob0> "but standard email clients use 25 for out going email server", yes, they are wrong to do that.[15:14:30] <rob0> "i guess they'll use that starttls option, too. because there might be mail servers out there that just do not support tls": if they do not support TLS, STARTTLS is not offered nor accepted.[15:15:20] <rob0> But a mail exchanger MUST NOT require TLS. OTOH, a submission server typically does and should.[15:15:53] <JPT> aah :)[15:20:18] *** mfridh has joined #postfix[15:23:15] *** gerhard7 has joined #postfix[15:26:45] <rob0> dp, sure, you CAN do that, see "man 8 pipe"; but it does not scale well if you have a lot of users who need that.[15:27:30] *** wdp has joined #postfix[15:27:41] <rob0> Generally a simpler approach is to use a virtual alias to redirect to a system user or local(8) alias.[15:32:03] <dp> rob0: are there any docs on doing the latter?[15:36:57] *** elex1111113 has joined #postfix[15:41:39] *** bio_ has joined #postfix[15:42:05] <tharkun> !sqlite[15:42:05] <knoba> tharkun: "sqlite" : Support for sqlite as a map type is available in Postfix 2.8, see http://www.postfix.org/SQLITE_README.html and sqlite_table(5).[15:49:02] *** fireglow has quit IRC[15:49:39] *** hjbehling has joined #postfix[15:49:39] *** fireglow- has joined #postfix[15:52:43] *** fireglow- has left #postfix[15:54:49] *** elex1111113 has quit IRC[15:54:57] <tharkun> rob0: you could have made a copy paste tuto for your pals. I need to set up a minimalistic mailstore and i am too tired to read your whole tutorial :)[15:55:20] *** rowin has joined #postfix[15:57:35] *** KippiX has quit IRC[15:58:41] *** UQlev has joined #postfix[16:00:22] *** Soehnke has quit IRC[16:00:49] *** nuomi has joined #postfix[16:05:05] *** znull has quit IRC[16:06:21] *** Toerkeium has quit IRC[16:06:36] *** rowin has left #postfix[16:08:15] *** jkfod has joined #postfix[16:08:57] <rob0> tharkun, get some sleep![16:09:53] <rob0> dp, virtual(5) and aliases(5) and local(8)[16:10:00] <rob0> !virtual_alias_maps[16:10:00] <knoba> rob0: "virtual_alias_maps" : A configuration parameter in the main.cf: Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses. The table format and lookups are documented in virtual(5).[16:15:08] *** Section1 has joined #postfix[16:20:56] <dp> rob0: ok; thanks[16:21:35] *** eest has joined #postfix[16:21:51] *** d3c has quit IRC[16:22:46] *** [diablo] has joined #postfix[16:22:47] *** [diablo] has joined #postfix[16:25:17] <grefter> See if I can do this right this time .. :)[16:25:19] <grefter> http://pastebin.com/fksKv7TJ[16:26:42] <grefter> What I'm trying to figure out is how to accept alerts from our opennms box across the mail server to ex: level1@ accounts[16:29:13] *** fireglow has joined #postfix[16:29:41] *** lep2 has joined #postfix[16:31:01] *** eest has quit IRC[16:31:02] *** eest has joined #postfix[16:31:20] <eest> anyone using GSSAPI auth together with saslauthd? basically i have it working, and my mech_list contains "LOGIN PLAIN GSSAPI", however i notice that http://www.postfix.org/SASL_README.html#saslauthd has this big "you should only have PLAIN and LOGIN if using saslauthd", but removing GSSAPI from the list fails with SASL GSSAPI authentication failed: no mechanism available.[16:32:16] *** Kloeji has joined #postfix[16:32:36] <eest> my thought is, maby i should add the GSSAPI mech from some other config option to make the setup proper, but i cant find anything along those lines[16:34:34] <eest> im just confused since it is indeed working contrary to what the documentation states[16:37:22] *** lep2 has quit IRC[16:38:07] *** corretico has joined #postfix[16:38:11] *** Kloeji has quit IRC[16:38:41] <dp> rob0: delivering to a local user, do I put <user>@<something from $mydestination> as the target of the virtual user?[16:43:22] <patdk-wk> yep[16:45:33] *** shoonya has joined #postfix[16:46:35] <dp> awesome. I've got it delivering to the .forward, which invokes my shell script. now, I just need to figure out how to get the message data[16:46:37] *** lep2 has joined #postfix[16:46:48] <grefter> patdk-wk: did I ask my question wrong?? Sorry, this issue I'm having is frustrating me :D[16:47:25] <patdk-wk> grefter, no idea what your talking about, as I don't remember *reading* your question[16:47:54] <patdk-wk> as I have been busy working on esxi backups[16:48:21] <patdk-wk> your pastebin is useless though[16:48:30] <grefter> okay..[16:48:40] <patdk-wk> post a pastebin with postconf -n, and whatever logs you have that show the issue[16:48:53] <tharkun> !tell grefter topic[16:48:54] <knoba> grefter: "topic" : The Postfix MTA || See !debug and provide a pastebin URL of relevant logs and postconf -n output before asking questions / check your logs / know your unix basics || On using IRC: http://workaround.org/getting-help-on-irc || Bot info: http://workaround.org/f=postfix || Channel log: http://echelog.matzon.dk/?postfix[16:50:49] *** lep2 has quit IRC[16:52:17] *** Areckx has joined #postfix[16:52:33] <dp> ok, *thats* awesome[16:52:49] <dp> rob0/patdk-wk: thanks for your help. that was *much* easier than I expected[16:53:14] <rob0> the message data goes to stdin of the command in .forward[16:56:41] *** Toerkeium has joined #postfix[16:57:20] *** dailylinux has quit IRC[16:58:22] *** tabakhase has quit IRC[16:58:22] *** tabakhase has joined #postfix[16:59:16] <dp> now, I wait for the trigger, so I can see what data I'm actually getting[17:02:03] *** elex1111113 has joined #postfix[17:06:24] *** dp has left #postfix[17:07:21] <grefter> patdk-wk: http://pastebin.com/cR4UPcpu and I'm not seeing anything in the logs :S ..[17:08:31] <patdk-wk> if you see nothing, the answer is simple[17:08:38] <patdk-wk> nothing is sending it email :)[17:08:57] <patdk-wk> so you need to find out why the *sender* isn't contacting it[17:08:59] <thumbs> I think it's a grefter problem.[17:09:01] <patdk-wk> due to firewall, dns, ...[17:10:23] <grefter> thumbs: I think you're right[17:11:18] <grefter> yea, no firewall, implemented right now .. but yea, I don't even see it trying to send an email to the server guess I'll dig deeper into opennms here :S[17:19:44] <grefter> problem resolved.. wasn't really me :D[17:20:03] <grefter> my partner in crime here didn't activate the global notifications :D[17:20:06] <grefter> works like a charm now[17:20:43] <thumbs> ah, so you ARE a criminal![17:20:55] <tharkun> grefter: could you slap your partner please ;P[17:23:06] <tharkun> ls[17:26:19] *** tjikkun_work has quit IRC[17:33:53] <chthonic> anyone here know if there's a way to send all messages received by an e-mail account to a printer during a certain time frame of the day?[17:35:51] <patdk-wk> ANYTHING is possible[17:36:36] <chthonic> patdk-wk: ok, any idea what difficulty level this would be?[17:36:37] *** [diablo] has quit IRC[17:37:07] <chthonic> trying to set up a fax server that prints the faxes out after hours and on weekends, and sends to the receptionist during the business day[17:38:27] <patdk-wk> that was difficult?[17:38:43] <patdk-wk> receive fax -> tiff, print tiff[17:38:49] <patdk-wk> receive email, print email[17:38:51] <grefter> tharkun: already done!![17:38:52] <patdk-wk> it's that simple[17:38:53] *** rzimmermann has quit IRC[17:39:12] <patdk-wk> you just need a program that accepts the email on stdin, and prints it however you want it formatted[17:39:35] <chthonic> patdk-wk: i've never set up anything like this. i just don't know how to set the schedule up with the mail server[17:40:03] <UQlev> chthonic: why treat faxes differently on weekends?[17:40:05] <patdk-wk> well, schueling it is a simple time check in the script that would call the printer[17:40:25] <chthonic> UQlev: no receptionist, but some of our agents work nights and weekends[17:40:36] <chthonic> so they'd be unable to receive fax if they were working off hours[17:40:56] <UQlev> chthonic: can you forward them a copy?[17:41:27] <chthonic> i can't think of any way to flag incoming faxes as belonging to a certain person[17:41:40] <patdk-wk> no pri line?[17:42:18] <chthonic> we have one, how does that help?[17:42:31] <patdk-wk> assign each user their own fax number[17:42:37] <patdk-wk> route based on the number called[17:42:57] <UQlev> it will be a mess[17:43:11] <UQlev> who will remember so many fax numbers?[17:43:17] <chthonic> srsly[17:43:18] <patdk-wk> who needs to?[17:43:23] <chthonic> and why pay for a dozen lines?[17:43:31] <patdk-wk> who said your paying anything?[17:43:38] <patdk-wk> it costs me $16 for 100 numbers[17:43:40] <chthonic> we get charged for DIDs[17:43:46] <patdk-wk> ya, cheap[17:43:56] <chthonic> not on our contract[17:43:58] <patdk-wk> so much cheaper than ip's[17:43:58] <chthonic> is a small office[17:44:15] <patdk-wk> your telco is screwing you then[17:44:20] <patdk-wk> office size doesn't matter[17:44:23] <chthonic> and everyone would have to give out a different fax number[17:44:24] <patdk-wk> you just need a pri line[17:44:40] <patdk-wk> there isn't any other way to self-route[17:44:41] <UQlev> nowadays middle office of 50 people receive 3-5 faxes a week[17:44:55] <tharkun> chthonic: the hard part is getting a fax server to work on linux. Actually getting the modem to work is the hardest part of all[17:45:07] <UQlev> most of inward messages on emails[17:45:15] <chthonic> tharkun: have a hylafax compatible modem here already[17:45:31] <chthonic> UQlev: we're an insurance office, still get a ton of fax[17:46:13] <UQlev> chthonic: then why not make copies of all inward faxes to a few people in charge[17:46:19] <chthonic> patdk-wk: i'm not trying to self route, i'm trying to get it to go to the receptionist for routing during the day, and sit on the printer at night[17:46:20] <tharkun> chthonic: sent everything to a central fax e-mail account and have the different users imap to that account. Problem solved[17:46:42] *** nephfl has joined #postfix[17:46:51] <tharkun> chthonic: what is the difference of sitting on the e-mail box vs sitting on the printer?[17:47:05] <tharkun> you would even save paper. Poor little trees[17:47:08] <nephfl> hello, is there a way to disconnect a connection after a user has sent a specific number of emails in a connection?[17:47:26] <patdk-wk> nephfl, yep[17:47:41] <UQlev> chthonic: fax in email you can read from home[17:47:55] *** corretico has quit IRC[17:47:57] <nephfl> what is the variable for it? I can't find it... I see rate limiting but not per incoming connection limiting[17:48:42] <chthonic> tharkun: i've thought of that already, and we have a similar setup going on right now. problem is people end up responding to faxes they have no business touching, in general it just causes issues[17:48:49] <chthonic> i'm trying to get a better system figured out[17:49:09] <chthonic> UQlev: don't wanna have to work from home, that's a pain in the ass[17:50:29] <tharkun> chthonic: Could you please explain how do you want your full fax workflow. Just to have an overview on how it works.[17:52:12] <chthonic> tharkun: fax comes in to fax server, gets sent out as e-mail to mail server on the same box. if it is between 8:30am-5:30pm it gets sent to the receptionist mailbox. if it is outside of those hours, or on a weekend, it gets sent to the receptionist mailbox and the fax gets printed out on the main office printer as well[17:53:07] <chthonic> and i'm guessing it'll be easier to config the mail server to handle the printing than hylafax, because hylafax is not user friendly, and i don't trust it to work right for anything but receiving and sending fax[17:53:11] <tharkun> chthonic: Why would you want it printed also. You could get a double source of information out of that fax, leading to confusing actions to your clients[17:54:10] <chthonic> printed so nobody has to get a phone call, check the fax e-mail, and send to the person requesting the fax. it needs to go to the mailbox for archival purposes, because if paperwork gets lost it can get very expensive for an insurance office[17:55:11] <nephfl> patdk-wk, Do you happen to know the specific value?[17:55:41] <UQlev> nephfl: zero ;)[17:56:10] <UQlev> insurance company is not responsible for nonreceiving fax[17:56:33] <UQlev> fax is not reliable channel of messaging at all[17:57:39] <tharkun> chthonic: I think your system is screwed and that you are making a simple mistake on the evaluation of how your faxes should flow through your office.[17:57:40] <chthonic> UQlev: oh trust me, i know. insurance has some very stupid rules and regulations. if a client sends you a fax and has a confirmation sheet saying it went through, and you don't have the paper, then the office is responsible[17:57:54] <chthonic> tharkun: what do you recommend[17:58:12] <tharkun> chthonic: I'm thinking, let me order some ideas[17:58:22] <chthonic> :)[17:58:34] <UQlev> chthonic: I dealed with vessels insurance for number of years an I know responsibilities of insurer[18:00:09] *** corretico has joined #postfix[18:00:45] <nephfl> anybody know of a way to check logs for number of emails per incoming connnection?[18:01:14] <tharkun> chthonic: Fax reception is a "Show stoper" position. Several persons should have access to the incomming paperwork[18:02:03] *** disposable has quit IRC[18:02:10] <rob0> nephfl, what is the actual problem you are trying to solve?[18:02:15] <tharkun> There should allways be a person that is redirecting those and that can have enough decisition power to reat upon it.[18:02:18] <chthonic> management already does have access to our incoming faxes[18:02:40] <tharkun> chthonic: will they redirect it to the appropiate person?[18:02:40] <chthonic> the fax account is an alias that sends to management and the receptionist[18:02:45] <rob0> And yes, smtpd(8) always logs the nrpcts= per DATA[18:02:57] <chthonic> tharkun: not after hours[18:03:03] <chthonic> at least not in a reasonable time frame[18:03:05] <rob0> (but the same connection can be RSET and used for more)[18:03:55] <tharkun> chthonic: fax at example dot com should be accessible by several receptionist that know what to do with them[18:04:15] <tharkun> that way you avoid a lag on the flow of those[18:05:09] <tharkun> there are other isues that need to be addressed. You firstly need to analyze your whole process. Not as simple as you might think.[18:06:42] <UQlev> tharkun: it doesn't worth to spend much time for faxes. This way of messaging should die because it is unreliable and vulnerable[18:07:24] <UQlev> tharkun: many senders can not even setup their fad ID[18:07:27] <tharkun> UQlev: but leagaly binding[18:07:43] <tharkun> s/leagaly/legaly/[18:08:05] <patdk-wk> what is legally binding?[18:08:14] <tharkun> UQlev: It is a pain to work with faxes specially when there are government isues to be treated that way[18:08:15] <UQlev> tharkun: nothing is binding[18:08:45] <patdk-wk> a fax confirmation says you sent it, nothing about receiving, paper jam, out of paper, fax crash (love them), ...[18:08:47] <tharkun> UQlev: can i send you the Atourney General phone so you can explain that to him?[18:09:04] <UQlev> tharkun: sending report on sender's part doesn't guarantee that fax was received and readable[18:09:50] <tharkun> UQlev: You are soooo right, but tell that to atourneys. It is painfull to deal with them sometimes[18:10:04] <UQlev> tharkun: those who wants double check always call after fax sending[18:11:13] <UQlev> tharkun: attorneys use courier services when they want binding[18:12:07] <UQlev> fax in modern office is rudiment like apendix[18:12:40] <UQlev> everything can be forgered, signatures, sender ID etc[18:12:50] <UQlev> no integrity check[18:17:45] *** UQlev has quit IRC[18:25:07] *** Uninstall has quit IRC[18:29:22] <nephfl> I have a .net application sending to mail servers but .net does connection pooling, so it sends in large chunks, this could be a problem because I would like to add a TCP proxy like haproxy to do load balancing for postfix[18:29:48] <nephfl> if the chunks are large without disconnects, then I will still see uneven loading[18:30:25] *** Uninstall has joined #postfix[18:30:26] *** Uninstall has joined #postfix[18:30:41] <nephfl> so, I need to determine how many emails are being sent per incoming connection and then limit them if they are very large[18:30:57] *** shoonya has quit IRC[18:35:48] *** Uninstall has quit IRC[18:37:12] *** mroe has quit IRC[18:52:06] *** jkfod has quit IRC[18:52:49] *** jkfod has joined #postfix[18:59:37] *** MaximusColourum has joined #postfix[19:12:01] <adaptr> What does ".net does connection pooling, so it sends in large chunks" even mean, and if it bothers you, disable it.[19:15:52] *** znull has joined #postfix[19:38:25] *** Belial has quit IRC[19:39:12] *** Belial has joined #postfix[19:39:40] *** mroe has joined #postfix[19:39:40] *** mroe has joined #postfix[19:44:02] *** mroe has quit IRC[19:45:02] *** mroe has joined #postfix[19:51:47] *** mroe has quit IRC[19:52:01] *** mroe has joined #postfix[20:00:11] *** jkfod has quit IRC[20:12:50] *** eanima has joined #postfix[20:13:38] *** e-anima has quit IRC[20:17:26] *** eanima has quit IRC[20:17:41] *** e-anima has joined #postfix[20:24:21] *** Deathvalley122 has quit IRC[20:27:09] <nephfl> .net does connection pooling means the same concept as postfix doing connection caching, it attempts to send more than a single mail through a sincle connection in order to reduce the connection overhead... I do not know a way to change the size of these sends, so I am looking for a way to controll it from postfix by disconnecting after a sertain number of emails[20:28:14] <adaptr> it has nothing to do with .net "connection pooling", which refers to ODBC or other database connections, that CAn share a single physical connection between multiple threads.[20:28:31] <adaptr> SMTP has supported pipelining for a long time - considerably longer than .net has existed[20:28:44] <adaptr> you may want to investigate that, since you can easily limit it in postfix[20:29:27] *** jkfod has joined #postfix[20:33:16] *** Deathvalley122 has joined #postfix[20:35:29] *** p3rror has quit IRC[20:38:47] *** mroe has quit IRC[20:41:55] *** Almtesh has quit IRC[20:41:55] *** Almtesh has joined #postfix[20:41:57] *** codin has quit IRC[20:42:58] *** codin has joined #postfix[20:45:16] *** elex1111114 has joined #postfix[20:47:39] *** elex1111113 has quit IRC[20:48:49] *** p3rror has joined #postfix[20:52:31] *** snearch has quit IRC[20:59:16] *** wdp has quit IRC[21:04:53] *** Deathvalley122 has quit IRC[21:08:04] *** codin has quit IRC[21:09:14] *** arussel has joined #postfix[21:09:59] *** codin has joined #postfix[21:17:16] *** Deathvalley122 has joined #postfix[21:23:06] *** Tabmow has quit IRC[21:28:01] *** Corey_ has joined #postfix[21:28:16] *** Tabmow has joined #postfix[21:31:49] *** Corey has quit IRC[21:35:52] *** hjbehling has quit IRC[21:39:17] *** pehden has quit IRC[21:42:06] *** d3c has joined #postfix[21:42:09] *** sw has joined #postfix[21:42:46] *** wdp has joined #postfix[21:44:47] *** Creamz has quit IRC[21:45:07] *** arussel has quit IRC[21:45:11] *** Corey_ is now known as Corey[21:45:54] <sw> hi. I'm following a tutorial for dovecot, but I think it's a little out-of-date. would you be able to help me with some errors that I'm facing: 1. 'postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl_application_name=smtpd' 2. it says to edit '/etc/dovecot/conf.d/01-dovecot-postfix.conf' to add ssl_cert_file and ssl_key_file, but there's no such file 3. it says to edit 'dovecot.conf' mail_location but I don't see that setting[21:46:04] *** Creamz has joined #postfix[21:46:13] <adaptr> !tell sw tutorial[21:46:13] <knoba> sw: "tutorial" : A very common problem is that some people prefer to follow a step-by-step tutorial that shows them how to setup their server w/out reading the documentation or understanding what they are doing. If something goes wrong, they have no clue whatsoever about where to find hints, and they sometimes decide to start from scratch using a different tutorial. This is not The Proper Way.[21:46:36] <adaptr> !smtpd_sasl_application_name[21:46:36] <knoba> adaptr: "smtpd_sasl_application_name" : a configuration parameter in the main.cf: The application name used for SASL server initialization. This controls the name of the SASL configuration file. The default value is smtpd, corresponding to a SASL configuration file named smtpd.conf.[21:46:49] *** Creamz has quit IRC[21:46:58] <adaptr> sw: dovecot doesn't use that file. at all.[21:47:06] <adaptr> it connects to a socket[21:47:27] <sw> adaptr: the '01-dovecot-postfix.conf' file?[21:51:48] <sw> adaptr: why does knoba say it's used but the error says it's unused?[21:53:17] <adaptr> why did knoba say what ?[21:53:41] <adaptr> the factoid fails to metion that the file is only used with cyrus SASL[21:53:47] <adaptr> dovecot does not use it[21:58:06] <sw> adaptr: ok thanks. do you know where the ssl_cert_file and ssl_key_file should go, as I don't see a '/etc/dovecot/conf.d/01-dovecot-postfix.conf'? and also mail_location?[21:58:21] <adaptr> that would be dovecot questions[22:11:15] *** Section1 has quit IRC[22:16:55] *** kaos01_ has joined #postfix[22:18:31] *** jkfod has quit IRC[22:22:35] *** jkfod has joined #postfix[22:23:35] *** ipnoz_ has quit IRC[22:23:39] *** wdp has quit IRC[22:26:26] *** jonez has quit IRC[22:36:36] *** ssureshot has quit IRC[22:39:36] *** jonez has joined #postfix[22:42:22] *** gerhard7 has quit IRC[22:48:16] *** chad has quit IRC[22:48:43] *** d3c has quit IRC[22:49:31] *** Belial has quit IRC[22:59:02] <nephfl> pipelining, connection pooling, connection caching, all seems like similar enough language...and I can see that I can disallow pipelining of commands, and that I can rate limit rcpt to: and that I can set other restrictiosn on rcpt to: but I don't see any that simply allow me allow connections to pipeline say 5 or 10 emails and then disconnect[22:59:31] <adaptr> there arent' any. but disabling pipelining solves your issue[22:59:40] <adaptr> it has no advantage for your purpose[23:00:34] <nephfl> if I disable pipelining completely, I imagine that my rate will decrease significantly and that isnt the goal...only to break connections fairly frequently to allow ha proxy to move that server on to another machine with less mail[23:00:42] <nephfl> rather than dumping gigs on a single server[23:01:51] <nephfl> I would imagine it is a fairly common issue, but I haven't found much online documentation[23:02:28] <nephfl> it might defaulty break connection enough, I would just like to find all options for controlling it[23:03:05] <nephfl> default-ly...or by default[23:03:28] *** pehden has joined #postfix[23:03:41] <nephfl> If I can force the connection to drop after a certain number, it would allow me much better control[23:03:48] *** ipnoz has joined #postfix[23:04:18] <adaptr> "decrease significantly" ?[23:04:20] <adaptr> why[23:04:29] <adaptr> do yo uunderstand what pipelining saves[23:04:46] <nephfl> wouldnt there be significant time and overhead of connecting for each email send instead of pipelining?[23:04:52] <adaptr> ...no ?[23:05:02] <nephfl> hm[23:05:10] <adaptr> what would yo ube saving ? the TCP setup ? EHLO handshake ?[23:05:19] <adaptr> that's a few packets at most[23:05:36] <adaptr> since you control both ends, yo utune the systems to minimize these delays[23:05:45] <adaptr> you won't notice any of it[23:05:58] <pj> disallowing piplinign is a good thing for public-facing servers, when done properly (best done with postscreen) it actually reduces spam by a fair bit.[23:06:38] <adaptr> but he's talking about submission from a LAN. it doesn't make any difference at gbit speeds[23:06:48] <pj> ok, I didn't read back that far, heh[23:08:09] <pj> but there's a reason why it's disabled by default.[23:08:13] <nephfl> I just assumed it would add up with gigs of mail...[23:08:51] <pj> well, disabled in postscreen, I mean[23:09:46] <rob0> pipelining is disabled by default?[23:10:23] <pj> sorry, I got a postscreen setting mixed up with a regular one when saying that.[23:10:26] <rob0> postscreen does not speak SMTP fully[23:12:12] <adaptr> allowing pipelinig has only become beneficial since MTAs started delaying and rejecting hosts based on pre-MAIL communication. so, oddly enough, it will be most useful on systems that run DNSBL and other client checks.[23:12:19] <adaptr> that's almost a pardox right there[23:13:03] <adaptr> (useful for whitelisted clients, that is. the rest won't get that far)[23:14:19] <pj> heh, well an RFC-compliant client won't try pipelining if it's not enabled anyways.[23:18:36] <nephfl> the other issue that I need to figure out is how to weight servers in haproxy based on queue size[23:18:48] *** pehden has quit IRC[23:18:59] <nephfl> I suppose that wont be very important if I disable pipelining[23:20:16] <adaptr> sounds like you haven't thought this HA/LB thing through yet[23:20:19] <rob0> Seems to me, the sensible answer in your case would be to control the client submitting the mail.[23:20:54] *** svip has left #postfix[23:20:57] <nephfl> that would have to be done programatically as the middleware is compiled c#[23:21:09] <nephfl> not a solution I can impliment[23:21:14] <adaptr> indeed, but he's wafting lyrically about "connection pooling", as if that's even a thing in SMTP[23:21:22] <nephfl> and I don't see a reference for altering default .net behavior[23:22:25] <adaptr> there is no "default" behaviour - it's a programming framework[23:22:30] <nephfl> lol...connection caching when outbout...pipelining when inbound...(.net references referred to pooling similar to their database connnections)...so...[23:23:08] <nephfl> there is a default behavior...the implimentation is to open a mailclient object, send mail...the .net framework itself handles the connections[23:23:51] <adaptr> and if it's anything like as stupid as outhouse, that's the first thing you want to drop like a brick.[23:27:03] <nephfl> don't know what you are refering to, but I'm not .net developer[23:27:22] <nephfl> just looking for options to resolve an issue on a sysadmin level rather than programatic[23:30:40] <tharkun> nephfl: tell .net that postfix is your relayhost and that once delivered its job is done. Then you do a proper setup to loadbalance whatever you want[23:32:42] <nephfl> I think it is possible to force close the connection on each email, but I don't think anyone is working on that portion of the code...[23:33:31] <nephfl> I cant find a good reference for managing haproxy weight by postfix queue size either...so that might be fun[23:41:39] *** mroe has joined #postfix[23:42:31] <adaptr> I don't know why you would find one[23:42:48] <adaptr> SMTP is pretty well known by now[23:44:27] <tharkun> adaptr: If unix philosophy where to be followed then seperate instances to do the job would have been used. Windows philosophy ask to make big shitty integrations.[23:44:46] *** p3rror has quit IRC[23:45:46] <nephfl> In this case we have seperate systems sending to another list of systems, something needs to smooth out the instances when all servers decide to hit one server[23:45:58] *** p3rror has joined #postfix[23:46:20] <adaptr> if the clients insist on sending hundreds of messages to one machine, the client software is broken[23:46:21] <nephfl> last holiday they all ganged up on one server and filled the drive[23:46:38] <thumbs> sounds nasty.[23:46:38] <adaptr> "filled the drive" is obvious nonsense[23:46:57] <adaptr> thumbs: ESMTP gang-bang[23:47:00] <nephfl> that is true, but what if they randomly select from a list and each server is assigned a list....any overlap can lead to a collision[23:47:06] <thumbs> adaptr: ew.[23:47:14] <adaptr> nephfl: if the clients insist on sending hundreds of messages to one machine, the client software is broken[23:47:24] <adaptr> we CAN NOT fix that for you[23:47:47] <nephfl> if you have multiple machines...with an overlapping pool of machines...collisions will happen unless you use a balancer...[23:47:55] <nephfl> or unless they coordinate in some way[23:48:19] <tharkun> nephfl: is the balancer running now?[23:48:26] <adaptr> unless your client software - gasp! - implemented SMTP as it was designed.[23:48:34] <nephfl> not yet...that is what I am working on this week[23:48:47] <nephfl> How would SMTP as it was designed help?[23:49:11] <tharkun> nephfl: put it there and let it do its job you will see that you do not need much more than that[23:49:37] <nephfl> ?[23:49:53] <nephfl> that would be true if the entire load were not larger than the drive size of a single server[23:50:04] <tharkun> nephfl: if ONE server loads too much another the balancer will direct the rest of the load to the other slaves[23:50:12] <nephfl> and if AOL didn't throttle connections and gum up the queue[23:50:36] <nephfl> ah...so, what type of balancer do you recommend?[23:52:07] <nephfl> I'm thinking that haproxy should do the job...from what I've been reading... but I haven't tried it before[23:52:47] *** Silowyi has joined #postfix[23:52:53] <tharkun> nephfl: as for AOL set up a special transport that throtles the output to them so you don't get über slow[23:53:34] <nephfl> yeah, we are on their fbl...and have a good reputation, but they still throttle...I think postfix recommends setting up a shunt queue[23:55:04] <adaptr> not a queue[23:55:32] <nephfl> yeah, it says "shunt queue" but it describes a seperate instance of postfix tuned for aol[23:55:56] <adaptr> postfix most certainly does not recommend that. just use a slow transport[23:55:58] <nephfl> something very basic that I'm wondering is if you can mv mail from queue to queue in postfix without issue[23:56:13] <adaptr> there is only one queue. you cannot manipulate it.[23:56:16] <nephfl> I think that is what it said in my mail log[23:56:42] <adaptr> !tell nephfl overview[23:56:42] <knoba> nephfl: "overview" : Postfix Architecture Overview : http://www.postfix.org/OVERVIEW.html[23:56:54] <adaptr> you need to study that thoroughly before assuming any more[23:57:56] <iocc> how do I change the EHLO that *my* server tell to other mailservers?[23:58:53] <nephfl> not sure what I assumed there[23:59:20] *** mroe has quit IRC[23:59:56] <nephfl> I did have a question there though