[00:19:34] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has quit IRC (Ping timeout: 272 seconds)
[00:22:25] *** troys_ is now known as troys
[00:31:28] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has joined #postfix
[00:34:02] *** zerocool_ <zerocool_!~muhGNUdoh@50-39-114-145.bvtn.or.frontiernet.net> has quit IRC (Quit: leaving)
[00:36:14] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has quit IRC (Remote host closed the connection)
[00:47:14] *** wwl <wwl!~wwl@ipbcc2327c.dynamic.kabel-deutschland.de> has quit IRC (Quit: Nettalk6 - www.ntalk.de)
[00:48:01] <simbalion`> Hi I'm getting a 'blockedopenrelay,quarantined' error in my mail log trying to send from a webmail app. But the app connects from the IP address in mynetworks in main.cf, can someone help?
[00:54:48] *** troys is now known as troys_
[00:56:13] *** giesen <giesen!~ggiesen@2001:19f0:0:1019:5400:ff:fe25:bda6> has quit IRC (Remote host closed the connection)
[00:58:22] *** giesen <giesen!~ggiesen@2001:19f0:0:1019:5400:ff:fe25:bda6> has joined #postfix
[00:59:25] <lunaphyte> blockedopenrelay,quarantined is not a postifx log message
[00:59:32] <lunaphyte> !tell simbalion getting_help
[00:59:33] <knoba> simbalion: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin
[00:59:36] <simbalion`> seems like it might be amavis
[00:59:45] <simbalion`> thanks tho
[01:00:00] *** jrabe <jrabe!irc@bouncer.tech> has quit IRC (Quit: Scheduled maintenance)
[01:02:17] *** jrabe <jrabe!irc@bouncer.tech> has joined #postfix
[01:02:23] *** troys_ is now known as troys
[01:09:49] *** _nalle <_nalle!nalle@gigabit.nu> has quit IRC (Ping timeout: 268 seconds)
[01:21:27] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 240 seconds)
[01:25:48] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix
[01:39:50] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has quit IRC (Quit: quit)
[01:46:42] *** SupaYoshi <SupaYoshi!~SupaYoshi@104.129.10.95> has joined #postfix
[02:05:48] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 240 seconds)
[02:07:21] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[02:10:36] *** troys is now known as troys_
[02:16:46] <masuberu> !getting_help
[02:16:47] <knoba> masuberu: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin
[02:17:05] <masuberu> !relevant_logs
[02:17:05] <knoba> masuberu: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging
[02:17:33] <masuberu> !showconfig
[02:17:33] <knoba> masuberu: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old
[02:21:00] <rob0> masuberu, SPF won't hurt if you do it right, but is not likely to make much/any difference in deliverability.
[02:26:52] <masuberu> rob0, yes I still have a lot of work to do with my postfix setup... I am trying to read and understand the basics of what I need
[02:31:38] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Remote host closed the connection)
[03:06:53] <masuberu> If I post my config here, should I mask the field "mynetworks"?
[03:07:08] <masuberu> !pastebin
[03:07:09] <knoba> masuberu: "pastebin" : A pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, pastebin.ca, paste.ee, ptpb.pw, ix.io and many others. Please avoid ad-supported sites such as pastebin.com if possible.
[03:08:35] *** _nalle <_nalle!nalle@gigabit.nu> has joined #postfix
[03:18:58] *** gongoputch <gongoputch!~kseel@freebsd/op/gongoputch> has quit IRC (Quit: Leaving.)
[03:19:58] <masuberu> my postfix logs does not show enough information for me to keep troubleshooting. I am posting my main.cf content and a small portion of my maillog file https://dpaste.de/Q6tX
[03:27:18] *** gongoputch <gongoputch!~kseel@freebsd/op/gongoputch> has joined #postfix
[03:30:27] <masuberu> any idea?
[03:37:38] <buki> you can always check the logs on gmail's side..
[03:49:35] *** nomeed <nomeed!~nomeed@p54A246A1.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 248 seconds)
[03:53:38] *** nomeed <nomeed!~nomeed@p5B2E2431.dip0.t-ipconnect.de> has joined #postfix
[04:13:07] *** ariscop <ariscop!~Phase4@58.106.177.140> has quit IRC (Remote host closed the connection)
[04:15:24] *** ariscop <ariscop!~Phase4@58.106.177.140> has joined #postfix
[04:19:43] *** SupaYoshi <SupaYoshi!~SupaYoshi@104.129.10.95> has quit IRC (Ping timeout: 265 seconds)
[04:26:46] <masuberu> buki, would be easier to check logs on my side so I can see different outcomes from different external entities? would be easier I guess
[04:35:40] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 265 seconds)
[04:36:47] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix
[04:46:54] *** MACscr <MACscr!~MACscr@c-73-9-230-5.hsd1.il.comcast.net> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)
[05:02:02] *** cgt <cgt!~cgt@wikipedia/cgt> has quit IRC (Quit: cgt)
[05:06:21] *** eelstrebor <eelstrebor!~eelstrebo@216.75.116.100> has quit IRC (Quit: Ex-Chat)
[05:12:42] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has joined #postfix
[05:14:45] *** Dolanyeah112 <Dolanyeah112!~dolanyeah@202.57.8.13> has joined #postfix
[05:17:12] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has quit IRC (Client Quit)
[05:45:28] *** troys_ is now known as troys
[06:20:50] *** aaap <aaap!~aaap@unaffiliated/aaap> has joined #postfix
[06:55:33] *** Dolanyeah112 <Dolanyeah112!~dolanyeah@202.57.8.13> has quit IRC (Ping timeout: 264 seconds)
[06:57:14] *** Dolanyeah112 <Dolanyeah112!~dolanyeah@202.57.8.13> has joined #postfix
[07:24:11] *** muh2000_ <muh2000_!~muh2000@HSI-KBW-078-042-015-025.hsi3.kabel-badenwuerttemberg.de> has joined #postfix
[07:24:59] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has quit IRC (Ping timeout: 276 seconds)
[07:54:30] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has quit IRC (Quit: Bye)
[08:02:37] *** sebastienthiry <sebastienthiry!~Thunderbi@239.110-66-87.adsl-dyn.isp.belgacom.be> has joined #postfix
[08:02:55] *** sebastienthiry <sebastienthiry!~Thunderbi@239.110-66-87.adsl-dyn.isp.belgacom.be> has quit IRC (Client Quit)
[08:15:11] *** wk-work <wk-work!~quassel@office-osl3-tech-nat.osl.basefarm.net> has joined #postfix
[08:25:18] *** Ownage <Ownage!~proprieta@111.206.168.98> has joined #postfix
[08:25:58] *** proprietarysucks <proprietarysucks!~proprieta@111.206.168.98> has quit IRC (Remote host closed the connection)
[08:31:26] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Quit: led_ir22)
[08:45:31] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix
[08:45:35] *** FiendKing04 <FiendKing04!~FK04@104.168.164.226> has joined #postfix
[08:48:51] *** Columbo0815 <Columbo0815!~foobar@HSI-KBW-149-172-2-93.hsi13.kabel-badenwuerttemberg.de> has joined #postfix
[08:49:30] *** MACscr <MACscr!~MACscr@c-73-9-230-5.hsd1.il.comcast.net> has joined #postfix
[08:55:02] *** ghostknife <ghostknife!~buzz9e15@houdini.yoga> has joined #postfix
[08:56:35] <ghostknife> i was wondering I made a self signed cert for tls, and have another server using tls relaying to the first server. but it doesn't seem to be validating against a ca cert. how do I enforce this? is it with smtp_tls_security_level?
[09:13:52] *** FiendKing04 <FiendKing04!~FK04@104.168.164.226> has quit IRC (Quit: ZNC - http://znc.in)
[09:37:43] *** Ellenor is now known as Rijnhilde
[09:42:38] <ghostknife> ah, think I found it
[09:44:25] *** MajPotatohead <MajPotatohead!~harold@47-41-60-159.dhcp.mtpk.ca.charter.com> has joined #postfix
[09:44:25] *** MajPotatohead <MajPotatohead!~harold@47-41-60-159.dhcp.mtpk.ca.charter.com> has quit IRC (Changing host)
[09:44:25] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has joined #postfix
[09:49:30] *** Rijnhilde is now known as Eamon
[09:50:41] *** Eamon is now known as blue-squirrel
[09:51:05] *** blue-squirrel is now known as Eamon
[09:57:55] *** rsx <rsx!~rsx@ppp-46-244-250-142.dynamic.mnet-online.de> has joined #postfix
[10:50:05] *** ogny <ogny!~orkun@unaffiliated/ogny> has joined #postfix
[11:02:29] *** Eamon is now known as Ellenor
[11:05:16] *** ghostknife <ghostknife!~buzz9e15@houdini.yoga> has quit IRC (Quit: leaving)
[11:07:35] *** ogny <ogny!~orkun@unaffiliated/ogny> has quit IRC (Ping timeout: 256 seconds)
[11:20:15] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 248 seconds)
[11:21:07] *** ogny <ogny!~orkun@unaffiliated/ogny> has joined #postfix
[11:25:37] *** ogny <ogny!~orkun@unaffiliated/ogny> has quit IRC (Ping timeout: 248 seconds)
[11:29:53] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 265 seconds)
[11:34:25] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[11:43:01] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[11:46:19] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 265 seconds)
[11:47:31] *** sebastienthiry <sebastienthiry!~Thunderbi@239.110-66-87.adsl-dyn.isp.belgacom.be> has joined #postfix
[11:59:37] *** Ellenor is now known as Eamon
[12:12:40] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has joined #postfix
[12:12:56] *** muh2000_ <muh2000_!~muh2000@HSI-KBW-078-042-015-025.hsi3.kabel-badenwuerttemberg.de> has quit IRC (Ping timeout: 276 seconds)
[12:15:57] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has quit IRC (Client Quit)
[12:19:09] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has joined #postfix
[12:20:09] *** ogny <ogny!~orkun@46.197.10.191> has joined #postfix
[12:20:09] *** ogny <ogny!~orkun@46.197.10.191> has quit IRC (Changing host)
[12:20:09] *** ogny <ogny!~orkun@unaffiliated/ogny> has joined #postfix
[12:25:35] *** daurnimator <daurnimator!~daurnimat@unaffiliated/daurn> has joined #postfix
[12:25:39] * daurnimator waves
[12:26:15] <daurnimator> I'd like to deliver messages to a script => what's the best way to do it?
[12:26:36] <daurnimator> The only documented thing I can find seems to be using lmtp
[12:26:41] <daurnimator> however I was hoping for something simpler
[12:26:59] <daurnimator> e.g. I'm wondering how does `local` get messages from the queue manager?
[12:30:36] * daurnimator finds pipe
[12:33:43] *** SupaYoshi <SupaYoshi!~SupaYoshi@104.129.10.95> has joined #postfix
[12:35:59] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 248 seconds)
[12:40:51] *** pti-jean_ <pti-jean_!~quassel@79.38.124.78.rev.sfr.net> has joined #postfix
[12:47:40] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[13:00:28] *** Dolanyeah112 <Dolanyeah112!~dolanyeah@202.57.8.13> has quit IRC (Quit: Nettalk6 - www.ntalk.de)
[13:05:34] <dl8bh> daurnimator: we use virtual_transport with a pipe:
[13:06:29] <dl8bh> daurnimator: http://paste.debian.net/hidden/26e8a0ac/
[13:06:48] <daurnimator> dl8bh: yep. i got it working :)
[13:06:56] <dl8bh> nice :)
[13:30:38] *** muh2000_ <muh2000_!~muh2000@HSI-KBW-078-042-015-025.hsi3.kabel-badenwuerttemberg.de> has joined #postfix
[13:30:56] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has quit IRC (Ping timeout: 276 seconds)
[13:34:02] *** u435607 <u435607!~u435607@ip-84-118-211-178.unity-media.net> has joined #postfix
[13:37:07] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 255 seconds)
[13:37:18] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[13:38:06] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has joined #postfix
[13:40:44] *** u435607 <u435607!~u435607@ip-84-118-211-178.unity-media.net> has quit IRC (Ping timeout: 272 seconds)
[13:41:06] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[13:44:15] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 265 seconds)
[14:04:18] *** ren0v0_ <ren0v0_!~ren0v0@host213-122-99-205.range213-122.btcentralplus.com> has left #postfix
[14:05:24] *** aaap <aaap!~aaap@unaffiliated/aaap> has quit IRC (Remote host closed the connection)
[14:07:22] *** Columbo0815 <Columbo0815!~foobar@HSI-KBW-149-172-2-93.hsi13.kabel-badenwuerttemberg.de> has quit IRC (Quit: Verlassend)
[14:27:44] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix
[14:32:08] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Read error: Connection reset by peer)
[14:32:34] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[14:40:25] <rob0> Hmm, local(8) and aliases(5) also document how to deliver mail to a command.  Not sure how you missed that?
[14:42:36] <rob0> The queue manager invokes a local process as the recipient user, basically.  qmgr(8) doesn't "have" the mail at any point.  The local process accesses the queue.
[14:42:56] *** jucaroba <jucaroba!~quassel@static-153-155-225-77.ipcom.comunitel.net> has quit IRC (Read error: Connection reset by peer)
[14:44:17] *** jucaroba <jucaroba!~quassel@static-153-155-225-77.ipcom.comunitel.net> has joined #postfix
[15:04:46] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has joined #postfix
[15:09:45] *** hugoShaka <hugoShaka!~hugoShaka@51.15.10.95> has left #postfix ("Bye")
[15:15:40] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix
[15:19:26] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Client Quit)
[15:20:17] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix
[15:21:43] *** u435607 <u435607!~u435607@ip-84-118-211-178.unity-media.net> has joined #postfix
[15:30:38] <u435607> hi, I would like to run postfix working as a outbound email only server on a high port such as 1025 using regular non root account. Would that be possible?
[15:31:21] *** kingkong <kingkong!~Admin@shellium/member/kingkong> has quit IRC (Quit: www.ChatQ.Net New Style Chat Site)
[15:31:38] *** kingkong <kingkong!~Admin@chatq.net> has joined #postfix
[15:31:38] *** kingkong <kingkong!~Admin@chatq.net> has quit IRC (Changing host)
[15:31:38] *** kingkong <kingkong!~Admin@shellium/member/kingkong> has joined #postfix
[15:45:05] <rob0> 1. No, Postfix design requires root.  2. Who is going to accept your mail on port 1025?
[15:45:22] <rob0> sorry, gtg afk now
[15:51:57] *** ogny <ogny!~orkun@unaffiliated/ogny> has quit IRC (Ping timeout: 264 seconds)
[15:54:35] <u435607> rob0: I will send email from few local machines, and they would talk to SMTP server directly to the high port. From there my postfix would talk other remote servers accordingly. I do not plan to receive email to this server from the Internet
[16:04:08] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 240 seconds)
[16:22:50] <JPT> !nullclient
[16:22:50] <knoba> JPT: "nullclient" : (#1) a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details., or (#2) See http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client
[16:23:06] <JPT> u435607: Maybe that nullclient thingy is interesting to you
[16:23:23] <JPT> !nullclient_software
[16:23:23] <knoba> JPT: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include msmtp, esmtp, ssmtp and nullmailer. also see !msa
[16:26:56] *** jay0322__ <jay0322__!~jay0322@12.216.241.90> has joined #postfix
[16:27:13] <u435607> JPT: yes, this something what I am interested in. The only my problem is that I do not have root access on the DMZ machine (where I would like to start postfix)
[16:27:43] <u435607> !nullclient_software
[16:27:43] <knoba> u435607: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include msmtp, esmtp, ssmtp and nullmailer. also see !msa
[16:30:37] *** sebastienthiry1 <sebastienthiry1!~Thunderbi@91.176.195.122> has joined #postfix
[16:31:06] *** sebastienthiry <sebastienthiry!~Thunderbi@239.110-66-87.adsl-dyn.isp.belgacom.be> has quit IRC (Ping timeout: 272 seconds)
[16:31:06] *** sebastienthiry1 is now known as sebastienthiry
[16:48:27] *** masuberu <masuberu!~Masber@27.32.116.21> has joined #postfix
[16:50:00] <kmq>  so, based on my somewhat naïve assumption I added reject_unknown_helo_hostname to my smtpd_helo_restrictions
[16:51:08] <kmq> I have an access table so I can manually whitelists hosts that want to deliver with an nonexistant helo name, because expected not *everyone* to have a correct helo name
[16:52:10] <kmq> but now I had to whitelist apple because they try to deliver with an invalid helo hostname
[16:53:13] <kmq> that made me unsure, so I am asking: as of today, is that reject_unknown_helo_hostname still a valid strategy and this is just a case of apple being "too big to fail" to get away with it? Or am I misunderstanding something about to to best combat spam
[16:56:05] *** masuberu <masuberu!~Masber@27.32.116.21> has quit IRC (Ping timeout: 256 seconds)
[17:05:52] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has quit IRC (Remote host closed the connection)
[17:07:48] <lunaphyte> kmq: you've got it backwards
[17:08:17] <lunaphyte> did someone tell you that reject_unknown_helo_hostname was ever a valid strategy?
[17:08:36] <lunaphyte> don't conflate the ability to do it with it being a good idea ;)
[17:08:39] <kmq> No, I tried to apply my brain to the postfix documentation
[17:08:55] <kmq> possible that I missed something
[17:09:04] <lunaphyte> i don't think you missed anything
[17:09:06] <kmq> so it's not ?
[17:09:31] <lunaphyte> it's there, were you to want it.  that doesn't mean it should be used.  a model like that wouldn't work very well for software
[17:09:41] <lunaphyte> it has never been wise to use, and that hasn't changed
[17:10:17] <lunaphyte> yes, there can be edge cases.  that's why it's there
[17:10:17] <kmq> so what about reject_unknown_reverse_client_hostname
[17:10:37] <lunaphyte> maybe the better direction to go with this conversation is:
[17:10:44] <lunaphyte> !tell kmq warn_if_reject
[17:10:44] <knoba> kmq: "warn_if_reject" : a parameter that means: Change the meaning of the next restriction, so that it logs a warning instead of rejecting a request (look for logfile records that contain "reject_warning"). This is useful for testing new restrictions in a "live" environment without risking unnecessary loss of mail.
[17:11:35] <kmq> Well, what I am doing now, is I set all these parameters, and they are rejected with a 450
[17:11:44] <lunaphyte> use that, and then decide for yourself, for your circumstances/environment if each of the various restrictions you're curious about are appropriate
[17:12:10] <lunaphyte> i would use warn_if_reject.  not what you are doing now
[17:12:14] <kmq> and I get notified with a mail to postmaster@ if that happens. My site is small enough, and I am mostly online enough for that, to then whitelist a client
[17:13:48] *** ageis <ageis!~kevin@45.55.7.48> has quit IRC (Quit: ZNC - http://znc.in)
[17:13:55] <kmq> So I read this correctly: instead of rejecting with a temporary error, this would let the mail through, but issue a warning. In effect somewhat the opposite of what I am doing now
[17:14:28] <kmq> Thanks. I will give that a go.
[17:16:06] *** ageis <ageis!~kevin@45.55.7.48> has joined #postfix
[17:16:15] <rob0> u435607, a null client does not require root.  It's just like a MUA's sending part only.
[17:16:18] <rob0> !mua
[17:16:18] <knoba> rob0: "mua" : Mail User Agent: software used for mail message retrieval, commonly known as an email client, such as mutt, Evolution and Thunderbird
[17:16:36] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has quit IRC (Quit: ZNC - http://znc.in)
[17:18:56] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has joined #postfix
[17:23:36] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has quit IRC (Ping timeout: 260 seconds)
[17:25:59] *** ageis <ageis!~kevin@45.55.7.48> has quit IRC (Quit: i'm at https://cointel.pro)
[17:26:41] *** ageis <ageis!~kevin@cointel.pro> has joined #postfix
[17:27:46] *** fred_tv_ <fred_tv_!~fred_tv@93-46-196-134.ip109.fastwebnet.it> has joined #postfix
[17:30:57] *** fred_tv <fred_tv!~fred_tv@host242-32-static.242-95-b.business.telecomitalia.it> has quit IRC (Ping timeout: 264 seconds)
[17:33:57] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Ping timeout: 240 seconds)
[17:34:46] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[17:36:11] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix
[17:36:11] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)
[17:36:11] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix
[17:38:09] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 264 seconds)
[17:38:34] *** Gaaab <Gaaab!~Gaaab@host21-95-dynamic.49-82-r.retail.telecomitalia.it> has joined #postfix
[17:39:52] *** jay0322__ <jay0322__!~jay0322@12.216.241.90> has quit IRC (Quit: Going offline, see ya! (www.adiirc.com))
[17:40:18] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[17:41:09] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 264 seconds)
[17:43:45] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has joined #postfix
[17:45:18] *** jay0322__ <jay0322__!~jay0322@12.216.241.90> has joined #postfix
[17:46:11] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix
[17:53:45] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 264 seconds)
[18:03:26] *** jay0322__ <jay0322__!~jay0322@12.216.241.90> has quit IRC (Quit: Going offline, see ya! (www.adiirc.com))
[18:15:24] *** eelstrebor <eelstrebor!~eelstrebo@216.75.116.100> has joined #postfix
[18:35:41] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has joined #postfix
[18:39:13] <kmq> so lunaphyte the majority of mail that ends at my server that has an nonexistant HELO name is spam. Is the idea to let it through, let the spamfilter handle it, and maybe add the fact that the helo is incorrect into the spam score?
[18:39:40] <kmq> because otherwise I don't even need to use warn_if_reject if I am not going to do anything with it anyhow
[18:39:44] <lunaphyte> are you using postscreen?
[18:39:46] <kmq> yes
[18:40:06] <lunaphyte> and it's getting past it?
[18:40:13] <lunaphyte> i'd review my postscreen config first
[18:40:54] <lunaphyte> it's possible that connections with characteristics like that would make it by a well configured postscreen, but i'd also bit a little bit surprised
[18:41:28] <lunaphyte> anyway, if postscreen is well configured, then yes, let the content filter worry about those characteristics
[18:42:32] <kmq> I'll do that and review the postscreen readme and if I am not enlightened, I'll see if I can formulate a question
[18:43:05] <kmq> but, on a similar point, I am getting a surpsing amount of spam from correctly configured hosts that are not on any dnsbl
[18:44:28] <rob0> !warn_if_reject
[18:44:28] <knoba> rob0: "warn_if_reject" : a parameter that means: Change the meaning of the next restriction, so that it logs a warning instead of rejecting a request (look for logfile records that contain "reject_warning"). This is useful for testing new restrictions in a "live" environment without risking unnecessary loss of mail.
[18:45:12] <rob0> I think if you try warn_if_reject on your unknown helo restriction you will find a lot of non-spam matching it.
[18:46:20] <rob0> OTOH invalid and non-FQDN helo hostnames are safe to reject.
[18:48:59] *** impy <impy!~textual@ptr-g1zxlv2au7grcsl4tx4.18120a2.ip6.access.telenet.be> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
[18:50:21] <lunaphyte> my experience has been that invalid and non-fqdn helo hostnames are not safe to reject
[18:50:39] <lunaphyte> but that's the point, really.  decide for yourself
[18:55:08] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix
[18:58:07] *** jay0322__ <jay0322__!~jay0322@173-166-197-60-memphis.hfc.comcastbusiness.net> has joined #postfix
[19:01:35] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 248 seconds)
[19:14:47] <kmq> I guess I'll be a bit more careful with my tuning, and do some better measuring of each setting. Thanks for setting me in a better direction
[19:15:13] <lunaphyte> sure thing
[19:15:26] *** jay0322__ <jay0322__!~jay0322@173-166-197-60-memphis.hfc.comcastbusiness.net> has quit IRC (Quit: Going offline, see ya! (www.adiirc.com))
[19:17:40] *** sebastienthiry <sebastienthiry!~Thunderbi@91.176.195.122> has quit IRC (Read error: Connection reset by peer)
[19:19:13] *** sebastienthiry <sebastienthiry!~Thunderbi@91.176.195.122> has joined #postfix
[19:27:28] *** troys is now known as troys_
[19:35:04] *** sebastienthiry <sebastienthiry!~Thunderbi@91.176.195.122> has quit IRC (Quit: sebastienthiry)
[19:37:33] *** Eamon is now known as Ellenor
[19:53:19] *** MacWinner <MacWinner!~Blah@136.24.54.73> has quit IRC (Ping timeout: 248 seconds)
[19:56:13] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix
[20:05:01] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 255 seconds)
[20:07:57] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)
[20:08:24] *** troys_ is now known as troys
[20:09:05] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has quit IRC (Remote host closed the connection)
[20:09:06] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has quit IRC (Quit: Bye.)
[20:09:43] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has joined #postfix
[20:37:09] *** rsx <rsx!~rsx@ppp-46-244-250-142.dynamic.mnet-online.de> has quit IRC (Quit: rsx)
[20:45:12] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix
[20:53:18] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 272 seconds)
[21:11:37] *** cgt <cgt!~cgt@wikipedia/cgt> has joined #postfix
[21:16:17] *** Bliepo <Bliepo!~Bliepo@37.74.229.15> has joined #postfix
[21:16:37] <Bliepo> !getting _help
[21:16:37] <knoba> Bliepo: Error: "getting" is not a valid command.
[21:16:42] <Bliepo> !getting_help
[21:16:42] <knoba> Bliepo: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin
[21:19:43] <Bliepo> I have two questions. 1) If my mx records points to say mail.example.com, does my ptr record need to be example.com or mail.example.com (assume two different A records)? 2) Recently was forced to switch ISP and new ISP blocks port 25 inbound and outbound. Now I want to use my VPS as a relay, where can I find relevant docs (don't need to be spoonfed)?
[21:20:07] <lunaphyte> your ptr record has nothing to do with your mx record
[21:20:21] <lunaphyte> !tell Bliepo fcrdns
[21:20:21] <knoba> Bliepo: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost
[21:24:40] *** cgt <cgt!~cgt@wikipedia/cgt> has quit IRC (Quit: cgt)
[21:25:57] *** Gaaab <Gaaab!~Gaaab@host21-95-dynamic.49-82-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)
[21:27:07] *** Gaaab <Gaaab!~Gaaab@host21-95-dynamic.49-82-r.retail.telecomitalia.it> has joined #postfix
[21:27:32] <lunaphyte> for using your vps as mx and relay, see relay_domains and friends
[21:27:34] <Bliepo> Right, I think I got it as far as the PTR/reverse DNS goes. I can have subdomain mail.example.com with A record (IP) aaa.bbb.ccc.ddd, and the IP aaa.bbb.ccc.ddd could have a PTR record that says example.com - so I can use admin at example dot com without rejections - did I understand correctly like this?
[21:28:57] *** cgt <cgt!~cgt@wikipedia/cgt> has joined #postfix
[21:29:47] <Bliepo> I'll look into relay_domains, thanks for your help :-)
[21:39:38] *** nomeed <nomeed!~nomeed@p5B2E2431.dip0.t-ipconnect.de> has quit IRC (Quit: ZNC 1.6.5 - http://znc.in)
[22:10:27] <lunaphyte> Bliepo:
[22:10:30] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has quit IRC (Quit: Bye!)
[22:10:31] <lunaphyte> no.
[22:10:44] <lunaphyte> your a record needs to complement [e.g. "match"] your ptr record.
[22:10:51] <Bliepo> Ah yes, I just found it myself (like 30 seconds ago)
[22:11:23] * Bliepo simply looked up the MX record of his ISP as example and then checked the PTR of the resulting IP
[22:11:32] <lunaphyte> additionally, your server should answer with that same matching hostname when clients connect, and it should also announce itself with that same matching hostname when it connects to other servers
[22:11:59] <lunaphyte> and, on a side note, i'd encourage you to avoid "mail" for the hostname.
[22:12:07] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has joined #postfix
[22:12:11] <lunaphyte> instead, i'd use mta or msa, depending upon its role
[22:12:56] <Bliepo> I'm guessing "mail" is blacklisted faster?
[22:13:02] <lunaphyte> hmm?
[22:13:21] <lunaphyte> certain words are not blacklisted faster than other words, no.  why?
[22:13:35] <Bliepo> Well, you recommend to avoid using mail as hostname
[22:13:42] <lunaphyte> yes, and?
[22:13:59] <Bliepo> I wondered whether that was the reason for it
[22:14:05] <Bliepo> But seems not then
[22:14:07] <lunaphyte> oh
[22:14:15] <lunaphyte> in other words, "why"?
[22:14:22] <Bliepo> yeah
[22:14:29] <lunaphyte> oh, just ask that then.  it's less confusing
[22:14:37] <lunaphyte> mail is vague
[22:14:58] <Bliepo> Ah ok
[22:15:09] <Bliepo> That's true I suppose
[22:15:18] <lunaphyte> you'd likely use "mail" for every component of the system, and then were you to want to change one, you'd have to change them all [or such]
[22:15:53] <Bliepo> I'll use mta then, thanks for the suggestion
[22:15:59] <lunaphyte> sure thing
[22:16:12] <Bliepo> o/
[22:16:46] *** Bliepo <Bliepo!~Bliepo@37.74.229.15> has left #postfix ("Thanks for the kind help!")
[22:33:48] *** kingkong <kingkong!~Admin@shellium/member/kingkong> has quit IRC (Remote host closed the connection)
[22:38:09] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 264 seconds)
[22:43:07] *** MajPotatohead <MajPotatohead!~harold@47-41-60-159.dhcp.mtpk.ca.charter.com> has joined #postfix
[22:43:07] *** MajPotatohead <MajPotatohead!~harold@47-41-60-159.dhcp.mtpk.ca.charter.com> has quit IRC (Changing host)
[22:43:07] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has joined #postfix
[22:43:12] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[22:50:47] *** troys is now known as troys_
[22:55:11] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has quit IRC (Quit: Bye!)
[22:59:27] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has joined #postfix
[23:02:04] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has left #postfix
[23:14:21] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix
[23:18:57] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has quit IRC (Ping timeout: 240 seconds)
[23:19:14] *** kingkong <kingkong!antalya@chatq.net> has joined #postfix
[23:19:14] *** kingkong <kingkong!antalya@chatq.net> has quit IRC (Changing host)
[23:19:14] *** kingkong <kingkong!antalya@shellium/member/kingkong> has joined #postfix
[23:24:05] *** troys_ is now known as troys
[23:27:26] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has quit IRC (Quit: Leaving)
[23:27:32] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has joined #postfix

   December 16, 2017  
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >