December 17, 2018 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
December 17, 2018 [00:02:13] *** not_phunyguy <not_phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[00:04:37] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 246 seconds)[00:04:37] *** not_phunyguy is now known as phunyguy[00:08:41] *** migy <migy!~migy@static.59.240.9.5.clients.your-server.de> has quit IRC (Quit: migy)[00:08:53] *** migy <migy!~migy@static.59.240.9.5.clients.your-server.de> has joined #postfix[00:35:18] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[00:44:52] *** reiffert <reiffert!~foobar@p5DD75056.dip0.t-ipconnect.de> has quit IRC (Disconnected by services)[00:45:07] *** reiffert <reiffert!~foobar@pD9E42093.dip0.t-ipconnect.de> has joined #postfix[01:00:08] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 246 seconds)[01:06:11] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has joined #postfix[01:47:53] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[01:47:55] *** kermit <kermit!~zip55413@pdpc/supporter/bronze/kermit> has joined #postfix[01:49:09] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[01:58:49] *** rob <rob!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[01:58:50] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[01:59:13] *** rob is now known as Guest70618[02:07:18] *** MACscr <MACscr!~MACscr@c-98-215-100-46.hsd1.il.comcast.net> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[02:08:51] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 244 seconds)[02:09:53] *** Guest70618 <Guest70618!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 244 seconds)[02:28:42] *** dskull <dskull!~dskull@unaffiliated/daynaskully> has quit IRC (Ping timeout: 246 seconds)[02:29:52] *** dskull <dskull!~dskull@unaffiliated/daynaskully> has joined #postfix[03:02:40] *** jalalsfs_ <jalalsfs_!~jalalsfs@unaffiliated/jalalsfs> has joined #postfix[03:04:18] *** jalalsfs <jalalsfs!~jalalsfs@unaffiliated/jalalsfs> has quit IRC (Ping timeout: 250 seconds)[03:23:37] *** rob <rob!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[03:23:40] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[03:24:00] *** rob is now known as Guest89805[03:28:27] *** Guest89805 <Guest89805!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 240 seconds)[03:29:10] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 268 seconds)[03:31:47] *** nomeed <nomeed!~nomeed@p54A242FA.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 240 seconds)[03:33:09] *** nomeed <nomeed!~nomeed@p5B33B007.dip0.t-ipconnect.de> has joined #postfix[03:34:10] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has joined #postfix[03:36:59] *** gu1lle_1 <gu1lle_1!~Thunderbi@45-251-16-190.fibertel.com.ar> has joined #postfix[03:38:32] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)[03:38:32] *** gu1lle_1 is now known as gu1lle_[03:40:30] *** Olipro_ <Olipro_!~Olipro@2001:8b0:1111:1111:0:ffff:5102:7b06> has joined #postfix[03:40:30] *** Olipro_ <Olipro_!~Olipro@2001:8b0:1111:1111:0:ffff:5102:7b06> has quit IRC (Changing host)[03:40:30] *** Olipro_ <Olipro_!~Olipro@uncyclopedia/pdpc.21for7.olipro> has joined #postfix[03:42:57] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has quit IRC (Ping timeout: 252 seconds)[03:43:28] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[03:43:43] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[03:45:09] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has quit IRC (Quit: cemotyz09)[03:45:42] *** Olipro_ <Olipro_!~Olipro@uncyclopedia/pdpc.21for7.olipro> has quit IRC (Ping timeout: 252 seconds)[03:45:50] *** Olipro <Olipro!~Olipro@2001:8b0:14a7:1b24::1> has joined #postfix[03:45:51] *** Olipro <Olipro!~Olipro@2001:8b0:14a7:1b24::1> has quit IRC (Changing host)[03:45:51] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has joined #postfix[03:50:45] *** Olipro_ <Olipro_!~Olipro@6.123.2.81.in-addr.arpa> has joined #postfix[03:50:45] *** Olipro_ <Olipro_!~Olipro@6.123.2.81.in-addr.arpa> has quit IRC (Changing host)[03:50:46] *** Olipro_ <Olipro_!~Olipro@uncyclopedia/pdpc.21for7.olipro> has joined #postfix[03:51:12] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has quit IRC (Ping timeout: 252 seconds)[03:51:26] *** Olipro_ is now known as Olipro[03:52:19] *** not_phunyguy <not_phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[03:52:41] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 246 seconds)[03:53:10] *** not_phunyguy is now known as phunyguy[04:12:03] *** not_phunyguy <not_phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[04:14:07] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 240 seconds)[04:14:07] *** not_phunyguy is now known as phunyguy[04:15:55] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix[04:25:32] *** phoenixz <phoenixz!~quassel@mx1.capmegamail.com> has joined #postfix[04:27:23] *** andylavarre <andylavarre!~andy@mobile-107-107-60-219.mycingular.net> has quit IRC (Remote host closed the connection)[04:38:27] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[04:38:28] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[04:42:31] *** JPT <JPT!~jpt@classified.name> has quit IRC (Remote host closed the connection)[04:43:32] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 250 seconds)[04:43:32] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 250 seconds)[04:50:05] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 250 seconds)[04:50:17] *** JPT <JPT!~jpt@classified.name> has joined #postfix[04:51:42] *** jcarpenter2 <jcarpenter2!~rofl@2603:3016:1e89:8000:d8d:8442:d08f:5abf> has quit IRC (Read error: Connection reset by peer)[04:53:16] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[04:58:47] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 240 seconds)[05:03:56] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[05:11:47] *** MACscr <MACscr!~MACscr@c-98-215-100-46.hsd1.il.comcast.net> has joined #postfix[05:18:51] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[05:22:50] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.allophone.biz> has quit IRC (Quit: Ex-Chat)[05:45:46] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[05:45:52] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[05:50:46] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 246 seconds)[05:51:00] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 268 seconds)[05:52:59] *** rsx <rsx!~rsx@ppp-46-244-254-158.dynamic.mnet-online.de> has joined #postfix[06:13:07] *** pj <pj!~pj@centos/ops/pj> has quit IRC (Ping timeout: 268 seconds)[06:13:42] *** phoenixz <phoenixz!~quassel@mx1.capmegamail.com> has quit IRC (Remote host closed the connection)[06:25:04] *** pj <pj!~pj@centos/ops/pj> has joined #postfix[06:35:39] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has quit IRC (Ping timeout: 252 seconds)[06:41:33] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has joined #postfix[06:46:47] *** Blubberbop <Blubberbop!~quassel@mx1.capmegamail.com> has joined #postfix[06:57:04] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[06:57:05] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[06:57:40] *** TheFatherMind- <TheFatherMind-!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix[07:00:57] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 250 seconds)[07:01:49] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 246 seconds)[07:01:49] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 246 seconds)[07:04:14] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Quit: Goodbye cruel world!)[07:14:01] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[07:14:16] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has quit IRC (Read error: Connection reset by peer)[07:23:23] *** jalalsfs_ is now known as jalalsfs[07:56:09] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[08:09:41] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[08:09:42] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[08:11:26] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has quit IRC (Read error: Connection reset by peer)[08:11:43] *** Olipro <Olipro!~Olipro@6.123.2.81.in-addr.arpa> has joined #postfix[08:11:44] *** Olipro <Olipro!~Olipro@6.123.2.81.in-addr.arpa> has quit IRC (Changing host)[08:11:44] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has joined #postfix[08:14:39] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 244 seconds)[08:14:39] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 244 seconds)[08:15:15] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[08:15:16] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[08:18:39] *** stenrose <stenrose!~martin@2a01:2b0:301d:100:5536:d132:c7b5:6e89> has quit IRC (Remote host closed the connection)[08:19:00] *** stenrose <stenrose!~martin@2a01:2b0:301d:100:142b:cad2:12a:8696> has joined #postfix[08:39:13] *** hipodilski <hipodilski!~hipo@pc-freak.net> has quit IRC (Ping timeout: 245 seconds)[08:41:00] *** hgnoel1980 <hgnoel1980!~hgnoel198@host81-143-199-121.in-addr.btopenworld.com> has quit IRC (Ping timeout: 250 seconds)[08:50:45] *** free_beer <free_beer!~free@gatekeeper01.ports.se> has joined #postfix[09:04:05] *** Cru <Cru!~mindwarp@195.149.81.215> has joined #postfix[09:13:09] *** hipodilski <hipodilski!~hipo@pc-freak.net> has joined #postfix[09:14:59] *** terp <terp!~terp@77.68.214.134> has joined #postfix[09:25:23] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[09:43:02] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix[09:45:08] *** TheFatherMind- <TheFatherMind-!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 250 seconds)[10:12:53] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[10:13:04] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[10:19:01] *** hgnoel1980 <hgnoel1980!~hgnoel198@host81-133-248-37.in-addr.btopenworld.com> has joined #postfix[10:30:16] *** rjsalts_ <rjsalts_!~rjsalts@green.spectralmud.org> has joined #postfix[10:30:43] *** rjsalts <rjsalts!~rjsalts@green.spectralmud.org> has quit IRC (Read error: Connection reset by peer)[11:09:42] *** qwertyboiii <qwertyboiii!52a3a3a0@gateway/web/freenode/ip.82.163.163.160> has joined #postfix[11:13:41] *** qwertyboiii <qwertyboiii!52a3a3a0@gateway/web/freenode/ip.82.163.163.160> has left #postfix[11:13:54] *** qwertyboiii <qwertyboiii!52a3a3a0@gateway/web/freenode/ip.82.163.163.160> has joined #postfix[11:14:29] *** qwertyboiii <qwertyboiii!52a3a3a0@gateway/web/freenode/ip.82.163.163.160> has quit IRC (Client Quit)[11:24:42] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[11:25:41] *** cite <cite!~cite@mnemosyne.incertum.net> has quit IRC (Remote host closed the connection)[11:29:51] *** cite <cite!~cite@mnemosyne.incertum.net> has joined #postfix[11:45:29] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[11:51:37] *** DK2 <DK2!~DK2@rs000042.fastrootserver.de> has joined #postfix[11:51:53] <DK2> when sending mails to one specific recipient i get: encryption rule based rejected TLS required[11:52:15] <DK2> and the mail gets rejected, this is the only recpient where i cannot deliver mails, any ideas?[12:06:07] <tuxick> sounds broken[12:06:28] <Alver> Maybe they have their cipher settings too strict/high?[12:12:41] *** giesen <giesen!~ggiesen@ego.giesen.me> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[12:14:16] *** giesen <giesen!~ggiesen@ego.giesen.me> has joined #postfix[12:16:12] *** elenril <elenril!~elenril@tutturu.red.khirnov.net> has joined #postfix[12:19:54] <elenril> hi[12:20:08] <Syndrom> hi elenril[12:20:16] <elenril> what's the optimal/recommended/bestest way to blacklist one specific sender in a postfix+amavis setup[12:22:39] <rob0> uh, there is no clear answer to that without knowing some context[12:22:47] <rob0> it could be[12:22:56] <rob0> !check_sender_access[12:22:56] <knoba> rob0: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.[12:24:06] <rob0> ... but blocking by sender address is usually not ideal, can be evaded, or can block the wrong stuff[12:24:36] <elenril> the context is: i'm getting nontrivial amounts of spam that is targeted at me and does not look like common carpet-bomb spam[12:26:04] <elenril> yeah, i'm somewhat concerned about blocking too broadly[12:26:57] <elenril> but i suppose just filtering on envelope from for a specific scam domain shouldn't be too dangerous[12:28:42] <rob0> probably not, unless that isn't really a scam domain[12:32:07] <double-p> AOL? :)[12:32:17] <tuxick> sounds like amavis problem[12:32:57] <elenril> i mean who has ever seen a useful @gmail.com email[12:33:52] <rob0> haha[12:33:58] <double-p> :}[12:37:12] <rob0> Years ago, managing mail for a SMB (around 75 users I think) we experimented with domain blocking in DNS. Oops, we placed that control in the hands of a user/customer, a non-tech person. Said user got the clever idea that we'd never want to see mail from AOL, so he blocked aol.com.[12:37:53] <rob0> it was an awful mess, and indeed, there WERE customers of this firm which used AOL addresses.[12:50:49] <tuxick> comcast, way worse than even aol[12:51:18] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has joined #postfix[12:58:19] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[12:58:29] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[13:07:23] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[13:11:30] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[13:13:41] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[13:15:49] *** Stinger <Stinger!~arnas@92.61.33.111> has joined #postfix[13:16:20] *** Stinger <Stinger!~arnas@92.61.33.111> has left #postfix[13:16:52] *** mungustas <mungustas!~arnas@92.61.33.111> has joined #postfix[13:17:06] <mungustas> http://www.postfix.org/postconf.5.html#smtp_tls_connection_reuse[13:17:11] <mungustas> This feature is available in Postfix 3.4 and later.[13:17:39] <mungustas> http://www.postfix.org/announcements.html November 24, 2018: Postfix stable release 3.3.2, and legacy releases 3.2.7, 3.1.10, 3.0.14.[13:18:56] <mungustas> it means there's no stable version yet for v3.4 ?[13:19:58] <rob0> 3.4.0 is due to be released in Q1 2019. Usually Feb/Mar.[13:20:11] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[13:20:29] <rob0> snapshots have been available all along since 3.3.0[13:20:51] <mungustas> mhm okay so if I want this functionality #smtp_tls_connection_reuse I would need to compile from source, correct?[13:22:21] <rob0> I doubt you'll see any distributors providing 3.4 soon, especially the ones who cling to the gimmick of "old software is better".[13:22:45] <rob0> !install[13:22:45] <knoba> rob0: "install" : http://www.postfix.org/INSTALL.html documents installation of Postfix from source code. If using a third-party distributed package, see your distributor's documentatation as well.[13:23:08] <Alver> The main question is usually "is this one feature worth maintaining and patching a build from source"[13:23:11] <rob0> Fortunately building from source is not difficult.[13:23:17] <Alver> The answer is very rarely yes, but there are some cases[13:23:28] <mungustas> Alver: yeah that's what I am thinking ;)[13:23:37] <rob0> good point, and in this case I would think it's not worth it[13:23:46] <mungustas> metoo[13:23:59] <mungustas> I would wait for GA release[13:26:51] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[13:28:27] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has joined #postfix[13:32:42] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[13:48:26] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has quit IRC (Quit: cemotyz09)[13:54:01] <DK2> so i have a email server @example.com, however i want to have an specific email adress test at example dot com to be send by another mailserver is that possible?[13:57:30] <Alver> Only one specific address? I don't think so, no[13:59:16] <DK2> or can i say, enable tlsv1 for a specific sender from my domain while disallow it for others?[14:00:00] <Kelsar> my dist has 3.4 packages allready :) won't use them just yet ofc[14:00:17] <DK2> the problem i have is i have a specific app that needs to have tlsv1 to send mails but having tlsv1 enabled gives me rejections on few mailservers thus mails not being delivered[14:00:35] <DK2> i wont be able to update the app this year to be able to not need tlsv1 anymore[14:03:48] <rob0> The question is unclear, and the followups have made it less so. You'd probably have to try to describe the problem and goal more completely. Also,[14:03:53] <rob0> !getting_help[14:03:53] <knoba> rob0: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[14:04:03] <Alver> ... yes, I'm starting to get very confused about the actual problem[14:05:21] <rob0> "having tlsv1 enabled gives me rejections", how was this determined?[14:05:56] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[14:06:22] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[14:06:44] <DK2> rob0: 554 5.7.10 encryption rule based rejected TLS required.[14:06:56] <DK2> it rejects the mail because im having tlsv1 enabled[14:09:11] <rob0> You're saying, I think, that having tlsv1 enabled on your submission/smtpd is causing smtp(8) (outbound) rejections somehow, and that makes no sense to me at all.[14:09:46] <Alver> Unless *only* TLSv1 is enabled, which is indeed bad, this shouldn't happen[14:09:50] <Alver> ... or am I missing something vital here[14:10:03] <thumbs> no, DK2 is being obscure on purpose.[14:10:47] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix[14:11:29] <tuxick> looks like[14:12:02] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Quit: led_dark_1)[14:14:25] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[14:15:00] <DK2> thumbs: im not but it seems that specific mailserver is acting like that :([14:16:31] <rob0> so my understanding of what you're saying: that's correct?[14:18:13] <DK2> yes rob0[14:18:24] <DK2> the specific customer is using some sort of security mailrelay[14:18:56] <DK2> that seems to be rejecting mails because of my mx having tlsv1 allowed[14:19:20] <rob0> then perhaps you need to talk to whoever manages that "security mailrelay"[14:22:30] <Alver> Securitah![14:23:40] <tuxick> DK2: that still makes no sense[14:24:43] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[14:25:44] <DK2> well, anways if i setup a new mailserver for that specific inbox and set the correct spf-records it should work correct?[14:26:01] <blackflow> perhaps one should be more precise with versions. are we talking about TLSv1.x (so they want what, SSLv3?) or are we talking about TLSv1.0? Because a lot of places recommend allowing only 1.2 and 1.3 now[14:26:43] <rob0> you said "i want to have an specific email adress test at example dot com to be send by another mailserver"[14:26:59] <DK2> yes[14:27:17] <rob0> what does the "inbox" have to do with sending?[14:27:32] <rob0> there is no association[14:27:52] <DK2> im using swiftmailer to send/fetch mails so i need that inbox configured there[14:28:32] <blackflow> I believe they mean the end user sending mail with From:test at example dot com, to have that mail sent via another server[14:28:40] <DK2> yes[14:28:54] <blackflow> which is purely in the domain of that end user's MUA configuration[14:29:14] <blackflow> as in, they define which "smtp" aka "outbound" server to use[14:29:14] <DK2> it doesnt matter which server is sending that mail aslong i have the correct spf record for that specific domain set or?[14:29:44] <blackflow> yes, if you're using SPF for a domain, you need to allow any server sending mail for that domain[14:30:39] <DK2> while the reply for that adress is being handled by the mx-records and it wont matter if its a different server than the one that sent the mail in the firstplace[14:31:49] <blackflow> correct, the MX of a domain can be a different server than the one that takes submits and sends mail to other MTAs[14:33:04] <blackflow> it's very much analogous to snail mail. you can insert your envelope into any of the "oubound" mail boxes on the streets, but when the mail arrives to your inbox, there's only that one inbox that receives for that address.[14:33:47] *** ALowther_ <ALowther_!~quassel@108.190.224.222> has joined #postfix[14:34:13] <rob0> The vast majority of email (both legit and spam) comes from outbound farms which are completely separate from inbound.[14:36:59] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)[14:38:54] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[14:40:20] <lunaphyte> every season, the spam starts out as small seedlings, which are typically grown in a precise temperature and humidity controlled environment. once the spam seedlings have been hardened off, they must be carefully transplanted to the farm's growing fields, one by one. the is a very labor intensive process for the farm[14:41:38] <lunaphyte> the spam is lovingly cultivated over the course of the growing season [this can vary geographically - warmer climates have much longer spam growing seasons]. once the spam has reached full maturity, it can be harvested. traditionally this was done by hand, but today, many larger operations use automated processes, machines called "bots", carefully harvest and process each spam plant, and prepare it for shipment from the farm[14:41:49] <rob0> 42 deg. C[14:42:32] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[14:43:16] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[14:44:27] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[14:46:06] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[14:46:44] <tuxick> i don't like spam![14:46:58] <spammy> :'([14:47:28] <rob0> now you have hurt spammy's feelings[14:47:37] <blackflow> I love it with some scrambled eggs.[14:50:03] <blackflow> mmmmmmh spam musubi with egg.[14:51:32] *** andylavarre <andylavarre!~andy@mobile-166-172-63-11.mycingular.net> has joined #postfix[14:55:50] <tuxick> :)[15:04:24] *** eugenmayer <eugenmayer!~Adium@p54A69CED.dip0.t-ipconnect.de> has joined #postfix[15:05:36] <eugenmayer> hello. I am trying to setup a multi-relay postfix server ( local mta ). I happened to configure sender_relay (user based), and sasl_passwd and "tls_per_site". It works if i have a server which does not require auth but fails when a server requires auth with "no mechanism available"[15:05:51] <eugenmayer> (am basically have a postfix smarthost only setup)[15:07:57] <lunaphyte> that would be an msa then. not an mta[15:08:01] <lunaphyte> !tell eugenmayer msa[15:08:01] <knoba> eugenmayer: "msa" : Message Submission Agent : a process which accepts message submissions from MUAs on port 587 known as 'message submission service' using the 'message submission protocol' defined by rfc4409. To enable message submission service in postfix uncomment the relevant lines in master.cf. also see !submission.[15:08:21] <lunaphyte> !tell eugenmayer getting_help[15:08:21] <knoba> eugenmayer: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[15:08:31] <eugenmayer> https://www.pastiebin.com/5c17adda0b32f[15:08:44] <lunaphyte> follow those instructions, and then we can try to help[15:09:16] <eugenmayer> !pastebin[15:09:16] <knoba> eugenmayer: "pastebin" : A pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, pastebin.ca, paste.ee, ptpb.pw, ix.io and many others. Please avoid ad-supported sites such as pastebin.com if possible.[15:10:03] <eugenmayer> !relevant_logs[15:10:03] <knoba> eugenmayer: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging[15:10:12] <eugenmayer> !show_config[15:10:12] <knoba> eugenmayer: "show_config" : see !showconfig[15:10:23] <eugenmayer> !showconfig[15:10:23] <knoba> eugenmayer: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[15:11:08] <eugenmayer> lunaphyte: https://dpaste.de/otuD[15:11:16] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:11:31] <lunaphyte> where's the rest?[15:11:54] <eugenmayer> its the logs and the config, did i forget somethign?[15:12:04] *** pdxleif13 <pdxleif13!~pdxleif@p7536217-ipngn34701marunouchi.tokyo.ocn.ne.jp> has joined #postfix[15:12:13] <rob0> the "no worthy mechs" warning is mentioned in:[15:12:16] <rob0> !soho[15:12:16] <knoba> rob0: "soho" : Small/home office hints and tips: http://www.postfix.org/SOHO_README.html[15:12:21] <lunaphyte> you forgot to follow the instructions[15:12:29] *** pdxleif13 <pdxleif13!~pdxleif@p7536217-ipngn34701marunouchi.tokyo.ocn.ne.jp> has quit IRC (Remote host closed the connection)[15:13:02] <rob0> in most cases it means you didn't install the Cyrus SASL mechanisms[15:13:27] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[15:13:31] <eugenmayer> hmm, i did not install it for sure if it is not a dependency of the postfix configuration @rob0[15:13:54] <lunaphyte> it's not a dependency. that would be awful[15:13:58] <lunaphyte> you install it if you need it[15:14:08] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[15:14:30] <eugenmayer> checking what i need to install then (debian stretch)[15:15:10] <eugenmayer> libsasl2-2 - Cyrus SASL - authentication abstraction library .. does that sound about right?[15:15:23] <lunaphyte> maybe[15:15:24] <lunaphyte> tias[15:15:47] <eugenmayer> that one is already installed. Ok checking the debian FAQ for that kind of thing[15:16:23] <eugenmayer> Just that i am sure, that all is needed for the postfix client, not the server, right?[15:16:26] <rob0> I am not a Debian user, but of course Debian users are always asking for help here, and IIRC the mechanisms are in separate packages.[15:16:43] <lunaphyte> they're not[15:16:58] <lunaphyte> other than third party mechanism that might be available[15:17:43] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[15:17:45] <eugenmayer> Ok i want to sure i did not confuse you. I have a password-less (relay network) based auth for the server side and then need to plain/login connect to a smarthost/satelite[15:17:57] <eugenmayer> And i got you wrong, that for the latter i need cyrus sasl?[15:18:24] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[15:18:31] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[15:19:03] <eugenmayer> i am reading https://wiki.debian.org/PostfixAndSASL right now, but i am not really sure that is for the Server part actually[15:19:34] <rob0> oh, ha, look at line 61[15:19:37] <jimpop> eugenmayer: my WAG is that you didn't install libsasl2-modules and libsasl2-modules-db[15:19:40] <rob0> !smtp_tls_wrappermode[15:19:40] <knoba> rob0: "smtp_tls_wrappermode" : Request that the Postfix SMTP client connects using the legacy SMTPS protocol instead of using the STARTTLS command.[15:19:50] <eugenmayer> it seems its sasl2-bin what i am missing[15:20:13] <eugenmayer> rob0: that "wrappermode" option is my second question ( especially when using tls_per_site .. )[15:20:35] <rob0> smtp_tls_wrappermode ONLY makes sense when using a submissions/smtps relayhost[15:20:38] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[15:20:54] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[15:21:46] <rob0> it will break when trying to deliver mail to the Internet, because no mail exchangers are wrappermode[15:22:02] <eugenmayer> rob0: relayhost - here you refer to the "default" relayhost, right. The problem is, i did not set a relayhost and when i use "encrypt" in the tls_per_site, setting smtp_tls_security_level = none and smtp_tls_wrappermode=no .. it even fails to connect to the server using TLS[15:22:05] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[15:22:25] <eugenmayer> that was actually my second question, why, in tls per side mode, i am required to set those bost options for STARTTLS mode[15:22:45] <rob0> smtp_tls_security_level = none > yes, this disables TLS for smtp[15:23:15] <eugenmayer> yes, for the default relayhost, that is why i then use: smtp_tls_policy_maps = hash:/etc/postfix/tls_per_site=[15:23:24] <rob0> "smtp_tls_security_level = may", this is the more common setting people want[15:23:51] <eugenmayer> jimpop: both have been installed .. maybe its rather a chroot issue with /var/spool/postfix..[15:24:23] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Client Quit)[15:25:10] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[15:27:05] <eugenmayer> rob0: could you possibly answer on the question if cyrus sasl is needed for the outgoing authentication or the incoming authentication?[15:27:22] <lunaphyte> sasl can be used for either[15:28:27] <eugenmayer> thank you[15:28:37] <rob0> Cyrus can do either server or client SASL. Dovecot can only do server SASL, but is recommended for that.[15:28:49] *** [NoClan]GoAway_ <[NoClan]GoAway_!~NoClan@185.57.82.28> has joined #postfix[15:30:06] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@195.138.249.3> has quit IRC (Read error: Connection reset by peer)[15:31:39] <eugenmayer> sasl2-bin was missing, but i guess the next step will be fixing the chroot since i do not run it using systemd ( docker )[15:32:20] <lunaphyte> chrooting is unrelated to systemd[15:32:35] <lunaphyte> postfix used chrooting long before systemd was around[15:35:28] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[15:35:43] *** [NoClan]GoAway_ <[NoClan]GoAway_!~NoClan@185.57.82.28> has left #postfix[15:35:57] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@185.57.82.28> has joined #postfix[15:42:54] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[15:44:04] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[15:47:58] *** qgTG <qgTG!~qgTG@unaffiliated/qgtg> has quit IRC (Ping timeout: 245 seconds)[15:53:56] <jimpop> help me understand something... 103.114.107.123 sent out a bunch of spam this AM, using a domain of mine, and all I got for christmas was blowback.[15:54:47] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:54:56] <jimpop> do people actually continue to accept said spam well after the IP has been globally listed?[15:55:19] <lunaphyte> all of the above?[15:55:35] <jimpop> whew, at least it's not 42[15:55:59] <lunaphyte> assuming people are responsibly and use blacklists is probably a fool's errand[15:56:34] <jimpop> that sentence hurts my brain, but i do get your point[15:57:28] <lunaphyte> oopsies[15:57:32] <lunaphyte> *responsible[15:58:32] <lunaphyte> also, lots of mail gets delivered and processed before sources get blacklisted. it happens a lot, unfortunately. so it's not surprising at all that you'd get backscatter and then see it's a listed source[16:05:00] <jimpop> well that just seems ass-backwards from what would be best. ;-)[16:06:59] <jimpop> it is interesting however. There are like 5 enties in the world that accept anything, perpetually, just to send out a DMARC report to the domain holder.[16:07:47] <jimpop> the biggest culprit is antispamcloud.com[16:08:29] <jimpop> they alone are keeping email alive :-)[16:09:55] * jimpop is outa here[16:15:36] *** Vamp898 <Vamp898!c19e33fe@gateway/web/cgi-irc/kiwiirc.com/ip.193.158.51.254> has joined #postfix[16:21:31] *** magyar <magyar!~magyar@unaffiliated/magyar> has joined #postfix[16:31:46] *** karven <karven!~karven@152.167.193.199> has joined #postfix[16:33:05] *** eminencehc <eminencehc!~eminenceh@69.206.182.230> has joined #postfix[16:33:57] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[16:40:56] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.allophone.biz> has joined #postfix[16:42:37] *** Columbo0815 <Columbo0815!~Columbo08@HSI-KBW-109-192-087-081.hsi6.kabel-badenwuerttemberg.de> has quit IRC (Quit: Leaving)[17:03:10] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[17:07:58] *** Vamp898 <Vamp898!c19e33fe@gateway/web/cgi-irc/kiwiirc.com/ip.193.158.51.254> has quit IRC (Remote host closed the connection)[17:11:16] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[17:12:25] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[17:32:20] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has quit IRC (Read error: Connection reset by peer)[17:47:59] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[17:58:09] *** ezio <ezio!~ezio@unaffiliated/ezio> has left #postfix ("Leaving")[17:58:50] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[18:00:05] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[18:04:54] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[18:06:07] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[18:07:18] *** johnny56 <johnny56!~johnny56@unaffiliated/johnny56> has quit IRC (Ping timeout: 272 seconds)[18:10:24] *** gu1lle_ <gu1lle_!~Thunderbi@201.216.253.75> has joined #postfix[18:15:21] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has quit IRC (Quit: ZNC 1.7.1 - https://znc.in)[18:15:56] *** qgTG <qgTG!~qgTG@unaffiliated/qgtg> has joined #postfix[18:19:01] *** rsx <rsx!~rsx@ppp-46-244-254-158.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)[18:19:39] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has joined #postfix[18:20:29] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[18:24:06] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[18:25:23] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[18:27:20] *** eugenmayer1 <eugenmayer1!~Adium@pD95DA047.dip0.t-ipconnect.de> has joined #postfix[18:31:17] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[18:31:38] *** jalalsfs_ <jalalsfs_!~jalalsfs@unaffiliated/jalalsfs> has joined #postfix[18:32:09] <eugenmayer1> Hello (been there before). Still struggeling with my smarthost/sattelite setup (MSA) due to no mechanism available. I now installed cyrus sasl, its all in the chroot now but the message basically did not change at all. What to debug next?[18:34:14] *** jalalsfs <jalalsfs!~jalalsfs@unaffiliated/jalalsfs> has quit IRC (Ping timeout: 250 seconds)[18:34:58] <double-p> so it's not that smart?[18:35:58] *** plantroon <plantroon!~plantroon@91.236.69.232> has quit IRC (Ping timeout: 250 seconds)[18:36:56] <eugenmayer1> maybe rather iam not[18:37:39] <double-p> say intentions.. and likely to old pbin[18:37:47] *** hgnoel1980 <hgnoel1980!~hgnoel198@host81-133-248-37.in-addr.btopenworld.com> has quit IRC (Ping timeout: 240 seconds)[18:38:44] <eugenmayer1> when postfix tries to authenticate with the remote SMTP using plain, do i find logs in the sasl implementation?[18:39:23] <double-p> sasl is about users, not MX[18:40:31] <double-p> or, you cannot directly pass an SASL auth from one MX to the next[18:40:32] <eugenmayer1> Not sure what you are refering to. My issue is, that the authentication fails because there is no "fitting mechanism" - what does this has to do with the MX record[18:41:02] <eugenmayer1> oh i guess you mean something else with MX?[18:41:10] <double-p> trying to sasl-auth an mx?[18:41:32] <double-p> i've no idea what you're trying to do in the first place[18:41:46] <eugenmayer1> !msa[18:41:46] <knoba> eugenmayer1: "msa" : Message Submission Agent : a process which accepts message submissions from MUAs on port 587 known as 'message submission service' using the 'message submission protocol' defined by rfc4409. To enable message submission service in postfix uncomment the relevant lines in master.cf. also see !submission.[18:42:25] * double-p eyes[18:42:38] <eugenmayer1> !pastebin[18:42:38] <knoba> eugenmayer1: "pastebin" : A pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, pastebin.ca, paste.ee, ptpb.pw, ix.io and many others. Please avoid ad-supported sites such as pastebin.com if possible.[18:42:57] *** rob__ <rob__!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 250 seconds)[18:42:57] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has quit IRC (Ping timeout: 250 seconds)[18:42:57] <eugenmayer1> https://dpaste.de/S5hp[18:43:38] <eugenmayer1> and when sending (with swaks) i get: https://dpaste.de/uepS[18:43:40] *** rob_ <rob_!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[18:43:40] *** rob <rob!~rob@5ED0E3DB.cm-7-1d.dynamic.ziggo.nl> has joined #postfix[18:44:04] *** rob is now known as Guest18518[18:45:43] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[18:45:59] *** ovrstorm <ovrstorm!~ovrstorm@air.raid.io> has quit IRC (Quit: We're sorry, your call cannot be dialed as completed ...)[18:46:17] *** ovrstorm <ovrstorm!~ovrstorm@air.raid.io> has joined #postfix[18:47:26] <eugenmayer1> postconf -Mf[18:47:33] <double-p> yeah[18:47:52] <eugenmayer1> https://dpaste.de/a4uV[18:48:03] *** plantroon <plantroon!~plantroon@91.236.69.232> has joined #postfix[18:49:49] <eugenmayer1> smtpd_sasl_type .. but is that for the incoming auth ( which i do not need ) or the outgoing?[18:49:52] <double-p> and who is this suppossed to work?[18:49:57] <double-p> how*[18:50:28] <eugenmayer1> well i cannot see the obvious, as you. Can you give me a hint?[18:51:39] <eugenmayer1> i guess, smptd is for the incoming auth[18:51:42] <rob0> !smtpd!=smtp[18:51:42] <knoba> rob0: "smtpd!=smtp" : Postfix smtpd_* and smtp_* configuration parameters have different meanings. smtpd_ = server and smtp_ = client, the server-side receives mail whilst the client-side sends mail. (smtpd = server = receives mail) (smtp = client = sends mail)[18:52:14] <eugenmayer1> yeah, thanks. Guessed that just right now. thanks for clarifying anyway[18:52:15] <double-p> guessbits you're hiding more in sender_relay[18:53:05] <eugenmayer1> sender relay is basically: <myfrom> smtp.strato.de:465[18:54:08] <double-p> basically it's saying "get off"[18:54:48] <eugenmayer1> sasl_passwd is https://dpaste.de/a88h[18:54:59] <rob0> Earlier you were sent to SOHO_README which would have led you to SASL_README.html#client_sasl_policy , and did you go through that? What came of it?[18:55:17] <double-p> 465.. meh[18:55:35] <rob0> Also, for :465 you're likely/certain to need wrappermode for that transport[18:55:48] <eugenmayer1> and tls_per_site: smtp.strato.de:465 encrypt[18:55:57] *** kiokoman <kiokoman!~kiokoman@mail.trmultiservice.com> has quit IRC (Ping timeout: 250 seconds)[18:56:18] <eugenmayer1> rob0: it set[18:56:18] <eugenmayer1> postconf -n | grep wrap[18:56:18] <eugenmayer1> smtp_tls_wrappermode = yes[18:56:19] <double-p> strato is fine with tls-submission. kill this 465 crap[18:56:51] <rob0> yes[18:57:27] <eugenmayer1> sorry i cannot follow you both ;/ Hard times to keep up.[18:57:33] <rob0> 17:56 < double-p> strato is fine with tls-submission. kill this 465 crap[18:57:48] <eugenmayer1> i am not sure what is mean by "kill this 465 crap"[18:58:03] <rob0> !submission[18:58:03] <knoba> rob0: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[18:58:13] <rob0> use 587 with STARTTLS[18:58:26] <double-p> knoba: tellme![18:58:37] <rob0> It's difficult to mix direct-to-MX with a submissions relay[18:58:54] <rob0> can't be done without a wrappermode transport[18:59:12] <eugenmayer1> according to https://www.strato.com/faq/en_us/product/the-strato-email-server/[18:59:23] <eugenmayer1> i have to pick 465 for TLS[18:59:49] <double-p> as a user[18:59:51] <double-p> oh wow[19:00:08] <eugenmayer1> since i am using smarthost, that is what i am doing.[19:01:01] <rob0> $ telnet smtp.strato.de 587[19:01:05] <rob0> ...[19:01:06] <rob0> 250-STARTTLS[19:01:27] <double-p> rob0: EHLO .. and postscreen?[19:01:38] <rob0> hm?[19:01:59] <double-p> rob0: postscreen is a thing :)[19:02:00] *** kiokoman <kiokoman!~kiokoman@mail.trmultiservice.com> has joined #postfix[19:02:20] * rob0 perhaps has heard of it[19:02:55] <double-p> rob0: but this rook wont plain "telnet" might give false impressions :)[19:02:55] <rob0> Strato is not using Postfix. And only a fool would put postscreen on submission.[19:03:10] <double-p> oh[19:03:14] <double-p> point taken[19:05:16] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 268 seconds)[19:08:44] *** hgnoel1980 <hgnoel1980!~hgnoel198@host81-143-199-121.in-addr.btopenworld.com> has joined #postfix[19:11:04] *** johnny56 <johnny56!~johnny56@unaffiliated/johnny56> has joined #postfix[19:12:14] <eugenmayer1> sovled it, thank you.[19:12:57] <double-p> oh best[19:13:30] * double-p of pfroplem - solved it - how - "never came back"[19:14:56] <eugenmayer1> double-p: seriously, you neither have been interested in the problem in the first place, nor in a solution. And that is fine, i am not here paying you for support. But i am not sure why you consider that i should re-explain you what it fixed.[19:15:38] <double-p> ok[19:15:45] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has quit IRC (Ping timeout: 252 seconds)[19:17:05] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has joined #postfix[19:17:36] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[19:17:47] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[19:20:27] <eugenmayer1> i was yet not aware about the deprecation of 465 and the term submission, i have read about it here https://serverfault.com/a/605730/281162 .. thank you for pointing that out[19:21:24] <eugenmayer1> that said, strato is actually publishing docs for something deprecated, while they already offer 587 too. Not sure what the reasons are, but i guess they have higher support traffic due to people behind company fw not able to contact 587 whatever[19:21:56] <eugenmayer1> Is SSL completely dropped on 587? So basically it's TLS only?[19:22:46] *** random_yanek <random_yanek!~random_ya@host-89-230-175-0.dynamic.mm.pl> has quit IRC (Ping timeout: 250 seconds)[19:23:02] <lunaphyte> that's not anything specific to email nor postfix, nor anything else[19:23:41] <double-p> eugenmayer1: yay..[19:24:15] *** jalalsfs_ is now known as jalalsfs[19:24:39] <lunaphyte> eugenmayer1: ssl has been prohibited for more than 3 years, irrespective of the context.[19:29:44] <rob0> 465 actually has been "undeprecated" since early this year,[19:29:48] <rob0> !submissions[19:29:48] <knoba> rob0: "submissions" : RFC 8314 renames the old smtps port, 465/tcp, to submissions, with implicit TLS rather than explicit STARTTLS via a plaintext TCP connection. Postfix can implement submissions with a separate smtpd(8) listener with "-o smtpd_tls_wrappermode=yes". See the commented example for "smtps" in master.cf.[19:29:57] <eugenmayer1> is there a way to define smtp_tls_wrappermode=yes per relay? it seems like i could not use smtp_tls_wrappermode=no when one is no auth.. i get "warning: smtp_tls_wrappermode requires "smtp_tls_security_level = encrypt" (or stronger)" .. so basically mixing TLS and non tls[19:30:15] <lunaphyte> eugenmayer1: use a transport per relay[19:30:27] <rob0> yes, I sort of answered that also[19:31:00] <rob0> that's what a "wrappermode transport" means[19:32:59] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[19:34:47] *** random_yanek <random_yanek!~random_ya@host-89-230-171-191.dynamic.mm.pl> has joined #postfix[19:36:39] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has quit IRC (Ping timeout: 252 seconds)[19:38:57] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has joined #postfix[19:43:12] <eugenmayer1> lunaphyte: i did that https://dpaste.de/7uef[19:43:56] <eugenmayer1> you cannot do that with wrappermode = yes[19:43:58] <double-p> m([19:44:26] <lunaphyte> huh?[19:44:45] <lunaphyte> i'm not sure why you think that pastebin equates to "i did that", but rest assured, it does not[19:44:46] <double-p> cleanup/smtp gives a-much[19:45:26] <rob0> You would have to create a wrappermode transport in master.cf[19:47:21] <rob0> "smtpwrap ... <stuff here> ... -o smtp_tls_wrappermode=yes -o smtp_tls_security_level=encrypt"[19:47:48] <rob0> 17:58 < rob0> It's difficult to mix direct-to-MX with a submissions relay[19:55:14] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)[20:01:21] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[20:01:32] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[20:03:23] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[20:11:06] <eugenmayer1> rob0: lunaphyte thank you[20:11:38] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@185.57.82.28> has quit IRC (Read error: Connection reset by peer)[20:19:47] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[20:19:58] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[20:20:27] *** random_yanek <random_yanek!~random_ya@host-89-230-171-191.dynamic.mm.pl> has quit IRC (Quit: random_yanek)[20:21:07] *** random_yanek <random_yanek!~random_ya@host-89-230-171-191.dynamic.mm.pl> has joined #postfix[20:21:08] *** random_yanek <random_yanek!~random_ya@host-89-230-171-191.dynamic.mm.pl> has quit IRC (Max SendQ exceeded)[20:22:42] *** random_yanek <random_yanek!~random_ya@host-89-230-171-191.dynamic.mm.pl> has joined #postfix[20:26:00] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@185.57.82.28> has joined #postfix[20:36:31] *** chkbsd <chkbsd!~ucio@2a03:4000:6:374::5> has joined #postfix[20:36:31] *** chkbsd <chkbsd!~ucio@2a03:4000:6:374::5> has quit IRC (Changing host)[20:36:31] *** chkbsd <chkbsd!~ucio@unaffiliated/ucio> has joined #postfix[20:44:53] *** zapata <zapata!~zapata@2a02:b18:581:10:e8dc:43ed:6f34:b13a> has quit IRC (Quit: WeeChat 2.3)[21:07:26] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[21:08:41] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[21:13:09] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has quit IRC (Quit: Leaving.)[21:13:12] *** ALowther_ <ALowther_!~quassel@108.190.224.222> has quit IRC (Read error: Connection reset by peer)[21:16:58] *** ntd <ntd!~ntd@gateway/tor-sasl/ntd> has joined #postfix[21:17:14] *** ntd <ntd!~ntd@gateway/tor-sasl/ntd> has quit IRC (Remote host closed the connection)[21:17:34] *** ntd <ntd!~ntd@gateway/tor-sasl/ntd> has joined #postfix[21:21:54] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[21:22:29] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Quit: ]SiB[)[21:23:10] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[21:23:11] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[21:30:19] *** edux__ <edux__!~edux@190.247.36.76> has joined #postfix[21:31:57] *** mezgani <mezgani!~Justice4A@41.249.138.103> has joined #postfix[21:33:15] *** edux__ <edux__!~edux@190.247.36.76> has quit IRC (Remote host closed the connection)[21:35:38] <mezgani> how can I find a mail services which permit me to send and receive mails[21:36:04] <lunaphyte> what's the postfix question?[21:40:03] *** GumShoe <GumShoe!~IceChat9@ip24-56-20-131.ph.ph.cox.net> has joined #postfix[21:41:03] *** GumShoe <GumShoe!~IceChat9@ip24-56-20-131.ph.ph.cox.net> has left #postfix[21:46:30] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[21:47:46] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[21:54:43] *** mezgani <mezgani!~Justice4A@41.249.138.103> has quit IRC (Quit: Quitte)[22:04:42] *** eugenmayer1 <eugenmayer1!~Adium@pD95DA047.dip0.t-ipconnect.de> has quit IRC (Quit: Leaving.)[22:05:54] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[22:07:11] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[22:09:15] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[22:10:32] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[22:10:41] *** treehug88 <treehug88!~textual@pool-98-113-184-194.nycmny.fios.verizon.net> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[22:12:51] *** Olipro <Olipro!~Olipro@2001:8b0:14a7:1b24::1> has joined #postfix[22:12:52] *** Olipro <Olipro!~Olipro@2001:8b0:14a7:1b24::1> has quit IRC (Changing host)[22:12:52] *** Olipro <Olipro!~Olipro@uncyclopedia/pdpc.21for7.olipro> has joined #postfix[22:15:38] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has quit IRC (Quit: ZNC 1.7.1 - https://znc.in)[22:16:55] *** graphene <graphene!~graphene@46.101.134.251> has quit IRC (Remote host closed the connection)[22:18:11] *** graphene <graphene!~graphene@46.101.134.251> has joined #postfix[22:19:45] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has joined #postfix[22:21:18] *** ntd <ntd!~ntd@gateway/tor-sasl/ntd> has quit IRC (Quit: ntd)[22:27:15] *** anubani <anubani!~quassel@213.6.2.253> has quit IRC (Quit: No Ping reply in 180 seconds.)[22:30:20] *** anubani <anubani!~quassel@213.6.2.253> has joined #postfix[22:40:22] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[22:50:05] *** indy <indy!~indy@dsl-static-104.213-160-167.telecom.sk> has quit IRC (Quit: ZNC - http://znc.sourceforge.net)[22:55:04] *** indy <indy!~indy@dsl-static-104.213-160-167.telecom.sk> has joined #postfix[23:01:15] *** gislaved <gislaved!b9e814ce@gateway/web/cgi-irc/kiwiirc.com/ip.185.232.20.206> has quit IRC (Remote host closed the connection)[23:01:57] *** karven <karven!~karven@152.167.193.199> has quit IRC (Remote host closed the connection)[23:05:00] *** zapata <zapata!~zapata@2a02:b18:581:10:745c:839a:7b77:9261> has joined #postfix[23:29:51] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has quit IRC (Ping timeout: 252 seconds)[23:32:01] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has joined #postfix[23:33:15] *** gu1lle_ <gu1lle_!~Thunderbi@201.216.253.75> has quit IRC (Remote host closed the connection)[23:38:06] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has quit IRC (Ping timeout: 252 seconds)[23:39:23] *** rjsalts_ is now known as rjsalts[23:39:59] *** GumShoe <GumShoe!~IceChat9@ip24-56-20-131.ph.ph.cox.net> has joined #postfix[23:40:22] *** Penguin_ <Penguin_!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has joined #postfix[23:40:37] <GumShoe> Almost a year ago I broung up a new vm with centos 7 postfix dovecot and implemented virtual domains along with a cert from Let's Encrypt. I also configured postfixadmin and hapily creaded mailboxes and various domains. All was well. I'm still getting email in the virtual domains and addresses but I can't seem to login to postfixadmin.[23:40:53] <GumShoe> Somewhere about that time I implemented php-fpm pools for my http virtual hosts.[23:41:48] <GumShoe> I'm not positive but I may not have tested / logged in to postfixadmin after implementing php-fpm pools for several apache virtual hosts...[23:41:50] *** zapata <zapata!~zapata@2a02:b18:581:10:745c:839a:7b77:9261> has quit IRC (Quit: WeeChat 2.3)[23:42:15] <GumShoe> Are there any specific considerations for configuring postfixadmin with php-fpm pools?[23:42:23] <thumbs> !postfixadmin[23:42:23] <knoba> thumbs: "postfixadmin" : used for managing email accounts through a web interface (http://high5.net/postfixadmin/). Further, this channel is for issues regarding postfix. For postfixadmin support, please try the postfixadmin mailing list or the postfixadmin channel.[23:43:29] <GumShoe> tried #postfixadmin channel no one had specific experience with php-fpm. I'll look elswhere....[23:46:00] <blackflow> ##php perchance[23:47:07] <GumShoe> @blackflow Thank your for that suggestion! :-)[23:52:16] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has quit IRC (Quit: ZNC 1.7.1 - https://znc.in)[23:54:39] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has joined #postfix[23:59:29] *** GNU\colossus <GNU\colossus!~colo@truschnigg.info> has quit IRC (Quit: Bye.)[23:59:38] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.allophone.biz> has quit IRC (Quit: Ex-Chat)