January 22, 2020 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 22, 2020 [00:05:33] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)[00:08:26] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has joined #postfix[00:17:49] *** aero-224 <aero-224!~aero-224@static30.beyonddata.net> has quit IRC ()[00:23:23] *** xelxebar <xelxebar!~xelxebar@gateway/tor-sasl/xelxebar> has quit IRC (Ping timeout: 240 seconds)[00:23:24] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[00:23:34] *** xelxebar_ <xelxebar_!~xelxebar@gateway/tor-sasl/xelxebar> has joined #postfix[00:24:09] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has joined #postfix[01:21:23] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 260 seconds)[01:48:20] *** jamiejackson <jamiejackson!c7df1efe@gateway/web/cgi-irc/kiwiirc.com/ip.199.223.30.254> has quit IRC (Remote host closed the connection)[01:58:15] *** shibboleth <shibboleth!~shibbolet@gateway/tor-sasl/shibboleth> has joined #postfix[02:20:10] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has quit IRC (Ping timeout: 265 seconds)[02:22:07] *** azwieg103 <azwieg103!~Thunderbi@66-168-56-10.static.mdsn.wi.charter.com> has quit IRC (Remote host closed the connection)[02:22:24] *** azwieg103 <azwieg103!~Thunderbi@66-168-56-10.static.mdsn.wi.charter.com> has joined #postfix[02:26:25] *** wings <wings!~wings@unaffiliated/wings> has quit IRC (Ping timeout: 258 seconds)[02:49:51] *** shibboleth <shibboleth!~shibbolet@gateway/tor-sasl/shibboleth> has quit IRC (Quit: shibboleth)[03:13:11] *** DocMAX <DocMAX!~DocMAX@x5f74248c.dyn.telefonica.de> has quit IRC (Ping timeout: 258 seconds)[03:17:40] *** DocMAX <DocMAX!~DocMAX@x5f740acd.dyn.telefonica.de> has joined #postfix[03:28:00] *** 07IADKJYA <07IADKJYA!~quassel@187.211.1.108> has joined #postfix[03:36:43] *** wings <wings!~wings@unaffiliated/wings> has joined #postfix[03:45:02] *** nyov <nyov!~nyov@unaffiliated/nyov> has quit IRC (Killed (weber.freenode.net (Nickname regained by services)))[03:45:09] *** nyov <nyov!~nyov@unaffiliated/nyov> has joined #postfix[03:47:34] *** azwieg103 <azwieg103!~Thunderbi@66-168-56-10.static.mdsn.wi.charter.com> has quit IRC (Quit: azwieg103)[03:55:06] *** SpydarOO7 <SpydarOO7!spydar007@unaffiliated/spydar007> has quit IRC (Remote host closed the connection)[03:55:33] *** DJ-ArcAngel <DJ-ArcAngel!arcangel@heimdall.nixsec.org> has quit IRC (Ping timeout: 250 seconds)[03:55:44] *** vetru <vetru!~vetru@gateway/tor-sasl/vetr> has quit IRC (Ping timeout: 240 seconds)[03:56:03] *** xelxebar_ <xelxebar_!~xelxebar@gateway/tor-sasl/xelxebar> has quit IRC (Ping timeout: 240 seconds)[03:56:33] *** migy <migy!~migy@static.59.240.9.5.clients.your-server.de> has quit IRC (Ping timeout: 260 seconds)[03:57:14] *** r0kc4t <r0kc4t!~frosch@static.179.17.76.144.clients.your-server.de> has quit IRC (Ping timeout: 268 seconds)[03:57:14] *** ochristi <ochristi!~ochristi@chris.any.mx> has quit IRC (Ping timeout: 268 seconds)[03:57:31] *** foxxx0 <foxxx0!~fox@archlinux/trusteduser/foxxx0> has quit IRC (Ping timeout: 265 seconds)[04:09:59] *** xelxebar <xelxebar!~xelxebar@gateway/tor-sasl/xelxebar> has joined #postfix[04:11:56] *** vetru <vetru!~vetru@gateway/tor-sasl/vetr> has joined #postfix[04:13:54] *** vetru_ <vetru_!~vetru@gateway/tor-sasl/vetr> has joined #postfix[04:13:57] *** DJ-ArcAngel <DJ-ArcAngel!arcangel@heimdall.nixsec.org> has joined #postfix[04:14:03] *** petermolnar <petermolnar!~mail@alia.petermolnar.eu> has quit IRC (Ping timeout: 260 seconds)[04:14:42] *** vetru <vetru!~vetru@gateway/tor-sasl/vetr> has quit IRC (Remote host closed the connection)[04:15:09] *** petermolnar <petermolnar!~mail@alia.petermolnar.eu> has joined #postfix[04:15:19] *** migy <migy!~migy@static.59.240.9.5.clients.your-server.de> has joined #postfix[04:19:29] *** SpydarOO7 <SpydarOO7!spydar007@unaffiliated/spydar007> has joined #postfix[04:26:58] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has quit IRC (Ping timeout: 252 seconds)[04:27:10] *** ochristi <ochristi!~ochristi@chris.any.mx> has joined #postfix[04:27:28] *** r0kc4t <r0kc4t!~frosch@static.179.17.76.144.clients.your-server.de> has joined #postfix[04:36:22] *** foxxx0 <foxxx0!~fox@archlinux/trusteduser/foxxx0> has joined #postfix[04:41:39] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has joined #postfix[05:14:06] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.scb.ne.static.allophone.net> has quit IRC (Quit: Ex-Chat)[05:26:13] *** 07IADKJYA <07IADKJYA!~quassel@187.211.1.108> has quit IRC (Ping timeout: 268 seconds)[06:11:11] *** oculuxe <oculuxe!~oculux@128.127.104.80> has joined #postfix[06:11:40] *** oculux <oculux!~oculux@128.127.104.80> has quit IRC (Ping timeout: 268 seconds)[06:27:29] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has quit IRC (Remote host closed the connection)[06:40:58] *** PaulePan1er <PaulePan1er!~paul@mail.gw90.de> has joined #postfix[06:41:49] *** PaulePanter <PaulePanter!~paul@mail.gw90.de> has quit IRC (Ping timeout: 268 seconds)[06:41:49] *** treefrob <treefrob!~treefrob@pD9E2D8D6.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 268 seconds)[06:41:49] *** LordRyan <LordRyan!ryan@de1.hashbang.sh> has quit IRC (Ping timeout: 268 seconds)[06:41:49] *** max-m <max-m!~max-m@chrono.xqk7.com> has quit IRC (Ping timeout: 268 seconds)[06:41:55] *** InsterRandmNick <InsterRandmNick!~max-m@2a01:4f8:150:6153:beef::6667> has joined #postfix[06:41:57] *** deksar <deksar!~deksar@unaffiliated/deksar> has joined #postfix[06:42:35] *** treefrob <treefrob!~treefrob@pD9E2D8D6.dip0.t-ipconnect.de> has joined #postfix[06:42:41] *** LordRyan <LordRyan!ryan@de1.hashbang.sh> has joined #postfix[06:45:35] *** deni <deni!~deni@unaffiliated/deni> has quit IRC (Ping timeout: 268 seconds)[06:46:56] *** deni <deni!~deni@unaffiliated/deni> has joined #postfix[06:53:01] *** Ner0Zer0 <Ner0Zer0!~Ner0Zer0@87.253.63.54> has joined #postfix[07:14:00] *** led_dark_1 <led_dark_1!~Thunderbi@217.66.160.14> has quit IRC (Quit: led_dark_1)[07:17:41] *** led_dark_1 <led_dark_1!~Thunderbi@217.66.160.14> has joined #postfix[07:48:52] *** Xalys <Xalys!~ircusr@unix.xalys.nl> has joined #postfix[07:49:25] <Xalys> How are people monitoring high % of failed NOQUEUE: reject , e.g. table lookup problem? By parsing logs?[08:00:36] *** AssPirate <AssPirate!~AssPirate@unaffiliated/asspirate> has quit IRC (Quit: WeeChat 2.6)[08:08:10] *** rsx <rsx!~rsx@ppp-188-174-153-150.dynamic.mnet-online.de> has joined #postfix[08:18:05] *** Noti <Noti!~steffan@185.2.243.3> has joined #postfix[08:36:06] *** bolt <bolt!~r00t@unaffiliated/bolt> has quit IRC (Quit: telnet irc.freenode.net 6667)[08:41:37] *** bolt <bolt!~r00t@unaffiliated/bolt> has joined #postfix[08:49:35] *** d3lphi <d3lphi!~d3lphi@unaffiliated/d3lphi> has joined #postfix[08:52:46] <d3lphi> hi all. I have two MTA running (A) and (B). MTA (B) is the one connected to world and the MX which receives incoming email for my domain.Users of my domain composing new mails are created/delivered into (A) always and then relayed to (B) for sending them out to the wide world (and signing with DKIM on B).My goal and question is:[08:55:24] <d3lphi> I like to reject incoming external mails on (B) with sender=<mydomain.tld> because I know for sure this cannot be true.If I'd create a reject rule on (B) for this,I guess also the legitimate mails coming from (A) with sender=<mydomain.tld> would be rejected when hitting (B). Is there something I can do like: "reject all mails with sender=<mydomain at example dot tld> and not relayed from (A)" ?[08:56:07] *** kakv <kakv!uid415068@gateway/web/irccloud.com/x-shstwrhldjhvqupc> has quit IRC (Quit: Connection closed for inactivity)[08:58:37] <rudi_s> d3lphi: How are your users composing new mails? Do you use !submission or are they on a specific network?[08:58:41] <rudi_s> !submission[08:58:41] <knoba> rudi_s: Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[08:59:15] <d3lphi> rudi_s: they are on another groupware, only on host (A), not submission.[08:59:51] <rudi_s> Xalys: I look at logs when I change something relevant and have a cron job which looks for some errors in the logs.[09:00:02] <rudi_s> d3lphi: I have no idea what that means regarding to mail delivery.[09:00:36] <d3lphi> rudi_s: on (A) I run Kopano groupware and when a user composes a new mail it is delivered into postfix on port 25[09:00:39] <rudi_s> Where does the mail come from on A? Is it locally submitted, received via submission, somewhere from the net?[09:00:58] <d3lphi> rudi_s: kopano runs on the same machine (A) as postfix does[09:02:28] <rudi_s> d3lphi: So submitted on localhost? Then just use permit_mynetworks in your restrictions and include localhost in $mynetworks. This will permit all local mails and then your filter will only apply to remote mail.[09:03:18] <rudi_s> Ah, sorry, got confused. I meant add A to $mynetworks on B.[09:03:18] <d3lphi> yes. The kopano groupware process "kopano-spooler" submits the new message to the locally SMTP server on :25[09:03:40] <rudi_s> This will all mail sent to B via A will be considered "local" and accepted by permit_mynetworks.[09:03:54] <d3lphi> rudi_s: hey, you're right, I forgot about that. Well, my local subnet is already in $mynetworks. So I would just need to create a "reject" rule on (B) and that's it ?[09:04:21] <rudi_s> d3lphi: You still need the permit_mynetworks before your reject rule. But yes, then it should work.[09:05:07] <rudi_s> During testing you can use warn_if_reject in front of your reject rule and watch the logs.[09:05:15] <rudi_s> It will warn but not reject the mails.[09:06:09] <d3lphi> rudi_s: although I am aware of http://www.postfix.org/SMTPD_ACCESS_README.html#danger honestly said I mix it up and am not sure if understood correctly. So can you tell me if the desired reject rule should be put in "smtpd_sender_restriction" or "smtpd_client_restrictions" ? Don't understand the point of view/side[09:06:54] <d3lphi> rudi_s: thanks about the warn_if_reject, didnt know this. I used souftbounce in the past for testing purposes. need to read about this warn_if_reject directive, never heard of b4[09:08:51] <rudi_s> d3lphi: man 5 postconf | less -p warn_if_reject[09:09:22] <d3lphi> already reading on http://www.postfix.org/postconf.5.html#warn_if_reject[09:10:06] <rudi_s> d3lphi: $smtpd_sender_restriction, it applies to MAIL FROM; ($smtpd_client_restrictions is for general client restrictions).[09:11:06] <d3lphi> so I need to use it on smtpd_sender_restriction block, alright. Thank you so much rudi_s, you really was a big assistance/help for me.*thank you*[09:13:56] <rudi_s> d3lphi: You're welcome. - Note however, that this won't protect against fake "From"-headers. The envelope (MAIL FROM) is distinct from what is displayed in the mail client unless you enforce it with e.g. DKIM.[09:14:06] *** nutron <nutron!~nutron@unaffiliated/nutron> has quit IRC (Ping timeout: 265 seconds)[09:16:10] <d3lphi> rudi_s: can you have a quick look into this paste and tell me if it's ok like that, please? --> http://paste.debian.net/hidden/f9cfb5fd/[09:18:13] <Xalys> rudi_s: clear, so parsing logs would be the better way to go. No built-in stats?[09:20:11] <rudi_s> d3lphi: I think in access tables (man 5 access) you have to use WARN instead of WARN_IF_REJECT; otherwise looks fine.[09:20:17] <rudi_s> Xalys: AFAIK no[09:27:43] *** _ruben <_ruben!~ruben@2001:470:7c94:ffff:1ce:c01d:c0ca:c01a> has quit IRC (Remote host closed the connection)[09:28:00] *** _ruben <_ruben!~ruben@2001:470:7c94:ffff:1ce:c01d:c0ca:c01a> has joined #postfix[09:33:34] *** _ruben_ <_ruben_!~ruben@2001:470:7c94:ffff:1ce:c01d:c0ca:c01a> has joined #postfix[09:33:37] *** _ruben <_ruben!~ruben@2001:470:7c94:ffff:1ce:c01d:c0ca:c01a> has quit IRC (Remote host closed the connection)[09:35:07] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[09:39:31] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[09:40:06] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 268 seconds)[09:40:07] *** ]SiB[1 is now known as ]SiB[[10:22:49] <d3lphi> rudi_s: works like a charm! I have replaced WARN with REJECT now and testes afterwards again, perfect for blocking the RFC2821 part.[10:25:37] *** NonFree_ <NonFree_!NonFree@gateway/vpn/privateinternetaccess/jasjar> has joined #postfix[10:26:24] *** NonFree <NonFree!NonFree@gateway/vpn/privateinternetaccess/jasjar> has quit IRC (Ping timeout: 265 seconds)[10:33:04] <rudi_s> d3lphi: Nice ;-)[10:37:24] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[10:37:48] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Read error: Connection reset by peer)[10:38:22] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[10:41:13] *** v__ <v__!~v@host-149-154-210-198.dynamic.voo.be> has joined #postfix[10:42:04] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 265 seconds)[10:45:08] *** oculux <oculux!~oculux@79.142.76.244> has joined #postfix[10:45:27] *** oculuxe <oculuxe!~oculux@128.127.104.80> has quit IRC (Ping timeout: 265 seconds)[10:53:32] *** AssPirate <AssPirate!~AssPirate@unaffiliated/asspirate> has joined #postfix[11:05:34] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has joined #postfix[11:05:54] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has quit IRC (Read error: Connection reset by peer)[11:06:44] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has joined #postfix[12:05:08] *** vetru_ is now known as vetry[12:05:12] *** vetry is now known as vetru[12:15:22] *** section1 <section1!~section1@178.33.109.106> has joined #postfix[12:25:05] *** HumanG33k <HumanG33k!~HumanG33k@62.147.242.8> has joined #postfix[12:28:38] <d3lphi> is it suggested to remove all RBL entries from my main.cf because I use rspamd and the RBL module there? --> http://paste.debian.net/hidden/04469ccb/[12:40:14] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[12:40:45] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Read error: Connection reset by peer)[12:41:16] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[12:42:35] *** mrnewbie72 <mrnewbie72!~mrnewbie7@2.51.48.201> has quit IRC (Quit: Gateway shutdown)[12:45:03] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 260 seconds)[12:48:34] *** random_yanek <random_yanek!~random_ya@host-89-230-174-238.dynamic.mm.pl> has quit IRC (Ping timeout: 258 seconds)[12:49:44] *** Gaaab <Gaaab!~Gaaab@k2.ilion.info> has quit IRC (Remote host closed the connection)[12:50:22] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[12:51:20] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has joined #postfix[12:54:07] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[12:56:30] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Client Quit)[12:59:57] *** midipix <midipix!~midipix@mail.culturestrings.org> has quit IRC (Quit: ZNC 1.7.4 - https://znc.in)[13:04:49] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[13:05:07] *** midipix <midipix!~midipix@mail.culturestrings.org> has joined #postfix[13:05:31] *** random_yanek <random_yanek!~random_ya@host-89-230-172-230.dynamic.mm.pl> has joined #postfix[13:08:06] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 268 seconds)[13:08:07] *** ]SiB[1 is now known as ]SiB[[13:08:23] *** petermolnar <petermolnar!~mail@alia.petermolnar.eu> has quit IRC (Ping timeout: 260 seconds)[13:09:45] *** petermolnar <petermolnar!~mail@alia.petermolnar.eu> has joined #postfix[13:14:49] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[13:18:39] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has joined #postfix[13:19:12] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has quit IRC (Excess Flood)[13:19:45] *** v_ <v_!~v@host-149-154-210-198.dynamic.voo.be> has joined #postfix[13:20:46] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has joined #postfix[13:20:48] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has quit IRC (Client Quit)[13:22:08] *** v__ <v__!~v@host-149-154-210-198.dynamic.voo.be> has quit IRC (Remote host closed the connection)[13:23:29] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has joined #postfix[13:26:04] *** v_ <v_!~v@host-149-154-210-198.dynamic.voo.be> has quit IRC (Read error: Connection reset by peer)[13:27:29] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Quit: WeeChat 1.9.1)[13:30:00] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[13:31:17] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has joined #postfix[13:32:45] *** gfgdfgdfg4 <gfgdfgdfg4!~textual@2a03:7380:5400:9:a5b0:305d:a6:1010> has quit IRC (Remote host closed the connection)[13:36:31] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has joined #postfix[13:41:37] *** nutron <nutron!~nutron@unaffiliated/nutron> has joined #postfix[13:41:50] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[13:46:14] *** ]SiB[1 <]SiB[1!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[13:47:28] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 260 seconds)[13:47:34] *** ]SiB[1 is now known as ]SiB[[14:05:37] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has quit IRC (Ping timeout: 258 seconds)[14:33:00] <lunaphyte> d3lphi: i would not, no[14:36:08] <d3lphi> lunaphyte: can you explain the reason why keeping the RBL entries in main.cf, although the RBL module of rspamd is taking account into it, too and even before postfix ?[14:36:19] <lunaphyte> before postfix?[14:36:42] <lunaphyte> i would never ever put a content filter in front of postfix[14:36:48] <lunaphyte> that's silly[14:38:08] <d3lphi> lunaphyte: rspamd is integrated into postfix by milter. I'm not sure, but I thought that rspamd checks are taking place *before* postfix checks against the mentioned rbl lines in the particular sections. Please correct me if I'm wrong.[14:40:47] <lunaphyte> yup, i'm not a fan of milter content filters either[14:41:27] <lunaphyte> that aside, a proper postfix configuration will be doing dnsbl checks long before milter processing[14:41:37] <lunaphyte> !tell d3lphi postscreen[14:41:37] <knoba> d3lphi: SMTP triage server available since Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[14:41:52] <d3lphi> postscreen is already setup and in action :) but thank you[14:42:08] <d3lphi> and I really (!) like it because it's awesome[14:42:16] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has joined #postfix[14:43:38] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has quit IRC (Remote host closed the connection)[14:43:58] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has joined #postfix[14:44:32] <d3lphi> something quite different. There are some 4xx deferrals like "user mailbox full (quota)" or "domain not found (due to misspelling the mail address)". It is a pain in the ass to wait several days it takes to inform the sender that his message couldn't be delivered because of that reason. Is it safe and good advice to set "maximal_queue_lifetime" and "bounce_queue_lifetime" both to =1d for example ?[14:45:01] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has quit IRC (Client Quit)[14:47:37] <lunaphyte> who is the sender?[14:53:49] *** azwieg103 <azwieg103!~Thunderbi@66-168-56-10.static.mdsn.wi.charter.com> has joined #postfix[15:13:31] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Quit: WeeChat 1.9.1)[15:20:02] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[15:27:21] <d3lphi> lunaphyte: sender are me or my colleagues (our employees in the company)[15:41:07] <section1> hey guys ...trivial(maybe stupid but...) question ... have a postfix with virtual domains...when i send a mail from myacc at domain dot tld to noexist.mail at domain2 dot tld in the logs i don't se the line of sasl login...[15:42:37] <section1> still says starttls=1[15:42:51] <section1> sorry ehlo=2 starttls=1 auth=1 mail=1 rcpt=0/1 data=0/1 quit=1[15:43:28] <section1> but i don't see any line like .* sasl_method=PLAIN, sasl_username=.*[15:58:40] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has joined #postfix[16:00:13] <section1> but when the recipient is not in a virtual domain of that postfix i see the sasl line.[16:04:20] <lunaphyte> sounds like you don't have submission and mx service properly separated[16:05:52] <section1> but this happen always in submission[16:07:05] *** treefrob <treefrob!~treefrob@pD9E2D8D6.dip0.t-ipconnect.de> has quit IRC (Remote host closed the connection)[16:09:08] <section1> http://dpaste.com/3V4AEZF[16:09:18] <section1> only that lines print the log.[16:09:43] <section1> btw all is working but is strange that don't print the sasl line when the do auth.[16:09:49] <section1> they*[16:22:22] *** pj <pj!~pj@centos/ops/pj> has quit IRC (Ping timeout: 260 seconds)[16:37:30] *** pj <pj!~pj@centos/ops/pj> has joined #postfix[16:44:32] <lunaphyte> d3lphi: i would not be accepting mail submission for invalid domain names at all[16:45:12] <lunaphyte> for the quota deferrals, did the remote server return a 4xx?[16:46:54] <lunaphyte> section1: you're saying when a message is rejected by postfix because the user doesn't exist, you don't see an sasl log entry?[16:47:47] <section1> yes lunaphyte[16:48:23] <section1> the user doesn't exist in any of the virtual domians it host.[16:49:16] <section1> i can live with that...but got my attention.[16:50:06] <d3lphi> lunaphyte: yes, the remote server said "host said: 450 4.2.2 <foo at bar dot tld>: user is overquota (in reply to RCPT TO command)" I don't want to wait 5 days until get informed about this incident. Is it wise to reduce the queue_lifetimes to one day as mentioned earlier? what do you think?[16:55:31] <section1> d3lphi, you have access to the remote host ?[16:56:06] <section1> because i think that the mail got queued in the remote server.[16:59:18] <n_1-c_k> d3lphi, delay_warning_time might help you, see postconf(5)[16:59:25] <section1> oh no well not sure...about this...without logs[17:00:11] *** Noti <Noti!~steffan@185.2.243.3> has quit IRC (Quit: Konversation terminated!)[17:00:11] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[17:00:31] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has joined #postfix[17:01:11] <d3lphi> section1: of course not, no. I don't have access to remote SMTP servers :)[17:03:26] <section1> yeah ok..maybe is diferent in your case...in my case if someone for example from gmail sends a mail to my domain got queued like 5 days if have overquota..thats is good because maybe the user is stupid and don't clean the mailbox or don't ask for more quota.[17:03:51] <d3lphi> n_1-c_k: hm... that's not what I supposed to get in this scenario. Yes, the mail is stuck in queue and will try to get delivered within the default queue_time of 5 days. The chance that the mail is delivered tomorrow or in 3 days is very small in such a case where quota was reached at recipients side. I find it more useful to KILL that message and instantly inform the sender. He still has the option to[17:03:57] <d3lphi> retry if needed. BUt waiting 5 days is too long IMHO[17:14:10] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has joined #postfix[17:25:20] *** wonderworld <wonderworld!~wonderwor@ip-84-119-185-50.unity-media.net> has joined #postfix[17:37:19] *** sphex <sphex!~nobody@38.133.25.52> has quit IRC (Remote host closed the connection)[17:40:20] *** kakv <kakv!uid415068@gateway/web/irccloud.com/x-nogtcclbmseeyjon> has joined #postfix[17:44:43] <lunaphyte> d3lphi: if it were me, i wouldn't disregard the remote server's 4xx. they've asked it be treated as a temp error and tried again[17:44:51] <lunaphyte> why is it you think the user isn't getting notified?[17:46:06] <lunaphyte> d3lphi: as n1ck mentions, delay_warning_time is what i would use[17:47:57] <lunaphyte> sometimes, people do reduce queue lifetimes, and this can be ok [taken with a grain of salt], but generally, i'd suggest that while it can "be ok", it's really not likely actually needed or appropriate[17:48:20] <lunaphyte> i think logic you suggest is a bit incomplete[17:48:47] <lunaphyte> it seems like you are coupling killing the message with informing the sender. why?[17:49:04] <lunaphyte> the sender gets informed with delay_warning_time. why kill the message?[17:49:34] <lunaphyte> all you do then is make more work for people[17:50:33] <d3lphi> lunaphyte: so it seems I misunderstood the function of delay_warning_time ? what exactly does this do? just inform the sender that its message is still in queue and will be continued trying to reach the recipient within the next x days?[17:51:00] <lunaphyte> yes, exactly - just as described in the docs[17:59:43] <d3lphi> ok, I will keep the queue_lifetimes as they are and try to insert this delay_warning_time ... need to re-read the docs[18:00:56] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has joined #postfix[18:11:44] *** PaulePan1er is now known as PaulePanter[18:14:30] <kapil_> is this recommaned: https://sourceforge.net/projects/postfixadmin/[18:17:09] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[18:18:24] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[18:23:00] <d3lphi> lunaphyte: obviously I'm doing something wrong ... I have set delay_warning_time = 5m for testing it, saved the config, reloaded postfix and then executed a "postqueue -f". I see the retry of a message but after 5min the sender is not notified. The error code for that particular message is 450 4.1.2 Domain not found (misspelled recipient address)[18:27:58] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 268 seconds)[18:29:42] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.scb.ne.static.allophone.net> has joined #postfix[18:34:19] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has quit IRC (Remote host closed the connection)[18:37:20] <d3lphi> lunaphyte: I created a new message to the mail address I know it has "domain not found" issue because there is no MX entry for that domain. Now after about 8mins I received the warning message. But the mail.log showed lines like: "warning: [built-in]: zero result in delay template conversion of parameter "delay_warning_time_hours" and "warning: please reduce time unit "hours" of "delay_warning_time_hours"[18:37:26] <d3lphi> in delay template", what does that mean? currently I am using 5m[18:39:31] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has joined #postfix[18:41:48] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has quit IRC (Remote host closed the connection)[18:47:11] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has joined #postfix[18:57:44] *** azwieg103 <azwieg103!~Thunderbi@66-168-56-10.static.mdsn.wi.charter.com> has quit IRC (Remote host closed the connection)[19:29:52] *** jamiejackson <jamiejackson!c7df1efe@gateway/web/cgi-irc/kiwiirc.com/ip.199.223.30.254> has joined #postfix[19:36:49] <rob0> kapil_, it is recommended to try to describe what you want to accomplish before anyone can reasonably make any recommendations on what software to meet that goal.[19:37:41] <lunaphyte> [10.44.32] lunaphyte: d3lphi: i would not be accepting mail submission for invalid domain names at all[19:37:47] *** rsx <rsx!~rsx@ppp-188-174-153-150.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)[19:38:46] <rob0> As for the general quality of postfixadmin, it's a SQL frontend; the schema it uses doesn't particularly impress me.[19:39:02] *** sphex <sphex!~nobody@38.133.25.52> has joined #postfix[19:39:11] <rob0> and php means you've got all the php bugs along with it[19:54:07] *** tyzoid <tyzoid!~tyzoid@archlinux32/developer/tyzoid> has quit IRC (Ping timeout: 260 seconds)[19:55:02] *** tyzoid <tyzoid!~tyzoid@archlinux32/developer/tyzoid> has joined #postfix[19:59:48] *** section1 <section1!~section1@178.33.109.106> has quit IRC (Quit: Leaving)[20:02:39] <d3lphi> lunaphyte: don't understand what you mean. In that case I am sending a mail to some.domain at with-no-mx-entry dot nul[20:02:44] <d3lphi> not receiving[20:03:10] <lunaphyte> i'm not sure i understand[20:03:16] <lunaphyte> how could you be not receiving?[20:03:26] <lunaphyte> how else would postfix have a message to relay if it had not received it[20:03:54] <lunaphyte> postfix is mail server software. it merely routes mail it receives. it doesn't generate mail on its own[20:04:08] <lunaphyte> [no, we are not talking about administrative messages][20:10:26] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[20:28:02] *** gu1lle_ <gu1lle_!~Thunderbi@43-251-16-190.fibertel.com.ar> has joined #postfix[20:46:17] *** Ner0Zer0 <Ner0Zer0!~Ner0Zer0@87.253.63.54> has quit IRC (Ping timeout: 268 seconds)[20:47:27] *** shibboleth <shibboleth!~shibbolet@gateway/tor-sasl/shibboleth> has joined #postfix[21:08:31] *** jakesyl <jakesyl!sid56879@gateway/web/irccloud.com/x-imfrkcqtlszkuexz> has joined #postfix[21:08:39] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[21:09:42] *** n_1-c_k <n_1-c_k!~n_1-c_k@2a02:8010:63a6::70> has joined #postfix[21:32:34] *** DocMAX <DocMAX!~DocMAX@x5f740acd.dyn.telefonica.de> has quit IRC (Read error: Connection reset by peer)[21:44:49] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has joined #postfix[21:46:04] *** nsegkos <nsegkos!~Thunderbi@lfbn-ann-1-113-54.w86-220.abo.wanadoo.fr> has quit IRC (Client Quit)[22:12:44] *** slave_blocker <slave_blocker!~slave_blo@x4dbf4cc9.dyn.telefonica.de> has quit IRC (Remote host closed the connection)[22:16:13] *** gu1lle_ <gu1lle_!~Thunderbi@43-251-16-190.fibertel.com.ar> has quit IRC (Remote host closed the connection)[22:28:17] *** axisys <axisys!~axisys@unaffiliated/axisys> has joined #postfix[22:34:03] *** vetru <vetru!~vetru@gateway/tor-sasl/vetr> has quit IRC (Ping timeout: 240 seconds)[22:40:14] *** vetru <vetru!~vetru@gateway/tor-sasl/vetr> has joined #postfix[22:44:27] *** ghoti <ghoti!~paul@dhcp-108-168-13-54.cable.user.start.ca> has quit IRC (Ping timeout: 240 seconds)[22:46:13] *** ghoti <ghoti!~paul@dhcp-108-168-13-54.cable.user.start.ca> has joined #postfix[23:24:50] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has quit IRC (Quit: Leaving.)[23:36:35] *** neo5 <neo5!~Thunderbi@212-247-92-178.pool.ukrtel.net> has joined #postfix[23:38:27] *** neo4 <neo4!~Thunderbi@212-247-92-178.pool.ukrtel.net> has quit IRC (Ping timeout: 240 seconds)[23:38:27] *** neo5 is now known as neo4[23:53:45] *** ghoti <ghoti!~paul@dhcp-108-168-13-54.cable.user.start.ca> has quit IRC (Ping timeout: 268 seconds)[23:56:40] *** ghoti <ghoti!~paul@dhcp-108-168-13-54.cable.user.start.ca> has joined #postfix