October 10, 2013 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
October 10, 2013 [00:04:03] *** dylukes has joined #postfix[00:20:25] *** barmstro1g has joined #postfix[00:23:04] *** barmstro1g has quit IRC[00:32:07] *** hparker has quit IRC[00:33:34] *** freezey has quit IRC[00:34:16] *** robinho86 has left #postfix[00:35:48] *** eagles0513875 has quit IRC[00:35:48] *** eagles0513875 has joined #postfix[00:35:48] *** eagles0513875 has joined #postfix[00:39:37] *** davlefou_ has quit IRC[00:42:05] *** freezey has joined #postfix[00:42:35] *** dylukes has quit IRC[01:06:44] *** Motoko has quit IRC[01:08:20] *** gu1lle_ has quit IRC[01:12:11] *** _H33HaW has quit IRC[01:12:36] *** RootWyrm_ has joined #postfix[01:17:52] *** twb has joined #postfix[01:22:12] *** shinao1 has joined #postfix[01:23:41] *** RootWyrm_ has quit IRC[01:35:35] *** MaximusColourum has quit IRC[01:39:11] *** occup4nt has quit IRC[01:42:45] *** occupant has joined #postfix[01:52:59] *** freezey has quit IRC[01:59:11] *** freezey has joined #postfix[01:59:17] *** freezey has quit IRC[02:01:58] *** hparker has joined #postfix[02:03:56] *** twb has quit IRC[02:06:59] *** occupant has quit IRC[02:07:17] *** occupant has joined #postfix[02:09:38] *** hallamigo has quit IRC[02:11:13] *** twb has joined #postfix[02:20:48] *** twb has quit IRC[02:28:36] *** occup4nt has joined #postfix[02:28:41] *** occupant has quit IRC[02:29:01] *** occup4nt has left #postfix[02:29:29] *** occupant has joined #postfix[02:31:57] *** twb has joined #postfix[02:33:28] *** Pegasus_RPG has joined #postfix[03:28:06] *** gu1lle_ has joined #postfix[03:31:22] *** MAL__ has joined #postfix[03:44:11] *** shinao1 has quit IRC[04:02:36] *** vankooch has quit IRC[04:03:00] *** vankooch has joined #postfix[04:31:23] *** LedHed has quit IRC[04:32:28] *** LedHed has joined #postfix[05:06:55] *** Lidwa has quit IRC[05:11:09] *** freezey has joined #postfix[05:24:45] *** Lidwa has joined #postfix[05:24:48] *** evbogue has joined #postfix[05:34:10] *** twb` has joined #postfix[06:00:11] *** donmichelangelo has quit IRC[06:00:43] *** donmichelangelo has joined #postfix[06:07:26] *** err-or_ has joined #postfix[06:07:29] *** err-or has quit IRC[06:10:40] *** monkwitdafunk has joined #postfix[06:15:29] *** monkwitdafunk has quit IRC[06:27:15] *** twb has quit IRC[06:32:44] *** twb` is now known as twb[06:36:21] *** cromag has quit IRC[06:37:01] *** TheAvatar has quit IRC[06:40:24] *** gu1lle_ has quit IRC[07:15:49] *** freezey has quit IRC[07:20:50] *** olegfusion has joined #postfix[07:33:42] *** Anubis has joined #postfix[07:38:52] *** monkwitdafunk has joined #postfix[07:44:05] *** Anubis has left #postfix[07:44:11] *** Anubis has joined #postfix[07:44:42] *** Anubis has left #postfix[07:47:49] *** A21BC has joined #postfix[07:50:10] *** A21BC has left #postfix[07:55:53] *** olegfusion has quit IRC[08:18:08] *** twb has quit IRC[08:27:55] *** Aprogas has quit IRC[08:37:59] *** maxter has joined #postfix[08:53:41] *** zorg1 has joined #postfix[08:57:07] *** wdp has joined #postfix[09:14:02] *** MaximusColourum has joined #postfix[09:16:14] *** Aprogas has joined #postfix[09:19:59] *** SuperNull has quit IRC[09:45:03] *** ffiore has joined #postfix[09:50:06] *** Aprogas has quit IRC[09:50:13] *** Aprogas has joined #postfix[09:53:47] *** j4jackj has joined #postfix[09:54:17] *** jarif has joined #postfix[10:00:10] *** tld has joined #postfix[10:05:27] *** micols has quit IRC[10:07:19] *** occupant has quit IRC[10:07:36] *** occupant has joined #postfix[10:08:24] *** occupant has quit IRC[10:08:40] *** occupant has joined #postfix[10:11:02] *** occupwnt has joined #postfix[10:12:33] *** olegfusion has joined #postfix[10:13:21] *** occupant has quit IRC[10:19:46] *** j4jackj has quit IRC[10:28:16] *** davlefou has joined #postfix[10:35:33] *** d00 has joined #postfix[10:37:29] <d00> can someone give me a hint where this comes from: "Oct 8 11:12:26 XXX postfix/pipe[9419]: 667B6128037: to=<ZZZ at XXX dot com>, orig_to=<ZZZ at YYY dot XXX.com>, relay=dovecot, delay=0.05, delays=0.02/0/0/0.02, dsn=5.1.1, status=bounced (user unknown)"[10:37:47] <d00> It seems to cut of the subdomain part ... but why ?[10:38:28] <tuxick> why is it sent to subdomain?[10:39:05] <d00> i have an entry in transport to relay YYY.XXX.com to an IP[10:39:58] <d00> just wish to relay it to another server ... but it trys to send it locally[10:40:06] *** jelly has quit IRC[10:40:42] *** jelly has joined #postfix[10:50:27] *** MaximusColourum has quit IRC[10:52:27] *** mibofra has quit IRC[10:52:37] *** mibofra has joined #postfix[10:53:07] *** mibofra has joined #postfix[10:53:37] *** Guest8287 has joined #postfix[10:54:08] *** mibofra- has joined #postfix[10:59:27] <d00> ok i found out .... had something to do with the http://www.postfix.org/postconf.5.html#masquerade_domains[10:59:39] *** d00 has quit IRC[11:00:48] *** davlefou_ has joined #postfix[11:02:39] <trurl> why the heck does nullmailer not stop trying to deliver a mail when getting a 554?[11:02:57] *** davlefou has quit IRC[11:04:42] *** smue has quit IRC[11:05:15] *** smue has joined #postfix[11:18:02] *** uosiu has joined #postfix[11:20:15] <uosiu> Hi all, I have a problem to work around. I have MTA that handles @example.com (accounts are stored in LDAP) and due to refactorization of company, we've moved mailboxes to @acme.example.com. Now, we've gave away @example.com to MX to 3rd party.[11:20:57] <uosiu> 3rd party bounces e-mails to us if email is destinated to our_account at example dot com[11:21:41] <uosiu> Now there's a problem: If we send emails from local network to @example.com our local postfix refuses to handle such e-mail, because we don't have this account in our local LDAP[11:22:32] <uosiu> What is the best way to handle e-mails destinated to @example.com and push them to 3rd party MX instead of our?[11:23:59] <uosiu> We can't sed s/ at example dot com/@acme.example.com/g in LDAP, it's out of possibilities.[11:40:11] *** moldy has joined #postfix[11:40:12] <moldy> hi[11:47:37] *** MaximusColourum has joined #postfix[11:48:22] <tuxick> uosiu: i don't see the problem, postfix should handle those same as mails anywhere[11:48:33] <tuxick> relay outward[11:48:54] <tuxick> so why would ldap be involved?[11:50:25] <uosiu> tuxick: user logs into SMTP as worker at example dot com and sends e-mails with FROM: worker at acme dot example.com[11:50:58] <tuxick> what a mess[11:51:19] <uosiu> if mail is destined to @example.com postfix run LDAP lookup and responds with 550[11:51:48] <tuxick> so you auth against addressses you don't control, what a mess indeed[11:51:56] <tuxick> i'd say update ldap[11:51:58] <uosiu> wait[11:52:10] <uosiu> LDAP has accounts with @example.com[11:52:13] <uosiu> it's our LDAP[11:52:28] <tuxick> but example.com is run by third party[11:52:37] <uosiu> it's run by 3rd party now[11:52:44] <tuxick> so you don't control it[11:52:47] <uosiu> no[11:52:51] <uosiu> it's on our boxes[11:52:55] <tuxick> well, update ldap then :)[11:52:59] <uosiu> we can't[11:53:04] <uosiu> Too much services uses it[11:53:19] <tuxick> ok, auth against only user part of the address[11:53:23] <tuxick> dovecot can do that[11:54:20] <tuxick> auth_default_realm[11:55:08] <tuxick> and remember to spank management[11:56:09] *** Bry8Star has quit IRC[11:56:42] <uosiu> We have our LDAP with users DB, it's 11 years old. User's has mailboxes @example.com, global VirtualRegexp ^(*.) at acme dot example.com$ $1.example.com handles migration of corporate mailboxes from @example.com to @acme.example.com[11:57:37] <tuxick> bloody hell[11:58:03] <uosiu> some time passed, we gave away MX example.com to 0.mx.3rdparty.com[11:58:29] <uosiu> and still have MX acme.example.com mail.example.om[11:58:32] *** Elisha has joined #postfix[11:59:02] *** Elisha has joined #postfix[11:59:14] <uosiu> Now, problem is that user from our company logs into SMTP as user at example dot com and sends e-mail with FROM: user at acme dot example.com[11:59:30] <tuxick> the from bit should be rather irrelevant[12:00:08] <uosiu> if e-mail is destined to @example.com, postfix thinks that e-mail is destined to him and doesn't lookup for MX for this domain, instead it looks up in LDAP for this user[12:00:15] <uosiu> and replies 550 no such user here[12:00:29] *** davlefou__ has joined #postfix[12:00:34] <tuxick> well that means you told postfix it controls example.com[12:00:40] <uosiu> yep[12:00:45] <tuxick> remove that :)[12:02:32] <tuxick> prolly mydestination[12:03:07] *** davlefou_ has quit IRC[12:03:53] <pj> uosiu: how many example.com accounts are you retaining?[12:04:37] <pj> uosiu: ...and do they all have (new) corresponding acme.example.com accounts?[12:11:47] *** Bry8Star has joined #postfix[12:13:38] *** Skaught has quit IRC[12:13:52] *** Skaught has joined #postfix[12:17:58] *** olegfusion has quit IRC[12:21:20] *** smue has quit IRC[12:23:30] *** davlefou__ has quit IRC[12:23:49] *** davlefou has joined #postfix[12:25:02] *** smue_ has joined #postfix[12:27:44] *** olegfusion has joined #postfix[12:34:55] *** kiri has quit IRC[12:35:32] *** olegfusion has quit IRC[12:39:15] *** vankooch has quit IRC[12:43:16] *** cite_ has quit IRC[12:43:27] *** cite has joined #postfix[12:48:23] *** MaximusColourum has quit IRC[12:49:19] *** kiri has joined #postfix[12:59:34] *** olegfusion has joined #postfix[13:00:11] *** donmichelangelo has quit IRC[13:00:44] *** donmichelangelo has joined #postfix[13:01:20] *** davlefou_ has joined #postfix[13:02:44] *** vankooch has joined #postfix[13:03:33] *** davlefou has quit IRC[13:21:24] *** D-Boy has joined #postfix[13:22:24] *** mibofra- has quit IRC[13:22:51] *** mibofra has joined #postfix[13:37:04] *** bjoe2k4 has quit IRC[13:37:53] *** spY|da_ has quit IRC[13:37:53] *** arnoldB has quit IRC[13:40:26] *** cinch has quit IRC[13:41:00] *** Cerise has quit IRC[13:43:16] *** olegfusion has quit IRC[13:46:41] *** mroe has joined #postfix[13:49:17] *** Section1 has joined #postfix[13:57:28] *** cinch has joined #postfix[13:57:37] *** bjoe2k4 has joined #postfix[13:58:02] *** Cerise has joined #postfix[13:58:43] *** spY|da has joined #postfix[13:58:45] *** arnoldB has joined #postfix[14:00:54] *** davlefou__ has joined #postfix[14:04:19] *** davlefou_ has quit IRC[14:10:53] *** ahref has joined #postfix[14:26:44] *** ahref has left #postfix[14:30:41] *** [diablo] has joined #postfix[14:30:59] *** olegfusion has joined #postfix[14:53:30] *** deever_ has left #postfix[14:54:38] *** vankooch has quit IRC[14:54:54] *** robinho86 has joined #postfix[14:56:38] *** davlefouAMD has joined #postfix[14:58:44] *** master_of_master has joined #postfix[15:01:22] *** davlefou_ has joined #postfix[15:02:16] *** master_o1_master has quit IRC[15:04:32] *** davlefou__ has quit IRC[15:05:56] *** FaV1r3s has joined #postfix[15:06:47] *** mroe has quit IRC[15:07:25] *** mroe has joined #postfix[15:11:52] *** mroe has quit IRC[15:12:15] *** Brandano has joined #postfix[15:26:33] <Brandano> is it possible to set up postfix as MTA to redirect mail to separate servers based on the address of the recipient? Ok, that might not be very clear, let me elaborate..[15:26:55] <Brandano> I have an aging Exchange 5.5 machine I want to eventually decommission[15:27:27] <Brandano> all clients currently access it via the imap protocol, so all the various exchange specific extension are not really in use[15:27:53] <Brandano> except perhaps for a couple of distribution lists etc, but I'l deal with that in due time[15:29:04] *** mroe has joined #postfix[15:29:07] *** mroe has quit IRC[15:29:08] <Brandano> right now the inbound mail is received by an ASSP instance, that in turn passes it to postfix and from there it gets delivered to the exchange machine[15:29:44] *** mroe has joined #postfix[15:32:00] <Brandano> the outbound mail also goes through ASSP, postfix, and is then sent to the rest of the workld, so that ASSP might use it to build its bayesian filters[15:33:48] <tuxick> hmm normally it's determined by MX :)[15:33:52] *** mroe has quit IRC[15:34:05] <Brandano> I want to set up a dovecot instance to handle a few mailboxes for the same domain as the ones handled by Exchange. If I can get postfix to deliver specific addresses to Dovecot it ought to work, even for internal mail, since then I'd set the outbound smtp server to the ASSP machine[15:34:41] <Brandano> the MX record is set to our public ip address, and the protocols are NATed at the router level[15:35:00] <Brandano> if I understood how MX records work[15:35:46] <Brandano> I won't hide I am not exactly an expert, even though I have fought with these thing for a fair length of time[15:35:56] <lunaphyte_> sure, that's all fine[15:36:08] <lunaphyte_> however, mail form the internet should hit postfix first, NOT assp[15:36:11] <lunaphyte_> *from[15:36:25] <Brandano> I know, I should set up another instance for that[15:36:47] <lunaphyte_> no[15:36:55] *** bisoc has joined #postfix[15:37:31] *** bisoc_ has quit IRC[15:37:54] *** bisoc has joined #postfix[15:37:56] <Brandano> I need an outbound postfix instance because ASSP cannot directly deliver the outbound email[15:39:11] *** KaiForce has joined #postfix[15:39:14] <lunaphyte_> you don't need multiple different instances[15:39:14] <tuxick> lunaphyte_: no, assp is proxy passing mail to postfix[15:39:22] <tuxick> that's the whole idea of the thing[15:39:24] <lunaphyte_> i know what assp is.[15:39:27] <tuxick> ok[15:39:48] <lunaphyte_> postfix belongs in front of it, just like every other content filter[15:41:37] <Brandano> so I should have one postfix instance receiving mail addressed to my mx, passing it to ASSP, that then will pass it to postfix to be delivered either to exchange or dovecot, while the outbound smtp server will send outbound mail to ASSP, that then will pass it to postfix to deliver either back to exchange or dovecot, or to the web based on domain and mx record ...[15:42:05] <tuxick> ugh[15:42:08] <tuxick> headache[15:42:11] <lunaphyte_> not the web, no.[15:42:12] <Brandano> assp can't handle outbound mail on its own. Either needs a relay server or an MTA[15:42:14] <lunaphyte_> web is http[15:42:17] <lunaphyte_> web is not email[15:42:22] <lunaphyte_> you mean internet[15:42:31] <Brandano> well, to the internet, if you prefer[15:42:39] <lunaphyte_> you're sure you want to pass outgoing mail through assp?[15:42:44] <Brandano> yep[15:42:53] <lunaphyte_> yes, terminology is of profound importance ;)[15:43:07] <Brandano> you need to, in order to both populate whitelists and to control it via the email interface[15:43:17] <lunaphyte_> i see.[15:43:20] <lunaphyte_> that's fine.[15:43:46] <Brandano> it's probably better to have separate postfix instances for the inbound and outbound paths[15:44:01] <lunaphyte_> it's not a bad idea.[15:44:07] <lunaphyte_> do you have separate computers?[15:44:26] <Brandano> not to mention the "sidebound" mail. If I split mailboxes across servers I need to be able to send mail from one mailbox to another within the same domain[15:45:08] <Brandano> Well, exchange will die, better sooner than later, but is sitting on a separate machine. Otherwise, all the rest is obviously on a Linux machine[15:45:53] <tuxick> passing outgoing through assp also whitelists sender/recipeitn tuples etc[15:45:59] <tuxick> so ye that is handy to use[15:46:40] <Brandano> the thing is, can I play such a trick at all? Mainly I am looking for keywords, I am rather decent at using search engines. "virtual mailboxes" seems a likely candidate[15:46:56] <lunaphyte_> all on a single computer?[15:47:39] <tuxick> i was thinking relay_domains but don't see how[15:47:40] <Brandano> another option would be to have dovecot receive all mail, and forward unknown mailboxes to exchange[15:48:00] <tuxick> oww hold on[15:48:02] <Brandano> lunaphyte_: yep, single computer.[15:48:04] <lunaphyte_> you do this with transport_maps[15:48:15] <tuxick> sender_dependent_relayhost_maps perhaps?[15:48:23] <tuxick> since the mails do come from 'inside'[15:48:32] <Brandano> some do, some don't...[15:48:34] <lunaphyte_> you don't need any of that[15:48:36] <tuxick> hm[15:49:02] <lunaphyte_> you list your domains in relay_domains, and list all valid users in relay_recipient_maps.[15:49:09] <lunaphyte_> you pass to assp and process, then back to postfix.[15:49:20] <tuxick> think i see[15:49:25] <lunaphyte_> then you deliver to either dovecot computer or exchange computer by way of transport_maps[15:50:00] <Brandano> one of the problems is that right now I validate recipient from ASSP via SMTP[15:50:16] <lunaphyte_> blech[15:50:36] <lunaphyte_> once exchange is gone, where will your list of users be stored?[15:51:01] <Brandano> I'll build up an LDAP directory[15:51:08] <lunaphyte_> ah, good.[15:51:24] <Brandano> but if I don't validate recipients I end up backscattering[15:51:37] <lunaphyte_> so you should be using ldap to validate recipients against exchange, and of course that will transition naturally over to your new ldap server[15:51:45] <tuxick> Brandano: that's why i made assp use vrfy :)[15:51:53] <tuxick> it just asks postfix[15:52:05] <lunaphyte_> out of band is better[15:52:13] <Brandano> tuxick: that's what I meant[15:52:18] <tuxick> well this way i could also have aliases etc[15:52:28] <tuxick> but sure, ask ldap directly is more efficient/cleaner[15:53:48] <Brandano> lunaphyte_: well, it won't exactly transition directly because exchange's ldap structure is a bit of a mess[15:53:57] <lunaphyte_> of course.[15:54:06] <lunaphyte_> i never said directly ;)[15:54:06] <Brandano> but should be a relatively easy migration[15:54:19] <lunaphyte_> yes[15:54:41] <lunaphyte_> you'll list both lookup maps, and both will be in use until exchange is gone.[15:54:49] <tuxick> gosh, something exchange a mess??[15:54:52] <tuxick> really???[15:55:05] <Brandano> wanna laugh? This one is 5.5[15:55:37] <Brandano> the machine probably dates back to the last century[15:56:18] *** [diablo] has quit IRC[15:56:25] <Brandano> the only reason why it isn't a zombie is because nothing else runs on it, and nobody targets the OS anymore[15:56:31] <tuxick> dunno about versions of that crap[15:56:53] <tuxick> all i know about exchange is that its 'admins' seem clueless[15:57:08] * Brandano raises his hand[15:57:37] <Brandano> They don't seem. They are. Clues cost extra.[15:57:39] <tuxick> trying to helo with .lan etc[15:57:53] <tuxick> [spam found] (invalid HELO: 'GW-EXCHEDGE.idb.isc-b.lan')[15:57:54] *** MAL__ has left #postfix[15:58:01] <Brandano> ah, SMTP... not exchange's way[15:58:24] <tuxick> i'm just guessing here, can't imagine another way to screw this up[15:59:13] <Brandano> well, AFAIK it will be an invalid HELO for whatever domain that cannot be resolved, so any local domain is invalid[15:59:35] <tuxick> true, that's how assp catches botnet hosts :)[15:59:38] <Brandano> OTOH a lot of spam tries to fool the filters setting it at localhost[15:59:39] <tuxick> and exchange ;p[16:00:11] *** donmichelangelo has quit IRC[16:00:33] *** donmichelangelo has joined #postfix[16:01:05] <tuxick> "i'm expecting mail from xyz and your server is rejecting it. their admin says it's your fault"[16:02:07] *** davlefou__ has joined #postfix[16:02:36] <lunaphyte_> almost all exchange admins are the quintessential cargo cult admin[16:02:42] <jelly> "this rfc5321 things says it's their fault, so nyeh nyeh?"[16:03:09] <Brandano> lunaphyte_: would that setup also works using several dovecot servers sharing the same MX record[16:03:30] <lunaphyte_> of course[16:03:49] <tuxick> cargo cult?[16:03:54] <Brandano> But, if you wanted to split the mailboxes across several imap servers, what would the best way to do it be?[16:04:19] <Brandano> tuxick: typical case of an OCP[16:04:35] <tuxick> ye, reading now, never heard that expression before[16:05:16] *** davlefou_ has quit IRC[16:07:51] <lunaphyte_> the only ocp i know of is from robocop[16:08:13] <tuxick> ack[16:09:32] <Brandano> sorry, my bad: http://en.wikipedia.org/wiki/Outside_Context_Problem#Outside_Context_Problem[16:10:12] <Brandano> I didn't realize it was a niche acronym[16:10:18] <lunaphyte_> ah. yes :)[16:10:20] <rob0> "dovecot servers sharing the same MX record"? Dovecot is not a MTA, how is MX relevant?[16:10:34] <lunaphyte_> oh, i missed that part.[16:10:48] <Brandano> sorry, dovecot servers on the same domain, behind a same router, that has the mx record pointed to it[16:11:00] <lunaphyte_> that setup works using several dovecot servers. mx records has nothing to do with it though.[16:11:03] <rob0> yeah, there are several approaches to that[16:11:50] <rob0> One, you could use a shared mailstore for all Dovecots, and use director to control which address/user goes to which backend[16:12:17] <rob0> Two, you could have a static user-to-backend mapping in SQL or LDAP[16:12:38] <rob0> each of those has drawbacks[16:13:07] <rob0> (I said several but listed two, yes. I am sure there are other ways to do it.)[16:14:27] <rob0> I have recently implemented a director cluster, quite a pain when the filestore is unable to keep up.[16:14:50] <tuxick> i'd still like to try this with drbd[16:24:06] <Brandano> my main concern is with separating mailstores, though.[16:24:20] <Brandano> However, I'll look into it when and if the need arises[16:27:29] *** MaximusColourum has joined #postfix[16:31:27] *** rance has joined #postfix[16:39:01] *** smue_ is now known as smue[16:45:32] *** smue has quit IRC[16:47:16] *** smue has joined #postfix[16:54:16] *** smue has quit IRC[16:55:31] *** smue has joined #postfix[16:56:18] *** smue has quit IRC[16:57:54] *** smue has joined #postfix[17:00:31] *** jim87 has joined #postfix[17:01:29] *** zorg1 has quit IRC[17:02:27] *** davlefou_ has joined #postfix[17:05:36] *** davlefou__ has quit IRC[17:05:52] *** Cromulent has joined #postfix[17:08:46] *** freezey has joined #postfix[17:10:24] *** Cromulent has quit IRC[17:12:42] *** Bry8Star has quit IRC[17:15:31] *** Bry8Star has joined #postfix[17:16:47] *** RadoQ has quit IRC[17:24:44] *** JamieH has quit IRC[17:25:02] *** RadoQ has joined #postfix[17:25:11] *** todd_dsm has joined #postfix[17:25:46] *** akafritz has joined #postfix[17:27:56] <akafritz> Hello. I am hoping to get some help with a postfix config. I'm trying to set up a list of addresses I want to deny sending email to on a relay server.[17:28:35] <akafritz> I created a file, rejected_recips, with format: email at domain dot com REJECT[17:29:01] <akafritz> and specified it in main.cf with this: smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access hash:/etc/postfix/rejected_recips[17:29:09] <akafritz> and or course ran postmap against the flatfile[17:29:25] <akafritz> but postfix keeps relaying for the addresses in the file. Where am I going wrong?[17:30:06] <akafritz> !welcome[17:30:06] <knoba> akafritz: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![17:30:16] *** rance has quit IRC[17:30:33] <lunaphyte_> why are you explicitly listing denied recipients?[17:30:52] <akafritz> long story, but they're a list of addresses that bounce[17:31:03] <akafritz> and I need to drop them before sending to our upstream MTA[17:35:48] <lunaphyte_> oh, so you have users of yours sending email to internet recipients which end up bouncing?[17:36:02] <lunaphyte_> and you want to simply deny sending email to those recipients period?[17:36:42] <akafritz> correct[17:37:46] <lunaphyte_> then you need to add check_recipient_access to your submission smtpd_recipient_restrictions, not your global smtpd_recipient_restrictions[17:37:54] <akafritz> i'm running postfix on an internal relay, which relays for my application servers. this is a stopgap until we get our app to detect and stop sending to bounced addresses altogether.[17:39:06] <lunaphyte_> that's fine[17:39:37] <akafritz> OK let me try to figure out how to configure that. thanks![17:39:50] <lunaphyte_> sure thing.[17:40:00] <lunaphyte_> you jsut add it to your submission settings in master.cf[17:40:09] <akafritz> ah, gotcha[17:41:57] *** Cromulent has joined #postfix[17:52:10] *** hallamigo has joined #postfix[17:59:43] *** wdp has quit IRC[18:01:08] *** freezey has quit IRC[18:06:28] *** davlefou_ has quit IRC[18:08:35] *** freezey has joined #postfix[18:14:14] *** davlefouAMD has quit IRC[18:17:23] *** vankooch has joined #postfix[18:19:40] *** davlefou_ has joined #postfix[18:26:00] *** bungalo has quit IRC[18:30:12] *** donmichelangelo has quit IRC[18:30:35] *** donmichelangelo has joined #postfix[18:39:55] *** dylukes has joined #postfix[18:58:07] *** freezey has quit IRC[18:58:28] *** jarif has quit IRC[19:03:21] *** davlefou__ has joined #postfix[19:07:00] <akafritz> lunaphyte, I tried your suggestion by putting -o smtpd_recipient_restrictions=reject_unauth_destination,check_recipient_access,hash:/etc/postfix/rejected_recips in master.cf. but now its not letting me relay at all. its not respecing mynetworks[19:07:04] *** davlefou_ has quit IRC[19:07:30] <akafritz> its saying my IP is unknown and throwing a 554[19:10:22] *** freezey has joined #postfix[19:15:17] *** todd_dsm has quit IRC[19:17:41] *** ffiore has quit IRC[19:21:38] *** Brandano has quit IRC[19:26:56] *** Cromulent has quit IRC[19:28:02] <lunaphyte> !tell akafritz getting_help[19:28:02] <knoba> akafritz: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[19:28:29] <lunaphyte> you can't use reject_unauth_destination for submission[19:29:00] <lunaphyte> um, but you are allowing relaying based on source ip address? you should be using smtp auth for that[19:29:14] <akafritz> yes, its all internal, i'm allowing relay for all internal[19:29:36] <lunaphyte> smtp auth is still better, for a myriad of reasons.[19:29:48] <lunaphyte> but anyway, even still i'd not use mynetworks for that.[19:30:09] <lunaphyte> use check_client_access with a cidr map.[19:30:56] <lunaphyte> e.g. -o smtpd_recipient_restrictions=check_recipient_access,hash:/etc/postfix/rejected_recips,check_client_access,allowed_clients,reject[19:31:18] <lunaphyte> and better still, put those in a restriction class, so you don't have to use the awkward master.cf override syntax.[19:31:46] <akafritz> ok let me give that a shot[19:34:28] *** JamieH has joined #postfix[19:43:09] <akafritz> that worked! thanks so much![19:44:05] <lunaphyte> good deal, you're welcome[19:44:19] <lunaphyte> do have a look at using a restriction class though[19:44:32] <akafritz> ok, i'll def look into it[19:44:48] <akafritz> i am only familiar with the basics[19:56:57] *** occupwnt has quit IRC[20:03:42] *** davlefou_ has joined #postfix[20:06:48] *** davlefou__ has quit IRC[20:08:28] *** jarif has joined #postfix[20:10:13] *** dylukes has quit IRC[20:11:18] *** sharky_ has quit IRC[20:11:48] *** sharky has joined #postfix[20:18:14] *** snooops has joined #postfix[20:19:29] <snooops> hi i try to setup a postfix server, and i get an error from googlemail that i have been temporally blocked… other providers are working really well… any ideas?[20:19:42] *** gu1lle_ has joined #postfix[20:21:56] *** Bronze has joined #postfix[20:30:11] *** staticsafe has quit IRC[20:30:33] *** staticsafe has joined #postfix[20:41:05] *** mf2hd has quit IRC[20:45:27] *** jad_jay has joined #postfix[20:45:32] *** mf2hd has joined #postfix[20:47:07] *** mf2hd has quit IRC[20:50:17] *** zerick has joined #postfix[21:02:39] <Section1> hi guys ...i hav a doubt about this: i setup ony sasl on submmision but its not working this is my config: http://fpaste.org/45877/31650138/[21:03:45] <Section1> if i put permit_sasl_authenticated in smtpd_recipient_restrictions in main.cf works ..but i don't understan why its not working if i put in master.cf in the submmision part[21:04:12] <Section1> submission*[21:04:14] *** olegfusion has quit IRC[21:04:14] <eagles0513875> hey guys quick question if i have domain a and domain b on the same server do i need to have each domain listed in postfixes main.cf file?[21:04:16] <rob0> smtpd_recipient_restrictions != smtpd_client_restrictions[21:04:18] *** wdp has joined #postfix[21:04:18] *** wdp has joined #postfix[21:04:21] <eagles0513875> reason i am asking is because i got this error in an email X-Postfix; Host or domain name not found. Name service error for name=mail.linkedpetroleumservices.com type=AAAA: Host not found[21:04:28] *** davlefou__ has joined #postfix[21:04:46] <Section1> ohh hell thanks rob0 :)[21:04:50] <rob0> smtpd_client_restrictions lets the AUTH client through, but smtpd_recipient_restrictions does not.[21:05:21] <Section1> yeah i see now the diference...im tired...thanks[21:05:32] <rob0> FWIW I would put smtpd_sasl_type and _path in main.cf[21:05:43] <Section1> ok[21:05:59] <rob0> but smtpd_sasl_auth_enable is where it belongs[21:06:09] <eagles0513875> hows it going rob[21:06:26] <eagles0513875> rob0: ^[21:07:13] *** davlefou_ has quit IRC[21:07:17] *** olegfusion has joined #postfix[21:09:39] *** olegfusion has quit IRC[21:09:48] *** olegfusion has joined #postfix[21:10:28] *** olegfusion has quit IRC[21:13:40] <rob0> eagles, everything is peachy here! But your question is not. First, there is no yes or no answer to that. I guess let's say "no", that's most correct. Second, it does not seem to be related: if you have listed a domain in one of your address class definitions, why is it looking up DNS?[21:14:17] <eagles0513875> i dunno[21:14:23] <eagles0513875> why its looking up dns and ipv6[21:14:34] <eagles0513875> thing is i have an aaaa record for the domain as well as an aaa one as well[21:15:10] <rob0> NXDOMAIN here.[21:15:30] <eagles0513875> ns1.linode.com to ns5.linode.com[21:15:59] <rob0> whois says: No match for "LINKEDPETROLEUMSERVICES.COM".[21:16:08] <eagles0513875> rob0: that is the problem[21:16:14] <eagles0513875> i dunno where i set it to linked it should be link[21:16:30] <eagles0513875> postfix admin has it set right[21:16:31] <rob0> !xy[21:16:31] <knoba> rob0: "xy" : (#1) The XY problem is that you want to do X, but don't know how. You think that you can solve X by doing Y, so you ask us how to do Y. We tell you that's an odd problem to want to solve. Just ask us about the real problem., or (#2) http://mywiki.wooledge.org/XyProblem -- I want to do X, but I'm asking how to do Y...[21:16:58] <eagles0513875> basically the real problem is where on earth should i look to fix the issue of it using a non existent domain[21:17:49] *** olegfusion has joined #postfix[21:21:04] <eagles0513875> this is frustrating[21:23:19] *** freezey has quit IRC[21:24:15] *** freezey has joined #postfix[21:31:42] *** iber has joined #postfix[21:31:57] <iber> hi there[21:32:11] <iber> maybe someone could give me some guidance[21:32:19] <iber> I followed this tutorial: https://www.digitalocean.com/community/articles/how-to-install-postfix-on-centos-6[21:32:51] <iber> however, i can't log in to the smtp server from my local machine[21:33:10] <iber> works fine from within the server[21:33:17] <rob0> eh, we are not fond of such tutorials. Talk about your goal and we will point you to actual documentation.[21:33:27] <iber> ok[21:36:37] <iber> basically we have a mail server provided by our hosting company (which comes with our hosting package), now i'm trying to set up a separate server which would be able to send out bulk emails through a web app on behalf of the email accounts we've already got[21:36:48] <iber> does that make any sense to you? :)[21:37:07] <rob0> you might want a nullclient[21:37:07] *** stephan48 has quit IRC[21:37:13] <rob0> !nullclient[21:37:13] <knoba> rob0: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[21:37:33] <iber> !nullclient_software[21:37:34] <knoba> iber: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include msmtp, esmtp, ssmtp and nullmailer. also see !msa[21:37:39] <rob0> Have you considered an ESP such as Mailchimp or Constant Contact?[21:37:55] *** freezey has quit IRC[21:37:59] <rob0> !esp[21:37:59] <knoba> rob0: "esp" : Email Service Provider[21:38:39] *** stephan48 has joined #postfix[21:38:41] *** stephan48 has joined #postfix[21:40:24] <iber> would Mailchimp serve only as an SMTP server? :)[21:40:34] *** honestly has quit IRC[21:41:28] *** freezey has joined #postfix[21:42:18] *** honestly has joined #postfix[21:42:18] *** honestly has joined #postfix[21:44:23] <rob0> hm? I suppose they'd provide some means of you getting your mail to them so they could send it out.[21:44:37] <rob0> s/of/for/[21:45:13] <rob0> uh, well, s/of you getting/for you to get/[21:45:27] <rob0> blame adaptr![21:45:40] <rob0> !adaptr[21:45:41] <knoba> rob0: "adaptr" : The smiting hand (or actually, small shell script) of #postfix. Not to be trusted.[21:53:18] *** snooops has quit IRC[21:54:04] *** sphenxes has quit IRC[22:01:01] *** Section1 has quit IRC[22:02:35] *** The_Acid_Toy has joined #postfix[22:03:22] *** The_Acid_Toy has left #postfix[22:03:39] *** Neytiri has joined #postfix[22:04:12] <Neytiri> i am having a issue with emial not being deliverable to my mail server i get this message[22:04:21] <Neytiri> Postfix; mail for mail01.xray-hope.net loops back to myself[22:04:40] <Neytiri> that is a old server i took offline i dont know why it still refrences it[22:06:20] *** davlefou_ has joined #postfix[22:07:39] <Zerberus> !loopback[22:07:39] <knoba> Zerberus: "loopback" : 'Mail loops back to myself' means that your Postfix wanted to send out the mail to the internet but then discovered that the DNS says your mail server should be responsible. Most likely you forgot to list your domain in mydestination or virtual_(alias|mailbox)_domains[22:07:48] *** davlefou__ has quit IRC[22:08:48] <Neytiri> nowi am getting this error Host or domain name not found. Name service error for[22:08:48] <Neytiri> name=mail01.xray-hope.net type=AAAA: Host not found[22:10:21] *** freezey has quit IRC[22:10:29] <rob0> NXDOMAIN here.[22:11:07] <Neytiri> i shut down mail01 and changed everythignto mail02 ajusted the dns records accordingly[22:11:10] <Neytiri> tdays ago[22:12:25] <Neytiri> i dont know why its still getting mail01[22:13:41] *** MacWinner has joined #postfix[22:13:49] *** freezey has joined #postfix[22:14:18] <Neytiri> all the dns queries i do for a mx record show mail02 as the mail server[22:14:40] *** iber has quit IRC[22:15:22] <Neytiri> what am i doing wrong here[22:17:30] *** A21BC has joined #postfix[22:18:01] <Neytiri> if it helps i am seinging the mail from yahoo to an address on my server[22:18:43] *** A21BC has quit IRC[22:19:52] <rob0> Did you read the /topic? You might do better by making a pastebin with postconf -n, relevant logs, and the full story about how you are getting this error.[22:20:03] <lunaphyte> !tell Neytiri getting_help[22:20:03] <knoba> Neytiri: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[22:20:28] *** olegfusion has quit IRC[22:20:55] *** s0ber has quit IRC[22:22:41] *** s0ber has joined #postfix[22:23:02] *** jad_jay has quit IRC[22:25:00] *** freezey has quit IRC[22:25:48] <Neytiri> here is the config files http://pastebin.com/2tdEkpvU[22:26:23] <lunaphyte> if you're going to ignore the instructions you're given, you're probably going to be ignored...[22:26:40] <thumbs> !tell Neytiri welcome[22:26:40] <knoba> Neytiri: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![22:26:42] <Neytiri> do you want it all in 1 post[22:26:43] *** jad_jay has joined #postfix[22:27:01] <lunaphyte> read the getting_help factoid.[22:27:04] <thumbs> Neytiri: making us read different links would be inconsiderate as well[22:27:17] <thumbs> yes, merge the requested information in a single post[22:28:05] *** freezey has joined #postfix[22:29:14] <Neytiri> !relevant_logs[22:29:14] <knoba> Neytiri: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[22:34:24] <Neytiri> ok here is everything[22:34:25] <Neytiri> http://pastebin.com/7qpawU8y[22:36:11] <rob0> myorigin = /etc/mailname[22:36:37] <Neytiri> thanks[22:36:56] <Neytiri> it was set incorrectly, which is weid cause i never copied that file[22:37:31] <Neytiri> lets see if that fixes it[22:37:45] <Neytiri> yep, thankyou very much[22:37:46] <rob0> !myorigin[22:37:46] <knoba> rob0: "myorigin" : a configuration parameter in the main.cf: The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default $myhostname, which is fine for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) set up a domain-wide alias database that aliases each user to user at that dot users.mailhost.[22:37:54] <rob0> !append_at_myorigin[22:37:54] <knoba> rob0: "append_at_myorigin" : Append the string"@$myorigin" to mail addresses without domain information. WARNING: do not change this without understanding what it means, see http://www.postfix.org/postconf.5.html#append_at_myorigin[22:42:01] *** rance has joined #postfix[22:45:38] *** rance has left #postfix[22:52:39] *** jad_jay has quit IRC[22:55:47] *** sharky_ has joined #postfix[22:57:09] *** sharky has quit IRC[23:00:53] *** maxter has quit IRC[23:05:10] *** davlefou__ has joined #postfix[23:08:16] *** davlefou_ has quit IRC[23:12:25] *** Bronz_ has joined #postfix[23:13:06] *** Bronze has quit IRC[23:20:57] *** KaiForce has quit IRC[23:22:42] *** Bronz_ is now known as Bronze[23:23:46] *** Toerkeium has quit IRC[23:30:11] *** donmichelangelo has quit IRC[23:30:31] *** scarrs has joined #postfix[23:30:37] *** donmichelangelo has joined #postfix[23:31:07] *** scarrs has left #postfix[23:40:48] *** MaximusColourum has quit IRC[23:41:36] *** freezey has quit IRC[23:45:16] *** freezey has joined #postfix[23:45:56] *** freezey has quit IRC[23:46:28] *** freezey has joined #postfix[23:49:29] *** MaximusColourum has joined #postfix[23:51:06] *** freezey has quit IRC[23:57:29] *** A21BC has joined #postfix[23:59:22] *** Motoko has joined #postfix