October 22, 2013 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
October 22, 2013 [00:02:18] *** muh2000 has joined #postfix[00:08:32] *** solomon has quit IRC[00:11:37] *** galex-713 has quit IRC[00:11:38] *** jarif has quit IRC[00:13:17] *** davlefou_ has joined #postfix[00:16:26] *** davlefou__ has quit IRC[00:22:14] *** galex-713 has joined #postfix[00:34:59] *** fling has quit IRC[00:37:07] *** fling has joined #postfix[00:48:40] *** TomHome has quit IRC[00:54:44] *** twb has joined #postfix[00:59:35] *** steven4455 has quit IRC[01:11:32] *** solomon has joined #postfix[01:13:45] *** davlefou__ has joined #postfix[01:17:02] *** davlefou_ has quit IRC[01:21:09] *** donmichelangelo has quit IRC[01:21:39] *** donmichelangelo has joined #postfix[01:46:14] *** solomon has quit IRC[01:46:59] *** MaximusColourum has quit IRC[01:55:55] *** nutron has joined #postfix[01:55:58] *** nutron has quit IRC[01:55:58] *** nutron has joined #postfix[01:59:53] *** oo_miguel has quit IRC[02:13:59] *** davlefou_ has joined #postfix[02:17:38] *** davlefou__ has quit IRC[02:22:53] *** solomon has joined #postfix[02:25:32] *** solomon has quit IRC[02:52:23] *** Guest10895 has quit IRC[02:58:22] *** spronk has joined #postfix[02:58:44] <spronk> hi guys - i've got 35k emails in my incoming queue.... and they seem to be delivering very slow. is there any way i can speed this up?[02:59:02] *** freezey has joined #postfix[02:59:12] <lunaphyte> delivering to where?[02:59:22] <spronk> local virtual users[03:00:06] <lunaphyte> pastebin a sample of your mailq output which shows messages in question, and log snippit of complete processing of a message exhibiting the problem.[03:00:10] <spronk> they started off delivering quickly...[03:02:04] <adaptr> spronk: disk contention. postfix (or any MTA) is primarily disk bound[03:03:09] <spronk> how would i find a log snippet processing the message? if I do a grep on /var/log/mail.log for the message ID in the mailq output i just get the connect message...[03:03:50] <spronk> lines above and below are just connect messages for the other similar pieces of mail[03:04:37] <lunaphyte> use a pager, and perform association[03:05:08] <lunaphyte> reconcile both queue id and pid[03:06:20] <lunaphyte> err, cross reference, rather[03:08:02] <spronk> hmm, only seem to be a couple of lines for each message[03:08:32] <lunaphyte> well, pastebin them and include adjacent lines for context.[03:10:01] *** midnightmagic has joined #postfix[03:13:10] *** honestly is now known as EveryBody[03:13:13] <spronk> http://pastebin.com/uJXHEwuK[03:13:17] <spronk> this is basically all there is in the logs[03:13:20] *** EveryBody is now known as honestly[03:13:30] <spronk> looking at a particular message that was in the mailq output[03:14:37] *** davlefou__ has joined #postfix[03:14:40] <spronk> if i do a qshape, i get a huuge number of messages in the queue[03:15:04] <spronk> heaps in the righthand cols too[03:15:09] <lunaphyte> use a pager, search for the queue id, and pastebin that screen[03:16:15] <spronk> its just a page full of postfix/cleanups[03:16:17] <spronk> hmm[03:16:38] <spronk> are there any keywords i can look for like... "queued" that might give further hints?[03:17:20] <lunaphyte> so you're ignoring me?[03:17:47] *** davlefou_ has quit IRC[03:18:37] <spronk> lunaphyte: if i less mail.log then /(queue id), all i see is pages full of Oct 21 22:59:20 dev postfix/cleanup[23132]: E44CDF8ED7: message-id=<E1VYOFa-0007Z9-Ia at loadtest dot local>[03:19:16] <spronk> the queue ID is the E44... right?[03:20:05] <lunaphyte> then grep for the pid, like i said[03:20:38] <spronk> ah right, skipped that step[03:21:09] <lunaphyte> btw, on a semi side note, do not use .local[03:21:43] <spronk> this isn't a production server... unless it's a bad idea for testing boxes as well?[03:24:03] <lunaphyte> note there were no conditionals attached to my statement ;)[03:24:25] <spronk> any reason why not to use it?[03:25:14] <spronk> i have local dns for web servers, but it's a bit of a pain to keep it working etc[03:25:30] <lunaphyte> same logic applies there as well.[03:25:38] <spronk> i see[03:25:47] <lunaphyte> .local is a special, purpose specific "psuedo" tld. it's *not* for dns.[03:26:27] <spronk> Oct 21 23:02:27 dev postfix/pipe[21714]: 5DD0061066: to=<test1 at mailrecv dot local>, orig_to=<logging at loadtest dot local>, relay=spamassassin, delay=2184, delays=0.02/2168/0/16, dsn=2.0.0, status=sent (delivered via spamassassin service)[03:26:35] *** MaximusColourum has joined #postfix[03:26:49] <lunaphyte> use of anything like postfix, apache, etc. almost invariably misappropriates it into use with/by dns.[03:27:04] <lunaphyte> pipe?[03:27:08] <lunaphyte> well, not a good start there.[03:27:28] <lunaphyte> using pipe is unlikely to be the most efficient mechanism[03:28:10] <lunaphyte> now you have a new queue id with which to search[03:28:52] <lunaphyte> but at this point i imagine we can probably just offer suggestions on improvements based simply on your config.[03:29:00] <lunaphyte> !tell spronk welcome[03:29:00] <knoba> spronk: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![03:30:54] <spronk> http://pastebin.com/DxrFsJqn that's my conf[03:31:18] <spronk> basically haven't touched it outside apt-get installing postfix and postfixadmin[03:31:48] <lunaphyte> please follow the instructions.[03:32:14] <spronk> !getting_help[03:32:14] <knoba> spronk: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[03:33:23] *** lunaphyte_ has quit IRC[03:34:37] *** nutron has quit IRC[03:36:40] *** lunaphyte_ has joined #postfix[03:37:21] <spronk> !showconfig_old[03:37:21] <knoba> spronk: "showconfig_old" : for versions of postfix < 2.9, pastebin postconf -n and the contents of master.cf with comments removed[03:50:54] <spronk> !relevant_logs[03:50:54] <knoba> spronk: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[03:51:02] <spronk> !verbose[03:51:03] <knoba> spronk: "verbose" : You probably do not need verbose logging, but in rare cases the extra detail can assist in debugging. To set verbose logging add a -v after the command name (such as smtpd) in master.cf, then 'postfix reload' after that.[03:51:51] *** whoami has quit IRC[03:57:58] *** jtrucks has quit IRC[03:58:15] *** jtrucks has joined #postfix[04:03:53] <spronk> http://pastebin.com/1NKSPEqW this enough to go by?[04:04:08] *** whoami has joined #postfix[04:04:30] <lunaphyte> you've a new install that's older than 2.9?[04:05:15] <thumbs> ick[04:05:40] <spronk> debian 6..[04:06:39] <spronk> apt repos are on 2.7.1[04:08:25] <lunaphyte> well, 2.7 is still supported, yes - albeit begrudgingly.[04:08:43] <spronk> i see[04:08:50] <lunaphyte> anyway, i'll cut though the fluff, and be Frank - that config sucks :)[04:09:00] <spronk> :([04:09:03] <lunaphyte> not very efficient.[04:09:57] <spronk> where are the biggest bottlenecks?[04:10:23] <lunaphyte> at a quick glance, i'm not even seeing how mail is getting through spamassassin[04:10:48] <spronk> line 78 and 79 of the pastebin i think[04:11:04] <lunaphyte> that's only half of it.[04:11:11] <spronk> oh?[04:11:13] <spronk> yesh.[04:11:32] <spronk> apart fromt he virtual users file, this was all generated by the installers[04:12:06] <lunaphyte> pastebin /etc/postfix/sender_access[04:12:50] *** MacWinner has quit IRC[04:13:05] <spronk> there's just one line, deployment at loadtest dot local REJECT[04:13:36] <spronk> there is a sender_access.db file in /etc/postfix[04:14:04] <lunaphyte> oh, there it is.[04:14:21] <lunaphyte> line 76[04:14:49] <lunaphyte> why is that way down there?[04:14:55] *** davlefou_ has joined #postfix[04:15:01] <lunaphyte> that's normally at the top of master.cf[04:15:21] <lunaphyte> [lines 75-76][04:15:46] <lunaphyte> i've got to get to bed, but here's what i'd suggest you do:[04:15:52] <spronk> ah rightg[04:16:02] <lunaphyte> get rid of spamassassin for now.[04:16:35] <lunaphyte> put lines 75-76 back above submission, and comment out -o content_filter=spamassassin[04:17:02] <lunaphyte> then, deliver to dovecot via lmtp, not pipe.[04:17:25] *** MaximusColourum has quit IRC[04:17:29] <spronk> ah yep[04:17:35] <lunaphyte> deliver right from postfix to dovecot - not content filter in between - for now.[04:17:47] <lunaphyte> *no content[04:18:09] <lunaphyte> also, why do you have all of those different mysql lookup maps?[04:18:13] *** davlefou__ has quit IRC[04:18:21] <spronk> postfixadmin installed them, i guess[04:18:29] <lunaphyte> oh.[04:18:46] <lunaphyte> catchalls are *not* wise, at all.[04:19:00] <lunaphyte> that file name is alarming in that context.[04:19:13] <spronk> hmm[04:19:16] <lunaphyte> mailbox_size_limit = 0 - do NOT do this.[04:19:53] <lunaphyte> we don't do postfixadmin here, but all of those different lookup maps don't really scream logic or efficiency.[04:20:02] <lunaphyte> but who knows what postfixadmin "needs".[04:20:05] <spronk> yeah..[04:20:14] <spronk> maybe i'll try and get rid of PFA too[04:20:50] <lunaphyte> the thing is, i'd really suggest you not use a "virtual" setup if you're delivering to dovecot anyway.[04:21:21] <spronk> oh? so have dovecot handle that side of things?[04:21:47] <lunaphyte> there are edge cases where it's validity can be argued, but in pedestrian environments [read: 99% of all setups], it's just awkawrd and sort of misleading.[04:21:56] <spronk> ah, ok[04:22:31] <lunaphyte> i'd use relay_domains and relay_recipient_maps, with relay_transport set to dovecot[04:23:16] <lunaphyte> where dovecot is an entry in master.cf as "dovecot unix - - n - 5 lmtp" - for example.[04:23:30] <lunaphyte> rather than "dovecot unix - n n - - pipe"[04:23:39] <spronk> yep, following[04:30:13] <spronk> thanks lunaphyte[04:30:34] <lunaphyte> sure thing, good luck.[04:30:38] *** MaximusColourum has joined #postfix[04:30:57] <lunaphyte> i'm off for now, but there are plenty of others who can help.[04:31:57] <spronk> cheers[04:33:37] *** MaximusColourum has quit IRC[04:38:42] *** err-or has quit IRC[04:46:55] *** josh has quit IRC[04:47:43] *** josh_ has joined #postfix[04:51:01] *** jelly has quit IRC[04:51:25] *** jelly has joined #postfix[04:57:09] *** josh_ has quit IRC[04:58:00] *** josh_ has joined #postfix[05:15:41] *** davlefou__ has joined #postfix[05:15:42] *** jarif has joined #postfix[05:19:18] *** davlefou_ has quit IRC[06:00:11] *** donmichelangelo has quit IRC[06:00:51] *** donmichelangelo has joined #postfix[06:16:12] *** davlefou_ has joined #postfix[06:18:56] *** davlefou__ has quit IRC[06:20:15] *** jarif has quit IRC[06:21:04] *** jarif has joined #postfix[06:22:38] *** ewong__ has joined #postfix[06:24:07] *** ewong has quit IRC[06:24:22] *** ewong__ is now known as ewong[06:40:07] *** Southron has left #postfix[07:03:16] *** err-or has joined #postfix[07:16:29] *** davlefou__ has joined #postfix[07:19:46] *** davlefou_ has quit IRC[07:20:22] *** ddsfg has joined #postfix[07:22:36] <ddsfg> 1welcome[07:23:03] <ddsfg> how send mail through postfix enabled with 'list-unsubscribe' header?[07:24:30] *** olegfusion has joined #postfix[07:24:47] <twb> AFAIK that stuff is handled by mailman, not by postfix itself[07:24:59] *** jgm__ has quit IRC[07:25:06] <twb> In Debian, at least, the default master.cf has the magic mailman integration stuff already enabled[07:44:51] *** ddsfg has quit IRC[07:54:07] *** kli0rf has joined #postfix[08:06:45] *** on1ald has quit IRC[08:06:55] *** RadoQ has quit IRC[08:07:53] *** steven4455 has joined #postfix[08:17:30] *** davlefou_ has joined #postfix[08:18:56] *** twb has quit IRC[08:19:01] *** Cromulent has joined #postfix[08:20:05] *** on1ald has joined #postfix[08:20:11] *** davlefou__ has quit IRC[08:26:38] *** Niemi has joined #postfix[08:30:23] *** Niemi has joined #postfix[08:45:33] *** pajamian has joined #postfix[08:48:08] *** Cromulent has quit IRC[08:48:59] *** pj has quit IRC[08:49:25] *** pajamian is now known as pj[08:59:52] *** zorg1 has joined #postfix[09:17:27] *** davlefou__ has joined #postfix[09:20:51] *** davlefou_ has quit IRC[09:26:44] *** micols has quit IRC[09:29:51] *** micols has joined #postfix[09:44:53] *** TheAvatar has quit IRC[09:46:47] *** cromag has quit IRC[09:48:03] *** cromag has joined #postfix[09:49:21] *** TheAvatar has joined #postfix[10:09:42] *** wdp has joined #postfix[10:09:42] *** wdp has joined #postfix[10:14:19] *** olegfusion has quit IRC[10:17:58] *** davlefou_ has joined #postfix[10:21:06] *** davlefou__ has quit IRC[10:28:52] *** TheAvatar has quit IRC[10:30:45] *** cromag has quit IRC[10:46:29] *** freezey_ has joined #postfix[10:46:55] *** freezey has quit IRC[10:49:42] *** qknight has joined #postfix[10:50:23] <qknight> i have: root: me at myserver dot com but i would also like postfix to write the mails to /var/mail/root, how to do that?[10:55:45] <pj> root: root,me at myserver dot com[10:56:18] <pj> qknight: ^^^^[10:56:38] <qknight> pj: thanks very much. i had fear this would create a loop[10:57:21] <pj> qknight: nope, if postfix is smart enough to do the right thing with that.[11:00:08] *** [dmp] has quit IRC[11:00:15] *** dmp_ has joined #postfix[11:00:34] *** dmp_ is now known as [dmp][11:11:36] *** freezey_ has quit IRC[11:14:00] *** jarif has quit IRC[11:16:47] *** jarif has joined #postfix[11:18:25] *** davlefou__ has joined #postfix[11:20:17] *** ewong has quit IRC[11:22:25] *** davlefou_ has quit IRC[11:41:34] *** cromag has joined #postfix[12:14:03] *** RadoQ has joined #postfix[12:19:08] *** davlefou_ has joined #postfix[12:22:20] *** davlefou__ has quit IRC[12:37:08] *** olegfusion has joined #postfix[12:38:58] *** danialr has joined #postfix[12:42:04] *** Womkes has quit IRC[12:44:19] *** Womkes has joined #postfix[12:44:25] <danialr> hi everybody i installed postfix also my domain name is ok and is connected to my vps. i have some question 1. is each user in linux system for example root user is the email address for postfix ? if mydomin.com be my domain my email address is root at mydomain dot com ? 2. is it my mailbox too? (root at mydomin dot com) i want to set my email address on thunderbird client that it can send email using smtp and get email using pop3? 3. if i want to my email address be me@my[12:52:37] *** err-or has quit IRC[12:56:07] *** err-or has joined #postfix[13:06:58] *** donmichelangelo has quit IRC[13:08:06] *** donmichelangelo has joined #postfix[13:08:52] <Zerberus> !tell danialr basic[13:08:52] <knoba> danialr: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[13:22:43] *** davlefou_ has quit IRC[13:29:00] *** quadro_ has quit IRC[13:35:09] *** davlefou_ has joined #postfix[13:37:57] *** LaBliMo has joined #postfix[13:47:20] *** solomon has joined #postfix[13:49:15] *** Quadro has joined #postfix[13:51:09] *** mroe has joined #postfix[13:54:53] *** solomon has quit IRC[13:56:36] *** Section1 has joined #postfix[13:57:02] *** ludv is now known as lericson[14:02:31] <rob0> danialr might also want to review some of the wikipedia pages about email, to learn what all the parts are and how they fit together.[14:07:30] *** kiri has quit IRC[14:15:48] *** robinho86 has joined #postfix[14:19:46] *** zorg1 has quit IRC[14:19:53] *** davlefou__ has joined #postfix[14:20:18] <danialr> rob0: i follow this https://help.ubuntu.com/community/PostfixBasicSetupHowto and it worked . but i can only send email to local address also receive from gmail but i can't send it's my config : PM[14:21:04] <danialr> when i enable smtpd_recipient_restrictions = permit_sasl_authenticated i cant send email anymore[14:22:11] *** muh2000 has quit IRC[14:22:26] <rob0> !sasl[14:22:26] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[14:22:35] *** dylukes has joined #postfix[14:22:37] *** muh2000 has joined #postfix[14:22:47] <danialr> hmm[14:22:56] *** davlefou_ has quit IRC[14:25:35] <lunaphyte_> not sure why you'd be going to ubuntu for instructions on using postfix. they aren't the author.[14:26:24] *** zorg1 has joined #postfix[14:26:32] <lunaphyte_> the person who is the author does include documentation with the software though. seems like that would be the smart choice for instructions on using it.[14:27:58] *** muh2000 has quit IRC[14:28:16] <danialr> i read everything but it seems user friendly for beginning[14:28:45] <lunaphyte_> that's seems contradictory.[14:28:49] <lunaphyte_> *that seems[14:29:04] <lunaphyte_> i'd think if it were user friendly, wouldn't it be working?[14:30:28] <danialr> yes but i read that it because it seems easy now i know something that i can read another documents . is there any admin for postfix that i can do some config with a web panel or also cli but it be easy[14:30:53] <lunaphyte_> please enlist the services of an experienced consultant.[14:31:31] <rob0> Mail is very challenging indeed. A lot to learn. Any given part of it can only be expected to document itself, not usually other related parts.[14:32:08] <danialr> ok i have to read more but not bad starting[14:34:49] <rob0> Postfix documentation is excellent, but it doesn't try to teach you everything about how email works.[14:35:08] <rob0> It does show you how every little bit of Postfix works.[14:35:31] *** dylukes has quit IRC[14:35:42] *** robinho861 has joined #postfix[14:35:43] *** muh2000 has joined #postfix[14:35:53] *** robinho861 has left #postfix[14:37:16] <danialr> i have a ebook too but i try run it this mail server in fast possible way and then start to learning[14:39:23] *** kiri has joined #postfix[14:44:28] *** robinho861 has joined #postfix[14:44:39] *** robinho861 has left #postfix[14:50:41] *** muh2000 has quit IRC[14:53:44] *** robinho86 has left #postfix[14:54:03] *** zafu has joined #postfix[14:54:41] <zafu> hi, how do I reject unknown users instead of generating a bounce?[14:54:57] <lunaphyte_> that's the default behavior.[14:55:03] <lunaphyte_> !tell zafu welcome[14:55:03] <knoba> zafu: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![14:56:12] *** LaBliMo has quit IRC[14:56:15] <zafu> lunaphyte_: that's what I thought too but lately some bounces are produced, what should I look for?[14:56:43] <lunaphyte_> the factoid i just shared with you...[14:59:01] *** robinho86 has joined #postfix[15:06:54] <rob0> !getting_help[15:06:55] <knoba> rob0: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[15:08:16] *** chrisp15 has joined #postfix[15:08:44] *** mroe has quit IRC[15:11:24] <zafu> I have nothing in mydestinations and manage users with a virtual_maps pcre file[15:11:47] <rob0> !virtual_maps[15:11:47] <knoba> rob0: "virtual_maps" : The virtual_maps postconf(5) parameter has been deprecated since Postfix 2.0. If you're using virtual_maps, you're probably following old, outdated information. See !virtual_alias_maps and !virtual_alias_domains for the replacements. See also !google.[15:11:52] <rob0> !mydestinations[15:11:52] <knoba> rob0: Error: "mydestinations" is not a valid command.[15:12:01] <lunaphyte_> if you choose to ignore the instructions for getting help, you'll probably just be ignored.[15:13:05] <rob0> Oh, I might continue to toss out a few possibly relevant factoids, but yeah, that's about all I will do. :)[15:14:08] <zafu> I should separate virtual stuff into virtual_alias_*[15:16:10] *** muh2000 has joined #postfix[15:16:38] <rob0> The point is: unless you follow the instructions you were given, no one can help.[15:17:28] <zafu> sure but I need to edit the postconf output of private stuff first[15:17:38] <lunaphyte_> i dobut it.[15:17:41] <tuxick> :)[15:17:41] <lunaphyte_> *doubt it.[15:17:47] * tuxick whistles innocently[15:18:01] <lunaphyte_> just mark the pastebin a prviate, and set it to expire in an hour[15:18:05] <lunaphyte_> *as private[15:18:25] <zafu> ah ok[15:18:31] *** Niemi has quit IRC[15:18:55] <wdp> zafu: prism gets your data anyway. so you really shouldn't care.[15:20:11] <rob0> You're going to mung the postconf, but not the logs? Anyway, munging is dangerous:[15:20:14] <rob0> !ming[15:20:14] <knoba> rob0: Error: "ming" is not a valid command.[15:20:18] <rob0> !mung[15:20:19] <knoba> rob0: "mung" : Mash Until No Good : the art of obfuscating data which ultimately results in unintentional consequences such as making diagnostics impossible.[15:21:34] *** davlefou_ has joined #postfix[15:22:17] *** Toerkeium has joined #postfix[15:22:43] *** solomon has joined #postfix[15:23:01] <chrisp15> What would be the best way to block a mail from address from sending mail on postfix. I see thousands of entries "from=<...> in my maillog[15:23:23] <chrisp15> from thesame from address[15:23:24] <lunaphyte_> pastebin the actual log snippits.[15:24:15] *** davlefou__ has quit IRC[15:25:05] *** solomon has left #postfix[15:25:16] <zafu> what is the favorite pastebin service here?[15:26:16] <patdk-wk> something that doesn't wrap lines, or have ads[15:26:30] <patdk-wk> and doesn't have annoying colors[15:26:48] <zafu> a url would help[15:26:58] <patdk-wk> !pastebin[15:26:58] <knoba> patdk-wk: "pastebin" : (#1) see !paste, or (#2) a pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, or pastebin.ca. Please avoid ad-supported sites such as pastebin.com if possible.[15:27:08] <lunaphyte_> zafu: if you'd follow the instructions, you'd have that answer...[15:27:29] <lunaphyte_> why do people resist following simple instructions so much?[15:29:19] <chrisp15> patdk-wk: http://pastebin.com/m2kWi97t[15:29:54] <chrisp15> The maillog is full of this from address, the RBLs are also starting to block my server[15:30:19] <lunaphyte_> chrisp15: getent passwd 48[15:30:34] <chrisp15> Lol, also just saw that[15:30:46] <chrisp15> Apache[15:30:50] <zafu> http://pastebin.ca/2469892[15:30:53] <lunaphyte_> your web server is spamming.[15:31:01] <chrisp15> lovely[15:31:05] <lunaphyte_> zafu: please follow instructions[15:31:32] <chrisp15> Where can I read up to implement steps to stop this?[15:31:45] <lunaphyte_> turn your web server off[15:31:56] <lunaphyte_> then figure out how it is being abused, and fix it.[15:32:04] <chrisp15> I cant, people using the service[15:32:50] <lunaphyte_> then you will continue to be a spam source and continue to get blacklisted until you fix whatever web site is getting abused.[15:34:06] <patdk-wk> :)[15:34:17] <patdk-wk> people will stop using the service soon enough, all on their own[15:34:28] <lunaphyte_> that's usually what happens, yeah.[15:40:02] <thumbs> lunaphyte_: well, a web server doesn't send emails, technicaly.[15:40:22] <lunaphyte_> i'm trying to keep it simple for now :)[15:41:58] <thumbs> lunaphyte_: but I'm pedant[15:42:15] <lunaphyte_> i thought i was :([15:42:20] <lunaphyte_> i must be getting lazy[15:47:14] *** MaximusColourum has joined #postfix[15:47:14] *** Pies has joined #postfix[15:49:15] <Pies> hi, dsn report is generated by my server (when I'm sending mail) or by recipients server?[15:49:48] <patdk-wk> Pies, well, what one is it?[15:50:32] <rob0> If you are asking us, we don't know, and we have no way to know.[15:51:08] * rob0 asks the magic 8ball[15:51:30] <rob0> !8ball which one is it?[15:51:30] <knoba> rob0: Error: "8ball" is not a valid command.[15:51:50] <survietamine> uh[15:52:02] *** lericson has left #postfix[15:52:02] <survietamine> !8ball[15:52:03] <knoba> survietamine: Error: "8ball" is not a valid command.[15:52:56] <Pies> patdk-wk: postfix 2.7[15:53:27] <patdk-wk> what does the version have to do with anything?[15:53:39] *** alexbst_ has left #postfix[15:54:01] <Pies> rob0: I'm asking how dsn mechanism works, with one server is responsible for creating raport of successfully delivery[15:54:37] <Pies> if should be sender server or recipient server[15:55:49] <patdk-wk> neither :)[15:55:56] <patdk-wk> the mda is responsible[15:56:07] <Pies> I would guess that it should be sender server, but I'm now in situation that suggests it can work otherwise...[15:56:22] <Pies> hmmm[15:57:20] <Pies> patdk-wk: mda like dovecot, right? SO this will be server that is getting mail...[15:58:42] <Pies> patdk-wk: sender server (mta) shouldn't generate dsn by himself using response he got from recipient server (mta/mda)?[16:00:02] *** Beam has joined #postfix[16:00:17] *** donmichelangelo has quit IRC[16:00:28] <Beam> yo[16:00:43] <patdk-wk> personally, I don't care, as I disable that feature on my servers[16:00:50] *** donmichelangelo has joined #postfix[16:00:53] <patdk-wk> think it's rude for people to do that[16:01:05] *** zafu has left #postfix[16:01:06] <Beam> i'm getting bad header hits on an email that seems valid, is there any way i can verbose process this email and find out which exact header goes wrong?[16:04:16] <chrisp15> patdk-wk: found the culprit, disabled the virtual host setting for the site from where the spam is originating, don't see any more of those mails in my maillog[16:08:50] <Pies> patdk-wk: there are two similar things, one is telling sender that his mail was opened by rcpt, and second is telling that server correctly received mail. I'm unable to turn it off as it something what my clients demands.[16:10:07] <patdk-wk> those are two totally different things[16:11:50] <Pies> yep, you found second one as rude?[16:12:24] <patdk-wk> I find both[16:13:13] <Pies> dunno how[16:13:42] <survietamine> don't know how to do what ?[16:13:43] <lunaphyte_> i agree[16:14:19] <rob0> !dsn[16:14:19] <knoba> rob0: "dsn" : Delivery Status Notifications as described in RFC 3464, first implemented in Postfix 2.3 - See: http://www.postfix.org/DSN_README.html[16:15:26] <rob0> Since DSN is a keyword in the EHLO response, I am pretty sure that if a server offers it, it will be the one to send the DSN.[16:17:37] <Pies> hmm[16:18:11] <Pies> so maybe I found server that says it offers it, but it doesn't[16:19:07] <Pies> or no, this doesn't have sense..[16:20:26] <Pies> yes, dsn should be send by mta, but it should be mine server that is configured as smtp in mda. It shouldn't be next mta (recipients instead of mine)[16:20:51] *** davlefou__ has joined #postfix[16:21:49] *** Pegasus_RPG has joined #postfix[16:21:56] <rob0> If the sending MTA (client) does not support DSN, it won't request one on behalf of its MUA client.[16:23:10] *** quadro_ has joined #postfix[16:23:49] *** mbc has quit IRC[16:23:54] *** quadro_ has quit IRC[16:23:56] *** davlefou_ has quit IRC[16:25:00] *** smue has quit IRC[16:28:08] *** danialr has left #postfix[16:28:40] *** TheJH has quit IRC[16:37:25] *** smue has joined #postfix[16:38:19] *** TheJH has joined #postfix[16:40:51] *** Pegasus_RPG has left #postfix[16:43:40] *** TheJH has quit IRC[16:43:43] *** chrisp15 has quit IRC[16:44:38] *** wdp has quit IRC[16:48:20] *** TheJH has joined #postfix[16:57:04] *** wdp has joined #postfix[16:57:04] *** wdp has joined #postfix[16:57:51] *** mbc has joined #postfix[16:58:25] *** mocx has joined #postfix[16:58:39] *** mocx has left #postfix[17:02:52] *** Ahrotahntee has joined #postfix[17:03:55] *** Quadro has quit IRC[17:14:58] *** honestly_ has joined #postfix[17:18:29] *** dhammond has joined #postfix[17:18:50] *** honestly has quit IRC[17:21:14] *** davlefou_ has joined #postfix[17:22:17] <dhammond> hey how can I make postfix gracefully handle emails sent to example.com (literally example.com) so it just drops the attempt to send the email instead of trying to make a connection to example.com. My logs are filled with: delivery temporarily suspended: connect to example.com[93.184.216.119]: Connection timed out[17:22:42] <lunaphyte_> address whatever is sending the email[17:24:38] *** davlefou__ has quit IRC[17:24:45] *** zorg1 has quit IRC[17:34:47] *** honestly_ is now known as honestly[17:36:26] *** ursmartini has joined #postfix[17:40:56] <ursmartini> !welcome[17:40:56] <knoba> ursmartini: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![17:43:30] <ursmartini> I configured transport_maps to have a flexible relaying depending on the domain name. Now postfix does not read the .forward files anymore but relays always according to the transport rules. How can I get .forward files of local users have priority over the transportation?[17:44:00] <ursmartini> !getting_help[17:44:01] <knoba> ursmartini: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[17:55:21] *** ursmartini has quit IRC[18:13:58] *** freezey has joined #postfix[18:22:01] *** davlefou__ has joined #postfix[18:25:41] *** davlefouAMD has quit IRC[18:25:45] *** davlefou_ has quit IRC[18:30:17] *** donmichelangelo has quit IRC[18:30:51] *** donmichelangelo has joined #postfix[18:48:56] *** jelly has quit IRC[18:57:27] *** dylukes has joined #postfix[19:03:19] *** rotbeard has joined #postfix[19:04:17] *** mroe has joined #postfix[19:17:21] *** davlefou__ has quit IRC[19:17:45] *** davlefou has joined #postfix[19:22:49] *** davlefou_ has joined #postfix[19:25:37] *** davlefou has quit IRC[19:27:42] *** davlefou_ has quit IRC[19:28:06] *** davlefou has joined #postfix[19:32:59] *** MacWinner has joined #postfix[19:51:10] *** oo_miguel has joined #postfix[19:51:53] *** jarif has quit IRC[19:52:54] <oo_miguel> I submit my mails to my postfix on port 587 (autheticating with the help of dovecat) everything works fine as long as the mails need to be delivered locally. when postfix tries to deliver them to the oustide world I get 550 Erros[19:52:59] <oo_miguel> what am I missing?[19:53:36] <patdk-wk> dunno[19:55:08] *** pedahzur has joined #postfix[20:00:44] <pedahzur> Hello. I have a mostly working Postfix install, with one remaining niggle. In main.cf, I have: mynetworks = hash:/etc/postfix/network_table. Also, I have permit_mynetworks in both smtpd_client_restrictions and smtpd_recipient_restrictions. Other IP addresses and netmasks in network_table are able to relay through the server. I have this line as well in network_table: 192.168.100.0/24 OK However, when 192.168.100.216 tries to[20:00:45] <pedahzur> relay through the server, I get:Relay access denied. Any quick pointers as to what I might be missing?[20:01:02] *** wdp has quit IRC[20:01:26] <patdk-wk> dunno[20:01:36] <patdk-wk> !getting_help[20:01:37] <knoba> patdk-wk: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[20:06:59] <pedahzur> !relevant_logs[20:06:59] <knoba> pedahzur: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[20:07:17] <pedahzur> !showconfig[20:07:17] <knoba> pedahzur: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[20:07:19] *** jelly has joined #postfix[20:09:55] <pedahzur> !showconfig_old[20:09:55] <knoba> pedahzur: "showconfig_old" : for versions of postfix < 2.9, pastebin postconf -n and the contents of master.cf with comments removed[20:12:31] <pedahzur> All: here is my log data and config. I'm on Postfix 2.6. I'd love to upgrade, but I'm running el6. No newer vendor packages, sadly. http://bpaste.net/show/civxN1tVNLg9wlAqR8hX/[20:20:18] <patdk-wk> and your network_table file?[20:20:52] <patdk-wk> and what is in mydomains[20:21:12] <patdk-wk> actually, probably not needed[20:21:42] *** Bry8Star has quit IRC[20:24:33] *** mroe has quit IRC[20:25:10] *** mroe has joined #postfix[20:25:25] *** davlefou_ has joined #postfix[20:25:26] *** tld has quit IRC[20:26:05] *** wdp has joined #postfix[20:26:27] *** davlefou has quit IRC[20:28:59] *** Bry8Star has joined #postfix[20:30:09] *** mroe has quit IRC[20:34:28] *** oo_miguel has quit IRC[20:39:00] <pedahzur> patdk-wk: Sorry, forgot the network_Table. In part: http://bpaste.net/show/uZkdcz0eJnhT3khG8aDb/ I can PM the whole thing to you if you need it.[20:39:22] <patdk-wk> oh?[20:39:33] <patdk-wk> what made you think a hash map supports cidr?[20:40:29] <patdk-wk> oh maybe it does[20:40:36] <patdk-wk> so many formats to get confused :)[20:41:42] <pedahzur> man 5 postconf, says "Specify a list of network addresses or network/netmask patterns" I assume that translates to a hash map file...I could be wrong.[20:42:00] <patdk-wk> ya, it is[20:42:11] <patdk-wk> I'm confusing it with the database limits[20:42:15] <patdk-wk> and cidr file format[20:42:17] <patdk-wk> and .... :)[20:51:46] *** MacWinner has quit IRC[20:52:48] <pedahzur> patdk-wk: No more ideas? :)[20:53:39] <patdk-wk> hmm, I'm going back to saying, don't think hash will work there, but I haven't tested it[20:53:40] <patdk-wk> http://postfix.1071664.n5.nabble.com/mynetworks-hash-tables-td42045.html[20:56:17] <adaptr> pedahzur: what seems to be the problem ?[20:56:57] <pedahzur> adaptr: I think patdk-wk just helped me discover it. hash tables don't support x.x.x.x/yy[20:57:11] <pedahzur> Should be easy enough to convert my file to cidr.[20:57:15] <adaptr> they do. as literal strings.[20:57:27] <patdk-wk> for mynetworks?[20:57:54] <patdk-wk> I'm just getting conflicting info, but can't be bothered to test myself :)[20:58:12] <pedahzur> adaptr: Given: http://bpaste.net/show/uZkdcz0eJnhT3khG8aDb/ this query produces nothing: postmap -q 192.168.100.125 hash:/etc/postfix/network_table[20:58:35] *** kli0rf is now known as sputnik[20:58:49] <adaptr> where in that table do yuo see 192.168.100.125 ?[20:59:06] <pedahzur> adaptr: 192.168.100.0/24 OK[20:59:09] <adaptr> where in that table do yuo see 192.168.100.125 ?[20:59:34] <pedahzur> adaptr: You just said hash tables support x.x.x.x/yy :)[20:59:37] <adaptr> !tell pedatabase[20:59:37] <knoba> adaptr: (tell <an alias, 2 arguments>) -- Alias for "echo $1: [Factoids whatis $2]".[20:59:42] <adaptr> !tell pedahzur database[20:59:42] <knoba> pedahzur: "database" : http://www.postfix.org/DATABASE_README.html provides an overview of how Postfix lookup tables work, and the various types that are implemented.[20:59:50] <adaptr> pedahzur: you need to spend some time with the documentation[20:59:55] <adaptr> start tere ^[21:00:31] *** SMalametal has joined #postfix[21:00:37] <SMalametal> Hi y'all[21:00:59] <SMalametal> I'd like to know if I can just block some destination hosts for mail relay[21:01:09] <pedahzur> adaptr: But, if I do this: postmap -q 192.168.100.125 cidr:/etc/postfix/network_table It does work. So, that's what I need. Thanks patdk-wk and adaptr![21:01:13] <adaptr> SMalametal: of course[21:01:21] <adaptr> !tell SMalametal access[21:01:21] <knoba> SMalametal: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[21:01:53] <SMalametal> My case: I'm in the yahoo's black list, and my postqueue shows more than 56,000 queued messages to Yahoo.[21:02:13] <SMalametal> Want to block it until it clears our IP from their list. Is that the case, adaptr ?[21:02:20] *** dylukes has quit IRC[21:02:28] <pj> isn't yahoo serviced by Microsoft nowadays?[21:02:45] <adaptr> SMalametal: that's not a problem one solves with hackery.[21:02:58] <adaptr> SMalametal: specifically, for your case, check_recipient_mx_access is worth investigating[21:03:48] <SMalametal> No hackery, just wanted a *.cf clean solution. hehe[21:03:55] <SMalametal> Cool, thank you[21:04:31] <adaptr> being on a blacklist could itself be considered a form of hackery.[21:04:38] <adaptr> how did you manage it, and what did you do wrong[21:11:48] *** mtu has joined #postfix[21:12:05] <SMalametal> I belong to a govt. ministry from Brazil. There are more than 130,000 subscribed users.[21:12:22] <SMalametal> There's no spam. Probably it came from an ordinary routine of mail relay.[21:12:31] <SMalametal> LOTS of them are under yahoo mailboxes.[21:12:57] <SMalametal> It happens very often around here, but this time the mail queue is huge[21:13:17] <adaptr> if you're responsible for 130K mailbxoes, you'd probably know postfix better than any of us[21:13:23] <adaptr> at least, you should.[21:14:32] <mtu> hi all. i was just traumatized by four days of my mail getting stuck in the queue without me knowing about it. how can i make sure i'm notified of postfix delivery errors when they occur?[21:14:45] <thumbs> mtu: monitoring.[21:15:02] *** master_of_master has joined #postfix[21:15:14] <adaptr> !tell mtu queuegraph[21:15:14] <knoba> adaptr: Error: No factoid matches that key.[21:15:19] <adaptr> bleh, no ?[21:15:22] <adaptr> !tell mtu mailgraph[21:15:22] <knoba> mtu: "mailgraph" : a graphical statistics tool for postfix. See: http://mailgraph.schweikert.ch/[21:15:33] <mtu> thumbs: like, grepping the logfile for errors with a cronjob?[21:15:33] <adaptr> but you really want queuegraph in this case[21:15:38] <thumbs> mtu: heh[21:15:45] <thumbs> mtu: a little more elaborate.[21:15:46] <adaptr> mtu: that sounds very wrong.[21:17:58] <mtu> let's see how easy mailgraph is to set up[21:18:50] *** master_o1_master has quit IRC[21:22:51] <mtu> it works, but the errors from the log don't show up in the graphs. (postfix couldn't resolve the hosts it was supposed torelay to)[21:23:43] *** davlefou__ has joined #postfix[21:24:32] <adaptr> which is it ?[21:24:54] <mtu> status=deferred (Host or domain name not found. Name service error for name=mail.foo.bar type=A: Host not found, try again)[21:25:04] <mtu> hmm, i guess that's not an actual error, just a deferral ...[21:25:43] <mtu> i forgot: "dsn=4.4.3"[21:26:16] *** davlefou_ has quit IRC[21:27:53] <cite> !pony[21:27:53] <knoba> cite: "pony" : http://www.brainfuel.tv/wp-content/uploads/2006/03/nopony.jpg[21:27:56] <cite> !nopony[21:27:57] <knoba> cite: Error: "nopony" is not a valid command.[21:28:15] <mtu> (i had changed the way the machine resolves, but forgot to update the /var/spool/postfix/etc/resolv.conf - so the cause is understood and fixed[21:28:27] <mtu> bottom line, i just want to know when deferrals happen[21:28:32] <cite> !yespony[21:28:32] <knoba> cite: "yespony" : http://i560.photobucket.com/albums/ss46/Uncle_Tractor/pony.jpg[21:28:46] <cite> rob0: yespony is 404![21:29:09] <adaptr> @nopony[21:29:11] <adaptr> !nopony[21:29:12] <knoba> adaptr: Error: "nopony" is not a valid command.[21:29:17] <adaptr> what ? why not ?[21:29:35] <adaptr> cite: you're never here, and when you are, you wanta pony. dem germans, all the same.[21:30:31] <cite> adaptr: Achtung ;-)[21:30:49] <adaptr> Baby![21:31:01] <rob0> cite, oh NOOOOOO!![21:31:29] <cite> rob0: And why did you delete nopony? We had pony and nopony, and now we are left with pony and 404.[21:31:33] <cite> :-([21:31:39] <cite> !404[21:31:39] <knoba> cite: Error: "404" is not a valid command.[21:31:49] <cite> See. Even knoba doesn't know 404.[21:32:41] <cite> mtu: Deferrals happen when the DNS error returned by the system's resolver library indicates that it is _not_ a permanent error.[21:33:12] <rob0> I didn't delete it.[21:33:24] <rob0> why are you blaming me?[21:33:33] <adaptr> why not ? it's obviously the right move[21:33:36] <SMalametal> They're not mailboxes actually, adaptr, it's just an SMTP server where users in an LDAP servers can auth and send mails.[21:33:38] *** dylukes has joined #postfix[21:33:39] <rob0> oh[21:34:44] <cite> Server goes down? rob0! Network glitch? rob0! Obama wins an election? rob0![21:35:03] <cite> No wait. I take the network glitch back.[21:35:56] <adaptr> yeah, that's just random quantum particles that.. no, wait. still rob0[21:36:15] <adaptr> HEISENBERG![21:36:19] <cite> heisenbug?[21:36:21] <adaptr> I KNEW it[21:36:21] <mtu> cite: i see. it seems that mailgraph doesn't (by default) show deferrals. apparently, queuegraph does, i'm looking into that atm.[21:36:41] <adaptr> yes. that would be why I lead with that[21:36:52] <adaptr> but alas, knoba kno's knot.[21:37:08] <cite> .o0(Store logs to logstash, feed to riemann, export to graphite. Who needs mailgraph?)[21:37:32] <adaptr> people who don't have 3 weeks to learn all that[21:37:51] <cite> Why would anyone who doesn't have 3 weeks be on IRC?!?[21:38:13] <adaptr> um. let me get back to you on that.[21:38:16] <adaptr> in 3 weeks.[21:38:20] <rob0> "Cat dies?" At least we still have Schrodinger to blame for that.[21:38:57] * cite hands rob0 some umlauts to copy/paste: ÄÖÜÜäöüß[21:39:07] <adaptr> if you're secretly Heisenberg, Schrodinger isn't such a leap[21:39:22] <rob0> (cite, it's a nick in channel)[21:39:36] <cite> My neighbour once owned a cat named Schrödinger. It died :-([21:39:51] <rob0> how could you know for sure?[21:40:00] <adaptr> Schrodinger's that coke dealer from over Santa Fe[21:40:16] <adaptr> rob0: he used a Chinese box![21:40:20] <cite> Well, I was taking an educated guess, following the tire marks' lead.[21:40:25] <adaptr> cheater[21:40:32] <adaptr> was it chinese ?[21:40:40] <cite> Audi[21:41:06] <adaptr> sounds chinese[21:41:43] <rob0> I swerved to avoid a dead cat in the road on a fire call the other day. I didn't want cat squish all over those tires.[21:42:12] <cite> Fire call?[21:42:27] <rob0> fire truck[21:45:41] <rob0> 10K liters of water is pretty heavy, and the tires which hold it up would make an awful mess of a cat.[21:46:20] <adaptr> unless there's mail queueing somewhere along the way, you're veering awfully far OT[21:46:26] <adaptr> was there mail queueing during the fire ?[21:46:38] <rob0> oh yes![21:46:59] <adaptr> postman Pat was distraught ?[21:47:07] <adaptr> he wagged his silly little hat ?[21:50:13] <cite> The Little Postman Who Couldn't[21:50:43] *** mtu has quit IRC[21:54:07] *** stram has joined #postfix[21:54:34] *** dylukes has quit IRC[22:00:07] *** Section1 has quit IRC[22:23:44] *** davlefou_ has joined #postfix[22:24:28] *** dylukes has joined #postfix[22:26:11] *** wdp has quit IRC[22:27:41] *** davlefou__ has quit IRC[22:38:23] <schrodinger> I get blamed for everything.[22:38:42] <thumbs> hah[22:43:26] *** olegfusion has quit IRC[23:05:45] *** sharky has joined #postfix[23:06:29] *** jarif has joined #postfix[23:08:07] *** TheAvatar has joined #postfix[23:08:56] *** sharky_ has quit IRC[23:16:56] *** dylukes has quit IRC[23:19:26] *** DrFoo_ has joined #postfix[23:24:06] *** DrFoo_ has left #postfix[23:24:16] *** davlefou__ has joined #postfix[23:24:54] *** Shinobi has joined #postfix[23:27:26] *** davlefou_ has quit IRC[23:29:52] *** sputnik has quit IRC[23:30:08] *** donmichelangelo has quit IRC[23:39:15] *** robinho86 has quit IRC[23:41:49] <Shinobi> I'm trying to test my smtp connectivity via telnet on port 465. Should it respond with an SMTP header on connection?[23:47:53] <Zerberus> Shinobi: no, because you can't make the SSL handshake using a telnet client - use openssl s_client instead[23:48:12] <rob0> Why are you using smtps, anyway?[23:48:15] <rob0> !smtps[23:48:15] <knoba> rob0: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[23:48:56] <Shinobi> rob0: I downloaded a sogo script which setup postfix + ldap + kerberus... I'm just testing now... but will covert it over to TLS.[23:52:52] <Shinobi> !submission[23:52:52] <knoba> Shinobi: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[23:54:35] <Shinobi> So for mail exchange should port 465 be open?[23:54:44] <Shinobi> !msa[23:54:45] <knoba> Shinobi: "msa" : Message Submission Agent : a process which accepts message submissions from MUAs on port 587 known as 'message submission service' using the 'message submission protocol' defined by rfc4409. To enable message submission service in postfix uncomment the relevant lines in master.cf. also see !submission.[23:55:07] <rob0> No mail exchange ever takes place on 465. All mail exchange is on 25.[23:55:20] <Shinobi> even if it's SSL?[23:55:34] <rob0> !tls[23:55:34] <knoba> rob0: "tls" : Transport Layer Security (RFC2246). Previously known as SSL, TLS adds a layer of encryption to protocols such as SMTP, submission, IMAP or POP3 to improve security during transmission over the Internet. TLS is implemented using the STARTTLS method, while the non-standard wrapper style of implementation is deprecated at this point. See http://www.postfix.org/TLS_README.html for more info.[23:57:39] <Shinobi> ok. I guess I don't understand quite yet. Are you saying that 465 is needed in addition to 25, not in place of?[23:57:47] *** MacWinner has joined #postfix[23:58:21] <thumbs> Shinobi: you don't want to use 465 for anything.[23:58:36] <thumbs> Shinobi: use 25 for mail exchange, and 587 for submission.[23:58:57] <Shinobi> thumbs: I won't in production, but I'm dealing with a system that's already set up. I'm testing how it works and will modify from there.[23:59:28] <Shinobi> thumbs... ok 587 is blocked at the server level.[23:59:38] <thumbs> Shinobi: why is it blocked?[23:59:41] <adaptr> thumbs: if nobody is using 465 anymore, I can usurp it for anything I want![23:59:47] <thumbs> adaptr: no, not you.[23:59:52] *** sputnik has joined #postfix