October 29, 2013 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
October 29, 2013 [00:04:13] *** davlefou_ has quit IRC[00:17:05] *** davlefou_ has joined #postfix[00:19:21] *** hallamigo has quit IRC[00:19:53] *** zulcc is now known as zulcc|afk[00:22:43] *** twb has joined #postfix[00:26:29] *** Motoko has quit IRC[00:27:09] *** Motoko has joined #postfix[00:32:30] *** wdp has quit IRC[01:01:47] *** davlefou__ has joined #postfix[01:04:00] *** BlackDex has quit IRC[01:04:42] *** davlefou_ has quit IRC[01:13:00] *** BlackDex has joined #postfix[01:13:59] *** tld has quit IRC[01:20:06] *** junixbr has joined #postfix[01:25:26] *** Kunda has quit IRC[01:37:44] *** MaximusColourum has joined #postfix[01:39:04] *** treaki__ has quit IRC[01:50:49] *** Motoko has quit IRC[01:51:53] *** treaki__ has joined #postfix[01:53:12] *** Motoko has joined #postfix[01:54:15] *** Motoko has quit IRC[02:02:03] *** davlefou_ has joined #postfix[02:05:38] *** davlefou__ has quit IRC[02:08:11] *** jarif has joined #postfix[02:36:15] *** dhammond has quit IRC[02:44:41] *** freezey has quit IRC[02:45:14] *** freezey has joined #postfix[02:50:11] *** MaximusColourum has quit IRC[02:50:15] *** freezey has quit IRC[02:52:42] *** Lee- has joined #postfix[02:58:52] *** MaximusColourum has joined #postfix[03:02:32] *** davlefou__ has joined #postfix[03:05:34] *** davlefou_ has quit IRC[03:35:09] *** mastr[x]bennett has joined #postfix[03:36:08] *** mastr[x]bennett has quit IRC[03:52:52] *** mastr[x]bennett has joined #postfix[04:02:59] *** davlefou_ has joined #postfix[04:06:26] *** davlefou__ has quit IRC[04:13:36] *** ashwin has joined #postfix[04:14:00] *** ashwin is now known as Guest22023[04:14:16] *** Guest22023 has quit IRC[04:14:35] *** ashwinmuni has joined #postfix[04:18:49] <ashwinmuni> can postfix work like cisco's IRONPORT, i mean stopping spam before entering, using reject_rbl_client, i am asking because the number of mails are around 1M per hour Cisco ironport drops around 97% of the emails, will postfix able to acheive it, also whats the good dnsbl source to check - Spmahaus or other[04:20:26] <staticsafe> look into postscreen[04:20:34] <twb> Yup, postscreen ftw[04:20:45] <staticsafe> http://www.postfix.org/POSTSCREEN_README.html[04:21:14] <twb> Basically it does all the good pre-DATA things you want, by default, no faffing about[04:24:59] *** jarif has quit IRC[04:36:14] *** freezey has joined #postfix[04:36:41] *** freezey has quit IRC[04:37:11] *** freezey has joined #postfix[04:42:21] *** Motoko has joined #postfix[04:43:40] *** err-or_ has joined #postfix[04:43:50] *** err-or has quit IRC[04:44:05] *** Motoko has quit IRC[04:47:12] *** freezey has quit IRC[04:47:45] *** freezey has joined #postfix[04:52:26] *** freezey has quit IRC[05:03:15] *** Motoko has joined #postfix[05:03:27] *** davlefou__ has joined #postfix[05:07:11] *** davlefou_ has quit IRC[05:09:48] *** Phoenixz has quit IRC[05:10:30] *** Motoko has quit IRC[05:15:39] *** jarif has joined #postfix[05:18:43] <jeev> i need to spend 5 minutes to look into postscreen, seriously[05:23:06] *** zulcc|afk is now known as zulcc[05:28:00] <jaybe> i hug postscreen daily[05:32:15] <Lee-> I'm not sure of the proper terms of what I'm trying to do. There's really 2 separate pieces -- first i'd like to cause a bounce if an incoming mail matches a certain to and from address combination. The way I'd like to determine this is via a PHP script. What is the simplest way to achieve this? A separate item I'd like to do is pass the message body to a script to determine if I want to bounce it. Would this fall in to the documentation section for "before[05:32:15] <Lee-> queue content filtering"? I've been reading, but it's not clear to me how to actually trigger a bounce.[05:33:20] *** kirin` has quit IRC[05:34:13] *** kirin` has joined #postfix[05:37:13] <jeev> jaybe, postscreen scares me because i haven't really looked at it in detail[05:38:21] <jaybe> jeev, i recall avoiding embracing learning about it... ignored it... put it off... then i didn't. it's pretty straight forward. and it's basically amazing. it's basically all i use as spam filtering and it's extremely effective.[05:39:09] <jeev> what do you think the biggest benefit to it is ?[05:39:30] <jaybe> everyone has different needs, and others will argue not using explicit spam filtering such as spamd, etc. is silly, but i am extremely pleased with its simple effectiveness.[05:40:00] <jaybe> jeev, it's effectiveness in its most basic configuration it unavoidably the blacklists[05:40:09] <jaybe> s/it/is it's/[05:40:26] <jeev> but do you use the blacklists to weigh ?[05:40:30] <jaybe> yes[05:41:00] <jeev> i just use a series of blcaklists, whatever it hits, it hits..[05:41:00] <jaybe> and my configuration is more or less what the postscreen readme describes with some gentle tuning i've done over the years[05:41:20] <jaybe> postscreen can weigh and threshold, etc. with tuning[05:41:42] <jeev> but why would i weigh? to prevent some legit mail getting through /[05:41:42] <jeev> ?[05:41:54] <jaybe> same reasons one weighs anything considerable[05:42:19] <jeev> hm[05:42:20] <pj> jeev: a lot of blacklists aren't so reliable and if you just use them directly you will get false positives.[05:42:50] <jeev> i'm sure i get false positives but i never hear any complaints out of 300 users, i am about to add a hundred more.[05:43:30] <jeev> i guess the zombie detection out of turn speaking seems cool[05:43:44] <pj> well, if you require that an IP appear in more than one blacklist then you tend to weed out the false positives.[05:44:05] <pj> some rbls are pretty good and can be used directly, zen comes to mind[05:44:37] <pj> !cheatsheet[05:44:37] <knoba> pj: "cheatsheet" : (#1) http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control., or (#2) A postscreen cheatsheet can be seen at http://rob0.nodns4.us/postscreen.html[05:45:06] <jeev> i use zen, psbl, spameating monkey and barracuda[05:45:48] <pj> yeah, out of those I would only trust zen outright.[05:46:27] <pj> have a look at the postscreen link above, you can see how rob0 does weighing of multiple rbls, which is pretty good.[05:46:43] <jeev> yea i have looked at it many times but never spent the proper time on it[05:50:41] <jeev> i just dont know how to measure the level of spam now vs post postscreen[05:53:20] <jeev> grep -c "blocked using" maillog[05:53:20] <jeev> 13577[05:53:36] <jeev> really it's just one guy causing all this b.s. connection[05:56:26] <jaybe> jeev, not recommending, but there are such tools: https://github.com/jvehent/Postscreen-Stats[05:58:08] <jeev> hm[05:58:42] <jeev> i just want to stop these persistent connections, rbl stops it but they keep trying every few min[05:59:39] <jaybe> if the IP/geo is redundant, use a protocol level tool such as iptables or a hardware filter[06:00:10] *** donmichelangelo has quit IRC[06:00:16] <jeev> yea i should be able to automate something.[06:00:29] *** donmichelangelo has joined #postfix[06:00:35] <jeev> postscreen_greet_action <- i think i should start by looking into this[06:01:01] <jaybe> iptables + ipset with a threshold and timed ban can be extremely effective[06:01:45] <jeev> before 220 greeting test[06:01:51] <jeev> when i telnet to my machine, it's pretty much instant[06:03:55] *** davlefou_ has joined #postfix[06:06:51] *** zulcc is now known as zulcc|afk[06:07:02] *** davlefou__ has quit IRC[06:09:36] <pj> if postscreen is stopping it and it's not significantly impacting yoru system then I wouldn't bother with anything more.[06:09:53] <jeev> stopping what ?[06:10:04] *** mathesis has joined #postfix[06:10:08] <jeev> i put a greet wait of 10s and the banner still comes immediately.[06:10:11] <mathesis> hello all[06:10:29] <pj> jeev: the full banner or the fake one?[06:10:45] <jeev> i haven't touched the banner. is there a fake one[06:10:59] <mathesis> i have follow error: Connection closed by foreign host when run telnet localhost 25[06:11:17] <jeev> mathesis, check your logs to see why.[06:11:30] <pj> jeev: http://www.postfix.org/POSTSCREEN_README.html#pregreet[06:11:32] <mathesis> mail.log?[06:12:32] <mathesis> jeev: http://pastebin.ca/2472364[06:12:39] <mathesis> max connection count 1[06:13:08] <pj> Oct 29 05:09:18 serviciosprofesionalesinformaticos postfix/smtpd[12874]: warning: SASL: Connect to private/auth-client failed: No such file or directory[06:13:24] <jeev> yes[06:13:30] <pj> mathesis: means that dovecot is not running or is not properly configured for sasl.[06:13:58] <pj> !tell mathesis sasl[06:13:59] <knoba> mathesis: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[06:14:23] <jeev> postscreen_greet_wait = 10s[06:14:23] <jeev> postscreen_greet_banner = test[06:14:44] <jeev> nothing happens, no banner test given..[06:15:39] <jeev> possibly dumb question, i dont need to clear out other config for this to work, right ?[06:15:59] <jeev> i mean adding these two lines should be sufficient[06:16:15] <pj> !tell jeev showconfig[06:16:16] <knoba> jeev: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[06:17:22] <jeev> hm hold up[06:19:33] *** jarif has quit IRC[06:20:05] *** ashwinmuni has quit IRC[06:22:19] *** MaximusColourum has quit IRC[06:22:45] *** funnyboy243 has joined #postfix[06:23:13] <jeev> ahh ok nevermind pj[06:23:50] <jeev> it's compat with amavis, right ?[06:27:13] <jeev> something wrong here: http://www.postfix.org/POSTSCREEN_README.html#before_220[06:27:43] *** mastr[x]bennett has quit IRC[06:27:45] <jeev> step 2 and 3 are weird[06:28:59] <pj> there are "steps" in that document?[06:29:20] <jeev> Turning on postscreen(8) without blocking mail[06:30:32] <pj> jeev: unless you configure the after 220 tests postscreen never displays the proper greet banner.[06:30:40] <pj> that would be why changing it has no effect for you.[06:31:13] <jeev> yes i got that functional[06:32:47] *** Pretztail has joined #postfix[06:33:55] *** zerick has joined #postfix[06:35:12] *** chrisp15 has joined #postfix[06:37:29] *** olegfusion has joined #postfix[06:41:00] <jeev> heh, the 450's are scaring me[06:41:35] <jeev> wait, can i use postscreen for it's zombie features but leave the rbl to the rest? i dont think it's going through RBL..[06:41:43] <jeev> ah it is[06:44:22] *** zerick has quit IRC[06:45:30] <twb> I don't think postscreen checks RBLs[06:45:51] <twb> But if postscreen OKs it, I would expect the rest of the checks you've defined in main.cf to be applied[06:45:59] <jeev> yea i saw it however i am not seeing amavis[06:48:47] <jeev> ah tyhere i go[06:51:00] <jeev> PREGREET 21 after 0.02 from[06:51:03] <jeev> so that's a good sign[06:51:55] <pj> twb: postscreen does have RBL tests.[06:52:16] <pj> jeev: leave the RBLs to smtpd or amavis?[06:52:17] <twb> Ah, sorry, thanks for correcting me[06:52:57] <pj> while there's nothing wrong with RBL checks in smtpd or amavis, there are very good reasons to do it in postscreen.[06:53:36] <jeev> hm[06:55:10] <pj> unless you're trying to run amavis in a milter (which would cause issues with any significant amount of traffic) it will be post-queue which means that you can't REJECT mail based on amavis results.[06:55:58] <jeev> well amavis is after it's processed in postfix, rbl's are done in recipient restrictions[06:56:11] <pj> smtpd is more costly on system resources than postscreen.[06:56:22] <pj> why waste your system resources on those messages?[06:57:00] <pj> plus postscreen has better control for RBLs (as we already discussed).[06:57:42] <jeev> so, should i comment out those specific rbl checks and just add the postscreen ones[06:58:13] <pj> you can leave them in smtpd, it won't hurt anything and would be a backup to poxtfix.[06:58:15] <pj> grrrr[06:58:22] <pj> *postscreen[06:58:44] <pj> anyways, g2g, bbl[07:00:01] <jeev> thanks[07:00:02] <jeev> night[07:07:22] *** davlefou_ has quit IRC[07:08:10] <jeev> nice[07:20:48] *** davlefou_ has joined #postfix[07:28:23] *** Pretztail has quit IRC[07:28:32] *** sharky has quit IRC[07:28:32] *** bolt has quit IRC[07:28:32] *** sputnik has quit IRC[07:28:36] *** terr1 has quit IRC[07:28:36] *** geo27 has quit IRC[07:28:36] *** mns has quit IRC[07:28:39] *** miniyo has quit IRC[07:28:41] *** mirko has quit IRC[07:28:41] *** sysmonk has quit IRC[07:29:12] *** sharky has joined #postfix[07:29:41] *** miniyo has joined #postfix[07:29:47] *** bolt has joined #postfix[07:31:52] *** terr1 has joined #postfix[07:31:58] *** geo27 has joined #postfix[07:33:11] *** Pretztail has joined #postfix[07:33:48] *** olegfusion has quit IRC[07:35:10] *** mns has joined #postfix[07:48:26] *** jarif has joined #postfix[08:04:55] *** davlefou__ has joined #postfix[08:08:10] *** davlefou_ has quit IRC[08:08:47] *** [diablo] has joined #postfix[08:14:01] *** Cromulent has joined #postfix[08:20:52] *** funnyboy243 has quit IRC[08:23:06] <mathesis> what is the settings perfect postfix,thinking on security ?[08:30:09] *** funnyboy243 has joined #postfix[08:31:31] <pj> mathesis: What concerns do you have irt security?[08:34:52] *** mirko has joined #postfix[08:34:52] *** sysmonk has joined #postfix[08:35:47] *** sputnik has joined #postfix[08:38:31] *** davlefou__ has quit IRC[08:39:45] *** davlefou has joined #postfix[08:42:42] *** Cromulent has quit IRC[08:47:03] *** olegfusion has joined #postfix[08:50:39] *** jarif has quit IRC[08:58:57] *** TheAvatar has quit IRC[08:59:08] *** cromag has quit IRC[09:05:24] *** davlefou_ has joined #postfix[09:08:38] *** davlefou has quit IRC[09:16:41] *** olegfusion has quit IRC[09:26:49] *** twb has quit IRC[09:43:40] *** ffiore has joined #postfix[09:55:01] *** cromag has joined #postfix[09:58:20] *** olegfusion has joined #postfix[10:06:01] *** davlefou__ has joined #postfix[10:06:44] *** funnyboy243 has quit IRC[10:09:26] *** davlefou_ has quit IRC[10:16:07] *** dvee has joined #postfix[10:24:58] *** funnyboy240 has joined #postfix[10:51:00] *** jelly has quit IRC[10:51:26] *** jelly has joined #postfix[10:54:44] *** bungalo has joined #postfix[10:59:57] *** jarif has joined #postfix[11:03:34] *** Pretztail has quit IRC[11:05:21] *** Pretztail has joined #postfix[11:06:30] *** davlefou_ has joined #postfix[11:07:11] *** Pretztail has quit IRC[11:10:03] *** davlefou__ has quit IRC[11:25:51] *** e-ndy has quit IRC[12:01:27] *** dongie has joined #postfix[12:03:04] *** dongie has left #postfix[12:03:11] *** dongs has joined #postfix[12:03:29] <dongs> how do I allow people to send mail if they authenticated without SASL[12:03:34] <dongs> just regular smtp auth[12:07:32] *** davlefou__ has joined #postfix[12:07:33] *** jarif has quit IRC[12:10:27] *** davlefou_ has quit IRC[12:11:01] *** donmichelangelo has quit IRC[12:11:20] *** donmichelangelo has joined #postfix[12:12:53] <Tuxick> auth without sasl?[12:13:13] <dongs> yeah, you know, regular username/password.[12:13:21] <dongs> without weird crypto/secure junk.[12:16:48] <dongs> also enabling sasl just breaks everything[12:17:29] <Tuxick> you must be doing something wrong then[12:17:56] <dongs> only following one of the 10000 outdated instructions.[12:18:50] <Tuxick> why?[12:18:57] <dongs> because tehre are no modern ones?[12:18:58] <Tuxick> http://www.postfix.org/SASL_README.html[12:19:25] *** dvee has quit IRC[12:19:42] <dongs> im using whatever sasl is in debian.[12:21:28] *** dvee has joined #postfix[12:22:33] <dongs> smtpd[12609]: fatal: SASL per-process initialization failed[12:27:14] *** [diablo] has quit IRC[12:30:40] <Tuxick> must be doing something wrong then :)[12:31:50] <dongs> thanks, mr obvious.[12:31:57] <dongs> do you have any more enlightening suggestions?[12:32:00] *** mastr[x]bennett has joined #postfix[12:34:14] <dongs> all this garbage because pop-before-smtp has been removed from debian[12:36:40] *** jarif has joined #postfix[12:48:54] *** Section1 has joined #postfix[12:51:40] *** mroe has joined #postfix[12:52:24] <dongs> does permit_sasl_authenticated even deal wiht plaintext login by outlook express etc[12:58:04] <Patrickdk> ALL logins are handled via sasl[12:58:31] <Patrickdk> you do know that outlook express is EOL[13:01:21] <buki> depends on sasl provider config, has nothing to do with postfix[13:03:43] *** [diablo] has joined #postfix[13:05:45] *** hellerbarde has joined #postfix[13:06:00] <hellerbarde> hi[13:06:35] <lunaphyte_> !tell dongs welcome[13:06:35] <knoba> dongs: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![13:10:19] *** davlefou__ has quit IRC[13:10:55] *** robinho86 has joined #postfix[13:12:57] <hellerbarde> if I use pam with Dovecot for SASL, I don't need to set smtpd_sasl_local_domain, correct?[13:13:33] <lunaphyte_> smtpd_sasl_local_domain is not an implicit requirement either way.[13:15:05] <hellerbarde> lunaphyte_, um, so maybe I misunderstood, the docs are a bit sparse. If I do set it, postfix appends that domain to usernames that don't have one.[13:15:36] <hellerbarde> I would have assumed that dovecot would either reject one or the other.[13:15:39] <lunaphyte_> not really.[13:15:52] <lunaphyte_> the username is nothing more than a string.[13:16:06] <lunaphyte_> the username is one object, the realm is another.[13:16:18] <hellerbarde> oh. okay[13:16:27] <lunaphyte_> some peopel visually represent usernames and realms concurrently, by concatentating them.[13:16:31] <lunaphyte_> *people[13:17:43] <dongs> so, why does enabling sasl make postfix break.[13:17:52] <dongs> the logs dont show anything useful.[13:18:02] <lunaphyte_> for help, follow the instructions in the topic[13:19:37] <dongs> lunaphyte_: < dongs> the logs dont show anything useful[13:19:44] <dongs> if I had logs to paste, i would be pasting htem.[13:19:49] <lunaphyte_> [08:18am] lunaphyte_: for help, follow the instructions in the topic[13:20:24] <lunaphyte_> we're not interested in you're interpretation of the logs. you're asking for help. and the topic instructs more than simply provding logs.[13:20:28] <lunaphyte_> *your[13:23:35] *** davlefou__ has joined #postfix[13:27:39] <dongs> http://bcas.tv/paste/results/gGdXrP91.html[13:29:15] <Tuxick> you followed some obscure do instead of official documentation, might be wise to start over[13:33:17] <dongs> the settings aren't any different from "official".[13:33:58] <lunaphyte_> [08:20am] lunaphyte_: "... and the topic instructs more than simply provding logs...."[13:34:38] <lunaphyte_> it should take little to no time to follow the instructions in the topic. those who do get good help.[13:35:16] *** dongs has quit IRC[13:35:21] <lunaphyte_> figured[13:35:27] *** dongs has joined #postfix[13:35:38] <lunaphyte_> oh, heh.[13:35:49] *** hellerbarde has quit IRC[13:39:40] *** junixbr has quit IRC[13:42:40] *** dongs has left #postfix[13:43:33] *** hellerbarde has joined #postfix[13:43:59] <hellerbarde> welp. VPN went down :/[13:45:10] *** MaximusColourum has joined #postfix[13:51:38] *** naquad has joined #postfix[13:51:41] <naquad> hi[13:51:43] <naquad> i've tried to configure postfix to allow only mynetworks and authorized users, but i end up with open relay :( https://gist.github.com/naquad/7214057 - this is my config. could somebody please tell me what am i doing wrong?[13:52:01] <lunaphyte_> !tell naquad welcome[13:52:01] <knoba> naquad: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![13:52:06] <rob0> does that paste include logs?[13:52:26] <rob0> If you didn't include logs, we can't help.[13:52:29] <naquad> no, longs contain only messages about successful submission[13:52:37] <naquad> ok, give me a sec, i'll attach logs[13:53:20] <naquad> now it does[13:53:54] <Tuxick> if you end with permit, it'll permit[13:54:07] <Tuxick> unless there's an explicit reject before that[13:54:15] <rob0> It did not show the ARRIVAL of the open relay test message.[13:54:32] <lunaphyte_> you need to show *complete* processing of a single test message which exhibits the problem.[13:54:37] <rob0> Queue-ID: BE33461292, Message-ID: <rlytest-1383050583-6165 at godfather dot mob.net>[13:55:14] <rob0> line 88 in the main.cf, WHAT?[13:55:39] <naquad> rob0, that was there so i thought i should keep it. or i shouldn't?[13:55:54] <rob0> postconf smtpd_recipient_restrictions (show just the first three restrictions[13:56:13] <rob0> permit_mynetworks, permit, permit_sasl_authenticated, ...[13:56:19] <naquad> smtpd_recipient_restrictions = permit_mynetworks, permit $localnet, permit_sasl_authenticated[13:56:23] <naquad> yes[13:56:38] <rob0> postconf $localnet[13:56:52] <naquad> unknown parameter[13:56:54] <rob0> anyway, that is WRONG[13:57:01] <rob0> don't make up syntax[13:57:01] <lunaphyte_> that whole config is wrong[13:57:11] <naquad> ok, where do i get proper one?[13:57:18] <rob0> !basic[13:57:18] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[13:57:30] <naquad> i need spamassasin, clamav, grey list checks and dovecot integration[13:57:44] <rob0> Your second restriction permits everything.[13:57:46] *** e-ndy has joined #postfix[13:58:52] <lunaphyte_> you should condense all of your restrictions into smtpd_recipient_restrictions[13:58:57] <lunaphyte_> the others can be empty.[13:59:23] <hellerbarde> does it make sense to only have a smtpd_{client,sender}_restrictions on the submission port? I would have put smtpd_sender_restrictions = reject_unknown_sender_domain in as well. What pitfalls does this generate?[13:59:42] <lunaphyte_> generally speaking, you need only smtpd_recipient_restrictions, period.[14:00:51] <lunaphyte_> the name of the parameter [e.g. smtpd_recipient_restrictions] does not refer to the type of restrictions that can be used, but rather when [in the smtp conversation] the specified restrictions will be enforced.[14:01:51] <hellerbarde> lunaphyte_, and should this be the same for smtp and submission? or should this be distinguished?[14:02:12] <lunaphyte_> smtp restrictions and submission restrictions should never be the same[14:02:27] <hellerbarde> ok, good. that would have freaked me out.[14:02:45] <lunaphyte_> smtp restrictions should allow no relaying period. submission restrictions should, if smtp auth has been successfully performed.[14:06:11] *** funnyboy240 has quit IRC[14:07:24] *** mroe has quit IRC[14:09:18] <hellerbarde> okay. so smtpd_client_restrictions are applied earlier than the recipient restrictions. so it would make sense for a high traffic submission port to cut off unauth'd clients. for maintainability it would make more sense to put it in recipient restrictions, especially for lower traffic systems. Is this correct?[14:09:26] <lunaphyte_> no[14:09:39] <lunaphyte_> in theory it would, yes, but it's just not practical.[14:09:48] <lunaphyte_> !tell hellerbarde smtpd_delay_reject[14:09:48] <knoba> hellerbarde: "smtpd_delay_reject" : a configuration parameter in the main.cf: Wait until the RCPT TO command before evaluating $smtpd_client_restrictions, $smtpd_helo_restrictions and $smtpd_sender_restrictions.[14:09:59] <lunaphyte_> there's a reason the default is yes[14:10:08] <rob0> "Earlier" means very little. They are all done at RCPT TO.[14:10:11] <patdk-wk> really, it requires the same amount of processing, forking, ...[14:10:19] <patdk-wk> why postscreen was made[14:10:37] <rob0> postscreen is definitely earlier, yes[14:10:52] *** davlefou__ has quit IRC[14:10:57] <hellerbarde> heh, ask the right questions and the real interesting parts of this stuff comes up :) cool stuff![14:11:11] <patdk-wk> postscreen isn't for submission though[14:13:27] <hellerbarde> I saw (reading through this now: http://www.postfix.org/POSTSCREEN_README.html) I dont think i need postscreen at all though.[14:14:23] <lunaphyte_> if you are running an mx, you almost certainly can benefit from it.[14:14:49] <patdk-wk> didn't say it was required :)[14:15:08] <patdk-wk> but if your concerned about *additional load*, it is going cut that load more than anything else will[14:15:38] <hellerbarde> patdk-wk, didn't understand it that way at all. lunaphyte_ I think I will finish configuring this server without it (it's a small personal mail server) and then look into it from that position on.[14:15:52] <lunaphyte_> sure.[14:16:12] <hellerbarde> patdk-wk, ok that sounds wrong. I meant to say that I didn't think you were suggesting that I need it. (words are hard)[14:18:22] *** wdp has joined #postfix[14:18:22] *** wdp has joined #postfix[14:20:55] *** jwing has quit IRC[14:21:12] *** jwing has joined #postfix[14:23:50] *** davlefou__ has joined #postfix[14:23:51] *** hellerbarde has quit IRC[14:35:53] *** dvee has quit IRC[14:40:28] *** dvee has joined #postfix[14:42:31] *** hellerbarde has joined #postfix[14:42:55] <hellerbarde> hmm. I wonder, should one specifically turn SASL off completely for smtp port?[14:43:05] <lunaphyte_> indeed[14:43:16] <lunaphyte_> but to be pedantic, that's actually backwards.[14:43:45] <lunaphyte_> smtp auth [sasl] should be completely off by default, and only specifically enabled for the submission service.[14:45:05] <hellerbarde> hm. that actually makes more sense. If I turn it off in main.cf, can I still specify the type etc. in main.cf and only have -o smtpd_sasl_auth_enable=yes in master.cf for submission?[14:45:15] <lunaphyte_> right[14:45:53] <hellerbarde> I like pedantic. It gives consistent right answers :)[14:46:13] <rob0> Eventually any email domain and address gets on spam lists. For a small domain, if you're careful, spam might never be a big problem. But if you have just one email user OR correspondent who uses Windows / MSIE / Outlook, and who clicks on the wrong links, you'll get spammed.[14:46:37] <rob0> ^^ (That was in regard to the earlier discussion about spam/postscreen)[14:46:51] <Tuxick> yeah, users make mail a problem[14:48:44] *** Phoenixz has joined #postfix[14:48:53] <lunaphyte_> well, some folks often succumb to the compulsion to operate computers based largely on emotion. for those unfortunate souls, not only is their success ultimately severely limited, they're also typically unreceptive to pedantics.[14:49:34] <lunaphyte_> [and those who peddle them] :)[14:50:34] <rob0> Pedantry is really about attention to detail, and that's very important in computing in general, especially in mail admin.[14:51:33] *** kiri has quit IRC[14:51:40] <hellerbarde> lunaphyte_, very true. I just wanted to make known that I do appreciate it[14:52:12] <lunaphyte_> no worries, your comment wasn't misinterpreted.[14:52:36] *** kiri has joined #postfix[14:52:50] <hellerbarde> Tuxick, yeah, pesky users make everything a problem.[14:59:14] *** hellerbarde has quit IRC[15:06:56] *** ichdasich has joined #postfix[15:07:52] *** ichdasich has left #postfix[15:08:15] *** davlefou_ has joined #postfix[15:11:17] *** davlefou__ has quit IRC[15:13:15] *** kirin` has quit IRC[15:27:02] *** kirin` has joined #postfix[15:32:23] *** freezey has joined #postfix[15:33:45] *** tharkun has quit IRC[15:33:55] *** chrisp15 has quit IRC[15:35:15] *** freezey has quit IRC[15:35:43] *** freezey has joined #postfix[15:37:33] *** freezey has quit IRC[15:38:03] *** freezey has joined #postfix[15:39:05] *** freezey has quit IRC[15:39:28] *** freezey has joined #postfix[15:41:04] *** tharkun has joined #postfix[16:00:07] *** donmichelangelo has quit IRC[16:00:26] *** donmichelangelo has joined #postfix[16:00:59] *** [diablo] has quit IRC[16:03:46] *** dylukes has joined #postfix[16:07:37] *** nfi|ermes has joined #postfix[16:07:43] <nfi|ermes> hi all[16:09:21] <nfi|ermes> i would like to install in centos6 postfix with sasl enabled . Should be better install from yum or compile from source ?[16:11:42] <rob0> That wouldn't matter. You might want to rpmbuild a SRPM because Redhat ships such a ridiculously ancient version, but I'm pretty sure their RPMs have SASL enabled.[16:11:58] *** davlefou_ has quit IRC[16:13:10] *** mastr[x]bennett has quit IRC[16:17:25] <nfi|ermes> thank you[16:18:33] *** mastr[x]bennett has joined #postfix[16:18:39] *** hellerbarde has joined #postfix[16:24:37] *** dylukes has quit IRC[16:25:09] *** dylukes has joined #postfix[16:25:18] *** davlefou_ has joined #postfix[16:25:35] *** dvee has quit IRC[16:40:02] <jeev> rob0, postscreen be cool.[16:41:10] <cinch> how can i specify: if "mail from: " is in ldap then reject receiving the message?[16:41:30] <lunaphyte_> cinch: what are you actually trying to do?[16:41:47] <cinch> prevent forget from[16:41:51] <lunaphyte_> rejecting mail based on envelope senders isn't likely to be the right solution to whatever the actual problem is.[16:42:09] <lunaphyte_> i don't know what prevent forget from means[16:42:40] <rob0> "forged"?[16:42:50] <rob0> jeev, indeed[16:42:51] <cinch> faked, like from spammers[16:43:11] <cinch> mail from: user@ourdomain should not get through[16:43:27] <rob0> !reject_unlisted_sender[16:43:27] <knoba> rob0: Error: "reject_unlisted_sender" is not a valid command.[16:43:27] <lunaphyte_> oh, you don't want to allow your domain name in the envelope sender?[16:43:41] <rob0> postconf.5.html#reject_unlisted_sender[16:45:03] <lunaphyte_> these would be known sender addresses[16:46:57] <rob0> !smtpd_reject_unlisted_sender[16:46:58] <knoba> rob0: "smtpd_reject_unlisted_sender" : a configuration parameter in the main.cf: Request that the Postfix SMTP server always rejects mail from unknown sender addresses. This can slow down an explosion of forged mail from worms or viruses. This feature is not available prior to Postfix 2.1.[16:49:56] <cinch> rob0, that blocks unknown, but i'm trying to block known ones[16:51:03] <lunaphyte_> use check_sender_access[16:51:47] <cinch> that looks like it fits :) thanks alot[16:52:21] <lunaphyte_> smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access [...][16:52:28] <cinch> yea[16:52:41] <lunaphyte_> /etc/postfix/access: example.com reject[16:52:54] <lunaphyte_> and probably .example.com reject[16:53:57] <rob0> (I'd recommend a better name than "/etc/postfix/access", maybe /etc/postfix/block_my_senders :) )[16:54:08] <lunaphyte_> yeah. i was being lazy :)[16:56:48] *** hallamigo has joined #postfix[17:03:07] *** mathesis has quit IRC[17:04:21] *** koshie_ has joined #postfix[17:06:34] *** koshie has quit IRC[17:09:23] *** davlefou__ has joined #postfix[17:12:50] *** honestly has quit IRC[17:12:51] *** davlefou_ has quit IRC[17:13:17] *** zerick has joined #postfix[17:18:58] *** sep has quit IRC[17:24:14] *** mastr[x]bennett has quit IRC[17:28:48] *** TheAvatar has joined #postfix[17:42:01] *** SvenOostenbrink has joined #postfix[17:42:13] *** Phoenixz has quit IRC[17:51:27] *** hellerbarde has quit IRC[17:51:47] *** SvenOostenbrink has quit IRC[17:55:46] *** mastr[x]bennett has joined #postfix[17:56:36] <Corey> !cheatsheet[17:56:36] <knoba> Corey: "cheatsheet" : (#1) http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt : A HOWTO for pre-DATA spam control., or (#2) A postscreen cheatsheet can be seen at http://rob0.nodns4.us/postscreen.html[18:12:52] *** davlefou__ has quit IRC[18:13:24] *** SvenOostenbrink has joined #postfix[18:13:46] *** rotbeard has joined #postfix[18:19:14] *** [diablo] has joined #postfix[18:21:30] *** sharky_ has joined #postfix[18:25:09] *** sharky has quit IRC[18:25:29] *** davlefou__ has joined #postfix[18:30:08] *** donmichelangelo has quit IRC[18:30:27] *** donmichelangelo has joined #postfix[18:34:36] *** bungalo has quit IRC[18:38:08] *** davlefou__ has quit IRC[18:38:28] *** davlefou has joined #postfix[18:56:45] *** wdp has quit IRC[18:57:34] *** mastr[x]bennett has quit IRC[19:04:32] *** ashiwnmuni has joined #postfix[19:04:39] *** ashiwnmuni has quit IRC[19:05:00] *** ashwinmuni has joined #postfix[19:05:20] <thumbs> !cheatcorey[19:05:20] <knoba> thumbs: Error: "cheatcorey" is not a valid command.[19:06:07] <ashwinmuni> want to configure Postfix as Primary MX any pointers on how to configure SPAM Control,[19:06:20] <ashwinmuni> or some startin point[19:06:51] <waldi> http://www.postfix.org/documentation.html[19:07:42] <patdk-wk> !spam[19:07:43] <knoba> patdk-wk: "spam" : for you and SPAM for me, we'll all live together in SPAM harmony at SPAM.com[19:08:06] <twobithacker> depends what you mean by spam control. The various smtpd restrictions are a good starting point, but you're likely thinking of content scanning[19:08:29] * patdk-wk wants to scan some content[19:10:16] *** ffiore has quit IRC[19:10:18] *** davlefou_ has joined #postfix[19:13:10] *** Blubberbop has joined #postfix[19:14:11] *** davlefou has quit IRC[19:14:38] * Tuxick wants to control some spammers[19:16:50] <patdk-wk> hmm, whips, chains, and ballgags[19:18:20] <Dominian> Sounds like a weekend at Bernie's[19:23:21] *** [diablo] has quit IRC[19:31:03] *** wdp has joined #postfix[19:31:03] *** wdp has joined #postfix[19:37:16] <jeev> you guys think it's really anal to block via iptables ips that are rbl'd? at least an hour ?[19:39:40] <patdk-wk> depends[19:39:48] <patdk-wk> not unreasonable[19:39:57] <patdk-wk> but it will limit stats you can collect from them[19:41:36] <pj> I prefer not to, extra work for very little benefit.[19:41:56] <jeev> okay[19:44:32] <pj> also, when you block from the firewall you end up depriving senders of the benefit of a proper reject message, also the default action of an MTA is generally to defer a message if the MTA is unreachable, so all those messages you block that way will just get resent.[19:49:40] *** billyw has joined #postfix[20:05:30] *** olegfusion has quit IRC[20:07:26] <jeev> should i care that i'm seeing a possible auto email that's legitimate while i give them Sender address rejected: Domain not found ?[20:11:31] *** davlefou__ has joined #postfix[20:13:22] <Tuxick> they're rbl'd anyway[20:13:24] <wdp> pj, assuming you DROP which would lead to a timeout. How about a REJECT rule?[20:13:26] <Tuxick> so why bother[20:13:26] *** davlefou_ has quit IRC[20:13:47] <Tuxick> if it's certain hosts hammering, sure[20:13:56] <Tuxick> tarpit ;p[20:15:02] <pj> wdp: I don't know for sure, but I think pretty much any cutting off at the firewall should result in a defferal. After all you're publishing an MX record that points to that server and that server isn't answering, from the sending MTA POV it's reasonable to assume it's a temporary error on the server and will be fixed eventually.[20:15:25] <wdp> mhm right.[20:15:33] <jeev> CIDR: 169.198.0.0/16 <- autozone. why does autozone need a class B?[20:15:37] <jeev> i guess they own alldata but still[20:15:37] *** master_of_master has joined #postfix[20:15:52] <pj> autozone is a pretty big company.[20:17:56] <zerick> I have a trivial question, the mailserver is behind a firewall that block every single outgoing port, in order to send email do I need only port 25, is not needed DNS port too ?[20:18:04] <jeev> big enough for a /16 ?[20:18:13] <pj> apparently[20:18:29] <jeev> that's bull[20:19:09] *** master_o1_master has quit IRC[20:19:18] <pj> go complain to ARIN[20:19:37] <jaybe> zerick, if you wish to send to host names requiring dns, you'll of course need a working, accessible dns resolver.[20:20:22] <pj> you don't need outbound DNS, though.[20:25:49] <jelly-home> dns works both ways, baby[20:25:55] <jelly-home> no. that was ntp, sorry[20:37:05] <Tuxick> ??[20:37:13] *** ashwinmuni has quit IRC[20:37:18] <zerick> xD[20:42:59] <billyw> I'm having a bizarre issue with our postfix server, where testing a mail relay allows the first email to go through, but subsequent emails are deferred due to connection timeouts[20:43:15] <billyw> I think it's the sporadic nature of issue that is boggling my mind[20:46:55] *** MacWinner has joined #postfix[20:53:33] <lunaphyte_> !tell billyw welcome[20:53:33] <knoba> billyw: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![21:01:48] <billyw> knoba: Thanks![21:02:01] <billyw> er, lunaphyte_ ^[21:03:23] *** Section1 has quit IRC[21:11:47] *** davlefou_ has joined #postfix[21:14:14] *** davlefou__ has quit IRC[21:20:18] <trurl> "Postfix currently does not apply content filters to mail that is forwarded or aliased internally" - is this still valid? is there a workaround?[21:24:10] <waldi> no. what are you trying to do?[21:26:18] <trurl> applying a milter to messages sent from relay_domain to relay_domain (thus internally)[21:26:42] <waldi> content filter != multer[21:26:58] <waldi> you don't understand what internally is[21:28:32] <trurl> "This may be a problem when you want to apply a signing Milter to such mail."[21:28:48] *** geo27 has quit IRC[21:30:34] *** zalg has joined #postfix[21:30:44] <zalg> hi[21:30:51] <waldi> trurl: still does not show that you actually have mail that fails into this category[21:31:20] <trurl> waldi: so why is http://www.postfix.org/MILTER_README.html using the term "content filter"? what should i use to satisfy your needs?[21:31:39] <waldi> trurl: you have to show your problem first[21:32:04] *** zalg has quit IRC[21:32:48] *** geo27 has joined #postfix[21:33:46] <rob0> "sent from relay_domain to relay_domain" is NOT "internal" to Postfix. Mail sent internally is a bounce, for example.[21:34:23] <billyw> !getting_help[21:34:23] <knoba> billyw: "getting_help" : before asking your question, provide a pastebin which includes relevant log data and your config. see !pastebin, !relevant_logs and !showconfig for instructions on doing this.[21:50:36] *** UQlev has joined #postfix[21:59:58] *** Pegasus_RPG has joined #postfix[22:01:04] *** felipe` has quit IRC[22:03:14] *** Pegasus_RPG has left #postfix[22:04:41] *** JamieH_ has joined #postfix[22:07:18] *** Cerber has joined #postfix[22:07:37] *** wdp has quit IRC[22:07:39] *** e-ndy has quit IRC[22:07:48] *** D-Boy has quit IRC[22:07:49] *** Pies has quit IRC[22:07:50] *** GNU\colossus has quit IRC[22:07:52] *** JamieH has quit IRC[22:07:53] *** Zethrok has quit IRC[22:07:53] *** maxmahem has quit IRC[22:07:54] *** stephan48 has quit IRC[22:07:54] *** fbh has quit IRC[22:07:55] *** ghoti has quit IRC[22:07:55] *** nesthib has quit IRC[22:07:58] *** BAOT has quit IRC[22:07:58] *** drakkhen_ has quit IRC[22:07:59] *** tessier has quit IRC[22:07:59] *** Tykling has quit IRC[22:07:59] *** theahindle has quit IRC[22:08:04] *** Dominian has quit IRC[22:08:05] *** MidnighToker has quit IRC[22:08:41] *** ghoti has joined #postfix[22:11:21] *** riceandbeans has joined #postfix[22:11:38] <riceandbeans> I'm getting a fatal error but the line referenced is a comment[22:11:52] <riceandbeans> postfix/sendmail[9686]: fatal: /etc/postfix/main.cf, line 22: missing '=' after attribute name: "smtp inet n - - - - smtpd"[22:11:56] *** davlefou__ has joined #postfix[22:12:17] *** drakkhen has joined #postfix[22:12:49] <waldi> riceandbeans: postconf -Mf[22:12:59] <waldi> will show what postfix sees[22:13:31] *** ghoti has quit IRC[22:13:55] *** e-ndy has joined #postfix[22:14:24] *** ghoti has joined #postfix[22:14:26] *** D-Boy has joined #postfix[22:14:27] *** GNU\colossus has joined #postfix[22:14:28] *** Zethrok has joined #postfix[22:14:28] *** maxmahem has joined #postfix[22:14:28] *** stephan48 has joined #postfix[22:14:29] *** fbh has joined #postfix[22:14:29] *** nesthib has joined #postfix[22:14:29] *** theahindle has joined #postfix[22:14:29] *** BAOT has joined #postfix[22:14:30] *** tessier has joined #postfix[22:14:30] *** Tykling has joined #postfix[22:14:30] *** Dominian has joined #postfix[22:14:31] *** MidnighToker has joined #postfix[22:14:49] *** nesthib has quit IRC[22:14:50] *** tessier has quit IRC[22:14:55] <riceandbeans> waldi: there is no M or f flag on my version[22:14:55] *** davlefou_ has quit IRC[22:14:56] *** tessier has joined #postfix[22:14:56] *** tessier has joined #postfix[22:15:04] *** nesthib has joined #postfix[22:15:10] <waldi> riceandbeans: then upgrade. what version are you using?[22:15:27] *** nesthib is now known as Guest6754[22:17:01] *** wdp has joined #postfix[22:17:17] <riceandbeans> 2.7.0[22:17:40] *** billyw has left #postfix[22:18:46] *** robinho86 has left #postfix[22:19:11] *** Guest6754 has quit IRC[22:19:11] *** Guest6754 has joined #postfix[22:19:19] *** Guest6754 is now known as nesthib[22:19:36] *** ghoti has quit IRC[22:20:24] *** ghoti has joined #postfix[22:22:40] <riceandbeans> waldi: 2.7.0[22:23:24] <waldi> well. then show the complete master.cf[22:23:28] <waldi> !tell riceandbeans paste[22:23:28] <knoba> riceandbeans: "paste" : do not paste more than 2 lines in the channel. A pastebin is a way to share larger amounts of data with others, without flooding the channel with garbage. try http://pastebin.com or http://paste.debian.net (or use google and find your own). don't forget to tell us the url where you pasted the text[22:25:19] *** ghoti has quit IRC[22:26:39] *** ghoti has joined #postfix[22:27:33] <riceandbeans> waldi: one sec[22:29:45] <riceandbeans> ...I found my error...[22:30:08] <riceandbeans> a genius set up this system and I started seeing the errors in the cenral logging server[22:30:19] <riceandbeans> waldi: I bet you won't guess it[22:30:37] <riceandbeans> waldi: # diff -qu /etc/postfix/main.cf /etc/postfix/master.cf[22:30:45] <riceandbeans> that returned nothing[22:31:12] <riceandbeans> aka, those two files are identical[22:31:22] *** ghoti has quit IRC[22:31:33] <lunaphyte> um what?[22:31:48] <riceandbeans> someone, somehow, borked the install[22:31:49] <lunaphyte> main.cf and master.cf are identical? that is a *bad* sign.[22:31:59] <riceandbeans> we had a big storage crash too last week[22:32:03] <riceandbeans> lunaphyte: yeah I know[22:32:14] <lunaphyte> which one is right?[22:32:24] <lunaphyte> don't touch anything, you might be able to recover[22:32:25] <riceandbeans> lunaphyte: several systems filesystem's got wrecked totally[22:32:31] *** ghoti has joined #postfix[22:33:32] <lunaphyte> pastebin both files. even though they're identical[22:33:57] <riceandbeans> why not just paste one[22:34:15] <lunaphyte> that's fine[22:36:31] *** arthurdent has joined #postfix[22:36:53] <arthurdent> hey i'm trying to set up postfix for the first time and i'm having some trouble understanding some of the terminology[22:37:17] <arthurdent> I'm trying to set it up so each user on my linux box can send and recieve mail from their username[22:37:30] *** ghoti has quit IRC[22:38:28] <rob0> !tell arthurdent basic[22:38:28] <knoba> arthurdent: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[22:38:33] *** ghoti has joined #postfix[22:38:35] <arthurdent> rob0: thanks![22:39:03] *** Roukoswarf has joined #postfix[22:39:47] <Roukoswarf> hello, is there any way i could hand over alias and login maps for a specific domain to a user so that they wont need root access and can only modify aliases for their own domain?[22:43:40] *** ghoti has quit IRC[22:44:01] <UQlev> Roukoswarf, isn't posfixadmin invented to manipulate account/aliases benonging to a particular domain[22:44:38] <Roukoswarf> is that.... secure?[22:44:52] *** ghoti has joined #postfix[22:45:08] <UQlev> Roukoswarf, I have no idea, never used it[22:46:00] <UQlev> Roukoswarf, httpd+php on the same host with postfix is always additional risk[22:46:02] <Roukoswarf> do you know if it modifies alias maps directly?[22:46:56] <UQlev> Roukoswarf, it does modify sql databases including virtual aliases[22:47:20] <Roukoswarf> what if i use plaintext and .db files for aliases?[22:48:07] <rob0> BTW there is no need to have "posfixadmin" (a misnomer, it's a mysql frontend) on the same machine as Postfix.[22:49:47] <rob0> You could write a Makefile to build lists from multiple sources, which need not all be root-owned.[22:50:19] *** ghoti has quit IRC[22:50:31] <Roukoswarf> rob0: any ideas on how to delegate admin of aliases/login maps for a domain to a specific system user?[22:51:06] *** ghoti has joined #postfix[22:52:41] *** freezey has quit IRC[22:53:17] *** freezey has joined #postfix[22:54:39] *** wdp has quit IRC[22:56:44] *** ghoti has quit IRC[22:57:00] *** ghoti has joined #postfix[22:58:23] *** freezey has quit IRC[22:58:52] <riceandbeans> lunaphyte: http://pastebin.com/MBBhs7St[23:02:17] *** ghoti has quit IRC[23:02:55] *** ghoti has joined #postfix[23:04:19] *** rowinofwin has quit IRC[23:04:34] *** rowinofwin has joined #postfix[23:04:59] *** rowinofwin has quit IRC[23:05:08] *** freezey has joined #postfix[23:05:09] *** rowinofwin has joined #postfix[23:05:57] *** felipe` has joined #postfix[23:07:46] *** ghoti has quit IRC[23:08:52] *** ghoti has joined #postfix[23:09:47] *** freezey has quit IRC[23:12:08] *** UQlev has quit IRC[23:12:18] *** davlefou_ has joined #postfix[23:14:01] *** ghoti has quit IRC[23:14:10] *** MacWinner has quit IRC[23:14:52] *** ghoti has joined #postfix[23:15:41] <lunaphyte> riceandbeans: ok, so that's obviously master.cf[23:15:50] <lunaphyte> does postconf -n work at all?[23:15:51] *** davlefou__ has quit IRC[23:16:37] <riceandbeans> no it tells me about the borked line[23:16:55] <riceandbeans> I tried a dpkg-reconfigure postfix, but it only tacked on new information to the end[23:17:12] <lunaphyte> what happens if you move main.cf to a new filename and then try postconf -n?[23:19:00] <riceandbeans> one sec[23:19:27] <riceandbeans> # postconf -n[23:19:27] <riceandbeans> postconf: fatal: open /etc/postfix/main.cf: No such file or directory[23:19:37] <lunaphyte> uh oh[23:19:43] <lunaphyte> well, i hope you have a backup[23:21:02] <riceandbeans> course not[23:21:02] <riceandbeans> :)[23:27:09] <Roukoswarf> has anyone used postfixadmin?[23:27:16] <Roukoswarf> it um... doesnt make sense[23:27:30] <Roukoswarf> i can add email accounts without changing my postfix config?[23:27:33] *** rowinofwin has quit IRC[23:27:35] <Roukoswarf> from a php instance?[23:30:08] *** donmichelangelo has quit IRC[23:30:36] <pj> riceandbeans: move main.cf out, then touch main.cf, then try postconf -n[23:30:49] *** donmichelangelo has joined #postfix[23:31:35] <pj> that said, it won't really help you[23:32:59] *** mastr[x]bennett has joined #postfix[23:34:06] <Aprogas> It might. a Postfix with an empty main.cf behaves with mostly sensitive defaults.[23:34:11] <Aprogas> s/sensitive/sensible/[23:35:19] <pj> yeah, true, although I doubt that it would really help that much. I would start off by looking for other files in /etc/postfix that gives hints as to what settings need to be set in main.cf[23:35:27] <pj> things such as transport maps, etc.[23:35:44] <waldi> i would just use the backup[23:35:56] <pj> waldi: so woudl I, but he said he didn't have one.[23:36:20] *** joules has joined #postfix[23:36:50] <joules> hi, making a move to dovecot, VMM looks pretty good are they any other mail management utilities?[23:37:37] <pj> VMM?[23:39:40] <waldi> joules: vim[23:39:43] <waldi> emacs[23:39:44] <joules> http://sourceforge.net/projects/vmm/[23:40:11] <joules> just would like to avoid the whole LAMP stack and would rather edit conf's by hand instead :)[23:42:37] <pj> joules: looks nice at a glance, but it's not a huge leap from using that to just directly editing by hand.[23:44:21] <joules> yeh and it pulls in too many extra packages on debian :([23:44:31] <pj> at any rate as long as you know what's going on behind the scenes when you use a manager it doesn't really matter which one you use, they are all just some sort of frontend to the db plus a couple other things.[23:49:13] <joules> <-dovecot noob[23:52:09] *** twb has joined #postfix[23:56:35] *** MaximusColourum has quit IRC[23:57:59] *** riceandbeans has left #postfix[23:58:47] *** Bry8Star has joined #postfix