January 6, 2016 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 6, 2016 [00:01:24] *** pozitron has joined #postfix[00:01:45] *** shawniverson has joined #postfix[00:02:04] *** TyrfingMjolnir has joined #postfix[00:02:26] *** shawniverson is now known as Guest89034[00:06:26] *** Guest89034 has quit IRC[00:08:30] <ekkis> Poster: yes, I have plenty of space[00:09:01] <ekkis> I have about 50G on / (where /var resides)[00:13:02] <Poster> do you have anything return from "sudo postqueue -p" ?[00:13:18] *** penrod has joined #postfix[00:14:14] <ekkis> yes, 9864 Kbytes in 383 Requests.[00:15:17] <ekkis> in fact, I see a bunch of mail that's been delivered[00:15:47] <ekkis> however, if I type `mail` I don't see anything new[00:17:13] <Poster> is it delivering via maildir or something?[00:17:22] <ekkis> yes[00:17:31] <ekkis> maildir is how I set it up[00:17:43] <Poster> ok and is there sufficient space wherever those are kept?[00:17:56] <ekkis> which, honestly, I've never understood how it works, with it's strangely-named directories[00:18:23] <ekkis> yes, that's kept under /home which has 5.6G available[00:21:08] <ekkis> if I look in /var/log/maillog the last entry I see is the message: No space left on device... however it dates to midnight... nothing after that... and I've restarted postfix[00:21:25] <ekkis> Poster: is there something else I need to restart?[00:22:55] <ekkis> I suppose I could just flush the queue?[00:24:40] <ekkis> Poster: ok, I tried flushing but I still have no mail and no new messages on /var/log/maillog...[00:26:11] *** nesthib has quit IRC[00:32:24] <Poster> yeah try restarting syslog[00:32:36] <Poster> or rsyslog, not very familiar with fedora 22[00:32:48] <ekkis> oh... ok. let me try that...[00:33:51] <ekkis> ok, I restarted that and then postfix but still get nothing in the maillog file[00:34:16] <ekkis> the thing is, I used to... I ahve maillog-20151213 and others in the directory[00:34:35] <ekkis> and the timestamp on the maillog is recent...[00:35:12] <Poster> try "sudo postqueue -f"[00:35:30] <ekkis> I ran that before and it didn't help but let me try again...[00:36:07] <ekkis> ok. I flushed it but when I do a -p I still see 400 requests[00:36:18] <ekkis> do you think I should try rebooting the machine?[00:37:24] *** TyrfingMjolnir has quit IRC[00:38:36] *** shawniverson_ has joined #postfix[00:39:40] <pj> ekkis: Fedora typically logs to /var/log/maillog[00:40:27] <pj> ekkis: did you restart journald and rsyslog?[00:40:41] <pj> !tell ekkis no_logs[00:40:42] <knoba> ekkis: "no_logs" : see !nologs[00:40:46] <pj> !tell ekkis nologs[00:40:46] <knoba> ekkis: "nologs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.[00:41:33] *** TyrfingMjolnir has joined #postfix[00:42:09] <ekkis> ah... journald. I didn't restart that. let me give that try[00:42:12] <pj> ekkis: you may be able to see the logs from journald.[00:42:14] <pj> yeah[00:42:20] <pj> it's systemd crap[00:43:17] <ekkis> hmm... rpm -qa |grep journal comes up empty.. what else could I look for?[00:44:38] <pj> systemctl restart systemd-journald.service[00:45:16] <ekkis> ok... I have a systemd but `service systemd restart` fails and so does `service system restart`[00:45:38] <ekkis> oh yes... gosh everything just keeps changing and I can't keep up. I still use `service`[00:45:43] <pj> ekkis: please re-read the command I gave you[00:45:53] <pj> you can use service, it redirects to systemctl[00:46:03] <pj> service systemd-journald restart[00:46:13] <ekkis> yes, thanks for holding my hand through this... I gotta get current[00:46:27] <pj> ekkis: I'm not a big fan of systemd either.[00:46:39] <pj> and I never appreciated having it shoved down my throat.[00:47:29] <pj> btw, if you're planning on this mail server lasting longer than a year, then I suggest you pick a different distro than Fedora to run it on.[00:47:34] <pj> Fedora only has a 13 month lifespan.[00:47:51] <ekkis> I hear you. so much to keep up with... ok, I restarted postfix and now I get logs. yea![00:47:58] <pj> :-)[00:48:05] <ekkis> now for the problem at hand... actually getting mail...[00:48:06] *** infides_afk has quit IRC[00:48:14] <pj> !tell ekkis getting_help[00:48:14] <knoba> ekkis: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[00:48:19] <pj> now you can do this ^^^^^[00:48:39] <pj> and I won't be able to stick around to help you, unfortunately, but I'm sure others will be here.[00:48:53] <ekkis> pj: seriously??? I've been with Redhat/Fedora for... I don't know... 2 decades?[00:49:22] <pj> ekkis: if you want a longer distro based on Red Hat / Fedora, then look at CentOS.[00:49:28] <ekkis> no worries. you got me further than where I was. much obliged[00:49:58] <ekkis> yes, a friend of mine is big on CentOS.... I might try Ubuntu again. it was a POS when I tried it last[00:49:59] *** shawniverson_ has quit IRC[00:50:42] <phunyguy> Nailed it.[00:51:04] <pj> I build the postfix 3.0 packages in Ghettoforge for CentOS, btw, in case you want to use CentOS and want somethng newer than the stock postfix.[00:51:47] <ekkis> is there a good-sized community on CentOS? that's what worries me the most... being able to find competent people on it[00:52:04] <pj> ekkis: yes, CentOS has a large community[00:53:12] <ekkis> cool... well, I should have been running that the whole time anyway. I should have abandoned Fedora before now[00:53:42] <pj> anyways, g2g[00:53:58] <ekkis> g2g? good-to-go?[00:54:09] <ekkis> ah. gotta-go.[00:54:14] <ekkis> thanks again[00:55:30] <phunyguy> lunaphyte: ran into a snag, but I managed through it. I also had to change smtp: to relay-mda: in /etc/postfix/transport to get this going. (transport_maps)[00:59:09] *** shawniverson has joined #postfix[00:59:34] *** shawniverson is now known as Guest98611[01:01:59] <lunaphyte> what are you using transport_maps for?[01:02:11] <phunyguy> relaying for 3 domains[01:02:21] <lunaphyte> to your home computer?[01:02:24] <phunyguy> yes[01:02:30] <lunaphyte> you don't need transport maps for that[01:02:36] <phunyguy> le grumble[01:03:19] <phunyguy> you keep doing this to me. heh[01:03:28] <lunaphyte> :)[01:03:51] <lunaphyte> list your domains in relay_domains on the vps. just like on the home computer[01:04:10] <phunyguy> I did.[01:04:18] <phunyguy> then relay_transport, and no transport_maps?[01:05:38] <lunaphyte> right[01:05:44] <phunyguy> thought so.[01:06:06] <phunyguy> that's not so bad then. Thought I was in for another hour of "Find The Problem!" (tm)[01:06:18] <lunaphyte> think of transport_maps as for stuff that deviates from the otherwise status quo[01:06:25] <phunyguy> right.[01:06:57] *** lucascastro has joined #postfix[01:07:50] <phunyguy> yup, that worked.[01:08:17] <lunaphyte> now you need to add relay_recipient_maps to your vps. that is *critical*[01:08:22] <phunyguy> these configs are so much simpler now[01:08:32] <phunyguy> what[01:08:55] <lunaphyte> your mx servers *must* know which recipients are valid and which are not[01:09:26] <phunyguy> recipients, as in * at phunyguy dot com ?[01:10:15] <lunaphyte> yes[01:10:33] <phunyguy> okay.[01:10:50] <lunaphyte> for all domains postfix is configured to accept mail for[01:11:12] <lunaphyte> just like how you have relay_recipient_maps on your home server, it needs to be on the vpses too[01:11:27] <lunaphyte> in fact, it's infinitely more important that it be on the vpses[01:12:16] <phunyguy> huh... wonder if I can find a way to map that.,[01:12:21] <phunyguy> from home server.[01:12:36] <lunaphyte> idealy, it would query your sql server, just like home server does[01:12:43] <lunaphyte> *ideally[01:12:54] <phunyguy> yep... just need to ensure I poke a hole in the firewall specifically for VPSs[01:13:20] <lunaphyte> sure, that would be one way[01:13:31] <phunyguy> what would another way be?[01:13:55] <lunaphyte> note that for arrangements like that, having a local instance of the database offers important benefits[01:14:08] <phunyguy> I do have a spare VPS or two. ☺[01:14:19] <phunyguy> not sure I want to put it on the same server[01:14:28] <phunyguy> these are the 512MB instances.[01:15:07] *** penrod has left #postfix[01:15:21] <lunaphyte> for example, if your home server becomes unreachables form the vpses, then sql queries fail, and mail cannot be accepted. whereas if the vpses could still query a [local] data source, mail could still be accepted on the vpses, and would just wait in the queue for the home server to return, at which time the mail would just be relayed as usual[01:15:51] <phunyguy> what happens when the database instance comes back?[01:15:56] <phunyguy> mail flows again?[01:15:58] <lunaphyte> it's concepts like this which lend themselves particularly to ldap instead of an rdbms ;)[01:16:00] <phunyguy> and will it defer otherwise?[01:16:03] <lunaphyte> no[01:16:07] <phunyguy> oh[01:16:20] <lunaphyte> wait[01:16:45] <lunaphyte> are you talking about if the vps just queries the sql service on the home server?[01:17:01] <phunyguy> yes.[01:17:04] <lunaphyte> oh[01:17:06] <lunaphyte> yes[01:17:13] <phunyguy> that might be ideal[01:17:44] *** penrod has joined #postfix[01:17:46] <phunyguy> It's not like I am processing 100mb of email a second[01:18:12] <lunaphyte> if vps cannot query the sql server for relay_recipient_maps [or relay_domains, etc] queries, then the vps will reject the mail. the sending server will experience a deferral[01:18:28] <phunyguy> this is good news.[01:18:49] <lunaphyte> yeah, it's just personal preference, ultimately[01:19:12] * phunyguy ponders[01:19:32] <lunaphyte> i prefer to have a synchronous data source on my vps, so it can function independently of the home server[01:19:55] <phunyguy> is this where ldap comes into play?[01:20:03] <lunaphyte> for me, yes[01:20:15] <lunaphyte> if the home server happens to become unreachable for some reason, i want the vps to still accept mail as though nothing is wrong[01:20:36] <phunyguy> well, help me out here. I have 1024MB RAM/2CPU 20GB SSD VPS space that I can deploy one or two servers with...[01:20:38] <lunaphyte> then i can worry less about doing things with the home server. i can turn it off for an hour if i want to[01:20:47] <lunaphyte> i can turn it off for a day if i want[01:21:33] <lunaphyte> i don't know what's involved in mysql replication. last time i looked into it, it was rather daunting[01:21:42] <phunyguy> yeah...[01:22:08] <lunaphyte> ldap is totally different, but that's neither here nor there if you are using sql[01:22:26] <lunaphyte> there are other, less ideal "options"[01:22:47] <KaiForce> Zerberus: thanks![01:22:55] <phunyguy> is this where you talk me into setting up LDAP and ditching mysql?[01:23:17] <lunaphyte> employ some mechanism to query the db on a recurring schedule, and dump the needed data to flat files on the vps[01:23:19] <lunaphyte> heh[01:23:26] <lunaphyte> that is a huge can of worms[01:23:30] <phunyguy> hahaha[01:23:38] <lunaphyte> but it's a pretty awesome can ;)[01:23:46] <phunyguy> should've just used flat files to begin with[01:23:58] <lunaphyte> another, even less desireable mechanism is in band address verification.[01:24:09] <lunaphyte> you could do it, and it does work, but it's lame.[01:24:23] <lunaphyte> it is not the right way to do things[01:24:27] * phunyguy scratches[01:25:12] <phunyguy> so... let's be honest here. I have 3 email addresses behind this entire setup. one for each domain.[01:25:17] <lunaphyte> however, the caveat there too though is that you still are at the mercy of the home server. if it goes down for too long, and the verification result expires from the cache, mail lis rejected[01:25:29] <phunyguy> the original intent was to host mail for some folks[01:25:50] <phunyguy> and set up something where I can share some server space and manage their email, for perhaps a fee.[01:26:34] <lunaphyte> if it were me, i'd do sql queries across the internet from the vps to the home computer[01:26:36] <lunaphyte> for now[01:26:56] <lunaphyte> you can protect it with a firewall, you could use a vpn too/instead if so desired, etc.[01:27:18] <lunaphyte> you can decide how bad it sucks if something happens and mail gets rejected for some period of time[01:27:21] <phunyguy> firewall is fine. It's just two holes poked, one for each VPS[01:27:36] <lunaphyte> you can regroup and check other things out down the road, blah blah blah[01:28:05] <lunaphyte> i would, however, use encryption for the sql queries[01:28:14] <lunaphyte> does postfix do that? i bet it does[01:28:16] * lunaphyte looks[01:28:28] <phunyguy> so essentially, the objective here is to not let VPSs inundate home server with mail destined for bad addresses?[01:28:44] <lunaphyte> yes. that is absolutely imperative. you *cannot* do that[01:29:22] <lunaphyte> some service, at some point along the path, is going to reject that message. that will generate a bounce. that is a HUGE no no[01:29:36] <lunaphyte> you cannot accept mail, then change your mind later and decide you don't want it[01:29:53] <lunaphyte> the mx server MUST reject all mail that will not be delivered later[01:29:57] <lunaphyte> !mantras[01:29:57] <knoba> lunaphyte: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls.[01:29:59] <phunyguy> Ahh I see, this is more a standards thing[01:30:12] <phunyguy> right[01:30:14] <lunaphyte> standards, sort of. more like self preservation[01:30:40] <phunyguy> I wonder how many people I've pissed off over the years.[01:30:46] <phunyguy> because I am terrible at this. heh[01:31:12] <lunaphyte> if you bounce stuff like that, you will *quickly* become a member of an esteemed group known endearingly as "blacklisted servers"[01:31:28] <phunyguy> yes I don't want that[01:31:28] <lunaphyte> and then, you *will* have deliverability problems[01:31:41] <lunaphyte> it's not an if, it's a when[01:31:51] <phunyguy> I get it.[01:31:57] <phunyguy> sql over internet for now.[01:32:30] <phunyguy> As long as I get that deferral.[01:32:35] *** wdp has quit IRC[01:33:04] <lunaphyte> oh, yeah, nice. looks like postfix provides comprehensive functionality for encrypted mysql queries[01:33:59] <phunyguy> mmmm[01:34:19] <lunaphyte> iirc, the only thing you ned to do to make and encrypted connection with the myql client program is specify the ca file [given a properly configured server, of course][01:34:39] <phunyguy> Oh look! I have a ca file![01:34:39] <lunaphyte> i wonder if the postfix lookup map follows that same convention[01:35:12] <phunyguy> also there is a bit of a wrinkle here, but it's not a problem I don't think[01:36:09] <phunyguy> mysql is on another server internal to my network. But with that said, *.phunyguy.com is a CNAME to phunyguy.com, so a port forward would suffice. thus a cert query for mysql.phunyguy.com should work fine.[01:38:27] <phunyguy> and it only needs read only access to that specific database table.. so nice and easy to restrict.[01:38:59] *** ekkis has quit IRC[01:43:59] <lunaphyte> cnames and wildcards? blech :([01:44:23] *** Montgallet has joined #postfix[01:44:55] <lunaphyte> oh, right that's how it works. in the mysql grants, you configure things so encryption is demanded for certain usernames/hosts pairs[01:45:19] <lunaphyte> something along those lines, iirc. it's been a while since i've really done much with mysql[01:45:31] <lunaphyte> aha[01:45:40] <lunaphyte> select host, user, password, ssl_type, ssl_cipher from user;[01:46:08] <lunaphyte> but that's wandering too much off topic for here[01:59:13] <phunyguy> mm[01:59:19] <phunyguy> is it though?[01:59:44] <phunyguy> oh I see[01:59:50] <phunyguy> yeah that portion of it for sure[02:04:26] <phunyguy> and re the cnames/wildcards... that was me being lazy.[02:06:06] <phunyguy> lunaphyte: you can feel free to /query me any more information you have on that.[02:09:53] <phunyguy> lunaphyte: this actually doesn't look too terribly difficult. https://www.howtoforge.com/how-to-set-up-mysql-database-replication-with-ssl-encryption-on-ubuntu-9.10[02:10:35] <phunyguy> I think I will configure the other VPS for that.[02:12:45] <phunyguy> or do it locally on the mx boxes. ¯\_(ツ)_/¯[02:31:31] <lunaphyte> interesting[02:33:26] <lunaphyte> seems better than it used to be[02:39:22] <phunyguy> yeah it looks pretty nice. It has me rethinking my sql setup for sure though. My databases are tiny, so I may pull it off the NAS, and just run it on the server. That way I have sql running on the same server as home postfix, then set up slaves on mx boxes. no more database availability problems.[02:40:01] <phunyguy> would be trivial to move all the files over from NAS, chown, and restart the service.[02:52:42] *** BoomerBile has joined #postfix[02:55:53] *** Guest98611 is now known as shawniverson[02:56:03] *** BoomerBile is now known as Metaphaze[02:56:31] *** Metaphaze is now known as cranky[02:57:00] *** cranky is now known as cranky_procrasti[02:57:08] *** cranky_procrasti is now known as BoomerBile[03:12:23] *** D-Boy has quit IRC[03:18:25] *** err-or_ has joined #postfix[03:22:18] <phunyguy> lunaphyte: so probably safe to say with a local db instance, I can remove relay_domains and add maps to the database for that as well...?[03:22:43] *** Montgallet has quit IRC[03:23:01] *** Montgallet has joined #postfix[03:23:08] *** err-or has quit IRC[03:27:46] *** Montgallet_ has joined #postfix[03:28:02] *** Montgallet has quit IRC[03:33:33] *** D-Boy has joined #postfix[03:36:38] *** rsx has joined #postfix[03:49:09] *** Montgallet_ has quit IRC[04:08:08] <lunaphyte> i'm not sure what you mean. without relay_domains, postfix won't know which domains it is the mx for[04:09:37] <rob0> "and add maps to the database for that as well," I think means to make it a SQL lookup, to change the file from a hash map to a query file.[04:12:10] *** n0b0dyh3r3 has joined #postfix[04:22:16] *** d0nn1e has quit IRC[04:24:02] *** d0nn1e has joined #postfix[04:30:32] *** mnathani_ has joined #postfix[04:32:43] *** gu1lle_ has joined #postfix[04:45:50] <jaybe> why might client connection to submission be slow to negotiate and proceed? I notice the incoming connection (ip6) in the log: postfix/submission/smtpd[3873]: connect from unknown[2605:6000:.... ]. seems 5-10 seconds pass, then it's like the gate opens and all is fine.[04:49:13] *** rsx has quit IRC[04:49:14] <jaybe> bleh; i think it was apple mail.app' probey 'feature' that tries to identify any/all open ports; i.e. instead of explicitly defining: 587.[04:49:24] <Dominian> stupid apple[04:49:48] <jaybe> sensible and nice feature, but, why check anything but what i populated (587) *first* -- and only unless/if 587 isn't reachable?[04:50:34] <jaybe> hmm that's not it; wtf[04:51:03] <Dominian> could be your server trying to find rDNS[04:51:31] <Dominian> what does your submission line in master.cf look like?[04:51:36] <Dominian> just curious[04:53:41] <jaybe> Dominian, http://p.ngx.cc/94606e2b2313c912[04:54:42] <Dominian> hm[04:56:30] <Dominian> does the same issue happen on ipv4 addresses?[04:56:47] *** edux has quit IRC[04:57:00] <jaybe> wonder if there is a dovecot (sasl) session cache or the likes. i.e. maybe the auth/session is timing out real fast and the handshake and auth takes the time[04:57:29] <jaybe> Dominian, not sure - i could explicitly config/test for ip4 i suppose. wouldn't surprise me if ip6 is weird. although there is rdns for ip4 and 6[04:57:42] <Dominian> not according to that log yo ushowed[04:57:50] <Dominian> from unknown[etcetc[04:58:10] <jaybe> not all addresses have reverses[04:58:14] <Dominian> right[05:02:12] <phunyguy> lunaphyte: that info is in mysql[05:02:56] <phunyguy> lunaphyte: relay_domains = mysql:/etc/postfix/mysql-relay-mailbox-domains.cf - but I get your comment now. I misspoke[05:03:09] <phunyguy> for some reason I thought it was a different option.[05:03:39] <phunyguy> so I would change it from relay_domains = domain1.com, domain2.com, domain3.com to relay_domains = mysql:/etc/postfix/mysql-relay-mailbox-domains.cf[05:04:03] *** edux has joined #postfix[05:04:08] <phunyguy> also I got my cert renewed for client access. I figure I do it for my webserver anyway... might as well add it to postfix and dovecot also.[05:04:33] <phunyguy> branched out the self signed to be used on 10025, and the startssl one to be used on submission.[05:04:41] <phunyguy> works a treat.[05:07:57] <jaybe> Dominian, lagging with ip4 as well.. hmmm[05:08:29] *** edux has quit IRC[05:11:23] <lunaphyte> phunyguy: oh, yeah. that what you'd want. no reason to list it manually, redundantly, when it's in sql[05:11:42] <lunaphyte> can you pastebin mysql-relay-mailbox-domains.cf?[05:12:07] <lunaphyte> and the file for relay_recipient_maps?[05:12:32] <phunyguy> what for?[05:12:35] <phunyguy> lol[05:12:49] <phunyguy> naah hang on[05:13:05] <lunaphyte> well, the real question is what they return[05:13:17] <phunyguy> so you want the sql query[05:13:26] <lunaphyte> not just[05:13:29] <phunyguy> or what's in the db[05:13:31] <phunyguy> I see[05:15:00] <phunyguy> so, if you want I can run the queries myself, see what they return, and if you tell me what it is supposed to look like I can verify it does[05:16:04] <phunyguy> oh, here they actually aren't bad[05:16:50] <phunyguy> here's relay-mailbox-domains http://dpaste.com/0803392[05:17:34] <lunaphyte> oh, yikes. more bad news! :)[05:17:51] <lunaphyte> that is the old, deprecated format[05:18:09] <phunyguy> /headdesk[05:18:23] <phunyguy> well I can't fix it tonight[05:18:27] <phunyguy> getting late[05:18:57] <phunyguy> the other one is similar if you want it[05:19:06] <lunaphyte> instead of table, select_field, where_field, etc, use query. and you'll also want to use result_format[05:19:10] <phunyguy> http://dpaste.com/0J41N4W[05:19:11] <lunaphyte> see man 5 mysql_table[05:19:55] <lunaphyte> but yeah, late here too and need sleep[05:19:58] <phunyguy> ahh so now it is an actual query-ish format[05:20:05] <lunaphyte> yes, much more sane[05:20:08] <phunyguy> yup.[05:20:17] <phunyguy> alright sir, as always, thanks for the help.[05:20:36] <phunyguy> if we lived close and you were a drinker, I would take you out for a brew.[05:20:43] <lunaphyte> no worries. glad to see you've got things working well[05:20:57] <phunyguy> not only that, I understand it[05:20:57] <lunaphyte> root beer maybe :)[05:21:01] <phunyguy> thanks to you.[05:21:05] <phunyguy> root beer it is[05:22:14] *** edux has joined #postfix[05:27:11] *** edux has quit IRC[05:29:35] *** JanC has quit IRC[05:34:27] *** akkad has quit IRC[05:42:57] *** akkad has joined #postfix[05:43:17] *** JanC has joined #postfix[05:44:16] *** penrod has quit IRC[06:00:44] *** lucascastro has quit IRC[06:07:28] *** lucascastro has joined #postfix[06:11:33] *** pozitron has quit IRC[06:17:11] *** edux has joined #postfix[06:21:53] *** edux has quit IRC[06:26:07] *** edux has joined #postfix[06:31:14] *** edux has quit IRC[06:35:24] *** edux has joined #postfix[06:39:35] *** edux has quit IRC[06:53:35] *** edux has joined #postfix[06:58:11] *** edux has quit IRC[07:02:30] *** edux has joined #postfix[07:08:00] *** edux has quit IRC[07:20:29] *** edux has joined #postfix[07:25:25] *** edux has quit IRC[07:38:42] *** edux has joined #postfix[07:43:20] *** edux has quit IRC[07:48:15] *** edux has joined #postfix[07:51:45] *** n0b0dyh3r3 has quit IRC[07:52:47] *** edux has quit IRC[07:55:18] *** aindilis2 has joined #postfix[07:59:06] *** anunnaki has quit IRC[08:04:21] *** anunnaki has joined #postfix[08:06:21] *** edux has joined #postfix[08:06:52] *** gu1lle_ has quit IRC[08:10:35] *** edux has quit IRC[08:24:27] *** edux has joined #postfix[08:27:04] *** RadoQ has quit IRC[08:27:53] *** smokeysea has joined #postfix[08:29:02] *** edux has quit IRC[08:33:40] *** edux has joined #postfix[08:37:35] *** edux has quit IRC[08:40:18] *** zorg1 has joined #postfix[08:45:09] *** pozitron has joined #postfix[08:45:48] *** pozitron has quit IRC[08:51:48] *** edux has joined #postfix[08:56:08] *** edux has quit IRC[09:06:31] *** sphenxes has joined #postfix[09:09:54] *** edux has joined #postfix[09:14:39] *** edux has quit IRC[09:19:13] *** edux has joined #postfix[09:23:26] *** edux has quit IRC[09:24:06] *** SCHAAP137 has joined #postfix[09:29:50] *** spY|da has joined #postfix[09:35:23] <smokeysea> hello all, I am trying to configure SMTP relay on ec2 instance with smtp-relay.gmail.com. But some how not going through.[09:35:41] <smokeysea> any issue with ec2 and gmail for smtp-reply?[09:35:44] <smokeysea> relay[09:54:53] <pj> !tell smokeysea getting_help[09:54:53] <knoba> smokeysea: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[09:55:35] *** bolt has quit IRC[10:07:11] *** ek has quit IRC[10:08:19] *** bolt has joined #postfix[10:09:26] *** iGeni has quit IRC[10:10:02] *** TyrfingMjolnir_ has joined #postfix[10:12:34] *** TyrfingMjolnir has quit IRC[10:12:34] *** TyrfingMjolnir_ is now known as TyrfingMjolnir[10:18:29] *** nhooyr has quit IRC[10:19:21] *** nhooyr has joined #postfix[10:22:41] *** edux has joined #postfix[10:26:44] *** edux has quit IRC[10:34:40] *** sphenxes01 has joined #postfix[10:40:30] *** edux has joined #postfix[10:45:26] *** edux has quit IRC[10:49:53] *** edux has joined #postfix[10:55:01] *** edux has quit IRC[10:56:05] *** bolt has quit IRC[10:59:12] *** edux has joined #postfix[11:02:31] *** infides_afk has joined #postfix[11:03:47] *** edux has quit IRC[11:07:57] *** edux has joined #postfix[11:09:00] *** nevstah has quit IRC[11:12:15] *** edux has quit IRC[11:17:14] *** edux has joined #postfix[11:17:15] *** Nihilum has joined #postfix[11:20:56] *** nevstah has joined #postfix[11:21:24] *** edux has quit IRC[11:26:11] *** edux has joined #postfix[11:30:04] *** paul` has joined #postfix[11:30:16] *** pozitron has joined #postfix[11:30:38] *** paul` has quit IRC[11:31:05] *** edux has quit IRC[11:35:25] *** edux has joined #postfix[11:39:14] *** iGeni has joined #postfix[11:40:08] *** edux has quit IRC[11:43:30] *** pozitron has quit IRC[11:47:23] *** ek has joined #postfix[12:27:56] *** TyrfingMjolnir has quit IRC[12:28:16] *** lucascastro has quit IRC[12:35:17] *** Section1 has joined #postfix[12:39:01] *** edux has joined #postfix[12:43:18] *** edux has quit IRC[12:57:05] *** edux has joined #postfix[13:00:33] *** phunyguy has quit IRC[13:02:00] *** edux has quit IRC[13:02:27] *** phunyguy has joined #postfix[13:03:43] *** TyrfingMjolnir has joined #postfix[13:04:25] *** smokeysea has quit IRC[13:06:17] *** edux has joined #postfix[13:11:04] *** edux has quit IRC[13:14:58] *** Someone_Else has joined #postfix[13:15:11] *** edux has joined #postfix[13:16:55] *** pti-jean_ has joined #postfix[13:19:10] *** pozitrono has joined #postfix[13:19:58] *** edux has quit IRC[13:20:29] *** osten has joined #postfix[13:23:38] *** Someone_Else has left #postfix[13:24:24] *** lucascastro has joined #postfix[13:24:44] *** TuxBrother has joined #postfix[13:26:11] *** TuxBrother has quit IRC[13:26:38] *** TuxBrother has joined #postfix[13:27:03] *** TuxBrother is now known as Someone_Else[13:27:11] *** Someone_Else has quit IRC[13:29:00] *** Someone_Else has joined #postfix[13:32:31] <mage_> any idea for: Jan 6 13:30:18 soekris1 haproxy[57654]: Backup Server bk_postfix/postfix_smtp_mx2 is DOWN, reason: Layer7 invalid response, info: "220-orval.bbpf.xxx.be ESMTP Postfix (FreeBSD)", check duration: 0ms. 1 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue. ...?[13:32:36] *** Haudegen has quit IRC[13:34:14] <Someone_Else> I'm lost in SSL, TLS and naming conventions...[13:35:32] <Someone_Else> Imagine a mailserver, called mta1.nyc.us.company.com is the first mailserver for a shared mailhosting purpose[13:35:35] <Tuxick> Someone_Else: you're not alone, it's a huge mess[13:35:59] <Someone_Else> Customers want to use mail.theirdomain.com, nothing complicated here[13:36:18] <Someone_Else> However, when they want to use SSL, they gent *CERT ERROR*[13:36:59] <Someone_Else> True, cause the cert is assigned to mta1.nyc.us.company.com[13:37:15] <Someone_Else> So, the solution would be to point them to that server directly[13:37:21] <Someone_Else> But...[13:37:43] <lunaphyte> email is not the www. that's where you're getting hung up[13:37:44] <Someone_Else> It would make more sense to have smtp.company.com, then[13:37:53] <lunaphyte> use an agnostic service domain[13:39:47] <Someone_Else> I assume I can't use a server naming scheme for it? Example, www1.nyc.us.company.com is actually pluto.company.com[13:50:09] *** Haudegen has joined #postfix[14:04:43] *** Nihilum has quit IRC[14:07:42] <lunaphyte> it sounds like you may be struggling with mixed up terminology[14:08:12] <lunaphyte> if a computer's canonical hostname is pluto.example.com, then www1.nyc.us.example.com is a service hostname[14:08:26] <lunaphyte> i'm not sure what "server naming scheme" means[14:09:53] *** edux has joined #postfix[14:13:28] *** edux has quit IRC[14:13:54] *** edux has joined #postfix[14:15:16] *** robinho86 has joined #postfix[14:17:27] <mage_> is it possible to disable syslog logging ? I tried -o syslog_facility= but it fails with "fatal: bad string length 0 < 1: syslog_facility = " ...[14:18:27] *** rsx has joined #postfix[14:19:59] <Tuxick> mage_: maybe easier to disable it in syslog conf[14:20:42] <Tuxick> send mail.* wherever you like[14:20:59] <mage_> I want to disable only for one smtpd service[14:21:21] <Tuxick> oh[14:21:49] <mage_> https://dpaste.de/BBsX[14:21:55] <mage_> I have the following[14:22:13] <mage_> I want to disable syslog for the smtpd on port 9025[14:23:40] <lunaphyte> send it to a different facility, and don't log it[14:24:01] <mage_> that's an option :)[14:24:12] <lunaphyte> what's the actual point of this?[14:24:43] <Tuxick> OR go for syslog-ng, that can do amazing things[14:24:54] <Tuxick> just won't bring you breakfast on bed[14:25:19] <mage_> I'm using HAProxy with the PROXY protocol in front of two Postfix servers, but it seems that the "check" option in HAProxy is broken when send-proxy is used ...[14:25:42] <Tuxick> didn't know haproxy can also do smtp[14:25:45] <mage_> I have exactly the same proble as in http://comments.gmane.org/gmane.comp.web.haproxy/12164[14:26:13] <mage_> Tuxick: yep it can :)[14:27:34] *** Haudegen has quit IRC[14:27:56] *** davlefouAMD has joined #postfix[14:30:18] <Tuxick> russian criminal switched to thatsnewmsgforyou???.com[14:31:04] <Tuxick> instead of helloservice[14:33:25] *** Haudegen has joined #postfix[14:34:44] <Bish> im using an alias to pipe mails of a certain user to a script[14:34:51] <Bish> can i somehow define the user which is executing this script?[14:34:56] <Bish> or do i have to do it more complicated[14:35:55] <Tuxick> or simpler, like procmail?[14:37:01] <Bish> i don't know what that is[14:37:19] <Bish> and it does look more complicated than "|path/to/script"[14:37:40] *** Haudegen has quit IRC[14:38:28] <Tuxick> but executed as user :)[14:38:39] <Tuxick> well, depends[14:44:14] *** dynek has joined #postfix[14:45:35] <dynek> Hello - quick question: I have a machine with a nic and an alias onto which a postfix service is running. Is there a way to add to the log file, the IP that was solicitated to relay the mail?[14:52:25] *** Haudegen has joined #postfix[14:56:56] *** Haudegen has quit IRC[15:01:02] *** dstarh has joined #postfix[15:05:14] *** rsx has quit IRC[15:05:22] <Bish> but for using procmail the user has to exist for real, right?[15:05:34] <Tuxick> ah yes[15:05:44] <Tuxick> but you can't execute as nonexisting user anyway :)[15:06:05] <Bish> that is true, but userOfScript != mailName either way in my case[15:06:26] <Bish> so what are my alternatives?[15:06:43] <lunaphyte> Bish: see man 8 pipe[15:07:31] <Bish> well i find the architecture of postfix very confusing, that's why i am asking here[15:07:45] <lunaphyte> hmm?[15:07:54] <lunaphyte> your question was answered. did you read the man page?[15:08:17] <Bish> i know there are 123123 binaries in postfix who all do stuff, but im sure, if i read this i still have no clue how to configure postfix to pipe it to a script[15:08:33] <lunaphyte> [09.06.42] lunaphyte: Bish: see man 8 pipe[15:09:02] <Bish> yeah i saw it, i've been on it several times. no clue[15:09:17] <lunaphyte> have yo utried it?[15:09:20] <lunaphyte> *you tried[15:09:27] <lunaphyte> if so, then see !getting_help[15:09:30] <Bish> try what?[15:09:34] <lunaphyte> !tell Bish getting_help[15:09:34] <knoba> Bish: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[15:09:35] <Bish> reading manpages, ofcourse[15:10:04] <lunaphyte> tried using pipe[15:10:44] <Bish> i don't know how to use it, as far as i understand it it's a program which sometimes somewhere gets executed by postfix[15:11:20] <Bish> in the manpages are already configuration files mentioned, but i have no clue what i am doing, so i would rather ask here before destroying something[15:11:34] <lunaphyte> oh. i see[15:12:06] <lunaphyte> you add a service to postfix, in master.cf, which calls pipe(8)[15:12:31] <lunaphyte> then, with transport_maps, you "map" the desired email address to the service you added[15:13:14] <Bish> yeah i read about that method on github, but i never knew if that was the "clean" way to do it, but now that you have explained it to me, it already helped me alot[15:13:18] <Bish> thank you[15:13:58] <lunaphyte> sure thing, you're welcome. try it out, and then if you have trouble, follow the directions in the !getting_help factoid[15:18:52] <Bish> where can i read about the master flags?[15:19:24] <Bish> i mean when adding the server[15:19:38] <Bish> oh those are pipe flags i got it[15:20:29] <Bish> thanks lunaphyte you demystified postfix for me[15:24:24] <Bish> wow, now it even gets queued when not delivered, that's cool! first try![15:26:17] <Bish> and this happens before alias and evrything is checked? because master gets mail from smtpd and knows through transport_maps do bring it to pipe which brings it to my script!?[15:28:13] <mage_> why does postscreen needs a "smtpd pass - - n - - smtpd" in master.cf ?[15:31:19] *** FinboySlick has joined #postfix[15:31:33] *** RadoQ has joined #postfix[15:32:46] <lunaphyte> Bish: yes. see man 5 transport for details[15:37:12] *** OnkV has joined #postfix[15:43:37] <lunaphyte> mage: postscreen only does a limited number of things. it is not the equivalent of smtpd. so it does what it does, and then hands off the connection to smtpd if appropriate[15:53:02] <mage_> ok :)[16:06:47] <Bish> can i also pipe bounces to some sort of socket?[16:06:55] <Bish> and even check if somehow if that was successful?[16:08:45] *** TyrfingMjolnir has quit IRC[16:14:05] *** cyris212 has left #postfix[16:25:58] * phunyguy grumbles and wanders to the coffee pot.[16:28:42] *** troulouliou_div2 has joined #postfix[16:33:16] <phunyguy> lunaphyte, I have made my decision. I am going to put MariaDB on the VPSs, and replicate the databases from home. This seems like the most reasonable option to ensure that there is a database available for postfix to query. With that said, I am unsure if 512MB RAM and 1 CPU is enough for that. I have a spare set, so I could rebuild these with 2 CPUs each, and a gig of RAM. So I will set one up first with the measly size to see how it[16:33:16] <phunyguy> looks, and if it gets hairy, I will rebuild.[16:35:00] <phunyguy> Especially if I am going to start doing any sort of mail scanning on those machines.[16:36:33] <patdk-wk> to do what?[16:36:46] <patdk-wk> it all depends on your usage, mysql can happily live in 64megs[16:37:02] <patdk-wk> and postfix can happily live in 100megs or so[16:37:18] <patdk-wk> the issue will be if accept incoming email, and want to do virus/spam scanning on it[16:37:23] <patdk-wk> that takes a lot of memory and cpu[16:39:36] <lunaphyte> phunyguy: that's probably what i would do[16:39:52] <lunaphyte> i would be willing to bet that 512 is sufficient[16:39:59] <lunaphyte> at least at the point for your current scale[16:40:04] <lunaphyte> *this[16:40:40] <lunaphyte> mail scanning?[16:40:44] <lunaphyte> content filter?[16:44:48] <lunaphyte> if that's what you mean, i'd do it on the home server[16:46:08] <phunyguy> all I needed to hear.[16:46:14] <phunyguy> Excellent, sir, thank you.[16:46:31] <phunyguy> And I meant spam filtering, etc[16:47:17] <lunaphyte> yeah, i would not put that on the mtas, unless there was some *actual* reason a milter was needed [hint: there usually isn't][16:47:29] <phunyguy> If I have to scale up later, I can. These VPSs allow for that quite nicely... One of those "Pay once, and keep the VM" deals.[16:47:38] *** Columbo0815 has joined #postfix[16:48:05] <phunyguy> hmmm milter... I am interfacing with openDKIM on the MTAs.. is that still ok?[16:48:27] *** doubletwist has joined #postfix[16:48:29] <phunyguy> actually, that is outbound. Nevermind[16:49:07] * phunyguy injects more coffee[16:49:58] <patdk-wk> just, if you do that, you cannot REJECT anything you scan[16:50:05] <patdk-wk> cause that would produce a bounce[16:50:14] <lunaphyte> right[16:50:16] <phunyguy> indeed[16:50:38] <phunyguy> if it's spam, I have no regret for just deleting it.[16:50:46] <lunaphyte> oh, no, don't do that[16:50:56] <phunyguy> *sigh*[16:51:02] <lunaphyte> !mantras[16:51:02] <knoba> lunaphyte: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls.[16:51:07] <phunyguy> I mean after delivery[16:51:15] <lunaphyte> oh, the end user?[16:51:17] <phunyguy> >.>[16:51:19] <phunyguy> spam folder[16:51:22] <lunaphyte> gotcha[16:51:25] <lunaphyte> sure, of course[16:52:07] <phunyguy> I am not ready to reject mail outright because it has some keywords or something. Would rather get a nice quick overview of what is there to see if anything is false-positived.[16:52:27] <phunyguy> as long as the recipient is correct.[16:53:54] <phunyguy> ugh.. these stupid VPSs only have 9GB / partitions... because by default they come with 1GB swap, that you can't avoid.[16:54:14] <phunyguy> would rather get the space back and create a smaller swap "file"[16:54:45] <lunaphyte> is it kvm or openvz?[16:54:49] <lunaphyte> [[or such][16:54:50] <phunyguy> neither.[16:54:56] <phunyguy> afaik these are ESX[16:55:15] <phunyguy> cheap crap.[16:55:28] <phunyguy> paid $7 for each and every one of the 512MB instances.[16:55:30] <lunaphyte> do you get management access?[16:55:34] <phunyguy> yeah.[16:55:44] <lunaphyte> so you can change the swap partition?[16:55:45] <phunyguy> even a KVM console.[16:55:52] <phunyguy> oh wait you mean ESX management[16:55:54] <phunyguy> no.[16:56:01] <lunaphyte> oh. bummer[16:56:10] <phunyguy> If I really wanted to I could probably delete the swap partition, and add it to the root lvm volume[16:56:32] <phunyguy> luckily they at least did that, heh.[16:56:39] <lunaphyte> oh, yeah, if it's all one disk, that's easy[16:56:46] * phunyguy looks[16:58:25] <phunyguy> yup, just a chunk of /dev/sda. Could wipe that and just slap it on to the volume group,[16:58:40] <phunyguy> terribly offtopic though.[16:59:14] <phunyguy> if it poses a problem I will attempt it. For now... push onwards![16:59:34] <lunaphyte> fun[17:04:46] *** Columbo0815 has quit IRC[17:05:03] *** troulouliou_div2 has quit IRC[17:06:58] <doubletwist> In exim it is possible for a server to send different HELO/EHLO depending on the sender/domain. Is it possible to do something similar in Postfix?[17:07:00] *** zorg1 has quit IRC[17:08:03] <lunaphyte> depends on what "send different HELO/EHLO" actually means[17:08:14] <lunaphyte> who is sending what to whom, and when?[17:09:14] <doubletwist> So say my outgoing mail server is named mail.it.example.com - but it sends/relays outgoing mail also for "domain1.com" and "domain2.com"[17:10:05] <doubletwist> When it sends mail for "domain1.com" it should use "mail.domain1.com" in the HELO/EHLO message onthe outgoing connection. And use "mail.domain2.com" for the outgoing connection for mails from that domain[17:10:42] <Tuxick> won't work[17:11:39] <lunaphyte> oh. the quest for perfect header :)[17:11:41] <lunaphyte> *headers[17:12:32] <lunaphyte> it's "possible", sure. but it's a total waste of time[17:12:44] <doubletwist> We have found it to not be a waste of time.[17:12:48] <lunaphyte> !tell doubletwist smtp_helo_name[17:12:49] <knoba> doubletwist: "smtp_helo_name" : a configuration parameter in the main.cf: The hostname to send in the SMTP EHLO or HELO command. The default is $myhostname.[17:13:05] <doubletwist> I'm aware of the default[17:13:51] <doubletwist> So here's what the current exim config does: http://fpaste.org/307839/[17:14:30] <doubletwist> There are business reasons it needs to do this. I'm not saying I agree but those are the requirements I'm working under[17:14:59] <doubletwist> And I'm trying to determine if I can accomplish the same thing in postfix[17:16:14] <rob0> Probably the easiest thing is to have a separate Postfix instance per IP address.[17:16:33] <doubletwist> It's currently only using 1 IP address.[17:16:35] <lunaphyte> you would need to set up custom smtp transports for each domain name, and set overrides for that parameter, or you'd have to set up multiple instances[17:16:47] <rob0> Oh, then you're out of luck.[17:17:05] <doubletwist> And yes, I know that despite the changing HELO - the lookup will still return the hostname of the mail server :)[17:17:42] <lunaphyte> use check_sender_access to pass the mail through the custom transport, or something like that[17:17:50] <rob0> See, you only have one PTR for that IP address. (Well, you can set as many as you want if you control the in-addr.arpa zone, but you'll be disappointed.)[17:17:59] <doubletwist> rob0: Yes I know[17:18:17] <lunaphyte> it would take some more dedicated thought to the architecture for the canonical answer, which you'd have to pay me to do ;)[17:18:51] <doubletwist> rob0: I assure you, we made all the arguments when this was first requested. We were told to do it anyway.[17:19:14] <rob0> It's covered in the Postfix 2.7 release notes, sender_dependent_*[17:19:39] <rob0> maybe it's easier in Exim[17:19:54] <rob0> it's not easy here.[17:20:44] <lunaphyte> not sure easier, but maybe if you've already overcome the hurdles of learning exim's procedural/conditional constructs[17:21:33] <doubletwist> lunaphyte: Not really. Someone else wrote it - who doesn't believe in comments or documentation[17:21:49] <lunaphyte> oh, fun![17:22:32] <doubletwist> Need to get off this old server though, and for various reasons it *might* be easier to migrate it to postfix - so I'm trying to determine if that is the case or not.[17:23:27] <doubletwist> Plus I figure that working out how to re-implement this in postfix will help me learn both exim and postfix better, not to mention learn to understand exactly what he was trying to do.[17:23:35] <doubletwist> So I can document it properly.[17:23:52] <lunaphyte> ignorant people insisting on demanding technical provisions is very frustrating[17:25:26] <doubletwist> Often yes.[17:26:02] <doubletwist> In this case, I understand why they were doing it - it's kind of a branding thing. And if necessary I may be able to use multiple IPs in the new solution to better accomplish it[17:26:24] <doubletwist> Part of it was to ease the minds of ignorant customers :)[17:27:40] <lunaphyte> we're used to the branding bit. but this is a woefully incomplete implementation[17:27:55] <lunaphyte> the dude changed the helo and that was it? everything else was left as is? that's a joke[17:28:28] <doubletwist> Well, it changes the helo, as well as the error_to and the return_path[17:29:03] <lunaphyte> but i'm talking about ip addresses, dns, etc. all of the things that are littered throughout headers[17:29:10] <rob0> Multiple IP addresses will make it both simpler and better.[17:29:33] <rob0> It's the only way to have "perfect headers".[17:29:36] <doubletwist> If I remember correctly, part of it also had to do with some spam RBL - though I'm not clear on how this helped[17:29:52] <lunaphyte> sounds like it wasn't clear to him either :)[17:30:01] <doubletwist> possibly :)[17:30:06] <rob0> ^^ would be my guess too[17:30:18] <lunaphyte> and if it wasn't celar to him, then you have no hope![17:30:20] <lunaphyte> *clear[17:30:23] *** SCHAAP137 has quit IRC[17:30:39] <lunaphyte> anyway, enough worthless pontification, i suppose[17:30:53] <phunyguy> you guys make my brain hurt.[17:31:14] <doubletwist> Either way, thanks for the help. You've given me enough to get me started, hopefully in the right direction.[17:31:15] <phunyguy> (I'll get there, now that I am in a better role at work)[17:31:37] <lunaphyte> i'm more of a biscuit person[17:32:27] <phunyguy> HAH[17:32:31] <phunyguy> took me entirely too long for that[17:32:35] <doubletwist> heh[17:33:00] <rob0> mmm biscuits[17:33:00] <phunyguy> had a backlog of postfix IRC messages to interpret I guess... took a while to get to that.[17:33:25] <doubletwist> not a fan of either - I prefer a nice italian bread[17:33:42] <doubletwist> Or an English muffin if it's breakfast time[17:34:30] <daemon> double vodka and coke works well too[17:35:15] <phunyguy> ^[17:35:39] <phunyguy> make it something other than vodka though. Maybe a little spiced rum.[17:38:48] <doubletwist> Hrm looks like he's also removing the received header to hide this relay server[17:39:01] <lunaphyte> that's just plain old a bad idea period[17:40:23] <doubletwist> I have a vague recollection of him saying something to that affect, but that he couldn't get it to work otherwise.[17:43:52] <rob0> The problem with removing Received: headers is that you can't control the ones added on the other end (the recipient server.)[17:44:30] <rob0> Often that's difficult to understand for the people who get the idea to do it. And I don't know why.[17:44:31] <doubletwist> I know[17:44:55] <doubletwist> I think maybe it was just to hide the hops that happened internally?[17:46:04] <phunyguy> even my limited brain thinks that's a bad idea.[17:46:14] <phunyguy> hiding hops that is.[17:47:38] *** Mizar has joined #postfix[17:47:51] <rob0> such things are often contributory to routing loops[17:47:52] *** Mizar has left #postfix[18:07:48] <lunaphyte> global climate disruption too, from what i understand[18:07:54] *** ktosiek has quit IRC[18:15:47] *** d0nn1e has quit IRC[18:16:53] <rob0> Of course. Routing loops cause more power consumption, thus more heat and more carbon emissions in the atmosphere.[18:17:25] *** d0nn1e has joined #postfix[18:20:54] *** rsx has joined #postfix[18:27:34] *** boredman has joined #postfix[18:28:23] *** gu1lle_ has joined #postfix[18:29:25] *** pozitrono has quit IRC[18:35:43] *** jimpop has quit IRC[18:37:22] *** rsx has quit IRC[18:39:10] *** jimpop has joined #postfix[18:39:10] *** jimpop has joined #postfix[18:39:27] *** troulouliou_div2 has joined #postfix[18:39:41] *** boredman has quit IRC[19:05:15] *** troulouliou_div2 has quit IRC[19:05:48] *** sarri has quit IRC[19:07:50] *** davlefouAMD has quit IRC[19:08:06] *** sarri has joined #postfix[19:18:49] *** osten has quit IRC[19:25:46] *** githogori has quit IRC[19:30:32] <ponky> i'm trying to forward mail that's sent to example at domain dot com to example at gmail dot com, but postfix relay access denied. i've had this problem before and iirc i had to whitelist the recipient address/domain but dont remember how[19:30:47] <lunaphyte> oh, no, don't do that[19:30:49] <ponky> postfix gives*[19:31:06] <lunaphyte> forwarding mail you get off to other people's email servers is a no no[19:31:27] <ponky> it's just a temporary rule for one address[19:40:30] <lunaphyte> vitual_alias_maps[19:42:02] <ponky> lunaphyte: already tried that[19:42:17] <ponky> main.cf: virtual_alias_maps = hash:/etc/postfix/virtual[19:42:20] <lunaphyte> oops, *virtual_alias_maps[19:42:25] <lunaphyte> !tell ponky getting_help[19:42:26] <knoba> ponky: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[19:43:40] <ponky> !showconfig[19:43:41] <knoba> ponky: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[19:46:33] <ponky> http://pastie.org/private/zkritclzdilexgt7qf5oag[19:47:07] *** skylite has joined #postfix[19:50:53] *** ced117 has joined #postfix[19:52:38] *** gu1lle_ has quit IRC[19:52:50] *** gu1lle_ has joined #postfix[19:55:29] *** wdp has joined #postfix[19:55:30] *** wdp has joined #postfix[19:55:50] *** skylite has quit IRC[20:09:06] *** OnkV has quit IRC[20:12:50] *** bolt has joined #postfix[20:14:41] *** Section1 has quit IRC[20:22:47] *** SupaYoshi has quit IRC[20:26:36] *** Haudegen has joined #postfix[20:27:33] <rob0> No logs in that paste, so nothing to go on.[20:27:42] <rob0> I guess there is[20:27:47] <rob0> !relay_denied[20:27:47] <knoba> rob0: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).[20:28:36] <rob0> but yes, same-envelope forwarding is not workable now, if you don't also control the forwarded destination.[20:29:19] <ponky> actually, you can see the config fail in that paste[20:29:28] <ponky> check_recipient_access was after rejects[20:30:31] <patdk-wk> no that doesn't mean fail[20:30:40] <patdk-wk> that could easily be correct, we don't know[20:31:00] <patdk-wk> atleast I do it that way, and it is not fail[20:31:07] <ponky> okay[20:31:10] <ponky> good to know[20:31:16] <ponky> well, it works now[20:31:36] <patdk-wk> bu we don't know why it failed or why it now works, cause we need to compare the logs against the config :)[20:43:12] *** Haudegen has quit IRC[20:53:46] *** bolt has quit IRC[20:59:26] *** Haudegen has joined #postfix[21:01:15] *** bolt has joined #postfix[21:02:02] *** daemon has quit IRC[21:02:52] *** daemon has joined #postfix[21:07:36] *** bolt has quit IRC[21:11:26] *** daemon has quit IRC[21:14:14] *** bolt has joined #postfix[21:17:51] *** edux has quit IRC[21:18:06] *** edux has joined #postfix[21:21:46] *** daemon has joined #postfix[21:29:15] *** lucascastro has quit IRC[21:35:13] *** KaiForce has quit IRC[21:38:44] *** sphenxes has quit IRC[21:38:59] *** sphenxes01 has quit IRC[21:39:12] *** sphenxes has joined #postfix[21:39:16] *** Amkei has joined #postfix[21:39:30] *** sphenxes02 has quit IRC[21:39:32] *** sphenxes01 has joined #postfix[21:39:49] *** sphenxes02 has joined #postfix[21:55:31] *** ktosiek has joined #postfix[21:57:06] *** camroncade has joined #postfix[22:04:02] *** FinboySlick has quit IRC[22:05:35] *** gu1lle_ has quit IRC[22:05:37] *** gu1lle_1 has joined #postfix[22:07:57] *** gu1lle_1 is now known as gu1lle_[22:12:27] *** nesthib has joined #postfix[22:33:22] *** v1c3 has joined #postfix[22:37:34] *** gu1lle_ has quit IRC[22:43:53] *** Darcidride has joined #postfix[22:44:37] *** TheFatherMind- has joined #postfix[22:45:59] *** TheFatherMind has quit IRC[22:55:03] *** grossing has quit IRC[22:56:09] *** grossing has joined #postfix[23:04:39] *** flaf has quit IRC[23:04:40] *** NightMonkey has quit IRC[23:04:42] *** Hydrazine has quit IRC[23:04:42] *** darkavenger_afk has quit IRC[23:04:48] *** darkavenl has joined #postfix[23:04:51] *** TheFatherMind- has quit IRC[23:05:03] *** Someone_Else has quit IRC[23:05:17] *** d0nn1e has quit IRC[23:05:18] *** robinho86 has quit IRC[23:05:19] *** ThomasKeller has quit IRC[23:05:19] *** equilibriumuk has quit IRC[23:05:21] *** skarn has quit IRC[23:05:21] *** ld50 has quit IRC[23:05:38] *** quenode has quit IRC[23:05:40] *** ponky has quit IRC[23:05:43] *** ponky has joined #postfix[23:06:03] *** ThomasKeller has joined #postfix[23:06:08] *** Amkei has quit IRC[23:06:45] *** ld50 has joined #postfix[23:06:55] *** quenode has joined #postfix[23:07:53] *** Hydrazine has joined #postfix[23:08:26] *** d0nn1e has joined #postfix[23:19:18] *** flaf has joined #postfix[23:20:11] *** skarn has joined #postfix[23:24:09] *** equilibriumuk has joined #postfix[23:34:07] *** dstarh has quit IRC[23:43:55] *** Horse has joined #postfix[23:44:17] *** Horse has quit IRC[23:44:40] *** Horse has joined #postfix[23:44:49] <Horse> hello![23:45:08] <Horse> !welcome[23:45:09] <knoba> Horse: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![23:45:50] <Horse> is it ispmail tutorial from workaround the same on nginx as it is on apache?[23:50:33] *** Horse has quit IRC[23:57:51] *** Tourist has quit IRC