January 10, 2016 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 10, 2016 [00:01:25] *** Mr_Pete has quit IRC[00:13:21] *** Mr_Pete has joined #postfix[00:16:04] *** nihe has joined #postfix[00:17:02] *** Mr_Pete_ has joined #postfix[00:20:05] *** Mr_Pete has quit IRC[00:20:05] *** Mr_Pete_ is now known as Mr_Pete[00:20:55] *** magyar has joined #postfix[00:31:38] *** sandeen has joined #postfix[00:34:07] *** azwieg103 has quit IRC[00:34:31] *** azwieg103 has joined #postfix[00:45:17] *** Tourist has quit IRC[01:07:43] *** Mr_Pete has quit IRC[01:13:23] *** cworth has quit IRC[01:13:45] *** cworth has joined #postfix[01:37:00] *** NightMonkey has joined #postfix[02:03:29] *** Diogo has quit IRC[02:05:05] *** beber_ has quit IRC[02:13:08] *** sandeen has quit IRC[02:24:23] *** Mr_Pete has joined #postfix[02:28:50] *** Mr_Pete_ has joined #postfix[02:30:45] *** Mr_Pete has quit IRC[02:30:46] *** Mr_Pete_ is now known as Mr_Pete[02:48:46] *** sandeen has joined #postfix[02:52:52] *** namyzarc has quit IRC[02:54:07] *** Batch has joined #postfix[02:55:33] *** sandeen has quit IRC[03:06:46] *** [44] has quit IRC[03:08:29] <DarwinElf> I upgraded Postfix, got an error[03:09:51] <pj> DarwinElf: noted.[03:12:48] <pj> DarwinElf: that was a hint, if you want help you're going to have to provide more info than that.[03:14:22] *** err-or_ has joined #postfix[03:17:09] <DarwinElf> I didn't because the error takes up a 13.2 MB maillog file... I guess you didn't think of THAT, but I can paste it in here if you want[03:17:46] <pj> *one* error is taking up 13.2 MB?[03:18:00] *** err-or has quit IRC[03:18:08] <DarwinElf> well, most of it is the same error happening over and over again... but then the last part where it's different is about half a page[03:18:44] <pj> ok, use a pastebin to show what the one error is that is repeated, and the last part that is different.[03:18:53] <DarwinElf> any preference which site?[03:18:56] <pj> also, what version did you upgrade from and to?[03:19:00] <pj> !paste[03:19:00] <knoba> pj: "paste" : A pastebin is a way to share larger amounts of data with others, without flooding the channel with garbage. You can find pastebins at http://paste.debian.net, http://apaste.info and various other sites. Please avoid using pastebins with active content or intrusive ads such as pastebin.com. Remember to share the URL of the resulting paste in channel.[03:19:44] <DarwinElf> some number of version 2, to 3.0.3[03:19:57] <pj> which 2? It does matter, actually[03:20:14] <pj> oh and what distro are you on, and how did you upgrade?[03:21:11] <DarwinElf> http://apaste.info/I8c[03:22:05] <DarwinElf> Slackware, used sbopkg that builds & installs SlackBuild package, and when there's an update automatically uses upgradepkg[03:22:29] <DarwinElf> I'm not sure I can get that info anymore[03:22:56] <pj> ok, well I seem to recall you were having issues with the first error messages before.[03:23:35] <DarwinElf> it was probably 2.11.4[03:23:49] <pj> basically put postdrop is having permissions problems. postdrop is basically the sendmail command, it runs separately to postfix and drops mail submitted to it into the pickup queue...[03:25:37] *** midacts has quit IRC[03:26:19] *** midacts has joined #postfix[03:27:26] <DarwinElf> so they've made this SlackBuild wrong... or this is something I did?[03:29:11] <rob0> haha[03:30:02] <rob0> as you may know, I'm the SBo postmaster, and I don't use the slackbuild[03:33:25] <pj> sorry, went AFK for a bit[03:34:05] <pj> does slackware use selinux or apparmour?[03:34:18] <DarwinElf> no[03:34:28] <DarwinElf> well I don't know about apparmour[03:34:40] <pj> yeah, well neither do I, I know more about selinux[03:35:25] <pj> but anyways, the backwards compatible messages you can ignore for now. You will want to fix those but you have more pressing issues at the moment.[03:36:19] <pj> the other message is strange, postfix is complaining that postfix isn't running...[03:38:36] <pj> DarwinElf: can you pastebin the output of: postfix check[03:39:52] <DarwinElf> there was none[03:39:59] <pj> no output at all?[03:40:03] <pj> wow, very strange[03:40:07] <DarwinElf> none at all[03:40:53] <pj> ok, stop postfix and start it again using the command supplied by slackware to do so, then pastebin anything new from the mail logs.[03:41:22] <rob0> just "postfix stop ; postfix start"[03:41:28] <pj> yeah, that will do[03:41:58] <DarwinElf> it wasn't running[03:42:03] <pj> that's ok[03:42:11] <DarwinElf> even though I did /etc/rc.d/rc.postfix start a few minutes ago[03:42:39] <pj> I still want to see any new log entries from the "postfix start" command[03:43:52] <DarwinElf> it's about two pages[03:44:19] <pj> that's fine, use a pastebin[03:46:01] <DarwinElf> I see from it already I have a typo somewhere in my configuration file[03:46:38] <DarwinElf> http://apaste.info/Pe1[03:47:06] <DarwinElf> or maybe webserver configuration file or something[03:48:39] <pj> that actually looks like it started up and is running fine[03:48:52] <pj> and it's now processing everything that has been stuck in the queues for ages.[03:48:53] <DarwinElf> well on one part it says .come instead of .com[03:49:18] <DarwinElf> I fixed that in main.cf[03:49:25] <pj> that came from the app that sent that message.[03:49:48] <DarwinElf> actually it was the mydomain variable in /etc/postfix/main.cf[03:50:16] <pj> ok, well in that case the app that is sending those messages should be providing an envelope sender but is not.[03:50:30] <pj> it's not a big deal, though[03:50:58] <pj> but you will find that there are several messages queued that are *to* the .come domain and those obviously will end up bouncing.[03:51:20] <DarwinElf> they were probably just entered in my contact form and are lost :([03:51:52] <pj> oh well[03:52:00] <DarwinElf> actually those were probably just all tests I made, since I changed the main.cf a day or few ago[03:52:27] <pj> anyways, it does look as if postfix is running fine, I don't even see it complaining about the compatibility_level setting, did you change that?[03:52:45] <DarwinElf> I entered the commands to do that[03:52:52] <DarwinElf> a day or few ago[03:53:22] <pj> ok, then postfix appears to be running fine. Now issue a "postfix stop" command, and then start it the slackware way (from the rc script).[03:53:29] <pj> then see if it still runs fine.[03:54:22] <DarwinElf> ok, I think the rc script didn't do anything, unless it's taking some time to start... just ran without saying anything and got the next line of a prompt[03:55:00] <DarwinElf> oh, there's a new version, I have to install[03:55:04] <pj> what does "postfix status" say?[03:55:37] <pj> oh? so they borked the package and are pushing out a new one?[03:55:54] <DarwinElf> I don't know, maybe it's just an update they didn't automatically install the new script[03:56:02] <DarwinElf> I ran it now, and Postfix started[03:56:14] <pj> ok[03:56:21] <pj> also you should attempt to send a message using the sendmail binary (see the sendmail(1) man page)[03:56:31] <rob0> the rc script is not necessary, no pid file is created nor stuff like that[03:56:32] <pj> see if postfix is still complaining about postdrop issues, then.[03:56:56] <DarwinElf> well it's necessary if you want to automatically start postfix when your computer starts[03:57:00] <pj> rob0: presumably that is how slackware will start postfix at boot time, though.[03:57:12] <rob0> the package is quite "vanilla" except for the gzipped man pages[03:57:37] <rob0> You could just use the rc.sendmail to start at boot time.[03:57:58] <pj> yeah, I simply wanted him to make sure that it starts fine from the rc script, if it does not but it starts fine with the "postfix start" command, then it's an issue he would have to take up with the package maintainer.[03:58:26] <pj> anyways, I'm going AFK again for a bit.[03:59:01] <DarwinElf> thanks :D[04:24:37] *** sandeen has joined #postfix[04:35:33] *** Mr_Pete has quit IRC[04:54:46] *** BoomerBile has quit IRC[05:00:39] <DarwinElf> I followed the instructions to set up TLS, but don't know how to configure a mail client to use it... SSL/TLS, or STARTTLS, and what setting for password?[05:02:29] <rob0> the password is not a part of TLS, and yes, you want STARTTLS[05:02:35] <rob0> !submission[05:02:36] <knoba> rob0: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[05:02:39] <rob0> !sasl[05:02:39] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[05:04:56] *** sandeen has quit IRC[05:04:58] <DarwinElf> my test message failed sending[05:05:04] <DarwinElf> in Thunderbird[05:05:17] *** BoomerBile has joined #postfix[05:05:37] <DarwinElf> well there's a TLS page on postfix.org now that says it used to be called SASL[05:11:32] <rob0> huh[05:11:47] <rob0> TLS is TLS. SASL is SASL.[05:12:07] <rob0> oh, SSL. SSL != SASL[05:12:51] <pj> TLS used to be called SSL, yes.[05:12:54] <pj> but not SASL[05:13:44] <pj> anyways ...[05:13:48] <pj> !tell DarwinElf getting_help[05:13:49] <knoba> DarwinElf: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[05:14:23] <DarwinElf> oops[05:34:23] *** nathanhi has quit IRC[05:34:40] *** lucascastro has quit IRC[05:38:00] *** puzzled has quit IRC[05:40:48] *** Guest95850 has joined #postfix[05:42:38] *** sarri has quit IRC[05:42:54] <DarwinElf> then I'd better do some more reading and trying things before I ask for detailed help, except for one question. One of postfix.org's documents on SASL or TLS was mentioned a Dovecot authentication server (Postfix on my OS apparently has built-in Dovecot encryption)... so does that mean I actually have to install Dovecot, or the built-in stuff is all that's needed?[05:43:52] *** sarri has joined #postfix[05:46:25] *** namyzarc has joined #postfix[06:23:06] *** HeavyMetal_ has left #postfix[06:23:14] *** HeavyMetal has joined #postfix[06:28:51] *** Tourist has joined #postfix[06:28:51] *** Tourist has joined #postfix[06:37:37] <rob0> Dovecot is not provided in Postfix, but there is a Slackbuild at SBO.[06:37:43] <rob0> err[06:37:51] <rob0> s/Postfix/Slackware/[06:38:25] <DarwinElf> yeah, well I'm just trying to set up SASL and TLS, then one of the texts said it has Dovecot something, but needs an authentication server from it. I don't really know what that means[06:38:54] <DarwinElf> I'm using just mail programs that are in /etc/inetd.conf like pop3ad or imapd[06:38:59] <rob0> the SASL_README has a Dovecot section.[06:39:14] <DarwinElf> I guess that's where I read this[06:39:23] <rob0> yeah, you'd benefit from going to Dovecot :)[06:40:06] <DarwinElf> well... it's more important to me to set up SASL and TLS for Postfix. I just don't know if that requires Dovecot or whatever uses Cyrus SASL, or Postfix just happens to use encryption from those projects[06:40:29] <DarwinElf> otherwise I'd set up Dovecot later[06:41:33] <DarwinElf> so far I'm the only person getting mail from it, on a LAN. After I set this or more up to test, I plan to move it to a professional server[06:41:47] <DarwinElf> or with some of the rest of that Postfix security and spam-stopping stuff[06:42:13] <DarwinElf> well, my site is accessible on the Internet... but I'm the only person who gets mail from it[07:26:41] *** olegfusion has quit IRC[07:28:09] *** Motoko has joined #postfix[08:05:15] *** synthroid has joined #postfix[08:11:22] *** Batch has quit IRC[08:20:56] *** olegfusion has joined #postfix[08:30:44] *** synthroid has quit IRC[08:52:41] <kingkong> hi. i have problem. relay=none, delay=252398, delays=252398/0.04/0/0.04, dsn=4.3.0, status=deferred (mail transport unavailable)[08:53:12] <kingkong> mails not delivery. how to fix it[08:55:18] *** zapata has quit IRC[09:06:37] *** sphenxes has quit IRC[09:06:37] *** sphenxes02 has quit IRC[09:12:46] *** anunnaki has quit IRC[09:18:00] *** anunnaki has joined #postfix[09:32:08] *** Motoko has quit IRC[09:39:14] *** vvassilev has joined #postfix[09:49:35] *** vvassilev has quit IRC[09:51:55] <pj> DarwinElf: postfix can use either dovecot SASL or Cyrus SASL but it does require one or the other. We tend to recommend dovecot because it's by far easier to set up and configure, and we tend to recommend using dovecot for IMAP (and if you must POP3) as well.[10:13:59] *** d0nn1e has quit IRC[10:14:56] *** shoonya has joined #postfix[10:15:28] *** d0nn1e has joined #postfix[10:21:50] *** ychaouche has joined #postfix[10:21:56] <ychaouche> Hello #postfix[10:25:28] <ychaouche> smtpd says that he failed the verification of wsus.eprs.dz, yet I can resolve it. https://gist.githubusercontent.com/ychaouche/0470d4d6cb507c8114e4/raw/98363e0796edab1795d226b9a7256ee98a0da269/gistfile1.txt[10:26:55] <ychaouche> wsus.eprs.dz is our monitoring machine.[10:30:39] *** aindilis2 has quit IRC[10:31:04] *** stemid has left #postfix[10:31:23] *** aindilis2 has joined #postfix[10:33:11] *** Quadro has joined #postfix[10:43:39] *** infides_afk has joined #postfix[10:46:54] *** chachasmooth has joined #postfix[10:49:19] <chachasmooth> how to set 4096bit dhparams ?[11:26:22] *** Haudegen has quit IRC[11:32:03] *** vvassilev has joined #postfix[11:32:51] *** fatalhalt has joined #postfix[11:36:40] *** vvassilev has quit IRC[11:43:35] *** Haudegen has joined #postfix[11:44:39] *** zapata has joined #postfix[11:48:31] *** beber_ has joined #postfix[11:56:17] *** _ruben has quit IRC[11:56:30] *** JanC has quit IRC[11:57:32] *** _ruben has joined #postfix[11:58:03] *** JanC has joined #postfix[12:18:09] *** RadoQ has joined #postfix[12:26:35] *** infides_afk has quit IRC[13:15:16] *** pti-jean_ has joined #postfix[13:36:55] *** phunyguy has quit IRC[13:39:45] *** phunyguy has joined #postfix[13:39:47] *** anunnaki has quit IRC[13:52:50] *** Quadro has quit IRC[13:52:57] *** [44] has joined #postfix[14:21:46] *** zapata has quit IRC[14:26:28] *** Darcidride has joined #postfix[14:53:48] *** shawniverson has quit IRC[14:55:33] *** fatalhalt has quit IRC[15:00:00] *** shawniverson_ has joined #postfix[15:03:22] *** TheFatherMind- has joined #postfix[15:04:26] *** TheFatherMind has quit IRC[15:18:32] *** infides_afk has joined #postfix[15:36:28] *** Quadro has joined #postfix[15:54:36] *** olegfusion has quit IRC[16:00:21] *** olegfusion has joined #postfix[16:02:06] *** infides_afk has quit IRC[16:09:36] *** shoonya has quit IRC[16:15:42] *** Tourist has quit IRC[16:15:56] *** Tourist has joined #postfix[16:22:51] *** Tourist has quit IRC[16:23:07] *** Tourist has joined #postfix[16:38:50] *** maziar has joined #postfix[16:39:01] *** maziar has joined #postfix[16:41:32] *** Quadro has quit IRC[16:57:00] *** ychaouche has left #postfix[16:58:46] *** internat has quit IRC[17:13:59] *** Amkei has joined #postfix[17:32:55] *** JanC has quit IRC[17:34:26] *** [44] has quit IRC[17:47:07] *** JanC has joined #postfix[17:47:50] *** maziar has quit IRC[18:07:52] *** sphenxes has joined #postfix[18:20:29] *** necrogami has quit IRC[18:26:52] *** rsx has joined #postfix[18:38:48] *** shawniverson_ is now known as shawniverson[18:39:39] *** edgy has joined #postfix[18:48:38] <edgy> Hi, I need to know how these messages are sent from my server. This is all the info I can get http://paste.pound-python.org/show/S7JJbLfMEKD0DFu09aMY/[18:49:12] <edgy> I have mail.add_x_header = On and I expected the header of the messages that's spamming my server to show the X-PHP-Originating-Script but alas it's not showing[18:59:15] <lunaphyte> client=localhost[127.0.0.1][18:59:17] <lunaphyte> your server[18:59:27] <lunaphyte> why are you not using submission and smtp auth?[18:59:39] <lunaphyte> this is system admin basics 101.[19:00:24] <lunaphyte> one of the more prevelant examples of why this is *mandatory*[19:02:37] <edgy> lunaphyte: the mydomain.net is not my code I am just hosting it, its mx records points to somewhere else,[19:02:41] <lunaphyte> and, as it happens, also an example of why [contrary to the belief of the cargo cult admin] allowing unfettered relay from localhost is not responsible[19:03:23] <lunaphyte> edgy: i'm not sure what you're talking about mydomain.net, but that domain belongs to someone. it's not ok to paster their domain name all over a pastebin just because you want to hide yours[19:03:37] <lunaphyte> in any case, mx records are irrelevant[19:03:41] <edgy> lunaphyte: ah! sorry for that[19:04:07] <edgy> lunaphyte: ok, now my understanding is there is a php script that's doing this sending, right?[19:04:33] <lunaphyte> it's certainly possible. you will need to figure out what program is connecting to localhost:25 and sending mail[19:04:46] <edgy> lunaphyte: exactly, how can I figure that?[19:04:56] <lunaphyte> the right thing to do is to disable that capability entirely, and set up submission with auth[19:05:11] <lunaphyte> my advice is to disable it, and then you will find out what breaks[19:05:20] *** sphenxes has quit IRC[19:05:20] <lunaphyte> then you can quite easily fix whatever is broken to do the right thing[19:05:22] <edgy> lunaphyte: I disabled the mail function in disable_functions shouldn't that be enough?[19:05:30] <lunaphyte> no[19:05:40] <lunaphyte> the mail function does not use smtp. there is something else[19:06:29] <lunaphyte> does this computer provide a webmail client?[19:06:36] <edgy> lunaphyte: no[19:06:51] <lunaphyte> how frequently are these connections being made?[19:07:17] <edgy> lunaphyte: wait! may be for another domain there is a web client but not for this one, I need to check that[19:07:44] <edgy> lunaphyte: it used to be frequent and I got blacklisted but now it's less frequent about 10/ day[19:08:34] <lunaphyte> grep -iF ' postfix/smtpd[' /var/log/mail.log | grep -iF ': connect from ' | grep -iF '[127.0.0.1]'[19:09:01] <lunaphyte> your choices are: trial and error, catching it in the act, or catching it in the logs[19:09:43] <lunaphyte> use something like lsof -nPi to catch it in the act. use something like iptables and the log target to catch it in the logs. i think you can tell iptables to log the program name?[19:09:47] *** sphenxes has joined #postfix[19:10:06] <lunaphyte> however, that may still only get you so far, if the program turns out to be, for example, httpd[19:10:25] <lunaphyte> that's why the earlier suggestion is the best one[19:10:59] <edgy> lunaphyte: can you point me to a tutorial or howto enable this smtp auth and disable the current settings?[19:10:59] <lunaphyte> then, the problem will be immediately handled, and there will be no ambiguity as to what software is using the mechanism[19:11:06] <lunaphyte> show your config[19:11:11] <lunaphyte> !tell edgy show_config[19:11:11] <knoba> edgy: "show_config" : see !showconfig[19:11:14] <lunaphyte> !tell edgy showconfig[19:11:14] <knoba> edgy: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[19:11:28] <thumbs> technically, httpd doesn't send emails. php does.[19:12:51] <tharkun> or whatever scripting language is runned on top of your http server.[19:12:57] <thumbs> right.[19:13:33] *** necrogami has joined #postfix[19:15:32] <edgy> lunaphyte: this is what you request first: http://paste.pound-python.org/show/1IWbYrGXKYhsmQGwzdqE/[19:15:54] *** Salt has joined #postfix[19:16:20] <thumbs> just that folks are quick to blame the HTTP server for those emails.[19:16:36] <edgy> lunaphyte: http://paste.pound-python.org/show/90NjnKA3v0KyEvPy0Xkd/[19:16:52] <lunaphyte> not much of a pattern, which is a reasonably trustworthy indicator that the culprit is not a cron job or such[19:17:05] <Salt> Hello, I have virtual_mailboxes setup and am trying to forward an address, before setting up virtual_mailboxes the virtual_alias_maps worked, now I am getting a Helo error about domains, has anyone encountered an issue like this?[19:17:14] <lunaphyte> edgy: you need to enable submission[19:17:19] <lunaphyte> !tell edgy submission[19:17:19] <knoba> edgy: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[19:17:33] <lunaphyte> then disable relay and smtp auth in the global config[19:17:40] <lunaphyte> that's step 1 and 2[19:17:53] <lunaphyte> !tell Salt getting_help[19:17:53] <knoba> Salt: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[19:18:10] *** TyrfingMjolnir has joined #postfix[19:19:02] <edgy> lunaphyte: the linke the pdf file is not valid[19:19:13] <lunaphyte> oh, ok[19:19:24] <lunaphyte> we'll look into that, but don't worry about it[19:19:43] <lunaphyte> the important part of that factoid is the bit about uncommenting master.cf[19:22:09] <edgy> lunaphyte: the factoid says see the commented example in master.cf, but not sure where is this example file lies![19:22:21] <lunaphyte> i don't understand[19:22:30] <lunaphyte> you do not know where master.cf is?[19:22:46] <edgy> lunaphyte: I know of course but what shall I look for in the file[19:22:55] <lunaphyte> the word "submission"[19:23:33] <edgy> lunaphyte: this line: submission inet n - - - - smtpd -o smtpd_sasl_auth_enable=yes[19:23:57] <lunaphyte> yes, along with the lines which follow it[19:24:22] <edgy> lunaphyte: there is no line following it[19:24:33] <lunaphyte> pastebin master.cf[19:25:32] <edgy> lunaphyte: http://paste.pound-python.org/show/ynYZTZFRVUSLw5Ae04zC/[19:26:00] <lunaphyte> so i'm not sure what you mean there is no line following it.[19:26:03] *** Guest95850 has quit IRC[19:26:03] *** Guest95850 has joined #postfix[19:26:04] <lunaphyte> there are many lines following it[19:26:09] *** Guest95850 is now known as nathanhi[19:26:16] <lunaphyte> lines 18-28 need to be uncommented[19:27:10] <thumbs> lunaphyte: I think it has to do with folks being afraid to edit things and break stuff.[19:27:16] *** rsx has quit IRC[19:27:21] <thumbs> lunaphyte: and lack of critical thinking[19:28:09] <edgy> lunaphyte: the line I pasted is line 126 which is the last line on my file, right?[19:28:26] <lunaphyte> oh[19:28:36] <lunaphyte> that's odd[19:28:40] <lunaphyte> sorry, i missed that[19:28:52] <lunaphyte> not what i was expecting[19:29:11] <lunaphyte> i would remove line 126, and then uncomment lines 18-28[19:29:28] <lunaphyte> that is not really a useful way to do that [as you can see from the confusion it generated][19:31:59] <edgy> lunaphyte: ok I will comment line 126 and uncomment 18-28 but what shall I expect this to break?[19:32:10] <edgy> lunaphyte: if it's that useful why not a default?[19:33:00] <lunaphyte> nothing will break with that[19:33:07] <lunaphyte> i'm not sure what you mean about default[19:37:27] <edgy> I mean why those lines are not uncommented by default, then?[19:37:50] <lunaphyte> historical/backwardscompatibility reasons[19:37:58] <lunaphyte> *backwards compatibility[19:38:36] <edgy> postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_sender_restrictions[19:38:36] <edgy> postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_client_restrictions[19:38:47] <edgy> I got these errors when restarted postfix after the mods[19:39:21] <lunaphyte> add both to main.cf and set them to empty[19:39:32] <Salt> lunaphyte, thanks, I almost always read the topic before asking but thought I'd done this one before, anyway, may have worked it out, will follow directions next time if I need more assistance[19:39:43] <lunaphyte> sounds good[19:44:34] <edgy> lunaphyte: ok done and now did postsuper -d ALL to flush the queue, and restarted, now what?[19:45:51] <edgy> lunaphyte: I would definitely go read more about those settings tomorrow but for now what shall I expect? more detailed logs?[19:47:18] <lunaphyte> now remove permit_mynetworks permit_sasl_authenticated from global smtpd_recipient_restrictions[19:47:29] <lunaphyte> and set smtpd_relay_restrictions to empty[19:47:41] <lunaphyte> and remove smtpd_sasl_auth_enable = yes from global config[19:49:05] <lunaphyte> and while you're at it, remove broken_sasl_auth_clients = yes and replace smtpd_use_tls = yes with smtpd_tls_security_level = may[19:49:38] <lunaphyte> once that's done, you'll be in good shape.[19:50:00] <lunaphyte> then, as you find things that are no longer able to send email, you can update their config so they use proper submission and authentication[19:50:27] <lunaphyte> then you'll know what is sending email, and it will be much much easier to deal with if soemthing like this happens again[19:57:13] *** akkad has quit IRC[19:58:18] <edgy> lunaphyte: ok done all that. First, thanks a lot for all the help and patient. now if I still got those messages, how would it be easier to track?[20:01:50] <lunaphyte> sure thing, you're welcome[20:02:03] <lunaphyte> the log messages will now include the username[20:02:15] <lunaphyte> so you'll immediately know which application is the culprit[20:02:44] <lunaphyte> [assuming you're a good admin, that is, and you don't go and use the same set of credentials for every single application][20:02:50] <lunaphyte> but hopefully that bit is obvious[20:03:22] <edgy> lunaphyte: sure, even a bad admin would figure that out ;)[20:03:51] <lunaphyte> and if there's a problem, you disable the username, which only affects that application - instead of having to break mail for everything on 127.0.0.1, like you've had to do this time ;)[20:04:21] <lunaphyte> edgy: one would hope so, but sadly, i think you're underestimating the incompetence of bad admins[20:05:33] *** githogori has joined #postfix[20:06:59] *** err-or_ has quit IRC[20:08:24] *** akkad has joined #postfix[20:08:39] *** err-or has joined #postfix[20:11:56] *** edgy has left #postfix[20:33:01] *** Kellin_ has quit IRC[20:40:36] *** maziar has joined #postfix[20:42:23] *** sarri has quit IRC[20:44:16] *** sarri has joined #postfix[21:03:02] <tharkun> lunaphyte: I'm quoting you.[21:12:39] *** maziar has quit IRC[21:23:55] *** sarri has quit IRC[21:24:02] *** TyrfingMjolnir has quit IRC[21:26:50] *** sarri has joined #postfix[21:36:16] *** sphenxes02 has joined #postfix[21:39:58] *** sphenxes01 has quit IRC[21:40:14] *** sphenxes has quit IRC[21:40:16] *** sphenxes01 has joined #postfix[22:06:16] *** internat has joined #postfix[22:08:40] *** TheFatherMind- is now known as TheFatherMind[22:11:23] *** Haudegen has quit IRC[22:15:32] *** v1c3 has quit IRC[22:18:47] *** v1c3 has joined #postfix[22:24:47] *** Amkei has quit IRC[22:34:23] *** ced117 has quit IRC[22:38:24] *** Haudegen has joined #postfix[22:49:14] *** infides_afk has joined #postfix[23:24:55] *** d0nn1e has quit IRC[23:27:49] *** d0nn1e has joined #postfix[23:51:25] *** pti-jean_ has quit IRC