January 12, 2016 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 12, 2016 [00:02:32] *** infides has quit IRC[00:08:26] *** v1c3 has quit IRC[00:09:31] *** [NoClan]GoAway has quit IRC[00:11:47] *** gu1lle_ has quit IRC[00:12:48] *** leeyaa has joined #postfix[00:15:57] *** ThomasKeller has quit IRC[00:17:46] *** abramart has quit IRC[00:18:26] *** abramart has joined #postfix[00:21:05] <guampa> life sucks. the new boss decided to ditch my beloved postfix and put exchange. cause groupware and outlook[00:21:06] *** [NoClan]GoAway has joined #postfix[00:21:21] *** camroncade has quit IRC[00:21:36] <thumbs> guampa: point and laugh, then?[00:22:03] <guampa> you can point and laugh at me, i'll have to manage that POS[00:22:55] <guampa> the only thing I can think of is to offer to maintain it for backup, at the border, receiving and forwarding[00:23:13] <guampa> but I know that won't walk[00:24:01] <guampa> i really don't have a solid argument against exchange/outlook for SOHO, or medium offices[00:24:21] <guampa> if people want shared calendars and all the party[00:30:31] *** bb0x has quit IRC[00:37:45] <leeyaa> ew exchange[00:39:34] <lunaphyte> guampa: zimbra is the lesser evil there[00:39:38] *** sarri has quit IRC[00:40:01] <lunaphyte> but yes, you certainly still need to have actual reliable software exposed to the internet, so postfix, not microsoft[00:40:15] <guampa> i was thinking that we were going to test some options for groupware, one candidate was zimbra[00:40:28] <guampa> today turned out the decision was rushed[00:41:55] *** leeyaa has quit IRC[00:43:13] <guampa> OTOH he accepted to keep the rest of the linux structure, DNS, web, db and other servers, and ditch hyper-v to virtualize everything including the windows AD, I'll get to play with HA so there will be fun anyway[00:44:07] <guampa> and a new server to development. I'll have more freedom to experiment with my mailer away from production[00:49:03] *** sandeen has quit IRC[00:49:08] *** sandeen_ has joined #postfix[00:54:27] *** pozitrono has joined #postfix[01:01:42] *** pozitron has joined #postfix[01:02:51] <pj> [23:31] <CRCinAU> pj: yeah - it says: The postscreen_cache_map parameter specifies the location of the temporary whitelist. [23:31] <CRCinAU> so seems only whitelist - not block list as well[01:03:15] *** sep has quit IRC[01:03:31] <pj> CRCinAU: Where do you see that? In postconf(5) it simply says, "Persistent storage for the postscreen(8) server decisions." and nothing about a whitelist.[01:03:46] *** pozitrono has quit IRC[01:04:04] <pj> CRCinAU: it also says the same in postscreen(8)[01:05:44] <pj> CRCinAU: oh, I see, that's in POSTSCREEN_README[01:05:55] *** nhooyr has quit IRC[01:06:12] <pj> well, I'm not sure, tbh, I think it may be for all postscreen decisions, whether positive or negative.[01:06:52] *** nhooyr has joined #postfix[01:07:54] *** nhooyr has quit IRC[01:08:49] *** nhooyr has joined #postfix[01:10:24] <pj> CRCinAU: one way to find out is to dump the table itself with postmap -s[01:16:18] *** sep has joined #postfix[01:32:22] *** DarwinElf has joined #postfix[01:33:52] <DarwinElf> I'm planning to move my server software from an ISP business account at home, to a professional server... but after I do that, because of moving off an ISP onto a large server company (probably Linode) is it likely my server will be attacked more, so I should set up more security and a lot of anti-spam stuff with Postfix?[01:42:28] *** gu1lle_ has joined #postfix[01:46:14] *** rigel has joined #postfix[01:47:02] <rigel> so i just set up a mail server per the instructions at https://workaround.org/ispmail/jessie but i'm unclear on why my email is going to my /var/mail/$USER as an mbox format via 'local' instead of /var/vmail/$DOMAIN/$USER/Maildir via lmtp[01:53:14] *** toadvine has joined #postfix[01:55:28] *** edux__ has joined #postfix[01:56:42] *** edux has quit IRC[02:07:46] <rigel> fixed. took $DOMAIN out of postfix/main.cf 's mydomain= line.[02:08:01] <rigel> then restarted postfix[02:08:37] *** xargs has quit IRC[02:09:51] <pj> DarwinElf: that question is completely unrelated to postfix, but it is likely that your server will be attacked no matter where it is hosted.[02:10:13] <toadvine> rigel - what's your mydomain= line look like now?[02:10:44] <toadvine> I don't even have that line[02:10:48] *** xargs has joined #postfix[02:12:05] <pj> !tell toadvine mydomain[02:12:05] <knoba> toadvine: "mydomain" : a configuration parameter in the main.cf: The internet domain name of this mail system. The default is to use $myhostname minus the first component. $mydomain is used as a default value for many other configuration parameters.[02:13:08] <toadvine> pj - I was asking because I was having the same problem as rigel[02:14:38] <pj> !tell toadvine getting_hel[02:14:38] <knoba> pj: Error: No factoid matches that key.[02:14:40] <pj> !tell toadvine getting_help[02:14:40] <knoba> toadvine: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[02:14:46] <pj> toadvine: follow this ^^^^^^[02:14:50] <rigel> toadvine: sorry, "mydestination"[02:15:12] <pj> just because you have similar symptoms as what he described on IRC does not mean you have the same problem.[02:15:27] <thumbs> pj: there's a name for this[02:16:01] <rigel> thumbs: postfix ex ipsofix?[02:16:21] <pj> also, I can't see how you would even know you have the same symptoms since you entered the channel after he described his problem.[02:16:32] *** xargs has left #postfix[02:16:36] <rigel> pj: we're both on #dovecot, where i asked first[02:16:41] <pj> oh, ok[02:17:29] <pj> well, if you do follow !getting_help we should be able to get to the bottom of your issue toadvine.[02:18:51] <Salt> Alright, so I've been working on a postfix/dovecot/mailman setup for a few days and am so close to the end, imap works, I can send emails, mailman works, but things aren't being received, here are a few logs: http://0bin.net/paste/U+6Mlw8exqkOWmBx#fXbSHV7ozhlZ0WEZV1u2uefWuwb93N4Y7owJOKQQt5u[02:19:53] <pj> Salt: that is an excellent paste, except if you can show the logs without verbose turned on we would really appreciate it[02:19:57] <pj> !tell Salt verbose[02:19:57] <knoba> Salt: "verbose" : You probably do not need verbose logging, but in rare cases the extra detail can assist in debugging. To set verbose logging add a -v after the command name (such as smtpd) in master.cf, then 'postfix reload' after that.[02:20:15] <Salt> pj, read that, can do, meant to bleh[02:21:54] <pj> Salt: however, after skimming through those logs, I can tell you that postfix thinks it delivered the mail just fine.[02:22:23] <pj> so I would say that it's likely that postfix delivered the mail to a different location than where you're looking for it.[02:22:29] <Salt> pj, yeah, just looked at the non-verbose log, really doesn't add anything[02:23:25] <pj> right, it won't, but the thing is, that the verbose logs add a lot of noise that make it harder to see past.[02:23:43] <pj> anyways, it's ok, just for next time.[02:23:50] <Salt> mail_addr_find seems to believe it is in the right place and I haven't been able to find logs pointing elsewhere, perhaps I should hardlink it instead of relying on virtual_mailbox_base[02:23:54] <Salt> though that is a bit cumbersome[02:24:26] <pj> Salt: well one min ...[02:25:32] <pj> Salt: what does this output: postmap -q salt at snowdrift dot coop hash:/etc/postfix/vmaps[02:27:01] <Salt> snowdrift.coop/salt/[02:27:43] <Salt> wait wait, something has come through...[02:27:47] *** DarwinElf has left #postfix[02:28:01] <pj> ok ... waiting[02:30:27] <Salt> I don't know what changed or where[02:30:29] <Salt> but it's working[02:30:29] *** namyzarc has joined #postfix[02:30:32] <Salt> thanks for taking a look pj[02:30:44] <pj> Salt: ok, yw[03:01:53] <toadvine> thanks for your help pj and rigel - got it working now[03:02:04] *** Salt has left #postfix[03:02:22] <pj> toadvine: yw, I guess, I didn't really do anything for you ;-)[03:03:02] <toadvine> you were quick to respond, which is always appreciated[03:04:29] <pj> hehehe, I do respond when I can, it's always just a matter of when I am around and have time to check.[03:10:50] *** err-or_ has joined #postfix[03:15:07] *** err-or has quit IRC[03:56:13] *** rsx has joined #postfix[03:58:33] *** rootrider has joined #postfix[03:59:33] <rootrider> what options do I have for filtering if I'm using virtual(8) delivery agent with dovecot?[03:59:42] *** heroux has quit IRC[04:00:26] *** heroux has joined #postfix[04:02:03] <rootrider> it's really difficult to search for solutions that don't use the dovecot lda :([04:17:18] *** chachasmooth has quit IRC[04:18:09] *** chachasmooth has joined #postfix[04:19:27] *** rsx has quit IRC[04:26:07] *** edux__ has quit IRC[04:28:33] <pj> rootrider: virtual(8) doesn't do filtering.[04:28:58] <pj> if you want to do filtering, then I recommend you use the dovecot lmtp delivery agent with sieve.[04:31:21] <rootrider> is it possible to do something after-queue?[04:31:27] <rootrider> guessing not :/[04:32:08] <pj> rootrider: sure, but not through the delivery agent[04:32:15] <pj> !content_filter[04:32:15] <knoba> pj: "content_filter" : a configuration parameter in the main.cf: The name of a mail delivery transport that filters mail after it is queued. Also reference: http://www.postfix.org/FILTER_README.html[04:32:27] <pj> rootrider: ^^^^^[04:32:48] <pj> rootrider: what are you trying to do, anyways?[04:33:54] <rootrider> to maintain my existing configuration, which I'm quite happy with, but to add the ability to sort mail into specific folders based on rules[04:34:18] *** tharkun is now known as b[04:34:20] <pj> oh, to sort into folders is a function of the delivery agent[04:34:30] <pj> you will have to change to a differnet delivery agent to do that.[04:34:44] <pj> it's not hard and won't alter your existing config significantly.[04:34:48] *** b is now known as Guest6983[04:34:58] <pj> again, I recommend using dovecot lmtp with sieve.[04:35:08] *** Guest6983 is now known as tharkun[04:36:26] <rootrider> is dovecot lmtp more secure than the dovecot lda for virtual mailboxes? I'm not in the mood to give my delivery agent suid root just to it can function with virtual mailboxes that have different owners[04:37:25] <pj> it's the same security-wise, dovecot lmtp runs as a daemon and postfix connects to it with a socket, so it's more efficient than dovecot lda which has to fork a new process for each delivery.[04:37:53] *** d0nn1e has quit IRC[04:37:59] <rootrider> mmhmm[04:38:57] <pj> dovecot lmtp is newer, so a lot of guides and howtos you find via google will tell you to use dovecot lda, because they are written by someone who followed another guide, who followed another guide which was written back when dovecot lda was the only choice.[04:39:45] <rootrider> yeah... well aware :([04:40:09] <pj> that's why I generally don't recommend following tutorials, well it's one of many reasons why.[04:40:14] <rootrider> I'm very happy with using virtual(8) up to this point.. not looking forward to changing[04:40:46] *** d0nn1e has joined #postfix[04:41:20] <pj> I understand, but it really is a fairly simple change, and dovecot will run better for it as well. If you're using dovecot to deliver the mail then it can index it at delivery time instead of having to wait until later.[04:41:33] <pj> this is probably the better docs for the switch: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP[04:42:39] <rootrider> tanks[04:42:41] <rootrider> +h[04:42:49] <rootrider> I'll look into it..[04:42:55] <pj> yw[04:43:20] <lunaphyte> if you're using dovecot for imap, then using dovecot as your lda is a no brainer[04:43:31] <lunaphyte> via lmtp, of course[04:43:34] <pj> do note that if you're running postfix under chroot (as debian likes to do) then you'll have to alter the socket location accordingly in the dovecot config.[04:43:50] <rootrider> freebsd :)[04:43:58] <lunaphyte> or just use inet ;)[04:44:26] <pj> yep, you can do that, inet can certainly be easier, especially if you have permissions issues or chroot issues.[04:44:42] <pj> I do tend to prefer unix more myself as it's more secure, imo.[04:45:02] <rootrider> lunaphyte: maybe, but I am a fan of postfix virtual's ease with allowing different ownership for each virtual mailbox[04:45:12] <lunaphyte> i don't consider it more secure[04:45:37] *** tharkun is now known as hmss007[04:45:41] <lunaphyte> rootrider: dovecot is perfectly capable of the same thing[04:46:25] <rootrider> I'm not familiar with dovecot lmtp, but I know the old lda needed to be suid root in order to work with those needs[04:46:34] <pj> rootrider: virtual(8) is actually a fairly basic stripped down lda. You are really mant to use a 3rd party one (such as dovecot) for anything beyond its capabilities.[04:46:47] <rootrider> yeah...[04:46:51] <pj> *meant[04:47:05] <rootrider> understood... was just hoping[04:47:09] <pj> yep[04:47:12] *** hmss007 is now known as tharkun[04:48:02] <rootrider> and yeah.. I'd prefer a unix socket just on principle[04:48:34] <pj> rootrider: that's all good, do keep lunaphyte's advice in mind, though, in case it gives you trouble inet is another option.[04:48:43] <rootrider> sure[04:49:05] <lunaphyte> funny, i generally prefer an inet socket, also just on principle[04:49:15] <rootrider> heh[04:50:19] <pj> lunaphyte: irt security, you can limit which users connect to a UNIX socket, you don't have to rely on a firewall to prevent external connections to it, you can even limit exactly which processes connect to it via something such as selinux.[04:53:29] <lunaphyte> iptables has things like --uid-owner to do the same thing[04:54:04] <lunaphyte> and although i don't have much experience with selinux or apparmor, iirc, they offer similar mechanisms for that as well, i think?[04:54:24] <lunaphyte> also, there's something to be said about the extent to which you're getting a benefit[04:55:10] <lunaphyte> imho, the benefit gained is not typically worth some of the confusion using unix sockets often generates. especially to the inexperienced[04:55:35] <lunaphyte> that said, it would be neat if lmtp servers like dovecot could offer authentication[04:55:38] <pj> anyways, at the end of the day, if you want to use inet go ahead, I don't think it makes *that* much of a difference. I do tend to prefer unix but I also agree that there can be confusion with permissions and chroot involved.[04:55:40] <lunaphyte> maybe some do? i don't know[04:56:35] <rootrider> selinux can definitely limit what process can listen on a port[04:56:48] <rootrider> not sure about limiting users or processes that want to connect to the port[04:57:13] <pj> ahhh, yep, case in point is that you generally have to tweak selinux when you want to change ssh to an alternate port.[04:57:13] <rootrider> I'm quite familiar with unix sockets.. already using lmtp for a couple of other things[04:57:45] <lunaphyte> i think pj and i both agre that either is really fine, and that the larger point is that if you're using dovecot for imap, you really ought to be using dovecot as your lda[04:57:58] <pj> yes, certainly[04:58:05] <rootrider> :)[04:58:32] <lunaphyte> agree?[04:58:47] <lunaphyte> mm, no, ogre, maybe?[04:58:53] *** sandeen_ has quit IRC[04:59:01] *** irctc916 has joined #postfix[04:59:04] <lunaphyte> spelcheck is broken i guess :([04:59:42] *** sandeen_ has joined #postfix[04:59:53] *** irctc916 has quit IRC[05:00:07] <pj> well, I don't have a problem with someone continuing to use virtual(8) if they have dovecot, but virtual(8) is limited and when you need to exceed those limitations then your choices are pretty much to use dovecot or another 3rd-party lda (such as procmail) and my opinion is that installing such would just be a waste of resources when you already have a perfectly good lda installed that will satisfy your requirements.[05:00:35] *** anmaxvl has joined #postfix[05:01:19] <rootrider> in my admittedly limited experience, I think virtual works quite well within its limitations[05:01:31] *** sandeen_ has quit IRC[05:01:53] <tharkun> You are right. The underlying question is if you can get the job done with its limitations.[05:02:10] <pj> but as I also said, dovecot lda will index your messages at delivery time, which is a definate bonus as well.[05:02:18] <rootrider> I think its simplicity is a good thing.. but I suppose most mail servers aren't running such a simple configuration[05:03:54] *** anmaxvl has quit IRC[05:04:02] <pj> rootrider: it has worked for you just fine to date, but now you're in a situations where you need more, and that's fine.[05:04:07] *** sandeen has joined #postfix[05:04:27] <rootrider> yeah.. ugh[05:04:31] *** irctc358 has joined #postfix[05:05:22] <rootrider> I even wrote a script that takes the uid, gid, mailbox location, and username and encrpyted password and splits it out into the files needed by dovecot and postfix[05:05:32] <rootrider> have to figure out dovecot lmtp now I guess[05:05:32] <pj> dovecot is a good choice, because dovecot already knows where all your mailboxes are and how to connect to them. You rpetty much just need to enable the lmtp listener and change one line in postfix to deliver to it instead of virtual.[05:14:26] <irctc358> Hi, guys. I am trying to setup postfix on a ubuntu box, but cannot do it by package installers. So I installed it from source on a VM and copied the files from /usr/sbin /usr/libexec /var/spool /var/lib and /etc/postfix. And now when I try to "postfix start" It gives me an error "postfix: fatal: inet_addr_local[getifaddrs]: getifaddrs: Success". What may be causing this? And am I doing it properly afterall?[05:14:40] *** irctc358 is now known as _max[05:17:32] *** indy has quit IRC[05:19:39] *** indy has joined #postfix[05:20:10] <_max> !welcome[05:20:11] <knoba> _max: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![05:20:27] *** _max has quit IRC[05:20:56] *** anmaxvl has joined #postfix[05:21:47] *** anmaxvl is now known as _max[05:22:30] <_max> Hi, guys. I am trying to setup postfix on a ubuntu box, but cannot do it by package installers. So I installed it from source on a VM and copied the files from /usr/sbin /usr/libexec /var/spool /var/lib and /etc/postfix. And now when I try to "postfix start" It gives me an error "postfix: fatal: inet_addr_local[getifaddrs]: getifaddrs: Success". What may be causing this? And am I doing it properly afterall?[05:33:15] *** JanC has quit IRC[05:36:37] <_max> !getting_help[05:36:37] <knoba> _max: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[05:36:48] <_max> !relevant_logs[05:36:49] <knoba> _max: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[05:37:10] <_max> !showconfig[05:37:11] <knoba> _max: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[05:37:34] <_max> !shoconfig_old[05:37:35] <knoba> _max: Error: "shoconfig_old" is not a valid command.[05:37:42] <_max> !showconfig_old[05:37:42] <knoba> _max: "showconfig_old" : for versions of postfix < 2.9, pastebin postconf -n and the contents of master.cf with comments removed[05:47:53] *** JanC has joined #postfix[05:50:51] *** Motoko has quit IRC[05:51:50] *** Motoko has joined #postfix[06:09:45] *** namyzarc has quit IRC[06:13:43] *** sandeen has quit IRC[06:13:57] *** _max has quit IRC[06:15:03] *** sandeen has joined #postfix[06:23:05] *** sandeen has quit IRC[06:25:07] *** sandeen has joined #postfix[06:47:39] *** anmaxvl has joined #postfix[06:50:53] <magyar> hi, is there a way to reject email that has this type of from=<RachelWeinstein at fjdvsio dot neonspingo.download> ?[06:57:05] <pj> !check_sender_access[06:57:06] <knoba> pj: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.[06:57:10] <pj> magyar: ^^^^[06:58:12] <magyar> pj: there is a ton of them and all made up and mostly from Eonix Corporation[06:58:38] <pj> magyar: believe it or not that is actually a valid email address.[06:58:50] <pj> so verifying it or the domain name won't help.[06:59:00] <magyar> this was just a sample of some crazy domains that the spammers generate[06:59:28] <pj> right, I checked it, fjdvsio.neonspingo.download is a valid domain with an MX record that points to a valid hostname.[06:59:35] <magyar> how is that, then I do a whois there is no such domain[06:59:38] <magyar> ?[07:00:09] <magyar> pj, how did you check it?[07:01:13] <pj> dig fjdvsio.neonspingo.download MX +short[07:01:40] <magyar> oh, through dig, I used whois[07:01:45] <pj> whois clients may not recognize the TLD because it's one of the newer expanded TLDs.[07:02:12] <pj> right, postfix doesn't care about a whois record, nor should it.[07:02:16] <magyar> i think these new domains are created for spam only[07:03:13] <pj> you could use a pcre table with check_sender_access to reject anything that's not in a set of TLD that you recognize, but you run the risk of rejecting legitimate mail.[07:04:21] <pj> anyways, I'm going AFK for a bit.[07:10:01] *** sandeen has quit IRC[07:10:41] <magyar> thank pj, what about hash tables can I just block the tld of review, download, date etc?[07:10:46] <magyar> thanks[07:13:20] <pj> magyar: not with a hash table, no. The reason is that a hash table has to match against the entire domain.[07:13:47] <magyar> got it, thanks again pj[07:13:51] <pj> with a pcre table you can use a pcre to match against part of the domain.[07:14:06] <pj> yw[07:15:17] <pj> you could use a pgsql or mysql table, though, because you can craft an SQL query that would match the end of the domain.[07:21:54] <magyar> pcre will suffice i think[07:23:05] *** echan has quit IRC[07:30:28] <magyar> debian is wacky, they separated the pcre from the main installation, so postfix-pcre needs to be installed[07:30:36] <magyar> :)[07:42:45] *** Quadro has joined #postfix[08:10:35] *** carl- has joined #postfix[08:17:30] *** olegfusion has quit IRC[08:24:25] <survietamine> you selected it[08:34:01] <Tuxick> what's the problem with that?[08:34:28] <Tuxick> what they did to exim config is worse, but who uses that anyway[08:38:04] *** Haudegen has quit IRC[08:38:24] *** doubletwist has quit IRC[08:39:15] *** doubletwist has joined #postfix[08:40:26] <pj> magyar: you'll find that most ditros will package it that way starting with 3.0[08:40:47] <pj> ...including my own packages for CentOS.[08:41:24] <survietamine> Tuxick: I don't have problem with that. Just notice that magyar is newbie and complains too easily[08:43:12] <survietamine> « i think these new domains are created for spam only » and « debian is wacky... »[08:44:16] <Tuxick> i see russian criminals create spam domains all the time, this bit is true[08:44:26] <Tuxick> so he's half right ;p[08:44:57] <Tuxick> oh+mygold.net is the latest[08:45:26] <Tuxick> hmm, or was :)[08:49:05] *** unforgiven512 has quit IRC[08:50:05] *** troulouliou_div2 has joined #postfix[08:50:36] <pj> tbh, I was never fond of ICANN opening up the TLD space anyways, so I would not object to people blocking most of it on their email servers.[08:50:58] <pj> the more that can be done to de-value that space the better, imo.[08:51:08] <Tuxick> :)[08:51:26] <Tuxick> so far haven't started blocking those lame tlds, but it's inevitable[08:51:38] <Tuxick> you have to be pretty stupid to mail 'from' .biz anyway[08:51:59] <Tuxick> almost as stupid as banks still trying to send email[08:52:04] <pj> Personally I would allow com net biz gov info org and any two letter CCTLD, possibly a few others that were around before the expansion.[08:52:18] <survietamine> yeah, each admin makes his choice. But I don't make assertions about things I'm ignorant[08:52:28] <pj> Tuxick: I have a client who runs a major business from a biz[08:52:38] <pj> it's old enough to allow at this point, imo.[08:52:59] <survietamine> I don't know what *.download *.biz domains are used for exactly and if it's handy for some web service or so. So I won't say anything about it[08:53:14] <pj> .biz is just another .com, really[08:53:19] <pj> .download is a new one.[08:53:37] <survietamine> but yeah, looks like all these new gtlds are more about money for ICANN and others organizations[08:53:54] <Tuxick> vanity tlds :)[08:53:54] <pj> yeah, it really was just ICANN getting greedy.[08:53:57] *** lrea has joined #postfix[08:54:10] *** Haudegen has joined #postfix[08:54:11] <pj> not much of anything to do with what's best for the internet as a whole.[08:54:14] <Tuxick> and of course "if we don't register it, some bad guys will"[08:54:38] <pj> Tuxick: that's where the majority of the legitimate registrations come from.[08:54:39] *** doubletwist has quit IRC[08:54:40] <survietamine> I wanted a domain for use with my sisters, and I wanted .family, but looks like it will be expensive and somehow targeted to business first[08:54:41] <pj> ...imo[08:55:25] <pj> survietamine: well, presumably some registrar will take out .family and you're supposed to contact them to get foo.family[08:55:37] *** doubletwist has joined #postfix[08:56:02] <survietamine> yes, it's in pre-order state (sorry, not sure about the translation), but the price is too high for my "personal uses"[08:56:40] <survietamine> so, maybe I'll selected a domain in some gtld delegated to France like .pm[08:57:42] <survietamine> shorter and cheaper[08:58:10] *** doubletwist has quit IRC[08:58:17] <pj> It's been a long time since anything meaningful was assigned to most TLDs[08:58:21] <survietamine> even if I think .family would have been more appropriate for family uses[08:58:33] <pj> used to be a time when you had to have a non-profit to get a .org[08:58:44] <Tuxick> idd[08:58:47] <survietamine> that looks fine to me[08:58:49] <Tuxick> otherwise get .net[08:58:57] <Tuxick> that's how i ended up with a .net[08:59:12] <pj> yeah, .net is appropriate for a lot of uses, .com and .net used to be the only ones with open registration.[08:59:12] <Tuxick> country tld was very expensive or difficult[08:59:49] <pj> well, was a time when you had to reside on a country to get a CCTLD domain[09:00:21] <survietamine> today, it's a mess, because $ rules the world :/[09:00:31] <pj> I'm not sure if there's any CCTLDs left with that requirement anymore.[09:00:37] *** doubletwist has joined #postfix[09:00:56] <pj> yep, it's all about the money[09:02:00] <pj> I have thought on occasion what would it be like to start a competing DNS service against ICANN[09:02:31] <Tuxick> fat chance :)[09:02:58] <pj> I used to be involved with the Pirate Party here, was thinking it could be done in relation to that...[09:03:22] <pj> first rule, all those domains shut down by the US Govt for "piracy" reasons would work on that DNS service...[09:03:33] *** skylite has joined #postfix[09:03:33] *** doubletwist has quit IRC[09:03:42] <pj> 2nd rule, none of the new crap TLDs would be allowed.[09:04:11] <pj> everything else just forwards to ICANNs DNS.[09:05:13] <Tuxick> hmm[09:05:15] <pj> of course DNSSEC would toss a huge wrench in the whole thing now.[09:05:36] *** doubletwist has joined #postfix[09:06:00] <survietamine> yes, dns is weak, and dnssec is not so common/deployed[09:06:47] <Tuxick> still on my tod[09:06:49] <Tuxick> o[09:06:49] <pj> the idea would have been to get in touch with various Pirate Parties and other organizations around the world to host servers for the new system.[09:07:07] <pj> then you just put up instructions to tell people how to change their DNS settings to use those servers.[09:07:12] <Tuxick> maybe on next job, atm webmasters have serious trouble understanding dns basics already[09:07:29] <survietamine> hehe, you'll make another darknet? :)[09:07:47] <pj> survietamine: well this would just be for DNS[09:10:06] <pj> but yeah, the idea would be to help the internet "route around" the damage imposed by governments and large organizations such as ICANN[09:11:34] *** unforgiven512 has joined #postfix[09:13:56] <survietamine> but if people like it will we be able to handle the load?[09:21:02] <Motoko> Some ccTLDs still have a residency requirement.[09:21:12] <Motoko> I know JP does. I think UK also does.[09:21:20] <Motoko> US requires a "nexus" relationship.[09:22:34] <Motoko> pj, several groups have already worked on an "alternate DNS". OpenNIC is one of the biggest still standing.[09:23:12] <Motoko> https://en.wikipedia.org/wiki/OpenNIC[09:23:39] <survietamine> :)[09:24:04] <survietamine> I used their servers, but sometimes have to change conf because some servers are down[09:24:22] <Motoko> It's not easily sustainable to do non-ICANN stuff.[09:24:27] <survietamine> I meant, on my personal computer at home[09:24:30] <Motoko> Not enough funding or interest to scale out.[09:24:42] <Motoko> You could run your own local resolver.[09:25:02] <Motoko> Even just for the global ICANN ones. All you need is the root hint file and some time to configure.[09:25:17] <survietamine> but I did that because of "liars" dns (what's the right word in english). I ended installing my own dns server[09:25:17] <Motoko> I've done that at my old office.[09:25:55] <Motoko> I just use Google DNS for when I don't want the ISP provided and don't care to manage a local resolver.[09:26:27] <survietamine> yeah, but I don't want to continue giving my whole life to Google anymore[09:26:36] <Motoko> There are plenty of other options too.[09:27:27] <Motoko> It's getting harder to find many open resolvers because of their use in amplification attacks and other nefarious uses.[09:27:38] <Motoko> Still, they do exist.[09:27:54] <survietamine> that's why I prefered having my own at home which is not open[09:28:19] <Motoko> http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm[09:28:31] <Motoko> That list is updated very often.[09:33:17] *** Motoko has quit IRC[09:34:05] *** infides has joined #postfix[09:37:42] *** leeyaa has joined #postfix[09:39:30] *** rstefanov__ has joined #postfix[09:41:12] <pj> [21:13] <survietamine> but if people like it will we be able to handle the load?[09:41:26] <pj> survietamine: that would be a good problem to have.[09:42:30] *** leeyaa has quit IRC[10:00:30] <survietamine> pj: hehe[10:02:22] *** burnersk has quit IRC[10:06:05] *** sphenxes has quit IRC[10:07:15] *** sphenxes has joined #postfix[10:10:12] *** ThomasKeller has joined #postfix[10:14:48] *** chachasmooth has quit IRC[10:15:05] *** chachasmooth has joined #postfix[10:16:55] *** chachasmooth has quit IRC[10:17:20] *** ThomasKeller has quit IRC[10:17:37] *** chachasmooth has joined #postfix[10:17:39] *** ThomasKeller has joined #postfix[10:22:42] *** burnersk has joined #postfix[10:29:09] *** burnersk has quit IRC[10:48:20] *** burnersk has joined #postfix[10:52:53] *** Quadro has quit IRC[10:55:22] *** hachiya has quit IRC[10:56:23] *** midacts has quit IRC[10:56:27] *** omgs has quit IRC[10:56:28] *** omgs has joined #postfix[10:56:29] *** midacts has joined #postfix[10:56:30] *** gabizou has quit IRC[10:56:31] *** gabizou has joined #postfix[10:57:35] *** hachiya has joined #postfix[11:03:37] *** _bt has joined #postfix[11:04:10] <_bt> hello, is it possible to restrict which domains can send to individual addresses?[11:04:25] <sysmonk> !policy_maps[11:04:25] <knoba> sysmonk: Error: "policy_maps" is not a valid command.[11:05:14] <_bt> for instance i have a domain registered using a subaddress and i want only mails from my registrar to be delivered, the rest bounced[11:05:54] <_bt> by domain registered i mean the email used as the contact is a sub address and is visible in whois and is attracting all kinds of generous website building offers[11:06:29] <sysmonk> !restriction_classes[11:06:29] <knoba> sysmonk: "restriction_classes" : see !restriction_class[11:06:33] <sysmonk> !restriction_class[11:06:33] <knoba> sysmonk: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html[11:06:41] <sysmonk> _bt: ^^ :)[11:06:45] <Tuxick> i hope you mean reject, not bounce[11:06:46] <sysmonk> took a while to remember the factoid heh[11:06:47] <Tuxick> but ok[11:07:08] <_bt> thank you sysmonk i will check that out! and yes Tuxick i mean reject :D[11:07:15] <_bt> not bounced[11:07:36] <_bt> why i used the word in the first place i shall never now, i'm off to give myself 50 lashes[11:09:22] <Tuxick> :)[11:10:59] <_bt> + an extra 10 for the misuse of the word now[11:17:29] *** anexit has quit IRC[11:19:19] *** jwing- has joined #postfix[11:19:39] *** jwing has quit IRC[11:19:41] *** anexit_ has joined #postfix[11:29:37] <_bt> thanks sysmonk all sorted[11:49:22] *** rstefanov__ has quit IRC[11:50:21] *** sphenxes has quit IRC[11:50:34] *** car has joined #postfix[11:51:45] *** sphenxes has joined #postfix[12:01:35] *** quenode_ has quit IRC[12:03:21] *** quenode has joined #postfix[12:03:40] *** pozitron has quit IRC[12:08:06] *** infides has quit IRC[12:08:21] *** Haudegen has quit IRC[12:12:13] *** unforgiven512 has quit IRC[12:12:20] *** unforgiven512 has joined #postfix[12:12:36] *** bolt has quit IRC[12:12:53] *** unforgiven512 has joined #postfix[12:13:01] *** leeyaa has joined #postfix[12:17:27] *** bolt has joined #postfix[12:26:32] *** Haudegen has joined #postfix[12:34:43] <leeyaa> !welcome[12:34:43] <knoba> leeyaa: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![12:35:35] *** chachasmooth has quit IRC[12:35:44] *** sphenxes01 has joined #postfix[12:36:27] *** dFence has joined #postfix[12:37:17] *** chachasmooth has joined #postfix[12:46:59] *** Haudegen has quit IRC[13:05:20] *** Haudegen has joined #postfix[13:05:51] *** Fleurety has quit IRC[13:06:13] *** ccha5 has joined #postfix[13:06:17] <ccha5> hello[13:07:58] <ccha5> with "Temporary lookup failure", does smtp server will put the email in deferred queue?[13:11:07] <CRCinAU> hmmmm - so the function of this: postscreen_command_count_limit[13:11:34] *** lucascastro has joined #postfix[13:11:40] <CRCinAU> does that mean if a system is whitelisted via either no DNSBL hit, or a perm whitelist, that postscreen_command_count_limit doesn't apply anymore?[13:12:02] *** leeyaa has quit IRC[13:13:24] *** TAARs has quit IRC[13:14:15] *** TAARs has joined #postfix[13:15:47] *** leeyaa has joined #postfix[13:25:34] *** pti-jean_ has joined #postfix[13:31:50] *** sphenxes has quit IRC[13:32:37] <pj> CRCinAU: a whitelisted client will be passed to smtpd before any SMTP commands are issued so that limit would not apply to it.[13:33:08] <CRCinAU> pj: good... I thought that was my reading of that.....[13:33:47] <CRCinAU> so if the IP isn't listed in the DNSBL, then it'll be happy with more than postscreen_command_count_limit commands being used to deliver main.[13:33:50] <CRCinAU> mail even[13:33:59] <dFence> Hey guys! Might be a dumb question, but I thought I’d give it a shot. Mails sent from my server (fairly new, all green across spamhaus & co.) go straight to spam at gmail accounts. Is there any way to improve my rating in particular with gmail? The server is secured (no open relay or anything) and fail2ban is set to „shoot first, questions later“[13:34:21] <pj> CRCinAU: no.[13:34:27] <CRCinAU> setting postscreen_command_count_limit = 3 seems to be nice in killing the connection after the first RCPT on a DNSBL listed connection.[13:36:13] <pj> a client that is not exlicitly whitelisted can, if they're enabled, go onto the after-greet tests. Since those are implemented with a "fake" SMTP engine, the result will always be either a reject or deferral because the session cannot at that point be passed to the "real" smtpd. That limit simply says that if the command count reaches it then stop wasting time playing fakies and end the session right away.[13:37:03] <pj> CRCinAU: I tend to recommend leaving those settings alone unless you have a very specific need to change them.[13:37:13] <pj> the defaults tend to be pretty good.[13:37:31] <CRCinAU> ahhh - yeah - I don't use the after greeting tests.[13:37:42] <pj> !tell dFence gmail[13:37:43] <knoba> dFence: "gmail" : Google Mail issues?: http://mail.google.com/support/bin/answer.py?hl=en&answer=81126[13:37:57] <pj> if you don't use the after-greet tests then that setting doesn't apply to you at all.[13:39:27] <pj> I do highly recommend the after-greet tests, they also act as a type of greylisting.[13:45:50] <CRCinAU> tbh, I'm quite happy with how things are right now....[13:46:00] <anexit_> Is there a way to see what is forwarding email?[13:46:37] <CRCinAU> the one thing I'm working on now is proper graphing of rejected / accepted / sent / spam etc to cacti[13:47:03] <CRCinAU> I was using a script previously, but it'd randomly go spastic and log 20x the real figures...[13:47:26] <CRCinAU> so I've re-written it completely with a bit of..... excess logic at times?[13:47:53] <anexit_> in virtual I have jdoe1 at example22 dot com popuser Then jdoe2@newdomain popaccount yet everything jdoe1 at example22 dot com and jdoe2@newdomain go to popuser[13:47:57] <CRCinAU> so at $minutes % 5 or 0, it'll write the current stats to file (where snmpd can pick them up) and resets its counters...[13:53:17] <pj> anexit_: check the logs[13:53:22] <pj> !tell anexit_ relevant_logs[13:53:22] <knoba> anexit_: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[13:53:57] <pj> CRCinAU: also have a look at pflogsum[13:54:01] <pj> !pflogsum[13:54:02] <knoba> pj: Error: "pflogsum" is not a valid command.[13:54:08] <pj> hrmmmm[13:54:10] <pj> !pflogsumm[13:54:10] <knoba> pj: "pflogsumm" : a perl script to analyse your mail log file and generate nice reports. See: http://jimsun.linxnet.com/postfix_contrib.html (metalog users see the !mpflogsumm factoid)[13:54:16] <pj> ahhh, there it is[13:54:36] *** sphenxes has joined #postfix[13:55:09] <anexit_> pj: I did that.. if I send emails to jdoe2 it ends up in popuser regardless[13:55:12] <anexit_> :P[13:55:31] <anexit_> BUT! if I change popaccount to newguy.. it works[13:55:43] <anexit_> or to another user on the system[13:58:42] <pj> anexit_: show !relevant_logs in a pastebin, then[14:00:22] <dFence> pj: I can’t find anything on the after-greet tests on the link[14:01:23] <dFence> ah, different convo[14:01:25] <pj> dFence: The after-greet tests are about postscreen, which I was discussing with CRCinAU[14:01:37] <dFence> *adds more coffee*[14:01:55] <dFence> added the TXT records… lets see what happens[14:03:01] <pj> dFence: I would check this first...[14:03:09] <pj> !tell dFence fcrdns[14:03:10] <knoba> dFence: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost[14:03:18] <anexit_> pj: http://pastebin.com/Su7bq1Pb[14:04:07] <dFence> I’ve heard of reverse-DNS but now it’s just getting ridiculous ;) it’s like Twister for DNS[14:06:22] *** zorg1 has joined #postfix[14:06:25] <pj> anexit_: it happens in postfix, likely via either alias_maps or virtual_alias_maps, before the message gets sent to amavisd.[14:07:03] <anexit_> checking that now[14:07:48] <dFence> fcrdns checks out[14:08:46] <pj> anexit_: unfortunately it's getting rather late here, so my brain is in "going to sleep" mode at the moment.[14:08:59] <pj> I'll leave it to someone else to fully help you.[14:09:06] <pj> I have to go[14:09:24] <anexit_> 10-4[14:15:51] *** Section1 has joined #postfix[14:18:56] *** leeyaa has quit IRC[14:20:18] *** leeyaa has joined #postfix[14:21:41] *** D-Boy has quit IRC[14:22:00] *** D-Boy has joined #postfix[14:30:31] *** jwing- has quit IRC[14:30:58] *** jwing has joined #postfix[14:30:58] *** jwing has joined #postfix[14:32:19] *** TyrfingMjolnir has quit IRC[14:38:44] *** synthroid has joined #postfix[14:39:49] <dFence> what’s the right way to set multiple content_filters? comma separated or separate entries?[14:43:12] *** trepatudo has quit IRC[14:45:43] *** sandeen has joined #postfix[14:47:55] *** edux has joined #postfix[14:48:10] <CRCinAU> dFence: comma all the way[14:48:15] <dFence> thanks![14:49:43] <dFence> o_O strange.. it says the opendkim milter development has been stalled, but I found no info on how to configure opendkim w/ content_filter[14:51:02] *** TyrfingMjolnir has joined #postfix[14:52:48] <survietamine> I don't get what you mean[14:53:51] <CRCinAU> dFence: you don't.....[14:54:03] <CRCinAU> you configure opendkim up, then use -o smtpd_milters=inet:127.0.0.1:8891[14:54:09] <dFence> thought so :/[14:54:20] *** trepatudo has joined #postfix[14:54:24] <CRCinAU> in master.cf ONLY on your submit ports (ie not port 25)[14:55:48] <CRCinAU> I'd suggest something like this for your master.cf:[14:55:49] <CRCinAU> http://fpaste.org/309792/26069351/[14:56:19] <CRCinAU> that way you MUST be authenticated, and you MUST use encryption to that port (ie STARTTLS)[14:56:27] <survietamine> if it's on the same server, it's possible to use a unix socket too[14:56:41] <CRCinAU> true, but that's rather uncommon :)[14:58:05] *** ThomasKeller has quit IRC[14:58:24] <survietamine> so, I'm happy to learn that I'm uncommon ![14:59:25] <CRCinAU> oh, wait - you mean opendkim & postfix on the same machine?[15:00:05] <CRCinAU> I thought you meant to connect to postfix via socket to send mail......[15:04:18] *** ThomasKeller has joined #postfix[15:06:26] *** mattcen has quit IRC[15:07:27] *** mattcen has joined #postfix[15:08:02] *** trepatudo has quit IRC[15:09:51] *** trepatudo has joined #postfix[15:11:32] *** edux has quit IRC[15:11:53] *** edux has joined #postfix[15:14:11] *** mattcen has quit IRC[15:25:31] *** huddy has joined #postfix[15:26:00] *** mungustas has left #postfix[15:26:19] *** FinboySlick has joined #postfix[15:26:39] *** mungustas has joined #postfix[15:26:55] <mungustas> hey my opendkim went crazy[15:27:09] <Tuxick> good[15:27:44] <mungustas> smtpd[63445]: warning: milter inet:127.0.0.1:8891: can't read SMFIC_MAIL reply packet header: Connection timed out[15:28:19] <mungustas> inet:127.0.0.1:8891: can't read SMFIC_OPTNEG reply packet header: Connection timed out[15:28:25] <mungustas> inet:127.0.0.1:8891: read error in initial handshake[15:28:35] <mungustas> and errors like that[15:29:22] <mungustas> no updates or installs in like a month[15:29:33] *** xorian has left #postfix[15:29:46] <mungustas> I tried restarting opendkim of course[15:35:05] <survietamine> IIRC, I had that with an old version[15:35:49] <survietamine> some invalid address in the queue generates this problem[15:36:18] <survietamine> I found opendkim very "fragile", at least old packages[15:38:24] *** dstarh has joined #postfix[15:41:46] <mungustas> it's an ubuntu Version: 2.9.2-1build1[15:41:52] *** Sarodj has joined #postfix[15:42:12] *** Tahvok_ is now known as Tahvok[15:42:12] <Tuxick> it's a bit broken on debian now[15:42:16] <Tuxick> thanks to )($*@$(#% systemd[15:42:19] <pj> dFence: CRCinAU: you cannot have multiple content filters, they don't work that way.[15:42:32] <Tuxick> opendkim.service pretends to look at /etc/default/opendkim but doesn't[15:42:40] *** Tahvok has quit IRC[15:42:41] <Sarodj> hey guys, can anyone tell me where the error "too many errors after MAIL" comes from? Google didn't help me unfortunately[15:43:10] <Tuxick> that's way too little information[15:43:31] <Sarodj> what information do you need?[15:44:59] <pj> !smtpd_hard_error_limit[15:44:59] <knoba> pj: "smtpd_hard_error_limit" : a configuration parameter in the main.cf: The maximal number of errors a remote SMTP client is allowed to make without delivering mail. The Postfix SMTP server disconnects when the limit is exceeded.[15:45:05] <pj> Sarodj: ^^^^^[15:45:26] <Sarodj> awsome :)[15:45:29] <Sarodj> thx :)[15:48:13] *** Mooash has left #postfix[15:56:58] <CRCinAU> pj: yeah, you're right.... content_filter vs milter....[15:57:07] <CRCinAU> I shouldn't try to help people after midnight ;)[15:59:20] *** [NoClan]GoAway has quit IRC[15:59:42] *** dstarh has quit IRC[16:00:15] *** dstarh has joined #postfix[16:00:50] *** v1c3 has joined #postfix[16:01:36] *** dstarh has quit IRC[16:03:35] *** chachasmooth has quit IRC[16:04:31] *** chachasmooth has joined #postfix[16:10:57] *** phreebird has joined #postfix[16:13:56] *** pajamian has joined #postfix[16:16:05] *** pj has quit IRC[16:16:40] *** HeavyMetal has quit IRC[16:16:46] *** sandeen has quit IRC[16:16:50] *** Quadro has joined #postfix[16:17:58] *** phreebird has quit IRC[16:18:05] *** sandeen has joined #postfix[16:21:25] *** HeavyMetal has joined #postfix[16:21:26] *** HeavyMetal has joined #postfix[16:26:49] *** Fleurety has joined #postfix[16:30:11] *** carl- has quit IRC[16:37:08] *** KaiForce has joined #postfix[16:40:44] *** skylite has quit IRC[16:40:49] *** phreebird has joined #postfix[16:41:18] <phreebird> Good morning[16:43:27] *** dFence has quit IRC[16:45:05] *** phreebird has quit IRC[16:47:20] *** phreebird has joined #postfix[16:49:07] *** [NoClan]GoAway has joined #postfix[16:52:27] *** pozitrono has joined #postfix[16:52:46] *** lrea has left #postfix[16:54:30] *** camroncade has joined #postfix[16:58:29] *** ThomasKeller has quit IRC[17:00:10] *** guampa has quit IRC[17:03:00] *** guampa has joined #postfix[17:09:10] *** Quadro has quit IRC[17:12:48] *** gu1lle_ has quit IRC[17:14:04] *** leeyaa has quit IRC[17:15:47] *** eelstrebor has joined #postfix[17:16:33] *** dFence has joined #postfix[17:16:42] *** anmaxvl has quit IRC[17:24:02] *** Quadro has joined #postfix[17:25:17] *** synthroid has quit IRC[17:25:20] *** pozitrono has quit IRC[17:30:38] *** synthroid has joined #postfix[17:32:30] *** lemondom has joined #postfix[17:35:14] *** robinho86 has joined #postfix[17:45:46] *** lguru| has joined #postfix[17:51:49] <eelstrebor> for some reason my postfix server no longer accepts incoming mail - i'm not sure of what happened - configuration is still the same - according to the logs it is a problem with localhost - http://pastebin.com/ANtJGeQu[17:52:40] <eelstrebor> from googling, it seems to be an outgoing email problem but i can send email - it's just that all incoming email is bouncing[17:53:09] <phreebird> any config changes?[17:53:42] <phreebird> and posting your config would be appreciated.[17:53:56] <rob0> That's *outgoing* mail, not incoming.[17:54:04] <eelstrebor> not in the begining - but after google searches i tried a few changes to main.cf but can't get the problem resolved[17:54:13] <rob0> !tell eelstrebor relevant_logs[17:54:13] <knoba> eelstrebor: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[17:54:19] <rob0> !tell eelstrebor showconfig[17:54:19] <knoba> eelstrebor: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[17:55:27] <rob0> also, fix the problem noted, that "localhost" isn't resolving[17:55:52] <phreebird> what does /etc/hosts look like?[17:57:54] <eelstrebor> http://pastebin.com/Gj9T2P4F[17:57:57] *** edux__ has joined #postfix[17:59:11] *** Validatorian has joined #postfix[17:59:24] <Validatorian> I'm trying to send email with postfix, and it works great unless I'm sending it to an email on my own domain. When I do that, I get '550 No Such User Here' - I think it's resolving the domain to localhost instead of using MX records. Anyone know how to resolve that?[17:59:37] <eelstrebor> http://pastebin.com/E0fhNmif[18:01:06] *** edux has quit IRC[18:03:18] <eelstrebor> i wish i knew what changed because everything was working fine[18:03:40] *** synthroid has quit IRC[18:04:08] <phreebird> Very strange.[18:05:33] *** zorg1 has quit IRC[18:05:46] <phreebird> content_filter = smtp-amavis:[localhost]:10024[18:05:54] <phreebird> Id personally change that to[18:06:03] <phreebird> content_filter = smtp-amavis:[127.0.0.1]:10024[18:08:05] *** synthroid has joined #postfix[18:08:31] <phreebird> Validatorian[18:08:56] <Validatorian> Hi[18:09:03] <phreebird> !tell validatorian showconfig[18:09:04] <knoba> validatorian: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[18:10:16] <phreebird> eelstreor, what dns servers are you using?[18:12:21] <Validatorian> phreebird: http://pastebin.com/wjPZBnbw[18:14:09] <phreebird> change mydestination = localhost[18:14:33] <phreebird> mydestination = $myhostname, localhost[18:14:45] <phreebird> sudo /etc/init.d/postfix reload[18:14:53] <phreebird> then try again.[18:15:03] <eelstrebor> phreebird, well how about that - changing localhost to 127.0.0.1 seems to have fixed the problem - now to figure out why the system no longer resolves localhost[18:15:38] <phreebird> Any dns changes?[18:16:33] <eelstrebor> yes - i installed dnscrypt[18:18:19] <eelstrebor> i tried to install dnscrypt on the router and DNS died - rolled back the changes and DNS still didn't work - one machine was already running dnscrypt so i put dnscrypt on the postfix server box and dig showed names being resolved again[18:19:12] <phreebird> How interesting.[18:19:21] <eelstrebor> i wouldn't think that dnscrypt would cause a problem but i guess so[18:19:23] <lunaphyte> Validatorian: where are the logs?[18:19:31] <lunaphyte> did you provide a pastebin containing them?[18:19:48] *** JDay has joined #postfix[18:19:48] *** gu1lle_ has joined #postfix[18:20:00] <phreebird> he did, the problem is resolved.[18:20:08] <phreebird> but his system is not resolving localhost[18:20:18] <lunaphyte> hence the request for logs[18:20:29] <lunaphyte> e.g avoiding the problem is not fixing it ;)[18:21:04] <phreebird> my bad, misunderstood[18:21:27] <eelstrebor> phreebird, thanks for your help[18:21:50] <phreebird> Anytime my friend.[18:22:00] <phreebird> Validatorian, any luck on that change?[18:22:02] <Validatorian> Okay, so the error is gone, phreebird -- but the mail seems to be trapped on the server -- getting relay=local, delay=0.02, delays=0.02/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox)[18:22:38] <Validatorian> (the server I'm sending from is not the one I use to handle email for the domain)[18:23:52] <phreebird> What do you mean by that?[18:24:17] <phreebird> And what are you using for pop3/imap?[18:24:35] <lunaphyte> Validatorian: what would you like postfix to do with the message?[18:24:45] <Validatorian> contact at voteforbernie dot org is routed through another server via MX records, I don't receive the email on the server I'm sending the mail from[18:25:24] <phreebird> So it needs to be forwarded to another email?[18:25:35] <phreebird> or does that email have a mailbox on another service[18:25:40] <phreebird> server*[18:25:54] <Validatorian> email it :) If I change contact at voteforbernie dot org to my gmail address, it send and arrives correctly, but when I send to contact at voteforbernie dot org, it doesn't send the email via MX records (or so it would appear)[18:26:56] <phreebird> show me your aliases[18:27:02] <phreebird> cat /etc/aliases[18:27:15] <Validatorian> only postmaster: root[18:27:46] <lunaphyte> Validatorian: if email to @voteforbernie.org is supposed to go somewhere else, then why have you set "myhostname = voteforbernie.org"?[18:27:47] *** Cybertinus has quit IRC[18:27:49] *** jhass is now known as blume[18:28:12] <phreebird> He sends mail as voteforbernie[18:28:17] <Validatorian> lunaphyte: because that's where I'm sending it from[18:28:23] <Validatorian> I send from vfb, not receive[18:28:24] <phreebird> but no dovecot, just forwards to a gmail.[18:28:46] <lunaphyte> Validatorian: show *actual*, log entries demonstrating the problem[18:28:53] <lunaphyte> !tell Validatorian relevant_logs[18:28:54] <knoba> Validatorian: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[18:28:58] <lunaphyte> do not mung the data[18:29:32] *** blume is now known as jhass[18:30:06] <Validatorian> So, full disclosure, I'm a front-end developer. If you tell me where to get logs or what commands you want the output from I'm happy to provide, but I'm somewhat out of my element[18:30:18] <lunaphyte> where is your mail admin?[18:30:45] <phreebird> Validatorian, add this line to main.cf[18:30:59] <phreebird> virtual_alias_maps = hash:/etc/postfix/virtual[18:31:11] <phreebird> Create a new file in /etc/postfix call virtual[18:31:24] <phreebird> inside of it, put[18:31:49] <phreebird> contact at voteforbernie dot org you at gmail dot com[18:31:54] <phreebird> and then run[18:32:00] <phreebird> postmap /etc/postfix/virtual[18:32:08] <lunaphyte> um, no. do not do that[18:32:16] <phreebird> why?[18:32:24] <lunaphyte> it is not ok to forward mail from other people off to a third party[18:32:52] <lunaphyte> same envelope forwarding is simply not ok to do anymore[18:33:06] <lunaphyte> i guess it's time to add that to !mantras :([18:33:16] <lunaphyte> it's getting to be too much of a problem[18:33:21] <phreebird> what do you suggest then?[18:33:41] <Validatorian> also I don't want to send directly to my gmail -- if I or anyone else sends something to contact at voteforbernie dot org, it arrives in my gmail but still 'to' contact. I'd basically like postfix to ignore the fact that it is voteforbernie.org and treat contact at voteforbernie dot org as if it were any other address/domain[18:34:51] <lunaphyte> Validatorian: i don't follow[18:35:11] <Validatorian> Sorry, I'm just not explaning clearly enough -- let me try again[18:35:19] <phreebird> so if you sent to votetobernie.org from this server[18:35:30] *** v1c3 has quit IRC[18:35:34] <phreebird> you want it to go to a different server that is listed in the mx records?[18:35:48] <phreebird> so dc-1c4732b0.voteforbernie.org[18:36:03] *** _bt has quit IRC[18:36:56] <Validatorian> Right now, if I change the 'to' address to any other domain, like my gmail address, it works as expected. The issue arised when sending to voteforbernie.org, because that is the server that I am sending from, so it assumes it should handle the mail itself, which is not actually the case. I want it to treat outgoing email to @voteforbernie.org as if it were @gmail.com[18:37:08] <Validatorian> arises*[18:37:14] <phreebird> SO[18:37:27] <phreebird> there is another mail server that services voteforbernie.org[18:37:28] *** Cybertinus has joined #postfix[18:37:33] <Validatorian> yes, correct[18:37:53] <phreebird> You would need to add a mapping in transport_maps[18:38:05] *** [NoClan]GoAway has quit IRC[18:38:22] <rob0> Google hosting is probably not that expensive. If that's the place you're reading the mail anyway, why not have them host it?[18:38:45] <rob0> It would avoid many problems and allow you to focus on other things.[18:38:50] <phreebird> He was using a bad example.[18:38:58] <phreebird> the server he is using only sends.[18:39:07] <phreebird> but occasionally he sends to the same domain[18:39:24] <rob0> !nullclient[18:39:24] <knoba> rob0: "nullclient" : a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details.[18:39:31] <phreebird> so he needs to relay it to the other mail server that actually houses the mailboxes[18:39:34] <rob0> !nullclient_software[18:39:34] <knoba> rob0: "nullclient_software" : a program that serves as a drop in replacement for /usr/sbin/sendmail and provides a simple means to submit messages to an existing msa without the need to install and maintain a full-blown mta/msa. examples include msmtp, esmtp, ssmtp and nullmailer. also see !msa[18:40:09] <Validatorian> I only send to the same domain, in fact -- this is just sent from a script that allows visitors to contact me -- my email works perfectly fine as-is, the only issue is sending from this VPS[18:40:27] <lunaphyte> then postfix does not belong on that computer, and none of these problems would have occurred in the first place[18:40:33] <rob0> yes, you need a nullclient[18:40:58] <lunaphyte> there's a reason why null clients are the right way to do things, you know ;)[18:41:45] *** [NoClan]GoAway has joined #postfix[18:42:42] <phreebird> !mantras[18:42:43] <knoba> phreebird: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls.[18:42:50] *** pozitrono has joined #postfix[18:42:58] <Validatorian> I'm certain that makes perfect sense to the two of you ;) I have no idea what I'm doing. So, I'm using a digitalocean droplet to host my new site, moving over from a shared server on hostgator (where using the contact form did not present any issues whatever) -- postfix was just what it was using by default, I didn't set it up specifically[18:43:04] *** Quadro has quit IRC[18:43:29] *** pozitrono has quit IRC[18:45:38] <rob0> If you know enough about email to set up a MUA, you know enough to set up a nullclient. In fact that's all a nullclient is: the sending half of a MUA.[18:46:08] *** michael_imac is now known as michael_mbp[18:47:18] <Validatorian> So basically replacing postfix with sendmail, yes?[18:49:25] *** camroncade has quit IRC[18:50:17] <lunaphyte> not really[18:50:28] <lunaphyte> replacing postfix with a null client[18:50:34] <lunaphyte> i recommend msmtp[18:51:31] <lunaphyte> don't get confused by the fact that the sendmail software project includes/provides a program named literally the same thing: "sendmail"[18:51:56] <Tuxick> to add to confusion[18:52:36] <lunaphyte> as such software like postfix, msmtp, etc. provide the same program named "sendmail", so that software which expects there to be ap rogram named sendmail will still work[18:53:07] <lunaphyte> *a program[18:54:28] <Validatorian> > don't get confused --- Wayyyy the hell too late for that.[18:58:56] <lunaphyte> the sendmail bit may be a little, um, awkward, but really, the rest of this exercise is an opportunity for simplification and less confusion[19:04:09] *** lucascastro has quit IRC[19:08:11] *** troulouliou_div2 has quit IRC[19:09:27] *** AMorpork has joined #postfix[19:09:27] *** lucascastro has joined #postfix[19:10:06] <AMorpork> Hey there, I have a small problem and my googling is leading me nowhere. I use a relayhost, but I want to skip using the relayhost if the total message size is >20MB. Is that possible?[19:11:11] *** iGeni has quit IRC[19:11:34] <AMorpork> I've found details for doing it based on host and sending IP address, but I can't find anything based on the content of the message.[19:12:23] <lunaphyte> not in a straightforward manner, no. why?[19:13:25] <AMorpork> I'm using a relay service due to the fact that I got a VPS with an IP address that's blacklisted by yahoo and aol, and their spam removal process is... well, not happening. Put in the requests a month ago.[19:13:34] <AMorpork> However, the relay host only supports attachments up to 20 megs.[19:13:56] <AMorpork> I'm also searching for other relay providers, but all of them seem to have rather draconian size limitations.[19:14:24] <lunaphyte> it may perhaps be what you don't want to hear, but honestly, email is not for transferring files.[19:14:30] <AMorpork> Oh, I agree[19:14:37] <AMorpork> However, my users don't[19:14:48] <lunaphyte> size limitations of less than 20 mb are far from draconian.[19:15:03] <AMorpork> Trust me, if I didn't have to figure out a solution I wouldn't[19:15:09] <lunaphyte> in fact, contemporary minded providers are much more likely to impose lower limits, not higher ones, so that's backwards[19:15:09] <AMorpork> I'm just working within the parameters given to me[19:15:35] <lunaphyte> we had a little difficulty when first constraining message size to 15 mb. some users have "trouble" handling this.[19:15:40] <lunaphyte> ultimately, they got over it[19:15:55] <AMorpork> The problem is these users don't work for me, we just provide email service to them[19:15:59] <lunaphyte> we also offered them alternatives in the form of filesharing systems [in our case, pydio][19:16:09] <lunaphyte> the users don't work for me either[19:16:10] <AMorpork> So if we hand down that edict, they're likely to leave[19:16:22] <lunaphyte> sweet! killed two birds with one stone[19:16:34] <AMorpork> Philosophically I agree with you man, I just have to work within the system[19:16:38] <AMorpork> I'm not in charge[19:16:47] <AMorpork> I tried to convince the boss man that a limit made sense[19:16:51] <AMorpork> He disagreed vocally[19:17:11] <AMorpork> So unfortunately I have to figure out some way to make it work[19:17:35] <rob0> oh my.[19:17:53] <lunaphyte> you will likely need to use either a policy server or a content filter[19:17:56] <AMorpork> In his words, "find a way to make it 500 megs minimum."[19:18:06] <lunaphyte> *policy service[19:18:16] <rob0> It's difficult when you have been hired to be the email expert, and then to have your expertise ignored.[19:18:17] <lunaphyte> oh my god. ffs. what an idiot[19:18:27] <tharkun> AMorpork: or rent a vps that is not blacklisted and relay through it.[19:18:32] <Nit_> I personnaly find people sending very large emails rude[19:18:43] <rob0> Most remote sites are not going to accept >20MB mails.[19:18:59] <lunaphyte> yes, the mail will be rejected anyway[19:19:01] <AMorpork> tharkun, yeah, I've tried that, but I seem to be hitting the damn wall on that. Every VPS I got (out of 9 tries) was blacklisted on something or another.[19:19:09] <Nit_> because It can stop the recipient to receive later emails waiting for the big one to be download[19:19:15] <lunaphyte> be sure to configure postfix so that all of those rejection bounces are delivered to his inbox :)[19:19:18] <rob0> The Postfix default is 10MB, and that's not uncommon.[19:19:20] <Nit_> sometimes on poor cellular connection[19:19:24] <AMorpork> Trust me guys, I'm on your side.[19:19:35] <lunaphyte> it's fine[19:19:40] <lunaphyte> i gave you what advice i can offer[19:19:46] <AMorpork> I do appreciate it lunaphyte[19:19:56] <rob0> I'm just saying, even if you succeed at this, you'll surely fail.[19:20:00] <lunaphyte> you'll have to read the policy service docs to see if messge size is passed as an attribute. it may not be[19:20:05] <lunaphyte> *message[19:20:13] <rob0> it IS passed, at end-of-DATA[19:20:38] <rob0> and I agree, that's the best "solution"[19:21:18] <Nit_> http://www.postfix.org/SMTPD_POLICY_README.html it is passed since Postfix version 2.2[19:22:14] <lunaphyte> size= , there you go[19:22:35] <AMorpork> Holy shit, I worked a miracle. My boss talked to his boss and apparently he convinced him into a 10MB limit.[19:22:37] <AMorpork> I am so relieved.[19:22:43] <rob0> haha :)[19:22:46] <lunaphyte> wow[19:22:52] <lunaphyte> it's a christmas miracle[19:23:01] <rob0> hoho :)[19:23:03] <AMorpork> I feel like a dick for going over my boss's head, but I don't feel like a dick for the results.[19:23:28] <AMorpork> Thanks for the help guys, even though ultimately it wasn't needed.[19:24:23] <lunaphyte> i was serious about offering alternatives[19:24:58] <AMorpork> Yeah, I might send out a blast about dropbox and onedrive and such.[19:25:12] <lunaphyte> users [employees or not] react more favorably to constraints when they're given a reason to not need what they're crying about[19:25:26] <rob0> BTW I think Linode is pretty good in terms of being able to send mail.[19:25:39] <lunaphyte> well, i'd never in a million years wish something like dropbox or onedrive onto my worst enemey, but that's up to you :)[19:26:04] <AMorpork> lunaphyte, well, maybe we could spin up on of our own. I'm sure there's some good FOSS packages for that.[19:26:12] <AMorpork> one*[19:26:26] <rob0> Don't assume that all DNSBL services are equal. Some are more equal than others, as Orwell might say.[19:26:41] <lunaphyte> [13.15.59] lunaphyte: we also offered them alternatives in the form of filesharing systems [in our case, pydio][19:26:45] <lunaphyte> AMorpork: ^^[19:26:55] <AMorpork> Thanks lunaphyte, I'll check it out[19:27:08] <AMorpork> rob0, yeah, definitely, but we were getting blocked by either aol or yahoo on every single one of the IPs[19:27:21] <AMorpork> I'll check out linode though.[19:27:56] <AMorpork> lunaphyte, wow, that looks slick.[19:28:10] *** JDay has quit IRC[19:29:26] <lunaphyte> it's worked well for us[19:29:48] <lunaphyte> in particular, so we can tell people they are not to use things like dropbox and onedrive[19:32:10] <lunaphyte> it's also worked well for sending data subject to hipaa constraints. we have end users routinely uploading data and providing retrieval links and credentials to recipients[19:32:30] <lunaphyte> someone had better jerk the wheel back on topic[19:32:46] <lunaphyte> because i'll run this bus right into the ditch[19:33:19] <AMorpork> lol[19:34:36] <tharkun> lunaphyte: pydio.com ?[19:34:58] <lunaphyte> yeah[19:35:25] <lunaphyte> it's a douchy phrase, acronym and name, but the software is pretty decent[19:35:53] <lunaphyte> i just pretend it's a weird name and not an acronym[19:44:05] <Validatorian> auughhh - I just want to send an email why is this so damn difficult! p.s. msmtp doesn't appear to be what I want -- that uses an external server to send, but I can send perfectly fine as-is, just not to my own domain. Unfortunately, I purged postfix to install msmtp, and now after I purged msmtp and reinstalled postfix, getting a port 25 in use error. It's just one thing after another :([19:45:18] <lunaphyte> Validatorian: take a breath :)[19:45:40] <lunaphyte> yes, it uses an external server to send. the same server you'd put in your mail client config[19:45:45] <rob0> huh? Why can't you submit mail to the server for your domain?[19:45:59] *** Haudegen has quit IRC[19:46:24] <rob0> You didn't mention this before.[19:46:49] <rob0> If we're going on partial information, of course our help won't be very good.[19:47:36] <Validatorian> That's the entire reason I'm here... to recap: sending email to anything at anydomainbutmine dot com works fine, but sending email to anything at mydomain dot com does not[19:48:27] *** lguru has joined #postfix[19:48:33] <Validatorian> although that was the situation an hour ago... now I have to figure out why port 25 is in use, preventing postfix from starting[19:50:00] <patdk-wk> isn't that rather simple?[19:50:04] <patdk-wk> what os are you using?[19:50:07] <rob0> That's still not adequate information. Why can you not submit mail to the submission server that handles mail for voteforbernie.org?[19:51:17] <lunaphyte> Validatorian: lsof -nPi | grep -iF ':25'[19:51:18] <Validatorian> patdk-wk: For someone who has very little sysadmin-esque experience, apparently not :-/ I'm using Ubuntu[19:51:40] <rob0> Sure, I can answer the wrong question, that's probably easy. You probably wrongly told your Postfix that it was handling mail for voteforbernie.org, but it is not.[19:51:43] <patdk-wk> knowing how to use your os, is a prereq to using the system[19:51:46] *** lguru has left #postfix[19:51:57] <Validatorian> Everybody has to start somewhere, man.[19:51:59] * patdk-wk just goes with netstat -atnp[19:52:00] *** lguru has joined #postfix[19:52:09] *** lguru has quit IRC[19:52:10] <patdk-wk> ok, #ubuntu?[19:52:31] *** lguru| has quit IRC[19:52:40] <tharkun> Is postfix the default mta in ubuntu?[19:52:44] <phreebird> theres no need to be rude to him.[19:53:10] <lunaphyte> phreebird: please don't call people rude. that's not nice[19:53:14] <patdk-wk> not, it's right in the topic that he read when he came in "know your unix basics"[19:53:41] <patdk-wk> all that info, and none of it followed[19:53:43] <Validatorian> lsof -nPi | grep -iF ':25' has no response -- netstat -tulpn | grep :25 brings up tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN[19:53:53] *** sandeen_ has joined #postfix[19:53:58] <lunaphyte> the lsof command must be run as root[19:53:58] *** sandeen has quit IRC[19:54:26] <lunaphyte> when you are doing sysadmin stuff, become root, and do what you need to do[19:54:37] <Validatorian> I understand where you're coming from. I apologize for taking your time on what must seem to you to be an entirely trivial matter.[19:55:46] <rob0> phreebird, to reiterate what lunaphyte said, you are not being helpful, and your comment was entirely inappropriate.[19:56:21] *** eelstrebor has quit IRC[19:56:32] <phreebird> Hes ovbiously confused and seeking help. there is no need to be terse with him.[19:56:50] <patdk-wk> this is #postfix, it provides postfix help[19:56:57] <lunaphyte> your job here is not to dictate how people are to help others, phreebird[19:57:05] <patdk-wk> we cannot support #ubuntu, #freebsd, #windows, ... in here[19:57:06] <lunaphyte> especially when it is so WILDLY subjective[19:57:32] <lunaphyte> now it's my turn to jerk the whlle back on topic[19:57:33] <Validatorian> alright, found the process and killed it, restarted postfix, no need to go off topic for the other stuff, shouldn't have mentioned it here[19:57:56] <patdk-wk> Validatorian, make sure you killed it correctly, and a reboot won't bring it back[19:58:11] <tharkun> Validatorian: What other piece of software was running on port 25?[19:58:14] *** Section1 has quit IRC[19:58:24] <Validatorian> sendmail- 7645 root 4u IPv4 27665679 0t0 TCP 127.0.0.1:25 (LISTEN)[19:58:48] <patdk-wk> apt-get purge sendmail :)[19:59:13] <dFence> …hm it seems postfix-policyd-spf-python doesn’t add an SPF header for local mail (despite setting SPFSelfValidate true)[19:59:18] <Validatorian> That was the very next thing I did, but got 'Package 'sendmail' is not installed, so not removed'[19:59:19] <rob0> Sometimes OS/distro package databases don't understand null clients, and they require a MTA.[19:59:52] <tharkun> If ubuntu works as debian with nullclients it shouldn't be a problem.[20:00:08] <Validatorian> going to restart server to ensure postfix will run properly[20:00:13] <patdk-wk> ya, never had an issue with ubuntu and nullclients[20:02:30] <Validatorian> on restart, mail.log has Jan 12 14:01:52 vfb postfix/master[1099]: daemon started -- version 2.11.0, configuration /etc/postfix -- I think we're good[20:03:24] *** Haudegen has joined #postfix[20:04:22] *** v1c3 has joined #postfix[20:05:39] <Validatorian> Alright -- so just send to my gmail address -- postfix worked marvelously.[20:06:06] <lunaphyte> we're back at square one :([20:06:24] <Validatorian> Not quite -- the error message is slightly different. Yaaay.[20:06:25] <lunaphyte> it's still unclear to me why using a proper null client is a problem[20:07:10] <Validatorian> http://pastebin.com/BG4VSEGM[20:07:30] *** edux has joined #postfix[20:08:12] <phreebird> validatorian, explain what you are doing to achieve that error[20:08:22] <patdk-wk> !fcrdns[20:08:22] <knoba> patdk-wk: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost[20:08:34] <patdk-wk> phreebird, why? it's basic email 101, no one configured the mailserver[20:08:58] *** McBride36 has joined #postfix[20:09:31] <rob0> The MX for voteforbernie.org is configured to reject your HELO.[20:09:33] *** maziar has joined #postfix[20:09:35] <Validatorian> I purged postfix previously, so lost the change I made to main.cf, let me add that back[20:09:42] <phreebird> he is voteforbernie.org[20:10:07] *** maziar has quit IRC[20:10:08] *** maziar has joined #postfix[20:10:10] <rob0> So talk to the person who runs the MTA on 192.185.16.83[20:10:36] *** edux__ has quit IRC[20:12:18] <McBride36> Hi, i've been readin' about postfix. Seems interesting, does anyone think it'd be possible to use it to send AOL instant messages or maybe even ICQ ones?[20:13:13] <tharkun> !super-basic[20:13:13] <knoba> tharkun: Error: "super-basic" is not a valid command.[20:13:19] <tharkun> !superbasic[20:13:19] <knoba> tharkun: Error: "superbasic" is not a valid command.[20:13:30] <McBride36> hold on lemme google that[20:14:18] <patdk-wk> I say someone submit it as a feature request[20:16:25] <rob0> McBride36, perhaps you would be interested in a Jabber server (and client[s])?[20:17:08] <McBride36> perhaps, i admit, i am new. I will look into that. Thanks rob0[20:19:25] *** McBride36 has left #postfix[20:20:03] *** lguru has joined #postfix[20:22:02] <lguru> Test[20:22:14] <tharkun> Failed[20:22:41] <lguru> does postfix always check the connection to its relayhost, or just when if sends[20:23:05] <lguru> Haha, thanks, my nic wasnt registered[20:30:36] <tharkun> I am unsure of what is the actual behaviour but I would expect due to the nature of the protocol that it only connects to the relayhost when needed.[20:30:56] <Poster> ^^ truth[20:31:31] <lguru> Ok, thats what it seemed like[20:43:15] *** edux__ has joined #postfix[20:45:59] *** edux has quit IRC[20:49:38] *** dstarh has joined #postfix[20:50:26] *** Haudegen has quit IRC[20:56:48] *** dFence has quit IRC[21:01:53] *** sandeen_ has quit IRC[21:02:04] *** lguru| has joined #postfix[21:02:05] *** indy has quit IRC[21:03:24] *** camroncade has joined #postfix[21:03:52] *** sandeen has joined #postfix[21:03:55] *** lguru- has joined #postfix[21:04:01] *** lguru has quit IRC[21:04:45] *** lguru has joined #postfix[21:06:35] *** lguru| has quit IRC[21:07:39] *** edux__ has quit IRC[21:08:44] *** lguru- has quit IRC[21:14:51] *** eagles0513875_ has quit IRC[21:15:55] *** doppo has quit IRC[21:17:37] *** sandeen has quit IRC[21:18:34] *** doppo has joined #postfix[21:19:09] *** indy has joined #postfix[21:21:23] *** sandeen has joined #postfix[21:22:21] *** sandeen has left #postfix[21:26:40] *** eagles0513875_ has joined #postfix[21:28:40] *** finster has joined #postfix[21:28:45] *** Haudegen has joined #postfix[21:30:55] *** eagles0513875_ has quit IRC[21:34:36] *** lguru| has joined #postfix[21:36:08] *** lguru- has joined #postfix[21:36:20] *** lguru has quit IRC[21:36:32] *** sphenxes02 has joined #postfix[21:37:25] *** lguru has joined #postfix[21:37:38] *** lguru- has quit IRC[21:37:57] *** lguru- has joined #postfix[21:39:15] *** lguru| has quit IRC[21:39:35] *** sphenxes has quit IRC[21:40:12] *** sphenxes has joined #postfix[21:40:28] *** sphenxes01 has quit IRC[21:42:10] *** lguru has quit IRC[21:42:41] *** eagles0513875_ has joined #postfix[21:42:45] *** d0nn1e has quit IRC[21:43:59] *** d0nn1e has joined #postfix[21:47:26] *** eagles0513875_ has quit IRC[21:52:23] *** doppo has quit IRC[21:53:34] *** lucascastro has quit IRC[21:54:26] *** TyrfingMjolnir has quit IRC[21:55:57] *** TyrfingMjolnir has joined #postfix[22:06:49] *** shawniverson has quit IRC[22:09:49] *** shawniverson has joined #postfix[22:10:13] *** shawniverson is now known as Guest12086[22:13:34] *** Ulver has quit IRC[22:13:41] *** rsx has joined #postfix[22:18:54] *** Ulver has joined #postfix[22:21:06] *** doubletwist has quit IRC[22:21:57] *** fxhp has joined #postfix[22:22:19] <fxhp> is it possible to add multiple custom headers using check_headers and prepend?[22:22:38] <fxhp> I've tried without any luck, only my first declared header ends up in the message[22:23:28] *** maziar has quit IRC[22:27:37] *** doppo has joined #postfix[22:27:52] *** synthroid has quit IRC[22:31:19] *** v1c3 has quit IRC[22:31:20] <fxhp> http://pad.yohdah.com/358/postfix-header-checks-ses[22:31:29] <fxhp> that ends up only adding the first header.[22:32:06] *** doppo has quit IRC[22:32:15] <fxhp> do I need a separate / unique regex for each custom heder?[22:35:48] *** maziar has joined #postfix[22:36:54] *** Gaius is now known as GaiusM[22:39:38] *** synthroid has joined #postfix[22:45:19] <Zerberus> http://www.postfix.org/header_checks.5.html[22:45:42] <Zerberus> the answer is therein the second sentence[22:45:56] *** synthroid has quit IRC[22:49:54] *** rsx has quit IRC[22:54:06] <rob0> also the FILTER_README covers this[22:54:10] <rob0> !filter[22:54:10] <knoba> rob0: "filter" : see !filter_readme[22:54:15] <rob0> !filter_readme[22:54:16] <knoba> rob0: "filter_readme" : http://www.postfix.org/FILTER_README.html :: After-queue content filtering[22:54:29] <rob0> oops, no, not that one[22:55:12] <rob0> the one about header_checks is BUILTIN_FILTER_README.html[22:55:36] *** showaz has joined #postfix[22:55:56] <rob0> http://www.postfix.org/BUILTIN_FILTER_README.html#limitations[22:56:01] *** KaiForce has quit IRC[22:58:18] *** doppo has joined #postfix[23:00:25] *** ThomasKeller has joined #postfix[23:06:22] *** robinho86 has quit IRC[23:12:06] *** v1c3 has joined #postfix[23:12:34] <fxhp> Zerberus: is there a better way then to find 3 different / unique headers to prepend?[23:13:07] <Zerberus> don't know why you want / need to prepend headers at all[23:13:35] <fxhp> I need to add 3 custom headers to every email that relays through postfix[23:14:28] <fxhp> and all I can find is using header_checks with prepend[23:15:14] *** doppo has quit IRC[23:17:12] <fxhp> the headers are used by SES (amazon) to share verified sender and DKIM settings[23:18:17] *** wdp has joined #postfix[23:18:18] *** wdp has joined #postfix[23:19:27] *** FinboySlick has quit IRC[23:21:15] *** pti-jean_ has quit IRC[23:22:22] *** phreebird has quit IRC[23:23:40] <fxhp> Zerberus: do you know of a better way to add custom headers using Postfix?[23:24:17] <Zerberus> 10 years ago the maker of Postfix had given his opionion about that task: http://www.textndata.com/forums/adding-multiple-header-lines-through-372971.html[23:24:46] <fxhp> Reading that now.[23:24:52] *** sphenxes has quit IRC[23:26:32] *** azwieg103 has left #postfix[23:28:59] <fxhp> "Postfix will NOT re-invent the functionality in these tools."[23:29:07] <fxhp> is that the take away?[23:29:26] <fxhp> use spamassassin or something else to add any headers I need?[23:30:16] *** sphenxes02 has quit IRC[23:30:48] <Zerberus> you can write your own filter[23:36:39] <fxhp> Should I be looking into before-queue or after-queue?[23:36:41] *** iGeni has joined #postfix[23:37:20] *** dstarh has quit IRC[23:37:39] *** doppo has joined #postfix[23:41:55] *** doppo has quit IRC[23:42:28] <Zerberus> where is that kind of procedure for SES documented?[23:46:44] <rob0> after-queue is much safer if you're only adding headers. Before-queue filtering is for spam blocking.[23:49:42] *** TyrfingMjolnir has quit IRC[23:53:34] *** doppo has joined #postfix[23:54:33] *** pajamian is now known as pj