January 13, 2016 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 13, 2016 [00:06:55] *** doppo has quit IRC[00:08:07] *** Guest12086 is now known as shawniverson[00:15:33] *** doppo has joined #postfix[00:20:06] *** doppo has quit IRC[00:29:09] *** gu1lle_ has quit IRC[00:29:56] *** gamba47_ has quit IRC[00:33:51] *** gamba47 has joined #postfix[00:40:19] *** camroncade has quit IRC[00:44:23] *** daynaskully has quit IRC[00:45:04] *** daynaskully has joined #postfix[00:52:36] <fxhp> ok, I'm only adding headers and they are static[00:52:57] <fxhp> so after-queue is ideal[00:58:22] *** wdp has quit IRC[00:58:36] *** doppo has joined #postfix[01:02:02] *** showaz has quit IRC[01:03:18] *** doppo has quit IRC[01:28:48] *** maziar has quit IRC[01:32:37] *** doppo has joined #postfix[01:35:46] *** MissAntroph has quit IRC[01:36:04] *** toadvine has quit IRC[01:36:57] *** doppo has quit IRC[01:42:55] *** anunnaki has quit IRC[01:42:57] *** MissAntroph has joined #postfix[01:49:54] *** anunnaki has joined #postfix[01:54:07] *** lucascastro has joined #postfix[01:57:10] *** trepatudo has quit IRC[01:57:53] *** trepatudo has joined #postfix[01:59:38] *** doppo has joined #postfix[02:03:55] *** doppo has quit IRC[02:06:09] *** tharkun has quit IRC[02:15:37] *** doppo has joined #postfix[02:18:40] *** trepatudo has quit IRC[02:21:24] *** dstarh has joined #postfix[02:21:57] *** tharkun has joined #postfix[02:23:25] *** trepatudo has joined #postfix[02:26:33] *** Kellin_ has joined #postfix[02:33:55] *** anunnaki has quit IRC[02:35:34] *** anunnaki has joined #postfix[02:58:41] *** lemondom has quit IRC[03:03:26] *** tharkun has quit IRC[03:03:26] *** tharkun has joined #postfix[03:04:16] *** _max has joined #postfix[03:09:46] *** err-or has joined #postfix[03:13:29] *** err-or_ has quit IRC[03:51:17] *** D-Boy has quit IRC[03:52:16] *** Motoko has joined #postfix[03:58:31] *** joules has quit IRC[04:01:51] *** joules has joined #postfix[04:01:56] *** joules has joined #postfix[04:03:51] *** Batch has joined #postfix[04:07:30] *** D-Boy has joined #postfix[04:16:08] *** chachasmooth has quit IRC[04:17:41] *** chachasmooth has joined #postfix[04:20:17] *** dstarh has quit IRC[04:38:30] *** dstarh has joined #postfix[04:39:56] *** dstarh has quit IRC[04:40:59] *** yoavz- has quit IRC[04:50:05] *** yoavz has joined #postfix[05:17:33] *** CRCinAU has left #postfix[05:25:46] *** heraclitus has joined #postfix[05:37:22] <heraclitus> what am I doing wrong with my postfix config here? https://paste.fedoraproject.org/310067/14526596/ I want to be able to relay to any and all outside MTA domains and I can't relay to any in my current configuration, I've decided to permit ALL in smtpd_client_restrictions, that overrides the permis_sasl_authenticated and permit_mynetworks parameters. Any hints?[05:38:55] <tharkun> !tell heraclitus openrelay[05:38:55] <knoba> heraclitus: "openrelay" : An open relay is a mail server that is set up incorrectly and accepts and forwards mails for strangers. It will quickly be identified and abused by spammers, then blacklisted. Postfix has numerous protections against becoming an open relay, so it is not likely to have this problem.[05:39:34] <heraclitus> I do not want to be an open relay, just simply be able to send mail to outside domains from my domain[05:40:10] <tharkun> !tell heraclitus showconfig[05:40:10] <knoba> heraclitus: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[05:40:31] <heraclitus> I'm *very* new to MTA, and I'm learning it's quite a rabbit hole for learning[05:40:34] <heraclitus> wait one on the config[05:41:46] <heraclitus> I can only output 'postconf -n'[05:42:15] <tharkun> !tell heraclitus showconfig_old[05:42:16] <knoba> heraclitus: "showconfig_old" : for versions of postfix < 2.9, pastebin postconf -n and the contents of master.cf with comments removed[05:42:55] <heraclitus> already posted that in that fedora pastbin[05:42:58] <heraclitus> :/[05:43:07] <heraclitus> https://paste.fedoraproject.org/310067/14526596/[05:44:26] <heraclitus> first line is the relay error, the other lines are labeled by associated file[05:44:47] <heraclitus> that's the output of 'grep -v -e ^# -e ^$ /etc/postfix/master.cf /etc/postfix/main.cf >> postfix_errors.txt[05:46:14] <rob0> Fortunately smtpd_client_restrictions does not control relaying. :)[05:46:22] <rob0> !relay_denied[05:46:22] <knoba> rob0: "relay_denied" : NOQUEUE: reject: RCPT from CLIENT_HOST[CLIENT_IP]: 554 5.7.1 <RECIPIENT@RCPT_DOMAIN>: Relay access denied; from=<SENDER@SENDER_DOMAIN> to=<RECIPIENT@RCPT_DOMAIN> proto=ESMTP helo=<HELO>: This typically means that CLIENT_IP is not in mynetworks (and did not AUTH), and that RCPT_DOMAIN was not recognized as one of this Postfix's domains (not listed in mydestination, relay_domains or virtual_*_domains).[05:46:36] <rob0> !sasl[05:46:36] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[05:47:26] *** lucascastro has quit IRC[05:47:37] <rob0> "mydestination = *", where did you see that documented?[05:48:40] <rob0> (Which here means, no, it's not documented anywhere, which further means, no, it does not work.)[05:49:27] *** marigeo has joined #postfix[05:51:10] <heraclitus> of course, that was a naive assumption on my part, rob0. I reiterate, I'm new to postfix+dovecot :) I'm quite familiar with most other common protocols and services running on linux, but not MTA.[05:53:13] <pj> heraclitus: mail servers are a world apart in complexity to other services.[05:53:36] <heraclitus> I'm noticing :)[05:53:55] <heraclitus> and my apologies for my naivette.[05:55:35] *** AMorpork has quit IRC[06:19:45] *** anunnaki has quit IRC[06:24:59] *** anunnaki has joined #postfix[06:26:23] *** rigel has quit IRC[06:38:45] *** Kellin_ has left #postfix[06:48:10] *** shoonya has joined #postfix[07:04:14] *** ced117 has joined #postfix[07:20:47] *** ced117 has quit IRC[07:22:19] *** heraclitus has quit IRC[08:01:06] *** _max has quit IRC[08:10:26] *** TyrfingMjolnir has joined #postfix[08:10:38] *** shoonya has quit IRC[08:10:58] *** shoonya has joined #postfix[08:19:18] *** Motoko has quit IRC[08:20:41] *** carl- has joined #postfix[08:34:31] *** pozitrono has joined #postfix[08:38:31] *** zorg1 has joined #postfix[08:40:35] *** Haudegen has quit IRC[08:52:36] *** joules has quit IRC[08:57:42] *** Haudegen has joined #postfix[09:12:15] *** shoonya has quit IRC[09:50:14] *** Poster has quit IRC[09:53:18] *** tonil has joined #postfix[09:53:19] *** tonil has joined #postfix[10:18:15] *** finster has left #postfix[10:32:05] *** Quadro has joined #postfix[10:41:33] *** d0nn1e has quit IRC[10:42:22] *** Batch has quit IRC[10:43:50] *** d0nn1e has joined #postfix[11:12:21] *** Guest97173 has quit IRC[11:28:19] *** olegfusion has joined #postfix[12:08:32] *** iGeni has quit IRC[12:09:44] *** ghormoon has quit IRC[12:12:53] *** ghormoon has joined #postfix[12:16:11] *** jimpop has quit IRC[12:17:34] *** jimpop has joined #postfix[12:29:23] *** ThomasKeller has quit IRC[12:45:37] *** Diplomat has joined #postfix[12:46:01] <Diplomat> Hey guys, I have a little problem. I'm getting "Recipient address rejected: Domain not found" but when I test my nameserver in resolv.conf then it resolves the domain correctly[12:46:55] *** ThomasKeller has joined #postfix[12:51:38] *** Haudegen has quit IRC[13:02:02] *** Quadro has quit IRC[13:02:58] *** Section1 has joined #postfix[13:13:14] *** Batch has joined #postfix[13:14:04] <Zerberus> Diplomat: postfix chrooted?[13:14:13] <Diplomat> nope[13:14:59] <Zerberus> but your Postfix has no idea about proper name resolving[13:15:42] <Diplomat> Hmm.. I don't think it's chrooted. How do I know that it's chrooted?[13:18:07] *** lucascastro has joined #postfix[13:20:23] *** Quadro has joined #postfix[13:21:36] *** pti-jean_ has joined #postfix[13:23:05] *** Mizar has joined #postfix[13:27:24] <Zerberus> read and comprehend your master.cf[13:29:39] <Tuxick> why would master.cf be aware of chrootedness?[13:30:03] <Tuxick> ah nevermind :)[13:30:11] <Diplomat> Meh, it was chrooted[13:30:53] *** Haudegen has joined #postfix[13:30:55] <Tuxick> a decent OS would make sure things won't break on that[13:31:07] <Tuxick> so what did you overlook?[13:31:30] <Diplomat> Configuration mistake[13:32:10] <Diplomat> But I'm thinking.. would it be possible to use one DNS server for senders and one for receivers ? Because I can't check for sender domain exist using my internal DNS[13:32:22] *** Quadro has quit IRC[13:32:28] <Tuxick> fix internal dns?[13:32:30] <Diplomat> and if I'd use a public DNS server it would become an open relay[13:32:35] <Tuxick> huh?[13:32:59] <Diplomat> Sender -> Proxy -> SMTP relay -> Receiving server[13:33:09] <Tuxick> i use bind with split views[13:33:31] <Diplomat> but if my smtp relay would resolve someones yahoo email then my server would send an email to that yahoo email[13:33:35] <Tuxick> so one dns to rule them all[13:33:51] <Tuxick> uhm yes, isn't that supposed to be?[13:34:05] <Diplomat> i'd like to allow only those domains that are in my own dns server and reject others[13:37:29] *** maziar has joined #postfix[13:38:12] *** Mizar has left #postfix[13:41:31] <Nit_> would'nt be an check_recipient_access hash:/path/to/file a proper solution ?[13:41:48] <Nit_> http://www.postfix.org/access.5.html[13:42:27] <Nit_> s/proper/cleaner/[13:42:36] <Diplomat> In my situation, no since I don't have control over email accounts.. that control is in receiving server[13:43:12] <Tuxick> now i'm even more confused[13:43:40] <Tuxick> some weird assumption must have sneaked in[13:43:49] <Tuxick> !goal[13:43:50] <knoba> Tuxick: "goal" : describe your goal, not what you think the solution is[13:43:59] <Tuxick> not quite the one i meant[13:44:28] <Tuxick> not entirely anyway[13:44:38] *** drewlander has quit IRC[13:45:06] *** trepatudo has quit IRC[13:46:51] *** wmp has joined #postfix[13:47:02] *** wmp is now known as Guest57987[13:47:55] <Diplomat> My goal is to allow only those domains that are in my internal DNS server[13:47:58] *** Guest57987 has left #postfix[13:48:06] <Diplomat> But I would like to validate senders too[13:49:41] *** wiuempe has joined #postfix[13:51:30] *** trepatudo has joined #postfix[13:53:37] <wiuempe> hello, i have problem with rbl. I hae problem if sender server has in rbl, and my mail account canot receive mail from sender. Is possible to check rbl only when my mail accound dont write mail to this address from 5 days ago?[13:55:56] <Zerberus> no[13:56:16] <Zerberus> !tell wiuempe getting_help[13:56:17] <knoba> wiuempe: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[13:56:39] <wiuempe> !showconfig[13:56:39] <knoba> wiuempe: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[13:56:50] *** robinho86 has joined #postfix[13:57:47] <Tuxick> Diplomat: allow what?[13:59:08] *** pozitrono has quit IRC[13:59:33] <wiuempe> Zerberus: http://pastebin.com/1rgf64Qu[14:00:40] <Zerberus> wiuempe: log information demonstrating the issue is missing in the pastebin[14:00:58] <wiuempe> Zerberus: ok, moment[14:02:32] <wiuempe> Zerberus: http://pastebin.com/pZ7MAN58 - this is log from this issue[14:03:23] *** TyrfingMjolnir has quit IRC[14:04:58] <Zerberus> wiuempe: you are using RBLs, so you let others decided whether you can get mail or not - if you don't want that this way, then don't use RBLs[14:05:19] <Zerberus> https://www.spamcop.net/w3m?action=blcheck&ip=62.179.121.50 no longer listed[14:05:47] <Zerberus> I personally would not make use of the spamcop RBL[14:06:11] <Zerberus> or use postscreen for a weighted decision about RBL results[14:06:33] <wiuempe> Zerberus: RBL is nice, but i want use RBL if receive mail dont write mail to sender from 5 days ago[14:06:42] *** maziar has quit IRC[14:06:43] <wiuempe> without rbl i have too much spam[14:06:50] <Zerberus> !postscreen[14:06:50] <knoba> Zerberus: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[14:07:55] *** pozitron has joined #postfix[14:14:24] *** synthroid has joined #postfix[14:14:39] *** davlefouAMD has joined #postfix[14:19:53] <wiuempe> Zerberus: thanks[14:22:35] *** trepatudo has quit IRC[14:23:37] *** iGeni has joined #postfix[14:26:33] *** trepatudo has joined #postfix[14:29:23] *** drewlander has joined #postfix[14:33:19] <Diplomat> Tuxick: got it already[14:33:52] <Diplomat> But I was wondering is it possible to discard or reject emails during the um.. client <-> server process.. like after client has sent DATA[14:34:11] <Diplomat> then spamassassin checks and if result is over threshold then it rejects[14:37:13] <lunaphyte> you'd have to use a milter to reject mail with spamassassin[14:37:57] <Tuxick> spamass-milter works ok![14:38:27] <lunaphyte> thing is though, that's probably a bad idea[14:38:43] <lunaphyte> rejecting mail because it is spam is too subjective[14:39:01] <lunaphyte> instead, better to mark it and deliver it to a mailbox[14:39:08] *** Batch has quit IRC[14:39:31] <Tuxick> i reject a fair bit of mail[14:39:47] <lunaphyte> rejecting mail is fine[14:39:57] <thumbs> discarding isn't.[14:40:08] <lunaphyte> breaking it up into different "stages" is the responsible thing[14:40:20] <Tuxick> sure[14:41:11] <Diplomat> lunaphyte: well i'd like to reject because my server provider could block my access because im sending spam[14:41:21] <Diplomat> also those emails are not super important[14:41:22] <lunaphyte> use postscreen, responsible smtpd restrictions, and reject the nasty garbage. then, accept what remains, and use amavis/spamassassin to mark it as such, and deliver it to a given mailbox[14:42:31] <lunaphyte> this philosophy then precludes any appreciable benefit for use of a milter, which allows some more modularity and separation between the components involved in mail flow[14:42:59] <lunaphyte> anyway, what is the actual problem, Diplomat?[14:43:42] <Diplomat> I have it like: [client] -> [server] -> [smtp relay] -> [server][14:44:23] <Diplomat> If I accept spam in smtp relay then i might get blocked by the isp.. also my first server is fairly weak to process mail[14:44:48] <lunaphyte> where is this spam coming from?[14:45:00] <Diplomat> from the internet[14:45:03] <Diplomat> lol[14:45:16] <lunaphyte> why are you taking mail from the internet and then relaying it to your isp?[14:45:51] <Diplomat> look at that little thing i wrote above.. there you can see how it works[14:46:01] <Diplomat> client = normal visitor or spammer[14:46:01] <lunaphyte> dude...[14:46:08] <lunaphyte> i looked at it[14:46:11] <lunaphyte> then i asked the question[14:46:36] <lunaphyte> so obviously, that "little thing" is not an adequate explanation of what is going on[14:46:36] <Diplomat> I'm relaying it FROM[14:46:46] <Diplomat> my ISP server[14:46:50] <Diplomat> to my SMTP relay[14:47:02] *** edux has joined #postfix[14:47:52] <lunaphyte> why is your isp server involved? can you not accept your own mail?[14:47:59] <lunaphyte> perhaps a better diagram would be useful[14:48:05] <lunaphyte> that one is too vague[14:48:40] <Diplomat> Hold on I'll davinci a diagram in paint for you[14:52:48] <Diplomat> lunaphyte: http://i.imgur.com/KqpKhEh.png[14:53:13] <lunaphyte> which of those servers do you not control?[14:54:14] <Tuxick> Diplomat: where's the smile?[14:54:21] <Diplomat> damn, forgot[14:54:28] <Diplomat> I control all of them[14:54:37] <Diplomat> well, I have access to them[14:54:51] <Tuxick> somehow i have a feeling the answer is "submission"[14:54:57] <Tuxick> but that's a blind guess[14:55:07] <Tuxick> since problem still unclear[14:55:16] <lunaphyte> Diplomat: so what are you worried about then?[14:55:44] <Diplomat> getting blocked by the ISP who can turn off my port 25[14:55:56] <lunaphyte> where is the isp in this scenario?[14:56:02] <lunaphyte> it is not on your diagram[14:56:05] <Diplomat> :([14:56:10] <Diplomat> public network owner is my ISP[14:56:40] <lunaphyte> who owns srv1 and srv2? the isp? do they have access to them?[14:57:30] <Diplomat> yes[14:57:45] *** iGeni has quit IRC[14:57:55] <lunaphyte> why are you passing all of your incoming mail through them?[14:58:12] <Diplomat> because i have to[14:58:14] *** iGeni has joined #postfix[14:58:16] <lunaphyte> why?[14:59:00] <Tuxick> i've heard of ISPs blocking outgoing 25, a very good thing[14:59:02] <Tuxick> but incoming?[14:59:12] <lunaphyte> it's not uncommon[14:59:18] <Tuxick> prolly not[14:59:27] <Tuxick> just less likely, i suppose[14:59:31] <lunaphyte> yeah[14:59:56] <lunaphyte> it's more to extort the customer[14:59:58] <Diplomat> Well they are not happy when I send spam to my smtp relay because I'm just proxying from srv1 to smtp relay[15:00:26] <Diplomat> so when smtp relay accepts spam that means technically i have sent spam from my isp's server[15:00:33] <lunaphyte> srv1 and srv2 are not mail servers? what software runs on them for mail to flow through them?[15:01:05] <Tuxick> Diplomat: you're VERY unclear about direction of mail[15:01:05] <Diplomat> I haproxy them[15:01:17] <lunaphyte> i see[15:01:24] <Diplomat> Tuxick, didn't you see my fabulous arrows on that pic ?[15:01:34] <Diplomat> I just got an email for $15k[15:01:55] <lunaphyte> Diplomat: there's no problem here[15:04:38] *** synthroid has quit IRC[15:05:02] <Diplomat> I'm trying this milter thing, it sounds promising and i'll just set threshold to 4[15:05:14] <lunaphyte> Diplomat: perhaps you could make that statment, "technically", but that is completely absurd[15:05:45] <lunaphyte> are you having an actual problem with your isp regarding this?[15:06:18] <Diplomat> Well, blocking outgoing (to smtp relay) smtp connections is a problem for me yes[15:06:28] <Diplomat> I already got blocked few times and their automatic block lasts for 10 days[15:06:37] <lunaphyte> there is something else going on then[15:06:50] *** synthroid has joined #postfix[15:09:35] *** iGeni has joined #postfix[15:10:59] <lunaphyte> your isp is watching the traffic from the haproxy servers, and if they don't like the traffic leaving the servers going to your mail server, they automatically block you?[15:12:08] <Diplomat> yup[15:12:57] <lunaphyte> that is absolutley crazy[15:13:12] <Diplomat> well they dont block *me* they block the port :P[15:13:27] <lunaphyte> block the port, where/how?[15:13:41] <lunaphyte> does mail from the internet stop arriving at haproxy?[15:14:58] <Diplomat> Check this: http://puu.sh/muauW/7ea7ef2523.png[15:15:21] <lunaphyte> i see[15:15:26] <lunaphyte> here's my advice. ditch the haproxy[15:15:34] <lunaphyte> it's more trouble than it's worth[15:16:09] <Diplomat> Well, I need to move the mail somehow to internal (private) network[15:16:38] <lunaphyte> point your mx records to SMTP RELAY[15:16:58] <Diplomat> smtp relay is not accessible from the public internet[15:17:05] <lunaphyte> why not?[15:17:23] <lunaphyte> do you have any public addresses?[15:17:43] <Diplomat> Only those in the ISP network[15:18:27] <lunaphyte> but those are not your servers?[15:18:33] <Diplomat> Hm, maybe I could just change the outgoing port..[15:18:46] <Diplomat> instead of 25 I'd use 252 lol[15:18:58] <Diplomat> I think they understand which protocol it is..[15:19:33] <lunaphyte> are srv1 and srv2 your servers? who set them up? who owns them? are they physical? virtual?[15:19:50] <Diplomat> They are virtual, technically I own them, but I don't own that network[15:19:59] <lunaphyte> does the isp have access to them?[15:20:05] <lunaphyte> meaning, can they access the os running on them?[15:20:07] <Diplomat> only on network level[15:20:08] <Diplomat> no[15:20:10] <lunaphyte> ok[15:20:28] <lunaphyte> then i have some different advice[15:20:51] <lunaphyte> encrypt the traffic between srv1/srv2 and SMTP RELAY[15:21:09] <lunaphyte> if haproxy can do this, then good. if not, get rid of haproxy and replace it with postfix[15:21:20] <Diplomat> postfix can encrypt it ?[15:21:24] <lunaphyte> of course[15:21:47] <Diplomat> I could use a different port too to confuse them[15:21:50] <Diplomat> lol[15:22:04] <lunaphyte> your isp is meddling in things that are none of their business. they do not understand some basics concepts involving networking and email[15:22:16] <lunaphyte> yes, you could do that too, and it would not be a bad idea, in general[15:22:54] <Diplomat> I could encrypt it with a ssl cert ?[15:22:58] <lunaphyte> yes[15:23:28] <Diplomat> hmm[15:24:22] <Diplomat> haproxy can encrypt it too[15:24:36] <Diplomat> nice[15:25:22] <Diplomat> Ok so I use my public key with my haproxy and private key with postfix and it should work ?[15:26:14] <lunaphyte> in so many words, yes[15:26:33] <Diplomat> ok sweet, ill try it[15:26:38] *** Poster has joined #postfix[15:26:39] <lunaphyte> configure postfix to present a cert to clients.[15:27:00] <lunaphyte> when haproxy connects, it will be given the cert by postfix. the cert contains the public key[15:27:27] <Diplomat> lol it's like some spy shit[15:27:40] <lunaphyte> eh, not really :)[15:27:45] <lunaphyte> just encryption[15:27:54] <lunaphyte> pretty pedestrian[15:29:07] <Diplomat> Hmmmmmm.. postfix will reject eveyone who don't have the key ?[15:29:20] *** phreebird has joined #postfix[15:29:42] *** phreebird has quit IRC[15:29:42] *** phreebird has joined #postfix[15:39:47] *** higuita has quit IRC[15:43:32] <lunaphyte> no[15:43:45] <lunaphyte> postfix will offer encryption to whomever wishes to use it[15:44:10] <lunaphyte> you can constrain things further if you like, but that's up to you[15:47:01] <Diplomat> Ah, that's why it accepted my emails lol[15:47:04] <Diplomat> I thought wtf[15:47:20] <lunaphyte> postfix will log if the client used encryption[15:47:30] <lunaphyte> !smtpd_tls_loglevel[15:47:30] <knoba> lunaphyte: "smtpd_tls_loglevel" : enable additional postfix smtp server logging of tls activity. each logging level also includes the information that is logged at a lower logging level.[15:47:34] <lunaphyte> set that to 1[15:48:23] <Diplomat> Hmm.. but you know, people are connecting using helo not ehlo[15:48:36] <lunaphyte> that shouldn't matter[15:48:44] <lunaphyte> haproxy is the one connecting to postfix[15:49:08] <Diplomat> but haproxy is just a tcp proxy[15:49:36] <lunaphyte> oh, i see[15:49:44] <lunaphyte> then install postfix[15:50:56] <Diplomat> I don't know how to proxy it to my smtp relay that way[15:51:01] <Diplomat> Gotta google[15:51:06] <lunaphyte> you won't proxy it[15:51:39] <lunaphyte> postfix on srv1 and srv2 will accept mail, and then relay it to SMTP RELAY[15:52:12] <Diplomat> well yes, i'm not sure how to do it[15:53:45] <Diplomat> oh just relayhost = smtp_relay:port ?[15:54:12] <lunaphyte> i would recommend using the relay address class[15:58:55] *** gu1lle_ has joined #postfix[16:02:06] <lunaphyte> !tell Diplomat address_classes[16:02:06] <knoba> Diplomat: "address_classes" : http://www.postfix.org/ADDRESS_CLASS_README.html describes how Postfix deals with different classes of addresses: local, relay, virtual alias, virtual mailbox, and Internet.[16:08:50] <Diplomat> Okay cool[16:10:11] <Diplomat> I think it works[16:10:22] <Diplomat> i added spam lists too which is awesome i can see so many blocks already[16:14:06] *** osten has quit IRC[16:14:23] *** osten has joined #postfix[16:18:02] *** dstarh has joined #postfix[16:20:44] <Diplomat> Nice I think I blocked myself already[16:20:49] <Diplomat> but my ip is in csf :([16:22:49] *** car has joined #postfix[16:25:02] <car> Hi. How can i make Postfix looking up for ldap-group-members by UID instead of DN. My .cf looks like this: https://gist.github.com/anonymous/afa6b2dc69da204a9dd7 and the error message is : https://gist.github.com/anonymous/2c2e2a1da6acd37b1118 if i try a query with postmap.[16:25:52] <patdk-wk> didn't know it could even do a lookup via dn[16:26:11] <car> :)[16:26:29] <patdk-wk> your lookup is not looking up dn[16:27:00] <patdk-wk> since you leave out all needed info[16:27:10] <patdk-wk> it looks like your attempting to do an alias lookup in there[16:27:15] <patdk-wk> why would you return uid?[16:27:17] <car> i know its looking up UID, because the group the UID attribute[16:27:20] <patdk-wk> uid is not a valid result[16:27:57] <car> the group has the attribute UID , not DN[16:28:12] <patdk-wk> heh?[16:28:16] <patdk-wk> everything in ldap has a dn[16:29:31] <Diplomat> holy nutcracker I think it works[16:30:23] *** Quadro has joined #postfix[16:30:36] *** gu1lle_ has quit IRC[16:34:59] <car> hmm, the attribute memberUID of the group just shows the 'name' of the the user (like Tom Taylor) , which is th UID-attribute of the user[16:37:23] <car> its exactly like this problem: http://serverfault.com/questions/394421/make-postfix-search-ldap-group-members-by-uid-instead-of-dn[16:48:03] <lunaphyte> Diplomat: make sure you have relay_recipient_maps configured so srv1 and srv2 only accept mail for valid recipients[16:48:28] <Diplomat> That's why I want to relay only domains that are in my dns server[16:48:37] <Diplomat> since I don't have control over those emails[16:48:40] *** gsr has joined #postfix[16:49:11] <Diplomat> but i do have control over the domains[16:49:29] *** carl- has quit IRC[16:50:44] *** edux has quit IRC[16:51:02] <gsr> Hi all. I have a server with a few imap accounts using dovcot, and I am transfering the accounts and the domains to a new server. I tried just copying a message from my Mailnames/DOMAIN/USER/cur folder into the cur folder of another account, but I am getting a message saying the email isn't on the server. Has anyone here successfully migrated emails between servers?[16:51:58] <car> gsr: imapsync[16:52:55] <car> https://github.com/imapsync/imapsync[16:56:36] *** zorg1 has quit IRC[17:03:08] *** davlefouAMD has quit IRC[17:04:46] <survietamine> gsr: yes, I migrated from Exchange to dovecot and Courier to dovecot[17:07:16] *** vvassilev has joined #postfix[17:10:44] *** ThomasKeller has quit IRC[17:12:53] *** vvassilev has quit IRC[17:13:18] *** vvassilev has joined #postfix[17:15:06] *** AMorpork has joined #postfix[17:19:06] <vvassilev> Hi all. I have a smarthost config. The main server sends mails just fine. The forwarding seems to be unable to connect to its relayhost. I was wondering how I can assert that this is the issue...[17:21:12] <lunaphyte> !tell vvassilev getting_help[17:21:13] <knoba> vvassilev: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[17:21:38] <vvassilev> !relevant_logs[17:21:38] <knoba> vvassilev: "relevant_logs" : Relevant logs are mail.* syslog Postfix logs (NOT verbose, see !verbose) which show the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log might not do. IMAP/POP3 daemons and external delivery agents typically log to the same facility (mail); those are usually not relevant here.[17:21:58] <vvassilev> knoba: !verbose[17:22:07] <vvassilev> !verbose[17:22:07] <knoba> vvassilev: "verbose" : You probably do not need verbose logging, but in rare cases the extra detail can assist in debugging. To set verbose logging add a -v after the command name (such as smtpd) in master.cf, then 'postfix reload' after that.[17:25:59] *** synthroid has quit IRC[17:28:44] <vvassilev> !showconfig[17:28:44] <knoba> vvassilev: "showconfig" : when asked to provide your config, pastebin postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[17:30:24] <vvassilev> Those are my logs: http://paste.ubuntu.com/14488219/ and http://paste.ubuntu.com/14488229/[17:30:42] <vvassilev> I hope someone sees more than I can see with my newbie eyes :)[17:32:29] *** JanC_ has joined #postfix[17:34:15] *** JanC has quit IRC[17:34:59] *** pozitron has quit IRC[17:35:39] <phreebird> vvassilev: We need to see your mail.log[17:35:48] <phreebird> or atleast the relevant parts of it.[17:36:02] <gsr> car: thanks, this looks like a good solution![17:36:06] <vvassilev> phreebird: it is empty...[17:36:44] <vvassilev> The only piece of log I see is this: connect to mx1.solid-consult.com[80.80.139.116]:25: Connection refused[17:37:13] <phreebird> is postfix running on mx1?[17:37:49] <phreebird> And is 25 open on the firewall[17:37:53] <phreebird> of mx1[17:38:15] <vvassilev> Yes. I don't understand why mx1.solid-consult.com resolves to 80.80.139.116 and not to the internal address. I have the setting in /etc/hosts and /var/spool/postfix/etc/hosts[17:38:58] <vvassilev> It is not open, it should relay the mail to the internal posfix, which works fine.[17:39:23] <lunaphyte> postfix uses dns. not hosts[17:39:41] *** gu1lle_ has joined #postfix[17:39:53] <vvassilev> lunaphyte: ouch... do you mean resolv.conf?[17:40:08] <lunaphyte> why are you putting that in the hosts file?[17:40:12] <lunaphyte> what is the actual problem?[17:40:50] <vvassilev> lunaphyte: my postfix needs to resolve mx1.solid-consult.com to 10.11.12.8 not to 80.80.139.116. How I can do that?[17:40:59] *** irctc300 has joined #postfix[17:41:03] <lunaphyte> fix your dns[17:41:10] <Tuxick> heh[17:41:15] <phreebird> change relayhost to relayhost = 10.11.12.8[17:41:20] *** irctc300 has quit IRC[17:41:26] <lunaphyte> yes, or don't use dns, use the ip address[17:41:51] *** rfr__ has joined #postfix[17:41:52] <vvassilev> phreebird, lunaphyte: thanks a lot for the hints. I will try and see what happens![17:42:11] <phreebird> vvassilev: let us know :)[17:42:53] <phreebird> So postfix wont use the host file at all?[17:42:57] <rfr__> Is running opendkim a security risk since it opens a port?[17:45:45] <lunaphyte> yes[17:46:14] <vvassilev> Still not good. The queue is empty but no mails sent, none received in the relayhost...[17:46:30] <lunaphyte> phreebird: postfix can be forced to use the hosts file. however, consider there is a reason why this is not the default ;)[17:46:49] <phreebird> logs vvassilev[17:47:21] <phreebird> Thank you for clarifying lunaphyte[17:48:28] <phreebird> vvassilev: So you're basically setting up a backup mailserver?[17:48:42] <vvassilev> logs: /var/log/mail.log is again empty.[17:49:33] <vvassilev> phreebird: no, I am setting a "proxy" server, dispatching to a cloud of mail servers behind.[17:49:51] <vvassilev> where the cluster of servers so far is 1 :)[17:49:54] *** camroncade has joined #postfix[17:50:24] <vvassilev> syslog tells me that I don't know how to use sendmail command... let me google...[17:50:31] <phreebird> Interesting.[17:50:51] <rob0> vvassilev, "man sendmail"[17:51:04] <vvassilev> right I need the oneliner ;)[17:52:35] *** lucascastro has quit IRC[17:57:03] <vvassilev> Diagnostic-Code: smtp; 554 5.7.1 <...>: Relay access denied[17:58:13] <lunaphyte> logs are all that matter[17:58:17] <lunaphyte> postfix logs what it does[17:58:35] <lunaphyte> if there are no logs, then either it is not postfix, or your syslog software is broken[17:59:38] <phreebird> vvassilev: You need to add your smarthost to mynetworks on mx1[17:59:57] <Tuxick> or you got infected with systemd trojan[18:00:09] <lunaphyte> use smtp auth. not mynetworks[18:00:09] <vvassilev> lunaphyte: I agree the logs are everything. I don't really understand why it doesn't write to them.[18:00:24] <lunaphyte> test with logger[18:00:29] <vvassilev> It seems I managed to send the mail. Indeed the issue was the dns.[18:00:53] <vvassilev> phreebird: I don't understand. What do you mean?[18:01:19] <phreebird> on mx1[18:01:46] <phreebird> mynetworks = 127.0.0.1, *proxyip*[18:02:09] <phreebird> that will alow relay access[18:02:16] <vvassilev> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128[18:02:22] <rob0> !nologs[18:02:23] <knoba> rob0: "nologs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.[18:02:35] <phreebird> at the end of that, add in your proxyip[18:02:41] <lunaphyte> mynetworks is not the proper way to do that[18:02:58] <vvassilev> phreebird: sorry misunderstood. Let me check the config on mx1[18:03:12] <phreebird> lunaphyte: How would you do it then, i have a similar setup[18:03:21] <rob0> And no, having a relayhost in mynetworks is a recipe for disaster.[18:03:26] <lunaphyte> [12.00.08] lunaphyte: use smtp auth. not mynetworks[18:03:48] <rob0> The relayhost is accepting YOUR mail for relay.[18:04:11] <rob0> If you'll reciprocate that, you could get a mail loop.[18:04:28] <vvassilev> phreebird: mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 on mx1[18:04:46] <phreebird> vvassilev: Don't change anything. i'm very wrong apparently haha.[18:04:52] <phreebird> Pretty new to postfix.[18:05:12] *** synthroid has joined #postfix[18:05:18] <lunaphyte> allowing relaying,submission, etc based on source ip address is never a good idea[18:05:33] <vvassilev> phreebird: undestood.[18:05:47] <lunaphyte> it is only a *tolerable* idea, if there is some actual reason why it cannot be done the right way[18:06:36] <phreebird> So you'd setup SMTP auth on mx1[18:06:45] <phreebird> and configure SASL on the relayhost[18:06:53] <phreebird> That would be correct?[18:06:58] <lunaphyte> yes.[18:07:08] <lunaphyte> pki authentication would be acceptable as well[18:07:18] <phreebird> I have configuration changes to do then.[18:07:44] <lunaphyte> if it's not always a work in progress, then you're not making progress :)[18:07:54] <vvassilev> lunaphyte: I managed to relay the mail the way I wanted. So the initial suggestion in specifying the ip worked. The havoc was caused by me not using sendmail correctly + aggressive spam filtering in the relayhost.[18:08:14] <vvassilev> lunaphyte: and phreebird thanks a lot for the help.[18:08:25] <vvassilev> rob0: I will have a look at the logging thingy![18:08:26] <phreebird> vvassilev: You're going agaisnt best pracitices[18:08:38] <rob0> Even then (if some client cannot use AUTH for some reason) it's better to use check_client_access. The mynetworks/permit_mynetworks feature no longer seems like a good idea in 2016 as it did in the 1990s.[18:08:39] <phreebird> vvassilev: my inital statement was ill informed.[18:08:45] <vvassilev> !logs[18:08:45] <knoba> vvassilev: "logs" : Postfix logs to the mail facility of syslog. You can usually find them with ls /var/log/mail*; otherwise see your system's syslog server documentation. Also see !nologs and !mung[18:09:33] <vvassilev> phreebird: never mind, important is we ended up with a "proper" (I think) solution to my issue...[18:10:06] <phreebird> Hmm.[18:11:46] <phreebird> So SASL Auth is just basically acting as a mail client to relay?[18:13:59] <lunaphyte> i can't parse that[18:14:09] <phreebird> Hmm.[18:14:21] <phreebird> How could i create credentials for my relay host?[18:14:49] <lunaphyte> the same way you create credentials for other things that need credentials[18:15:22] <phreebird> sender_login_maps?[18:15:46] <lunaphyte> are you using sasl currently?[18:16:06] <phreebird> I'm unsure.[18:16:18] <lunaphyte> it would have been seomthing you specifically did[18:16:21] <lunaphyte> *something[18:16:53] <phreebird> Main mail server is a iredmail install.[18:16:58] <phreebird> I'm pretty sure it is.[18:17:09] <lunaphyte> oh. you'll have to poerate withing the constraints of that software then[18:17:17] <lunaphyte> bah[18:17:20] <lunaphyte> *operate[18:17:40] <phreebird> Ill just do a bit of trial and error.[18:18:15] *** vvassilev has quit IRC[18:19:36] *** doubletwist has joined #postfix[18:42:05] <phreebird> I'm going to go insane.[18:42:13] <phreebird> rsyslog is being a butt.[18:42:48] <Tuxick> gosh[18:43:01] <lunaphyte> i dumped rsyslog for syslog-ng a while back. i've not yet had any regrets[18:43:02] <Tuxick> is it logging at all?[18:43:06] <phreebird> nope.[18:43:13] <phreebird> Not even sure its listening on /dev/log[18:43:18] <Tuxick> sure you're not a systemd victim?[18:43:22] <lunaphyte> ugh[18:43:27] <Tuxick> journalctl -u postfix[18:44:20] <phreebird> ssudo here is the log[18:44:25] <phreebird> how did you know?[18:44:42] <lunaphyte> because eventually, everyone becoems a systemd victim[18:44:45] <lunaphyte> *becomes[18:44:50] <lunaphyte> it's only a matter of time[18:45:13] <phreebird> so murder systemd and restart rsyslog?[18:45:18] *** trepatudo has quit IRC[18:46:28] *** trepatudo has joined #postfix[18:46:56] <Tuxick> haha[18:47:08] *** Haudegen has quit IRC[18:47:09] <Tuxick> phreebird: ran into same disaster[18:48:14] <phreebird> I'm so confued right now.[18:48:18] <phreebird> never had to deal with this[18:48:54] <Tuxick> thank poettinger/redhat for that[18:51:43] *** jaybe has quit IRC[18:53:43] *** Motoko has joined #postfix[18:55:24] *** trepatudo has quit IRC[18:57:19] <phreebird> Finally.[18:57:24] <phreebird> goodness gracious.[18:57:37] <phreebird> Had to force rsyslog to bind to /dev/log/[18:59:59] *** trepatudo has joined #postfix[19:01:16] *** githogori has quit IRC[19:02:26] *** rfr__ has quit IRC[19:03:12] *** Haudegen has joined #postfix[19:05:15] *** Darcidride has joined #postfix[19:08:35] *** huddy has quit IRC[19:08:45] *** twisted` has quit IRC[19:08:49] *** ggherdov has quit IRC[19:08:51] *** dan_j has quit IRC[19:09:03] *** L235 has quit IRC[19:09:04] *** maedox has quit IRC[19:09:05] *** xpoint has quit IRC[19:09:09] *** faheem has quit IRC[19:09:13] *** boxrick1 has quit IRC[19:11:23] *** xpoint has joined #postfix[19:11:25] *** chachasmooth has quit IRC[19:11:27] *** githogori has joined #postfix[19:12:06] *** chachasmooth has joined #postfix[19:15:35] *** faheem has joined #postfix[19:17:13] *** vvassilev has joined #postfix[19:17:46] *** dan_j has joined #postfix[19:18:22] *** huddy has joined #postfix[19:20:10] *** twisted` has joined #postfix[19:20:17] *** L235 has joined #postfix[19:23:48] *** trepatudo has quit IRC[19:27:43] *** maedox has joined #postfix[19:29:02] *** donmichelangelo has joined #postfix[19:29:07] *** michelangelo has joined #postfix[19:29:16] *** michelangelo has quit IRC[19:30:03] *** trepatudo has joined #postfix[19:31:29] *** boxrick1 has joined #postfix[19:33:51] *** lucascastro has joined #postfix[19:37:58] *** trepatudo has quit IRC[19:38:17] *** lguru has joined #postfix[19:38:31] *** sphenxes has joined #postfix[19:38:38] *** KaiForce has joined #postfix[19:38:39] *** ggherdov has joined #postfix[19:39:42] *** jaybe_ has joined #postfix[19:41:02] *** trepatudo has joined #postfix[19:41:23] *** jaybe_ is now known as jaybe[19:41:29] *** lguru- has quit IRC[19:42:51] *** heroux has quit IRC[19:47:22] *** lucascastro has quit IRC[19:51:27] *** heroux has joined #postfix[19:53:20] *** lguru has quit IRC[20:00:07] *** Section1 has quit IRC[20:00:59] *** lucascastro has joined #postfix[20:03:00] *** lucascastro has quit IRC[20:11:18] *** lucascastro has joined #postfix[20:12:08] *** phreebird has quit IRC[20:23:00] *** huddy has quit IRC[20:25:09] *** beber_ has joined #postfix[20:33:08] *** fuchsi has joined #postfix[20:34:03] *** Merch^ has quit IRC[20:38:47] *** Merch^ has joined #postfix[20:44:44] *** r1ppa has joined #postfix[20:46:31] <r1ppa> trying to whitelist a domain or emails so that amavisd scanning is skipped, read some docs and wrote this..I see "matches" in the logs but still gets banned due to zip content, will the banned override the whitelist ? my example "map { $whitelist_sender{lc($_)}=1 } (qw(site.example.com));"[20:46:44] *** heroux has quit IRC[20:47:09] <jaybe> sounds a lot like an amavisd-new question[20:47:27] <r1ppa> indeed it is[20:47:44] <r1ppa> but postfix folken are smarter than the average bear, so why not ask here[20:47:58] <jaybe> ;)[20:48:01] <r1ppa> heh[20:51:18] <rob0> heeyyyyyyy Boo-boo![20:51:31] <rob0> Mister Ranger is after us! Run![20:55:42] *** Darcidride has quit IRC[20:59:16] *** synthroid has quit IRC[21:08:16] *** heroux has joined #postfix[21:30:55] *** vvassilev has quit IRC[21:31:26] *** heroux has quit IRC[21:31:40] *** vvassilev has joined #postfix[21:34:03] *** heroux has joined #postfix[21:36:41] *** sphenxes01 has joined #postfix[21:36:52] *** ced117 has joined #postfix[21:40:23] *** sphenxes has quit IRC[21:41:42] *** Quadro has quit IRC[21:44:36] *** trepatudo has quit IRC[21:46:44] *** trepatudo has joined #postfix[21:57:24] <doubletwist> Is there a postfix equiv of "keep_malformed" in exim?[21:57:51] <rob0> perhaps explain what that does?[21:58:17] <doubletwist> specifies the length of time to keep messages whose spool files have been corrupted in some way. This should, of course, never happen. At the next attempt to deliver such a message, it gets removed. The incident is logged.[21:58:53] *** Haudegen has quit IRC[21:58:59] <rob0> spool, meaning queue, in Postfix terms?[21:59:12] *** synthroid has joined #postfix[21:59:36] <doubletwist> Not entirely sure[22:00:21] <rob0> I'd think so, because only messages in the queue are having delivery attempts.[22:00:50] <rob0> Maybe poke around "man qmgr" and see what settings there are.[22:00:57] <doubletwist> ok[22:00:58] <doubletwist> thx[22:01:31] <rob0> I recommend the HTML version, qmgr.8.html, because that will have those settings hyperlinked to postconf.5.html[22:02:24] *** bjoe2k4 has quit IRC[22:06:49] *** FinboySlick has joined #postfix[22:06:50] *** FinboySlick has quit IRC[22:07:04] *** FinboySlick has joined #postfix[22:11:49] *** lucascastro has quit IRC[22:15:54] *** fuchsi has quit IRC[22:16:21] *** sphenxes01 has quit IRC[22:19:23] *** n-st has quit IRC[22:19:56] *** misterjack has quit IRC[22:20:46] <doubletwist> Looks like there's no real equiv - and probably not needed anyway[22:21:32] *** misterjack has joined #postfix[22:24:32] *** vvassilev has quit IRC[22:25:39] *** vvassilev has joined #postfix[22:30:04] *** Haudegen has joined #postfix[22:35:41] *** iGeni has quit IRC[22:37:36] *** ThomasKeller has joined #postfix[22:39:46] *** gu1lle_ has quit IRC[22:41:29] *** tonil has quit IRC[22:45:54] *** MacWinner has joined #postfix[22:47:00] *** robinho86 has quit IRC[22:47:11] *** synthroid has quit IRC[22:53:04] *** githogori has quit IRC[22:58:07] *** lucascastro has joined #postfix[23:05:21] *** githogori has joined #postfix[23:22:40] *** v1c3_ has joined #postfix[23:26:15] *** heroux has quit IRC[23:26:37] *** trepatudo has quit IRC[23:26:41] *** v1c3 has quit IRC[23:28:33] *** heroux has joined #postfix[23:29:19] *** afics has quit IRC[23:31:59] *** dimitry7 has joined #postfix[23:32:31] <dimitry7> Hi guys. I have been blocked in CBL and the reason abuseat.org gives me is this: This IP is infected with, or is NATting for a machine infected with TrojanDownloader:Win32/Ponmocup.A (Microsoft).[23:32:32] *** Toerkeium has joined #postfix[23:32:46] <dimitry7> but I have debian installed, it doesn't make sense to me.[23:33:56] *** trepatudo has joined #postfix[23:36:02] <doubletwist> I'm using relay_domains and relay_recipients to direct a couple domains to common 'local' mailboxes via Cyrus lmtp. But is there a way to catch "postmaster at one dot example.com" and "postmaster at two dot example.com" before they get relayed to cyrus?[23:36:54] <doubletwist> Rather, I'm sure there is, but not sure what the appropriate way might be[23:37:20] <doubletwist> Since it doesn't get caught by the alias in /etc/aliases.[23:37:47] *** dstarh has quit IRC[23:38:07] <rob0> dimitry7, and you're not doing NAT for a compromised Windows machine on the same IP address?[23:38:10] *** afics has joined #postfix[23:39:02] <dimitry7> rob0, Just one windows servers, the rest of servers are Linux Debian and they use exim[23:39:48] <dimitry7> rob0, is there a way to find out the originating IP?[23:40:26] *** trepatudo has quit IRC[23:40:29] *** pti-jean_ has quit IRC[23:42:24] <rob0> block Windows from getting out on port 25. Logs attempts in your firewall, which is likely to be an overwhelming amount of logs in short order.[23:42:46] *** afics has quit IRC[23:43:49] <dimitry7> rob0, all right, let me do it right away[23:44:44] *** afics has joined #postfix[23:45:09] *** Batch has joined #postfix[23:45:55] *** trepatudo has joined #postfix[23:48:20] <dimitry7> rob0, done man![23:48:30] <dimitry7> should I request the removal?[23:51:34] <rob0> no, they'll do it quickly anyway[23:51:49] <rob0> but it might be nice to tell them it's cleaned up[23:52:02] <rob0> (did you find the offender?)[23:52:54] <thumbs> rob0 often offends me[23:53:06] <dimitry7> rob0, all right, I will tell them then. No, I had my LAN natted, but only a 2 windows servers relayed email. I will run a scan in both to see who's to blame :S[23:53:25] <rob0> something on the LAN, most likely.[23:58:31] <dimitry7> rob0, yeah, let's wait for what they say[23:58:34] <dimitry7> thank you rob0 !!