January 3, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
January 3, 2017 [00:00:25] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has quit IRC (Ping timeout: 258 seconds)[00:04:09] *** infides_afk <infides_afk!~infides@p5B167B3E.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 256 seconds)[00:11:08] <rob0> heh[00:17:10] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[00:18:19] *** JanC <JanC!~janc@lugwv/member/JanC> has quit IRC (Ping timeout: 256 seconds)[00:18:21] *** JanC_ is now known as JanC[00:19:37] *** Deathrattle <Deathrattle!~death@p200300868A0B0A010000000000000003.dip0.t-ipconnect.de> has quit IRC (Quit: bye)[00:35:34] <lunaphyte> wow. 7 whole minutes[00:42:22] <seebs> elsechannel, i saw someone being upset because they had not gotten a timely response to a question about a software project today or yesterday. because, as you know, most developers are at work and actively monitoring IRC on the 1st and 2nd of January.[00:49:01] <rob0> indeed ... and entitlement[00:53:19] <seebs> ... which reminds me, although my short-term issues are adequately resolved, I have now concluded that I do not actually *understand* the interactions of various parts of virtual alias mapping, etcetera.[00:54:05] <seebs> So, assume for the sake of argument a postfix config which includes at least one virtual host map. I have a bunch of entries for user1 at example dot com, user2 at example dot com, and so on.[00:54:13] <rob0> tell what "parts" you mean (parts is parts)[00:54:35] <seebs> For some reason, people whose email I actually want to receive have become convinced that they need to send mail to user1 at foo dot example.com, etcetera.[00:55:03] <seebs> If I add a regexp-type virtual mapping for (.*) at foo dot example.com -> $1 at example dot com, that works... sort of.[00:55:04] <rob0> okay, "virtual host map" is not clear. Does that mean the domain is in virtual_alias_domains?[00:55:09] <seebs> Yeah.[00:55:47] <seebs> But at that point, if there's a user1 at example dot com map, but isn't a user3 at example dot com map, mail to user3 at example dot com is rejected at RCPT TO because there's no entry for it in the map.[00:56:07] <seebs> But mail to user3 at foo dot example.com is accepted at rcpt to, then turns into mail to user3 at example dot com, then bounces.[00:56:21] <seebs> And since it's not during the initial transaction, I create backscatter, making me a bad person.[00:56:28] <rob0> yes[00:56:54] <rob0> Bad bad naughty seebs ... we will have ... a SPANKING[00:57:19] <seebs> But I don't want to duplicate my (possibly large) set of specific user mappings for user at example dot com as user at foo dot example.com.[00:57:33] <rob0> regexp mapping is risky[00:58:09] <seebs> And I feel like there ought to be some way to express a mapping that wants to cause a reject during the initial transaction if its result does not look valid.[00:58:09] <rob0> generating your entire list of specific mappings: that's the Will of Landru[00:58:35] <rob0> (sorry for the mixed pop culture references)[00:58:50] <seebs> Casual study of the documentation did not give me a clear understanding of at what point in the recipient checks, etc., virtual host/user mapping happens.[00:59:10] <seebs> And I can't tell whether this is actually impossible, or I'm just bad at it. :P[00:59:26] <rob0> smtpd merely checks to see if the address is valid. It has no idea what might actually become of it.[01:01:34] <seebs> And it can tell that user3 at example dot com is invalid, in this example. So what I sort of want is a way to have the regexp map's output get treated the way it would have if it had been the original input.[01:01:48] <seebs> Namely, "if you're in a domain I think I do virtual mapping for, and not in the address table, that's invalid".[01:02:34] <rob0> !address_classes[01:02:34] <knoba> rob0: "address_classes" : http://www.postfix.org/ADDRESS_CLASS_README.html describes how Postfix deals with different classes of addresses: local, relay, virtual alias, virtual mailbox, and Internet.[01:02:54] <rob0> see that ^^ about virtual alias class.[01:03:36] <rob0> also note that alias resolution is recursive ... see virtual.5.html[01:03:38] <seebs> Valid recipient addresses are listed with the virtual_alias_maps parameter. The Postfix SMTP server rejects invalid recipients with "User unknown in virtual alias table". The default value is $virtual_maps for Postfix 1.1 compatibility.[01:03:42] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[01:03:43] <seebs> Yes.[01:04:04] <seebs> So, to expand the example a bit...[01:04:32] <seebs> if user1 at example dot com -> bob at example dot net, and user3 at example dot com isn't listed, and I have the .* at foo dot example.com -> $1 at example dot com mapping...[01:04:52] <seebs> The recursion causes user1 at foo dot example.com -> user1 at example dot com -> bob at example dot net, which is what I expect.[01:05:27] <seebs> But for user3, it does user3 at foo dot example.com->user3@example.com... but then it doesn't do what would have been done if that had been the address originally, which is say "this isn't found in address table".[01:05:29] <seebs> *thinks*[01:05:49] <rob0> right, it just won't work with a wildcard[01:06:25] <seebs> I think the behavior I *expected* is, if the result of a virtual address map is also in a virtual domain, clear the "we found a match in the address map" bit, and require that it actually show up in a map.[01:07:00] <seebs> So if it maps to user@localhost, or something in mydestinations, it's a "real" match, but if it maps to something else still in a virtual domain, it's not considered to have "matched" for reject/don't-reject purposes.[01:13:10] *** boubou <boubou!boubou@unaffiliated/boubou> has quit IRC (Killed (Sigyn (Spam is off topic on freenode.)))[01:14:13] *** Dat <Dat!dat@unaffiliated/dat> has joined #postfix[01:14:31] <Dat> Is a script required for dovecot replication?[01:20:53] *** Embassy <Embassy!~Embassy@41.193.220.26> has quit IRC (Quit: Leaving...)[01:23:29] <pj> Dat: ask in #dovecot[01:23:51] <rob0> and do try to be more specific, because "huh?"[01:24:34] *** samy1028 <samy1028!~samy1028c@63.251.72.10> has joined #postfix[01:24:44] <pj> I would assume he's talking about replicating the mailstore, but ...[01:26:07] *** boubou- <boubou-!boubou@unaffiliated/boubou> has joined #postfix[01:26:20] <Dat> yes replicating the mailboxes[01:26:52] *** Darcidride_ <Darcidride_!~Darcidrid@2a01:e35:8b4a:ca10:7ed1:c3ff:fe75:a966> has joined #postfix[01:28:09] <pj> still a question for #dovecot and it probably would help to clarify better.[01:28:40] <Dat> okay np[01:29:24] *** Darcidride_ <Darcidride_!~Darcidrid@2a01:e35:8b4a:ca10:7ed1:c3ff:fe75:a966> has quit IRC (Remote host closed the connection)[01:34:44] *** boubou- is now known as boubou[01:54:38] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.4.241> has joined #postfix[02:24:17] *** loothelion <loothelion!~Liam@104.131.124.72> has quit IRC (Changing host)[02:24:17] *** loothelion <loothelion!~Liam@csh/loothelion> has joined #postfix[02:45:22] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has joined #postfix[03:00:12] *** acosonic <acosonic!~acosonic@cable-188-2-106-196.dynamic.sbb.rs> has quit IRC (Ping timeout: 258 seconds)[03:09:39] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:15ec:ad24:4349:7dcf> has quit IRC (Quit: Bye.)[03:28:05] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[03:31:16] *** magyar_ <magyar_!~magyar@unaffiliated/magyar> has quit IRC (Quit: Riding the split)[03:38:05] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has quit IRC (Quit: Konversation terminated!)[04:04:25] *** magyar <magyar!~magyar@unaffiliated/magyar> has joined #postfix[04:09:20] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 246 seconds)[04:12:14] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:18:40] *** lisa_ <lisa_!~lisa@li1255-24.members.linode.com> has left #postfix[04:29:06] *** Southron <Southron!~Southron@unaffiliated/southron> has joined #postfix[04:34:45] *** magyar <magyar!~magyar@unaffiliated/magyar> has quit IRC (*.net *.split)[04:34:45] *** samy1028 <samy1028!~samy1028c@63.251.72.10> has quit IRC (*.net *.split)[04:34:45] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (*.net *.split)[04:35:06] *** magyar <magyar!~magyar@unaffiliated/magyar> has joined #postfix[04:35:06] *** samy1028 <samy1028!~samy1028c@63.251.72.10> has joined #postfix[04:35:10] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:35:11] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Max SendQ exceeded)[04:38:43] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has quit IRC (Ping timeout: 258 seconds)[04:39:45] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:43:43] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has joined #postfix[04:45:44] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[05:14:46] *** samy1028 <samy1028!~samy1028c@63.251.72.10> has quit IRC (Ping timeout: 248 seconds)[05:39:32] *** Qann <Qann!~Nomad@hades.golgeli.net> has joined #postfix[06:34:07] *** zapata <zapata!~zapata@2a02:b18:581:10:80aa:8497:9fc8:8107> has joined #postfix[06:41:56] *** daynaskully <daynaskully!~digifiv5e@unaffiliated/daynaskully> has quit IRC (Ping timeout: 246 seconds)[06:42:49] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Quit: Quitter!)[06:46:16] *** daynaskully <daynaskully!~digifiv5e@unaffiliated/daynaskully> has joined #postfix[06:52:16] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[07:12:27] *** mclosson <mclosson!~mclosson@68-205-9-246.res.bhn.net> has joined #postfix[07:17:33] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[07:18:46] *** JanC <JanC!~janc@lugwv/member/JanC> has quit IRC (Killed (barjavel.freenode.net (Nickname regained by services)))[07:18:46] *** JanC_ is now known as JanC[07:37:08] *** Southron <Southron!~Southron@unaffiliated/southron> has left #postfix ("Textual IRC Client: www.textualapp.com")[08:10:22] *** fredl <fredl!fredl@nat/ibm/x-xqmogfjqensoidup> has joined #postfix[08:12:52] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has quit IRC (Read error: Connection reset by peer)[08:15:13] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has joined #postfix[08:15:13] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has quit IRC (Changing host)[08:15:13] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has joined #postfix[08:19:08] <fredl> Hello[08:19:53] <fredl> I seem to have a bit of difficulties with virtual_alias_maps[08:22:18] <fredl> I have virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf in my main.cf[08:23:59] <fredl> And when I do 'postmap -q aliased at mydomain dot com mysql:/etc/postfix/mysql_virtual_alias_maps.cf' it gives me the expected output[08:24:20] <fredl> But when I send email to aliased at mydomain dot com Postfix bounces it[08:24:30] <fredl> with no such user[08:26:10] <fredl> I tried putting some verbosity in the syslogging with -vvv but while I do see mention of the mysql_virtual_alias_maps, there's just so much output that I don't understand it anymore[08:27:14] <fredl> Could anybody please help me figure out what's going on?[08:35:29] <golden_receiver> is the domain in virtual domains?[08:35:55] <golden_receiver> virtual_mailbox_domains[08:44:44] *** Niemi <Niemi!niemi@gateway/shell/devio.us/x-yimltirasktyblvp> has quit IRC (Quit: bb all)[08:45:40] *** froz-gab <froz-gab!~froz-gab@ip-47-24.sn2.clouditalia.com> has joined #postfix[08:51:55] <fredl> hi golden_receiver[08:52:16] <fredl> the virtual_mailbox_domains is set to $virtual_alias_maps[08:52:59] <fredl> oops nope...[08:53:09] <fredl> virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf[08:55:42] <golden_receiver> does it respond with postmap for that domain? is the virtual domain _not_ listed in mydestination? :)[08:59:10] <fredl> yup, the mail works fine, I can deliver emails to user's mailboxes without problem[08:59:33] <fredl> Just not the virtual aliases for some reason[09:00:59] <fredl> How do I test what you want to know about postmap?[09:10:04] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[09:13:59] <survietamine> maybe by just pasting your log snippet and config as suggested in !getting_help[09:14:58] <survietamine> also, di you answer golden_receiver question about not having that domain in mydestination?[09:15:04] <survietamine> s/di/did[09:23:14] *** joulez <joulez!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[09:25:17] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Ping timeout: 246 seconds)[09:29:48] <fredl> Hmm well...[09:30:11] <fredl> in postconf|gre mydestination I *do* see $virtual_alias_maps[09:30:28] <fredl> oh no, wait, sorry[09:30:36] <fredl> that's in proxy_read_maps[09:31:05] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC ()[09:31:10] <fredl> So no, that domain is not in mydestination.[09:33:41] <survietamine> lol[09:33:50] <survietamine> why don't you just paste your config?[09:34:21] <survietamine> if you don't want to reveal your domain, just replace all occurences with your text editor with example.org[09:42:52] <fredl> Oh I can paste my config, no problem :)[09:45:32] <fredl> except my employer has blocked the most obvious pastebins :)[09:45:59] <fredl> Is there a pastebin you know of where I can easily upload something with wget or so?[09:46:16] <survietamine> !pastebin[09:46:16] <knoba> survietamine: "pastebin" : a pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, or pastebin.ca. Please avoid ad-supported sites such as pastebin.com if possible.[09:46:50] <survietamine> I'm using paste.ee but no idea if it will work for you[09:47:35] <survietamine> there is also some command line tools like ix.io[09:47:45] <survietamine> it's like sprunge[09:48:44] <golden_receiver> employers block paste bins?[09:48:45] <golden_receiver> :O[09:49:15] <fredl> ah ix.io looks cool[09:49:15] <survietamine> paranoid employer but looks like they lack some mail basics :p[09:49:20] <fredl> Well yeah...[09:49:23] <fredl> haha :)[09:50:00] <fredl> isn't there an option to filter potentially sensitive lines out of postconf?[09:50:07] <survietamine> I'm myself very bad postmaster but we are not paranoid :p[09:50:10] <fredl> lemme see that I post it on ix.io[09:50:41] <survietamine> what do you think will be sensitive except your domains?[09:50:48] <fredl> uhhh[09:50:54] <fredl> dunno, lemme see[09:51:22] <survietamine> !showconfig[09:51:22] <knoba> survietamine: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[09:51:59] <survietamine> you really have a lot of lines from ''postconf -nf''?[09:52:29] <fredl> nah not so much[09:52:40] <fredl> but bear with me guys, I'm also supposed to be working :P[09:53:11] <survietamine> hmm, this is not for your work?[09:53:15] <survietamine> I'm at work too[09:53:47] <fredl> ah I love ix.io[09:54:01] <fredl> http://ix.io/1P1m[09:54:08] *** infides_afk <infides_afk!~infides@p5B167C5E.dip0.t-ipconnect.de> has joined #postfix[09:54:17] *** mclosson <mclosson!~mclosson@68-205-9-246.res.bhn.net> has quit IRC (Quit: leaving)[09:54:19] <fredl> no not for my work, well not for my job-work[09:55:43] <fredl> see? no shocker there I think, so bit of surprised why it doesn't seem to honor that virtual_alias_maps somehow[09:56:22] <golden_receiver> postmap -q domain.tld mysql:/etc/postfix/mysql:/etc/postfix/mysql_virtual_domains_maps.cf[09:56:25] <golden_receiver> returns the domain?[09:57:21] <golden_receiver> ix.io indeed looks cool :)[09:57:41] <fredl> yeah[09:57:43] <fredl> root@omega-vm:~# postmap -q iwantisell.com mysql:/etc/postfix/mysql_virtual_domains_maps.cf[09:57:43] <fredl> iwantisell.com[09:57:45] <fredl> workie[09:58:22] <fredl> most of the database gets populated through use of postfixadmin anyway[09:59:44] <golden_receiver> can you remove -vvv from smtp and paste the past logs?[10:00:09] <golden_receiver> oh, you already removed it[10:01:08] <golden_receiver> since smtp is chrooted I think it may need proxy:mysql:/path[10:02:33] *** BigRedS1 <BigRedS1!~avi@217.207.137.139> has joined #postfix[10:04:01] <fredl> hmm, lemme simply try and send an email to an existing but not working address....[10:05:12] <fredl> It just doesn't really say much meaningful to me[10:13:47] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has joined #postfix[10:15:29] <Rembo> hello everyone, i'm using postfix and i want to send emails through port 465 and 993 using SSL, how can i do this?[10:15:55] <pj> !smtps[10:15:55] <knoba> pj: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[10:16:03] <pj> !imaps[10:16:03] <knoba> pj: Error: "imaps" is not a valid command.[10:16:19] <pj> 993 is IMAPS, which is not part of postfix[10:16:22] <pj> !imap[10:16:22] <knoba> pj: "imap" : IMAP is an application layer Internet protocol that allows a client (MUA) to access mailboxes on a remote server (see: http://en.wikipedia.org/wiki/IMAP). Postfix does not provide IMAP (or POP3) service; see !courier or !dovecot for common IMAP/POP3 choices.[10:18:39] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has quit IRC (Remote host closed the connection)[10:21:10] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has joined #postfix[10:30:48] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has quit IRC (Remote host closed the connection)[10:35:00] <fredl> golden_retriever, apologies had to work on issue here at work for a bit[10:35:59] *** markus_e92 <markus_e92!~markus_e9@91-115-17-237.adsl.highway.telekom.at> has quit IRC (Ping timeout: 256 seconds)[10:36:03] <fredl> golden_receiver, I checked the SMTP log when sending email to an alias but it really doesn't add any extra info other than that it says it can't find the marketing at iwantisell dot com alias[10:37:01] <fredl> golden_receiver, also, I have several of such mysql maps as you can see in my config... they all work fine, except for the virtual_mail_aliases so I don't think it has anything to do with proxy:mysql:/path....[10:37:48] *** markus_e92 <markus_e92!~markus_e9@91-115-20-118.adsl.highway.telekom.at> has joined #postfix[10:44:39] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has joined #postfix[10:51:45] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has quit IRC (Remote host closed the connection)[10:57:42] *** markus_e92 <markus_e92!~markus_e9@91-115-20-118.adsl.highway.telekom.at> has quit IRC (Ping timeout: 248 seconds)[10:59:14] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has joined #postfix[10:59:20] *** markus_e92 <markus_e92!~markus_e9@62-46-102-145.adsl.highway.telekom.at> has joined #postfix[11:16:14] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has quit IRC (Ping timeout: 246 seconds)[11:17:36] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has joined #postfix[11:26:56] *** andi____ <andi____!~andi@shell.sixhop.net> has left #postfix[11:33:20] *** sphenxes01 <sphenxes01!~sphenxes@81-5-227-211.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 260 seconds)[11:33:30] *** sphenxes <sphenxes!~sphenxes@81-5-227-211.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 258 seconds)[11:35:32] *** sphenxes01 <sphenxes01!~sphenxes@81-5-227-211.hdsl.highway.telekom.at> has joined #postfix[11:37:00] *** sphenxes <sphenxes!~sphenxes@178-190-200-191.adsl.highway.telekom.at> has joined #postfix[11:37:56] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has joined #postfix[11:40:43] *** sphenxes01 <sphenxes01!~sphenxes@81-5-227-211.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 272 seconds)[11:54:50] *** equilibriumuk <equilibriumuk!~equilibri@2602:ffda:aaa::2194:1ef2> has quit IRC (Ping timeout: 246 seconds)[11:57:35] *** equilibriumuk <equilibriumuk!~equilibri@2602:ffda:aaa::2194:1ef2> has joined #postfix[12:07:49] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 264 seconds)[12:14:05] *** blackflow <blackflow!~blackflow@unaffiliated/blackflow> has joined #postfix[12:14:35] *** aardbolreiziger <aardbolreiziger!~aardbolre@lw-fiber.dbcorp.nl> has quit IRC (Quit: Leaving...)[12:15:24] <blackflow> Hello. I'm using database lookups for virtual maps, domains and aliases. I want to limit the maximum number of connections made to the database (Postgres). One option is to use pgpool, but I was wondering if there's an option (direct or indirect via, say, limiting smtpd processes or something) to do it with Postfix?[12:16:41] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has joined #postfix[12:17:33] <blackflow> From what I read, there's no config option for direct db lookups limit, but there's the ability to set the maximum number of smtpd processes via "maxproc" column of master.cf? But, what will happen if more than that number of connections try to come in? Accepted but queued? Or denied?[12:20:36] <petn-randall> blackflow: Why do you want to limit the amount of connections? Postgres should easily handle any amount postfix needs.[12:21:05] *** d0nn1e <d0nn1e!~d0nn1e@cpe-104-138-218-156.triad.res.rr.com> has quit IRC (Ping timeout: 246 seconds)[12:21:15] <blackflow> because the database is not serving only the postfix daemon and this looks like an easy DoS vector to cause connections dropped for those other services that ARE limited in number of connections.[12:22:30] *** Section1 <Section1!~section1@190.195.71.40> has joined #postfix[12:22:37] <petn-randall> blackflow: Good point. To my knowledge the maxproc parameter is the only way.[12:22:42] *** d0nn1e <d0nn1e!~d0nn1e@cpe-104-138-218-156.triad.res.rr.com> has joined #postfix[12:23:51] <blackflow> petn-randall: but are they qued, or how is it done internally? if I set that limit to N, and I get N+1 connection attempt to smtpd, what will happen ?[12:23:57] <blackflow> *queued[12:24:49] <blackflow> I mean, from my limited knowledge of networking I know programs can accept a connection but still have only N number of worker threads/processes that actually serve accepted connections, so the client is not hard-denied, just slowed down in responses.[12:25:05] <blackflow> and I mean literally accept()[12:29:53] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has quit IRC (Ping timeout: 256 seconds)[12:30:50] <blackflow> I think I'll do both, smtpd proc limit to 2x average and a pgpool backend, just in case. Still, was curious how it's all working internally.[12:33:29] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[12:36:15] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has joined #postfix[12:41:17] *** bolt <bolt!~r00t@unaffiliated/bolt> has quit IRC (Ping timeout: 245 seconds)[12:45:58] *** bolt <bolt!r00t@unaffiliated/bolt> has joined #postfix[12:48:50] <petn-randall> blackflow: That would be a question of how postgres handles it, though, since it's acting as the server in this case. Worst case is following: smtpd accepts the SMTP connection, tries to do a lookup, and either stalls for a while or gets an error. In the latter case the SMTP client will get a 4xx error and will try again some time later.[12:51:16] <blackflow> petn-randall: ah, no, I meant how postfix handles it, if I limit maxprocs for smtpd.[12:52:04] *** benone <benone!~benone@web.tiangola.co.ao> has quit IRC (Ping timeout: 248 seconds)[12:56:21] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has quit IRC (Quit: Konversation terminated!)[12:57:05] <blackflow> And btw, I have a situation, double mail deliveries via lmtp (Dovecot). The mail is sent to admin@. I have a bcc_recipient_map to forward a copy to vlad@. But I also have content_filter=spamassassin for the smtpd service.[12:57:08] <blackflow> https://dpaste.de/qPph[12:57:46] <blackflow> It seems like bcc_recipient_map causes forwarding independent of content_filter, and then as spamassassin re-inject the mail via pickup, it again consults bcc_recipient_map.[12:57:53] *** benone <benone!~benone@web.tiangola.co.ao> has joined #postfix[12:59:54] <blackflow> I should set -o bcc_recipient_map= (empty) for spamassassin entry in master.cf? https://dpaste.de/RssW[13:07:38] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has joined #postfix[13:08:40] *** mungustas <mungustas!~arnas@92.61.33.111> has joined #postfix[13:11:28] <Rembo> i'm getting this after i enable selfsign certificate in my postfix config: https://hastebin.com/qeputizado.swift can someone help? many thanks[13:11:43] <blackflow> no, wait, not for spamassassin but pickup, right? that should be okay, no local sendmail is being used on that server so it doesn't have to consider bcc[13:12:33] <blackflow> Rembo: well yes, self-signed cert. Why not something like letsencrypt?[13:13:36] <Rembo> blackflow, what does letsencrypt? generate free ssl certs?[13:14:54] <blackflow> yeah, and there are clients that automate renewal. I recommend dehydrated (ex. letsencrypt.sh).[13:16:24] <Rembo> ok, sounds pretty nice, i'll install later, right now i need to make this work with my selfsign certificate, i can receive mails on 993 but i cannot send through 465, can you please help?[13:17:31] <blackflow> Rembo: the only way I can think of is if you add your CA you signed it with, to your local CA chain on the server[13:18:57] <Rembo> blackflow how can i do this? i'm using Centos 6 + ISPManager, postfix as email server[13:19:23] *** mxyzptlkfishstix <mxyzptlkfishstix!~mxyzptlkf@cpe-2606-A000-1503-C0EF-3D69-2E7A-20FA-C8F6.dyn6.twc.com> has quit IRC (*.net *.split)[13:19:23] *** Aprogas <Aprogas!aprogas@enki.aprogas.net> has quit IRC (*.net *.split)[13:19:23] *** fireglow <fireglow!fireglow@fireglow.su> has quit IRC (*.net *.split)[13:19:23] *** dxtr <dxtr!f821297f@unaffiliated/dxtr> has quit IRC (*.net *.split)[13:19:23] *** giesen <giesen!~ggiesen@2001:19f0:0:1019:5400:ff:fe25:bda6> has quit IRC (*.net *.split)[13:19:23] *** tomocha_______ <tomocha_______!tomocha@tomocha.v6.gyojya.jp> has quit IRC (*.net *.split)[13:19:23] *** systeem <systeem!~systeem@2001:bc8:24e8:800:a:27ba:0:c9f1> has quit IRC (*.net *.split)[13:19:23] *** drexter <drexter!~drexter@stockeld.se> has quit IRC (*.net *.split)[13:19:23] *** TAARs <TAARs!~user@unaffiliated/taars> has quit IRC (*.net *.split)[13:19:29] <blackflow> Rembo: and oh, wait, sorry, I was reading that paste completely wrong. the message you get is that the domain is unknown[13:19:31] *** systeem <systeem!~systeem@2001:bc8:24e8:800:a:27ba:0:c9f1> has joined #postfix[13:19:33] *** Aprogas_ <Aprogas_!aprogas@enki.aprogas.net> has joined #postfix[13:19:34] *** dxtr <dxtr!b1015d9e@unaffiliated/dxtr> has joined #postfix[13:19:38] *** fireglow <fireglow!fireglow@2001:bc8:3353:200::1337> has joined #postfix[13:19:40] *** drexter <drexter!~drexter@2001:470:28:3f6:e2cb:4eff:fe81:6726> has joined #postfix[13:19:44] *** TAARs <TAARs!~user@unaffiliated/taars> has joined #postfix[13:19:44] *** giesen <giesen!~ggiesen@2001:19f0:0:1019:5400:ff:fe25:bda6> has joined #postfix[13:19:47] *** mxyzptlkfishstix <mxyzptlkfishstix!~mxyzptlkf@cpe-2606-A000-1503-C0EF-5CCE-13A3-46E-7640.dyn6.twc.com> has joined #postfix[13:19:48] *** tomocha_______ <tomocha_______!tomocha@tomocha.v6.gyojya.jp> has joined #postfix[13:20:04] <Rembo> blackflow, on 25 port works perfect but not on 465[13:20:13] <blackflow> Rembo: that's the rDNS, you probably have reject_unknown_reverse_client_hostname in your recipient restrictions or something like that[13:21:16] <Rembo> in master.cf or main.cf ?[13:21:21] <blackflow> wherever[13:21:27] <Rembo> dovecot or postfix conf?[13:21:30] <petn-randall> blackflow: IIRC every proc only opens at most one connection to the database.[13:21:32] <blackflow> in master.cf for specific service[13:22:42] <blackflow> petn-randall: yea but that part is not a problem, I meant maxprocs for smtpd service. Regardless of database. If I set N smtpd process max, and I get N+1 connection to smtpd (not database), what will the smtp client see?[13:23:17] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has quit IRC (Ping timeout: 248 seconds)[13:24:31] <Rembo> blackflow: i don't have any reject_unkown_reverse setup in master.cf , https://hastebin.com/rejificoje.nginx[13:26:19] <Zerberus> Rembo: remove line 112[13:26:36] <Zerberus> anyhow SMTPS has never been a valid approach[13:26:40] <petn-randall> blackflow: They first hit postscreen (assuming it's configured), but in the case of N+1 connections to smtpd the client will get a connection rejected message, in that case it'll retry.[13:26:41] <Zerberus> !smtps[13:26:41] <knoba> Zerberus: "smtps" : Port 465 is smtps, SMTP over SSL, a deprecated means of submission. This means that smtps should *not* be used, and that this factoid exists for historical purposes only and should not be implemented. See !submission for smtps' successor. That being said, Postfix can implement smtps with a separate smtpd(8) listener with \"-o smtpd_tls_wrappermode=yes\". See the commented example in master.cf.[13:27:49] <Zerberus> !tell Rembo getting_help[13:27:49] <knoba> Rembo: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[13:28:39] <Zerberus> Rembo: sum up your complete Postfix configuration as per showconfig as well your relevant log content in a single pastebin[13:30:00] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has joined #postfix[13:32:17] *** pti-jean_ <pti-jean_!~quassel@7.41.124.78.rev.sfr.net> has joined #postfix[13:36:29] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has quit IRC (Quit: Konversation terminated!)[13:36:37] <Rembo> http://pastebin.com/W5TdDmcQ[13:38:53] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has joined #postfix[13:40:04] <Zerberus> Rembo: you didn't do it correct[13:40:31] <Zerberus> Rembo: postconf -n and not the main.cf file[13:41:18] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has joined #postfix[13:41:37] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has quit IRC (Client Quit)[13:42:08] <Rembo> Zerberus: i commented in master.cf this line #smtps inet n - n - - smtpd[13:42:18] <Rembo> this was the line 112 in master.cf[13:42:21] <blackflow> petn-randall: ah good, thanks.[13:44:33] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has joined #postfix[13:44:44] <Zerberus> Rembo: why do you try to make use of SMTPS anyhow?[13:45:01] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[13:46:20] *** AnHry <AnHry!~x@a94-132-78-87.cpe.netcabo.pt> has quit IRC (Client Quit)[13:46:20] <Zerberus> Rembo: deactivate the SMTPS settings in master.cf and instead make use of the submission entries in same file[13:47:02] <Zerberus> Rembo: and you mixed $mydomain and $myhostname[13:48:48] <Rembo> Zerberus: i did uncomment this: submission inet n - n - - smtpd[13:49:00] <Rembo> do i need to comment 465 inet n - n - - smtpd?[13:49:04] <Zerberus> Rembo: that is not sufficient[13:49:31] <Zerberus> Rembo: please make sure you understand the lines in master.cf you configure to use[13:53:23] <Rembo> Zerberus: http://pastebin.com/AndeqTNd[13:53:42] <Rembo> Zerberus: i have enable submission[13:54:58] <Zerberus> Rembo: no, you did it wrong[13:55:39] <Rembo> Zerberus, can you please pastebin the corect content of master.cf ?[13:55:48] <Zerberus> Rembo: lines 16-19 belong to it and are required[13:56:35] <Zerberus> and you broke the further configuration by your changes to activate SMTPS[13:57:55] <Zerberus> please understand what the instructions mean! lines 21-25 belong to line 20 setting which is commented and thus now are defined for submission line 15 - that's wrong[13:59:54] <Rembo> i did comment line 20 - 25[14:00:44] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Quit: Leaving)[14:01:19] <Rembo> Zerberus: i'm getting this in my maillog: warning: 92.55.144.175: hostname 92-55-144-175.tier.ro verification failed: Name or service not known[14:02:22] <Zerberus> Rembo: that hostname does not resolve either on my side[14:03:43] <Rembo> 92.55.144.175 ?[14:04:51] <Rembo> Zerberus you mean hostname of mailserver? mail.tiporomprint.ro ?[14:06:38] <Zerberus> 92-55-144-175.tier.ro is the hostname which does not resolve[14:06:58] <Zerberus> btw. that's just a warning, no hard error[14:07:33] <Rembo> Zerberus: i understand, but i cannot see what is the error[14:08:50] <Zerberus> Rembo: which error?[14:08:53] <Rembo> http://pastebin.com/hgf2hqAe[14:09:05] <Zerberus> Rembo: first make sure you properly configure the master.cf[14:09:40] <Zerberus> Rembo: line 5 of that pastebin[14:09:58] <Zerberus> Rembo: you did copy&paste from somewhere which does not match your current setup[14:10:27] <Rembo> this is my curent master.cf http://pastebin.com/bBAzHyKd[14:10:59] <Zerberus> Rembo: kick that in the dust and start with the original one provided by your postfix rom[14:11:01] <Zerberus> rpm[14:12:38] <Rembo> done[14:13:08] <Rembo> now, i need to enable submission?[14:13:42] <Rembo> Zerberus: now i have: http://pastebin.com/uD3cy5Lj[14:15:56] <Zerberus> Rembo: submission is relevant if your mail users submit messages for relaying[14:17:21] <Rembo> postfix/smtpd[3299]: warning: 92.55.144.151: hostname 92-55-144-151.tier.ro verification failed: Name or service not known[14:17:36] <Zerberus> Rembo: what the heck with line 105 in http://pastebin.com/uD3cy5Lj? that's not correct![14:17:55] <Zerberus> Rembo: again, what is so hard to understand about this warning?[14:18:10] <Zerberus> Rembo: the client connecting does not resolve[14:18:40] <Rembo> okey, i did comment the last line 105[14:19:05] <Zerberus> 92.55.144.151 resolves to 92-55-144-151.tier.ro. but not the other way[14:19:25] <Zerberus> Rembo: remove that nasty line 105 as it makes no sense at all[14:19:26] <Rembo> dovecot: imap-login: Disconnected (no auth attempts): rip=92.55.144.151, lip=85.204.22.143, TLS handshaking: Disconnected[14:19:40] <Zerberus> Rembo: irrelevant IMAP stuff[14:19:54] <Zerberus> Rembo: what is actually the problem you are facing?[14:20:14] <Rembo> i cannot add email address to my email client[14:20:53] <Zerberus> Rembo: configuring your MUA has not much to do with Postfix[14:23:16] <Rembo> Zerberus: i'm using dovecot as MUA/MTA[14:23:41] <Rembo> this is my dovecot.conf, http://pastebin.com/SbbrzREH[14:23:49] <Rembo> can you please take a look?[14:24:32] <lunaphyte> Rembo: dovecot questions go to #dovecot[14:25:17] <Zerberus> Rembo: dovecot is no MUA and no MTA[14:25:39] <thumbs> that too, yes[14:25:45] <Zerberus> Rembo: it is still not clear to me what's your problem[14:26:02] <thumbs> it can be loosely described as a MDA, if anything.[14:26:21] <lunaphyte> mra[14:26:31] <lunaphyte> which provides as part of it, an mda[14:26:40] <Rembo> Zerberus: i cannot add or configure email to work with ssl on 465 port[14:26:49] <lunaphyte> Rembo: port 465 should not be used[14:27:34] <Rembo> lunaphyte, i don't think 465 is in use, i also have disable iptables[14:28:14] <lunaphyte> good[14:28:23] <lunaphyte> then why would you be trying to use it?[14:28:50] <Zerberus> Rembo: I told you not to use SMTPS (port 465) but submission (port 587)[14:29:09] <Zerberus> that's the correct way to authenticate with a MUA like thunderbird[14:29:23] *** blackflow <blackflow!~blackflow@unaffiliated/blackflow> has left #postfix[14:29:30] <Zerberus> as well you will have to configure Postfix to use dovecot SASL[14:29:44] <Zerberus> !SASL[14:29:44] <knoba> Zerberus: "SASL" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.[14:29:59] <Rembo> Zerberus 587 is using the certificate?[14:30:23] <thumbs> Rembo: you should require STARTTLS for submission[14:30:30] <Zerberus> Rembo: yes, submission should only be enabled with TLS enforcement[14:30:47] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has joined #postfix[14:30:52] <Zerberus> that's all already in your master.cf, ready to be activated[14:34:20] *** d0nn1e <d0nn1e!~d0nn1e@cpe-104-138-218-156.triad.res.rr.com> has quit IRC (Ping timeout: 246 seconds)[14:34:30] <Rembo> Zerberus: it works on 587[14:34:53] <lunaphyte> then you're all set[14:35:59] *** DonRichie <DonRichie!~DonRichie@ricl.de> has quit IRC (Excess Flood)[14:36:19] *** DonRichie <DonRichie!~DonRichie@ricl.de> has joined #postfix[14:38:44] *** WakiMiko_ <WakiMiko_!~WakiMiko@unaffiliated/wakimiko> has quit IRC (Quit: WeeChat 1.6-rc2)[14:39:05] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has joined #postfix[14:43:23] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[14:47:23] *** Zumonchi <Zumonchi!~Zumochi@2001:41d0:e:dec::1> has quit IRC (*.net *.split)[14:47:23] *** busch <busch!~busch@mail.datenschleuder.com> has quit IRC (*.net *.split)[14:47:23] *** awpti <awpti!~awpti@awpti.org> has quit IRC (*.net *.split)[14:47:23] *** noc0lour <noc0lour!~quassel@prism.nocolour.de> has quit IRC (*.net *.split)[14:47:23] *** rob0 <rob0!rob0@pdpc/valentine/postfixninja/rob0> has quit IRC (*.net *.split)[14:47:23] *** ceptor <ceptor!~paul@zom.bi> has quit IRC (*.net *.split)[14:47:23] *** crane <crane!~crane@chat.craneworks.de> has quit IRC (*.net *.split)[14:47:23] *** hedmon <hedmon!~hedmon@185.8.239.156> has quit IRC (*.net *.split)[14:47:23] *** ikonia <ikonia!~irc@unaffiliated/ikonia> has quit IRC (*.net *.split)[14:47:23] *** tapout <tapout!~tapout@unaffiliated/tapout> has quit IRC (*.net *.split)[14:47:30] *** hedmon <hedmon!~hedmon@185.8.239.156> has joined #postfix[14:47:30] *** rob0 <rob0!rob0@harrier.slackbuilds.org> has joined #postfix[14:47:30] *** rob0 <rob0!rob0@harrier.slackbuilds.org> has quit IRC (Changing host)[14:47:30] *** rob0 <rob0!rob0@pdpc/valentine/postfixninja/rob0> has joined #postfix[14:47:31] *** awpti- <awpti-!~awpti@awpti.org> has joined #postfix[14:47:37] *** crane <crane!~crane@chat.craneworks.de> has joined #postfix[14:47:39] *** ikonia <ikonia!~irc@unaffiliated/ikonia> has joined #postfix[14:47:55] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has quit IRC (Max SendQ exceeded)[14:48:31] *** ceptor <ceptor!~paul@zom.bi> has joined #postfix[14:48:56] *** markc_ <markc_!~markc@CPE-124-191-100-245.wxrb1.lon.bigpond.net.au> has joined #postfix[14:48:57] *** markc <markc!~markc@CPE-124-191-100-245.wxrb1.lon.bigpond.net.au> has quit IRC (Write error: Broken pipe)[14:49:03] *** Zumochi <Zumochi!~Zumochi@ns397618.ip-151-80-40.eu> has joined #postfix[14:49:03] *** Zumochi <Zumochi!~Zumochi@ns397618.ip-151-80-40.eu> has quit IRC (Changing host)[14:49:03] *** Zumochi <Zumochi!~Zumochi@unaffiliated/zumochi> has joined #postfix[14:49:17] *** fredl <fredl!fredl@nat/ibm/x-xqmogfjqensoidup> has quit IRC (Quit: Leaving)[14:49:42] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has quit IRC (Ping timeout: 248 seconds)[14:49:47] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has joined #postfix[14:52:46] *** markc_ <markc_!~markc@CPE-124-191-100-245.wxrb1.lon.bigpond.net.au> has quit IRC (Client Quit)[14:58:42] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has joined #postfix[15:13:48] *** ExoUNX <ExoUNX!~ExoUNX@unaffiliated/exounx> has joined #postfix[15:29:38] *** giesen <giesen!~ggiesen@2001:19f0:0:1019:5400:ff:fe25:bda6> has quit IRC (Ping timeout: 258 seconds)[15:30:19] *** giesen <giesen!quassel@ego.giesen.me> has joined #postfix[15:34:52] *** MACscr <MACscr!~MACscr@c-73-9-230-5.hsd1.il.comcast.net> has quit IRC (Read error: Connection reset by peer)[15:35:27] *** souther <souther!~souther@2605:6400:1:fed5:22:1ac:61c0:e24e> has quit IRC (Ping timeout: 245 seconds)[15:36:20] *** Poster <Poster!~poster@cpe-65-185-36-98.columbus.res.rr.com> has quit IRC (Read error: Connection reset by peer)[15:38:32] *** MACscr <MACscr!~MACscr@c-73-9-230-5.hsd1.il.comcast.net> has joined #postfix[16:09:02] *** Oclairi <Oclairi!~Oclair@212-88-15-162.adsl.highway.telekom.at> has joined #postfix[16:10:16] *** Oclair <Oclair!~Oclair@178-191-230-16.adsl.highway.telekom.at> has quit IRC (Ping timeout: 258 seconds)[16:15:18] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: No Ping reply in 180 seconds.)[16:16:25] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[16:26:47] *** tapout <tapout!~tapout@unaffiliated/tapout> has joined #postfix[16:27:47] *** busch <busch!~busch@mail.datenschleuder.com> has joined #postfix[16:37:53] *** souther <souther!~souther@2605:6400:1:fed5:22:1ac:61c0:e24e> has joined #postfix[16:59:54] *** froz-gab <froz-gab!~froz-gab@ip-47-24.sn2.clouditalia.com> has quit IRC (Remote host closed the connection)[17:00:25] *** froz-gab <froz-gab!~froz-gab@83.211.47.24> has joined #postfix[17:07:32] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.4.241> has quit IRC (Read error: Connection reset by peer)[17:07:55] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.4.241> has joined #postfix[17:12:15] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.4.241> has quit IRC (Ping timeout: 245 seconds)[17:35:43] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has joined #postfix[17:53:04] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[17:53:48] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has quit IRC (Remote host closed the connection)[17:54:05] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[18:03:01] *** tharkun_ <tharkun_!~tharkun@kvm5.telegraphics.com.au> has quit IRC (Ping timeout: 264 seconds)[18:03:57] *** BCB <BCB!448499c5@gateway/web/freenode/ip.68.132.153.197> has joined #postfix[18:04:19] <BCB> Trying debug this error message: server postfix/smtpd[20652]: fatal: invalid option: ?[18:06:00] <lunaphyte> !tell bcb getting_help[18:06:00] <knoba> bcb: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[18:07:11] <rob0> someone edited master.cf[18:07:50] <rob0> it could be a literal "?" character, or it could be some non-ASCII (suchn as UTF8) character.[18:09:14] <rob0> see /topic, "know your Unix basics", and only edit config files with editors which will retain 7-bit ASCII (no "smart quotes" nor "mdash" characters)[18:09:53] <rob0> nano will do the job if you're not wanting to wade into vim land[18:10:38] *** infides_afk <infides_afk!~infides@p5B167C5E.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 258 seconds)[18:11:43] *** infides_afk <infides_afk!~infides@p5B167C5E.dip0.t-ipconnect.de> has joined #postfix[18:17:29] <BCB> !getting_help[18:17:29] <knoba> BCB: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[18:18:09] <BCB> !relevant_logs[18:18:09] <knoba> BCB: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility (mail); filter such messages out unless asked not to.[18:29:16] <BCB> !pastebin[18:29:16] <knoba> BCB: "pastebin" : a pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, or pastebin.ca. Please avoid ad-supported sites such as pastebin.com if possible.[18:31:09] <BCB> rob0: I only see two literal "?" in the master.cf by they seem to be default configs.[18:31:12] <BCB> tlsmgr unix - - y 1000? 1 tlsmgr flush unix n - y 1000? 0 flush[18:31:21] <BCB> i'll paste up the rest[18:31:35] <BCB> !pastebin[18:31:35] <knoba> BCB: "pastebin" : a pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, or pastebin.ca. Please avoid ad-supported sites such as pastebin.com if possible.[18:33:10] *** infides_afk <infides_afk!~infides@p5B167C5E.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 248 seconds)[18:34:28] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:a1c6:22f3:23a7:608d> has joined #postfix[18:36:31] <rob0> well, this one would have been on a smtpd command line, and standalone[18:41:28] *** davidw <davidw!~davidw@apache/committer/davidw> has joined #postfix[18:42:24] <davidw> Hi - I've been googling, and saw some old messages about programmatically accessing the queue... Basically, I forward mail to a Google account, and some of it is spam that they reject as 'suspicious'. I'd like to grep for that and just remove it from the queue[18:44:16] <lunaphyte> yikes. defintiely don't forward mail to other systems. that's a cardinal no no [as you can see exactly why][18:44:33] <lunaphyte> in any case, the answer to your question is man postqueue and man postsuper[18:50:04] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has quit IRC (Remote host closed the connection)[18:54:15] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[18:54:30] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[18:58:32] <davidw> lunaphyte, I've had this server forever and have always just forwarded ... what should I be doing these days? Not sure I can point the MX record at google[18:59:11] <davidw> grep with context worked, but programmatic access would be nicer[19:01:16] <rob0> the right way to use gmail's mailstore with your own domain is indeed to have them host it[19:02:34] <rob0> another choice is to have them pull from you, I think they can do POP3 only (yuck) from external services[19:08:10] *** BigRedS1 <BigRedS1!~avi@217.207.137.139> has quit IRC (Quit: Leaving.)[19:08:18] <lunaphyte> newer versions of postfix can output json[19:08:30] <lunaphyte> maybe that would be programmatic enough for you[19:08:48] <lunaphyte> but using grep isn't not programmatic ;)[19:09:11] <lunaphyte> yes though, the right way to do this is to have google host your email if you want to use google for email[19:09:24] <lunaphyte> really, that should be a rather natural conclusion. not much of a revelation[19:11:30] *** Poster <Poster!~poster@cpe-65-185-36-98.columbus.res.rr.com> has joined #postfix[19:12:37] *** parasite_ <parasite_!~parasite@mar75-4-82-230-46-11.fbx.proxad.net> has quit IRC (Ping timeout: 264 seconds)[19:13:23] *** Deathrattle <Deathrattle!~death@p200300868A0DE3010000000000000002.dip0.t-ipconnect.de> has joined #postfix[19:16:21] <BCB> rob0: knoba: I had commented out a parameter when testing. When I restored the parameter the error went away. in trying to debug this i put debug_peer_list=<ip> but the log did not out put any addition info in the logs. I just kept getting this fatal error: https://dpaste.de/or7h/raw[19:17:04] <BCB> As I am trying to learn more about Postfix does anyone have any insight into that very vague error.[19:17:22] <rob0> you do not need verbose logging[19:17:52] <rob0> So my guess about you using a non-7bit editor was wrong?[19:19:15] <rob0> oh, the pastebin shows errors with smtp(8)[19:20:31] <rob0> looks like you have attempted to make a very complex configuration ... multiple instances[19:20:52] <BCB> rob0: yes three ips[19:21:02] <BCB> seems to be working now[19:22:36] <mcfate> lunaphyte, I've validated that everything's working right on that email server, thanks again for the assist the other day. :)[19:23:31] <mcfate> I had a little bit of stupid going on between mydomains and my virtual domain map, which I got sorted out, and that was the last apparent bit of SNAFU.[19:26:48] *** parasite_ <parasite_!~parasite@mar75-4-82-230-46-11.fbx.proxad.net> has joined #postfix[19:29:50] *** froz-gab <froz-gab!~froz-gab@83.211.47.24> has quit IRC (Remote host closed the connection)[19:54:57] *** Section1 <Section1!~section1@190.195.71.40> has quit IRC (Quit: Leaving)[20:00:05] <anexit> Anyway to parse a maillog that shows me the IP that send the most emails?[20:00:16] *** Oclairi <Oclairi!~Oclair@212-88-15-162.adsl.highway.telekom.at> has quit IRC (Quit: Bye Bye)[20:00:50] <seebs> lots of ways, but that's more a general programming question than a postfix question, I'd think?[20:02:32] <anexit> well you should be able to do it with grep[20:04:10] <anexit> Something like this...[20:04:20] <anexit> cat /var/log/maillog | grep " connect from " | wc -l[20:04:26] <anexit> but I want to see ips[20:04:56] *** acosonic <acosonic!~acosonic@cable-24-135-250-146.dynamic.sbb.rs> has joined #postfix[20:05:47] <jaybe> !pflogsumm[20:05:47] <knoba> jaybe: "pflogsumm" : a perl script to analyse your mail log file and generate nice reports. See: http://jimsun.linxnet.com/postfix_contrib.html (metalog users see the !mpflogsumm factoid)[20:07:34] <rob0> pflogsumm++[20:08:09] <anexit> Let me see[20:10:31] <anexit> wow[20:10:34] <anexit> perfect![20:14:00] <anexit> Thank[20:14:01] <anexit> s[20:21:49] <jaybe> `pflogsumm -d today -e --iso-date-time --mailq --rej-add-from --smtpd-stats --verbose-msg-detail --zero-fill /var/log/mail.log` # :)[20:29:32] <fling> wow[20:30:01] <anexit> maybe a |more[20:30:02] <anexit> haha[20:30:11] <fling> :P[20:30:20] <anexit> crips[20:30:38] <anexit> top spammer for today is... ajamag.com[20:30:40] <anexit> woo[20:33:56] <jaybe> `ssh mx 'pflogsumm -d today -e --iso-date-time --mailq --rej-add-from --smtpd-stats --verbose-msg-detail --zero-fill /var/log/mail.log' | mail -s "MX pflogsumm - $(date)" mxpflogsumm at example dot com`[20:35:44] *** mxyzptlkfishstix <mxyzptlkfishstix!~mxyzptlkf@cpe-2606-A000-1503-C0EF-5CCE-13A3-46E-7640.dyn6.twc.com> has quit IRC (*.net *.split)[20:35:44] *** TAARs <TAARs!~user@unaffiliated/taars> has quit IRC (*.net *.split)[20:35:44] *** drexter <drexter!~drexter@2001:470:28:3f6:e2cb:4eff:fe81:6726> has quit IRC (*.net *.split)[20:35:44] *** Aprogas_ <Aprogas_!aprogas@enki.aprogas.net> has quit IRC (*.net *.split)[20:35:44] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has quit IRC (*.net *.split)[20:35:44] *** Qann <Qann!~Nomad@hades.golgeli.net> has quit IRC (*.net *.split)[20:35:44] *** L235 <L235!L235@wikipedia/fsf.member.Lixxx235> has quit IRC (*.net *.split)[20:35:44] *** dan_j <dan_j!sid21651@gateway/web/irccloud.com/x-wmfbzbydhqczawxm> has quit IRC (*.net *.split)[20:35:45] *** xpoint <xpoint!sid133359@gateway/web/irccloud.com/x-fowfmyrlcsaiuoqb> has quit IRC (*.net *.split)[20:35:45] *** Penguin <Penguin!~xwQ5kwYl6@our.systems.are.full.of.penguins.at.penguinsystems.net> has quit IRC (*.net *.split)[20:35:45] *** max-m <max-m!~max-m@2a01:4f8:120:21d3:1337:242:ac11:3> has quit IRC (*.net *.split)[20:35:45] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has quit IRC (*.net *.split)[20:35:45] *** alexbligh1 <alexbligh1!~alexbligh@elgar.alex.org.uk> has quit IRC (*.net *.split)[20:35:45] *** bauruine <bauruine!~bauruine@2a01:4f8:130:8285:fefe::36> has quit IRC (*.net *.split)[20:35:45] *** kkj_ <kkj_!~kkj@irc.nixlab.io> has quit IRC (*.net *.split)[20:35:45] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has quit IRC (*.net *.split)[20:35:45] *** LaserAllan <LaserAllan!~Burn@campnorthernlight.com> has quit IRC (*.net *.split)[20:35:45] *** godlike <godlike!~godlike@unaffiliated/godlike> has quit IRC (*.net *.split)[20:35:46] *** ckuehl <ckuehl!ckuehl@nitrogen.techxonline.net> has quit IRC (*.net *.split)[20:35:46] *** k-man <k-man!~jason@unaffiliated/k-man> has quit IRC (*.net *.split)[20:35:46] *** Jikan <Jikan!~Jikan@noein.haruka.fr> has quit IRC (*.net *.split)[20:35:46] *** Sarodj <Sarodj!~pr0nstar@unaffiliated/sarodj> has quit IRC (*.net *.split)[20:35:51] *** kkj <kkj!~kkj@irc.nixlab.io> has joined #postfix[20:35:53] *** Aprogas <Aprogas!aprogas@enki.aprogas.net> has joined #postfix[20:35:55] *** LaserAllan <LaserAllan!~Burn@campnorthernlight.com> has joined #postfix[20:35:59] *** Jikan <Jikan!~Jikan@2001:41d0:8:7844::8> has joined #postfix[20:35:59] *** drexter <drexter!~drexter@stockeld.se> has joined #postfix[20:35:59] *** godlike <godlike!~godlike@vicarious.com.ar> has joined #postfix[20:36:00] *** ckuehl <ckuehl!ckuehl@nitrogen.techxonline.net> has joined #postfix[20:36:07] *** alexbligh1 <alexbligh1!~alexbligh@elgar.alex.org.uk> has joined #postfix[20:36:13] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has joined #postfix[20:36:13] *** godlike <godlike!~godlike@vicarious.com.ar> has quit IRC (Changing host)[20:36:13] *** godlike <godlike!~godlike@unaffiliated/godlike> has joined #postfix[20:36:26] *** max-m <max-m!~max-m@2a01:4f8:120:21d3:1337:242:ac11:3> has joined #postfix[20:36:34] *** ckuehl is now known as Guest51191[20:36:36] <lunaphyte> mcfate: glad to hear it[20:36:45] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has joined #postfix[20:36:47] *** mxyzptlkfishstix <mxyzptlkfishstix!~mxyzptlkf@cpe-2606-A000-1503-C0EF-5CCE-13A3-46E-7640.dyn6.twc.com> has joined #postfix[20:36:51] <mcfate> You and me both. :D[20:36:52] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has joined #postfix[20:37:01] *** Sarodj <Sarodj!~pr0nstar@unaffiliated/sarodj> has joined #postfix[20:37:08] <mcfate> And I took enough notes along the way that I think it's reproducible.[20:37:22] <mcfate> I want to try it again with dovecot on a different server next.[20:37:34] *** k-man <k-man!~jason@unaffiliated/k-man> has joined #postfix[20:38:03] *** Qann <Qann!~Nomad@hades.golgeli.net> has joined #postfix[20:38:04] *** TAARs <TAARs!~user@unaffiliated/taars> has joined #postfix[20:38:48] *** bauruine <bauruine!~bauruine@mail.tuxli.ch> has joined #postfix[20:39:41] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has quit IRC (Ping timeout: 272 seconds)[20:40:16] *** L235 <L235!L235@wikipedia/fsf.member.Lixxx235> has joined #postfix[20:40:49] <qtch> what's the difference between reject_rhsbl_helo AND reject_rhsbl_client ?[20:41:07] *** dan_j <dan_j!sid21651@gateway/web/irccloud.com/x-inelenfvoyloclri> has joined #postfix[20:41:45] *** xpoint <xpoint!sid133359@gateway/web/irccloud.com/x-asowhifxymjfsmtb> has joined #postfix[20:41:52] <lunaphyte> qtch: that is documented in postconf(5)[20:43:29] <qtch> lunaphyte: I took it from posconf(5) - reject_rhsbl_helo is taken from HELO/EHLO obviously but I don't know how reject_rhsbl_client is determined[20:43:50] <lunaphyte> both are documented there[20:44:06] <lunaphyte> if it's not clear, you'll have to expand upon why if we are to help clarify[20:44:48] <qtch> "Reject the request when the client hostname is listed with the A record" - what CLIENT HOSTNAME exactly means[20:45:08] <qtch> it is not revDNS probably because there's another option for this[20:51:33] <rob0> !fcrdns[20:51:33] <knoba> rob0: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost[20:52:06] <rob0> If forward and reverse do not match it is logged (and handled) as "unknown".[20:55:12] <qtch> rob0: ohh, I understand now - when "reject_rhsbl_reverse_client" only revdns is taken but when "reject_rhsbl_client" revdns is taken too but only when it resolves appropriate IP address[20:56:22] <qtch> otherwise [unknow] - thans[20:56:23] <jaybe> `ssh mx 'pflogsumm -d today -e --iso-date-time --mailq --rej-add-from --smtpd-stats --verbose-msg-detail --zero-fill /var/log/mail.log | mail -s "MX pflogsumm - $(date)" -r "MXPFLOGSUMM<mxpflogsummm at example dot com>" "<mxpflogsumm at example dot com>"'` # there we go[20:56:57] <lunaphyte> i could see some room for improvement in that documentation[20:57:24] <lunaphyte> i have a feeling though that wietse would not[21:01:26] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[21:01:41] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[21:02:44] <rob0> I think Wietse has known these things so long that he might lose touch with some of the common misconceptions people tend to have.[21:03:33] *** ghostlight <ghostlight!~ghostligh@ec2-54-187-97-144.us-west-2.compute.amazonaws.com> has joined #postfix[21:08:20] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has quit IRC (Quit: Conversation terminated!)[21:09:30] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has joined #postfix[21:11:51] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has quit IRC (Client Quit)[21:12:59] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has joined #postfix[21:15:08] *** tmberg <tmberg!tmberg@unaffiliated/tmberg> has quit IRC (Remote host closed the connection)[21:32:57] *** acosonic <acosonic!~acosonic@cable-24-135-250-146.dynamic.sbb.rs> has quit IRC (Quit: acosonic)[21:53:33] *** pingouin <pingouin!~pingouin@94.242.243.166> has joined #postfix[22:00:06] *** sphenxes01 <sphenxes01!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has joined #postfix[22:03:54] *** sphenxes <sphenxes!~sphenxes@178-190-200-191.adsl.highway.telekom.at> has quit IRC (Ping timeout: 272 seconds)[22:06:01] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has quit IRC (Quit: Conversation terminated!)[22:07:13] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has joined #postfix[22:11:35] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has quit IRC (Quit: Conversation terminated!)[22:16:13] *** RaiNerTsuFal <RaiNerTsuFal!~RaiNerTsu@akita.vtlx.cn> has joined #postfix[22:20:49] *** tmberg <tmberg!tmberg@unaffiliated/tmberg> has joined #postfix[22:23:11] *** Deathrattle <Deathrattle!~death@p200300868A0DE3010000000000000002.dip0.t-ipconnect.de> has quit IRC (Quit: bye)[22:28:06] *** jax <jax!~Adium@unaffiliated/jax> has joined #postfix[22:28:13] <jax> hi[22:28:34] <jax> hm, i'm getting a lot of spam from a certain domain and it appear to know lots of our internal email addresses (different domains)[22:28:44] <jax> unrelated local domains[22:29:12] <jax> could i be leaking out infos somehow or is this common?[22:32:21] <jax> i see the IP is on a blacklist: http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a5.230.102.162&run=toolpage[22:32:27] <jax> but apparently we are not using those RBLs[22:33:08] <jax> hm, though we are using reject_rbl_client zen.spamhaus.org[22:39:18] *** froz-gab <froz-gab!~froz-gab@ip-47-24.sn2.clouditalia.com> has joined #postfix[22:45:10] <lunaphyte> does zen list it?[22:45:34] <jax> Jan 3 22:38:48 lynx amavis[21493]: (21493-01) Open relay? Nonlocal recips but not originating: morosity at noir-mx dot com[22:45:38] <jax> that might be a problem[22:45:42] <jax> i updated amavis and am now getting this[22:45:49] <jax> zen IS listing it.[22:45:57] <jax> but apparently my postfix might be thinking this sender is local[22:46:35] <lunaphyte> !tell jax getting_help[22:46:35] <knoba> jax: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[22:46:42] <jax> working on it[22:46:50] <jax> trying to pull pieces together[22:49:57] <jax> lunaphyte: here is a relevant snippet[22:49:58] <jax> https://dpaste.de/WACj[22:50:11] <jax> the noir-mx.com is the offending sender which apparently is being classified as local[22:51:07] <jax> line 34 looks suspect[22:51:08] *** sphenxes <sphenxes!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has joined #postfix[22:51:12] <jax> https://dpaste.de/WACj#L34[22:52:44] *** sphenxes02 <sphenxes02!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 246 seconds)[22:52:54] *** sphenxes01 <sphenxes01!~sphenxes@85-90-156-246.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 248 seconds)[22:57:00] *** SupaYoshi <SupaYoshi!~SupaYoshi@104.223.1.186> has quit IRC (Max SendQ exceeded)[22:57:15] *** SupaYoshi <SupaYoshi!~SupaYoshi@104.223.1.186> has joined #postfix[23:02:14] *** ExoUNX <ExoUNX!~ExoUNX@unaffiliated/exounx> has quit IRC (Quit: I'm outta here)[23:24:48] <jax> seems it was due to a dns server change in /etc/resolve.conf so the local domain wasn't detected[23:24:55] *** pti-jean_ <pti-jean_!~quassel@7.41.124.78.rev.sfr.net> has quit IRC (Remote host closed the connection)[23:32:19] *** atmx_ <atmx_!~atmx@atmx.co> has quit IRC (Ping timeout: 265 seconds)[23:33:02] *** atmx <atmx!~atmx@atmx.co> has joined #postfix[23:36:11] <thumbs> jax: are you running a local DNS cache? And if not, why not?[23:36:37] <jax> i am, but the DNS changed with a config change[23:36:50] <jax> is fixed now[23:37:37] <rob0> I'd also consider changing whatever it is that's using DNS to determine address classes.[23:39:00] <jax> i only have mynetworks = 127.0.0.0/8[23:39:18] <jax> it is probably amavis that was doing something in regards to originating=1/0[23:39:21] <rob0> that's not it, unrelated[23:39:24] <jax> still trying to figure out[23:39:29] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has quit IRC (Quit: An alternate universe was just created where I didn't leave. But here, I left you. I'm sorry.)[23:43:14] <jax> does anybody have an idea why the statement appears on line 34 https://dpaste.de/WACj#L34[23:43:21] <jax> Open relay? Nonlocal recips but not originating: morosity at noir-mx dot com[23:43:27] <jax> its from amavis[23:44:22] <jax> seems to me it might be an amavis misconfig. trying to figure out where originating=1 is set[23:49:36] <jax> can any of these blacklists be used freely? we're only using spamhaus: http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a136.243.7.41&run=toolpage