February 2, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | >
February 2, 2017 [00:00:49] <rocktop> jaybe: but I can't still seeing email in mailbox[00:01:11] <jaybe> Well with a failure usually there is.... failure.[00:01:15] *** PHPanos <PHPanos!~textual@c-192371d5.035-201-73746f28.cust.bredbandsbolaget.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[00:01:39] <rocktop> jaybe: that all what I get from the log file[00:02:08] <jaybe> Is that plenty?[00:03:40] <rocktop> jaybe: that all what I get[00:04:00] *** phunyguy <phunyguy!~torpedo@ubuntu/member/phunyguy> has joined #postfix[00:05:52] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Ping timeout: 256 seconds)[00:21:23] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has joined #postfix[00:26:02] *** wwl <wwl!~wwl@ipbcc30dbd.dynamic.kabel-deutschland.de> has quit IRC (Quit: Nettalk6 - www.ntalk.de)[00:26:21] *** pankid <pankid!~quassel@mail.nschoonover.com> has joined #postfix[00:27:02] <pankid> any one else have problems sending to hotmail? My emails are always sent to the junk folder.[00:27:41] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[00:29:38] <rocktop> also I have this error : warning: mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf is unavailable. unsupported dictionary type: mysql[00:38:36] <lunaphyte> rocktop: ask whomever you got the software from how to add support for mysql[00:38:41] <lunaphyte> !tell pankid hotmail[00:38:41] <knoba> pankid: "hotmail" : http://www.circleid.com/posts/hotmail_running_own_smtp/ : See the !SenderID channel factoid too.[00:45:37] <pankid> so basically hotmail/microsoft sucks[00:46:20] <lunaphyte> right[01:06:11] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Remote host closed the connection)[01:09:40] *** infernix <infernix!nix@unaffiliated/infernix> has quit IRC (Ping timeout: 255 seconds)[01:18:48] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[01:25:51] *** Guest43 <Guest43!~textual@unaffiliated/rufus> has joined #postfix[01:47:18] *** traptrip <traptrip!~traptrip@brigaid.xs4all.nl> has quit IRC (Ping timeout: 256 seconds)[01:55:45] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[02:06:57] *** john51 <john51!~john@15255.s.t4vps.eu> has joined #postfix[02:10:48] *** infernix <infernix!nix@unaffiliated/infernix> has joined #postfix[02:11:40] *** john51_ <john51_!~john@15255.s.t4vps.eu> has quit IRC (Ping timeout: 256 seconds)[02:20:23] *** Dominian <Dominian!~dominian@opensuse/member/dominian> has quit IRC (Quit: WeeChat 1.5)[02:20:23] *** viderizer <viderizer!~viderizer@2001:19f0:6c01:1cf:5400:ff:fe35:ba6f> has quit IRC (Read error: Connection reset by peer)[02:25:56] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[02:34:04] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[02:49:14] <rjsalts> microsoft in general doesn't do smtp very well. even exchange has a few dubious design decision in that regard[02:49:58] *** rocktop_ <rocktop_!~rocktop@41.251.94.12> has joined #postfix[02:52:59] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[02:53:05] *** rocktop <rocktop!~rocktop@41.141.169.39> has quit IRC (Ping timeout: 240 seconds)[02:58:21] *** DaIRCKing <DaIRCKing!~gtaxlnetw@golden.server.gtaxl.net> has left #postfix[02:58:31] *** GTAXL <GTAXL!~gtaxlnetw@unaffiliated/gtaxl> has joined #postfix[03:04:37] *** Dominian <Dominian!~dominian@opensuse/member/dominian> has joined #postfix[03:05:46] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has quit IRC (Ping timeout: 264 seconds)[03:16:20] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Remote host closed the connection)[03:17:05] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[03:18:52] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has joined #postfix[03:21:28] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Ping timeout: 240 seconds)[03:26:57] *** Tourist <Tourist!~Tourist@unaffiliated/tourist> has joined #postfix[03:30:35] *** NightMonkey <NightMonkey!~NightMonk@pdpc/supporter/professional/nightmonkey> has joined #postfix[03:55:45] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[04:00:33] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[04:05:25] *** bolt <bolt!r00t@unaffiliated/bolt> has quit IRC (Remote host closed the connection)[04:09:04] *** bolt <bolt!r00t@unaffiliated/bolt> has joined #postfix[04:40:10] *** audiodef <audiodef!~quassel@static.207.9.4.46.clients.your-server.de> has quit IRC (Remote host closed the connection)[04:49:52] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 245 seconds)[04:52:09] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:56:55] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[05:01:18] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[05:10:02] *** Guest43 <Guest43!~textual@unaffiliated/rufus> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[05:17:11] *** audiodef <audiodef!~quassel@static.207.9.4.46.clients.your-server.de> has joined #postfix[06:20:06] *** dka_ <dka_!~dka@1.52.58.230> has joined #postfix[07:11:46] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 264 seconds)[07:11:46] *** crane <crane!~crane@chat.craneworks.de> has quit IRC (Ping timeout: 264 seconds)[07:12:02] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix[07:12:22] *** rednul <rednul!~rednul@219.163.48.199.static.reverse.as19531.net> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** NightMonkey <NightMonkey!~NightMonk@pdpc/supporter/professional/nightmonkey> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** gabizou <gabizou!~gabizou@irc.spongepowered.org> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** cedric_ <cedric_!~cedric@control.slider.be> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** Belgarath <Belgarath!nobody@banda.pl> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** FMan <FMan!~tropyx@dsl-kvlbrasgw2-50dcc3-5.dhcp.inet.fi> has quit IRC (Ping timeout: 264 seconds)[07:12:58] *** Nit_ <Nit_!nit@saphire.uk.to> has quit IRC (Ping timeout: 264 seconds)[07:13:13] *** Belgarath <Belgarath!nobody@banda.pl> has joined #postfix[07:13:34] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has quit IRC (Ping timeout: 264 seconds)[07:13:34] *** axisys <axisys!~axisys@unaffiliated/axisys> has quit IRC (Ping timeout: 264 seconds)[07:13:34] *** johnny56 <johnny56!~johnny56@unaffiliated/johnny56> has quit IRC (Ping timeout: 264 seconds)[07:13:34] *** chaas_ <chaas_!~quassel@moss.workaround.org> has joined #postfix[07:13:34] *** fiddlerwoaroof <fiddlerwoaroof!~fiddlerwo@unaffiliated/fiddlerwoaroof> has quit IRC (Ping timeout: 264 seconds)[07:13:34] *** cgt <cgt!~cgt@wikipedia/cgt> has quit IRC (Ping timeout: 264 seconds)[07:13:34] *** chaas <chaas!~quassel@moss.workaround.org> has quit IRC (Ping timeout: 264 seconds)[07:13:35] *** Nit_ <Nit_!nit@saphire.uk.to> has joined #postfix[07:14:14] *** cedric_ <cedric_!~cedric@control.slider.be> has joined #postfix[07:15:22] *** axisys <axisys!~axisys@unaffiliated/axisys> has joined #postfix[07:18:11] *** crane <crane!~crane@chat.craneworks.de> has joined #postfix[07:18:13] *** a_west <a_west!~a_west@82-183-13-131.customers.ownit.se> has joined #postfix[07:18:15] *** gabizou <gabizou!~gabizou@e3-1270v3.bl-ash0.1.1.2.10.k8.securedservers.com> has joined #postfix[07:18:19] *** fiddlerwoaroof <fiddlerwoaroof!~fiddlerwo@unaffiliated/fiddlerwoaroof> has joined #postfix[07:18:25] *** rednul <rednul!~rednul@219.163.48.199.static.reverse.as19531.net> has joined #postfix[07:18:43] *** NightMonkey <NightMonkey!~NightMonk@pdpc/supporter/professional/nightmonkey> has joined #postfix[07:26:09] *** cgt <cgt!~cgt@wikipedia/cgt> has joined #postfix[07:43:43] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[08:01:45] *** johnny56 <johnny56!~johnny56@unaffiliated/johnny56> has joined #postfix[08:02:38] *** Guest43 <Guest43!~textual@195.93.136.31> has joined #postfix[08:07:45] *** Guest43 <Guest43!~textual@195.93.136.31> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[08:22:11] *** sphenxes02 <sphenxes02!~sphenxes@194-118-226-112.hdsl.highway.telekom.at> has joined #postfix[08:25:36] *** sphenxes <sphenxes!~sphenxes@192-164-156-77.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 255 seconds)[08:25:41] *** sphenxes01 <sphenxes01!~sphenxes@192-164-156-77.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 258 seconds)[08:25:59] *** sphenxes <sphenxes!~sphenxes@194-118-226-112.hdsl.highway.telekom.at> has joined #postfix[08:36:35] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Ping timeout: 240 seconds)[08:41:49] *** shal3r <shal3r!~shal3r@80.233.239.138> has quit IRC (Quit: emerge life)[08:42:49] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[08:44:08] *** JanC is now known as Guest98802[08:44:08] *** Guest98802 <Guest98802!~janc@lugwv/member/JanC> has quit IRC (Killed (adams.freenode.net (Nickname regained by services)))[08:44:08] *** JanC_ is now known as JanC[08:44:21] *** shal3r <shal3r!~shal3r@80.233.239.138> has joined #postfix[08:46:33] *** srandon1213 <srandon1213!aafbcca1@gateway/web/freenode/ip.170.251.204.161> has joined #postfix[08:47:02] <srandon1213> hello all, how can i prevent crontab using postfix to write my crontabbed programs to redirect stdout and stderr on same dir ?[08:47:10] <srandon1213> any idea ?[08:51:22] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[08:53:20] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Ping timeout: 276 seconds)[08:57:25] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[08:57:25] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[08:57:25] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[08:59:36] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[09:10:05] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[09:16:25] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[09:27:57] <Zerberus> srandon1213: sorry what?[09:48:17] <sep> what is the state of the art spam detection/filter in front of a postfix mail server nowadays ? i have an older postfix+spamassasin solution that needs an upgrade[09:49:56] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[09:59:52] <Zerberus> sep: postfix itself got postscreen, and spamassassin is still being developed and maintained[10:01:21] <sep> thanks ill look at postscreen.[10:07:07] <Zerberus> sep: postscreen does not classify message content but helps to prevent that spam even enters the queue[10:07:11] <Zerberus> !postscreen[10:07:12] <knoba> Zerberus: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[10:08:22] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:13:55] <sep> thanks.[10:14:13] <sep> i guess the spamassasin install is just to old for todays spam[10:14:25] <sep> there is a lot beeing stopped. but a lot gets thru as well[10:15:39] <Zerberus> that might be the case - SA 3.4.x gets a lot more than previous releases[10:17:16] <sep> good to know. since i was worried spamassasin was beeing outdated[10:17:32] <sep> mine is ofcourse, but generally :)[10:18:40] <sep> what do you use for a shared maildir storage ?[10:19:26] <Zerberus> dovecot[10:28:47] <sep> dsync then ?[10:31:56] <sep> i was thinking drbd+ocfs but it is a bit new ground for me.[10:34:45] <sep> but perhaps more a #dovecot question :)[10:58:43] *** markus_e92 <markus_e92!~markus_e9@91-115-23-177.adsl.highway.telekom.at> has quit IRC (Ping timeout: 255 seconds)[10:59:21] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[11:00:22] *** markus_e92 <markus_e92!~markus_e9@91-115-22-129.adsl.highway.telekom.at> has joined #postfix[11:03:59] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[11:15:58] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has joined #postfix[11:20:42] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 245 seconds)[11:33:21] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has joined #postfix[12:14:42] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[12:14:46] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Max SendQ exceeded)[12:16:30] *** Section1 <Section1!~section1@190.195.71.40> has joined #postfix[12:19:20] <petn-randall> Hi, I've got a postfix server handling ingress and egress mail at this site. Currently, authenticated clients go through port 25. I'm still pondering the question if that can clash with postscreen DNSBL checks. Does anyone know?[12:20:02] <petn-randall> I don't have any post-220 tests configured.[12:20:25] <petn-randall> + plan to[12:23:18] <Zerberus> petn-randall: yes, it collides[12:26:04] <petn-randall> Zerberus: Is there a workaround available?[12:26:18] <petn-randall> It'll take a while to migrate the users over.[12:26:42] *** pti-jean_ <pti-jean_!~quassel@177.52.124.78.rev.sfr.net> has joined #postfix[12:38:52] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[12:39:34] <rob0> workaround is use a different IP address for port 25 submission; if you don't have one, you might have to disable postscreen (depending on your user base, they might be able to get through it.)[12:45:14] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 255 seconds)[12:51:21] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[13:00:03] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[13:04:35] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[13:07:18] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has joined #postfix[13:09:15] <UncleKiwi> hi just wondering if its worth blocking the connections to my submission 587 port postfix/submission/smtpd[3928]: lost connection after EHLO from unknown[93.158.200.220][13:09:39] <UncleKiwi> i see the occasional heap of connections[13:09:48] <UncleKiwi> its really odd[13:10:16] <UncleKiwi> what would their intention be ? are they trying exploits ?[13:11:26] <rob0> there are attack bots which probe for valid credentials for relay, and if one succeeds, you'll know it[13:11:42] <UncleKiwi> can you please advise me on how to deal with this kind of thing in the best way[13:12:01] <UncleKiwi> it doesn't seem to be trying to auth[13:12:08] <petn-randall> rob0: I digged a little around, I think I'll keep postscreen off for now. Guess I have another good reason to migrate users. :)[13:12:32] <petn-randall> UncleKiwi: It's already being dealt with, I'd say. Nothing you need to act upon.[13:13:18] <rob0> oh yeah, lost connection after EHLO, looks like a broken botnet[13:13:31] <UncleKiwi> hehe ok[13:13:34] <UncleKiwi> thanks[13:14:11] *** g_zen <g_zen!~g_zen@195.24.90.254> has joined #postfix[13:14:16] <UncleKiwi> will postfix see 30 of these type of connections and then tarpit them[13:14:34] <UncleKiwi> or should I make a fail2ban rule[13:14:44] <UncleKiwi> or should I just forget about it[13:14:49] <rob0> that's not unusual either ... since they're using stolen resources (you can bet this isn't on behalf of the legitimate user at 93.158.200.220) it doesn't matter how broken their stuff is[13:15:30] <rob0> fail2ban is fine if you're using that, ignoring it is fine also[13:16:01] <UncleKiwi> thanks yeah i like fail2ban[13:26:28] *** sphenxes01 <sphenxes01!~sphenxes@85-90-142-38.hdsl.highway.telekom.at> has joined #postfix[13:29:55] *** sphenxes <sphenxes!~sphenxes@194-118-226-112.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 255 seconds)[13:29:56] *** thms <thms!~thms@gate.nnx.com> has joined #postfix[13:29:56] *** thms <thms!~thms@gate.nnx.com> has quit IRC (Changing host)[13:29:56] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[13:30:22] *** sphenxes02 <sphenxes02!~sphenxes@194-118-226-112.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 264 seconds)[13:30:35] *** sphenxes <sphenxes!~sphenxes@85-90-142-38.hdsl.highway.telekom.at> has joined #postfix[13:37:42] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[13:43:38] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[13:53:25] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[13:57:37] *** mjrc <mjrc!91646711@gateway/web/freenode/ip.145.100.103.17> has joined #postfix[14:00:22] *** xMopxShell <xMopxShell!~xMopxShel@192.95.23.134> has quit IRC (Ping timeout: 256 seconds)[14:02:31] *** synthroid <synthroid!~synthroid@208.167.254.98> has joined #postfix[14:04:05] *** wdp <wdp!~jean@lunar-linux/mirror/wdp> has joined #postfix[14:11:58] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[14:30:30] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has joined #postfix[14:50:25] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[15:00:51] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[15:04:23] *** Cuzner <Cuzner!~ccuzner@74.117.140.46> has joined #postfix[15:05:38] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[15:05:44] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:13:57] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:25:25] *** mietsin <mietsin!~tuxuser@unaffiliated/mietsin> has quit IRC (Quit: leaving)[15:31:26] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has quit IRC (Read error: Connection reset by peer)[15:32:51] *** Marc3l <Marc3l!~Marc3l@2a01:4f8:151:22a3::4> has quit IRC (Quit: ZNC - http://znc.in)[15:33:58] *** Marc3l <Marc3l!~Marc3l@2a01:4f8:151:22a3::4> has joined #postfix[15:45:47] *** guanchao71 <guanchao71!~guanchao7@180.175.209.136> has joined #postfix[15:49:40] *** jrj <jrj!~jrj@net-d.bebifood.ru> has quit IRC (Ping timeout: 240 seconds)[15:52:53] *** sphenxes02 <sphenxes02!~sphenxes@85-90-151-41.hdsl.highway.telekom.at> has joined #postfix[15:55:50] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[15:56:08] *** sphenxes01 <sphenxes01!~sphenxes@85-90-142-38.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[15:56:10] *** sphenxes <sphenxes!~sphenxes@85-90-142-38.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[15:56:59] *** sphenxes <sphenxes!~sphenxes@85-90-151-41.hdsl.highway.telekom.at> has joined #postfix[15:58:10] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 240 seconds)[15:59:15] *** infides_afk <infides_afk!~infides@p5B167FA7.dip0.t-ipconnect.de> has joined #postfix[16:03:11] *** jrj <jrj!~jrj@net-w.bebifood.ru> has joined #postfix[16:05:09] *** guanchao71 <guanchao71!~guanchao7@180.175.209.136> has quit IRC (Quit: Mutter: www.mutterirc.com)[16:17:57] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has quit IRC (Remote host closed the connection)[16:25:17] *** wdp <wdp!~jean@lunar-linux/mirror/wdp> has quit IRC (Remote host closed the connection)[16:25:46] *** guanchao71 <guanchao71!~guanchao7@180.175.209.136> has joined #postfix[16:30:40] *** wwl <wwl!~wwl@ipbcc30dbd.dynamic.kabel-deutschland.de> has joined #postfix[16:30:59] *** mjrc <mjrc!91646711@gateway/web/freenode/ip.145.100.103.17> has quit IRC (Ping timeout: 260 seconds)[16:31:39] *** tiny <tiny!~ivob@unaffiliated/tiny> has joined #postfix[16:32:10] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Read error: Connection reset by peer)[16:33:32] *** infides_afk <infides_afk!~infides@p5B167FA7.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 276 seconds)[16:35:36] <tiny> Hi. I hope it's not to much of an OT. I'm having blocks from some domain based on their RBL. They're using Fortiguard antispam blacklist. I've checked my servers IP and it isn't listed anywhere.[16:35:45] <tiny> Who or what is Fortigate.com?[16:37:24] <lunaphyte> google fortigate...[16:45:46] <tiny> Ok... remote side admin just called me and offered to test the product as in do a network audit scan. This is fishy. Our companies do business though.[17:00:28] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 240 seconds)[17:01:31] <rob0> So you're running Postfix for your company, and this other company with which you need to correspond uses a Fortigate appliance? And the appliance blocks you?[17:01:45] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[17:01:47] *** FMan <FMan!~tropyx@dsl-kvlbrasgw2-50dcc3-5.dhcp.inet.fi> has joined #postfix[17:05:20] <tiny> rob0: yes[17:06:27] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 256 seconds)[17:06:40] <tiny> "This message has been blocked because it is from a FortiGuard - AntiSpam black IP address"[17:07:27] <rob0> the thing to do is to have THEM ask Fortigate why you're listed.[17:07:40] <rob0> they won't talk to you, most likely[17:09:08] <rob0> Has your IP address been a spam source for any reason within the past few years? Maybe compromised credentials for relaying?[17:09:36] <tiny> The admin or whoever talked to me from their site was trying to arrange a network audit with a bridged firewall appliance suggesting we have a source of SPAM in our company. He mummbled on about cryptolockins and stuff.[17:10:16] <rob0> IOW he has no clue what he's talking about[17:10:52] <rob0> That's often the case with customers of such solutions.[17:10:59] <tiny> Sounded like a salesman.[17:12:10] <tiny> Well. They said they fixed it now. Prolly white-listed us. It was awkward though.[17:12:50] <rob0> Not having any other rejections?[17:12:57] <tiny> no, just them.[17:13:59] <rob0> I don't suppose I'd worry about it, then.[17:16:13] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[17:18:43] *** sphenxes01 <sphenxes01!~sphenxes@85-90-135-164.hdsl.highway.telekom.at> has joined #postfix[17:19:25] *** synthroid <synthroid!~synthroid@208.167.254.98> has quit IRC (Remote host closed the connection)[17:21:47] *** sphenxes02 <sphenxes02!~sphenxes@85-90-151-41.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[17:22:07] *** sphenxes <sphenxes!~sphenxes@85-90-151-41.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[17:22:15] *** sphenxes <sphenxes!~sphenxes@85-90-135-164.hdsl.highway.telekom.at> has joined #postfix[17:31:57] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Ping timeout: 245 seconds)[17:37:54] *** xMopxShell <xMopxShell!~xMopxShel@192.95.23.134> has joined #postfix[17:42:08] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Remote host closed the connection)[17:42:31] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[17:44:31] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[17:47:23] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[17:54:32] *** guanchao71 <guanchao71!~guanchao7@180.175.209.136> has quit IRC (Quit: Mutter: www.mutterirc.com)[17:55:28] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[17:56:26] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[17:56:47] *** JanC <JanC!~janc@lugwv/member/JanC> has quit IRC (Killed (barjavel.freenode.net (Nickname regained by services)))[17:56:47] *** JanC_ is now known as JanC[18:01:05] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 240 seconds)[18:01:45] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[18:08:42] *** g_zen <g_zen!~g_zen@195.24.90.254> has quit IRC (Read error: Connection reset by peer)[18:09:28] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has joined #postfix[18:11:52] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[18:17:47] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 240 seconds)[18:25:48] *** pti-jean__ <pti-jean__!~quassel@184.92.119.78.rev.sfr.net> has joined #postfix[18:25:52] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Remote host closed the connection)[18:26:01] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[18:27:28] *** pti-jean_ <pti-jean_!~quassel@177.52.124.78.rev.sfr.net> has quit IRC (Ping timeout: 248 seconds)[18:31:03] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[18:41:58] *** JessicaRN <JessicaRN!452a1a52@gateway/web/freenode/ip.69.42.26.82> has joined #postfix[18:45:10] <JessicaRN> hey folks... I dunno postfix so sorry for the noob questions. I want to deny all relay except from a specific ip. do I use two mynetworks statements? the first being:[18:45:13] <JessicaRN> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128[18:45:27] <JessicaRN> and the second being for my allowed ip?[18:45:48] <thumbs> JessicaRN: using the source IP is a bad idea - why not use submission instead?[18:46:42] <JessicaRN> thumbs: I don't know postfix well enuf to configure much of anything. I'm going off a cookbook.[18:46:56] <thumbs> JessicaRN: bad idea too.[18:46:59] <JessicaRN> what is submission?[18:47:03] <JessicaRN> yeah...[18:47:05] <thumbs> !tell JessicaRN submission[18:47:05] <knoba> JessicaRN: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[18:47:26] <JessicaRN> so heres the situation:[18:47:26] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[18:47:34] <thumbs> also, butchering words for no reason isn't "cool" or "hip".[18:47:46] <thumbs> "enough" isn't hard to type.[18:48:02] <JessicaRN> I have a digitalocean droplet that will host a little domain[18:49:12] <JessicaRN> thumbs: I graduated with honors. I wasn't trying to be "cool" or "hip". I was saving keystrokes[18:50:59] <thumbs> I pride myself on spelling properly (I graduated too).[18:51:22] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has quit IRC (Ping timeout: 264 seconds)[18:51:38] *** infernix <infernix!nix@unaffiliated/infernix> has quit IRC (Read error: Connection reset by peer)[18:51:40] <JessicaRN> I have a digitalocean droplet that will host a little domain. I'm just trying to config mail for that domain.[18:52:16] <anexit> Howdy all[18:52:28] <thumbs> JessicaRN: you should still use submission, yes.[18:52:28] *** rocktop <rocktop!~rocktop@105.154.69.217> has joined #postfix[18:52:58] <thumbs> JessicaRN: one should only use IP filtering when they know exactly what they are doing, and what the risks are.[18:53:27] <JessicaRN> thumbs: here was the example of the config file DO wanted me to use: https://www.dropbox.com/s/x9fpm9v1dr86gkw/etc-postfix-main.cf.txt[18:53:58] <JessicaRN> yeah, I don't want to be a spam provider....[18:54:11] <thumbs> !tell JessicaRN submission[18:54:11] <knoba> JessicaRN: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[18:54:29] <anexit> ipv6 yuck[18:55:27] <rocktop> Hello, I setup postfix (via sendgrid SMTP relay) from outlook I can't get email delivered here is my main.cf and what I get in error log : https://bpaste.net/show/0dcb6438194f[18:55:45] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has joined #postfix[18:56:17] <thumbs> oh, you read the /topic[18:57:03] <anexit> need more of the maillog[18:57:17] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[19:00:05] <rocktop> anexit, https://bpaste.net/show/c419a3a74164[19:00:51] *** infernix <infernix!nix@unaffiliated/infernix> has joined #postfix[19:01:15] <JessicaRN> thumbs, serious? man, take a look at what's happening to our world. Wouldn't you rather be a source of compassion and kindness than criticism and harshness? There is -enuf- intolerance in our world as is. All I did was ask for a little help. I didn't get all sassy with you. I even opened my post with the acknowledgement that I was a noob and apologized for any stupid questions.[19:01:16] <anexit> rocktop how do you mean email delivered? Postfix just transfer email... you would need a pop3d[19:01:47] <anexit> JessicaRN: are you a RN?[19:02:17] <JessicaRN> yeah... and I'm not a sys admin[19:02:22] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 258 seconds)[19:03:38] <rocktop> anexit, my server doesn't send email because the port 25 blocked by the datacenter , I have opened a port 26 to communicate with post fix also I have configured postfix to send email via an SMTP relay but I can't get the email doesn't going out via SMTP relay[19:05:01] <rocktop> anexit, maybe because it use sasl_username that comming from outlook instead of the one I have with SMTP relay , the question how can I make it send email via sasl_username for SMTP relay ?[19:05:44] *** Pinchiukas <Pinchiukas!~keps@unaffiliated/pinchiukas> has left #postfix[19:07:57] <JessicaRN> so, I'm looking to configure three email accounts so I can send bulk mails (about 200 recipients) to my clients. I know I could pay Google to host my mailserver for me, but since I already have this digital ocean droplet I thought it might be cool to just do it from there. Since DO's data center is on the other side of the country, I need to allow relays from at least my own local IP. That's all I'm trying to do. I was going to[19:08:30] <JessicaRN> but I can't seem to get the syntax correct. any friendly help would be appreciated[19:08:54] <rocktop> anyidea ?[19:15:39] *** infernix <infernix!nix@unaffiliated/infernix> has quit IRC (Ping timeout: 256 seconds)[19:17:51] <JessicaRN> ok, so I'm gonna try rbl_override next. any major pitfalls I should know about first?[19:19:54] <anexit> rocktop: Maybe look at dovecot. If you're bouncing emails off the server then I would look at mynetworks first.[19:20:29] <rocktop> anexit, mynetworks = 127.0.0.0/8[19:20:41] <anexit> That's local to the server[19:21:18] <rocktop> anexit, what I should to put here ?[19:21:43] <rocktop> I already have relayhost = [smtp.sendgrid.net]:587[19:22:03] <lunaphyte> mynetworks is really best set to empty[19:22:04] <anexit> what is the public ip of the server facing?[19:22:08] *** skylite <skylite!~skylite@5402F5C1.dsl.pool.telekom.hu> has quit IRC (Read error: No route to host)[19:22:14] *** skylite_ <skylite_!~skylite@5402F5C1.dsl.pool.telekom.hu> has joined #postfix[19:23:26] <anexit> or leave it empty[19:23:50] <rocktop> anexit, I leave it empty but same issue[19:24:35] <rocktop> I always get this in maillog : sasl_method=PLAIN, sasl_username=info at domain dot com[19:25:12] <lunaphyte> the default is not empty[19:25:23] <rocktop> this usernameuse to connect to postfix then postfix should send email via SMTP relay[19:25:33] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has joined #postfix[19:25:45] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has quit IRC (Changing host)[19:25:45] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has joined #postfix[19:26:12] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[19:26:58] <rocktop> lunaphyte, yes I make it empty but same issue[19:29:33] <JessicaRN> thanks guys... Hey, if you come into my ER I'll treat you with kindness even if your own stupidity brought you there.[19:29:33] *** infernix <infernix!nix@unaffiliated/infernix> has joined #postfix[19:29:48] *** JessicaRN <JessicaRN!452a1a52@gateway/web/freenode/ip.69.42.26.82> has quit IRC (Quit: Page closed)[19:30:26] <thumbs> poor JessicaRN[19:30:52] <anexit> rocktop: smtpd_sasl_type= what?[19:31:01] *** synthroi_ <synthroi_!~synthroid@50.202.5.122> has joined #postfix[19:31:14] <anexit> dovecot[19:31:24] <rocktop> smtpd_sasl_type=[19:31:26] <anexit> whats the config for dovecot[19:31:29] <rocktop> dovecot[19:33:21] <rocktop> anexit, https://bpaste.net/show/56d8618c3d03[19:33:40] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC (Ping timeout: 240 seconds)[19:34:45] <anexit> Set my domain to domain.com[19:34:57] <thumbs> !tell anexit example[19:34:57] <knoba> anexit: "example" : Example.TLD has been reserved for examples in generic top-level domains (com,net,org) and many other TLDs. Please do not use real Internet names as examples.[19:35:10] <anexit> then mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain[19:35:46] <anexit> sounds like you sending email outside the realm[19:36:25] <rocktop> anexit, where us this ? 'Set my domain to domain.com'[19:36:29] *** srandon1213 <srandon1213!aafbcca1@gateway/web/freenode/ip.170.251.204.161> has quit IRC (Ping timeout: 260 seconds)[19:36:33] <anexit> main.cf[19:38:08] <rocktop> anexit, done[19:38:12] <rocktop> what is the next :)[19:39:26] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 276 seconds)[19:39:53] <anexit> postfix reload[19:39:59] <anexit> see if that allows you to send[19:40:08] *** KaiForce <KaiForce!~chatzilla@107-223-70-10.lightspeed.bcvloh.sbcglobal.net> has joined #postfix[19:41:26] <rocktop> anexit, same issue[19:42:10] <anexit> same error ?[19:42:45] <rocktop> yes[19:42:57] <rocktop> sasl_method=PLAIN, sasl_username=info at domain dot com[19:43:42] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Quit: Leaving.)[19:43:59] <rocktop> it should use relay host to send email but I don' tsee anything about it in maillog[19:44:47] <anexit> yeah[19:44:59] <anexit> authentication is handled by dovecot though[19:45:22] <rocktop> anexit, I think that what is happening[19:45:54] <anexit> in theory you should be able to login to dovecot and then it bounces the email[19:46:17] <anexit> keep in mind in outlook... you need to auth both ways[19:46:34] <rocktop> anexit, yes I know[19:46:47] <rocktop> imap and smtp[19:47:12] <rocktop> I used same as imap login for smtp[19:47:13] <anexit> no, imap and smtp are totally different. You should be able to login just to imap[19:47:22] <anexit> yeah[19:47:30] <anexit> generally a good idea[19:48:27] <anexit> do you get errors in dovecot when you login?[19:48:38] <rocktop> http://image.prntscr.com/image/3c7334f6d27641819a9c7c76fb345889.png[19:48:49] <rocktop> http://image.prntscr.com/image/eb7c530c61994bf08d3451c4644a2611.png[19:49:06] <anexit> looks good[19:49:54] <anexit> you can set the log path log_path = in dovecot and tail it[19:52:14] *** wwl <wwl!~wwl@ipbcc30dbd.dynamic.kabel-deutschland.de> has quit IRC (Quit: Nettalk6 - www.ntalk.de)[19:53:02] <rocktop> anexit, I don' tsee any error just : 2017-02-02 21:52:25 imap-login: Info: Login: user=<info at domain dot com>, method=PLAIN, rip=105.154.69.217, lip=50.22.192.173, mpid=10419, TLS[19:53:29] <anexit> so login works[19:55:15] <anexit> right username and pass working with sendgrid?[19:57:28] <anexit> sasl_passwd [example.com]:587 username:password[19:57:46] <anexit> normally in /etc/postfix/sasl_passwd[19:57:57] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[19:58:44] <rocktop> anexit, are working yes[19:59:02] *** Section1 <Section1!~section1@190.195.71.40> has quit IRC (Remote host closed the connection)[20:02:34] *** thumbs <thumbs!1000@unaffiliated/thumbs> has quit IRC (Quit: Reconnecting)[20:02:41] *** thumbs <thumbs!1000@unaffiliated/thumbs> has joined #postfix[20:07:57] <rocktop> anexit, same issue[20:13:39] <anexit> Not sure[20:19:34] *** Deep <Deep!6a338f0b@gateway/web/freenode/ip.106.51.143.11> has joined #postfix[20:20:16] *** Deep <Deep!6a338f0b@gateway/web/freenode/ip.106.51.143.11> has quit IRC (Client Quit)[20:23:25] *** rocktop__ <rocktop__!~rocktop@160.176.41.88> has joined #postfix[20:25:24] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[20:26:14] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[20:26:32] *** rocktop <rocktop!~rocktop@105.154.69.217> has quit IRC (Ping timeout: 245 seconds)[20:28:50] *** synthroi_ <synthroi_!~synthroid@50.202.5.122> has quit IRC (Ping timeout: 276 seconds)[20:31:29] *** puhuri <puhuri!puhuri@freenode/sponsor/puhuri> has quit IRC (Quit: switching servers)[20:31:37] *** puhuri <puhuri!puhuri@freenode/sponsor/puhuri> has joined #postfix[20:35:28] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 248 seconds)[21:00:15] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[21:10:43] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has quit IRC (Remote host closed the connection)[21:11:59] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has joined #postfix[21:13:49] *** rocktop__ <rocktop__!~rocktop@160.176.41.88> has quit IRC (Quit: Leaving)[21:17:04] *** traptrip <traptrip!~traptrip@brigaid.xs4all.nl> has joined #postfix[21:27:01] *** mcp <mcp!~mcp@wolk-project.de> has quit IRC (Remote host closed the connection)[21:29:59] *** SerajewelKS <SerajewelKS!~me@wikipedia/Crazycomputers> has joined #postfix[21:30:44] <SerajewelKS> feel free to direct me to another channel if this is not the appropriate channel for such a query, but has anyone else experienced one particular IP connecting to your server once per minute, issuing EHLO followed by QUIT?[21:31:21] <anexit> bot[21:31:35] <SerajewelKS> i don't see any other data exchanged on the connection. i don't understand what the purpose of this probe is -- i can understand a periodic scan to see if there is a server, but once per minute? what is the purpose of this exchange?[21:31:46] <SerajewelKS> right but what is the bot trying to accomplish?[21:32:13] <SerajewelKS> there's no attempts to authenticate or send any mail[21:32:16] <anexit> it connected to port 25, let others know you're accepting mail.[21:32:33] <SerajewelKS> yeah even that makes sense, i just can't figure out why once per minute[21:32:39] <SerajewelKS> *shrug*[21:32:40] <anexit> greylisting takes care of that right quick.[21:32:45] <lunaphyte> do you know wanything about the particular ip?[21:32:46] <SerajewelKS> oh i have greylisting[21:33:01] <anexit> or stutter the connection[21:33:04] <lunaphyte> can you identify any meaningful characteristics?[21:33:09] <JPT> Maybe a misconfigured DoS-Tool? :)[21:33:19] <anexit> JPT hhehe[21:33:23] <SerajewelKS> whois places it in a data center in arizona[21:33:47] <SerajewelKS> lunaphyte: the only characteristics i see is a new connection exactly once per minute, EHLO then QUIT[21:33:51] <lunaphyte> um, greylisting does not take care of that, no. if anything, it increases the likelihood that crappy software behave just like that[21:33:52] <rob0> Earlier today someone was talking about a broken attack bot, so it could be from that botnet.[21:34:45] <anexit> I've seen that in the past, I created a small program in C that when a connection is established it takes 90 minutes to complete a helo request. Usually within 24hours it goes away because it takes up resources on the opposing side.[21:34:46] <SerajewelKS> they aren't trying to auth so fail2ban isn't reacting (and i'm not sure i want it to react to connection attempts, at least not once per minute. i can easily see a legit host tripping that.)[21:34:52] *** rob0 <rob0!rob0@pdpc/valentine/postfixninja/rob0> has quit IRC (Quit: Reconnecting)[21:34:57] <SerajewelKS> hmm that's an interesting idea[21:34:59] *** rob0 <rob0!rob0@harrier.slackbuilds.org> has joined #postfix[21:34:59] *** rob0 <rob0!rob0@harrier.slackbuilds.org> has quit IRC (Changing host)[21:34:59] *** rob0 <rob0!rob0@pdpc/valentine/postfixninja/rob0> has joined #postfix[21:35:09] <SerajewelKS> i was just gonna add a DROP rule for a few hours for that IP[21:35:19] <anexit> or that :)[21:35:32] <SerajewelKS> but i see this kind of weird probe maybe once per week from weird IPs, was just checking if anyone else had experienced it and new the purpose[21:35:38] <SerajewelKS> knew*[21:35:58] <anexit> Rats in a maze[21:38:03] <SerajewelKS> at first i thought they might be sending a huge amount of garbage or something to try to exploit a stack smash vulnerability[21:39:38] <SerajewelKS> might send a log sample to the abuse contact for the IP block. looks like a hosting company.[21:39:52] *** tiny <tiny!~ivob@unaffiliated/tiny> has quit IRC (Quit: Leaving)[21:40:58] *** angryjohnnie <angryjohnnie!~textual@static-173-49-3-242.phlapa.fios.verizon.net> has joined #postfix[21:41:02] <SerajewelKS> usually i don't get a response but occasionally i'll get a thanks back[21:41:09] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:89e8:396a:b12b:7df5> has joined #postfix[21:41:36] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 248 seconds)[21:43:53] <tmberg> !ciphers[21:43:53] <knoba> tmberg: Error: "ciphers" is not a valid command.[21:44:10] <tmberg> !protocols[21:44:10] <knoba> tmberg: Error: "protocols" is not a valid command.[21:53:46] *** UgJkA <UgJkA!~ugjka@ugjka.net> has quit IRC (Ping timeout: 256 seconds)[22:00:14] *** mcp <mcp!~mcp@wolk-project.de> has joined #postfix[22:00:25] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has quit IRC (Remote host closed the connection)[22:15:25] *** ugjka <ugjka!~ugjka@ugjka.net> has joined #postfix[22:17:40] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.173.5> has quit IRC (Ping timeout: 240 seconds)[22:17:58] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.173.5> has joined #postfix[22:20:04] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[22:22:12] *** rocktop_ <rocktop_!~rocktop@41.251.94.12> has quit IRC (Quit: Leaving)[22:37:34] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.173.5> has quit IRC (Ping timeout: 255 seconds)[22:47:51] *** ponyofdeath <ponyofdeath!~vladi@cpe-76-172-86-115.socal.res.rr.com> has joined #postfix[22:48:27] <ponyofdeath> hi, anyone can help me figure out why my user is not being parsed out of the user at domain dot com and the user then rejected[22:49:43] <ponyofdeath> https://bpaste.net/show/9dafd64e7d28[22:49:45] <ponyofdeath> mail log[22:51:09] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC ()[22:53:52] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.43> has joined #postfix[22:56:07] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has quit IRC (Read error: Connection reset by peer)[22:58:35] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:89e8:396a:b12b:7df5> has quit IRC (Ping timeout: 252 seconds)[23:06:05] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.43> has quit IRC (Read error: Connection reset by peer)[23:07:43] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[23:12:44] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has joined #postfix[23:13:47] <UnderSampled> Hello. I've been sort of running an email-server for a bit now, but I haven't really touched it enough to consider myself anything but 'new' to the whole self-hosted email thing[23:14:15] <UnderSampled> Right now, I am using MailCow's default setup for everything[23:15:30] <UnderSampled> I can send email just fine (well, I'm still stuck on DKIM, so it goes to spam), but if I try to recieve email, it never shows up in the inbox[23:15:51] <UnderSampled> either in my imap client or in roundcube. Would this be an issue with postfix or dovecot?[23:16:50] <SerajewelKS> could be either[23:17:00] <SerajewelKS> postfix configured to put it in the wrong place, dovecot configured to look in the wrong place[23:17:17] *** Cuzner <Cuzner!~ccuzner@74.117.140.46> has quit IRC (Ping timeout: 252 seconds)[23:19:29] <UnderSampled> SerajewelKS: It has worked before, then I had to restart the machine due to lack of memory and dissable ClamAV[23:20:09] <lunaphyte> i'm not sure what mailcow is, but if that's the software you've installed, you'll want to address the issue within its context[23:20:37] <lunaphyte> poking at the subsystem underneath the covers isn't likely to be terribly wise[23:20:37] <UnderSampled> what do yoou mean?[23:20:42] <SerajewelKS> then maybe something is still delivering to clamav instead of the destination mailbox, and clamav isn't running so it gets stuck in the queue[23:21:13] *** pti-jean__ <pti-jean__!~quassel@184.92.119.78.rev.sfr.net> has quit IRC (Remote host closed the connection)[23:21:16] <UnderSampled> seems likely, I suppose.[23:21:18] <lunaphyte> what i mean is that if you change things with postfix [or dovecot] directly, you may break how mailcow does things[23:22:06] <lunaphyte> that said, if you're able to ask your question[s] here strictly within the context of postfix, we can surely help with that. we just can't help with mailcow problems which come as a result[23:22:58] <UnderSampled> yeah, I get that. Mailcow is small with limited IRC, and I supposed this would be a good place to start[23:23:39] <SerajewelKS> the place i'd start is the postfix logs, look where it says it's delivering things[23:23:54] <SerajewelKS> look if there are errors trying to deliver things[23:24:05] <UnderSampled> ok[23:28:39] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has quit IRC (Ping timeout: 260 seconds)[23:29:01] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has joined #postfix[23:30:24] *** postfux <postfux!~postfux@quippe.eu> has joined #postfix[23:34:33] *** postfux <postfux!~postfux@quippe.eu> has quit IRC (Client Quit)[23:35:12] *** postfux <postfux!~postfux@quippe.eu> has joined #postfix[23:36:16] <postfux> Hello. I'm trying to get Postfix to block RSA_WITH_RC4_128_SHA but cannot get it to work. Does anyone have suggestions?[23:37:01] <postfux> I'm using Postfix 2.11.3 on Debian 8.[23:41:33] <rob0> ponyofdeath, looks like you have a broken Dovecot userdb lookup. Have you asked in #dovecot yet?[23:42:18] <postfux> I'll be AFK for some hours soon and will check back later.[23:42:52] <lunaphyte> postfux: why would you want to do that?[23:42:55] <lunaphyte> for submission?[23:43:16] <rob0> postfux, you'd get better answers ^^ if you describe why, what the REAL problem is[23:43:16] *** angryjohnnie <angryjohnnie!~textual@static-173-49-3-242.phlapa.fios.verizon.net> has quit IRC (Ping timeout: 255 seconds)[23:43:46] <lunaphyte> i smell a vulnerability scanner checkbox[23:44:00] <rob0> yep, could be[23:44:21] <postfux> lunaphyte, rob0: this is a weak cipher (as reported by ssl-tools.net). I prefer to disable it.[23:44:31] <lunaphyte> for submission?[23:44:44] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@37.48.74.77> has joined #postfix[23:44:57] <lunaphyte> blindly disabling weak ciphers in the context of email is foolish and irresponsible[23:44:59] <rob0> plaintext is weaker, and on port 25 you have to accept that :)[23:45:32] <lunaphyte> additionally, suggesting to people that they do such things is even worse. shame on ssl-tools.net if they're suggesting such things for smtp/mx service[23:46:05] <lunaphyte> now, if they're testing submission service, where encryption is mandatory rather than optional, that is a different story. are they?[23:46:07] <postfux> hmph. i'm just a noob that wants to get rid of error messages :\[23:46:20] <postfux> let me try and check[23:47:14] <postfux> ssl-tools.net splits the results into incoming and outgoing, so I suppose this is only an issue with incoming[23:47:26] <postfux> thus it's okay to be pedantic about the ciphersuit?[23:48:00] <rob0> "incoming" and "outgoing" are difficult concepts[23:48:10] <lunaphyte> i'm not sure what is meant by the ssl-tools.net "incoming" and "outgoing" references.[23:48:19] <rob0> To a MTA, all mail comes in, all mail goes out.[23:49:22] <rob0> The better distinction to make is submission (mail from your users to anywhere) vs. mail exchange (mail from outsiders to your users.)[23:50:00] <postfux> I see.[23:50:16] <rob0> It's okay to tighten up ciphers for submission as long as your users are aware.[23:51:14] <rob0> It's silly to tighten up ciphers for mail exchange as long as the protocol requires acceptance of plaintext connections.[23:51:57] <postfux> Got it. Would you say that the recommended cipher settings at https://cipherli.st/ are sensible?[23:52:19] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@37.48.74.77> has quit IRC (Read error: Connection reset by peer)[23:52:25] <lunaphyte> i'm a little confused, i guess.[23:52:54] <lunaphyte> no, it's not sensible[23:53:24] <lunaphyte> i kind of thought that was the spirit of what we've been saying, regardless of who you get the list from[23:54:17] <lunaphyte> https://cipherli.st/ has other problems too. smtpd_use_tls is deprecated, and its use should not be encouraged[23:55:51] <rob0> I see quite a few indications of clue deprivation, ^^ yes, that is one of them.[23:55:56] <lunaphyte> globally constraining cipher choices on a postfix server in any way is plain and smple, bad advice.[23:55:59] <lunaphyte> *simple[23:56:17] <lunaphyte> the SOLE exception to that sentiment is if the server is *only* an msa.[23:56:39] <rob0> notice that services which are probably on the same host are using different certs[23:56:39] <lunaphyte> however, you can be all but certain that the idiots pushing this fud are nowhere near educated on the matter