February 3, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | >
February 3, 2017 [00:00:51] <postfux> rob0: I know I'm lacking clues. I get the takeaway: tightening the ciphersuit for submission only is okay.[00:01:43] <lunaphyte> it's ok to be lacking clues[00:02:10] <lunaphyte> what matters is that you're not complacent about it[00:02:14] *** KaiForce <KaiForce!~chatzilla@107-223-70-10.lightspeed.bcvloh.sbcglobal.net> has quit IRC (Quit: ChatZilla 0.9.93 [Firefox 51.0.1/20170125094131])[00:02:45] <lunaphyte> i'm pretty sure rob0 was talking about that website though, and not about you[00:04:07] <rob0> yes[00:04:40] <rob0> sorry, even when someone here lacks clue, I try to be more diplomatic about it :)[00:04:59] <lunaphyte> i'm pretty sure rob0 was talking about me though, and not about that website[00:05:08] <rob0> yes![00:05:25] <rob0> ^^ indication of lack of clue![00:06:42] <lunaphyte> any time you see a cat's ears like that[00:07:35] <UnderSampled> http://pastebin.com/15JKTChj[00:08:08] *** trepatudo <trepatudo!~SDig@5.196.50.27> has quit IRC (Ping timeout: 240 seconds)[00:08:34] <UnderSampled> lunaphyte: this is definately a postfix error. What is it actually?[00:08:53] *** trepatudo <trepatudo!~SDig@5.196.50.27> has joined #postfix[00:08:53] <lunaphyte> postconf | grep -iF postscreen_cache[00:09:48] <lunaphyte> presumably postscreen_cache_map[00:10:35] <rob0> hmm, I would guess there is a Berkeley DB version mismatch, or something along those lines. Likely something that #your-distro-here or Mailcow support might be able to help with.[00:11:13] <rob0> It's a Postfix error, but only as messenger from Berkeley DB library.[00:12:28] <rob0> and hmmm, I didn't know proxy: maps could be used in postscreen[00:12:37] <UnderSampled> lunaphyte: http://pastebin.com/MGr3tgxD[00:12:39] <rob0> so maybe that's the problem[00:13:22] <lunaphyte> so turn off postscreen and see if it goes away[00:13:33] <UnderSampled> ok, how?[00:14:15] <lunaphyte> !tell UnderSampled postscreen[00:14:16] <knoba> UnderSampled: "postscreen" : SMTP triage server available in Postfix 2.8, see http://www.postfix.org/POSTSCREEN_README.html and http://www.postfix.org/postscreen.8.html[00:14:39] <lunaphyte> that documentation covers how to turn on [and this how to turn off] postscreen[00:17:05] <lunaphyte> *and thus[00:17:11] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@37.48.74.88> has joined #postfix[00:19:50] <postfux> I'm off now. Thanks for the clues guys![00:21:24] <lunaphyte> sure thing, good luck[00:23:30] *** postfux <postfux!~postfux@quippe.eu> has quit IRC (Quit: leaving)[00:25:14] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has quit IRC (Ping timeout: 260 seconds)[00:25:42] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@37.48.74.88> has quit IRC (Ping timeout: 245 seconds)[00:25:59] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.42> has joined #postfix[00:38:46] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[00:43:34] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 264 seconds)[00:45:43] *** guerilla <guerilla!~Max@ipb21832e3.dynamic.kabel-deutschland.de> has joined #postfix[00:46:07] <guerilla> hi folks[00:47:22] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has quit IRC (Remote host closed the connection)[00:47:47] <guerilla> is maybe somebody here who can help me with adding headers to postfix? i searched a lot the web the complete week till now. im a little confused and was thought that im short before break through, but it wasnt ^^[00:48:17] <guerilla> i tried with header_check PREPEND action, where i only get 1 header to work[00:49:00] <guerilla> then now with combination of mimedefang milter i dont get any modification to work, but integration seems fine[00:49:31] <guerilla> plz give me a sign if you know something about that or want to help[00:54:21] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[00:54:43] <tharkun> guerilla: Pleas make a pastebin with the exact requirements of your system and what you have done and why. Then determine what you are missing and how you expect it to be done. Examples of what you have done are fine. Document your progress and see what you need and why.[00:57:31] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Remote host closed the connection)[00:57:35] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.42> has quit IRC (Read error: Connection reset by peer)[00:58:12] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[01:02:53] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.45> has joined #postfix[01:03:54] <guerilla> @tharkun: I have wrote today a mail where i have list all the things if done and why and what i want to do and what ive already done. i will make it as a pastebin and send the link[01:06:35] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.45> has quit IRC (Read error: Connection reset by peer)[01:09:28] <guerilla> http://pastebin.com/AnUEQ9Vb[01:09:30] *** acosonic2 <acosonic2!~acosonic@94.247.200.200> has joined #postfix[01:10:34] *** acosonic <acosonic!~acosonic@94.247.200.200> has quit IRC (Ping timeout: 255 seconds)[01:12:03] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has quit IRC (Quit: An alternate universe was just created where I didn't leave. But here, I left you. I'm sorry.)[01:13:13] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has joined #postfix[01:23:05] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.43> has joined #postfix[01:28:48] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.43> has quit IRC (Ping timeout: 248 seconds)[01:34:25] <guerilla> hope somebody can help with anything out[01:50:26] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.45> has joined #postfix[02:00:42] <lunaphyte> why do you want to add headers?[02:06:18] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[02:14:55] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[02:18:16] *** guerilla <guerilla!~Max@ipb21832e3.dynamic.kabel-deutschland.de> has quit IRC (Read error: Connection reset by peer)[02:18:31] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Read error: Connection reset by peer)[02:19:23] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[02:24:38] *** angryjohnnie <angryjohnnie!~textual@pool-173-59-43-68.phlapa.fios.verizon.net> has joined #postfix[02:33:31] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[02:39:19] *** Cuzner <Cuzner!~ccuzner@192-0-132-105.cpe.teksavvy.com> has joined #postfix[02:39:40] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[02:43:57] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has joined #postfix[02:44:05] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 240 seconds)[02:57:40] *** f3ew <f3ew!~devdas@2.d3.1343.static.theplanet.com> has quit IRC (Ping timeout: 260 seconds)[02:58:27] *** f3ew <f3ew!~devdas@2.d3.1343.static.theplanet.com> has joined #postfix[03:04:19] *** joulez <joulez!~lucifurba@pdpc/supporter/active/joulez> has joined #postfix[03:06:47] *** joules <joules!~lucifurba@pdpc/supporter/active/joulez> has quit IRC (Ping timeout: 240 seconds)[03:13:27] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[03:13:29] *** UnderSampled <UnderSampled!627a90a6@gateway/web/freenode/ip.98.122.144.166> has quit IRC (Quit: Page closed)[03:16:11] *** hydrian <hydrian!~hydrian@c-73-16-53-87.hsd1.ct.comcast.net> has joined #postfix[03:16:44] <hydrian> What a good cli(scriptable) mail filter program for with maildir support that can filter on mail has already been delivered?[03:17:54] *** huddy <huddy!uid16953@gateway/web/irccloud.com/x-nnfhyvovyuogemmm> has joined #postfix[03:28:36] *** gu1lle_ <gu1lle_!~Thunderbi@186.141.199.129> has joined #postfix[03:36:51] *** skylite_ <skylite_!~skylite@5402F5C1.dsl.pool.telekom.hu> has quit IRC (Read error: Connection reset by peer)[03:38:38] *** skylite <skylite!~skylite@5402F5C1.dsl.pool.telekom.hu> has joined #postfix[03:47:46] <f3ew> hydrian: procmail?[03:48:39] <rob0> reading out of a maildir, or writing TO a maildir?[03:49:05] <f3ew> Reading should just be a for loop in shell[03:49:16] <rob0> right[03:49:56] <rob0> and if it's already delivered, no need to redeliver[03:54:08] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Ping timeout: 240 seconds)[03:54:29] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Ping timeout: 252 seconds)[04:01:03] *** JohnA <JohnA!~john@2606:6d00:100:4302:beae:c5ff:fe29:8c2a> has quit IRC (Read error: Connection reset by peer)[04:01:33] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[04:01:38] *** JohnA <JohnA!~john@2606:6d00:100:4302:beae:c5ff:fe29:8c2a> has joined #postfix[04:02:17] *** angryjohnnie <angryjohnnie!~textual@pool-173-59-43-68.phlapa.fios.verizon.net> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[04:02:24] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[04:05:01] <pj> ummmm, grep?[04:25:38] *** eater <eater!~eater@tamako.eoc.io> has quit IRC (Ping timeout: 240 seconds)[04:27:14] *** eater <eater!~eater@tamako.eoc.io> has joined #postfix[04:34:14] <pj> you can write to a maildir easily as well, they're just text files with the email content in them.[04:37:34] *** [dmp] <[dmp]!~dennis@unaffiliated/dmp/x-546784> has quit IRC (Ping timeout: 255 seconds)[04:38:24] *** [dmp] <[dmp]!~dennis@unaffiliated/dmp/x-546784> has joined #postfix[04:40:13] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[04:45:04] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 255 seconds)[04:49:20] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 276 seconds)[04:51:03] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[05:01:31] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[05:03:07] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[05:08:01] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[05:14:01] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.45> has quit IRC (Read error: Connection reset by peer)[05:23:31] *** BoomerBile <BoomerBile!~MetaPhaze@96-42-197-150.dhcp.roch.mn.charter.com> has quit IRC (Quit: Pidgin ate Hexchat! Now what do I do!?)[05:30:08] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.166.170.42> has joined #postfix[06:03:01] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has quit IRC (Quit: An alternate universe was just created where I didn't leave. But here, I left you. I'm sorry.)[06:04:27] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has joined #postfix[06:10:51] *** gu1lle_1 <gu1lle_1!~Thunderbi@190.7.61.110> has joined #postfix[06:12:38] *** gu1lle_ <gu1lle_!~Thunderbi@186.141.199.129> has quit IRC (Ping timeout: 240 seconds)[06:12:38] *** gu1lle_1 is now known as gu1lle_[06:21:51] *** gu1lle_1 <gu1lle_1!~Thunderbi@190.7.61.110> has joined #postfix[06:24:10] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has quit IRC (Ping timeout: 260 seconds)[06:26:50] *** gu1lle_1 <gu1lle_1!~Thunderbi@190.7.61.110> has quit IRC (Ping timeout: 276 seconds)[06:31:24] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has joined #postfix[06:40:30] *** aqua^c_ <aqua^c_!~aqua@114.111.60.64> has joined #postfix[06:40:49] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC (Read error: Connection reset by peer)[06:40:51] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[06:45:18] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Ping timeout: 256 seconds)[06:46:41] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Read error: Connection reset by peer)[06:49:11] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has quit IRC (Remote host closed the connection)[06:49:36] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has joined #postfix[06:53:47] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has quit IRC (Ping timeout: 240 seconds)[06:54:59] *** BoomerBile <BoomerBile!~MetaPhaze@96-42-197-150.dhcp.roch.mn.charter.com> has joined #postfix[07:01:22] *** aindilis2 <aindilis2!~aindilis@173-165-36-107-Illinois.hfc.comcastbusiness.net> has joined #postfix[07:04:03] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has joined #postfix[07:04:12] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[07:09:04] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[07:25:30] *** gu1lle_1 <gu1lle_1!~Thunderbi@190.7.61.110> has joined #postfix[07:25:52] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has quit IRC (Ping timeout: 255 seconds)[07:25:53] *** gu1lle_1 is now known as gu1lle_[07:30:28] *** gu1lle_ <gu1lle_!~Thunderbi@190.7.61.110> has quit IRC (Remote host closed the connection)[07:50:10] *** uebera|| <uebera||!~ueberall@unaffiliated/ueberall> has quit IRC (Ping timeout: 255 seconds)[07:53:53] *** Niemi <Niemi!niemi@gateway/shell/devio.us/x-uzhbmbbjjqnrpgpc> has joined #postfix[07:55:07] *** uebera|| <uebera||!~ueberall@node1.projektzentrisch.de> has joined #postfix[07:55:07] *** uebera|| <uebera||!~ueberall@node1.projektzentrisch.de> has quit IRC (Changing host)[07:55:07] *** uebera|| <uebera||!~ueberall@unaffiliated/ueberall> has joined #postfix[08:02:18] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[08:05:29] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has joined #postfix[08:14:49] *** funkatronixxx <funkatronixxx!~emiel@a83-161-198-206.adsl.xs4all.nl> has quit IRC (Quit: WeeChat 1.5)[08:52:37] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[08:53:05] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[08:56:15] *** aqua^c_ <aqua^c_!~aqua@114.111.60.64> has quit IRC (Read error: Connection reset by peer)[08:56:31] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Max SendQ exceeded)[08:56:38] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[08:56:53] *** bibble <bibble!~bibble@2607:5300:60:1b0a::1> has joined #postfix[08:57:20] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[09:00:14] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Ping timeout: 276 seconds)[09:01:39] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC ()[09:05:10] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[09:09:40] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[09:10:04] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[09:11:22] *** thms <thms!~thms@gate.nnx.com> has joined #postfix[09:11:22] *** thms <thms!~thms@gate.nnx.com> has quit IRC (Changing host)[09:11:22] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[09:14:32] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[09:14:32] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[09:14:32] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[09:15:48] *** moijk <moijk!~moijk@ti0090a400-4327.bb.online.no> has joined #postfix[09:17:43] <moijk> Hi. I got multiple ips and I want to bind some of them to particular domains when it comes to mail transport. Any have a pointer in that regard?[09:18:09] <moijk> as in mail from the server uses the domains ip for smtp.[09:25:59] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has joined #postfix[09:25:59] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has quit IRC (Changing host)[09:25:59] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has joined #postfix[09:34:26] *** MacWinner <MacWinner!~Blah@192.77.239.202> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[09:38:55] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[09:38:58] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[09:38:58] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[09:41:52] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Client Quit)[09:45:22] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Ping timeout: 255 seconds)[09:46:09] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[09:47:41] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has quit IRC (Read error: Connection reset by peer)[09:48:19] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Max SendQ exceeded)[09:48:22] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has joined #postfix[09:49:08] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[09:52:13] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Max SendQ exceeded)[09:54:21] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has joined #postfix[09:59:45] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has quit IRC (Ping timeout: 258 seconds)[10:00:38] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has joined #postfix[10:07:18] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:08:20] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Client Quit)[10:09:02] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:10:54] <sep> moijk, outgoing ? only an assumption, but i think you would need separate postfix instances bind to that ip you want to use. and use that ip as the smtp relay for the server.[10:11:13] <sep> moijk, perhaps a container or vm would be less hassle then multiple postfix instances.[10:12:46] <pj> you don't need separate instances but you do need to define separate transports for it. You should search the mailing list as this same question has been answered there multiple times.[10:17:55] *** guerilla <guerilla!~mxro@195.13.41.220> has joined #postfix[10:22:46] *** Niemi <Niemi!niemi@gateway/shell/devio.us/x-uzhbmbbjjqnrpgpc> has quit IRC (Quit: Lost terminal)[10:23:12] *** dka_ <dka_!~dka@1.52.58.230> has quit IRC (Ping timeout: 245 seconds)[10:25:47] *** dka_ <dka_!~dka@1.52.58.230> has joined #postfix[10:26:49] *** shal3r <shal3r!~shal3r@80.233.239.138> has quit IRC (Remote host closed the connection)[10:30:09] *** acosonic2_ <acosonic2_!~acosonic@94.247.200.200> has joined #postfix[10:32:48] *** acosonic2 <acosonic2!~acosonic@94.247.200.200> has quit IRC (Ping timeout: 248 seconds)[10:34:53] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:35:28] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 240 seconds)[10:39:01] *** damyan^ <damyan^!damyan@mail.0x4711.org> has quit IRC (Read error: Connection reset by peer)[10:39:02] *** internat <internat!~nf@220-244-85-201.tpgi.com.au> has quit IRC (Ping timeout: 276 seconds)[10:39:50] *** internat <internat!~nf@27-33-20-68.tpgi.com.au> has joined #postfix[10:40:07] *** damyan^ <damyan^!damyan@mail.0x4711.org> has joined #postfix[10:46:27] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[10:49:02] *** mjrc <mjrc!~mjrc@62.72.193.101> has joined #postfix[10:52:56] <f3ew> sep: you can tell smtpd to bind to a specific address[10:53:10] <f3ew> sysmonk: what time are you arriving in BRU?[10:59:37] *** markus_e92 <markus_e92!~markus_e9@91-115-22-129.adsl.highway.telekom.at> has quit IRC (Ping timeout: 255 seconds)[11:00:22] *** g_zen <g_zen!~g_zen@195.24.90.254> has joined #postfix[11:00:30] *** markus_e92 <markus_e92!~markus_e9@91-115-157-124.adsl.highway.telekom.at> has joined #postfix[11:01:24] *** UncleKiwi <UncleKiwi!~UncleKiwi@unaffiliated/unclekiwi> has quit IRC (Remote host closed the connection)[11:05:48] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[11:08:37] *** ploop <ploop!~ploop@unaffiliated/ruukasu> has quit IRC (Ping timeout: 240 seconds)[11:10:16] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[11:11:47] *** froz-gab <froz-gab!~froz-gab@host55-138-dynamic.52-79-r.retail.telecomitalia.it> has joined #postfix[11:12:42] *** eoli3n <eoli3n!~eoli4n@unaffiliated/eolien> has joined #postfix[11:13:51] <eoli3n> hi, i'm trying to send root mail to an external gmail.com address. need i to use a gmail account and gmail smtp as relayhost ? i was wondering if it was possible to send mail as the server directly ?[11:15:41] *** danlii <danlii!~danlii@h-166-17.a357.priv.bahnhof.se> has joined #postfix[11:17:22] <danlii> How would I do to reject incoming emails from entire IP series? I have currently smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/client_access, and in client_access i have stuff like x.x.x.0/24 REJECT, but it doesn't seem to be working, the emails keep coming through.[11:22:58] *** Darcidride <Darcidride!~Darcidrid@qbuissondebon.info> has quit IRC (Quit: Bye.)[11:35:44] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Read error: Connection reset by peer)[11:40:53] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has joined #postfix[11:41:57] <Zerberus> danlii: the order of smtpd_mumble_restrictions matters[11:42:30] <Zerberus> eoli3n: not a good idea to transport root's mails to an external hop[11:44:34] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[11:44:34] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[11:44:34] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[11:48:33] <f3ew> eoli3n: you can send directly[11:49:37] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Ping timeout: 240 seconds)[11:49:39] <f3ew> danlii: you need cidr:/ not hash:/[11:49:51] <f3ew> hash:/ matches an exact key[11:50:02] <f3ew> So you could use x.x.x REJECT[11:50:39] *** mikecmpb_ <mikecmpb_!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[11:52:22] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[11:56:36] <danlii> f3ew: Yup, that did it. Thanks a lot! :)[11:56:40] <sysmonk> f3ew: in BRU now[11:57:00] <sysmonk> arrived at 9:30 local time, but was at the airport untill 11[11:57:24] <sysmonk> you?[11:58:01] *** danlii <danlii!~danlii@h-166-17.a357.priv.bahnhof.se> has quit IRC (Quit: Time wasted on IRC: 42 minutes 55 seconds)[11:59:51] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has quit IRC (Remote host closed the connection)[12:00:11] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has joined #postfix[12:00:11] *** golden_receiver <golden_receiver!~andry@b2b-78-94-14-194.unitymedia.biz> has quit IRC (Changing host)[12:00:11] *** golden_receiver <golden_receiver!~andry@unaffiliated/golden-receiver/x-4949035> has joined #postfix[12:00:20] <f3ew> sysmonk: I'm at the postgresql fosdem days event at Mariott, and will be at the IBIS off grande place after about 1800[12:00:34] <f3ew> Where are you staying[12:00:35] <f3ew> ?[12:03:41] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[12:04:22] <sysmonk> good question :)[12:04:39] <sysmonk> need to find out :)[12:06:14] <sysmonk> somewhere out here https://goo.gl/maps/4QdyT8CBfA62[12:06:48] <sysmonk> i'm planning to work for a few hours, and go delirium at around 1900[12:07:14] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[12:07:44] *** Section1 <Section1!~section1@190.195.71.40> has joined #postfix[12:08:37] <sysmonk> f3ew: can meet up at Delirium, if you're going there[12:09:07] <f3ew> I am going there[12:09:12] <sysmonk> to drink a few beers for the dead (sendmail, qmail)[12:09:12] <sysmonk> :)[12:09:31] <f3ew> Just trying to figure out if we can meet before the insane crowd event[12:10:10] <sysmonk> what crowd? those few thousands people in 100 sqm room?[12:10:11] <sysmonk> ;)[12:11:06] <f3ew> Yes[12:11:17] <f3ew> Finding people in that crowd is a bit hard[12:11:40] <sysmonk> true, and finding place to sit down too[12:12:04] <sysmonk> f3ew: maybe we should /query rather than #postfix :)[12:12:21] <f3ew> Unless other people from here want to join us[12:12:40] <sysmonk> is there anyone else who's coming to fosdem?[12:22:12] *** acosonic2_ <acosonic2_!~acosonic@94.247.200.200> has quit IRC (Remote host closed the connection)[12:32:40] <guerilla> Hi folks, sorry for my very basic questions about this milter and the necessary configuration to bind to the MTA. I’m very new in this field, but i searched the whole week for a solution and look at so much howtos, threads and other stuff. Please help me with this. My situation at the moment: My main goal is to add two headers on outbound mails which are send over postfix. First i try this with the postfix feature header_checks and the PREPEND a[12:32:40] <guerilla> (System is CentOS7)[12:32:40] <guerilla> Configuration files:[12:32:40] <guerilla> ######## #main.cf# ################################[12:32:40] <guerilla> smtpd_milters = inet:127.0.0.1:10025[12:32:40] <guerilla> ################################ ######################## #/etc/mail/mimedefang-filter# ######################################################################## sub filter_end { if ( $Sender =~ /^<?noreply at domain-part dot tld>?$/i ) { action_add_header("X-Auto-Response-Suppress", "DR,RN,NRN,OOF,AutoReply"); action_add_header("Precedence", "list"); } } 1; ############################[12:33:35] <guerilla> ################################[12:33:35] <guerilla> ######################## #/etc/mail/mimedefang-filter# ########################################################################[12:33:35] <guerilla> sub filter_end { if ( $Sender =~ /^<?noreply at domain-part dot tld>?$/i )[12:33:35] <guerilla> {[12:33:35] <guerilla> action_add_header("X-Auto-Response-Suppress", "DR,RN,NRN,OOF,AutoReply");[12:33:35] <guerilla> action_add_header("Precedence", "list"); } } 1;[12:33:35] <guerilla> ########################################################################[12:37:34] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Ping timeout: 264 seconds)[12:38:40] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 248 seconds)[12:43:12] *** pti-jean_ <pti-jean_!~quassel@232.29.124.78.rev.sfr.net> has joined #postfix[12:43:59] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[12:43:59] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[12:43:59] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[12:51:36] *** TyrfingMjolnir <TyrfingMjolnir!~Tyrfing@62.92.82.250> has quit IRC (Quit: leaving)[12:52:07] *** TyrfingMjolnir <TyrfingMjolnir!~Tyrfing@62.92.82.250> has joined #postfix[12:57:45] *** dka__ <dka__!~dka@1.52.58.230> has joined #postfix[12:57:45] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[13:01:18] *** phunyguy <phunyguy!~torpedo@ubuntu/member/phunyguy> has quit IRC (Read error: Connection reset by peer)[13:02:39] *** Deathrattle <Deathrattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has joined #postfix[13:05:19] *** phunyguy <phunyguy!~torpedo@ubuntu/member/phunyguy> has joined #postfix[13:05:23] *** Deathrattle <Deathrattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has quit IRC (Read error: Connection reset by peer)[13:06:33] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[13:11:19] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[13:44:43] *** ploop <ploop!~ploop@unaffiliated/ruukasu> has joined #postfix[13:48:01] *** thms <thms!~thms@gate.nnx.com> has joined #postfix[13:48:01] *** thms <thms!~thms@gate.nnx.com> has quit IRC (Changing host)[13:48:01] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[13:51:22] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[13:51:24] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has joined #postfix[14:05:46] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[14:16:25] <thumbs> you should flood more[14:23:28] *** Cuzner <Cuzner!~ccuzner@192-0-132-105.cpe.teksavvy.com> has quit IRC (Ping timeout: 255 seconds)[14:30:39] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has joined #postfix[14:32:01] *** ld50 <ld50!~quassel@2001:41d0:8:baae::bad:deed> has quit IRC (Remote host closed the connection)[14:33:22] *** higuita <higuita!~higuita@2a01:240:fe00:82a7:ec72:50ff:fe96:f291> has quit IRC (Quit: WeeChat 1.7)[14:35:00] *** higuita <higuita!~higuita@2a01:240:fe00:82a7:ec72:50ff:fe96:f291> has joined #postfix[14:58:05] *** Deathrattle <Deathrattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has joined #postfix[15:07:00] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has quit IRC (Remote host closed the connection)[15:07:24] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[15:09:53] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:11:55] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[15:25:55] *** Cuzner <Cuzner!~ccuzner@74.117.140.46> has joined #postfix[15:38:08] *** angryjohnnie <angryjohnnie!~textual@static-173-49-3-242.phlapa.fios.verizon.net> has joined #postfix[16:04:04] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:08:44] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has left #postfix[16:08:52] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:09:05] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has left #postfix[16:09:53] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:10:26] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has quit IRC (Quit: "!welcome not working and not working a topic link")[16:10:40] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:11:58] *** natan <natan!natan@host74-89-206-40.limes.com.pl> has quit IRC (Remote host closed the connection)[16:15:08] *** natan64 <natan64!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:16:18] *** natan64 <natan64!natan@host74-89-206-40.limes.com.pl> has left #postfix[16:16:28] *** natan_ <natan_!natan@host74-89-206-40.limes.com.pl> has joined #postfix[16:16:35] <natan_> !welcome[16:16:35] <knoba> natan_: "welcome" : Welcome to #postfix! If you're new here, or to IRC, first read the channel topic (/topic). It has important instructions on how to ask good questions. You will get more and better help if you follow those instructions. Good Luck![16:16:47] <natan_> :)[16:17:01] <natan_> ehlo localhost[16:20:32] <natan_> i have a problem in postfix but i dont known where[16:20:34] <natan_> https://groups.google.com/forum/?hl=pl#!topic/list.postfix.users/60OR8E6QytY[16:20:43] <rob0> !tell guerilla getting_help[16:20:43] <knoba> guerilla: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[16:20:46] <natan_> any ide ?[16:21:11] <natan_> !pastebin[16:21:11] <knoba> natan_: "pastebin" : a pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, or pastebin.ca. Please avoid ad-supported sites such as pastebin.com if possible.[16:21:57] <rob0> guerilla, no more flooding, make a pastebin. As best I can guess from your flooding, you're confused about smtpd vs. non-smtpd mail (such as sendmail-submitted.)[16:22:08] <rob0> !non_smtpd_milters[16:22:08] <knoba> rob0: "non_smtpd_milters" : a list of milter (mail filter) applications for new mail that does not arrive via the postfix smtpd(8) server. this includes local submission via the sendmail(1) command line, new mail that arrives via the postfix qmqpd(8) server, and old mail that is re-injected into the queue with postsuper -r . specify space or comma as separator. see the milter_readme document for details[16:22:27] <natan_> sorry -> https://dpaste.de/EbEP[16:25:44] <rob0> The format of "delays" logging is in the postconf(5) manual, have you seen that already?[16:26:02] <rob0> also,[16:26:13] <rob0> !enable_long_queue_ids[16:26:13] <knoba> rob0: "enable_long_queue_ids" : Enable long, non-repeating, queue IDs (queue file names). The benefit of non-repeating names is simpler logfile analysis and easier queue migration (there is no need to run postsuper to change queue file names that don't match their message file inode number). See http://www.postfix.org/postconf.5.html#enable_long_queue_ids[16:26:19] <rob0> enable_long_queue_ids=yes[16:26:50] <guerilla> ok guys sorry for that, here is my pastebin:[16:26:50] <guerilla> http://dpaste.com/0XYGE7S[16:27:14] *** Death_rattle <Death_rattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has joined #postfix[16:27:28] <natan_> rob0 i read doc about delays[16:27:52] <natan_> and in pastebin i put more info[16:29:12] <guerilla> rob0: dont get it. what you mean that i maybe confused about non smtpd and non-smtpd mails?[16:29:32] *** Deathrattle <Deathrattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 256 seconds)[16:31:14] <rob0> Did you read the !non_smtpd_milters factoid I tried to show you?[16:32:45] <rob0> BTW, disable verbose logging, you do not need it and it will only make you more confused.[16:32:56] <rob0> !verbose[16:32:56] <knoba> rob0: "verbose" : You probably do not need verbose logging, but in very rare cases, the extra detail might assist in debugging. To set verbose logging, add a -v after the command name (such as smtpd) in master.cf, then 'postfix reload' after that[16:34:06] <natan_> guerilla in main.cf use:[16:34:11] <natan_> debug_peer_list = your ip[16:34:13] <natan_> for debug[16:34:18] <rob0> NO[16:34:19] <natan_> or -v in master.cf[16:34:24] <rob0> absolutely NOT[16:34:27] <natan_> why ?[16:34:51] <rob0> Did you read what I already said about it?[16:35:54] <natan_> sometime verbose give you resolv problem[16:36:12] <natan_> or strace[16:36:35] <rob0> guerilla, another thing, it sounds like you know next to nothing about email, and yet have been charged to send bulk mail? Consider outsourcing that:[16:36:39] <rob0> !esp[16:36:39] <knoba> rob0: "esp" : Email Service Provider[16:37:09] <rob0> natan_, that is correct, sometimes it can help, but not in this case.[16:38:35] <rob0> guerilla, in no particular order I'd suggest you look at Sendgrid, Mailchimp or Constant Contact as ESPs.[16:40:37] <natan_> rob0 i read about enable_long_queue_ids[16:40:54] <natan_> change from default no to yes[16:41:14] <natan_> and timing is better[16:41:26] <rob0> that wouldn't affect timing[16:41:38] <rob0> but it helps in troubleshooting[16:41:56] <natan_> delay=7.1, delays=0.05/0/7/0.01delay=3.1, delays=0.05/0/3/0.01[16:42:39] <natan_> delay=0.07, delays=0.05/0/0.01/0.01 delay=3.1, delays=0.05/0/3/0.01[16:42:57] <natan_> maby this is correct options[16:42:59] <rob0> Your timing might be related to content filtering? Your pastebin was incomplete. Also, why reduce maximal_queue_lifetime?[16:45:13] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Remote host closed the connection)[16:50:26] <guerilla> rob0: what did you mean with look at others email service providers? my problem occurs at the moment at a company which sends mails over postfix as an MTA and then it transfers the mail to a mail gateway in the DMZ[16:51:48] <guerilla> thanks for the info about debugging. i will delete the option. i must go step by step through the analysis and yes im a generalist in my company, have to do with everything which is manageable in a technical way ;-)[16:58:20] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[17:00:02] *** dka__ <dka__!~dka@1.52.58.230> has quit IRC (Remote host closed the connection)[17:00:02] *** dka_ <dka_!~dka@1.52.58.230> has quit IRC (Remote host closed the connection)[17:00:20] *** dka <dka!~dka@1.52.58.230> has joined #postfix[17:04:33] <natan_> rob0 in pastebin i write info "this server is for outgoing only"[17:08:16] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[17:12:35] *** natan_ is now known as natan64[17:12:38] <natan64> ok[17:12:51] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC (Remote host closed the connection)[17:12:58] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[17:23:01] <natan64> rob0 maximal_queue_lifetime=24h[17:23:20] <natan64> and this is correct for me[17:29:05] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[17:37:11] *** synthroid <synthroid!~synthroid@208.167.254.56> has joined #postfix[17:47:38] *** Gazoo <Gazoo!~Gazoo@207.81.151.208> has joined #postfix[18:00:49] *** g_zen <g_zen!~g_zen@195.24.90.254> has quit IRC (Read error: Connection reset by peer)[18:09:07] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 240 seconds)[18:23:04] *** hydrian <hydrian!~hydrian@c-73-16-53-87.hsd1.ct.comcast.net> has quit IRC (Disconnected by services)[18:23:32] *** hydrian <hydrian!~hydrian@c-73-16-53-87.hsd1.ct.comcast.net> has joined #postfix[18:24:06] *** hydrian is now known as Guest69620[18:24:40] *** Belgarath <Belgarath!nobody@banda.pl> has quit IRC (Ping timeout: 240 seconds)[18:30:48] *** Belgarath <Belgarath!nobody@banda.pl> has joined #postfix[18:33:39] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.11.132> has joined #postfix[18:34:03] *** samy1028b <samy1028b!~samy1028c@63.251.72.10> has quit IRC (Ping timeout: 245 seconds)[18:37:04] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 248 seconds)[18:53:10] *** rsx <rsx!~dummy@ppp-93-104-34-9.dynamic.mnet-online.de> has joined #postfix[18:55:40] *** fling <fling!~fling@fsf/member/fling> has quit IRC (Ping timeout: 240 seconds)[18:56:03] *** RobertLaptop_ <RobertLaptop_!~rmiddle@mail.middleswarth.net> has quit IRC (*.net *.split)[18:56:03] *** mungustas <mungustas!~arnas@92.61.33.111> has quit IRC (*.net *.split)[18:56:10] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (*.net *.split)[18:56:10] *** ColtonDRG <ColtonDRG!~coltondrg@derpyhooves.xyz> has quit IRC (*.net *.split)[18:56:10] *** nihe_ <nihe_!nihe@sakura.kontei.se> has quit IRC (*.net *.split)[18:56:10] *** survietamine <survietamine!~vnvu@mxfr2-m1.mcra.iliadgroupe.fr> has quit IRC (*.net *.split)[18:56:10] *** Pepe_ <Pepe_!~ppjet@anderith.bouah.net> has quit IRC (*.net *.split)[18:56:10] *** liviud <liviud!~liviud@pho.ldcore.com> has quit IRC (*.net *.split)[18:56:13] *** Death_rattle_ <Death_rattle_!~death@p200300868A2207010000000000000001.dip0.t-ipconnect.de> has joined #postfix[18:56:14] *** RobertLaptop <RobertLaptop!~rmiddle@mail.middleswarth.net> has joined #postfix[18:56:19] *** nihe <nihe!nihe@sakura.kontei.se> has joined #postfix[18:56:19] *** Pepe_ <Pepe_!~ppjet@anderith.bouah.net> has joined #postfix[18:56:20] *** dh <dh!dh@bsd.ee> has quit IRC (*.net *.split)[18:56:20] *** darkavenger_afk <darkavenger_afk!~sacha16@82.196.15.101> has quit IRC (*.net *.split)[18:56:20] *** Tykling <Tykling!tykling@gibfest.dk> has quit IRC (*.net *.split)[18:56:21] *** patsToms <patsToms!~patsToms@tzt.lv> has quit IRC (*.net *.split)[18:56:21] *** temikus <temikus!~temikus@do.saragosa.tv> has quit IRC (*.net *.split)[18:56:21] *** pelegreno <pelegreno!~cinch@107.170.175.57> has quit IRC (*.net *.split)[18:56:21] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has quit IRC (*.net *.split)[18:56:21] *** awpti- <awpti-!~awpti@awpti.org> has quit IRC (*.net *.split)[18:56:22] *** liviud <liviud!~liviud@pho.ldcore.com> has joined #postfix[18:56:22] *** ColtonDRG <ColtonDRG!~coltondrg@derpyhooves.xyz> has joined #postfix[18:56:26] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[18:56:27] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[18:56:31] *** amospalla <amospalla!~amospalla@unaffiliated/amospalla> has quit IRC (*.net *.split)[18:56:31] *** trn <trn!jhj@prone.ws> has quit IRC (*.net *.split)[18:56:32] *** spY|da <spY|da!~spychodel@owncloud.linuxjunkies.de> has quit IRC (*.net *.split)[18:56:33] *** dh <dh!dh@bsd.ee> has joined #postfix[18:56:34] *** temikus <temikus!~temikus@do.saragosa.tv> has joined #postfix[18:56:39] *** spY|da <spY|da!~spychodel@owncloud.linuxjunkies.de> has joined #postfix[18:56:48] *** darkavenger_afk <darkavenger_afk!~sacha16@82.196.15.101> has joined #postfix[18:56:48] *** mungustas <mungustas!~arnas@92.61.33.111> has joined #postfix[18:56:49] *** trn <trn!jhj@prone.ws> has joined #postfix[18:56:52] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[18:56:58] *** awpti <awpti!~awpti@awpti.org> has joined #postfix[18:57:02] *** patsToms <patsToms!~patsToms@tzt.lv> has joined #postfix[18:57:08] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has joined #postfix[18:57:26] *** amospalla <amospalla!~amospalla@unaffiliated/amospalla> has joined #postfix[18:57:31] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[18:57:32] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[18:58:14] *** Death_rattle <Death_rattle!~death@p200300868A2AB8010000000000000006.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 276 seconds)[18:58:37] *** pelegreno <pelegreno!~cinch@107.170.175.57> has joined #postfix[18:59:46] *** ggherdov <ggherdov!sid11402@gateway/web/irccloud.com/x-ebfgrhnvlnohomch> has quit IRC (Ping timeout: 264 seconds)[18:59:48] *** dan_j <dan_j!sid21651@gateway/web/irccloud.com/x-rjrvlieozkrrrost> has quit IRC (Ping timeout: 240 seconds)[19:01:30] *** dan_j <dan_j!sid21651@gateway/web/irccloud.com/x-eljuxkirbmdjvyus> has joined #postfix[19:01:32] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:01:33] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:02:04] *** Tykling <Tykling!tykling@gibfest.dk> has joined #postfix[19:02:21] *** ggherdov <ggherdov!sid11402@gateway/web/irccloud.com/x-uqcwaolfjoznknsu> has joined #postfix[19:02:22] *** survietamine <survietamine!~vnvu@mxfr2-m1.mcra.iliadgroupe.fr> has joined #postfix[19:04:34] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:04:35] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:05:08] *** ggherdov <ggherdov!sid11402@gateway/web/irccloud.com/x-uqcwaolfjoznknsu> has quit IRC (Excess Flood)[19:05:34] *** PHPanos <PHPanos!~textual@h-55-226.a137.corp.bahnhof.se> has quit IRC (Quit: My Mac has gone to sleep. ZZZzzz…)[19:06:04] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:06:05] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:06:17] *** ggherdov <ggherdov!sid11402@gateway/web/irccloud.com/x-mhcqfxqgyybdnnbo> has joined #postfix[19:09:22] *** mjrc <mjrc!~mjrc@62.72.193.101> has quit IRC (Ping timeout: 264 seconds)[19:09:34] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:09:35] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:13:52] *** gabizou <gabizou!~gabizou@e3-1270v3.bl-ash0.1.1.2.10.k8.securedservers.com> has quit IRC (Ping timeout: 248 seconds)[19:14:10] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:14:10] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:14:11] *** gabizou <gabizou!~gabizou@irc.spongepowered.org> has joined #postfix[19:17:52] *** Death_rattle_ <Death_rattle_!~death@p200300868A2207010000000000000001.dip0.t-ipconnect.de> has quit IRC (Quit: bye)[19:18:36] *** cferry <cferry!~cferry@162.243.13.235> has quit IRC (*.net *.split)[19:21:24] <ponyofdeath> rob0: thanks, i had to tweak dovecot to only use the first part of the email as a username[19:23:01] *** cferry <cferry!~cferry@162.243.13.235> has joined #postfix[19:27:33] <tuxick> huh?[19:27:46] *** GBrawl <GBrawl!~Fre@ptr-560asromevqc32bgoog.18120a2.ip6.access.telenet.be> has joined #postfix[19:30:14] <rob0> a Dovecot userdb lookup was using localpart@domain but needed to be just the localpart[19:31:11] <ponyofdeath> yup specifically this auth_username_format = %n[19:31:24] <rob0> that's the reason I have not yet implemented LMTP at my own site: it only works with all system accounts or all virtual accounts[19:31:25] <ponyofdeath> switched from procmail to dovecot-lta[19:31:59] <rob0> Dovecot has not implemented something comparable to Postfix's $mydestination[19:32:21] <tuxick> defaultdomain?[19:32:31] <tuxick> maybe i misunderstand[19:33:14] <rob0> LMTP would have to discard a domain, and last I looked, it can't[19:39:51] *** pti-jean_ <pti-jean_!~quassel@232.29.124.78.rev.sfr.net> has quit IRC (Read error: Connection reset by peer)[19:43:24] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:43:25] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:44:02] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[19:44:03] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[19:49:34] *** dka <dka!~dka@1.52.58.230> has quit IRC (Ping timeout: 256 seconds)[19:52:46] *** dka <dka!~dka@1.52.58.230> has joined #postfix[19:54:32] *** xcrracer <xcrracer!~xcrracer@unaffiliated/xcrracer> has quit IRC (Quit: Frextual IRC Client: www.frextualapp.com)[19:54:54] *** xcrracer <xcrracer!~xcrracer@unaffiliated/xcrracer> has joined #postfix[19:55:05] *** xcrracer <xcrracer!~xcrracer@unaffiliated/xcrracer> has quit IRC (Remote host closed the connection)[19:59:34] *** Section1 <Section1!~section1@190.195.71.40> has quit IRC (Quit: Leaving)[20:00:02] *** dka <dka!~dka@1.52.58.230> has quit IRC (Max SendQ exceeded)[20:00:48] *** sphenxes02 <sphenxes02!~sphenxes@192-164-129-138.hdsl.highway.telekom.at> has joined #postfix[20:04:25] *** sphenxes01 <sphenxes01!~sphenxes@85-90-135-164.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 255 seconds)[20:05:11] *** sphenxes <sphenxes!~sphenxes@85-90-135-164.hdsl.highway.telekom.at> has quit IRC (Ping timeout: 276 seconds)[20:05:18] *** sphenxes <sphenxes!~sphenxes@192-164-129-138.hdsl.highway.telekom.at> has joined #postfix[20:26:50] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[20:26:53] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[20:32:15] *** Qommand0r <Qommand0r!~HENKiE@unaffiliated/schaap137> has joined #postfix[20:32:22] *** Qommand0r <Qommand0r!~HENKiE@unaffiliated/schaap137> has quit IRC (Client Quit)[20:33:47] *** SCHAAP137 <SCHAAP137!~schapie@unaffiliated/schaap137> has quit IRC (Read error: Connection reset by peer)[20:35:35] *** Qommand0r <Qommand0r!~HENKiE@unaffiliated/schaap137> has joined #postfix[20:39:46] *** SCHAAP137 <SCHAAP137!~schapie@unaffiliated/schaap137> has joined #postfix[20:48:51] *** synthroid <synthroid!~synthroid@208.167.254.56> has quit IRC (Remote host closed the connection)[20:56:03] *** synthroid <synthroid!~synthroid@208.167.254.244> has joined #postfix[21:12:55] *** GBrawl <GBrawl!~Fre@ptr-560asromevqc32bgoog.18120a2.ip6.access.telenet.be> has quit IRC (Quit: (null))[21:26:12] *** draynium <draynium!U2FsdGVkX1@ma.sdf.org> has quit IRC (Read error: Connection reset by peer)[21:39:23] *** rsx <rsx!~dummy@ppp-93-104-34-9.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)[21:42:57] *** gu1lle_1 <gu1lle_1!~Thunderbi@190.18.11.132> has joined #postfix[21:44:28] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.11.132> has quit IRC (Ping timeout: 240 seconds)[21:44:28] *** gu1lle_1 is now known as gu1lle_[21:53:11] *** mactimes_ is now known as mactimes[21:59:16] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[22:10:41] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[22:14:40] *** Cuzner <Cuzner!~ccuzner@74.117.140.46> has quit IRC (Ping timeout: 248 seconds)[22:17:47] *** Robby <Robby!robby@2001:470:d19b::701> has quit IRC (Ping timeout: 252 seconds)[22:19:46] *** Robby <Robby!robby@2001:470:d19b::701> has joined #postfix[22:25:16] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Remote host closed the connection)[22:31:33] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[22:31:34] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has quit IRC (Max SendQ exceeded)[22:34:54] *** synthroid <synthroid!~synthroid@208.167.254.244> has quit IRC ()[22:43:08] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Ping timeout: 276 seconds)[22:43:21] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[22:45:57] *** luxifer <luxifer!~luxifer@94.16.85.141> has joined #postfix[22:46:36] <luxifer> Hey: quick question: is there any security drawbacks by adding my.pub.lic.ip/32 to mynetworks in addition to 127.0.0.0/8?[22:47:02] <luxifer> I recon this should be fine and I should not end up with an open relay but I feel a bit uneasy about this nevertheless[22:47:29] <rob0> well, I don't really advocate allowing relay by IP, even for the local machine[22:47:34] <lunaphyte> mynetworks should be empty[22:47:44] <lunaphyte> !tell luxifer goal[22:47:44] <knoba> luxifer: "goal" : describe your goal, not what you think the solution is[22:48:26] <rob0> You're right, it makes no difference, but why would you want to do this?[22:49:03] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[22:49:38] *** varesa <varesa!~varesa@ec2-52-49-18-111.eu-west-1.compute.amazonaws.com> has joined #postfix[22:51:20] <luxifer> I want to allow my localhost to send mail without authentication... the machine is not shared with anyone and I'm quite anal about keeping the setup lean and patched so I don't really worry about malware abusing that possibility[22:51:37] <luxifer> that's why I allow relaying from the local machine[22:51:37] <rob0> there's always[22:51:42] <luxifer> the catch though is[22:51:47] <rob0> !mynetworks_style[22:51:47] <knoba> rob0: "mynetworks_style" : a configuration parameter in the main.cf: The method to generate the default value for the mynetworks parameter. This is the list of trusted networks for relay access control etc.[22:51:55] <lunaphyte> i'd still use auth. there's more to it than what you're considering.[22:52:41] <luxifer> lunaphyte, I'd be glad to learn something new then... what am I missing?[22:53:31] <lunaphyte> it's never really been about malware [other than indirectly][22:53:46] <lunaphyte> it's about a service orientied architecture, and modularity[22:53:52] <lunaphyte> *oriented[22:54:08] <lunaphyte> consistency as well[22:54:25] <lunaphyte> having one host be "special" just because of the circumstances is not good sysadmin practice[22:55:08] <rob0> Of course a local process can always use sendmail(1) (offer void where taxed or prohibited, or if the user isn't in authorized_submit_users), but even that can make it difficult to track down a rogue process.[22:55:16] <luxifer> lunaphyte, I would generally agree with you on the last sentence[22:55:43] <lunaphyte> it's especially pertinent as soon as you have more than one application.[22:55:50] <rob0> For example, we see oodles of people here who are spewing spam from the user which runs their httpd[22:56:01] <lunaphyte> and even when you don't, structure and framework is always the right way[22:56:59] <rob0> sendmail tells you which user it was, but not which HTTP+php script is compromised by spammers[22:57:26] *** Robby <Robby!robby@2001:470:d19b::701> has quit IRC (Ping timeout: 276 seconds)[22:58:20] <JPT> (in case of php sending mail, there is an option in php.ini to log mail() calls into a file. This contains file+line aswell, so it might be useful. :)[22:58:24] <luxifer> lunaphyte, that all sounds pretty ideologic to me... I'm going a pragmatic route with this server though... It's my personal server so no customers harmed due to my ignorance ;) rob0 my web server isn't public either... well... it serves content publicly but nobody but me controls that content[22:58:48] <lunaphyte> it's also about more than just customers too[22:58:56] *** Robby <Robby!robby@2001:470:d19b::701> has joined #postfix[22:59:05] <thumbs> luxifer: that's also a wrong assumption - your server could be spamming mine if someone finds a way to abuse it![22:59:46] <luxifer> thumbs, if someone finds a way into my server to use the local mta to abuse yours with spam then chances are very high they could as well change my postfix config[23:00:02] <rob0> Static HTTP content is much less likely to be compromised than PHP, of course.[23:00:36] <luxifer> rob0, granted.. I'm running an owncloud, which is a bit worriesome[23:00:52] <rob0> So anyway ... what processes do you anticipate to be sending mail?[23:01:06] <luxifer> cron, owncloud, gogits[23:01:21] <luxifer> and maybe scripts I write if I need to send mail[23:01:23] <rob0> cron is going to send mail to you[23:01:44] <luxifer> also aliases which eventually relay all mail to my gmail address[23:01:46] <rob0> and it's probably using sendmail[23:01:53] <rob0> oh yuck[23:02:02] <rob0> !mantras[23:02:02] <knoba> rob0: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls. 4. do not forward mail to outside/third party systems[23:02:38] <rob0> When you get spammed and forward that spam to gmail, gmail will mark you as a spammer, and block you.[23:03:20] <rob0> I've heard from other gmail users that gmail can pull from you, using pop3. That's much safer.[23:03:36] <lunaphyte> and even when you don't get spammed, it just isn't possible any more[23:03:39] <rob0> another option would be to pay them to host your mail[23:03:43] <lunaphyte> mail will get rejected/lost[23:04:06] <luxifer> lunaphyte, you mean after having been blocked?[23:04:31] <luxifer> and even if I'm only spamming my very own mailbox at gmail?[23:05:07] <lunaphyte> it's not you[23:05:09] <JPT> gmail does not know or care that it is "your own mailbox" you are spamming[23:05:11] <rob0> gmail has no way to know it's you[23:05:22] <rob0> it is THEIR mailbox, not yours[23:05:28] <lunaphyte> forwarded mail doesn't come from you[23:05:35] <luxifer> but gmail has a way of knowing that from a certain source only exactly one mailbox gets spammed[23:05:47] <luxifer> spammers usually don't target exclusively one mailbox[23:05:56] <JPT> but phishers might[23:06:08] <rob0> we see lots of them who come here and ask why gmail blocks their forwarded spam[23:06:41] <luxifer> rob0, have they verified it didn't end up in their spam folder only?[23:07:34] <rob0> we've heard of all cases: rejected mail, spam-foldered, and discarded[23:08:04] <luxifer> but yeah... pop3 seems like a good way... *sigh* that also means virtual accounts and an additional daemon to install, configure, secure, run and maintain... that's something I'd like to avoid for my simple requirements[23:08:28] <JPT> simple requirements don't imply simple solutions. sadly. :/[23:08:50] <rob0> well, it need not be virtual, but you're right, I wouldn't share my user password with gmail[23:10:16] <rob0> you could forward things to another system user account, disable the shell for that account[23:10:18] <luxifer> JPT, I know. But one has to weight the possible risks of all alternatives. More complexity always adds more things that could go wrong and usually more code one needs to run and keep up-to-date.[23:12:04] <luxifer> rob0, that would be a possibility for sure... but something feels wrong about this to me... don't yet know what exactly though...[23:12:11] <JPT> Of course, the safest bet would be to not run a computer at all. But that's not fun. :) Perhaps there is a very lightweight pop3 server for exactly that kind of 'simple' setup with less code than a full dovecot.[23:13:04] <luxifer> JPT, sure... and it will be not as well documented and maintained as dovecot and will have way less people knowledgeable about it ;)[23:13:46] <JPT> Perhaps. But i don't know if i would consider that 'good' or 'not so good'.[23:14:22] <luxifer> JPT, because there is no way of knowing that... could be either or - in parts - both[23:15:01] <JPT> I never read the whole linux kernel source code to begin with. I'm a bad sysadmin. I trust way too many components.[23:16:32] <JPT> Well, i wish you best of luck to find the setup that fits your needs and likings :)[23:16:53] <luxifer> JPT, no need for sarcasm... the linux kernel gets way more exposure from both bad guys and FTEs of large companies maintaining and improving it as well as a large community actively working towards it being a quality product than some obscure pop3 server[23:17:46] <luxifer> and even components you think must be secure because they've been around forever and basically the whole internet relies on them can fail miserably... we've seen that with openssl not too long ago, didn't we?[23:18:46] <qtch> hi, any tips how can I prevent accepting messages to user@[inet_addr] even when mydestination is set to null?[23:19:49] <luxifer> thanks for wishing me luck though... but, you see, that's why I'm coming to IRC... to get some other expert perspectives... to have an active discussion about pros and cons of different approaches[23:20:57] <JPT> luxifer: Sure thing :) That wasn't even sarcasm - it's more the part of desperation within me that fears the worst. The other part of me hopes for the best and puts a lot of trust in the good people working on open source projects. :)[23:23:38] <JPT> luxifer: If you enjoy experts opinions about mail (postfix), consider staying here. It's always a good read and i learn a lot of things.[23:25:41] <luxifer> JPT, I feel you... and I'll make that channel one of my defaults for joining. But I tend to only go to IRC when I need something :-O or when I really have time to kill and aren't looking to play any games or so... which is a super rare occasion :D[23:25:53] <luxifer> *sigh*[23:25:54] <luxifer> hm[23:25:55] <JPT> luxifer: Less games, more fun :)[23:26:37] <JPT> qtch: Not sure if i understand your situation/setup, but why is mydestination set to null? What is your postfix supposed to do?[23:26:45] <luxifer> depends on the games... there's so many good ones... and I don't even mean the latest ones necessarily[23:26:56] <rob0> anyway, I bet all your local processes are using sendmail, and thus the whole discussion was moot[23:27:02] <JPT> qtch: Also, log+config might be helpful. See the topic on how to get those[23:27:49] <rob0> qtch, who/what is sending such mail to you?[23:28:44] <luxifer> rob0, well they could, yeah... but again: I'm not worried about abuse from rougue processes on the server... however, the prospect of getting permanently blocked by gmail for relaying spam to my mailbox there really does give me something to think[23:29:06] <pj> luxifer: there is probably a way with dovecot to set up pop3 access to your mailbox that does not use your system username and password.[23:29:36] <luxifer> pj yes there is... it's virtual mailboxes and adds yet more complexity :D[23:29:42] <pj> and yeah, from gmail's persepctive if you relay spam to then you're a spammer.[23:29:43] <rob0> they [gmail] MIGHT let you slide if you use submission and authenticate[23:30:15] <rob0> if it's provably coming FROM you and only going TO you, that must mean you want it[23:30:23] <pj> rob0: or they might block the account entirely because they think it has compromised credentials and is relaying spam.[23:30:45] <rob0> yeah, I don't know, not a gmail user[23:30:55] <luxifer> pj, rob0 that wouldn't work anyway by default[23:31:08] <luxifer> at least I think so[23:31:12] <pj> do keep in mind that there isn't a human being monitoring your individual google account to make common sense decisions on it, it's all machine algorythms, and those algorythms may not take your particular situation into account.[23:31:23] <luxifer> e.g. for imap access you cannot use username/password by default any more[23:31:39] <luxifer> so I would think the same is true for smtp... but maybe it's not[23:31:57] <luxifer> pj, I'm actually counting on those algorithms[23:32:04] <pj> huh? what is taht supposed to mean? I can access my google account via smtp and imap with no issues at all.[23:32:52] <luxifer> pj if your app uses oauth or if you've disabled that "security" setting, then yeah... imap will work[23:32:54] <qtch> rob0: nobody - I'm just worried about it is possible to send message to such recipient[23:32:56] <pj> luxifer: yes, but you're counting on them to do what you think they should do for your particular use case, but they weren't written for you.[23:33:24] <luxifer> try connecting outlook to a newly created gmail account and it will tell you gmail blocked the request because it sees it as "insecure" application for using username/password ;)[23:33:27] <pj> luxifer: my "app" is thunderbird, and it connects to google just fine via IMAP.[23:33:38] <pj> I'm pretty sure it doesn't use oauth[23:34:57] <luxifer> then you've probably have allowed access for "less secure" apps or that setting wasn't changed for you when it was introduced[23:35:29] <qtch> JPT: I have set up virtual configuration and local for internal users - I'm too lazy to make it as separate instances so I cut off (local recipents) using access(5)[23:35:38] <luxifer> and the rationale about the algos that I would like to hope for is that they do not flag me as a spammer because the spam is directed at exactly one inbox (mine)...[23:35:41] <luxifer> spammers don't do that[23:36:18] <pj> luxifer: you do have to enable IMAP in your gmail settings, but when I did so it was certainly not labeled "less secure"[23:36:46] <luxifer> they will send spam to lots of recipients[23:36:49] <luxifer> pj https://www.google.com/settings/security/lesssecureapps[23:38:25] <qtch> JPT: but it is still possiblesend message to root at [127 dot 0.0.1] and I dont want use regexp in order to prevent that so I'm looking for aproporiate way to disable this facility[23:38:30] <pj> turned on for me, I disagree with the "less secure" moniker.[23:39:05] <pj> but I never actually turned that setting on myself, I only enabled IMAP in the gmail settings.[23:39:19] <luxifer> anyway... I need to find a good way to somehow gauge the likelihood of getting spammed on my domain... so far this hasn't happened because there's about zero public exposure... I'm not running a website, I have never posted the domain or an email address of it anywhere, except for registering my nickname here and I block by CBL and SBL[23:40:03] <luxifer> pj, strange... but yeah, the "less secure" moniker _is_ actually pretty misleading[23:40:18] <pj> could be that mine is a rather old account.[23:40:40] <pj> it's one of the original free google apps accounts, you can't get them anymore.[23:41:20] <luxifer> nice... well mine is a "normal" gmail account from when you had to have an invite code to get one[23:41:35] <pj> yeah, i have one of those as well[23:41:39] <pj> from back then[23:42:55] <pj> luxifer: tbh I don't bother forwarding, if I want to fetch mail from my own server I just fetch it from my own server. Modern email clients can be configured to work with multiple accounts on multiple servers, ya know.[23:43:42] <rob0> qtch, so you are saying that "mydestination =" and RCPT TO:<root at [127 dot 0.0.1]> was delivered?[23:44:13] <luxifer> pj, I'm not using any mail clients in my private computing environment anymore... I find them very unweildy...[23:44:18] <luxifer> anyway[23:45:59] <qtch> rob0: yes, exactly[23:46:25] <luxifer> while we're here and since you guys have already been so resourceful (thanks!!!!), mind having a look at my main.cf? maybe I've been missing some more things as well... I've tried to set it up as cleanly and simply as possible but also as safely as possible... but I'm not a mailadmin and thus I've never dived very deep into such considerations or even postfix for that matter (it's just the MTA I find to be the most straight forward)[23:46:49] <luxifer> http://pastebin.com/YwbGfRCS[23:46:56] <pj> !tell luxifer showconfig[23:46:56] <knoba> luxifer: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[23:47:11] <pj> luxifer: do it that way ^^^^[23:47:16] <luxifer> oh[23:47:25] <luxifer> ok, sorry :)[23:47:29] <pj> no worries[23:47:41] <pj> it's just easier to read that way.[23:47:54] <rob0> qtch, show the logs for that (and !showconfig also, ONE pastebin), and I'll probably be able to point out what you misunderstood.[23:48:11] <pj> brb[23:49:14] <qtch> rob0: ok, I have aliased (local) root to virtual(8) mailbox so it's delivered successful[23:50:23] <qtch> rob0: but I'm just trying to isolate internal (system) mail exchanging from virtual(8)[23:50:35] <luxifer> http://pastebin.com/J15hcB7T[23:50:52] <qtch> !showconfig[23:50:53] <knoba> qtch: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[23:55:18] <luxifer> hm... need to think of something anyway... legitimate mail could as well not be getting through if their domain uses SPF[23:56:09] <pj> luxifer: you're accepting submission on the mx port (25) and not using the submission port at all[23:56:35] <qtch> rob0: http://pastebin.com/7AiEi8zf[23:56:48] <pj> you should be using the submission port for submission and not enable any kind of permit_sasl.. or permit_mynetworks on port 25.[23:56:53] <pj> !tell luxifer submission[23:56:54] <knoba> luxifer: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[23:58:31] <pj> and you're specifying some TLS settings that ...[23:58:39] <luxifer> ok... anything else? I mean, apart from the elephant of directly relaying mail to my gmail inbox... I will stop doing that, promise ;-) just need to think through the alternatives and decide on a way of doing that[23:58:45] <luxifer> that...?[23:59:15] <pj> well the default TLS settings in postfix (for ciphers, protocols, etc) are very good, and if you don't have a specific reason to change them I would not muck with them. Usually you will end up doing more harm than good.[23:59:42] *** guyz <guyz!~digifiv5e@unaffiliated/daynaskully> has joined #postfix