February 9, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | >
February 9, 2017 [00:00:42] *** armguy <armguy!~adminempi@unaffiliated/adminempire-jl> has joined #postfix[00:01:37] *** beatdown <beatdown!beatdown@violator.strangled.net> has quit IRC (Quit: Severed corpses make good fucks.)[00:11:40] *** john51 <john51!~john@15255.s.t4vps.eu> has quit IRC (Remote host closed the connection)[00:11:56] *** john51 <john51!~john@15255.s.t4vps.eu> has joined #postfix[00:22:18] <rob0> mjr0, in Linux an empty resolv.conf means the system resolver will check for a nameserver at 127.0.0.1. Not sure if Postfix does that also, but it does make sense to run your own resolver for a mail server.[00:23:06] <rob0> also see[00:23:11] <rob0> !debian[00:23:11] <knoba> rob0: "debian" : (#1) Please see /usr/share/doc/postfix/README.Debian for Debian-specific information. This probably applies to Ubuntu and most other Debian-derivative distributions as well., or (#2) Debian splits the syslog mail facility into several files; the one most likely to be of interest is mail.log , which contains all mail.* priority levels.[00:23:36] <rob0> oh, you have de-chrooted already[00:24:22] <rob0> smtpd isn't the only chrooted service, and others are quite as likely to be impacted by DNS failures[00:26:28] *** john51 <john51!~john@15255.s.t4vps.eu> has quit IRC (Ping timeout: 240 seconds)[00:36:44] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has joined #postfix[00:38:14] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has quit IRC (Ping timeout: 245 seconds)[00:40:36] *** john51 <john51!~john@15255.s.t4vps.eu> has joined #postfix[00:53:29] *** muh2000 <muh2000!~muh2000@unaffiliated/muh2000> has joined #postfix[00:56:24] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[00:56:47] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC (Read error: Connection reset by peer)[00:57:20] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[01:01:01] *** mjr0 <mjr0!~mcox@77.172.153.103> has quit IRC (Ping timeout: 240 seconds)[01:04:51] *** sm311 <sm311!~sm311@138.36.57.5> has quit IRC (Ping timeout: 240 seconds)[01:05:05] *** v1n4x <v1n4x!~v1n4x@138.36.57.5> has quit IRC (Ping timeout: 240 seconds)[01:16:28] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 240 seconds)[01:16:50] *** DarkFeather <DarkFeather!~DarkFeath@96-41-230-196.dhcp.ftbg.wi.charter.com> has quit IRC (Quit: leaving)[01:17:19] *** triptrap <triptrap!~traptrip@brigaid.xs4all.nl> has quit IRC (Ping timeout: 255 seconds)[01:17:28] *** keanne <keanne!~keanne___@121.54.32.175> has joined #postfix[01:23:39] *** Gazoo <Gazoo!~Gazoo@96.53.100.190> has quit IRC (Ping timeout: 245 seconds)[01:25:35] *** Gazoo <Gazoo!~Gazoo@173.209.53.237> has joined #postfix[01:28:06] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Quit: Bye.)[01:37:11] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[01:38:40] *** v1n4x <v1n4x!~v1n4x@138.36.57.5> has joined #postfix[01:38:41] *** sm311 <sm311!~sm311@138.36.57.5> has joined #postfix[01:41:51] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 240 seconds)[01:52:52] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[01:58:11] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Ping timeout: 240 seconds)[01:58:12] *** pti-jean_ <pti-jean_!~quassel@12.45.124.78.rev.sfr.net> has quit IRC (Read error: Connection reset by peer)[01:59:32] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[02:12:41] *** Death_rattle_ <Death_rattle_!~death@p5DC9B2BE.dip0.t-ipconnect.de> has quit IRC (Read error: Connection reset by peer)[02:12:56] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[02:13:45] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[02:15:31] *** v1n4x <v1n4x!~v1n4x@138.36.57.5> has quit IRC (Quit: Leaving)[02:15:34] *** sm311 <sm311!~sm311@138.36.57.5> has quit IRC (Quit: Leaving)[02:23:31] *** howitdo <howitdo!~howitdo@unaffiliated/howitdo> has quit IRC (Quit: I Bomanos)[02:23:40] *** Gazoo <Gazoo!~Gazoo@173.209.53.237> has quit IRC (Read error: Connection reset by peer)[02:27:26] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 276 seconds)[02:28:50] *** Gazoo <Gazoo!~Gazoo@83.143.240.43> has joined #postfix[02:35:26] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[02:45:28] *** MacWinner <MacWinner!~Blah@192.77.239.202> has quit IRC (Ping timeout: 240 seconds)[02:51:54] *** Twinkletoes <Twinkletoes!~chatzilla@cpc69053-oxfd25-2-0-cust887.4-3.cable.virginm.net> has joined #postfix[02:54:12] <Twinkletoes> How can I find out the user that authenticated when I get messages in maillog, like this: postfix/smtpd[1387]: connect from unknown[45.247.246.16] then postfix/smtpd[1387]: 4ADC6C8A97: client=unknown[45.247.246.16] ?[02:57:22] <lunaphyte> Twinkletoes: when a client performs smtp auth, postfix will log that information[02:57:40] <Twinkletoes> lunaphyte: that's what I don't see in the log[02:59:35] <Twinkletoes> lunaphyte: (PM) that's all the log gives[03:00:25] <lunaphyte> if you have privacy concerns, use a pastebin which can be set to expire, and can be marked private[03:00:40] <Twinkletoes> lunaphyte: sorry... ok : http://virtality.co.uk/eat-this.txt[03:00:52] <lunaphyte> if you are extremely paranoid, use a pastebin which provides for a password[03:00:56] <Twinkletoes> that's the log which shows the connection info[03:01:02] <lunaphyte> !tell Twinkletoes getting_help[03:01:02] <knoba> Twinkletoes: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[03:01:12] <lunaphyte> those would be the instructions to follow for getting help here ^^[03:02:19] <lunaphyte> you'll also likely want to use a recognizable pastebin service. many folks here are not willing to visit arbitrary urls, myself included[03:02:24] <lunaphyte> bbiab[03:08:28] *** fling <fling!~fling@fsf/member/fling> has quit IRC (Ping timeout: 240 seconds)[03:21:12] *** Twinkletoes <Twinkletoes!~chatzilla@cpc69053-oxfd25-2-0-cust887.4-3.cable.virginm.net> has quit IRC (Quit: ChatZilla 0.9.92-rdmsoft [XULRunner 35.0.1/20150122214805])[03:23:27] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[03:27:43] <lunaphyte> heh[03:27:45] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[03:27:55] <lunaphyte> can't say i'm all that shocked :)[03:29:12] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 256 seconds)[03:37:58] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[03:42:40] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 255 seconds)[03:54:03] *** pppingme is now known as pppingme2[03:54:30] *** pppingme2 is now known as pppingme[03:59:57] *** bipolar <bipolar!~bipolar@offsite.guru> has quit IRC (Ping timeout: 252 seconds)[03:59:57] *** rizonz <rizonz!~rizonz@184.75.250.58> has quit IRC (Ping timeout: 252 seconds)[04:05:22] *** bipolar <bipolar!~bipolar@offsite.guru> has joined #postfix[04:07:36] *** rizonz <rizonz!~rizonz@184.75.250.58> has joined #postfix[04:11:46] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 264 seconds)[04:13:32] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:25:35] *** j7k6 <j7k6!~j7k6@ip-178-200-140-14.hsi07.unitymediagroup.de> has joined #postfix[04:25:46] *** j7k6 <j7k6!~j7k6@ip-178-200-140-14.hsi07.unitymediagroup.de> has quit IRC (Changing host)[04:25:46] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[04:30:03] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 260 seconds)[04:32:42] *** madduck <madduck!~madduck@debian/developer/madduck> has quit IRC (Remote host closed the connection)[05:14:48] *** 7ITAAKG28 <7ITAAKG28!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Ping timeout: 240 seconds)[05:15:10] *** 7IZAAJPG5 <7IZAAJPG5!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Ping timeout: 256 seconds)[05:16:16] *** KsChoice <KsChoice!~quassel@ip70-173-106-217.lv.lv.cox.net> has joined #postfix[05:17:05] *** keanne <keanne!~keanne___@121.54.32.175> has quit IRC (Ping timeout: 240 seconds)[05:26:34] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[05:27:31] *** KsChoice <KsChoice!~quassel@ip70-173-106-217.lv.lv.cox.net> has quit IRC (Ping timeout: 255 seconds)[05:30:59] *** fling <fling!~fling@fsf/member/fling> has joined #postfix[05:31:23] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 276 seconds)[05:32:56] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[05:33:33] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[05:33:51] *** Sayona <Sayona!~Sayona@unaffiliated/sayona> has joined #postfix[05:35:35] *** keanne <keanne!~keanne___@124.106.25.183> has joined #postfix[05:38:31] <Sayona> Hi, if I want to Catch All Email only the email which exist... I need to add all emails in virtual?[05:38:43] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[05:38:43] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[05:38:45] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[05:40:04] *** the_ktosiek <the_ktosiek!~quassel@108.61.166.51> has joined #postfix[05:40:25] *** ktosiek <ktosiek!~quassel@108.61.166.51> has quit IRC (Ping timeout: 255 seconds)[05:41:12] *** Gazoo <Gazoo!~Gazoo@83.143.240.43> has quit IRC (Read error: Connection reset by peer)[05:41:20] <jaybe> !mantra[05:41:20] <knoba> jaybe: Error: "mantra" is not a valid command.[05:41:26] <jaybe> !mantras[05:41:26] <knoba> jaybe: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls. 4. do not forward mail to outside/third party systems[05:41:52] <jaybe> but/and yes- @example.com user at deliver dot example.com[05:44:23] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 276 seconds)[05:47:13] <Sayona> yes, but I try that... but I catch all email if i send email to dsjdjd at example dot com[05:49:24] <jaybe> well, that would be part of the 'all' in 'catch all'[05:52:36] <patdk-lap> well, he did say, catch all that only exists[05:52:42] <patdk-lap> no idea what that means but[05:53:00] <Sayona> :)[05:54:39] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.2.99> has joined #postfix[05:54:50] <jaybe> ok, to only 'catch' the ones that exist, do not do 'catch all'. e.g. do not listen/accept @example.com[05:56:21] <Sayona> ah[05:56:46] <patdk-lap> it will involve a line for each email address, yes[05:59:00] <Sayona> yes... I need to add all emails in virtual[05:59:33] <Sayona> other solution doesn't exist[06:00:27] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC (Remote host closed the connection)[06:02:03] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[06:02:35] *** orion <orion!~orion@unaffiliated/orion> has joined #postfix[06:03:18] <orion> Hi. Does anyone know how to correctly parse email headers? If I write "Subject: foo", does that imply that the subject of the email is " foo" or "foo"?[06:05:15] <patdk-lap> refer to the rfc[06:05:17] <patdk-lap> !rfc[06:05:17] <knoba> patdk-lap: Error: "rfc" is not a valid command.[06:05:19] <patdk-lap> heh[06:05:30] <rjsalts> https://www.rfc-editor.org/info/rfc5322[06:06:47] *** LeoTh3o <LeoTh3o!~LeoTh3o@phoxden.xyz> has left #postfix ("-")[06:15:40] *** keanne <keanne!~keanne___@124.106.25.183> has quit IRC (Ping timeout: 255 seconds)[06:17:54] <orion> I don't think the RFC is very clear on this issue.[06:25:36] <nate> orion: Look at 822 in the semantics section, specifically; "A line which continues a header field begins with a SPACE or HTAB character, while a line beginning a field starts with a printable character which is not a colon."[06:26:07] <nate> I -think- that may be relevant to it?[06:26:41] <orion> Is that referring to folding?[06:27:47] <nate> Hm I didn't think so, it was B.2, for simple field parsing in the appendix[06:27:58] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[06:29:02] <nate> That said, 2822 seems to imply the space -may- be optional, but it could be people still simply do it for semantic sake quite literally[06:32:19] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 255 seconds)[06:36:02] *** keanne <keanne!~keanne___@121.54.32.173> has joined #postfix[06:37:58] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Remote host closed the connection)[06:50:37] *** echelog` <echelog`!~echelog@108.61.103.42> has joined #postfix[06:50:37] *** echelog <echelog!~echelog@108.61.103.42> has quit IRC (Disconnected by services)[06:51:31] *** echelog` <echelog`!~echelog@108.61.103.42> has quit IRC (Excess Flood)[06:51:44] *** echelog <echelog!~echelog@108.61.103.42> has joined #postfix[07:07:48] *** keanne <keanne!~keanne___@121.54.32.173> has quit IRC (Quit: Leaving)[07:09:45] *** Sayona <Sayona!~Sayona@unaffiliated/sayona> has quit IRC (Quit: Leaving)[07:12:00] *** dka <dka!~dka@42.117.168.137> has joined #postfix[07:18:57] *** echelog <echelog!~echelog@108.61.103.42> has joined #postfix[07:19:03] *** ktosiek <ktosiek!~quassel@108.61.166.51> has joined #postfix[07:24:09] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[07:28:23] *** patsToms <patsToms!~patsToms@tzt.lv> has quit IRC (Max SendQ exceeded)[07:28:55] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[07:30:34] *** patsToms <patsToms!~patsToms@tzt.lv> has joined #postfix[07:31:13] *** xpoint__ <xpoint__!sid133359@gateway/web/irccloud.com/x-edypoapfqjibamln> has joined #postfix[07:32:14] *** Feuersalamander <Feuersalamander!zimpcQrIMa@pdpc/supporter/silver/grossing> has joined #postfix[07:33:08] *** xpoint_ <xpoint_!sid133359@gateway/web/irccloud.com/x-pzfjcgbhbcerskpm> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** Tourist <Tourist!~Tourist@unaffiliated/tourist> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** grossing <grossing!hES3XHC1k4@pdpc/supporter/silver/grossing> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** Pies <Pies!~Pies@srv229.opcja.pl> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** pijiu2 <pijiu2!~pijiu@unaffiliated/pijiu> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** dka_ <dka_!~dka@42.117.168.137> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** systeem <systeem!~systeem@2001:bc8:24e8:800:a:27ba:0:c9f1> has quit IRC (Ping timeout: 240 seconds)[07:33:08] *** systeem <systeem!~systeem@2001:bc8:24e8:800:a:27ba:0:c9f1> has joined #postfix[07:33:33] *** Tourist <Tourist!~Tourist@ip97.ip-51-254-159.eu> has joined #postfix[07:33:38] *** Tourist <Tourist!~Tourist@ip97.ip-51-254-159.eu> has quit IRC (Changing host)[07:33:38] *** Tourist <Tourist!~Tourist@unaffiliated/tourist> has joined #postfix[07:33:40] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 240 seconds)[07:33:49] *** dka_ <dka_!~dka@42.117.168.137> has joined #postfix[07:34:26] *** Pies <Pies!~Pies@srv229.opcja.pl> has joined #postfix[07:34:41] *** john51 <john51!~john@15255.s.t4vps.eu> has quit IRC (Read error: Connection reset by peer)[07:34:59] *** john51 <john51!~john@15255.s.t4vps.eu> has joined #postfix[07:39:29] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[07:44:20] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 252 seconds)[07:59:10] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC ()[08:30:08] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[08:30:21] *** j7k6_ <j7k6_!~j7k6@62.112.80.25> has joined #postfix[08:31:38] *** internat <internat!~nf@27-33-20-68.tpgi.com.au> has quit IRC (Ping timeout: 252 seconds)[08:32:02] *** internat <internat!~nf@220-244-86-243.tpgi.com.au> has joined #postfix[08:34:43] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 255 seconds)[08:40:40] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[08:41:55] *** JanC <JanC!~janc@lugwv/member/JanC> has quit IRC (Killed (wolfe.freenode.net (Nickname regained by services)))[08:41:55] *** JanC_ is now known as JanC[08:52:12] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[08:54:40] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[08:59:35] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 240 seconds)[09:03:28] <Bheam> anyone know if there's a channel for general smtp discussion?[09:05:10] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[09:06:27] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[09:07:59] <nyloc> Hi, I'm not sure how to handle a problem that recently surfaced for my server. I have a mail alias that forwards mails send to someone at my-domain dot tld to someone at another-provider dot tld. No w[09:08:05] <nyloc> l[09:09:35] <nyloc> Now someone at my-domain dot tld gets Spam and the other provider rejects the mail from my server then my server wants to send a bounce to the sender of the spam that the mail could not be delivered. But the spam sender sends a response that the account has reached some limits. So my mail queue gets filled up with undelived bounces.[09:10:01] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[09:10:18] <nyloc> Is there a way to go to handle situations like that?[09:11:12] <nyloc> something like never send bounces for forwarded aliases.[09:12:05] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[09:14:49] <pj> !mantras[09:14:49] <knoba> pj: "mantras" : 1. do not accept mail that you do not intend to deliver. 2. do not drop mail. 3. do not use wildcards or catchalls. 4. do not forward mail to outside/third party systems[09:14:53] <pj> nyloc: ^^^^[09:15:49] <pj> not only do you have the issue with the bounces, but said 3rd-party server sees you as originating the SPAM and you will eventually get blacklisted as a SPAM source.[09:17:25] <pj> ...plus the envelope sender can easily be (and ususlaly is with SPAM) spoofed, so you end up sending those bounces to innocent other 3rd parties.[09:17:39] <pj> that is known as backscatter.[09:17:46] <pj> !tell nyloc backscatter[09:17:46] <knoba> nyloc: "backscatter" : see http://www.postfix.org/BACKSCATTER_README.html - Basically backscatter are bounces sent to innocent systems. A spammer sent email in behalf of the victim's system. Undeliverable emails get bounced to the victim.[09:17:48] <nyloc> pj: Yes I was thinking about this too, but my "customer" wants the mails delivered to his 3rd party provider[09:18:06] <pj> nyloc: the customer is not always right.[09:18:47] <Bheam> grr... postfix is so complicated[09:19:17] <pj> Bheam: no, email in general is complicated. Postfix is relatively simple.[09:19:31] <nyloc> pj: I wil try to tell him that, in the mean time is there a workaround to mitigate the problems until I mange to convince him to poll from a mailbox on my server?[09:20:00] <nyloc> something like don't bounce mails that could not be deliverd to this particular address?[09:20:10] <pj> don't forward SPAM, don't forward email that might look like SPAM or possibly be mistaken for SPAM.[09:20:31] <pj> there is no workaround for forwarding SPAM.[09:20:59] <Bheam> pj: i'm doing outgoing email scanning, but spf check is being done, which fails - best way to correct?[09:21:22] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 255 seconds)[09:21:24] <pj> Bheam: don't do an SPF check on outgoign email.[09:21:49] <Bheam> any idea if amavis can be instructed to that?[09:22:03] <pj> you would have to ask in their channel.[09:22:22] <pj> I believe that amavisd-new has different policies that you can configure for things like that.[09:22:22] <nyloc> pj: I have a quiet restrictive spam filter but I'm not sure when my virtual_alias_map is evaluated and maybe mails pass my spam filtering in smtpd_recipient_restrictions[09:22:58] <nyloc> Oh, I have a TODO comment in my config that smtpd_recipient_restrictions might not be the right place for spam filtering[09:23:19] <nyloc> Too bad I didn't write where to do this better :P[09:23:32] <pj> nyloc: SPAM filtering is a comprehensive task, there is no one place to do it.[09:25:40] <nyloc> yeah I also use amavisd-new as a contetnt filter but I suspect that the "forward" is happening before my filtering[09:27:11] *** pijiu2 <pijiu2!~pijiu@unaffiliated/pijiu> has joined #postfix[09:27:20] * nyloc is reading the manual again (feels like rtfm run 1001)[09:36:12] *** ace_me <ace_me!~IceChat9@unaffiliated/ace-me/x-814638> has joined #postfix[09:36:42] <ace_me> I cannot send email to outside world ! cna you help me find the problem ? http://pastebin.com/nBpkp6yD[09:37:10] <ace_me> ... postfix/smtp[22949]: connect to alt2.gmail-smtp-in.l.google.com[74.125.68.26]:25: Connection timed out[09:42:43] <Bheam> so[09:42:51] <nyloc> ace_me: mydestination =..., google.com, looks really wrong for me[09:43:35] <Bheam> i have a smtpd_milter = inet:127.0.0.1:8891 for opendkim, then i have -o content_filter on submission for outgoing email filter, but this causes dkim to be applied before content_filter, which could be a bad idea? how to fix?[09:45:12] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[09:53:27] <nyloc> Is there a way to never send a bounce if the recipent address is someone at my-domain dot tld. I think this should be possible by doing header_checks, but maybe there is a more elegant way?[10:00:58] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:01:13] *** hyperize1 <hyperize1!~hyperized@lab.hyperized.net> has left #postfix[10:05:46] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[10:07:29] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[10:07:46] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[10:12:46] *** madduck <madduck!~madduck@debian/developer/madduck> has joined #postfix[10:24:13] *** Feuersalamander is now known as grossing[10:41:21] <nyloc> argh bounce is not subjected to header/body checks. This problem is really harder then I thought.[10:45:04] *** pijiu2 <pijiu2!~pijiu@unaffiliated/pijiu> has quit IRC (Ping timeout: 255 seconds)[10:45:54] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has joined #postfix[10:46:29] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has quit IRC (Max SendQ exceeded)[10:47:12] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has joined #postfix[10:47:22] <nyloc> It really looks like there is no way to disable non deliverable messages for a specific address, the only way I could find was to completly disable bounces.[10:51:05] <ace_me> thought mydestination is a list of domains to send to[10:51:10] <ace_me> nyloc[10:51:29] <ace_me> I did removed gmail.com but still the same[10:52:19] <nyloc> http://www.postfix.org/postconf.5.html#mydestination[10:52:52] <nyloc> maybe your server is allready blocked by google?[10:53:05] *** internat <internat!~nf@220-244-86-243.tpgi.com.au> has quit IRC (Ping timeout: 240 seconds)[10:53:30] <ace_me> I get queue active[10:54:00] <ace_me> inet_interfaces = 127.0.0.1[10:54:11] <ace_me> is this limiting me or protecting me nyloc ?[10:54:30] <ace_me> should it contain the external IP ?[10:54:45] <ace_me> I only need to send email[10:54:51] <ace_me> that is a jira server[10:55:05] <ace_me> aha[10:55:08] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[10:55:19] <nyloc> inet_interfaces (default: all)[10:55:19] <nyloc> The network interface addresses that this mail system receives mail on.[10:55:20] <ace_me> nyloc... How to test that google blocking me ?[10:55:48] <nyloc> ace_me: maybe just talk to the server via telnet[10:55:50] <ace_me> so having 127.0.0.1 for inet_nterfaces seems ok for me[10:56:10] <ace_me> I did talked with google telnet 25[10:56:37] <ace_me> EHLO mydomain[10:56:48] <ace_me> 250-mx.google.com at your service,....[10:57:02] <ace_me> so I am not blocked[10:57:07] <ace_me> !?[10:57:07] <knoba> ace_me: Error: "?" is not a valid command.[10:57:16] <nyloc> hmm, looks good[10:57:51] <ace_me> is it sending to google using a different port than 25 ?[10:59:04] *** markus_e92 <markus_e92!~markus_e9@91-115-155-174.adsl.highway.telekom.at> has quit IRC (Ping timeout: 245 seconds)[10:59:23] <nyloc> na it will use the default port which is 25. And you did the telnet test from the server? Just to be sure ;)[10:59:37] <ace_me> yes from the server nyloc[10:59:50] <ace_me> I am right now logged there over ssh[11:00:21] <ace_me> ...orig_to=<root>, relay=none, delay=79, delays=0.01/79/0/0.03, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[74.125.28.27]:25: Connection timed out)[11:00:22] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[11:00:34] <ace_me> (delivery temporarily suspended[11:00:42] <ace_me> is that a bad sign ?[11:00:53] <ace_me> is it somehow coming from google ?[11:01:08] <ace_me> I am blocked ?[11:01:22] <nyloc> the bad sign is he Connection time out this means that your server can't talk to google, maybe some strange firewall configuration[11:02:09] <ace_me> could be that my provider blocked me somehow ?[11:02:30] <nyloc> Then you shouldn't be able to send a mail via telnet[11:03:08] <ace_me> ok[11:03:16] <nyloc> you can try: traceroute -n -T -p 25 alt4.gmail-smtp-in.l.google.com[11:03:23] <ace_me> I disabled my CSF firewall there and I think it worked[11:03:36] <nyloc> as the postfix user[11:03:38] <nyloc> ok[11:04:18] <ace_me> yes the email arrived in SPAM[11:04:29] <ace_me> I will doublke check then my CSF :([11:04:38] <ace_me> Thank you very much nyloc[11:04:50] <ace_me> what should I do to see email not received in the SPAM ?[11:04:59] <ace_me> maybe to arrive in inbox ?[11:05:28] *** Qann <Qann!~Nomad@hades.golgeli.net> has quit IRC (Ping timeout: 240 seconds)[11:05:44] <ace_me> nyloc now I see ... CSF probably closed postfix process[11:05:46] <ace_me> Excessive resource usage: postfix (23085 (Parent PID:23081))[11:06:21] <ace_me> Killed: No ... but who knows what CSF did....[11:07:18] *** beatdown <beatdown!beatdown@violator.strangled.net> has joined #postfix[11:08:49] <nyloc> ace_me: Thats a whole different topic but you should use good eloh messages don't appear on blacklists maybe use dkim to verify[11:09:23] <nyloc> setup a reverse DNS entry for your domain[11:11:34] *** Qann <Qann!~Nomad@hades.golgeli.net> has joined #postfix[11:15:28] *** dka_ <dka_!~dka@42.117.168.137> has quit IRC (Ping timeout: 240 seconds)[11:15:35] *** dka <dka!~dka@42.117.168.137> has quit IRC (Ping timeout: 240 seconds)[11:23:13] *** markus_e92 <markus_e92!~markus_e9@62-46-96-227.adsl.highway.telekom.at> has joined #postfix[11:28:47] *** dka_ <dka_!~dka@master-rbx-01.kopaxgroup.com> has joined #postfix[11:28:53] *** dka <dka!~dka@master-rbx-01.kopaxgroup.com> has joined #postfix[11:52:29] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has joined #postfix[11:56:35] *** Bheam <Bheam!~Bheam@213.236.211.98> has quit IRC (Ping timeout: 240 seconds)[12:07:18] *** ace_me <ace_me!~IceChat9@unaffiliated/ace-me/x-814638> has quit IRC (Quit: thx nyloc)[12:15:00] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has quit IRC (Ping timeout: 240 seconds)[12:20:07] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has joined #postfix[12:20:33] *** Section1 <Section1!~section1@190.195.71.40> has joined #postfix[12:29:12] *** sm311 <sm311!~sm311@138.36.57.5> has joined #postfix[12:31:11] *** sm311 <sm311!~sm311@138.36.57.5> has quit IRC (Changing host)[12:31:11] *** sm311 <sm311!~sm311@unaffiliated/v1n4x> has joined #postfix[12:31:42] *** sm311 is now known as v1n4x[12:34:24] *** v1n4x <v1n4x!~sm311@unaffiliated/v1n4x> has quit IRC (Quit: Leaving)[12:36:12] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[12:42:58] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 264 seconds)[12:55:18] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has joined #postfix[12:56:31] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[13:00:58] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[13:13:00] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Ping timeout: 240 seconds)[13:14:59] *** pti-jean_ <pti-jean_!~quassel@12.45.124.78.rev.sfr.net> has joined #postfix[13:20:02] <PaulePanter> Hi. I am having problems with smtp.ice.mpg.de[195.37.47.8].[13:20:37] <PaulePanter> Despite it showing STARTTLS, my Postfix installation claims `TLS is required, but was not offered by host`.[13:23:11] <Zerberus> PaulePanter: Cisco PIX or ASA in front which breaks ESMTP[13:24:11] <Zerberus> PaulePanter: no, works here[13:24:22] <Zerberus> openssl s_client -connect smtp.ice.mpg.de:25 -starttls smtp[13:25:29] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[13:27:08] <patdk-lap> PaulePanter, logs?[13:27:13] <patdk-lap> !tell PaulePanter getting_help[13:27:13] <knoba> PaulePanter: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[13:38:08] <PaulePanter> I’ll collect the logs.[13:52:11] *** infides_afk <infides_afk!~infides@p4FE75D30.dip0.t-ipconnect.de> has joined #postfix[14:12:18] *** mcfate <mcfate!~textual@174-134-145-16.res.bhn.net> has joined #postfix[14:17:05] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Ping timeout: 240 seconds)[14:32:04] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[14:37:14] <PaulePanter> Here are the logs: https://paste.debian.net/913543/[14:37:38] <PaulePanter> Ah, I need to read better. The configuration is missing.[14:41:20] <PaulePanter> !relevant_logs[14:41:20] <knoba> PaulePanter: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility (mail); filter such messages out unless asked not to.[14:41:44] <PaulePanter> !showconfig[14:41:44] <knoba> PaulePanter: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[14:46:30] *** misterunknown <misterunknown!~misterunk@kronos.misterunknown.de> has joined #postfix[14:57:15] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[14:59:46] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 264 seconds)[15:01:51] *** traptrip <traptrip!~traptrip@brigaid.xs4all.nl> has joined #postfix[15:02:01] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[15:06:27] *** dargains <dargains!~dargains@187.110.239.75> has joined #postfix[15:07:59] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:12:15] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has joined #postfix[15:41:26] <PaulePanter> Hmm, it’s still not clear to me.[15:41:28] <PaulePanter> https://paste.debian.net/913557/[15:41:46] *** Oclair <Oclair!~Oclair@91-115-61-171.adsl.highway.telekom.at> has joined #postfix[15:41:56] <PaulePanter> Is what I get entering `EHLO myhost.com` after `openssl s_client -connect smtp.ice.mpg.de:25 -starttls smtp`.[15:42:21] <PaulePanter> But that’s after STARTTLS.[15:42:43] <patdk-wk> did you not see this?[15:42:44] <patdk-wk> A6A8A2012A59E5: enabling PIX workarounds: disable_esmtp delay_dotcrlf[15:42:55] <patdk-wk> you have a pix/asa at your location[15:42:58] <patdk-wk> you need to fix it[15:43:16] <patdk-wk> the cisco pix/asa does NOT allow encryption[15:43:22] <patdk-wk> in it's default configuration[15:43:48] <patdk-wk> not Zerberus told you that hours ago[15:43:50] <patdk-wk> !asa[15:43:50] <knoba> patdk-wk: Error: "asa" is not a valid command.[15:43:51] <patdk-wk> !pix[15:43:51] <knoba> patdk-wk: "pix" : see !cisco_pix[15:43:56] <patdk-wk> !cisco_pix[15:43:56] <knoba> patdk-wk: "cisco_pix" : The Cisco PIX and ASA firewall has a SMTP proxy feature called SMTP Fixup which breaks ESMTP. If your Postfix server is behind such a firewall you should disable this feature.[15:45:24] <PaulePanter> patdk-lap: I have no problem with an Exim to send messages to that host, and it claims it uses encryption.[15:45:45] <patdk-wk> so?[15:45:48] <patdk-wk> use exim then[15:45:53] <patdk-wk> I thought you wanted postfix help[15:46:09] <PaulePanter> patdk-lap: Why does the `openssl` command work then, if the PIX does not?[15:46:47] <PaulePanter> patdk-lap: Zerberus also wrote “no, works here”.[15:50:00] <patdk-wk> works fine here[15:50:06] <patdk-wk> for me it's using helo and not ehlo[15:53:03] *** shoonya <shoonya!~unknown@122.166.174.185> has joined #postfix[15:53:07] <PaulePanter> patdk-wk: Thank you, but what did you try exactly?[15:54:35] *** Aprogas_ <Aprogas_!aprogas@enki.aprogas.net> has joined #postfix[15:55:54] *** Aprogas <Aprogas!aprogas@enki.aprogas.net> has quit IRC (Read error: Connection reset by peer)[16:01:34] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has quit IRC (Ping timeout: 245 seconds)[16:03:37] *** heroux <heroux!sandroco@gateway/shell/insomnia247/x-kaivhsshysmuwhpv> has quit IRC (Remote host closed the connection)[16:09:35] *** mactimes- <mactimes-!~mactimes@srv01.itgen.com.br> has quit IRC (Quit: mactimes has left the building.)[16:10:15] *** mactimes <mactimes!~mactimes@unaffiliated/mactimes> has joined #postfix[16:11:02] *** heroux <heroux!sandroco@gateway/shell/insomnia247/x-ukqzqpgadggablzk> has joined #postfix[16:16:58] <patdk-wk> the command you posted[16:17:05] <patdk-wk> but used tcpdump to see what it attempted[16:18:18] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has quit IRC (Remote host closed the connection)[16:28:08] *** lvlinux <lvlinux!~ruel@unaffiliated/lvlinux> has quit IRC (Ping timeout: 260 seconds)[16:39:07] *** lvlinux <lvlinux!~ruel@unaffiliated/lvlinux> has joined #postfix[16:41:07] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[16:57:48] *** Death_rattle_ <Death_rattle_!~death@p200300868A318D010000000000000001.dip0.t-ipconnect.de> has joined #postfix[17:11:37] *** mactimes is now known as mactimes_[17:13:00] *** markus_e92 <markus_e92!~markus_e9@62-46-96-227.adsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[17:13:38] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has quit IRC (Ping timeout: 260 seconds)[17:14:02] *** muh2000_ <muh2000_!~quassel@prx1.ernw.net> has joined #postfix[17:15:16] *** markus_e92 <markus_e92!~markus_e9@62-46-96-144.adsl.highway.telekom.at> has joined #postfix[17:16:09] <rob0> Exim (nor any other MTA) will not be able to STARTTLS with a host where a PIX or ASA firewall between them is doing SMTP Fuxup.[17:16:30] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has joined #postfix[17:17:10] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has quit IRC (Ping timeout: 255 seconds)[17:17:14] <rob0> The PIX/ASA could be at either site. In theory (but less likely) it could be anywhere in between, too.[17:19:04] *** Zerberus <Zerberus!~dogtail@irc.sys5.org> has quit IRC (Ping timeout: 245 seconds)[17:19:04] *** noc0lour <noc0lour!~quassel@prism.nocolour.de> has quit IRC (Ping timeout: 245 seconds)[17:19:05] *** namix_ <namix_!~namix@bla.mode42.net> has quit IRC (Ping timeout: 252 seconds)[17:19:11] *** misterunknown <misterunknown!~misterunk@kronos.misterunknown.de> has quit IRC (Quit: Feierabend!)[17:19:25] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has quit IRC (Ping timeout: 255 seconds)[17:19:41] *** xpoint__ <xpoint__!sid133359@gateway/web/irccloud.com/x-edypoapfqjibamln> has quit IRC ()[17:20:29] *** xpoint__ <xpoint__!sid133359@gateway/web/irccloud.com/x-pkgmdmswbobdmdho> has joined #postfix[17:22:18] *** xpoint__ <xpoint__!sid133359@gateway/web/irccloud.com/x-pkgmdmswbobdmdho> has left #postfix[17:22:35] *** DonRichie <DonRichie!~DonRichie@ricl.de> has quit IRC (Ping timeout: 240 seconds)[17:22:36] *** namix <namix!~namix@bla.mode42.net> has joined #postfix[17:22:43] *** namix <namix!~namix@bla.mode42.net> has quit IRC (Changing host)[17:22:43] *** namix <namix!~namix@unaffiliated/namix> has joined #postfix[17:24:02] *** Zerberus <Zerberus!dog@msg.sys5.org> has joined #postfix[17:24:29] *** noc0lour <noc0lour!~quassel@prism.nocolour.de> has joined #postfix[17:25:07] *** DonRichie <DonRichie!~DonRichie@ricl.de> has joined #postfix[17:25:19] *** gu1lle_ <gu1lle_!~Thunderbi@190.18.2.99> has quit IRC (Remote host closed the connection)[17:25:29] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has joined #postfix[17:26:55] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Ping timeout: 255 seconds)[17:28:14] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has joined #postfix[17:34:03] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 260 seconds)[17:35:42] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[17:35:43] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[17:37:05] *** shoonya <shoonya!~unknown@122.166.174.185> has quit IRC (Quit: Leaving)[17:39:25] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has joined #postfix[17:40:29] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[17:43:28] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has quit IRC (Ping timeout: 240 seconds)[17:44:19] *** Dominian1 <Dominian1!~dominian@opensuse/member/dominian> has joined #postfix[17:45:22] *** Dominian <Dominian!~dominian@opensuse/member/dominian> has quit IRC (Ping timeout: 264 seconds)[17:45:30] *** Dominian1 is now known as Dominian[17:47:19] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has quit IRC (Ping timeout: 255 seconds)[17:47:19] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has quit IRC (Ping timeout: 255 seconds)[17:48:09] *** nyloc <nyloc!~quassel@darwin.nyloc.de> has joined #postfix[18:03:07] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[18:04:27] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Quit: Leaving)[18:06:04] *** pinaraf <pinaraf!~quassel@host.pinaraf.info> has quit IRC (Remote host closed the connection)[18:06:32] *** Death_rattle_ <Death_rattle_!~death@p200300868A318D010000000000000001.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 240 seconds)[18:09:07] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has joined #postfix[18:18:00] *** dargains <dargains!~dargains@187.110.239.75> has quit IRC (Remote host closed the connection)[18:18:37] *** dargains <dargains!~dargains@187.110.239.75> has joined #postfix[18:23:01] *** dargains <dargains!~dargains@187.110.239.75> has quit IRC (Ping timeout: 258 seconds)[18:30:07] *** j7k6_ <j7k6_!~j7k6@62.112.80.25> has quit IRC (Remote host closed the connection)[18:32:43] *** dargains <dargains!~dargains@187.110.239.75> has joined #postfix[18:34:28] *** markus_e92 <markus_e92!~markus_e9@62-46-96-144.adsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[18:36:23] *** markus_e92 <markus_e92!~markus_e9@91-115-18-4.adsl.highway.telekom.at> has joined #postfix[18:39:31] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has quit IRC (Ping timeout: 255 seconds)[18:40:23] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[18:41:06] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has joined #postfix[18:42:49] *** dargains <dargains!~dargains@187.110.239.75> has quit IRC (Remote host closed the connection)[18:56:06] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[19:03:07] <PaulePanter> rob0: No idea, but that’s the log from the Exim test server. https://paste.debian.net/913579/[19:03:24] <PaulePanter> Maybe Postfix is too old on the system with the problem.[19:04:05] *** exounx_ is now known as exounx[19:04:14] *** xpoint <xpoint!sid133359@gateway/web/irccloud.com/x-xtpmsbaztfhbrwwm> has joined #postfix[19:04:24] <rob0> If Postfix had to enable PIX workarounds, that means it encountered a PIX-style proxy between it and the destination.[19:05:13] <rob0> There is no "fix" possible. If a proxy disables ESMTP, then STARTTLS cannot be used.[19:05:51] <rob0> (There IS a fix: to get rid of the proxy, of course.)[19:06:38] <PaulePanter> rob0: Hmm. So what you are saying is, that for everybody, where `openssl s_client -connect …` no PIX-style proxy is present, right?[19:07:08] *** mjr0 <mjr0!~mcox@47.students.os3.nl> has quit IRC (Ping timeout: 276 seconds)[19:07:29] <PaulePanter> I am not aware, that we have such a proxy here, and thought it’s on the receiver side.[19:07:46] <PaulePanter> $ nc smtp.ice.mpg.de 25[19:07:47] <PaulePanter> 220 ************************************************************[19:07:58] <PaulePanter> … and from the same system the OpenSSL command succeeds.[19:08:11] <PaulePanter> (both commands run on the same host)[19:08:12] <rob0> that's a PIX for sure[19:08:19] <PaulePanter> rob0: Do you get that too?[19:08:53] <PaulePanter> I still did not get, if then `openssl s_client -connect smtp.ice.mpg.de:25 -starttls smtp` should succeed or not.[19:09:22] <tharkun> Depends on smtp.ice.mpg.de and how it is configured.[19:09:53] <rob0> yes, I see a PIX at 195.37.47.8[19:10:08] * tharkun greets rob0[19:10:16] <rob0> tharkun![19:12:38] <PaulePanter> tharkun: I see.[19:23:51] <patdk-wk> yuk, it is on the other side, no wonder[19:24:15] <patdk-wk> it might be by design[19:24:32] <patdk-wk> the pix/asa might just be broken, as is normally the case (they left the default to enable inspection)[19:24:49] <patdk-wk> or it MIGHT actually have an ids installed, so the mitm it's doing is ligit, but still breaks ssl[19:29:54] <PaulePanter> To rule out any problems with the Postfix set up here, could you please send a test message to the non-existent <test at ice dot mpg.de>?[19:30:22] <PaulePanter> https://checktls.com/perl/TestReceiver.pl also shows no problems.[19:31:53] <patdk-wk> <test at ice dot mpg.de>: host mailhub.ice.mpg.de[195.37.47.9] said: 554 5.7.1[19:31:53] <patdk-wk> <test at ice dot mpg.de>: Recipient address rejected: Access denied (in reply to[19:31:53] <patdk-wk> RCPT TO command)[19:34:48] *** pti-jean_ <pti-jean_!~quassel@12.45.124.78.rev.sfr.net> has quit IRC (Ping timeout: 240 seconds)[19:35:42] *** pti-jean <pti-jean!~quassel@90.29.124.78.rev.sfr.net> has joined #postfix[19:39:09] *** MacWinner <MacWinner!~Blah@192.77.239.202> has joined #postfix[19:39:35] *** metalcated <metalcated!~slider@unaffiliated/metalcated> has quit IRC (Ping timeout: 240 seconds)[19:40:08] <MacWinner> is there any reason to not configure smtp_tls_session_cache_database and smtpd_tls_session_cache_database?[19:40:24] <MacWinner> can't really find much info n it[19:40:47] *** metalcated <metalcated!~slider@pool-72-90-92-135.syrcny.fios.verizon.net> has joined #postfix[19:40:51] <MacWinner> or at least on any potential pitfalls of using it[19:49:07] <patdk-wk> MacWinner, sure, why not just use the default?[19:49:33] <MacWinner> sorry, didn't understand.. you mean just don't use the cache?[19:49:39] <patdk-wk> oh, I'm thinking about postscreen[19:49:53] <patdk-wk> different cache[19:50:08] <patdk-wk> do you make a crapload of new tls smtp connections per minute?[19:50:10] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[19:50:12] <patdk-wk> from the same source?[19:50:23] <MacWinner> yeah..[19:50:27] <patdk-wk> normally those connections are long lived, so there is no need to cache[19:50:42] <MacWinner> everything in and out of our relay is TLS... lots of emails.. and they are all pretty much going to the same sets of servers[19:50:59] <patdk-wk> same sets doesn't matter, SAME SERVER does[19:51:06] <patdk-wk> same set cannot use the cache entry[19:51:53] <MacWinner> interesting.. i'll try turning on some extra debug logging to see if the cached session key is actually being used.[19:52:07] <MacWinner> any downside you see of using teh cache though?[19:54:04] <patdk-wk> "Consequently, for Postfix ≥ 2.11 the smtpd_tls_session_cache_database parameter should generally be left empty."[19:55:03] <MacWinner> oh, thanks![19:56:03] <patdk-wk> so only need to set it for smtp_tls_session_cache_database[19:58:06] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[20:01:32] <MacWinner> if it has any impact, it would be i guess both on network io and CPU utilization[20:02:02] <MacWinner> i think i read it saves a bunch of negotiation traffic and calculations[20:02:05] <patdk-wk> it will save some network i/o, but mainly cpu[20:02:18] <patdk-wk> it saves transfer of the ssl public certs[20:02:33] <patdk-wk> besides the back and forth[20:03:03] <MacWinner> do you have it on?[20:03:12] <patdk-wk> I used to[20:03:21] <patdk-wk> no idea why I disabled it[20:04:07] *** Section1 <Section1!~section1@190.195.71.40> has quit IRC (Quit: Leaving)[20:07:52] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has quit IRC (Remote host closed the connection)[20:13:37] <MacWinner> looks like gmail supports tls session tickets and office365 does not[20:13:38] *** pti-jean_ <pti-jean_!~quassel@222.48.124.78.rev.sfr.net> has joined #postfix[20:13:46] <MacWinner> based on open_ssl test[20:14:28] <MacWinner> actually.. office365 may do TLS session caching.. and google does tls session tickets[20:14:56] *** MuffinMedic is now known as Evan[20:15:32] *** pti-jean <pti-jean!~quassel@90.29.124.78.rev.sfr.net> has quit IRC (Ping timeout: 240 seconds)[20:16:37] <MacWinner> is broad based SMTPUTF8 support still far off?[20:16:52] *** Evan is now known as StudMuffin[20:17:49] *** zokum <zokum!~zokum@188.51-174-52.customer.lyse.net> has quit IRC (Ping timeout: 245 seconds)[20:18:08] *** StudMuffin is now known as MuffinMedic[20:20:20] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[20:20:33] <PaulePanter> patdk-wk: Thank you. Was that encrypted? That host is in `tls_policy`.[20:20:39] <PaulePanter> … with enforce.[20:22:37] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 258 seconds)[20:32:21] <patdk-wk> PaulePanter, no, cause it is blocking tls[20:34:54] *** madduck <madduck!~madduck@debian/developer/madduck> has quit IRC (Ping timeout: 245 seconds)[20:34:56] <patdk-wk> PaulePanter, why haven't you disabled the asa/pix smtp fixup yet?[20:50:55] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has joined #postfix[20:52:08] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has quit IRC (Ping timeout: 240 seconds)[20:55:07] *** pinaraf <pinaraf!~quassel@host.pinaraf.info> has joined #postfix[20:59:03] <PaulePanter> patdk-wk: It’s a production system at work, and I am not the one having written the configuration. So I have to be careful, and try it tomorrow.[20:59:13] <PaulePanter> patdk-wk: Thank you so much for your help.[21:02:32] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has joined #postfix[21:05:55] *** dargains <dargains!~dargains@187.110.239.75> has joined #postfix[21:10:43] *** dargains <dargains!~dargains@187.110.239.75> has quit IRC (Ping timeout: 255 seconds)[21:15:16] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[21:16:39] *** zokum <zokum!~zokum@188.51-174-52.customer.lyse.net> has joined #postfix[21:18:28] *** infides_afk <infides_afk!~infides@p4FE75D30.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 240 seconds)[21:19:45] *** madduck <madduck!~madduck@debian/developer/madduck> has joined #postfix[21:22:52] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Quit: Leaving.)[21:29:55] <MacWinner> i enabled the tls session cache.. my btree file is already up to 300kb in 1 minute..[21:30:07] <MacWinner> maybe sending about 50k emails a day[21:30:32] <MacWinner> any good way to examine whats in there? just curious[21:31:19] *** luxifer <luxifer!~luxifer@94.16.91.91> has joined #postfix[21:32:05] <JPT> I assume that it contains information about chosen ciphers and more to speed up consecutive session.[21:32:08] <JPT> See http://www.postfix.org/TLS_README.html#server_tls_cache :)[21:33:04] <MacWinner> i only have the smtp client tls session cache on. it says for 2.11, the server side one isnt really needed[21:33:10] <patdk-wk> postmap -s ....[21:34:07] <JPT> Since my personal setup is basically no load all day, i did not bother to check for performance optimization at all[21:35:08] <MacWinner> postmap works perfect[21:35:23] <JPT> If the manual says that it is not necessary for the recent versions of postfix, i guess it is up to you to see if it has any impact on your system.[21:35:27] <patdk-wk> lets see, for outlook.com I have like 300 entries[21:35:46] <patdk-wk> JPT, it's really recent version of ssl :)[21:36:11] <patdk-wk> the new way to do ssl session resumption, is to encrypt the session state, and send it to the client[21:36:21] <patdk-wk> instead of having the server cache and remember it[21:36:30] <patdk-wk> so no server side cache is needed, only client cache[21:37:40] <JPT> Sounds fair in my opinion. A client usually has less sessions than a server[21:37:56] <JPT> When it comes to mta-to-mta communication though ... :|[21:39:07] <JPT> I have no experience for really high load setups, but i guess that most setups would be fine if each ssl/tls handshake was done without any knowledge of previous handshakes.[21:41:37] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 255 seconds)[21:44:53] <MacWinner> it's kinda like a JWT in webland[21:45:18] <MacWinner> is there any way to see how many times there is a cache hit?[21:46:41] <JPT> I don't know. Perhaps there's an option to log such things. On the other hand, such logging would probably affect performance (a little bit?)[21:47:21] <MacWinner> maybe.. just curious what the actual impact of the setting is in my env.. i'll minitor the network and CPU graphs to see if there is any obvious gain[21:48:17] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[21:48:43] <MacWinner> definiately a lot of keys being cached.. over 1.5mb now..[21:48:49] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[21:49:34] *** JanC is now known as Guest72742[21:49:34] *** Guest72742 <Guest72742!~janc@lugwv/member/JanC> has quit IRC (Killed (hobana.freenode.net (Nickname regained by services)))[21:49:34] *** JanC_ is now known as JanC[21:50:53] <JPT> 1.5MiB. A lot. *giggles thinking back to floppy disks*[21:51:11] <JPT> Your server cpu probably has more level 1 cache[21:51:38] <patdk-wk> unlikely[21:51:52] <JPT> okay, maybe level 2 then^^[21:51:53] <patdk-wk> I am not sure any have much more than 32 or 64k of level1[21:52:02] <JPT> got a little ahead of time[21:52:06] <patdk-wk> ya, level2 will be around 1MB or less[21:52:16] <patdk-wk> level3 is going be in the 4-64meg range[21:52:46] * patdk-wk remembers installing the level1 cache dimm's[21:53:12] <JPT> Hehe, perhaps for a cpu in the range of 66-100MHz[21:53:23] <JPT> or perhaps less[21:53:32] <patdk-wk> that fast?[21:53:41] <patdk-wk> I was thinking about my 2 to 16mhz cpu's :)[21:53:44] <JPT> I got into the game pretty late. :/[21:53:50] <patdk-wk> 8086->386[21:54:07] <JPT> I still have good memories of that 16 bit isa slot with a vesa local bus extension.[21:54:31] <MacWinner> i had an IBM xt.. 8086[21:54:42] <JPT> And there was a machine that i could not get the sound blaster from because it was also the machines parallel ata controller[21:57:22] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has quit IRC (Ping timeout: 264 seconds)[22:01:25] *** Cybertinus <Cybertinus!~Cybertinu@cybertinus.customer.cloud.nl> has joined #postfix[22:06:18] *** metalcated <metalcated!~slider@pool-72-90-92-135.syrcny.fios.verizon.net> has quit IRC (Changing host)[22:06:18] *** metalcated <metalcated!~slider@unaffiliated/metalcated> has joined #postfix[22:11:20] *** metalcated <metalcated!~slider@unaffiliated/metalcated> has quit IRC (Read error: Connection reset by peer)[22:14:33] *** samy1028a <samy1028a!~samy1028c@63.251.72.10> has joined #postfix[22:14:49] *** samy1028a <samy1028a!~samy1028c@63.251.72.10> has quit IRC (Read error: Connection reset by peer)[22:15:15] *** samy1028a <samy1028a!~samy1028c@63.251.72.10> has joined #postfix[22:17:10] *** samy1028 <samy1028!~samy1028c@63.251.72.10> has quit IRC (Ping timeout: 255 seconds)[22:21:04] *** Death_rattle_ <Death_rattle_!~death@p200300868A277D010000000000000001.dip0.t-ipconnect.de> has joined #postfix[22:21:22] *** Death_rattle_ <Death_rattle_!~death@p200300868A277D010000000000000001.dip0.t-ipconnect.de> has quit IRC (Client Quit)[22:22:02] *** graps <graps!~grapster@grapster.us> has joined #postfix[22:22:52] *** Guest43 <Guest43!~textual@unaffiliated/rufus> has joined #postfix[22:23:05] *** bauruine <bauruine!~bauruine@2a01:4f8:130:8285:fefe::36> has quit IRC (Quit: ZNC - http://znc.in)[22:23:44] *** bauruine <bauruine!~bauruine@2a01:4f8:130:8285:fefe::36> has joined #postfix[22:29:15] *** bauruine <bauruine!~bauruine@2a01:4f8:130:8285:fefe::36> has quit IRC (Read error: Connection reset by peer)[22:29:49] *** graps <graps!~grapster@grapster.us> has left #postfix[22:30:26] *** bauruine <bauruine!~bauruine@2a01:4f8:130:8285:fefe::36> has joined #postfix[22:31:34] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 264 seconds)[22:34:30] *** ThomasKeller <ThomasKeller!~Thomas@vmx.ethz.ch> has quit IRC (Ping timeout: 240 seconds)[22:43:06] *** puzzled <puzzled!~puzzled@2001:982:1097:1::1:3> has quit IRC (Quit: Leaving)[22:44:00] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[22:56:08] *** luxifer <luxifer!~luxifer@94.16.91.91> has quit IRC (Ping timeout: 240 seconds)[22:58:52] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[23:01:48] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[23:06:00] *** MadPsy <MadPsy!~MadPsy@unaffiliated/madpsy-/x-5109697> has left #postfix[23:10:05] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Ping timeout: 240 seconds)[23:10:57] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[23:16:49] <patdk-wk> jpt, ya, I don't remember many of those on sb's, but the scsi-1 bus on the pas-16, loved those[23:17:20] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[23:18:39] <JPT> ... to think we still have that hp scanjet 4p somewhere that plugs into the computer through scsi ... :D[23:20:37] <JPT> Sometimes, i lean back and try to imagine that we can have more than 64GiB of storage on those fingernail-sized micro sd cards. It's kind of scary[23:21:35] <JPT> There's an ultra-high precision measurement equipment reading a spinning disc containing magnetically encoded information with a small head flying several nanometers above the spinning platters[23:22:16] <JPT> And all of this madness just to do shitposts on the internet[23:27:21] <tuxick> ye, edison storage[23:27:25] <tuxick> ancient tech[23:44:51] *** graps <graps!~grapster@grapster.us> has joined #postfix[23:44:59] <graps> Hi all[23:45:33] <JPT> hi[23:46:39] <graps> So I can send out e-mail from my virtual machine, but I can't receive messages from my other e-mail systems. Is there a guide in www.postfix.org that deals with inbound e-mail ?[23:49:37] <JPT> Umm, not that i know of right now. But it should not be that hard to configure postfix to receive emails for certain domains - it all depends on your goals :)[23:51:33] <graps> JPT: I'm trying to send e-mail from my Yahoo account to my virtual machine, or from Gmail to the VM, for example. What do I configure in postfix (in main.cf) ?[23:52:12] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 240 seconds)[23:54:16] <JPT> Depending on how you want postfix to treat the domain it shall be responsible for, the options mydestination and mydomain might be a good start to look at[23:54:41] <JPT> This is a nice entry page: http://www.postfix.org/BASIC_CONFIGURATION_README.html[23:54:57] <graps> JPT: Thanks[23:55:36] <JPT> You're welcome. I'll have to catch a bed now, tomorrow is going to be that day before weekend, so work is still mandatory ;-)[23:56:10] <graps> JPT: Right. Have a good sleep and I'll write you later[23:56:33] <JPT> Thanks :)