February 10, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | >
February 10, 2017 [00:03:51] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has quit IRC (Remote host closed the connection)[00:05:14] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has joined #postfix[00:06:01] <rob0> graps, what did the logs say?[00:08:37] <graps> rob0: Regarding inbound e-mail ?[00:09:10] <rob0> that's what you're asking[00:10:18] <graps> rob0: Ah, right. There was a mail that bounced...host or domain name not found[00:10:29] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Ping timeout: 252 seconds)[00:10:34] *** froz-gab <froz-gab!~froz-gab@frozenstar.info> has quit IRC (Ping timeout: 264 seconds)[00:10:45] <rob0> uh, that doesn't sound like inbound[00:10:51] *** draynium <draynium!U2FsdGVkX1@ma.sdf.org> has joined #postfix[00:11:22] <graps> rob0: I was checking mail.log, is that the right log file for inbound ?[00:11:33] <rob0> !logs[00:11:33] <knoba> rob0: "logs" : Postfix logs to the mail facility of syslog. You can usually find them with ls /var/log/mail*; otherwise see your system's syslog server documentation. Also see !nologs and !mung[00:11:37] <rob0> !debian[00:11:37] <knoba> rob0: "debian" : (#1) Please see /usr/share/doc/postfix/README.Debian for Debian-specific information. This probably applies to Ubuntu and most other Debian-derivative distributions as well., or (#2) Debian splits the syslog mail facility into several files; the one most likely to be of interest is mail.log , which contains all mail.* priority levels.[00:13:01] <graps> Checking the mail.* log files[00:14:01] <rob0> no, it says ONLY mail.log ... mail.warn and mail.info are likely to confuse you because they are incomplete[00:14:17] <graps> Okay[00:15:18] *** dxtr <dxtr!9a954b2a@unaffiliated/dxtr> has quit IRC (Ping timeout: 256 seconds)[00:16:55] *** dxtr <dxtr!db89a89b@unaffiliated/dxtr> has joined #postfix[00:18:31] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[00:22:13] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Max SendQ exceeded)[00:22:37] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[00:23:38] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[00:24:44] <rob0> graps, assuming you're wanting to set up mail for grapster.us, there are no logs, because:[00:24:49] <rob0> !nologs[00:24:49] <knoba> rob0: "nologs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.[00:25:08] <rob0> Connections are not arriving.[00:25:35] <rob0> telnet: connect to address 208.113.164.116: Connection timed out[00:25:59] <graps> rob0: Okay. I'm trying to send some test messages from Yahoo and Gmail to the vm/server[00:26:00] <rob0> Also, you should create a MX record for your domain.[00:26:08] *** beatdown <beatdown!beatdown@violator.strangled.net> has quit IRC (Ping timeout: 240 seconds)[00:26:39] <rob0> Dreamhost probably has a DNS interface to do that.[00:26:48] <graps> !mxrecord[00:26:48] <knoba> graps: "mxrecord" : a DNS resource record specifying a host name that Internet mail for a recipients' domain is to be routed to. The host name assigned to the MX record must have a corresponding A record, not a CNAME and the MX record host name must not be expressed as an IP address literal. A domain can have multiple exchangers with multiple MX records having varying levels of priority.[00:28:55] <graps> I kind of remember the DNS interface, but can it be made in a file on the vm ?[00:29:10] *** j7k6_ <j7k6_!~j7k6@208.167.254.236> has joined #postfix[00:30:35] *** benone <benone!~benone@web.tiangola.co.ao> has quit IRC (Ping timeout: 240 seconds)[00:30:50] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Ping timeout: 252 seconds)[00:32:10] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Ping timeout: 240 seconds)[00:32:35] *** benone <benone!~benone@196.32.197.179> has joined #postfix[00:32:38] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[00:33:14] <graps> !logs[00:33:14] <knoba> graps: "logs" : Postfix logs to the mail facility of syslog. You can usually find them with ls /var/log/mail*; otherwise see your system's syslog server documentation. Also see !nologs and !mung[00:33:21] *** rizonz <rizonz!~rizonz@184.75.250.58> has left #postfix[00:33:24] *** rizonz <rizonz!~rizonz@184.75.250.58> has joined #postfix[00:36:05] <rob0> Nobody is going to go to your VPS for DNS for your domain, because Dreamhost is published by the registrar as NS.[00:36:50] <graps> I'm stumped. So, what are my options ?[00:37:40] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Max SendQ exceeded)[00:38:03] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[00:39:02] *** ChanServ sets mode: +o rob0[00:39:07] <rizonz> yoyo rob0[00:39:08] <rizonz> :D[00:39:14] <rob0> ah, good[00:39:25] <rizonz> postfix complains it's hostname does not resolve to it's IP address but it does, A and PTR[00:39:25] *** ChanServ sets mode: -o rob0[00:39:45] <rob0> what's the hostname[00:40:01] <graps> rob0: Currently, it's mail.grapster.us[00:40:09] <rizonz> rob0: where in the postfix config ?[00:40:20] <rizonz> the same as my fqdn[00:40:22] <rob0> !getting_help[00:40:22] <knoba> rob0: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[00:40:35] *** mjr0 <mjr0!~mcox@77.172.153.103> has joined #postfix[00:40:50] <rizonz> rob0: hostname can be defined everywhere :)[00:41:21] <rob0> !basic[00:41:22] <knoba> rob0: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[00:41:34] *** markus_e92 <markus_e92!~markus_e9@91-115-18-4.adsl.highway.telekom.at> has quit IRC (Ping timeout: 245 seconds)[00:41:59] <rob0> I think both of you could benefit from !basic[00:42:43] <rizonz> rob0: nah it's a config I run on multiple machines that don't complain, but I mean you ask me something I ask you where ? host itself, in the config[00:43:01] <rizonz> rob0: weird thing is when it complains when it resolves like ir[00:43:29] <rob0> !fcrdns[00:43:29] <knoba> rob0: "fcrdns" : http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS : your IP address should resolve to $myhostname, which in turn should resolve back to your IP. This is very important if you want big sites to accept your mail. If you can't have it from your ISP, see !relayhost[00:43:48] <graps> rob0: http://pastebin.ca/3766050[00:43:54] <rizonz> yeah that is all fine[00:48:21] <graps> rizonz: Does your vm come from Dreamhost too ?[00:48:52] <rizonz> rob0: yeah fixed, was some /etc/hosts issue... some software doesn't use that and let dns lookup overrule :)[00:49:08] <rizonz> graps: no, from my own HA cluster :)[00:49:24] *** markus_e92 <markus_e92!~markus_e9@91-115-157-108.adsl.highway.telekom.at> has joined #postfix[00:49:34] <graps> rizonz: High availability, sounds neat[00:50:16] <graps> ...and expensive[00:50:38] *** aqua^c <aqua^c!~aqua@114.111.60.64> has joined #postfix[00:51:38] <graps> !showconfig[00:51:38] <knoba> graps: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[00:53:11] <rizonz> graps: depends on how you do it, I need it but I'm changing some antispam filters, running some mailclusters[00:53:14] <graps> rob0: http://pastebin.ca/3766054[00:53:50] *** beatdown <beatdown!beatdown@violator.strangled.net> has joined #postfix[00:55:09] *** aqua^c_ <aqua^c_!~aqua@114.111.60.64> has joined #postfix[00:55:43] *** aqua^c <aqua^c!~aqua@114.111.60.64> has quit IRC (Read error: Connection reset by peer)[00:59:21] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has joined #postfix[01:01:34] *** j7k6_ <j7k6_!~j7k6@208.167.254.236> has quit IRC (Ping timeout: 245 seconds)[01:01:51] <graps> I'm stumped and tired. How about if we pick this up in about four hours from now ?[01:03:13] *** beatdown <beatdown!beatdown@violator.strangled.net> has quit IRC (Ping timeout: 258 seconds)[01:05:21] <graps> Your silence is deafening :) I'll be back later with more motivation[01:05:27] *** beatdown <beatdown!~beatdown@violator.strangled.net> has joined #postfix[01:10:05] *** graps <graps!~grapster@grapster.us> has left #postfix[01:11:58] <patdk-wk> oh well, he will never get his mail server fixed by leaving[01:13:44] *** beatdown <beatdown!~beatdown@violator.strangled.net> has quit IRC (Ping timeout: 276 seconds)[01:14:21] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Quit: Bye.)[01:16:25] *** beatdown <beatdown!~beatdown@violator.strangled.net> has joined #postfix[01:19:26] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[01:24:32] *** mjr0 <mjr0!~mcox@77.172.153.103> has quit IRC (Ping timeout: 240 seconds)[01:24:41] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has joined #postfix[01:25:12] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:5c58:36df:fff9:132e> has quit IRC (Client Quit)[01:29:59] *** orion <orion!~orion@unaffiliated/orion> has quit IRC (Ping timeout: 276 seconds)[01:30:40] *** beatdown <beatdown!~beatdown@violator.strangled.net> has quit IRC (Ping timeout: 256 seconds)[01:32:25] *** beatdown <beatdown!beatdown@violator.strangled.net> has joined #postfix[01:35:15] *** orion <orion!~orion@c-73-60-0-254.hsd1.nh.comcast.net> has joined #postfix[01:35:15] *** orion <orion!~orion@c-73-60-0-254.hsd1.nh.comcast.net> has quit IRC (Changing host)[01:35:15] *** orion <orion!~orion@unaffiliated/orion> has joined #postfix[01:42:04] *** leprechau <leprechau!tsopzxq5eh@c-67-187-127-110.hsd1.tn.comcast.net> has quit IRC (Ping timeout: 255 seconds)[01:47:05] *** leprechau <leprechau!e6bwhstbd9@c-67-187-127-110.hsd1.tn.comcast.net> has joined #postfix[01:50:26] *** j7k6 <j7k6!~j7k6@unaffiliated/j7k6> has quit IRC (Remote host closed the connection)[01:59:05] *** hl <hl!~hl@unaffiliated/hl> has quit IRC (Ping timeout: 240 seconds)[01:59:35] *** ovrstorm <ovrstorm!~ovrstorm@air.raid.io> has quit IRC (Ping timeout: 240 seconds)[02:00:05] *** Ulver <Ulver!~someIdent@69.30.253.222> has quit IRC (Ping timeout: 240 seconds)[02:00:56] *** ovrstorm <ovrstorm!~ovrstorm@air.raid.io> has joined #postfix[02:01:10] *** hl <hl!~hl@unaffiliated/hl> has joined #postfix[02:05:33] *** Ulver <Ulver!~someIdent@69.30.253.222> has joined #postfix[02:07:16] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 255 seconds)[02:07:19] *** pti-jean_ <pti-jean_!~quassel@222.48.124.78.rev.sfr.net> has quit IRC (Read error: Connection reset by peer)[02:09:37] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[02:11:11] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Quit: No Ping reply in 180 seconds.)[02:11:43] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has quit IRC (Remote host closed the connection)[02:12:03] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has joined #postfix[02:12:35] *** anexit <anexit!~anexit@push.anexit.net> has quit IRC (Ping timeout: 240 seconds)[02:12:56] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[02:13:40] *** anexit <anexit!~anexit@push.anexit.net> has joined #postfix[02:18:13] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[02:49:07] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[02:55:16] *** madduck <madduck!~madduck@debian/developer/madduck> has quit IRC (Quit: leaving)[02:55:38] *** madduck <madduck!~madduck@matilda.madduck.net> has joined #postfix[02:55:45] *** madduck <madduck!~madduck@matilda.madduck.net> has quit IRC (Changing host)[02:55:45] *** madduck <madduck!~madduck@debian/developer/madduck> has joined #postfix[03:01:31] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Remote host closed the connection)[03:02:06] *** mroe <mroe!~roe@unaffiliated/roe> has joined #postfix[03:06:52] *** mroe <mroe!~roe@unaffiliated/roe> has quit IRC (Ping timeout: 260 seconds)[04:02:55] *** armguy <armguy!~adminempi@unaffiliated/adminempire-jl> has quit IRC (Ping timeout: 255 seconds)[04:14:30] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[04:19:25] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[04:42:39] *** skylite <skylite!~skylite@5402F5C1.dsl.pool.telekom.hu> has quit IRC (Read error: Connection reset by peer)[04:43:50] *** skylite <skylite!~skylite@5402F5C1.dsl.pool.telekom.hu> has joined #postfix[04:53:08] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 240 seconds)[04:54:25] *** armguy <armguy!~adminempi@unaffiliated/adminempire-jl> has joined #postfix[04:56:23] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[05:13:35] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[05:16:45] *** graps <graps!~grapster@grapster.us> has joined #postfix[05:16:48] <graps> Hi all[05:17:02] <graps> rob0: Are you here ?[05:21:26] *** Guest43 <Guest43!~textual@unaffiliated/rufus> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[05:22:22] *** graps <graps!~grapster@grapster.us> has left #postfix[05:26:01] <patdk-lap> graps fix your config[05:26:07] <patdk-lap> !mydestination[05:26:07] <knoba> patdk-lap: "mydestination" : a configuration parameter in the main.cf: The list of domains that Postfix delivers via the $local_transport mail delivery transport. By default, mail is given to the Postfix local(8) delivery agent that looks up all recipients in /etc/passwd and /etc/aliases, or their equivalents. See http://www.postfix.org/postconf.5.html#mydestination for more information.[05:59:01] *** draynium <draynium!U2FsdGVkX1@ma.sdf.org> has quit IRC (Ping timeout: 255 seconds)[06:04:58] *** draynium <draynium!U2FsdGVkX1@ma.sdf.org> has joined #postfix[06:08:23] *** dh <dh!dh@bsd.ee> has quit IRC (Disconnected by services)[06:08:29] *** dh__ <dh__!~dh@bsd.ee> has joined #postfix[06:09:27] *** roxer <roxer!~roxer@q.netatonce.net> has quit IRC (Quit: No Ping reply in 180 seconds.)[06:10:34] *** roxer <roxer!~roxer@q.netatonce.net> has joined #postfix[06:13:40] *** sm311 <sm311!~sm311@138.36.57.5> has joined #postfix[06:13:55] *** sm311 <sm311!~sm311@138.36.57.5> has quit IRC (Read error: Connection reset by peer)[06:21:57] *** shoonya <shoonya!~unknown@122.166.174.185> has joined #postfix[06:37:47] *** magyar <magyar!~magyar@unaffiliated/magyar> has quit IRC (Remote host closed the connection)[06:48:14] *** dh__ <dh__!~dh@bsd.ee> has quit IRC (Quit: "Fhtagn-Nagh Yog Sothoth")[06:48:25] *** dh <dh!dh@bsd.ee> has joined #postfix[07:11:14] *** muh2000_ <muh2000_!~quassel@prx1.ernw.net> has quit IRC (Ping timeout: 252 seconds)[07:17:10] *** shoonya <shoonya!~unknown@122.166.174.185> has quit IRC (Ping timeout: 264 seconds)[07:27:16] *** magyar <magyar!~magyar@unaffiliated/magyar> has joined #postfix[07:30:31] *** shoonya <shoonya!~unknown@171.48.30.29> has joined #postfix[07:44:53] *** aqua^c_ <aqua^c_!~aqua@114.111.60.64> has quit IRC ()[08:06:42] *** Guest43 <Guest43!~textual@195.93.136.30> has joined #postfix[08:15:19] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has joined #postfix[08:41:46] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[08:45:05] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[08:49:11] *** shoonya <shoonya!~unknown@171.48.30.29> has quit IRC (Quit: Leaving)[09:03:14] *** thms <thms!~thms@gate.nnx.com> has joined #postfix[09:03:14] *** thms <thms!~thms@gate.nnx.com> has quit IRC (Changing host)[09:03:14] *** thms <thms!~thms@unaffiliated/thms> has joined #postfix[09:23:17] *** Oclair <Oclair!~Oclair@91-115-61-171.adsl.highway.telekom.at> has quit IRC (Quit: Bye Bye)[09:26:46] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[09:35:01] *** bolt <bolt!r00t@unaffiliated/bolt> has quit IRC (Quit: telnet irc.freenode.net 6667)[09:37:13] <natan64> :)[09:37:21] <natan64> ehlo localhost[09:39:05] *** bolt <bolt!r00t@unaffiliated/bolt> has joined #postfix[09:46:32] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[09:46:32] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has quit IRC (Remote host closed the connection)[10:05:46] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[10:06:48] *** luxifer <luxifer!~luxifer@94.46.70.121> has joined #postfix[10:07:44] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[10:07:45] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:13:48] *** luxifer <luxifer!~luxifer@94.46.70.121> has quit IRC (Ping timeout: 240 seconds)[10:13:54] *** MadPsy <MadPsy!~MadPsy@unaffiliated/madpsy-/x-5109697> has joined #postfix[10:14:28] *** dka__ <dka__!~dka@master-sbg-01.kopaxgroup.com> has joined #postfix[10:16:32] *** dka_ <dka_!~dka@master-rbx-01.kopaxgroup.com> has quit IRC (Ping timeout: 240 seconds)[10:16:34] *** dka <dka!~dka@master-rbx-01.kopaxgroup.com> has quit IRC (Ping timeout: 245 seconds)[10:17:32] *** dka <dka!~dka@master-sbg-01.kopaxgroup.com> has joined #postfix[10:32:39] *** madduck <madduck!~madduck@debian/developer/madduck> has quit IRC (Remote host closed the connection)[10:32:53] *** bjoe2k4 <bjoe2k4!bjoe2k4@2a03:4000:9:55::1> has joined #postfix[10:33:19] *** madduck <madduck!~madduck@debian/developer/madduck> has joined #postfix[10:36:46] *** madduck <madduck!~madduck@debian/developer/madduck> has quit IRC (Remote host closed the connection)[10:38:02] *** madduck <madduck!~madduck@debian/developer/madduck> has joined #postfix[10:38:34] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Remote host closed the connection)[10:45:44] *** shaytan_ <shaytan_!~shaytan@c-83-233-76-171.cust.bredband2.com> has quit IRC (Ping timeout: 252 seconds)[10:59:05] *** markus_e92 <markus_e92!~markus_e9@91-115-157-108.adsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[11:00:18] *** markus_e92 <markus_e92!~markus_e9@62-46-96-19.adsl.highway.telekom.at> has joined #postfix[11:02:12] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[11:03:16] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Remote host closed the connection)[11:31:57] *** bolt <bolt!r00t@unaffiliated/bolt> has quit IRC (Remote host closed the connection)[11:32:40] *** markus_e92 <markus_e92!~markus_e9@62-46-96-19.adsl.highway.telekom.at> has quit IRC (Ping timeout: 240 seconds)[11:33:22] *** markus_e92 <markus_e92!~markus_e9@91-115-23-8.adsl.highway.telekom.at> has joined #postfix[11:36:35] *** bolt <bolt!r00t@unaffiliated/bolt> has joined #postfix[11:59:29] <rizonz> !mynetworks[11:59:30] <knoba> rizonz: "mynetworks" : a configuration parameter in the main.cf: The list of "trusted" SMTP clients that can relay email.[12:00:13] <rizonz> I wonder if it's needed, or better, to have the local IP's in mynetworks as well[12:16:40] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 240 seconds)[12:18:10] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[12:19:43] *** Section1 <Section1!~section1@178.33.109.106> has joined #postfix[12:23:44] *** trick55 <trick55!c066e00e@gateway/web/cgi-irc/kiwiirc.com/ip.192.102.224.14> has joined #postfix[12:35:49] *** mietsin <mietsin!~tuxuser@unaffiliated/mietsin> has joined #postfix[12:37:25] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[12:37:26] *** trick55 <trick55!c066e00e@gateway/web/cgi-irc/kiwiirc.com/ip.192.102.224.14> has quit IRC (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)[12:38:14] *** mietsin <mietsin!~tuxuser@unaffiliated/mietsin> has quit IRC (Client Quit)[12:42:31] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has quit IRC (Ping timeout: 255 seconds)[13:05:56] *** pti-jean_ <pti-jean_!~quassel@38.34.124.78.rev.sfr.net> has joined #postfix[13:09:23] *** ThomasKeller <ThomasKeller!~Thomas@vmx.ethz.ch> has joined #postfix[13:10:05] *** shaytan <shaytan!~shaytan@c-31-208-8-194.cust.bredband2.com> has joined #postfix[13:26:27] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[13:49:32] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:99c8:25:bf57:1959> has joined #postfix[14:05:09] <thumbs> rizonz: no, and it should be empty[14:08:58] *** synthroid <synthroid!~synthroid@50.202.5.122> has joined #postfix[14:10:18] *** muh2000_ <muh2000_!~quassel@prx2.ernw.net> has quit IRC (Remote host closed the connection)[14:13:58] *** synthroi_ <synthroi_!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[14:15:59] *** synthroid <synthroid!~synthroid@50.202.5.122> has quit IRC (Ping timeout: 240 seconds)[14:26:10] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Ping timeout: 264 seconds)[14:27:34] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[14:31:03] *** synthroid <synthroid!~synthroid@50.202.5.122> has joined #postfix[14:34:22] *** synthroi_ <synthroi_!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC (Ping timeout: 256 seconds)[14:41:46] *** synthroi_ <synthroi_!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[14:44:28] *** synthroid <synthroid!~synthroid@50.202.5.122> has quit IRC (Ping timeout: 255 seconds)[14:48:36] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[14:48:36] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[14:48:36] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[14:51:08] *** jozza <jozza!~chatzilla@unaffiliated/jozza> has joined #postfix[14:51:18] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[14:52:51] <jozza> hi, how do i tell postfix smtpd, not to use -o content_filter for authenticated users?[14:53:30] <jozza> first line in master.cf is smtp with command smtpd -o content filter[15:12:02] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:12:14] *** heroux <heroux!sandroco@gateway/shell/insomnia247/x-ukqzqpgadggablzk> has quit IRC (Ping timeout: 276 seconds)[15:12:39] *** heroux <heroux!sandroco@gateway/shell/insomnia247/x-vtpdmukjdijqykol> has joined #postfix[15:13:35] *** jozza <jozza!~chatzilla@unaffiliated/jozza> has quit IRC (Quit: ChatZilla 0.9.93 [Firefox 51.0.1/20170125094131])[15:15:22] *** krijt <krijt!~krijt@mail.vertrouwdverbonden.nl> has joined #postfix[15:40:52] *** shaytan <shaytan!~shaytan@c-31-208-8-194.cust.bredband2.com> has quit IRC (Ping timeout: 240 seconds)[15:42:01] *** luxifer <luxifer!~luxifer@94.46.70.121> has joined #postfix[15:50:08] *** shaytan <shaytan!~shaytan@c-31-208-8-194.cust.bredband2.com> has joined #postfix[15:51:28] *** luxifer <luxifer!~luxifer@94.46.70.121> has quit IRC (Ping timeout: 240 seconds)[15:53:35] *** luxifer <luxifer!~luxifer@94.46.70.121> has joined #postfix[15:59:28] *** luxifer <luxifer!~luxifer@94.46.70.121> has quit IRC (Ping timeout: 240 seconds)[16:01:00] *** luxifer <luxifer!~luxifer@94.46.70.121> has joined #postfix[16:09:26] *** peb` <peb`!~Coin@unaffiliated/peb/x-8260976> has quit IRC (Quit: Meh)[16:21:34] *** markus_e92 <markus_e92!~markus_e9@91-115-23-8.adsl.highway.telekom.at> has quit IRC (Ping timeout: 245 seconds)[16:22:59] *** Guest43 <Guest43!~textual@195.93.136.30> has quit IRC (Ping timeout: 240 seconds)[16:24:00] *** gongoputch <gongoputch!~kseel@freebsd/op/gongoputch> has joined #postfix[16:24:16] *** markus_e92 <markus_e92!~markus_e9@62-46-30-113.adsl.highway.telekom.at> has joined #postfix[16:24:17] *** muh2000_ <muh2000_!~quassel@prx1.ernw.net> has joined #postfix[16:35:09] *** guanchao71 <guanchao71!~guanchao7@114.95.155.28> has joined #postfix[16:37:09] *** guanchao71 <guanchao71!~guanchao7@114.95.155.28> has quit IRC (Client Quit)[16:50:13] *** spY|da <spY|da!~spychodel@owncloud.linuxjunkies.de> has joined #postfix[16:54:41] *** peb` <peb`!~Coin@unaffiliated/peb/x-8260976> has joined #postfix[16:55:04] *** spY|da <spY|da!~spychodel@owncloud.linuxjunkies.de> has quit IRC (Client Quit)[16:55:39] *** spY|da <spY|da!~spychodel@owncloud.linuxjunkies.de> has joined #postfix[17:02:58] *** Death_rattle_ <Death_rattle_!~death@p200300868A277D010000000000000001.dip0.t-ipconnect.de> has joined #postfix[17:10:01] *** krijt <krijt!~krijt@mail.vertrouwdverbonden.nl> has quit IRC (Quit: leaving)[17:11:26] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Quit: Leaving.)[17:11:31] *** JanC_ <JanC_!~janc@lugwv/member/JanC> has joined #postfix[17:12:48] *** JanC <JanC!~janc@lugwv/member/JanC> has quit IRC (Killed (wolfe.freenode.net (Nickname regained by services)))[17:12:48] *** JanC_ is now known as JanC[17:18:29] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[17:20:41] *** synthroi_ <synthroi_!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC (Remote host closed the connection)[17:20:48] *** luxifer <luxifer!~luxifer@94.46.70.121> has quit IRC (Ping timeout: 240 seconds)[17:23:15] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has joined #postfix[17:33:33] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has joined #postfix[17:37:26] *** zorg1 <zorg1!~zorg1@LNeuilly-656-1-74-35.w92-154.abo.wanadoo.fr> has quit IRC (Quit: Leaving)[17:43:32] *** greitas <greitas!4e1fe5f8@gateway/web/freenode/ip.78.31.229.248> has joined #postfix[17:47:11] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has joined #postfix[17:52:21] *** greitas <greitas!4e1fe5f8@gateway/web/freenode/ip.78.31.229.248> has quit IRC (Quit: Page closed)[17:52:51] <eelstrebor> i'm certain that my problem isn't with postix so can you guys tell me where to ask why some mail gets to my server to a particular user while some doesn't? i don't even see the mail even getting to my system to be processed in any way - the sender claims there's nothing wrong with their mail system even though i get mail sent to my user's account from other entities - there are 2 organizations that i can't get e-mail from[17:52:51] <eelstrebor> (along with godaddy)[17:53:36] *** n-st_sleeper <n-st_sleeper!~n.st@ny.voidptr.de> has joined #postfix[17:55:23] <f3ew> eelstrebor: see your logs?[17:55:36] <f3ew> Do you see mail being received from the sender?[17:59:57] <f3ew> !logs[17:59:58] <knoba> f3ew: "logs" : Postfix logs to the mail facility of syslog. You can usually find them with ls /var/log/mail*; otherwise see your system's syslog server documentation. Also see !nologs and !mung[18:03:40] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 240 seconds)[18:07:27] *** IndigoTiger <IndigoTiger!IndigoTige@sahara.sigint.pw> has joined #postfix[18:09:29] *** pti-jean___ <pti-jean___!~quassel@189.40.124.78.rev.sfr.net> has joined #postfix[18:10:17] <rob0> If you don't see anything in the logs, we can only guess that it never came to you, and that's impossible to troubleshoot without access to the sender's logs.[18:10:59] *** pti-jean_ <pti-jean_!~quassel@38.34.124.78.rev.sfr.net> has quit IRC (Ping timeout: 276 seconds)[18:11:57] <rob0> Also it seems like you're reporting two separate problems: 1) a particular user/address doesn't get mail; 2) Godaddy and an unnamed other org can't send to you.[18:13:52] <rob0> I can come up with a WAG about #2: did you recently change your DNS hosting? Maybe Godaddy was your DNS host, and is still seeing the authoritative (but now wrong) data?[18:14:09] <lunaphyte> guesses gone wild[18:14:14] <rob0> ty[18:14:24] <lunaphyte> hot, co-ed guesses.[18:14:55] * rob0 blushes[18:18:03] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Quit: No Ping reply in 180 seconds.)[18:19:07] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[18:32:36] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Read error: Connection reset by peer)[18:33:09] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has joined #postfix[18:33:22] *** troulouliou_div2 <troulouliou_div2!~troulouli@unaffiliated/troulouliou-div2/x-0271439> has quit IRC (Remote host closed the connection)[18:38:30] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[18:39:48] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[18:42:20] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[18:42:33] *** Death_rattle_ <Death_rattle_!~death@p200300868A277D010000000000000001.dip0.t-ipconnect.de> has quit IRC (Remote host closed the connection)[18:57:37] *** KsChoice <KsChoice!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[18:57:41] *** Phoenixz <Phoenixz!~quassel@187-163-219-201.static.axtel.net> has joined #postfix[19:04:06] <eelstrebor> f3ew, nope, nothing in the logs showing the sender so it's not even getting into my system[19:05:08] <eelstrebor> rob0, never changed from godaddy[19:06:34] <eelstrebor> rob0, problem #1 doesn't apply, the user is getting mail from other sources - it's just that some senders never get here.[19:07:38] <rob0> re: Godaddy, I can only suggest you ask the sender (or other Godaddy hosting customer) to seek support from Godaddy.[19:08:31] <rob0> If you told us the recipient domain (i.e., YOUR domain), we could look at DNS and see if there's anything amiss.[19:09:13] <eelstrebor> n0sq.us[19:09:42] *** pijiu <pijiu!~pijiu@unaffiliated/pijiu> has quit IRC (Quit: Leaving)[19:11:27] <eelstrebor> actually, godaddy is my registrar and dyndns is my "actual" service[19:12:43] <eelstrebor> btw, i'm using a static public address[19:13:30] <rob0> The only problems I see: 1) there's no MX (why not?) 2) the TTL on the A is very short (why?)[19:13:52] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 240 seconds)[19:16:16] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[19:30:58] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has quit IRC (Ping timeout: 264 seconds)[19:35:54] <patdk-wk> it could move at a seconds notice![19:36:45] *** lio <lio!~lio@unaffiliated/lio> has joined #postfix[19:38:09] <lio> any idea how to set a daily limit for sent emails and put the rest in a queue to be send the next day[19:38:23] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has joined #postfix[19:41:37] *** pti-jean___ <pti-jean___!~quassel@189.40.124.78.rev.sfr.net> has quit IRC (Ping timeout: 255 seconds)[19:50:33] *** infides_afk <infides_afk!~infides@p4FE75E99.dip0.t-ipconnect.de> has joined #postfix[19:55:24] *** xa0z <xa0z!~interex@webmail.mindscrape.net> has joined #postfix[19:56:42] <rob0> !xy[19:56:42] <knoba> rob0: "xy" : (#1) The XY problem is that you want to do X, but don't know how. You think that you can solve X by doing Y, so you ask us how to do Y. We tell you that's an odd problem to want to solve. Just ask us about the real problem., or (#2) http://mywiki.wooledge.org/XyProblem -- I want to do X, but I'm asking how to do Y...[19:56:58] <xa0z> Hello. I'm having an issue that I can't resolve. It appears when a Yahoo mail server connects to my server, it connects with TLS v1.2 but then nothing ever happens. I don't receive the email from the Yahoo server.[19:57:27] <rob0> does it disconnect later?[19:57:46] <xa0z> Yes[19:57:50] <lunaphyte> xa0z: did you put a bunch of silly cipher constraints in your config?[19:57:51] <xa0z> Within a few seconds.[19:57:58] <xa0z> lunaphyte, not that I'm aware of.[19:58:06] <lunaphyte> !tell xa0z showconfig[19:58:06] <knoba> xa0z: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[19:58:06] *** Section1 <Section1!~section1@178.33.109.106> has quit IRC (Quit: Leaving)[19:58:09] <lunaphyte> pastebin that[19:58:57] <rob0> Sounds like what lunaphyte said.[19:59:09] <rob0> also:[19:59:18] <rob0> !smtpd_tls_loglevel[19:59:18] <knoba> rob0: "smtpd_tls_loglevel" : enable additional postfix smtp server logging of tls activity. each logging level also includes the information that is logged at a lower logging level.[19:59:26] <rob0> smtpd_tls_loglevel=1[19:59:42] <xa0z> lunaphyte, ok hang on[19:59:54] <rob0> set that ^^ and also smtp_tls_loglevel=1 won't hurt[19:59:56] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[20:00:17] <xa0z> okay lol, let's try one at a time[20:00:18] <xa0z> http://pastebin.com/Y7SRy88e[20:07:22] *** Guest43 <Guest43!~textual@86.123.182.225> has joined #postfix[20:10:11] *** Beerbelott <Beerbelott!~Beer@2a01:cb19:148:ae00:186e:1973:1c52:1574> has joined #postfix[20:10:27] <Beerbelott> Hello[20:11:03] <Beerbelott> I am having trouble securing my submission port, any one available to provide some help?[20:15:40] <lunaphyte> xa0z: that url is empty[20:16:45] <lunaphyte> !tell Beerbelott getting_help[20:16:45] <knoba> Beerbelott: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[20:16:55] <Beerbelott> http://paste.debian.net/hidden/42da9070/[20:17:44] <Beerbelott> It does not seem to be applied, although the smtpd_*_restrictions for the main process are[20:18:01] <Beerbelott> the RBL do not work on the submission port[20:18:01] * eelstrebor thinks he got his MX record "fixed" & TTL fixed[20:18:47] <Beerbelott> Are variables usable in master.cf?[20:21:37] <lunaphyte> yes[20:23:12] <Beerbelott> I get:[20:23:12] <Beerbelott> postfix/smtpd[17404]: NOQUEUE: reject: RCPT from unknown[185.110.132.130]: 554 5.7.1 Servi[20:23:12] <Beerbelott> ce unavailable; Client host [185.110.132.130] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SB[20:23:12] <Beerbelott> L320143; from=<***> to=<***> proto=SMTP helo=<win-e73f2aa0c2n.domain>[20:23:12] <Beerbelott> but:[20:23:13] <Beerbelott> Feb 10 20:16:46 sd-49041 postfix/submission/smtpd[16191]: Anonymous TLS connection established from unknown[185.110.132.130]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)[20:23:21] <Beerbelott> oops sry for that spam[20:23:43] <lunaphyte> well, once you follow the instructions, then you'll probably get help[20:24:04] <rob0> eelstrebor, yes, looks good[20:24:20] <Beerbelott> !getting_help[20:24:20] <knoba> Beerbelott: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[20:24:35] <Beerbelott> !relevant_logs[20:24:35] <knoba> Beerbelott: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility (mail); filter such messages out unless asked not to.[20:24:41] <Beerbelott> !showconfig[20:24:41] <knoba> Beerbelott: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[20:25:00] <Beerbelott> What's missing?[20:25:05] <lunaphyte> hmm?[20:25:09] <lunaphyte> uh...[20:25:15] <lunaphyte> the pastebin with that data?[20:25:18] <lunaphyte> seriously?[20:25:21] <Beerbelott> http://paste.debian.net/hidden/42da9070/[20:25:30] <lunaphyte> FOLLOW[20:25:31] <lunaphyte> THE[20:25:34] <lunaphyte> DIRECTIONS[20:25:36] <lunaphyte> jesus...[20:25:38] <Beerbelott> LEFT[20:25:40] <Beerbelott> OR[20:25:42] <Beerbelott> RIGHT[20:25:42] <Beerbelott> ?[20:25:48] <tuxick> left of course[20:26:00] <rob0> hey[20:26:06] <rob0> settle down[20:26:41] <rob0> Now, why do you want to apply DNSBL lookups to submission? How does that make it "secure"?[20:27:35] <rob0> Generally all those mua_* restrictions are set empty (or not set at all, which has the same effect.)[20:28:24] <tuxick> well, i can imagine weak passwords and fools falling for phishing[20:28:37] <tuxick> not entirely pointless perhaps[20:28:41] <rob0> You apparently have your relay restrictions set correctly for submission. What is the reason for all the other restrictions?[20:29:56] <eelstrebor> rob0, thanks for checking[20:30:25] <rob0> Remove all those mua_*_restrictions from main.cf and you're probably fine.[20:30:45] <Beerbelott> http://paste.debian.net/hidden/e6aaffa6/[20:31:12] <Beerbelott> Well there is not point in setting SBL on SMTP if submission is open to all winds, right?[20:31:28] <rob0> Offer void where taxed or prohibited, or where failure to follow directions might have caused misinformation.[20:31:28] <Beerbelott> lunaphyte: better paste to u?[20:31:36] * lunaphyte wanders off[20:31:47] <lunaphyte> my tolerance level is too low for this today[20:32:03] <rob0> I don't apply any DNSBL checks to submission[20:32:54] <Beerbelott> rob0: but then you have some king of restriction I suppose[20:32:58] <Beerbelott> kind*[20:33:45] <Beerbelott> lunaphyte: sorry, user needing help here. Formalism is so important. Wander if u prefer ;)[20:33:50] <rob0> as I said, your RELAY restrictions are fine[20:34:09] <lunaphyte> yes, being able to follow simple, basic instructions is very important[20:34:40] <Beerbelott> lunaphyte: u got logs and config snippet. anyhow..[20:34:46] <lunaphyte> no[20:34:57] <Beerbelott> rob0: but I got some hammering against the SASL facility[20:35:16] <lunaphyte> Beerbelott: you have yet to follow the basic, simple instructions.[20:35:24] <rob0> yes, is that the actual problem?[20:35:46] <Beerbelott> rob0: seems so, look at the paste[20:35:53] <Beerbelott> unless I am missing sth[20:36:01] <rob0> There are ways to deal with it; restrictions usually not useful.[20:36:12] <tuxick> Beerbelott: fail2ban :)[20:36:22] <rob0> Some people like ^^ fail2ban[20:36:26] <tuxick> and cluebringer/cbpolicyd or whatever it's called today[20:36:30] <rob0> yes[20:37:04] <rob0> it can keep track of failed AUTH attempts and maybe do something to block the client[20:37:51] <rob0> I would disable LOGIN mechanism (recent Microsoft MUAs should work fine with PLAIN.)[20:38:23] <Beerbelott> rob0: OK I'll have a look at it. The thing which saddens me here is that this IP address is actually banned on the SBL... (see the paste for the log snippet on the main SMTP port) but the SBL filters do not seem to be applied[20:38:44] <rob0> Anyway, you came asking about how to "secure" submission, but it looks fine other than the mua_*_restrictions.[20:38:54] <Beerbelott> ...do not seem to be applied *on the submission port*[20:39:41] <Beerbelott> rob0: is not it strange to accept conenctions from banned IP addresses there? Yes I got the SASL protection, but they should not be able to reach that, should they?[20:40:09] <Beerbelott> https://www.spamhaus.org/query/ip/185.110.132.130[20:40:49] <rob0> these attack bots are very common[20:41:15] <rob0> you're as secure as your usernames+passwords[20:41:28] <Beerbelott> it looks like the mua_client_restriction value is not expanded from the main.cf file[20:41:35] <Beerbelott> +s[20:41:43] <rob0> cbpolicyd is a good way to throttle the attacks[20:42:12] <Beerbelott> yes, that is anoth line of defense, I'll have a look at it, but I'd like to solve this conf pb too :)[20:42:46] <xa0z> lunaphyte, sorry I had a timeout on it.[20:43:53] <rob0> The mua_client_restrictions won't hurt but do not do anything useful.[20:43:54] <xa0z> lunaphyte, http://pastebin.com/umKbi40f[20:44:21] <rob0> The mua_helo_restrictions are bad, and could block legitimate users.[20:45:00] <Beerbelott> rob0: I heard loud and clear, I know your stance. The thing is they are not operating at all[20:45:10] <Beerbelott> ... which I'd like to correct[20:45:40] <rob0> changes to master.cf require a restart[20:45:46] <Beerbelott> done[20:45:49] <Beerbelott> already[20:46:53] <Beerbelott> and postconf show the variables being set[20:48:35] <rob0> I don't know if the order of restrictions is documented; if relay restrictions are first (you have a "reject" after SASL failures), there would be no need to go on to other stages.[20:48:44] <rob0> !access[20:48:44] <knoba> rob0: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[20:48:45] <Beerbelott> ps do not show the variables being expanded. I understand it is normal as postfix is 'lazy' and resolving variables at the time they are used? smtpd -n submission -t inet -u -c -o stress= -s 2 -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions[20:49:13] <Beerbelott> Oh OK I'll have a look then[20:49:17] <rob0> again, those helo restrictions will hurt[20:51:14] <Beerbelott> rob0: Yes probably, stupid copy-paste I made[20:53:17] <Beerbelott> As I understand from the webpage u linked, relay comes after client[20:53:21] <Beerbelott> client is the 1st[20:53:27] <Beerbelott> (which sounds logical)[20:54:09] <Beerbelott> ... which corresponds to the fact that client got blocked on the SMTP port even before having tried anything else[20:54:59] <Beerbelott> So if my mua_client_restrictions was effective, there would not be any SASL attempt, the client would have been dished on connection[21:07:40] *** thms <thms!~thms@unaffiliated/thms> has quit IRC (Ping timeout: 240 seconds)[21:11:35] *** luxifer <luxifer!~luxifer@94.46.70.121> has joined #postfix[21:13:33] <Beerbelott> rob0: I may be on a lead[21:13:43] <Beerbelott> ${variable} instead of $variable[21:13:46] <Beerbelott> ..[21:16:19] *** robinho86 <robinho86!~robsonjf@201.22.86.124.static.gvt.net.br> has quit IRC (Quit: Leaving.)[21:19:02] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has quit IRC (Remote host closed the connection)[21:19:28] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has joined #postfix[21:23:32] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has quit IRC (Client Quit)[21:24:28] *** WakiMiko <WakiMiko!~WakiMiko@unaffiliated/wakimiko> has joined #postfix[21:27:22] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 255 seconds)[21:29:31] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[21:34:02] <Beerbelott> rob0: Well thx anyway. Haven't found the source of my pb here. Mb too old of a postfix version? Bye[21:34:06] *** Beerbelott <Beerbelott!~Beer@2a01:cb19:148:ae00:186e:1973:1c52:1574> has left #postfix[21:42:10] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 240 seconds)[21:44:02] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[21:47:37] *** infides_afk <infides_afk!~infides@p4FE75E99.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 255 seconds)[21:48:48] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has quit IRC (Ping timeout: 240 seconds)[21:53:17] <rob0> Nope, not ${variable} and not old version. Maybe a typo?[21:59:28] *** maziar <maziar!~textual@5.117.138.139> has joined #postfix[21:59:54] *** maziar <maziar!~textual@5.117.138.139> has quit IRC (Changing host)[21:59:54] *** maziar <maziar!~textual@unaffiliated/maziar> has joined #postfix[22:00:58] <xa0z> Feb 10 14:46:34 mail postfix/lmtp[34912]: connect to 192.168.1.21[192.168.1.21]:10024: Operation timed out[22:01:23] <xa0z> I don't understand this.[22:04:12] <lunaphyte> you told postfix to give mail to 192.168.1.21 on port 10024, but it couldn't[22:04:23] <xa0z> That's the IP of the box postfix is running on...[22:04:48] <xa0z> That's the mail server.[22:05:17] <lunaphyte> and?[22:05:19] <lunaphyte> you told postfix to give mail to 192.168.1.21 on port 10024, but it couldn't[22:05:23] <xa0z> Why can't it?[22:05:32] <lunaphyte> um, we couldn't know that[22:05:38] <xa0z> How can I find out?[22:05:38] <lunaphyte> !tell xa0z getting_help[22:05:38] <knoba> xa0z: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[22:06:39] <xa0z> I've read the logs, there's nothing in the logs that really gives any info except that the emails are being queued.[22:06:45] <xa0z> I thought it was a TLS issue, but it's not.[22:07:02] <lunaphyte> hmm>[22:07:03] <lunaphyte> ?[22:07:10] <lunaphyte> the factoid doesn't say "read the logs"[22:07:24] <lunaphyte> it does describe what's necessary in order to get help here though[22:07:47] <xa0z> I pasted the config output twice, and that got me no where.[22:08:06] <xa0z> !relevant_logs[22:08:06] <knoba> xa0z: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility (mail); filter such messages out unless asked not to.[22:08:24] <lunaphyte> no, you did not[22:08:49] <xa0z> I didn't?[22:08:59] <xa0z> What did I paste then?[22:09:05] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[22:13:14] *** luxifer_ <luxifer_!~luxifer@2a02:b98:4732:178c:c4e2:d386:bc61:b7aa> has joined #postfix[22:14:16] <rob0> check to see that you have something listening on tcp/10024 on that IP address[22:15:43] <xa0z> I did, and there is. I can connect to that port and receive a 220 ESMTP, and then 221 Goodbye[22:16:01] <rob0> esmtp?[22:16:11] <rob0> what's listening there?[22:16:28] *** luxifer <luxifer!~luxifer@94.46.70.121> has quit IRC (Ping timeout: 240 seconds)[22:16:29] <lunaphyte> lmtp != esmtp [or smtp][22:17:23] <xa0z> That's just what we set the banner as, I believe.[22:17:47] <xa0z> smtpd_banner = ESMTP[22:18:05] <rob0> hmm, why? And again, WHAT is listening there?[22:18:11] <lunaphyte> postfix can't use lmtp to talk to itself, and setting an lmtp banner to say esmtp would not make sense[22:19:43] <xa0z> rob0 postfix is.[22:20:02] <rob0> Postfix does not implement LMTP listener[22:20:14] <rob0> so you misconfigured something[22:20:30] <xa0z> Okay, I'm trying to figure it out then.[22:20:36] <lunaphyte> if !getting_help is followed, we could tell you what[22:20:51] <xa0z> !getting_help[22:20:51] <knoba> xa0z: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[22:20:56] <xa0z> Yep[22:21:13] <xa0z> !showconfig[22:21:13] <knoba> xa0z: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[22:21:20] <xa0z> Yep, did that twice.[22:21:23] <lunaphyte> nope[22:21:26] <lunaphyte> that's silly.[22:21:32] <lunaphyte> if you had, we would not be waiting for the data[22:22:12] <rob0> I'm too lazy to scroll up and find your link. Good luck.[22:22:35] <xa0z> I did post it twice, I just had expire set on them, but I'll repost it again.[22:22:52] <lunaphyte> you didn't, no.[22:23:04] <xa0z> excuse me?[22:23:32] <xa0z> Are you saying that the content I pasted was not the right content?[22:23:52] <lunaphyte> you provided two pastebin links, but neither contained the data as set forth in the instructions.[22:24:41] <xa0z> You mean it only contained the postconf -nf and not the -Mf content?[22:24:45] <xa0z> That's a mistake on my part.[22:25:47] <xa0z> http://pastebin.com/3ZGEqeKV[22:26:05] <xa0z> amavisd appears to be 10024[22:26:11] <xa0z> but amavisd will not start.[22:26:16] <lunaphyte> so indeed, postfix isn't listening on 10024[22:26:20] <lunaphyte> some other software is[22:26:28] <lunaphyte> that's the key then.[22:26:48] <xa0z> I suppose so, I only saw that the port was listening while postfix was running, and was not listening while postfix was stopped.[22:26:50] <lunaphyte> you'll need to fix amavis so it starts and accepts mail from postfix, or you'll need to tell postfix to stop trying to send mail to it[22:27:57] <xa0z> Okay.[22:28:07] <xa0z> This just doesn't make sense because it all broke after a reboot of the server.[22:29:47] <xa0z> http://pastebin.com/1HThKaUL[22:30:15] <xa0z> This is what amavisd is showing in the maillog. Yes, sa-update has been ran, it's ran via cron.[22:30:21] <lunaphyte> for help with amavis, you'll want #amavis[22:30:27] <xa0z> Interesting[22:31:44] *** luxifer__ <luxifer__!~luxifer@2a02:b98:4732:178c:1821:731a:13a7:1740> has joined #postfix[22:35:46] *** luxifer_ <luxifer_!~luxifer@2a02:b98:4732:178c:c4e2:d386:bc61:b7aa> has quit IRC (Ping timeout: 255 seconds)[22:49:20] *** synthroid <synthroid!~synthroid@gateway/vpn/privateinternetaccess/synthroid> has quit IRC ()[22:53:26] <rizonz> rob0: is it ideal to have your nic-addresses of the postfix server itself in mynetworks as well ?[22:53:34] <xa0z> fixed my issues, thanks.[22:53:36] *** xa0z <xa0z!~interex@webmail.mindscrape.net> has left #postfix ("Leaving")[22:55:30] *** xcrracer <xcrracer!~xcrracer@unaffiliated/xcrracer> has quit IRC (Quit: Frextual IRC Client: www.frextualapp.com)[23:01:43] *** cpm <cpm!~Chip@pdpc/supporter/active/cpm> has quit IRC (Ping timeout: 255 seconds)[23:06:32] <patdk-lap> it's ideal to have mynetworks= set[23:06:39] <patdk-lap> and NOTHING after the =[23:07:14] <patdk-lap> though some perfer to put localhost in there[23:13:35] <rizonz> patdk-lap: huh I dont get that[23:14:06] <patdk-lap> get what?[23:14:20] <patdk-lap> that putting something in mynetworks is not needed at all, so leaving it blank is *ideal*[23:14:21] <rizonz> patdk-lap: how do you permit your networks then to relay ?[23:14:30] <patdk-lap> why would you need to?[23:14:44] <patdk-lap> they created something, years and years ago, called smtp auth[23:14:46] <rizonz> because you want to use it as you smtp ?[23:15:15] <rizonz> patdk-lap: why smtp auth when you can limit bt IP ?[23:15:18] <rizonz> by[23:15:23] <rizonz> it's a local machine[23:15:32] <patdk-lap> since when are local machines trustworthy?[23:15:50] *** mjr0 <mjr0!~mcox@dhcp-077-251-013-030.chello.nl> has joined #postfix[23:15:59] *** Xentil <Xentil!~quassel@ip-46-21-210-22.nette.pl> has joined #postfix[23:16:08] <rizonz> since when is smtp auth (so credentials saved on a host) trustable ?[23:16:22] <thumbs> rizonz: it's traceable![23:16:38] <thumbs> rizonz: you can pinpoint what credentials have been compromised, if any[23:16:38] <patdk-lap> you can disable the account[23:16:41] <rizonz> thumbs: what is it ?[23:16:53] <patdk-lap> you don't have to dig into your postfix config on all servers and attempt to modify mynetworks to exclude that one ip[23:16:57] <rizonz> true but this are interna hosts[23:17:02] <patdk-lap> but what if that ip is shared? or dynamic, your screwed[23:17:07] <rizonz> it's not[23:17:13] <rizonz> dedi machines[23:17:28] <rizonz> auth is not going to help there[23:36:58] *** luxifer__ <luxifer__!~luxifer@2a02:b98:4732:178c:1821:731a:13a7:1740> has quit IRC (Ping timeout: 255 seconds)[23:46:39] *** froz-gab <froz-gab!~froz-gab@host194-58-dynamic.53-79-r.retail.telecomitalia.it> has joined #postfix[23:50:50] *** mjr0 <mjr0!~mcox@dhcp-077-251-013-030.chello.nl> has quit IRC (Ping timeout: 256 seconds)[23:57:34] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has quit IRC (Quit: Ex-Chat)[23:58:00] <lunaphyte> smtp auth is the proper method to use for submission[23:58:10] <lunaphyte> it's not something that is a function of some other thing[23:59:20] <lunaphyte> mynetworks should be empty