Switch to DuckDuckGo Search
   February 16, 2019
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28

Toggle Join/Part | bottom
[00:01:20] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:03:29] *** shibboleth <shibboleth!~shibbolet@gateway/tor-sasl/shibboleth> has quit IRC (Quit: shibboleth)
[00:05:52] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 246 seconds)
[00:10:34] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:15:00] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)
[00:19:20] <AnrDaemon> lunaphyte: I'm banning jerks that send mail "from me to me"
[00:19:32] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:20:26] <AnrDaemon> Which makes a surprising amount of all spam we receive.
[00:23:56] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 246 seconds)
[00:26:49] <lunaphyte> your msa is sending spam?
[00:28:39] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:33:23] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 245 seconds)
[00:37:47] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:42:09] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 258 seconds)
[00:46:46] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[00:51:29] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 255 seconds)
[00:51:47] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 240 seconds)
[00:56:05] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:00:42] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 244 seconds)
[01:05:24] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:08:04] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has joined #postfix
[01:09:36] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)
[01:13:03] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has quit IRC (Read error: Connection reset by peer)
[01:14:04] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:17:57] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has joined #postfix
[01:18:42] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)
[01:23:09] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:27:58] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 245 seconds)
[01:32:25] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:37:20] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)
[01:41:33] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:45:50] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 246 seconds)
[01:50:39] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[01:55:07] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 240 seconds)
[01:59:53] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has joined #postfix
[02:00:47] *** puff <puff!~user@c-24-131-208-153.hsd1.pa.comcast.net> has quit IRC (Ping timeout: 240 seconds)
[02:02:13] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix
[02:03:23] <AnrDaemon> Receiving… pretty please read what I wrote.
[02:08:00] <teward> lunaphyte: I think AnrDaemon is suffering from a very specific type of spam attack where the From field is forged to look like the recipient's address, with a different mailto: hiding underneath
[02:08:06] *** edux <edux!~edux@140-132-235-201.fibertel.com.ar> has quit IRC (Ping timeout: 250 seconds)
[02:08:10] <teward> which is something I see quite regularly in my honeypots unfortunately
[02:09:33] <teward> 'course, SPF+DKIM+DMARC + DMARC enforcement... kinda helps me weed out that spam ;)
[02:09:50] <AnrDaemon> Yaeah. I'm narrowing down on that front.
[02:10:19] <AnrDaemon> I think I can try enableing SPF and removing that gate.
[02:11:05] <teward> but thats ultimately less of a postfix thing by that point *whistles nonchalantly*
[02:13:53] <AnrDaemon> Yeah. Just realized. >.>
[02:16:23] <AnrDaemon> Do I get it right that if smtpd_relay_restrictions resulted in reject, smtpd_recipient_restrictions won't be applied ?
[02:17:01] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)
[02:19:28] *** Bebef <Bebef!sbreit@phobos.bebef.de> has quit IRC (Read error: Connection reset by peer)
[02:20:30] *** Bebef <Bebef!sbreit@phobos.bebef.de> has joined #postfix
[02:25:34] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)
[02:27:56] *** MACscr <MACscr!~MACscr@c-98-215-100-46.hsd1.il.comcast.net> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)
[02:51:04] *** cattledrive <cattledrive!~ray@173.225.227.214> has joined #postfix
[02:52:59] <cattledrive> Greetings Gurus! QUERY: is the is the hostname located at /etc/mailname automatically inserted by some program or can I change it manually and it not cause any issues?
[02:55:35] <cattledrive> ...must've logged on while everyone was in the bathroom...
[02:56:59] *** cattledrive <cattledrive!~ray@173.225.227.214> has left #postfix ("WeeChat 1.6")
[02:57:25] *** rfengineer <rfengineer!~ray@173.225.227.214> has joined #postfix
[02:57:45] <rfengineer> Greetings Gurus! QUERY: is the is the hostname located at /etc/mailname automatically inserted by some program or can I change it manually and it not cause any issues?
[03:03:09] *** rfengineer <rfengineer!~ray@173.225.227.214> has left #postfix ("WeeChat 1.6")
[03:13:09] *** i1nfusion <i1nfusion!~i1nfusion@46.101.134.251> has quit IRC (Remote host closed the connection)
[03:14:26] *** i1nfusion <i1nfusion!~i1nfusion@46.101.134.251> has joined #postfix
[03:28:36] *** rfengineer <rfengineer!~ray@173.225.227.214> has joined #postfix
[03:29:25] <rfengineer> Hello World
[03:30:07] <rfengineer> Never certain if I'm actually in or not unless I get a reply.
[03:30:31] <teward> rfengineer: there's better channels to 'test' if you're online in
[03:30:38] <teward> but if nobody has an answer to your inquiry nobody's going to reply
[03:31:34] <rfengineer> Well... I kind of assumed that this would be the place to come to find postfix answers
[03:32:20] <rfengineer> Being a radio engineer, my mail server skills are a bit....rusty
[03:32:20] <teward> perhaps, but the point i was trying to make is "you won't get a reply unless someone knows the answer, and said person might or might not be online so instead of leaving and rejoining and reasking every so often ask, stay here, and wait."
[03:35:25] <AnrDaemon> rfengineer: `postconf -n` will give you much of your answer.
[03:35:51] <AnrDaemon> rfengineer: As well as `postconf -d`.
[03:36:47] <rfengineer> True AnrD... but not the kind of answer I'm looking for. It more deals with whether a particular process is automated or not.
[03:46:13] <AnrDaemon> rfengineer: This is a question to your vendor.
[03:47:23] <AnrDaemon> You CAN set `myorigin = /etc/mailname`. In fact, many vendors do that by default.
[03:49:09] <lunaphyte> why would you msa be receiving mail from spammers?
[03:49:23] <lunaphyte> ... pretty please read what I wrote
[03:50:08] <rfengineer> Yes. And it is.... but when I cat /etc/mailname it gives mx1.xxxxx.com instead of simply xxxxx.com, and I'm wondering if I change it manually in /etc/mailname if it will work, if it will crash because some other process uses it, or if it will be overwritten by another process and have no effect?
[03:50:50] <pj> AnrDaemon: that is a debian -specific extension to postfix.
[03:50:51] <rfengineer> The problem then is that when an email is sent, instead of it coming from bob at xxxxx dot com, it comes from bob at mx1 dot xxxxx.com
[03:51:10] <pj> if you're not running a debian or ubuntu build then you cannot set myorigin to /etc/mailname
[03:51:23] <lunaphyte> rfengineer: you'll want to configure your mail client
[03:52:41] <rob0> AnrDaemon, "postconf -d" has its uses, but not really for anyone asking questions here.
[03:53:56] <AnrDaemon> lunaphyte: I don't get your replies. Where did I say that is is my MSA sending these mails?
[03:56:33] <lunaphyte> AnrDaemon: so that would be a no, then?
[03:56:44] <AnrDaemon> What "would be a no" ?
[03:57:01] <lunaphyte> i asked a question...
[03:58:19] <AnrDaemon> Please put your question in a complete sentence. You said so many things that I'm reluctant to answer, afraid to increase confusion levels even further.
[03:58:58] <teward> AnrDaemon: the question was: [2019-02-15 18:26:50] <lunaphyte> your msa is sending spam?
[03:58:59] <rob0> AnrDaemon, your problem description from earlier made no sense.
[03:59:03] <teward> but also ^ that
[04:00:05] <lunaphyte> we can only go one step at a time
[04:00:07] <rob0> If your MSA is receiving spam, it must be seriously misconfigured, or maybe you have one or more compromised accounts?
[04:00:31] <lunaphyte> my question was short, simple, and concise, requiring only a single word to answer it
[04:00:43] <lunaphyte> once there's an answer, we can take the next step!
[04:01:31] <AnrDaemon> lunaphyte: I can ask you an equally short, simple and concise question, that require a single word answer. "Did you stop beating your wife every morning?"
[04:01:52] <lunaphyte> AnrDaemon: please stay on topic
[04:02:43] <lunaphyte> this channel is for postfix support, not attempts at logical fallacy trickery
[04:03:13] <AnrDaemon> Your question is irrelevant. MSA is not factored in here at all.
[04:03:24] <lunaphyte> incorrect
[04:03:44] <lunaphyte> anyway, we can't help if you're unwilling to answer the questions
[04:03:45] <lunaphyte> good luck!
[04:03:54] <AnrDaemon> You are trying to tell me, how my system is configured?
[04:05:05] *** ItsAVortex <ItsAVortex!~ItsAVorte@mobile-166-175-63-70.mycingular.net> has joined #postfix
[04:14:26] <rob0> "MSA is not factored in here at all"? But you did say port 465, so is that not a MSA? It's surely not a mail exchanger.
[04:15:06] *** rfengineer <rfengineer!~ray@173.225.227.214> has quit IRC (Quit: WeeChat 1.6)
[04:23:26] <AnrDaemon> That was a possibility.
[04:24:02] <AnrDaemon> **a possible solution**
[04:24:14] <rob0> what was?
[04:24:38] <AnrDaemon> The use of submission instead of normal MTA delivery.
[04:24:46] <AnrDaemon> But alas, with a few tweaks, SPF policy worked.
[04:25:13] <AnrDaemon> I'm running tests as we speak, but all indications point to success.
[04:25:52] <rob0> ok, I still don't get what the problem was, but I won't [usually ;)] argue with success.
[04:30:20] <AnrDaemon> The problem was an oversimplified spam deterrent. But I forgot that I've set proper SPF in advance.
[04:30:44] <AnrDaemon> So now I have enabled SPF checks on MX, and it seems to be working admirably.
[04:41:17] *** ItsAVortex <ItsAVortex!~ItsAVorte@mobile-166-175-63-70.mycingular.net> has quit IRC (Quit: Leaving)
[04:44:25] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has quit IRC (Ping timeout: 258 seconds)
[05:04:37] *** TheFatherMind- <TheFatherMind-!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix
[05:08:07] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 240 seconds)
[06:00:14] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Quit: Ex-Chat)
[06:03:53] *** Beam_Inn_ <Beam_Inn_!~Beam_Inn_@104.238.46.229> has quit IRC (Remote host closed the connection)
[06:04:56] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has joined #postfix
[06:08:14] *** ezio <ezio!~ezio@unaffiliated/ezio> has joined #postfix
[06:08:25] <ezio> how do I turn off outgoing tls.
[06:10:47] <ezio> gomail: could not send email 1: StartTLS: x509: certificate is valid for git.ourdomain.ca, not git.ourdomain.net
[06:11:09] <ezio> I'm trying to send unauthorized email from .net
[06:12:09] <ezio> The client is on vaca for the weekend and he's not getting back 'til Sunday. He owns both. I'm assuming it knows about the .ca from the domain configuration somehow
[06:17:03] <lunaphyte> ezio: that's not a postfix log message
[06:17:12] <lunaphyte> !tell ezio getting_help
[06:17:12] <knoba> ezio: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin
[06:20:08] <ezio> !showconfig
[06:20:08] <knoba> ezio: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old
[06:21:04] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix
[06:21:38] <ezio> https://gist.github.com/bluebaroncanada/3585001fb320bb1522fb0bb9f647c934
[06:21:42] <ezio> getting an error 42
[06:22:02] *** TheFatherMind- <TheFatherMind-!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 250 seconds)
[06:22:54] <AnrDaemon> ezio: You can submit multiple files to gist. Also make sure your certificate is valid for all domains you want to use it for.
[06:23:17] <ezio> there is a second file at the bottom
[06:23:32] *** Blubberbop <Blubberbop!~quassel@mail.capmega.com> has quit IRC (Ping timeout: 268 seconds)
[06:24:04] <AnrDaemon> Third, and I see that you are using snakeoil certs.
[06:24:07] <lunaphyte> ezio: localhost should be using submission or submissions. neither have been configured
[06:24:25] <AnrDaemon> And the error message is nothing like what you originally presented.
[06:24:58] <AnrDaemon> Or pickup.
[06:25:10] <lunaphyte> ezio: is this an mx? or an msa? or both?
[06:25:20] <ezio> AnrDaemon, That's the response from the client and it seems more salient than the postfix
[06:25:23] <ezio> lunaphyte, msa
[06:25:38] <ezio> at least that's all i need it for
[06:25:42] <ezio> i don't need the pop3 stuff
[06:25:56] <lunaphyte> pop3 stuff? postfix doesn't do that
[06:26:14] <AnrDaemon> ezio: postfix doesn't do pop/imap at all.
[06:26:28] <lunaphyte> anyway, if it's just an msa, that's fine. if it's presenting a cert for git.example.com, then configure the client using that hostname
[06:27:03] <ezio> hmm interesting. I'll try that.
[06:27:06] <AnrDaemon> I'm fairly certain that localhost.tmlinc.net is an error.
[06:27:14] <lunaphyte> also, fwiw, you need to be using submission or submissions for msa service. not smtp
[06:27:53] <AnrDaemon> ezio: If you have key/cert for your service, you should replace snakeoil* refs with correct pointers to that cert/key. And reload service.
[06:29:07] <AnrDaemon> But "bad certificate" - I don't get that. I hope you did not mangle the default key/cert, did you?
[06:29:44] <ezio> https://upcloud.com/community/tutorials/secure-postfix-using-lets-encrypt/
[06:30:11] <lunaphyte> AnrDaemon: that's not what that means
[06:30:34] <AnrDaemon> ezio: We're aware of that.
[06:30:56] <ezio> All I really need is tls between the client, which requires tls. I know that the msa is operating "illegally" because the mx records are going to give it an SPF of 9
[06:31:13] <lunaphyte> why is it operating illegally?
[06:31:31] <ezio> Because the client is on vaca. It's Family Day in Canada on Monday.
[06:32:01] <lunaphyte> i'm asking what makes it "illegal"
[06:32:05] <lunaphyte> ?
[06:32:24] <ezio> This server is not a permitted sender in the mx records.
[06:33:02] <lunaphyte> huh?
[06:33:15] <lunaphyte> mx records are unrelated to any permitting of senders
[06:33:25] <ezio> the TXT records
[06:33:44] <lunaphyte> what txt records?
[06:34:29] <ezio> spf
[06:34:35] <lunaphyte> oh
[06:34:49] <lunaphyte> this msa is not listed in the appropriate spf record?
[06:35:24] <ezio> right. It's not even known to any of the mail systems associated with this domain at all.
[06:35:34] <ezio> He's using cirrushosting.
[06:35:50] <lunaphyte> well, whatever. that's largely immaterial to any of this
[06:35:56] <ezio> Right.
[06:35:59] *** bs_ <bs_!bs@hellomouse/member/bs> has joined #postfix
[06:35:59] *** bs <bs!bs@hellomouse/member/bs> has quit IRC (Killed (tolkien.freenode.net (Nickname regained by services)))
[06:35:59] *** bs_ is now known as bs
[06:36:10] <ezio> But I do have a valid cert from let's encrypt
[06:36:25] <ezio> the domain git.ourdomain.net is pointed to this server
[06:36:26] <lunaphyte> that's fine
[06:36:50] <lunaphyte> although commercial certificates for private services are pretty ridiculous
[06:36:59] <ezio> I'm trying to setup gogs.
[06:37:13] <ezio> I can not use commercial certs?
[06:37:30] *** GillesM <GillesM!~gilles@mar75-5-82-235-31-65.fbx.proxad.net> has joined #postfix
[06:37:32] <lunaphyte> gogs for public use?
[06:37:40] <lunaphyte> regardless, all that matters is that whatever the hostname on the cert is the hostname the client needs to use
[06:37:45] <lunaphyte> that's the bottom line
[06:37:56] <lunaphyte> and it's not a postfix nor email thing. it's just pki 101
[06:38:01] *** DTZUZO_ <DTZUZO_!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix
[06:38:03] <ezio> right. So I never told this server about the .ca
[06:38:05] <ezio> domain
[06:38:05] *** anexit_ <anexit_!~anexit@push.anexit.net> has joined #postfix
[06:38:13] <ezio> So ... how does it know?
[06:38:24] <lunaphyte> how does what know what?
[06:38:25] *** tibyke <tibyke!~tibyke@bukfenc.netmania.hu> has joined #postfix
[06:38:29] *** DzAirmaX_ <DzAirmaX_!~DzAirmaX@unaffiliated/dzairmax> has joined #postfix
[06:38:37] *** dskullz <dskullz!~dskull@unaffiliated/daynaskully> has joined #postfix
[06:38:42] <ezio> how does it know the .ca domain is anything it should know about.
[06:39:02] <ezio> My original error: StartTLS: x509: certificate is valid for git.ourdomain.ca, not git.ourdomain.net
[06:39:06] <lunaphyte> what is it?
[06:39:33] <lunaphyte> you client connected to the hostname you told it to, and the client was presented with a certification
[06:39:36] <GillesM> hello I tried the parameter inet_interfaces = 127.0.0.1, x.y.z.a in place of inet_interfaces=all when I try to send a mail with mail uset at domain dot com I got send-mail: fatal: parameter inet_interfaces: no local interface found for x.y.z.a
[06:39:36] <lunaphyte> *certificate
[06:39:54] *** terp <terp!~terp@77.68.214.134> has joined #postfix
[06:39:58] <lunaphyte> ezio: the certificate is for the hostname git.example.com
[06:40:06] *** bantu_ <bantu_!~bantu@phpbb/developer/bantu> has joined #postfix
[06:40:13] <lunaphyte> so that is the hostname you must use when connecting
[06:40:19] <ezio> right and that hostname I used is .net and it says the cert is .ca
[06:40:24] <GillesM> Idea ?
[06:40:37] *** korozion_ <korozion_!korozion@linuxgeneration.org> has joined #postfix
[06:40:57] <ezio> right. I'm using the certs generated by let's encrypt for git.ourdomain.net
[06:41:05] *** migy_ <migy_!~migy@static.59.240.9.5.clients.your-server.de> has joined #postfix
[06:41:06] <ezio> It's even named that by filename
[06:41:09] *** i1nfusion <i1nfusion!~i1nfusion@46.101.134.251> has quit IRC (Ping timeout: 255 seconds)
[06:41:13] *** nihe_ <nihe_!nihe@sakura.kontei.se> has joined #postfix
[06:41:13] <ezio> how do I read the information off the cert?
[06:41:18] *** ujjain <ujjain!~ujjain@unaffiliated/ujjain> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** CarlenWhite <CarlenWhite!~CarlenWhi@h69-131-220-21.wdrnin.dsl.dynamic.tds.net> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** DzAirmaX <DzAirmaX!~DzAirmaX@unaffiliated/dzairmax> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** AnrDaemon <AnrDaemon!~ZNC@darkdragon-nln.starlink.ru> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** foxxx0 <foxxx0!~fox@archlinux/trusteduser/foxxx0> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** jmcnaught <jmcnaught!~jeremy@unaffiliated/jmcnaught> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** korozion <korozion!korozion@unaffiliated/korozion> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** bantu <bantu!~bantu@phpbb/developer/bantu> has quit IRC (Remote host closed the connection)
[06:41:18] *** dskull <dskull!~dskull@unaffiliated/daynaskully> has quit IRC (Quit: quit)
[06:41:18] *** Bebef <Bebef!sbreit@phobos.bebef.de> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** terp_ <terp_!~terp@77.68.214.134> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** Aprogas_ <Aprogas_!aprogas@82-197-218-253.dsl.cambrium.nl> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** migy <migy!~migy@static.59.240.9.5.clients.your-server.de> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** nihe <nihe!nihe@sakura.kontei.se> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** anexit <anexit!~anexit@push.anexit.net> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.183.217.244> has quit IRC (Ping timeout: 246 seconds)
[06:41:18] *** tibyke_ <tibyke_!~tibyke@bukfenc.netmania.hu> has quit IRC (Ping timeout: 246 seconds)
[06:41:19] *** GTAXL <GTAXL!~gtaxlnetw@unaffiliated/gtaxl> has quit IRC (Ping timeout: 246 seconds)
[06:41:19] *** shaytan <shaytan!~shaytan@31-208-8-193.cust.bredband2.com> has quit IRC (Ping timeout: 246 seconds)
[06:41:19] *** dskullz is now known as dskull
[06:41:29] <lunaphyte> ezio: so far it sounds like you need to get your certs straight
[06:41:42] <lunaphyte> there's a freenode channel for let's encrypt
[06:42:14] <ezio> I agree that's probably the problem, but why ... I never told it about .ca
[06:42:16] <lunaphyte> GillesM: remove , x.y.z.a
[06:42:37] <lunaphyte> ezio: that's a topic for the let's encrypt community
[06:43:30] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.183.217.244> has joined #postfix
[06:43:44] *** Aprogas <Aprogas!aprogas@82-197-218-253.dsl.cambrium.nl> has joined #postfix
[06:44:26] <ezio> it can't possibly be, though.. under what condition could that possibly be true. This is a brand new server. I'm actually writing the script for it so I have a record of everything
[06:44:31] <ezio> certbot --nginx -d git.ourdomain.net
[06:44:49] <ezio> even the certs are *named* .net
[06:45:06] <lunaphyte> ezio: please be courteous to other, and be respectful of the freenode channel conventions
[06:45:10] <lunaphyte> *others
[06:45:21] <GillesM> lunaphyte, I want my server authorize localhost and this address
[06:45:35] <ezio> oh my apologies. I certainly didn't mean any disrespect.
[06:45:37] <lunaphyte> questions about your let's encrypt certificate, or about things like certbot, belong in the let's encrypt channel
[06:45:42] <ezio> I was just trying to draw attention to that
[06:45:46] <lunaphyte> GillesM: what does "authorize" means?
[06:45:47] *** GTAXL <GTAXL!~gtaxlnetw@unaffiliated/gtaxl> has joined #postfix
[06:45:50] *** CarlenWhite <CarlenWhite!~CarlenWhi@h69-131-220-21.wdrnin.dsl.dynamic.tds.net> has joined #postfix
[06:45:52] <ezio> I am so grateful for the help.
[06:46:12] *** AnrDaemon <AnrDaemon!~ZNC@darkdragon-nln.starlink.ru> has joined #postfix
[06:46:19] <lunaphyte> ezio: no worries, it's all good
[06:46:35] *** ujjain <ujjain!~ujjain@144.76.19.126> has joined #postfix
[06:46:36] *** ujjain <ujjain!~ujjain@144.76.19.126> has quit IRC (Changing host)
[06:46:36] *** ujjain <ujjain!~ujjain@unaffiliated/ujjain> has joined #postfix
[06:46:41] *** foxxx0 <foxxx0!~fox@archlinux/trusteduser/foxxx0> has joined #postfix
[06:47:46] *** shaytan <shaytan!~shaytan@31-208-8-193.cust.bredband2.com> has joined #postfix
[06:47:56] *** jmcnaught <jmcnaught!~jeremy@unaffiliated/jmcnaught> has joined #postfix
[06:49:38] <ezio> I think you gave me a pretty good piece of advice. I'm going to create my own certs. but it is weird. The only way it could know that domain is from the DNS.
[06:49:58] <ezio> I have literally not typed that domain into this server ever.
[06:50:46] <ezio> Even when I go to the web page the cert says .net
[06:51:55] <GillesM> lunaphyte, smtp accept mail from this address
[06:52:07] <GillesM> not from all addresses with all
[06:52:29] <lunaphyte> GillesM: you'd use submission for that
[06:52:34] <lunaphyte> and authentication
[06:53:34] <GillesM> I am with dovecot AUTH PLAIN
[06:53:46] <lunaphyte> ah, perfect
[06:53:50] <lunaphyte> so you should be all set then
[06:54:01] <GillesM> lunaphyte, letm retry
[06:57:47] <GillesM> lunaphyte, I try with telnet with port 25 and I can't type AUTH PLAIN xxxx because I receive telnet: Unable to connect to remote host: Connection refused
[06:58:06] <lunaphyte> oh, port 25 isn't for submission service.
[06:58:12] <lunaphyte> you need submission or submissions
[06:58:22] <lunaphyte> those are 587 or 465, respectively
[06:58:30] <GillesM> ok
[06:58:41] *** DTZUZO_ <DTZUZO_!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 268 seconds)
[06:58:47] <lunaphyte> clients aren't to use port 25. that's mx, which is for mail servers to talk to other mail servers
[07:02:07] <GillesM> thanks
[07:04:05] *** korozion_ <korozion_!korozion@linuxgeneration.org> has left #postfix
[07:04:26] *** korozion <korozion!korozion@unaffiliated/korozion> has joined #postfix
[07:14:27] <GillesM> lunaphyte, when I use thunderbird I put 25 in the port ... and it works
[07:29:40] <GillesM> is there a doc to migrate from 25 port to 587 in postfix ?
[07:30:19] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Quit: led_dark_1)
[07:33:57] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix
[07:45:13] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC ()
[07:52:54] <AnrDaemon> GillesM: "It works" is very distinctive from "it works right".
[07:53:17] <AnrDaemon> There's no migration, these are two different services, with two different intentions.
[07:54:10] <AnrDaemon> submission(s) is to introduce new mail into the system, smtp is to transfer mail between systems.
[07:55:57] <AnrDaemon> Yes, they are using same internal protocol. No, they are not the same service. And they normally configured to use different restrictions (i.e. no AUTH on smtp, while on submission AUTH is often mandatory).
[08:03:30] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has quit IRC (Quit: cemotyz09)
[08:03:50] *** Bebef <Bebef!sbreit@phobos.bebef.de> has joined #postfix
[08:05:40] *** Sketch <Sketch!sketch@2604:180:2::a506:5c0d> has quit IRC (Ping timeout: 258 seconds)
[08:19:43] *** Sketch <Sketch!sketch@2604:180:2::a506:5c0d> has joined #postfix
[08:24:43] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix
[08:47:04] *** Wioxjk <Wioxjk!~poppels@81-235-33-215-no286.tbcn.telia.com> has quit IRC (Ping timeout: 257 seconds)
[09:00:28] *** Wioxjk <Wioxjk!~poppels@gatekeeper01.ports.se> has joined #postfix
[09:04:06] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)
[09:04:20] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix
[09:15:14] *** Wioxjk <Wioxjk!~poppels@gatekeeper01.ports.se> has quit IRC (Ping timeout: 246 seconds)
[09:30:58] *** Wioxjk <Wioxjk!~poppels@81-235-33-215-no286.tbcn.telia.com> has joined #postfix
[09:33:37] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[09:39:03] *** teward <teward!teward@ubuntu/member/teward> has quit IRC (Ping timeout: 250 seconds)
[09:40:25] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[09:42:22] *** teward <teward!teward@ubuntu/member/teward> has joined #postfix
[09:44:03] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has joined #postfix
[09:44:53] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[09:46:08] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[09:50:18] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix
[09:55:02] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[10:02:59] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[10:03:33] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[10:04:50] *** teward <teward!teward@ubuntu/member/teward> has quit IRC (Ping timeout: 268 seconds)
[10:07:54] *** teward <teward!teward@ubuntu/member/teward> has joined #postfix
[10:19:33] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 252 seconds)
[10:19:56] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[10:25:11] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[10:31:43] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[10:36:19] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[10:36:28] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)
[10:43:27] *** AssPirate <AssPirate!~AssPirate@unaffiliated/asspirate> has quit IRC (Ping timeout: 240 seconds)
[10:49:34] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[10:52:35] *** MasterPiece <MasterPiece!~masterpie@unaffiliated/masterpiece> has joined #postfix
[11:04:41] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[11:10:34] *** AssPirate <AssPirate!~AssPirate@unaffiliated/asspirate> has joined #postfix
[11:11:09] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[11:11:47] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[11:14:01] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[11:14:06] <Y0rick> hey. Is it possible to rewrite the 'DKIM-Signature' header when I'm forwarding (via SRS) an e-mail?
[11:14:15] *** zblakany <zblakany!~zblakany@host-188-122-1-230.finemedia.pl> has quit IRC (Quit: Jing-a-lang, jang-a-lang...)
[11:16:57] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[11:17:22] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)
[11:17:31] *** Bebef <Bebef!sbreit@phobos.bebef.de> has quit IRC (Quit: bye)
[11:18:58] *** Bebef <Bebef!sbreit@phobos.bebef.de> has joined #postfix
[11:28:49] *** SCHAPiE <SCHAPiE!~schapie@unaffiliated/schaap137> has quit IRC (Quit: ZNC - https://znc.in)
[11:30:04] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[11:35:21] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[11:35:46] *** jalalsfs_ <jalalsfs_!~jalalsfs@unaffiliated/jalalsfs> has quit IRC (Ping timeout: 250 seconds)
[11:39:52] *** SCHAPiE <SCHAPiE!~schapie@unaffiliated/schaap137> has joined #postfix
[11:41:02] *** jalalsfs <jalalsfs!~jalalsfs@unaffiliated/jalalsfs> has joined #postfix
[11:42:08] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix
[11:42:18] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[11:47:57] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has quit IRC (Quit: ZNC 1.7.1 - https://znc.in)
[11:48:49] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[11:49:34] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[11:50:12] *** alexandre9099 <alexandre9099!~alexandre@unaffiliated/alexandre9099> has joined #postfix
[11:54:01] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[12:00:18] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[12:00:55] <JPT> Y0rick: There should be no need to rewrite/replace an existing DKIM signature. Depending on the DMARC policy of the original sender domain, a proper DKIM signature should be fine
[12:01:15] <JPT> Also, - not entirely sure about this - multiple DKIM signatures should not cause issues
[12:01:32] <JPT> What's your goal?
[12:05:42] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 252 seconds)
[12:08:57] <Y0rick> JPT: thanks for your help. I've got mailserver (A) from where I'd receive e-mail from on our mailserver (B). When mailserver B sends an e-mail to a forward address (on mailserver B - via sieve) to an e-mail address which is located at mailserver A; DMARC gives a error about that we're unauthorized to deliver the e-mail (their DMARC: p=reject; sp=reject). I'd think this is because of the DKIM-Signature which hasn't been changed from theirs (mailserber A) to
[12:08:57] <Y0rick> ours (mailserver B).
[12:12:23] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[12:18:02] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[12:19:24] <JPT> DMARC applies based on the sender address in the From: header
[12:20:24] <JPT> If the original sender domain states that no forwarding is allowed, the only thing you can do is rewrite the From: header, too :|
[12:20:58] <JPT> Maybe, instead of forwarding, setting up something like a mailing list might help you out
[12:24:36] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[12:27:41] <Y0rick> JPT: SRS isn't enough? Also the from header need to be rewritten?
[12:35:45] <JPT> If you have issues with a dmarc policy that you do not control, then the From header is what you need to change
[12:37:49] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 252 seconds)
[12:38:51] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[12:45:30] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[12:47:15] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[12:47:42] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Quit: ]SiB[)
[12:47:57] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix
[12:52:05] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[12:53:19] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[13:00:04] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[13:05:23] *** MasterPiece <MasterPiece!~masterpie@unaffiliated/masterpiece> has quit IRC (Quit: Leaving)
[13:12:58] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[13:13:19] <Dus10> Is there a way I can make a particular header show up in my maillog?
[13:13:27] <Dus10> I restarted postfix with -vD
[13:14:50] <Dus10> got it
[13:15:15] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[13:19:05] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[13:19:38] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[13:21:06] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)
[13:24:13] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[13:24:57] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[13:31:22] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[13:36:07] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 252 seconds)
[13:49:13] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[13:54:55] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[13:55:53] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:01:51] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 264 seconds)
[14:02:30] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:06:51] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[14:14:20] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:19:25] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[14:20:30] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:25:41] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[14:27:05] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has quit IRC (Quit: rsx)
[14:38:19] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:38:25] *** zblakany <zblakany!~zblakany@host-188-122-1-230.finemedia.pl> has joined #postfix
[14:43:15] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[14:44:43] *** led_dark_1 <led_dark_1!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Quit: led_dark_1)
[14:50:32] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[14:56:27] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[15:03:42] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[15:08:23] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[15:27:35] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[15:33:52] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Ping timeout: 244 seconds)
[15:37:27] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 252 seconds)
[15:38:23] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[15:43:03] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[15:50:10] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[15:54:45] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 250 seconds)
[16:02:01] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[16:07:13] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)
[16:07:26] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 268 seconds)
[16:14:12] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[16:17:33] *** `whoami` <`whoami`!~user@unaffiliated/whoami/x-8914028> has quit IRC (Remote host closed the connection)
[16:20:33] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 257 seconds)
[16:21:19] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[16:26:15] <rob0> doppo, ~7 hours of yoyo connections from you, could you please fix that?
[16:26:46] <Dus10> Is it possible to chain header_checks together?
[16:26:48] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has joined #postfix
[16:27:03] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 264 seconds)
[16:27:30] <Dus10> I am looking to check for X-OriginatingOrg and if it matches something, then the other things follow
[16:27:41] <rob0> Dus10, see the if/endif construct. But it could well be that your answer is no.
[16:27:44] <lunaphyte> what's the problem to solve by doing this?
[16:27:50] <Dus10> Thanks rob0
[16:28:19] <rob0> You can ONLY apply the check to that single header, X-OriginatingOrg, not to some other header.
[16:28:31] <Dus10> I am doing sender rewriting and sender dependent routing
[16:28:41] <Dus10> It is to support a migration scenario only
[16:29:00] <Dus10> Hmm
[16:29:01] <jimpop> ~.~>
[16:29:52] <Dus10> I’ll read up on the conditions and see if there is something
[16:34:05] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[16:36:46] <rob0> doppo, ~7 hours of yoyo connections from you, could you please fix that?
[16:38:58] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix
[16:40:16] *** ChanServ sets mode: +o rob0
[16:40:58] *** delacroix <delacroix!~delacroix@2a02:810c:e3f:e500:381a:b1ff:fe38:b6b8> has quit IRC (Quit: ZNC - http://znc.in)
[16:43:29] *** delacroix <delacroix!~delacroix@ip5f597811.dynamic.kabel-deutschland.de> has joined #postfix
[16:43:33] <Y0rick> can tell me what 'sender_canonical_classes = envelope_sender, header_sender' exactly does? Especially th header_sender. Will the From header be rewritten? And to be sure: evelope_sender is to rewrite the evelope address.
[16:45:18] <Y0rick> I've read http://www.postfix.org/postconf.5.html#sender_canonical_classes but it doesn't really explain what these options exactly mean
[16:46:37] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[16:47:20] <Dus10> Yorick: I had to a sender_canonical_maps and header_checks to fully rewrite the sender
[16:47:21] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has joined #postfix
[16:47:38] <Dus10> sender_canonical_maps helped do the MAIL FROM:
[16:47:47] *** rob0 sets mode: +b $a:doppo$##fix_your_connection
[16:47:54] <Dus10> but the FROM: didn’t get rewritten
[16:48:13] <Dus10> so I had to have an entry in my header_checks for that
[16:50:21] <Y0rick> okay thanks
[16:50:34] <Dus10> Trying to get there...
[16:50:41] <Y0rick> but what does these options do
[16:50:58] <Y0rick> envelope_sender and header_sender
[16:51:06] <Dus10> But my small terminal session as a hovering app is making it take forever on my iPad
[16:51:20] <rob0> do you know what "envelope" means?
[16:52:07] *** ChanServ sets mode: -o rob0
[16:52:25] <rob0> !envelope
[16:52:25] <knoba> rob0: Error: "envelope" is not a valid command.
[16:52:38] <rob0> hm, we need that
[16:52:45] *** doppo <doppo!doppo@2604:180::e0fc:a07f> has quit IRC (Ping timeout: 258 seconds)
[16:52:58] <Dus10> Here is my line for rewriting the FROM: /^From:(.+)<(.+) at OriginalDomain dot com>/ REPLACE From:$1<$2 at NewDomain dot com>
[16:53:06] <Y0rick> isnt that the email what will be used in the meta data
[16:53:26] <Dus10> Think of it like an actual letter
[16:53:31] *** sputnik <sputnik!kli0rf@unaffiliated/kli0rf> has joined #postfix
[16:53:44] <Dus10> You write it and put it in an envelope
[16:54:05] <Dus10> You address it, stamp it, put a return, and it gets a postmark from the postal service
[16:54:06] <rob0> SMTP has MAIL FROM and RCPT TO commands. Addresses in those commands are "envelope" addresses. There is no requirement that they appear in any header.
[16:54:37] <Y0rick> yup
[16:54:58] <Y0rick> so thats the eveloper_sender
[16:55:07] <Dus10> Yep
[16:55:09] <rob0> MAIL FROM
[16:55:11] <Dus10> That is the MAIL FROM
[16:55:27] <Y0rick> and header_sender?
[16:55:32] <Dus10> Then, on the letter, you might write it formally and also put this information in it
[16:55:43] <Dus10> That is the From in the header
[16:55:45] <rob0> !learn envelope as SMTP has MAIL FROM and RCPT TO commands. Addresses in those commands are "envelope" addresses. There is no requirement that they appear in any header.
[16:55:52] <Y0rick> okay thanks
[16:58:20] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has joined #postfix
[16:59:11] <Y0rick> and is it possible to append my DKIM-Signature when I'm forwarding an e-mail?
[17:00:13] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)
[17:00:55] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has joined #postfix
[17:13:06] <jaybe> forwarding and sending are the same concept
[17:13:48] <jaybe> want signature attaxhed to outgoing messages? that is fine.
[17:15:52] *** zblakany <zblakany!~zblakany@host-188-122-1-230.finemedia.pl> has quit IRC (Quit: Jing-a-lang, jang-a-lang...)
[17:20:45] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)
[17:21:02] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix
[17:23:21] * rob0 can't help wondering if there is a better way to reach the actual goal
[17:24:12] <rob0> If automated processes are sending mail with incorrect sender addresses, fix those processes.
[17:25:03] <rob0> MTA workarounds for broken clients are ugly and sometimes hard to maintain.
[17:27:23] <jaybe> it is like trying to fix your wife by upgrading your homes gutters
[17:37:31] <Dus10> so, in the regexp, it has /pattern/flags
[17:37:41] <Dus10> what is the purpose of flags?
[17:38:00] <Dus10> I was thinking it was like i for case insensitive
[17:38:06] <Dus10> those flags
[17:38:17] <Dus10> but I see something odd in the examples
[17:38:21] <lunaphyte> Dus10: that's covered in the documentation
[17:38:28] <lunaphyte> see regexp_table(5)
[17:39:23] <Dus10> That is what I am looking at
[17:39:25] <rob0> the "i" flag is default, so you'd only set that in unusual cases
[17:39:31] <Dus10> I think I was misreading the example
[17:39:42] <Dus10> It is the one for the if/endif
[17:39:48] <Dus10> I think its all good though
[17:40:19] *** Abdullah <Abdullah!~Abdullah@unaffiliated/abdullah> has joined #postfix
[17:40:29] <rob0> yes, you might have case sensitivity in the outer expression, and override it with "i" in an inner expression
[17:41:18] <Abdullah> is it possible to upgrade to postfix3 without uninstalling it so that I don't have to reconfigure everything from ground?
[17:41:49] <Abdullah> mail_version = 2.10.1 current version
[17:42:04] <Dus10> Abdullah: why not setup another system to test on?
[17:42:11] <Dus10> Just a quick VM
[17:42:15] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has joined #postfix
[17:42:26] <Abdullah> I have only this vps.
[17:42:33] <Dus10> Make another?
[17:42:45] <Dus10> You can get trial credit easily at many
[17:42:57] <Dus10> Or just spin one up for a very short time
[17:43:09] <Dus10> It takes only a couple of minutes in Azure, for instance
[17:43:10] <Abdullah> without credit card?
[17:43:24] <Dus10> A VPS is super cheap
[17:43:36] <Dus10> Many are around $5 for an entire month
[17:43:47] <Dus10> So charge per minute, like Azure
[17:43:56] <Abdullah> That's not really a answer ;-)
[17:43:57] <Dus10> So you could maybe have only a few cents
[17:44:01] <Dus10> It is
[17:44:09] <Dus10> I am disregarding your question
[17:44:22] <Dus10> It implies a specific meaning
[17:44:27] <Abdullah> I don't have a cent. paypal isn't supported in my place
[17:45:20] <Abdullah> I did a job another day and got 12.5 dollars in paypla account and got banned from using it because I don't have a US address
[17:45:27] <Dus10> I don’t know what to tell you
[17:45:47] <Dus10> I would suggest testing
[17:45:54] <Dus10> Seems a reasonable way to go about it
[17:46:00] <Abdullah> Just tell me if it is possible to upgrade without uninstallation?
[17:46:15] <rob0> Upgrading to distro packages is a question for #your-distro-here
[17:46:18] <Dus10> You might have to become a bit creative to figure out how
[17:46:58] <rob0> Upgrading via source is not difficult, "make upgrade" rather than "make install"
[17:47:02] <Abdullah> I have crux and I don't use postfix in my laptop. I have centos vps where I'm using it
[17:47:22] <Dus10> Yum is your friend
[17:47:38] <Abdullah> rob0: so in that case I just have to systemctl restart postfix? or postfix restart
[17:48:47] <rob0> I don't know systemd, but in the case of a upgrade from source I would recommend a stop then start. Also in the case of systemd, there might be patching required?
[17:49:33] <Dus10> I would imagine a `yum update postfix`
[17:49:38] <rob0> When I do an upgrade, I do "postfix stop ; make upgrade ; postfix start"
[17:49:44] <Dus10> There you go
[17:50:07] <Dus10> `postfix stop; yum update postfix; postfix start`
[17:50:27] <Dus10> I use RHEL and it is what CentOS is based on
[17:50:33] <Dus10> That is what I would do
[17:55:15] <Abdullah> I installed a few days ago
[18:09:37] <Abdullah> its already updated
[18:09:55] <Abdullah> I have to add another custom repo to upgrade to 3
[18:12:18] <rob0> !centos
[18:12:18] <knoba> rob0: "centos" : New postfix packages are available for all current versions of CentOS, RHEL, SL and other RHEL-derivatives from the GhettoForge gf-plus repository at www.ghettoforge.org. See http://ghettoforge.org/index.php/Postfix3 for more info.
[18:13:41] <GNU\colossus> "ghettoforge"? that sounds very, uh, dependable, I guess :p
[18:15:20] <GNU\colossus> can't you just wait for CentOS 8 and upgrade then?
[18:15:28] <tuxick> haha
[18:15:42] <lunaphyte> that sounds very, uh, judgmental :p
[18:15:52] <lunaphyte> wait for centos?
[18:16:03] <lunaphyte> why, to provide the next iteration of out of date software?
[18:16:04] <tuxick> that was a joke
[18:16:12] <lunaphyte> right :)
[18:16:15] <lunaphyte> i agree, it's a joke!
[18:16:29] <GNU\colossus> I am happy to have entertained you ;)
[18:16:45] <lunaphyte> i am happy to have been entertained ;)
[18:17:15] <GNU\colossus> and _that_ is how Red Hat Enterprise Linux brings happiness into this world
[18:19:40] <lunaphyte> by making a fool of itself?
[18:26:00] <rob0> GNU\colossus, you made that judgment based on the name, without any real information?
[18:26:24] <rob0> In fact I know the GF Postfix maintainer, and I am sure he is competent.
[18:27:18] <GNU\colossus> rob0, yes, but I wouldn't call it "judgement" ;) just a snarky remark really, but without any ill intentions
[18:27:27] <rob0> pj is right here in this channel, sleeping probably, and he helps people here during my night.
[18:28:12] <rob0> !pj
[18:28:12] <knoba> rob0: "pj" : The backup script that will call the !basic factoid when all the other bots are sleeping.
[18:28:18] <GNU\colossus> (I'm not an EL user and have ~ 0 insight into its 3rd party repo ecosystem)
[18:28:56] <rob0> Well, when you want to run a modern MTA, it's kind of silly to use outdated, unmaintained software for it.
[18:29:14] <rob0> I don't buy into the RHEL gimmick, sorry.
[18:30:10] <rob0> And they are hypocrites about it as well; linking ancient EOL software (the visible stuff) against bleeding edge, often broken, libraries like openssl.
[18:33:29] *** sputnik <sputnik!kli0rf@unaffiliated/kli0rf> has quit IRC (Ping timeout: 246 seconds)
[18:36:17] *** Wioxjk <Wioxjk!~poppels@81-235-33-215-no286.tbcn.telia.com> has quit IRC (Ping timeout: 246 seconds)
[18:37:22] <blackflow> that's why they're investing so much into containerization. the customers want stable base OS + shiny_new_sh...
[18:38:52] <GNU\colossus> I don't know where to begin to express my disdain for containers
[18:40:09] *** sputnik <sputnik!kli0rf@unaffiliated/kli0rf> has joined #postfix
[18:40:28] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has quit IRC (Ping timeout: 245 seconds)
[18:40:44] *** TheFatherMind <TheFatherMind!~TheFather@cpe-104-34-204-52.socal.res.rr.com> has joined #postfix
[18:40:59] <blackflow> join the club.
[18:42:25] <lunaphyte> "Containers are primarily used by programmers trying to do an end-run around systems and security engineers who are trying to protect the programmer and the organization"
[18:42:50] <rob0> :)
[18:49:40] <Abdullah> I don't have customers I'm the only user on my vps
[18:50:05] <Abdullah> and I don't have some problems with bleeding edge
[18:59:06] <Dus10> I agree... if you name your place "Ghetto" you're either trying to be funny, don't care about the implications, or are clueless
[18:59:18] <Dus10> it isn't being judgemental to have a reaction like theat
[18:59:34] <Dus10> it is the definition of the word
[19:00:01] <Dus10> another instance of being selectively pedantic
[19:03:54] *** rsx <rsx!~rsx@ppp-46-244-246-133.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)
[19:09:15] <lunaphyte> you are conflating two unrelated things
[19:10:17] <lunaphyte> the definition of the word is not being debated
[19:10:52] <lunaphyte> of course, i think you know that, but are pretending not to so you can make comments
[19:11:26] <Dus10> whatever
[19:11:32] <Dus10> I could copy/paste for you
[19:11:38] <Dus10> but you said it
[19:12:00] <lunaphyte> yes, copy paste the channel logs which everyone has? another classic behavior for that type
[19:12:15] <Dus10> I said "I could"
[19:12:29] <Dus10> I haven't done it because it would be unnecessary
[19:12:40] <Dus10> and you know what you said
[19:12:46] <lunaphyte> indeed, the reference betrays the absence of intent :)
[19:12:56] <Dus10> okay, perhaps so
[19:13:22] <Dus10> and maybe we just got off on the wrong foot
[19:13:27] <Dus10> so to speak
[19:31:20] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has quit IRC (Quit: ZNC - http://znc.in)
[19:34:42] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has joined #postfix
[19:43:45] *** darkphoenix_ <darkphoenix_!darkphoeni@unaffiliated/darkphoenix> has quit IRC (Ping timeout: 250 seconds)
[19:44:41] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[19:44:53] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has quit IRC (Quit: ZNC - http://znc.in)
[19:47:15] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)
[19:47:19] *** darkphoenix <darkphoenix!quasselcor@unaffiliated/darkphoenix> has joined #postfix
[19:49:19] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Remote host closed the connection)
[19:49:55] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix
[19:51:40] *** gturner <gturner!~gturner@zoth-ommog.unzane.com> has joined #postfix
[19:53:55] <Abdullah> uninstalled postfix, compiled postfix3, working
[19:56:48] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-128-59.satx.res.rr.com> has quit IRC (Quit: cemotyz09)
[20:02:12] <Dus10> good deal
[20:04:42] *** jimby <jimby!~Jim@2607:fc50:1000:10::8f> has quit IRC (Quit: Terminated with extreme prejudice - dircproxy 1.2.0)
[20:09:59] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Quit: leaving)
[20:11:55] <Abdullah> SMTP session failed: 502 5.5.1 Error: command not implemented
[20:15:20] *** tomaw <tomaw!tom@freenode/staff/tomaw> has quit IRC (Quit: Quitting)
[20:16:18] <Abdullah> https://ptpb.pw/OUME here is postconf -n
[20:16:44] *** tomaw <tomaw!tom@freenode/staff/tomaw> has joined #postfix
[20:20:09] *** zapata <zapata!~zapata@2a02:b18:581:10:21d8:18b5:e93:3083> has quit IRC (Quit: WeeChat 2.3)
[20:20:11] <rob0> what command did you try, that was not implemented?
[20:20:55] <Abdullah> I tried to connect from mutt and sent mail
[20:21:00] <Abdullah> tried to send mail
[20:21:16] <Abdullah> rob0: ^^
[20:21:35] <rob0> your pastebin is worthless without LOGS, of course
[20:22:00] <Abdullah> journalctl -xe has no errors
[20:22:24] <rob0> !relevant_logs
[20:22:25] <knoba> rob0: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging
[20:22:54] <rob0> we'd need to see the entire transaction, from connect to disconnect
[20:24:52] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[20:28:01] <Abdullah> https://ptpb.pw/RdIc rob0
[20:29:43] *** jimby <jimby!~JimB@unaffiliated/jimby> has joined #postfix
[20:30:06] <rob0> Feb 16 19:24:02 abdullah postfix/smtpd[2845]: lost connection after AUTH from unknown[193.x.x.x]
[20:30:38] <rob0> you must not have enabled SASL AUTH. Also, it's wrong to submit through port 25.
[20:30:43] <rob0> !sasl
[20:30:43] <knoba> rob0: "sasl" : SASL is 'Simple Authentication and Security Layer', necessary for SMTP AUTH, and provided to Postfix by addin software. Cyrus SASL and/or Dovecot IMAP/POP3 can provide SASL. See http://www.postfix.org/SASL_README.html for details.
[20:30:54] <rob0> !submission
[20:30:54] <knoba> rob0: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf
[20:30:59] <rob0> !submissions
[20:30:59] <knoba> rob0: "submissions" : RFC 8314 renames the old smtps port, 465/tcp, to submissions, for user submission of mail, NOT suitable for mail exchange, with implicit TLS rather than explicit STARTTLS via a plaintext TCP connection. Postfix can implement submissions with a separate smtpd(8) listener with -o smtpd_tls_wrappermode=yes . See the commented example for smtps in master.cf.
[20:31:25] <rob0> !dovecot_sasl
[20:31:25] <knoba> rob0: "dovecot_sasl" : See http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL for instructions to configure Dovecot SASL for Postfix. See also: http://www.postfix.org/SASL_README.html#server_dovecot
[20:32:08] <Abdullah> that's not my IP rob0
[20:33:31] <Abdullah> lemme check the docs
[20:35:58] *** Poster|z <Poster|z!~poster@cpe-24-210-92-101.columbus.res.rr.com> has quit IRC (Quit: -_-)
[20:36:04] <Abdullah> postconf -a returns with dovecot and cyrus so is dovecot sasl supported?
[20:37:30] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Remote host closed the connection)
[20:41:04] <rob0> If you don't show the LOGS for the time you tried to connect, I cannot help you.
[20:41:25] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix
[20:41:53] <rob0> Perhaps it is this,
[20:41:54] *** Poster|z <Poster|z!~poster@cpe-24-210-92-101.columbus.res.rr.com> has joined #postfix
[20:41:56] <rob0> !nologs
[20:41:56] <knoba> rob0: "nologs" : Nothing in your mail logs commonly means one of two things: either your syslogd is broken (try restarting it), or the connections are not coming to your server. Check your firewall/networking and the DNS for the domain in question. also see !logs.
[20:41:57] <Zerberus> and complete configuration which shows server auth (submission(s))
[20:42:22] <rob0> Too bad we don't have pastebin instructions in the /topic
[20:42:29] <rob0> oh wait, we do :)
[20:50:40] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix
[20:50:49] <Abdullah> https://ptpb.pw/OL3l rob0
[20:51:54] <Zerberus> still, ... rob0 was speaking about Postfix (only) log content when you connect via mutt
[20:52:14] <Abdullah> https://ptpb.pw/VzO7 rob0
[20:54:18] <Abdullah> https://ptpb.pw/dBQr
[20:55:13] <Abdullah> I can read only the old mails, save in drafts. but can't recieve or send
[20:55:23] <Zerberus> no Postfix business
[20:55:27] <Zerberus> to read mail
[20:56:44] <Zerberus> Abdullah: your Postfix configuration neither provides STARTTLS nor SMTP AUTH
[20:57:31] <rob0> !tls
[20:57:31] <knoba> rob0: "tls" : Transport Layer Security (RFC2246). Previously known as SSL, TLS adds a layer of encryption to protocols such as SMTP, submission, IMAP or POP3 to improve security during transmission over the Internet. TLS is implemented using the STARTTLS method, while the non-standard wrapper style of implementation is deprecated at this point. See http://www.postfix.org/TLS_README.html for more info.
[20:58:13] <rob0> which sounds like mutt is DTRT, trying to STARTTLS before AUTH
[21:05:22] <rob0> except, it shouldn't be submitting on port 25, and shouldn't try STARTTLS if that wasn't offered
[21:09:56] <Abdullah> https://ptpb.pw/j7lK
[21:10:21] <Zerberus> postfix/smtps/smtpd[5840]: warning: No server certs available. TLS won't be enabled
[21:11:42] <Zerberus> wasn't the point to "not lose the postfix 2.x based configuration"?
[21:13:53] <Abdullah> https://ptpb.pw/1Vle
[21:14:06] <Abdullah> I have those configs ;-)
[21:14:24] <Zerberus> and journalctl can be told to spit out only postfix log centent and not that script kids ssh attempts and dovecot logs
[21:14:54] <Zerberus> Abdullah: you have nothing which is close to working
[21:15:15] <Abdullah> well I'm learning along
[21:15:29] <Abdullah> that's enough
[21:16:21] *** harukomoto <harukomoto!~harukomot@93.56.79.148> has joined #postfix
[21:40:51] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)
[21:41:14] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix
top

   February 16, 2019
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28