March 6, 2019 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
March 6, 2019 [00:01:22] *** blackflow <blackflow!~r00t@unaffiliated/blackflow> has joined #postfix[00:04:00] *** buddy123 <buddy123!~buddy123@37.120.141.114> has quit IRC (Ping timeout: 250 seconds)[00:05:54] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side!)[00:09:55] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has quit IRC (Remote host closed the connection)[00:12:05] *** johnny56_ <johnny56_!johnny56@unaffiliated/johnny56> has joined #postfix[01:04:27] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[01:04:43] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[01:29:08] *** johnny56_ <johnny56_!johnny56@unaffiliated/johnny56> has quit IRC (Ping timeout: 272 seconds)[01:31:06] *** johnny56_ <johnny56_!johnny56@unaffiliated/johnny56> has joined #postfix[02:06:04] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has joined #postfix[02:11:16] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Quit: Ex-Chat)[02:17:22] *** gislaved <gislaved!b9e814cd@gateway/web/cgi-irc/kiwiirc.com/ip.185.232.20.205> has quit IRC (Remote host closed the connection)[02:37:26] *** AlaricToo <AlaricToo!~alaric@caerllewys.net> has joined #postfix[02:59:23] *** puff <puff!~user@162.223.16.1> has joined #postfix[03:13:14] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has joined #postfix[03:16:59] <AlaricToo> Hey folks, trying to figure out if I'm missing something simle and obvious. Is there a straightforward way to tell Postfix that no IP outside of my own network is to be allowed to send mail to me claiming to be from my own domain? I have a block in place against HELO claiming to be my own domain, but stopping outside IPs from MAIL FROM mydomain is eluding me.[03:20:44] <rob0> !check_sender_access[03:20:44] <knoba> rob0: "check_sender_access" : Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.[03:20:55] <rob0> !check_client_access[03:20:55] <knoba> rob0: "check_client_access" : Search the named access database for the client name, parent domains, client address, or networks obtained by stripping least significant octets. Reject if the result is REJECT or [45]XX text . Permit otherwise[03:21:04] <rob0> !restriction_class[03:21:04] <knoba> rob0: "restriction_class" : postfix per-client/user/etc. access control http://www.postfix.org/RESTRICTION_CLASS_README.html[03:21:28] <rob0> But the simple way is:[03:21:35] <rob0> !submission[03:21:35] <knoba> rob0: "submission" : Port 587 is submission, for user submission of mail, NOT suitable for mail exchange. See the commented example in master.cf. also see !msa, and rfc 6409. Also read http://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf[03:22:35] <rob0> Don't allow submission on port 25, use check_sender_access to block senders from your own domain on 25.[03:23:28] <rob0> For your submission service you would require AUTH and not apply any of the restrictions you might have on port 25.[03:23:56] <rob0> In case none of this makes sense, see also,[03:24:01] <rob0> !access[03:24:01] <knoba> rob0: "access" : http://www.postfix.org/SMTPD_ACCESS_README.html : An overview of access(5) controls in the Postfix smtpd(8) SMTP server.[03:24:55] <AlaricToo> here's where I facepalm because I've been intending for a while to switch to using submission.[03:25:44] <AlaricToo> too many things to do ...[03:26:28] <AlaricToo> my config hasn't had a major overhaul in too long[03:32:42] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has quit IRC (Quit: Ping timeout (120 seconds))[03:33:06] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has joined #postfix[04:05:38] <AlaricToo> ... y'know, the more I look through this the less I understand why it got through[04:05:49] <AlaricToo> it SHOULD have been blocked[04:07:13] <rob0> There is a logging option to show "permit" actions in the logs.[04:08:12] <AlaricToo> That would probably be helpful.[04:08:14] <rob0> smtpd_log_access_permit_actions = static:all[04:08:40] <AlaricToo> huh. that entire directive is new to me.[04:08:59] <rob0> not sure what version introduced that, but postconf.5.html#smtpd_log_access_permit_actions probably would say.[04:26:01] <AlaricToo> it's been around since 2.10, I just never encountered it[04:27:51] <AlaricToo> ohhh ..... I think I see the problem[04:33:13] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has quit IRC (Quit: Ping timeout (120 seconds))[04:36:31] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has joined #postfix[05:01:39] *** puff <puff!~user@162.223.16.1> has quit IRC (Ping timeout: 252 seconds)[05:04:32] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has joined #postfix[05:04:56] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Remote host closed the connection)[05:12:25] *** hugoShaka <hugoShaka!~hugoShaka@mugen.shaka.xyz> has quit IRC (Ping timeout: 246 seconds)[05:12:25] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[05:13:12] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[05:22:17] *** buddy123 <buddy123!~buddy123@88.202.177.237> has joined #postfix[05:29:49] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Quit: No Ping reply in 180 seconds.)[05:31:57] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[05:41:17] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has quit IRC (Quit: The Lounge - https://thelounge.github.io)[05:42:08] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has joined #postfix[05:57:58] *** buddy123 <buddy123!~buddy123@88.202.177.237> has quit IRC (Ping timeout: 245 seconds)[05:58:47] *** Blas <Blas!~a@unaffiliated/eth1> has quit IRC (Ping timeout: 245 seconds)[05:58:57] *** Blas <Blas!~a@unaffiliated/eth1> has joined #postfix[06:01:54] *** buddy123 <buddy123!~buddy123@173.254.222.162> has joined #postfix[06:09:41] *** RudyValencia <RudyValencia!rudy@unaffiliated/rudyvalencia> has joined #postfix[06:11:18] *** buddy123 <buddy123!~buddy123@173.254.222.162> has quit IRC (Ping timeout: 245 seconds)[06:31:57] *** led_dark_1 <led_dark_1!~Thunderbi@217.66.160.14> has quit IRC (Quit: led_dark_1)[06:50:35] *** rednul <rednul!~rednul@219.163.48.199.static.reverse.as19531.net> has quit IRC (Ping timeout: 255 seconds)[06:56:11] *** rednul <rednul!~rednul@219.163.48.199.static.reverse.as19531.net> has joined #postfix[06:58:48] *** phoenixz <phoenixz!~quassel@unaffiliated/phoenixz> has quit IRC (Ping timeout: 252 seconds)[07:02:53] *** gu1lle_1 <gu1lle_1!~Thunderbi@45-251-16-190.fibertel.com.ar> has joined #postfix[07:04:12] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has quit IRC (Ping timeout: 245 seconds)[07:04:12] *** gu1lle_1 is now known as gu1lle_[07:21:42] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.183.217.244> has quit IRC (Ping timeout: 245 seconds)[07:33:57] *** [NoClan]GoAway <[NoClan]GoAway!~NoClan@46.183.217.244> has joined #postfix[07:44:44] *** AC3J <AC3J!james@2600:3c03::f03c:91ff:fe6e:d098> has quit IRC (Quit: ZNC 1.7.2+deb1+bionic0 - https://znc.in)[07:45:20] *** AC3J <AC3J!~james@bbs.c-128.net> has joined #postfix[07:46:41] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[07:56:37] *** Bebef <Bebef!sbreit@phobos.bebef.de> has joined #postfix[07:59:09] *** twb <twb!~twb@203.7.155.117> has joined #postfix[08:00:05] <twb> Anybody know offhand what a query to a DNSBL looks like? As in, how do I do one by hand using dig[08:00:35] <twb> (It just occured to me that the netops at $site might be aggressively blocking DNS queries, and I want to test that BEFORE postscreen goes live)[08:03:17] <twb> Ah, never mind. The DNSBL queries just go to the regular caching proxy DNS servers. They don't go *direct* to the DNSBL's authoritative server.[08:03:28] <twb> So it will Just Work[08:11:53] *** irctc602 <irctc602!3ec370a7@gateway/web/freenode/ip.62.195.112.167> has joined #postfix[08:12:27] *** Konichiwa <Konichiwa!~Konichiwa@host-72-175-167-98.ftm-co.client.bresnan.net> has quit IRC (Ping timeout: 240 seconds)[08:13:11] *** irctc602 <irctc602!3ec370a7@gateway/web/freenode/ip.62.195.112.167> has quit IRC (Client Quit)[08:22:11] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[08:26:14] *** Gaaab <Gaaab!~Gaaab@host9-94-dynamic.13-79-r.retail.telecomitalia.it> has joined #postfix[08:30:39] *** Gaaab <Gaaab!~Gaaab@host9-94-dynamic.13-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 252 seconds)[08:30:51] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[08:42:45] *** houtworm_ <houtworm_!uid351805@gateway/web/irccloud.com/x-xopnrjuxubqugdsh> has joined #postfix[08:44:01] *** Gaaab <Gaaab!~Gaaab@milik.frozenstar.info> has joined #postfix[08:44:35] *** houtworm_ <houtworm_!uid351805@gateway/web/irccloud.com/x-xopnrjuxubqugdsh> has quit IRC (Client Quit)[08:44:55] *** houtworm <houtworm!uid351805@gateway/web/irccloud.com/x-bilffkyrpksgajof> has joined #postfix[08:47:44] *** houtworm <houtworm!uid351805@gateway/web/irccloud.com/x-bilffkyrpksgajof> has quit IRC ()[08:48:19] *** dhoutworm <dhoutworm!uid351805@gateway/web/irccloud.com/x-yalzbfcoxmwdmezq> has joined #postfix[08:53:14] <dhoutworm> Hello postfixers :) I am running Postfix 3.4.0 I copied my settings from my old server And both Postfix and Dovecot are starting, I am receiving the email but they are stuck in the devlivery queue, I have added a user i have set the virtual hosts and i have set the local host names, but i can not seem to get the mail in the inbox, I am also failing to login, but it is making a connection, i can test for login methods for[08:53:15] <dhoutworm> example. I am not quite sure what to do, I checked online for a bit but i am stuck sadly :([09:08:22] *** TMan459 <TMan459!~TMan459@68-115-6-12.dhcp.stpt.wi.charter.com> has quit IRC (Ping timeout: 245 seconds)[09:14:57] *** TMan459 <TMan459!~TMan459@68-115-6-12.dhcp.stpt.wi.charter.com> has joined #postfix[09:21:17] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[09:21:42] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[09:30:50] *** buddy123 <buddy123!~buddy123@173.254.222.162> has joined #postfix[09:39:17] <survietamine> hello dhoutworm, to get help here, you have to follow instructions included in the /topic[09:41:56] <dhoutworm> I want to include the logs, But i am afraid my postfix is not logging anything, i checked journalctl i also checked /var/logs but there are no mail logs, My last server was pretty easy to setup, and now i am in the deep haha. I will post my config files in a bit, i am sorry i have not followed the getting help guidelines.[09:43:20] *** twb <twb!~twb@203.7.155.117> has quit IRC (Remote host closed the connection)[09:50:29] <dhoutworm> postfix config: https://houtworm.cloud/s/s69reC7PfdQ4jee[09:52:26] <survietamine> what's that?[09:52:47] <survietamine> you don't seem to follow factoids[09:53:04] <Alver> That, and your pastbin is broken. :°)[09:53:32] <Alver> Oh, after refresh it does work.[09:54:27] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 240 seconds)[09:54:58] <survietamine> wtf nextcloud, have to download the file?[09:55:44] <survietamine> !paste[09:55:45] <knoba> survietamine: "paste" : A pastebin is a way to share larger amounts of data with others, without flooding the channel with garbage. You can find pastebins at http://paste.debian.net, http://apaste.info and various other sites. Please avoid using pastebins with active content or intrusive ads such as pastebin.com. Remember to share the URL of the resulting paste in channel.[10:01:24] <dhoutworm> i am sorry here i have a pastebin, https://pastebin.com/Kbr4jk9A[10:04:22] <survietamine> lol[10:05:18] <survietamine> « avoid ... pastebin.com »[10:05:30] <dhoutworm> Haha[10:05:34] <dhoutworm> What should i use?[10:05:35] *** gislaved <gislaved!5266180a@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.10> has joined #postfix[10:05:42] <dhoutworm> I am getting good at pasting :P[10:06:01] <survietamine> there are examples given in that factoids like paste.debian.net, apaste.info. I personnaly using paste.ee[10:06:10] <survietamine> but, that's not the biggest problem[10:06:18] <survietamine> you have to paste what it is asked[10:06:35] <survietamine> after reading !getting_help and !showconfig[10:06:59] <dhoutworm> !getting_help[10:06:59] <knoba> dhoutworm: "getting_help" : before asking your question, read the !relevant_logs and !showconfig factoids, and prepare a single pastebin containing all of that data. if you don't understand what this means, or if you need help doing this, please let us know. also see !pastebin[10:07:11] <dhoutworm> !relevant_logs[10:07:11] <knoba> dhoutworm: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging[10:07:30] <dhoutworm> !showconfig[10:07:30] <knoba> dhoutworm: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[10:09:40] <dhoutworm> https://paste.ee/p/pGpvN These are the config files, I looked for the logs but i have no mail logs somehow, i used the same config from my old system where it did log, i am not sure what is wrong there.[10:10:20] *** gislaved <gislaved!5266180a@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.10> has quit IRC (Remote host closed the connection)[10:44:58] *** Konichiwa <Konichiwa!~Konichiwa@host-72-175-167-98.ftm-co.client.bresnan.net> has joined #postfix[11:05:39] *** ebrasca <ebrasca!~user@librepanther.com> has joined #postfix[11:06:11] <ebrasca> Can postfix manage mailing lists?[11:07:02] <petn-randall> ebrasca: No.[11:07:54] <ebrasca> How I can add mailing list to my server?[11:08:06] <tuxick> install mailman[11:08:57] * Alver shivers at mailman[11:09:36] * tuxick shivers at mailing lists[11:09:43] *** gislaved <gislaved!5266180a@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.10> has joined #postfix[11:09:56] <tuxick> nice idea, if you filter out the idiots[11:10:09] <tuxick> like toppposters[11:12:40] * Alver grins[11:16:41] <blackflow> (or bottom posters that quote the entire 10k line convo, for a single five words sentence reply)[11:17:09] <petn-randall> Or people that write emails.[11:17:17] *** GeneralSpongebob <GeneralSpongebob!~IRC@cpc127156-mapp14-2-0-cust83.12-4.cable.virginm.net> has joined #postfix[11:18:01] <petn-randall> Now that I think of it, my job as a mail admin would be a lot easier if it wasn't for those users everywhere writing emails.[11:18:02] <GeneralSpongebob> Hi, is it possible to have a primary and backup "relay_transport" ? I can't find any information on this type of setup but it seems like it should be simple[11:18:13] * petn-randall goes off to rewatch Fawlty Towers.[11:18:34] <tuxick> petn-randall: remember not to mention the war[11:19:22] <tuxick> blackflow: and those yes, but that's also because of idiots posting logs that repeat the same thing 1000 times[11:21:26] <blackflow> tuxick: petn-randall: I love you both for a) watching Basil, b) knowing the don't mention the war routine.[11:32:07] <tuxick> i think i got away with it![11:33:36] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[11:38:02] <GeneralSpongebob> Any idea on how to give postfix a secondary relay host to use if the first one times out?[11:38:08] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix[11:39:57] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[11:40:41] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[11:42:04] <tuxick> huh?[11:44:34] <GeneralSpongebob> Which bit is confusing?[11:45:32] <tuxick> every bit[11:45:47] <tuxick> !goal[11:45:48] <knoba> tuxick: "goal" : describe your goal, not what you think the solution is[11:47:18] <GeneralSpongebob> Ok: I have postfix acting as a mail relay. It receives email from the Internet and passes it on to an internal mail server. I have two internal mail servers. I want postfix to relay inbound mail on to Server_A. Sometimes Server_A is offline (maintenance). When Server_A does not respond to postfix, I want postfix to relay mail to Server_B.[11:48:08] <tuxick> 2 internal? why?[11:48:37] <tuxick> but ok, that's still mx records and priorities i suppose[11:48:44] <blackflow> (and then how does that work internally with regards to MUAs that want Server_A but it's offline)[11:48:47] <tuxick> sounds like a crazy setup to ,e[11:49:16] <blackflow> if maintenance is really the biggest cause, then reconfigure, reload :)[11:49:37] <tuxick> or just do nothing[11:49:39] <GeneralSpongebob> So you're saying I would have to setup MX records on our internal DNS servers just to have postfix send to Server_B if Server_A is offline?[11:49:42] <tuxick> the mail gets queued[11:50:09] <tuxick> GeneralSpongebob: or fix the entire setup[11:50:46] <GeneralSpongebob> Don't worry about the internal setup, it is correct and works as expected. I'm adding in postfix as mail relays here (and I really don't want to get into a debate about the setup - It is corporate and is what it is)[11:51:09] <tuxick> ok, just fix dns then[11:51:49] <GeneralSpongebob> DNS isn't broken. It sounds like the only way postfix can do this is by me creating extra records... just seems odd[11:52:16] <tuxick> that's how smtp works, nothing odd[11:52:23] <tuxick> why add complications[11:52:42] <Alver> Or if you want to make it odder, have postfix send to a virtual IP on a loadbalancer with priorities.[11:52:45] <Alver> But... eh.[11:52:56] <tuxick> yeah loadbalancer is another option[11:53:02] <tuxick> but that's complicating stuff[11:53:05] <tuxick> and adding spof[11:53:06] <GeneralSpongebob> I'm moving away from a loadbalancer because that breaks spf checking[11:53:23] <tuxick> aaaand we're back to "messed up setup"[11:53:25] <Alver> Hm? Why would that be?[11:53:26] * tuxick quacks[11:53:31] <Alver> Heh[11:53:50] <tuxick> i don't really see what spf's got to do with it but ok[11:54:04] <Alver> It shouldn't have the least bit of impact, otherwise every router would too[11:54:08] <GeneralSpongebob> Loadbalancer may be the wrong term... HAProxy on pfSense. The mail server sees the IP of the GW instead of the original source so HELO chacking failed every time[11:54:26] * Alver bails[11:54:35] <tuxick> very messed up setup[11:54:57] <tuxick> oooh i think i see[11:55:06] <tuxick> the internal sewers are exchange[11:55:14] <tuxick> so putting postfix in front would make sense[11:55:16] <blackflow> lol[11:55:40] <GeneralSpongebob> Yes, Exchange. I have campaigned to get rid of it for a long time but that's not happening[11:56:21] <tuxick> yet the filtering is done there[11:56:35] <tuxick> i'd say loadbalancer/proxy indeed[11:56:41] <Alver> As much as it is an unpopular opinion here, Exchange is a decent mail platform. I just wouldn't expose it to the internet either, so good point there.[11:56:45] <GeneralSpongebob> There are definitely some problems with the setup that we're working through but it's incorrect to say the whole setup is broken because it does work quite well. Even if bits are glued together.[11:56:45] <tuxick> otherwise you get bouncing and stuff[11:57:26] <tuxick> GeneralSpongebob: so you have 2 pfsenses doing wossname[11:57:27] <tuxick> carp?[11:57:42] <tuxick> been years i've used that[11:58:08] <GeneralSpongebob> Yes, they are configured in failover. But I'm moving away from HAPRoxy in favour of postfix as a mail relay.[11:59:04] <tuxick> hmm, and plain port forwarding no option because that's exposing exchange[11:59:12] <tuxick> catch232[11:59:16] <tuxick> 22 even[11:59:39] <tuxick> just one tip: make sure you get no bounces :)[12:00:04] <GeneralSpongebob> The reason I'm moving away from HAPRoxy for inbound mail is because it breaks SPF checks on HELO... Yes, port forward exposes exchange and I don't want that. I'm just going to have to figure out how to sort out the internal DNS servers to somehow get MX records in there. That is not simple because the DNS *is* slightly messed up[12:00:19] <GeneralSpongebob> I have NDRs and bounces all disabled within postfix and Exchange[12:00:35] <tuxick> move the spf checks to postfix[12:00:39] <tuxick> and disable on sexchange[12:01:05] <GeneralSpongebob> This is what I'm doing by exposing postfix and routing mail in through that instead of the HAProxy[12:01:15] <tuxick> ack[12:01:19] <Alver> Yes, it makes much more sense to have such checks done on the front gate, rather than the bathroom door.[12:01:30] <tuxick> very much[12:01:39] <GeneralSpongebob> Yes, we agree on that[12:02:16] <tuxick> but! having a single postfix means losing redundancy[12:02:27] <dhoutworm> Hello again :) I found some logs, https://paste.ee/p/EnPUS i sent an email from my google email to the mailserver. can anyone give me some pointers where i should look to fix this? these are my config files https://paste.ee/p/pGpvN[12:02:32] <GeneralSpongebob> I have two, one for each ISP[12:02:39] <tuxick> ooh ok[12:02:44] <GeneralSpongebob> and external MX set up already[12:03:04] <tuxick> i can think of a rather painful solution using pacemaker[12:03:09] <tuxick> it would work[12:03:47] <Alver> Wait, but doesn't Exchange already have a way to take over if one server in the group is down for whatever reason?[12:04:00] * Alver digs in brain[12:04:00] <tuxick> Alver: also a good idea[12:04:07] <tuxick> make them move the IP[12:04:45] <GeneralSpongebob> Alver: This is why I said not to worry about the internal setup. It's more complicated than just having Exchange and I don't want to get into a debate on it[12:04:54] <tuxick> grr, lunchtime, so colleague gets called by some stupid lookout clicker[12:04:59] <tuxick> always at 2 to lunch[12:05:08] <GeneralSpongebob> Anyway, thanks both for pointing me in the right direction.[12:16:33] <ebrasca> Can you recomend some good guide for mailman ? ( I am using debian )[12:17:07] *** pj <pj!~pj@centos/ops/pj> has quit IRC (Ping timeout: 240 seconds)[12:17:15] <Alver> ebrasca: better ask a mailman channel.[12:18:57] <ebrasca> OK[12:24:15] <tuxick> https://wiki.debian.org/Postfix#Mailman_with_Postfix[12:24:29] * tuxick whistles innocently[12:30:21] *** pj <pj!~pj@centos/ops/pj> has joined #postfix[12:49:45] *** Xogium <Xogium!~Xogium@unaffiliated/xogium> has joined #postfix[12:51:37] <Xogium> hi ! Just to tell all the people who tried to help me the other day with this unexplainable hang in my mail server, I think someone managed to fix it by examining a strace, found out that even with disable_dns_lookup it was still doing hang, so he made me add this in main.cf instead, and the server has been responsive for over 10 minutes now[12:51:43] <Xogium> smtpd_peername_lookup=no[12:52:26] <Xogium> I think this fixed it, but I'm going to keep an eye open for any weird behavior[12:53:27] <Xogium> so prolly a rdns issue for real[12:53:48] <Xogium> my ip has none[12:55:36] <Xogium> but what I wonder now, is it a bad idea to leave this like it is, if this fixed the issue ? Is there any major problem that could happen with this option disabled ?[12:56:18] <tuxick> Xogium: i never ever heard of dns lookups hanging[12:56:42] <tuxick> not even on windows[12:56:47] <Xogium> tuxick: hehe, well, it apparently does here, rdns lookup hangs because I have none[12:57:10] <Xogium> but don't even ask me why, over tls only[12:57:21] <tuxick> even with a seriously broken nameserver this shouldn't happen[12:58:32] <Xogium> yet it did, as the strace showed… :/ I have 0 explanation for this behavior, I just know that since I turned it off it doesn't hang when I do gnutls-cli mail_server_address -p 465 anymore[12:58:44] <Xogium> before it used to take between 40 seconds and 3 minutes[12:59:23] <Xogium> would often result in a timeout[13:00:06] <Xogium> and the faster I spammed the server with connections, the faster it would get, till it was to full speed, before slowing back down if I left it alone for so much as 2 minutes[13:00:57] * tuxick blames systemd[13:01:05] <tuxick> poettinger is the root of all evil[13:03:12] * Xogium shrugs[13:03:56] <blackflow> vast majority of perceived systemd issues are a) bad config, b) bad distro defaults, c) sometimes all of the above[13:04:14] <Xogium> so can I leave it like this, or does this implies a security risk in any way ? I just want to make sure everything is still fine. I could try to setup my own dns server so my ip gets a rdns but, yeah, for now[13:13:11] *** selea <selea!~selea@gatekeeper01.ports.se> has joined #postfix[13:17:31] *** MaximB <MaximB!93ea2102@gateway/web/freenode/ip.147.234.33.2> has joined #postfix[13:18:53] <MaximB> hello, I had postfix and sendmail installed on the machine, it sent emails via sendmail. I want it to send emails via postfix. I removed sendmail (yum remove sendmail) but when I look at the logs I see it still tries to send emails via sendmail. how can I change it to postfix?[13:22:45] <MaximB> sending via mutt[13:27:26] *** serdar <serdar!~serdar@5.146.196.109> has joined #postfix[13:27:30] <serdar> hello[13:28:19] <serdar> I received an scam email using my very own email address, how can I stop this?[13:29:24] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[13:29:27] <GeneralSpongebob> serdar: Set up SPF records on your domain and configure postfix to check them.[13:29:48] <blackflow> MaximB: you mean via /usr/bin/sendmail? is that postfix' sendmail binary?[13:29:51] <serdar> I already did that, I mean I already add an spa record[13:30:02] <serdar> spf[13:30:07] <tuxick> well, add spf checking then[13:30:11] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[13:30:24] <tuxick> normally you have some sort of spamfilter[13:30:24] <MaximB> blackflow: cannot access /usr/bin/sendmail: No such file or directory (as I removed sendmail)[13:30:31] <serdar> Is it spa checking I should google for?[13:30:34] <serdar> args[13:30:35] <serdar> spf[13:30:42] <blackflow> MaximB: there's Sendmail the MTA (whole package and daemon and tools) and there's /usr/bin/sendmail which is "sendmail binary" used even by postfix to inject local mail into the queue[13:30:50] <tuxick> serdar: you don't have a spamfilter?[13:31:10] <GeneralSpongebob> serdar: Make sure your record is configured correctly which means ensuring it denies all incorrect sources. You want -all[13:31:49] <blackflow> MaximB: maybe /usr/sbin/sendmail?[13:32:54] <GeneralSpongebob> serdar: If you haven't installed policyd-spf and configured it for postfix then your SPF record won't be checked[13:33:39] <serdar> I will do that right now, thank you guys[13:33:39] <MaximB> blackflow: yeah /usr/sbin/sendmail goes to postifx. but when I look at the logfiles I see ar 6 13:40:08 ax-snapshot-prod sendmail[13695]: x26Bc8sI013693: to....[13:33:58] *** blackflow <blackflow!~r00t@unaffiliated/blackflow> has quit IRC (Remote host closed the connection)[13:36:42] *** blackflow <blackflow!~r00t@unaffiliated/blackflow> has joined #postfix[13:37:19] <ebrasca> Is Postfix VERP support good for mailing list?[13:37:57] <MaximB> blackflow: yeah /usr/sbin/sendmail goes to postifx. but when I look at the logfiles I see ar 6 13:40:08 ax-snapshot-prod sendmail[13695]: x26Bc8sI013693: to....[13:38:24] <petn-randall> ebrasca: VERP is needed to do sensible mailing list management, if that's your question.[13:38:45] <MaximB> while it should be Mar 6 13:40:08 ax-snapshot-prod postfix[13695]: x26Bc8sI013693: to...[13:41:03] <blackflow> MaximB: are you sure? the sendmail binary is still "sendmail" process name.[13:41:18] <blackflow> MaximB: http://www.postfix.org/sendmail.1.html[13:42:41] <MaximB> blackflow: I knew a few months ago we only had postfix in this server and the logs were: "Feb 14 06:27:11 ax-snapshot-prod postfix/qmgr[24745]: B57FE2091A95: from=" and "Feb 14 08:27:37 ax-snapshot-prod postfix/qmgr[24745]: BF7712091A95: from="...[13:43:16] <MaximB> and now it's 'sendmail'[13:44:30] <blackflow> MaximB: /usr/sbin/sendmail and the postfix qmgr are two different programs, sendmail is not a daemon[13:44:48] <blackflow> MaximB: I mean.... if you _really_ removed Sendmail the MTA/package, what else could then be running as "sendmail" process?[13:47:08] <MaximB> dunno really... but the mail relay is on postfix and it doesn't send emails anymore[13:47:17] *** Gaaab <Gaaab!~Gaaab@milik.frozenstar.info> has quit IRC (Ping timeout: 255 seconds)[13:47:54] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[13:48:01] <blackflow> MaximB: perhaps start with !relevant_logs[13:48:57] <blackflow> pastebin the config, logs, describe the problem in full detail. someone will help, I have to deal with a minor emergency here first...[13:49:20] <MaximB> thank you blackflow[13:49:30] *** Gaaab <Gaaab!~Gaaab@milik.frozenstar.info> has joined #postfix[13:52:56] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[13:53:45] <serdar> Can I add two policy lines in master.cf? I am not sure if I use python or perl[14:04:38] <serdar> GeneralSpongebob, I changed the ~all to -all but super toolbox from mxtoolbox gives me a syntax error for all[14:13:05] <Xogium> hmm. My rdns apparently returns a servfail. I think its not supposed to happen, even with no rdns attached to an ip, right ?[14:13:20] <Xogium> could this be part of the issue that causes this strange hang ?[14:18:23] *** gislaved <gislaved!5266180a@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.10> has quit IRC (Ping timeout: 245 seconds)[14:20:10] *** gislaved <gislaved!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has joined #postfix[14:26:31] <lunaphyte> any servfail is likely not a good one[14:27:33] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[14:31:49] <Xogium> then, its hurricane electric's fault for not sending the good thing, I guess[14:32:32] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[14:32:37] <lunaphyte> couldn't say, without actual data[14:32:55] <Xogium> lunaphyte: what you need ?[14:33:04] <Xogium> if you wanted to debug this further, I mean[14:35:44] <Xogium> I know they assign a rdns to the first ip of the entire block, but its up to you to assign any other if you so wish. Then again I didn't think having none assign would result in servfail…[14:37:16] <Xogium> I would have thought more along the lines of nxdomain[14:40:20] *** gislaved61 <gislaved61!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has joined #postfix[14:40:28] *** gislaved <gislaved!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has quit IRC (Ping timeout: 245 seconds)[14:41:53] *** gislaved <gislaved!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has joined #postfix[14:42:22] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[14:42:52] *** gislaved61 <gislaved61!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has quit IRC (Remote host closed the connection)[14:43:29] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Quit: No Ping reply in 180 seconds.)[14:45:37] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[14:47:36] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[14:48:40] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[14:52:24] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has joined #postfix[14:53:31] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[14:54:12] *** GeneralSpongebob <GeneralSpongebob!~IRC@cpc127156-mapp14-2-0-cust83.12-4.cable.virginm.net> has quit IRC (Quit: mischief managed)[14:54:29] *** AlaricToo <AlaricToo!~alaric@caerllewys.net> has left #postfix[14:54:40] *** r0ni <r0ni!~jloco@c-68-43-217-143.hsd1.mi.comcast.net> has quit IRC (Remote host closed the connection)[15:00:08] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Ping timeout: 250 seconds)[15:00:31] *** Annak <Annak!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:01:01] *** Annak is now known as Diemuzi[15:12:56] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[15:17:43] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[15:22:37] *** aoeuoasuhaosetuh <aoeuoasuhaosetuh!~root@mail.tyjgr.com> has joined #postfix[15:22:50] *** aoeuoasuhaosetuh <aoeuoasuhaosetuh!~root@mail.tyjgr.com> has quit IRC (Client Quit)[15:23:07] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:34:48] *** sphex <sphex!~nobody@38.133.24.221> has quit IRC (Ping timeout: 250 seconds)[15:42:00] *** MaximB <MaximB!93ea2102@gateway/web/freenode/ip.147.234.33.2> has quit IRC (Quit: Page closed)[15:48:34] *** ebrasca <ebrasca!~user@librepanther.com> has quit IRC (Remote host closed the connection)[15:54:24] *** Noti <Noti!~steffan@ip4da40774.direct-adsl.nl> has quit IRC (Quit: Konversation terminated!)[16:11:43] *** chowbok <chowbok!~chowbok@207.181.255.76> has quit IRC (Read error: Connection reset by peer)[16:12:53] *** chowbok <chowbok!~chowbok@207.181.255.76> has joined #postfix[16:15:58] *** buddy123 <buddy123!~buddy123@173.254.222.162> has quit IRC (Ping timeout: 250 seconds)[16:17:14] *** sphex <sphex!~nobody@38.133.24.221> has joined #postfix[16:33:59] *** gu1lle_ <gu1lle_!~Thunderbi@45-251-16-190.fibertel.com.ar> has quit IRC (Remote host closed the connection)[16:45:35] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[16:50:44] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[17:03:54] *** zapata <zapata!~zapata@2a02:b18:581:10:477:e245:35ed:d0ca> has quit IRC (Quit: WeeChat 2.4)[17:25:34] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has joined #postfix[17:30:33] *** zapata <zapata!~zapata@2a02:b18:581:10:70de:a79:c19e:7ee7> has joined #postfix[17:32:07] *** rsx <rsx!~rsx@ppp-188-174-154-86.dynamic.mnet-online.de> has joined #postfix[17:34:07] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Quit: Ex-Chat)[17:38:18] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[17:38:39] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[17:40:41] *** led_dark_1 <led_dark_1!~Thunderbi@217.66.160.14> has joined #postfix[17:42:04] *** gu1lle_ <gu1lle_!~Thunderbi@201.216.253.75> has joined #postfix[17:44:33] *** edux <edux!~edux@190.247.46.25> has joined #postfix[17:49:41] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[17:56:11] *** _0x5eb_ <_0x5eb_!~seb@seb-hpws2.w1.tele.crt1.net> has quit IRC (Quit: Goodbye!)[17:56:23] *** led_dark_2 <led_dark_2!~Thunderbi@217.66.160.14> has joined #postfix[17:57:29] *** led_dark_1 <led_dark_1!~Thunderbi@217.66.160.14> has quit IRC (Ping timeout: 255 seconds)[17:57:29] *** led_dark_2 is now known as led_dark_1[18:02:06] *** kurkale6ka <kurkale6ka!~kurkale6k@84.45.99.125> has joined #postfix[18:07:39] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[18:12:36] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has joined #postfix[18:14:12] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has quit IRC (Ping timeout: 252 seconds)[18:17:16] *** edux <edux!~edux@190.247.46.25> has joined #postfix[18:17:27] *** buddy123 <buddy123!~buddy123@88.202.177.237> has joined #postfix[18:17:54] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[18:18:13] *** edux <edux!~edux@190.247.46.25> has joined #postfix[18:20:14] *** kurkale6ka <kurkale6ka!~kurkale6k@84.45.99.125> has quit IRC (Quit: WeeChat 2.4)[18:20:48] *** bleb <bleb!~cm@207.148.20.110> has quit IRC (Quit: leaving)[18:20:56] <rob0> Xogium, smtpd_peername_lookup=no is not a good idea.[18:21:16] *** _0x5eb_ <_0x5eb_!~seb@seb-hpws2.elen.ucl.ac.be> has joined #postfix[18:36:09] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has quit IRC (Quit: No Ping reply in 180 seconds.)[18:37:18] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Ping timeout: 252 seconds)[18:38:18] *** Kelsar <Kelsar!~quassel@unaffiliated/kelsar> has joined #postfix[18:46:28] <Xogium> rob0: why ? I'm a newb at this[18:48:35] <Xogium> this is the only sollution I found. Or I should run my own dns server, which I can't possibly do at home because the port 53 is filtered[18:48:44] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[18:49:41] <rob0> um, start with what you are trying to do with this[18:50:04] <rob0> smtpd_peername_lookup=no means every connection would be "unknown"[18:50:08] <Xogium> just make my own mail server on my server that a friend gave me[18:50:13] <Xogium> and use it at home[18:50:28] <rob0> why is 53 filtered?[18:50:58] <Xogium> isp at home filters 53, and my ip has no rdns. So postfix hangs[18:51:13] <rob0> does not follow[18:51:28] <Xogium> well, if I want to assign a ptr record to my ip[18:51:32] <Xogium> I have to do it myself[18:51:47] <Xogium> my home ip[18:51:50] <rob0> home ISP filtering 53 has nothing to do with what the server does[18:52:16] <rob0> this is ipv4?[18:52:19] <Xogium> nah but assigning a ptr record to my ip means I need to run my own dns server, doesn't it[18:52:23] <Xogium> v6[18:52:28] <rob0> ahhh[18:52:47] <Xogium> my v6 currently returns servfail[18:53:00] <rob0> anyway, you surely don't have the relevant ip6.arpa zone delegated to you[18:53:33] <Xogium> I think I do, since its a hurricane electric tunneling[18:53:39] <rob0> oh[18:53:54] <rob0> so why not use ipv4 then?[18:54:43] <Xogium> well, I just thought it would be better to use my v6 where I could. I guess I'll remove the v6 from my server[18:55:16] <Xogium> it had no use beyond this anyways[18:56:28] <Xogium> or maybe I could just go bother hurricane electric and tell them to fix whatever they've done that sends servfail[18:56:44] <Xogium> but doubt it :p[18:57:24] <rob0> In SMTP, I am in no hurry to implement ipv6, honestly. Spam in ipv4 is a solved problem; in ipv6 it's wide open and unknown, and will be a mess once enough victims get there to be worthwhile for spammers.[18:58:49] <Xogium> I suppose… Still annoying that I wasted so much time in this[19:00:14] <rob0> Did HE give you instructions for how to do your rDNS on the tunnel?[19:00:56] <rob0> anyway, it shouldn't matter for submission, you're not trying to submit on port 25, are you?[19:01:44] <rob0> " -o smtpd_peername_lookup=no" would be fine on submission, definitely not on 25[19:02:18] <Xogium> oh nah I use on 465 only[19:02:49] <Xogium> but ironically I always get one ip that is being a bother and that has no rdns[19:03:08] <Xogium> always the same one, connect/disconnect and does nothing else[19:03:57] <rob0> okay, how are you going to have a "mail server" without 25?[19:04:08] <Xogium> I have it open[19:04:19] <Xogium> I just don't go through it myself since my isp filters it anyways[19:04:29] <rob0> oh, you mean you submit via 465, fine[19:04:33] <Xogium> yeah[19:04:36] <rob0> !submissions[19:04:36] <knoba> rob0: "submissions" : RFC 8314 renames the old smtps port, 465/tcp, to submissions, for user submission of mail, NOT suitable for mail exchange, with implicit TLS rather than explicit STARTTLS via a plaintext TCP connection. Postfix can implement submissions with a separate smtpd(8) listener with -o smtpd_tls_wrappermode=yes . See the commented example for smtps in master.cf.[19:05:21] <rob0> submissions can also have the " -o smtpd_peername_lookup=no"[19:05:40] <rob0> but SERVFAIL would not cause Postfix to hang[19:06:15] <Xogium> I didn't really expect it would, that was just my only theory as to why it was stuck in a loop trying to perform the lookup[19:06:34] <Xogium> but I just don't know honestly why its acting up[19:06:42] *** _0x5eb_ <_0x5eb_!~seb@seb-hpws2.elen.ucl.ac.be> has quit IRC (Quit: Goodbye!)[19:07:26] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has quit IRC (Quit: Ping timeout (120 seconds))[19:07:46] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has joined #postfix[19:10:38] <Xogium> the heck[19:11:00] <Xogium> I added it into the -o options for smtps[19:11:10] <Xogium> instead of where it was before at the end of main.cf[19:11:23] <Xogium> restarted postfix, it hangs[19:11:54] <Xogium> while I'm making an explicit connection to port 465[19:12:27] <rob0> "it hangs," how are you observing this?[19:12:38] <rob0> !tlstest[19:12:38] <knoba> rob0: "tlstest" : see !s_client[19:12:46] <rob0> !s_client[19:12:46] <knoba> rob0: "s_client" : Starting with OpenSSL 0.9.7, you can test the server-side TLS with the following: openssl s_client -starttls smtp -connect <hostname>:587 (or :25, accordingly).[19:13:03] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has quit IRC (Ping timeout: 252 seconds)[19:13:06] <Xogium> I tested both gnutls-cli and s_client[19:13:08] <rob0> without the -starttls of course[19:13:34] <Xogium> *** Fatal error: The operation timed out[19:13:42] <rob0> was the TLS negotiation completed?[19:13:50] <Xogium> nop[19:13:54] <rob0> !smtpd_tls_loglevel[19:13:54] <knoba> rob0: "smtpd_tls_loglevel" : enable additional postfix smtp server logging of tls activity. each logging level also includes the information that is logged at a lower logging level.[19:14:07] <rob0> smtpd_tls_loglevel=1 (in main.cf)[19:14:55] <Xogium> raised it to 3 yesterday. It hangs between the moment where it says 'initializing server side tls engine' and the moment where my screen gets filled with numbers and stuff about the lts handshake[19:15:24] <rob0> nono, set to 1[19:15:35] <Xogium> I have absolutely no idea why disabling peer name lookup entirely gets rid of the hanging[19:15:42] <Xogium> will do[19:16:30] <rob0> Rarely is any kind of verbose logging needed, or even a good idea, because you tend to lose the important bits in the flood.[19:16:55] <Xogium> oh, wait a sec[19:16:57] <Xogium> fatal: bad boolean configuration: smtpd_peername_lookup = no"[19:17:31] <Xogium> maybe this thing is a global option...?[19:19:01] *** NickBusey <NickBusey!~NickBusey@c-67-176-95-15.hsd1.co.comcast.net> has joined #postfix[19:19:05] *** _0x5eb_ <_0x5eb_!~seb@seb-hpws2.w1.tele.crt1.net> has joined #postfix[19:19:22] <Xogium> that explains at least why it hangs now[19:19:56] <rob0> oh haha[19:20:11] <rob0> see postconf.5.html#smtpd_peername_lookup[19:20:30] <rob0> it's not something I use, so I am not familiar with the syntax[19:20:50] <Xogium> let me check… I'm a real newb at this :D can't say I didn't warn ;)[19:21:18] <rob0> see, this is why our /topic says you should make a pastebin to start out[19:26:10] <Xogium> it just the default is yes[19:26:14] *** Agaphon <Agaphon!~Agathon@c-73-255-18-44.hsd1.tx.comcast.net> has joined #postfix[19:26:14] <Xogium> err, says[19:26:34] *** Blubberbop <Blubberbop!~quassel@mx1.capmegamail.com> has joined #postfix[19:27:44] <Xogium> no config file specified though, so seems like it should work in master.cf[19:28:33] <lunaphyte> no config file specified?[19:29:02] <Xogium> yeah some have the mention main.cf or master.cf alongside their name in the man page[19:30:00] <lunaphyte> which man page?[19:30:11] *** Agathon <Agathon!~Agathon@unaffiliated/agathon> has quit IRC (Ping timeout: 255 seconds)[19:30:36] <Xogium> nevermind I was looking up the wrong one and didn't notice. So yeah the default is yes[19:30:54] <Xogium> so, setting it to no should work shouldn't it[19:36:45] <rob0> Any smtpd_* setting can be set for any smtpd instance in master.cf[19:36:56] <Xogium> right[19:37:01] <rob0> setting it in main.cf makes it global[19:37:23] <Xogium> so why does it say that its not valid[19:37:51] <rob0> oh, maybe you used spaces around the "="?[19:38:12] <rob0> "fatal: bad boolean configuration: smtpd_peername_lookup = no"[19:38:34] <rob0> in master.cf you cannot have spaces there[19:38:43] <Xogium> oh, doh[19:39:09] <Xogium> let me fix this[19:40:18] <Xogium> oh, I know what happen[19:40:50] <Xogium> I accidentally put a " sign after the =no, screen reader didn't say, so I didn't notice[19:41:47] <Xogium> that's really stupid ^^[19:42:16] <rob0> ah, yeah[19:42:17] <Xogium> now, that's better :) only doing it for port 465[19:42:47] *** rsx <rsx!~rsx@ppp-188-174-154-86.dynamic.mnet-online.de> has quit IRC (Remote host closed the connection)[19:42:50] <Xogium> thanks for this[19:43:20] <Xogium> now onto blocking that single ip that's annoying me[19:47:51] *** krijt <krijt!~krijt@mail.vertrouwdverbonden.nl> has joined #postfix[19:56:52] *** Blubberbop <Blubberbop!~quassel@mx1.capmegamail.com> has quit IRC (Ping timeout: 246 seconds)[20:01:16] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has joined #postfix[20:03:56] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)[20:08:34] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[20:29:02] *** _ruben <_ruben!~ruben@54682E4E.cm-12-1a.dynamic.ziggo.nl> has quit IRC (Remote host closed the connection)[20:34:58] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Quit: Ex-Chat)[20:37:29] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has quit IRC (Quit: An alternate universe was just created where I didn't leave. But here, I left you. I'm sorry.)[20:43:19] *** phoenixz <phoenixz!~quassel@mail.capmega.com> has joined #postfix[20:59:00] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[20:59:25] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has joined #postfix[21:00:41] *** ]SiB[ <]SiB[!~Thunderbi@unaffiliated/sib/x-9459575> has joined #postfix[21:01:25] *** Ekho <Ekho!~Ekho@unaffiliated/ekho> has joined #postfix[21:07:06] *** nailyk <nailyk!~nailyk@carbonfusion/co-admin/nailyk> has quit IRC (Ping timeout: 264 seconds)[21:12:54] *** yvyz <yvyz!~yvyz@gateway/tor-sasl/yvyz> has quit IRC (Remote host closed the connection)[21:13:08] *** yvyz <yvyz!~yvyz@gateway/tor-sasl/yvyz> has joined #postfix[21:22:03] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[21:27:06] *** treefrob <treefrob!~treefrob@p2E542C13.dip0.t-ipconnect.de> has quit IRC (Ping timeout: 250 seconds)[21:29:07] *** Agaphon <Agaphon!~Agathon@c-73-255-18-44.hsd1.tx.comcast.net> has quit IRC (Ping timeout: 240 seconds)[21:33:52] *** edux <edux!~edux@190.247.46.25> has joined #postfix[21:35:22] *** robinho86 <robinho86!~robsonjf@191.36.239.241> has left #postfix[21:37:48] *** olegfusion <olegfusion!~olegfusio@mail.mobileforsale.ru> has quit IRC (Read error: Connection reset by peer)[21:37:58] *** edux <edux!~edux@190.247.46.25> has quit IRC (Ping timeout: 245 seconds)[21:40:28] *** edux <edux!~edux@190.247.46.25> has joined #postfix[21:40:54] *** treefrob <treefrob!~treefrob@p2E542C13.dip0.t-ipconnect.de> has joined #postfix[21:42:43] *** krijt <krijt!~krijt@mail.vertrouwdverbonden.nl> has quit IRC (Quit: leaving)[21:44:23] *** Agathon <Agathon!~Agathon@c-73-255-18-44.hsd1.tx.comcast.net> has joined #postfix[21:45:05] *** kermit <kermit!~zip55413@pdpc/supporter/bronze/kermit> has quit IRC (Ping timeout: 259 seconds)[21:51:32] *** kermit <kermit!~zip55413@pdpc/supporter/bronze/kermit> has joined #postfix[21:52:39] *** kermit <kermit!~zip55413@pdpc/supporter/bronze/kermit> has left #postfix[21:53:12] *** kermit <kermit!~zip55413@pdpc/supporter/bronze/kermit> has joined #postfix[21:59:48] *** nailyk <nailyk!~nailyk@carbonfusion/co-admin/nailyk> has joined #postfix[22:02:31] *** TheFatherMind- is now known as TheFatherMind[22:10:37] *** Bebef <Bebef!sbreit@phobos.bebef.de> has quit IRC (Quit: Ping timeout (120 seconds))[22:11:26] *** Bebef <Bebef!sbreit@phobos.bebef.de> has joined #postfix[22:13:48] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has joined #postfix[22:15:24] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.static.allophone.net> has quit IRC (Client Quit)[22:23:10] <dhoutworm> I give up, Postfix won't work with my new server, Can anyone recommend a mail transfer client that is less of a pain to set up?[22:24:50] <thumbs> dhoutworm: postfix is a mail transfer client?[22:25:39] <dhoutworm> agent, client whatever :P[22:26:02] <dhoutworm> You can see postfix is not for me :P[22:27:35] <rob0> We here use Postfix, so you might not find much useful information about other MTA software, here. But you could try Exim and #exim perhaps. DO read their /topic if you go there.[22:27:36] <GNU\colossus> maybe operating any MTA implementation isn't for you[22:27:46] <rob0> !why[22:27:47] <knoba> rob0: "why" : are you sure that installing, configuring and maintaining a mailserver is really what you want to do here? it's not something that's for the faint of heart, and definitely not something for folks that are still just learning the basics of linux or unix. also see !nullclient[22:30:22] *** shibboleth <shibboleth!~shibbolet@gateway/tor-sasl/shibboleth> has joined #postfix[22:35:55] <dhoutworm> !nullclient[22:35:55] <knoba> dhoutworm: "nullclient" : (#1) a null client is a computer that can only send mail. it receives no mail from the network, and it does not deliver any mail locally. while postfix can be configured to fill this role, it is often unnecessary overkill, and a much simpler software package is more appropriate. see !nullclient_software for more details., or (#2) See http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client[22:38:25] <dhoutworm> I like having my own domains, with a catchall email adress so i can set different email adresses for different websites automatically mark them spam at domain dot tld or newsletter at domain dot tld or whatever, I like managing, I ran postfix+dovecot for 2 years on Ubuntu, I wanted to try something else, i thought i could just copy the postfix config, maybe tweak a little, but i think i broke more than i fixed. I have been at it for...[22:39:12] *** Gaaab <Gaaab!~Gaaab@milik.frozenstar.info> has quit IRC (Ping timeout: 245 seconds)[22:41:20] <dhoutworm> too long, i just want mail, and get some sleep, maybe i will try postfix later, but it was a long day, i just want my mail working and i feel i am getting nowhere. Postfix is the last thing on my list, everything else is configured and running, Synapse gave me some trouble, but it was peanuts compared to the time i put into postfix by now :P[22:42:42] <dhoutworm> Things like iredmail, i hear good things about it, It also uses postfix iirc? I understand most people here use Postfix, but i thought people here would know a thing or 2 about mailservers in general :)[22:47:17] *** gislaved <gislaved!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has quit IRC (Ping timeout: 255 seconds)[22:49:37] *** puff <puff!~user@c-24-131-208-153.hsd1.pa.comcast.net> has joined #postfix[22:52:48] *** gislaved <gislaved!5266182c@gateway/web/cgi-irc/kiwiirc.com/ip.82.102.24.44> has joined #postfix[22:55:01] *** darkavenl <darkavenl!~sacha16@82.196.15.101> has quit IRC (Ping timeout: 246 seconds)[22:55:24] *** darkavenger_afk <darkavenger_afk!~sacha16@82.196.15.101> has joined #postfix[23:02:39] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[23:06:50] <double-p> dhoutworm: "i just want" and "next 5min" wont go far[23:07:44] *** Gaaab <Gaaab!~Gaaab@host9-94-dynamic.13-79-r.retail.telecomitalia.it> has joined #postfix[23:08:26] <regis> I've sent a message to ml today and got several DMARC reports on my SPF failed on mail from 168.100.1.3. Multiple domains and it's always 168.100.1.3. Any idea what's up with that?[23:11:51] <dhoutworm> I know, Tomorrow will go better, i am just done for today. Thanks for the advice[23:12:28] <rob0> There's also ##email, where non-Postfix mail issues are on topic.[23:12:30] <double-p> regis: mxtoosl report?[23:12:59] <rob0> Also, catchall is a bad idea and totally unnecessary given:[23:13:10] <rob0> !recipient_delimiter[23:13:10] <knoba> rob0: "recipient_delimiter" : a configuration parameter in the main.cf: The separator between user names and address extensions (user+foo). See canonical(5), local(8), relocated(5) and virtual(5) for the effects this has on aliases, canonical, virtual, relocated and on .forward file lookups. Basically, the software tries user+foo and .forward+foo before trying user and .forward.[23:13:42] <rob0> !catchall[23:13:42] <knoba> rob0: "catchall" : Sending all emails for non-existing users in domain to a special account. See man 5 virtual for the @domain syntax, which applies in virtual_*_maps and relay_recipient_maps. For local(8) delivery, unset local_recipient_maps and see luser_relay. WARNING: catchalls are rarely a good idea. Spammers will abuse them.[23:13:55] <rob0> !mantras[23:13:56] <knoba> rob0: "mantras" : (#1) Do not accept mail that you do not intend (or are unable) to deliver., or (#2) Do not drop mail., or (#3) Do not use wildcards or catchalls., or (#4) Do not forward mail to third party systems., or (#5) Do not use sender address verification.[23:15:05] *** Gaaab <Gaaab!~Gaaab@host9-94-dynamic.13-79-r.retail.telecomitalia.it> has quit IRC (Ping timeout: 252 seconds)[23:18:19] <dhoutworm> I never really had trouble with spam, Only from the domain register, They always use exact that email adress, that helps me know the roots of the spam, but it also makes it easy to filter :)[23:19:09] <regis> double-p: I don't know how mxtools report looks like but these seem to be normal DMARC reports, sent from various places, and regarding different domains.[23:19:17] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:19:37] *** edux <edux!~edux@190.247.46.25> has joined #postfix[23:20:03] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:20:22] *** edux <edux!~edux@190.247.46.25> has joined #postfix[23:20:37] <double-p> regis: see yourself, since you know your domains: https://mxtoolbox.com/[23:20:49] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:21:09] *** edux <edux!~edux@190.247.46.25> has joined #postfix[23:21:35] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:21:55] *** edux <edux!~edux@190.247.46.25> has joined #postfix[23:22:22] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:22:42] *** edux <edux!~edux@190.247.46.25> has joined #postfix[23:23:08] *** edux <edux!~edux@190.247.46.25> has quit IRC (Remote host closed the connection)[23:27:26] *** Gaaab <Gaaab!~Gaaab@milik.frozenstar.info> has joined #postfix[23:30:59] <lunaphyte> regis: that's a topic for ##email[23:33:25] <regis> lunaphyte: Ok.[23:39:16] <double-p> lunaphyte: do you grafana on ES?[23:42:00] <cybrNaut> is there a way to test transport files without actually sending a message, to see if the config routes a message as expected?[23:42:37] <double-p> cybrNaut: swaks has several "cut offs"[23:45:12] <cybrNaut> double-p: thanks, i wasn't aware of swaks but looks useful indeed[23:45:50] <double-p> cybrNaut: swaks is.. well, swiss army knife :)[23:47:01] <double-p> cybrNaut: any tool having more optarg than gnu-ls is a thing :P[23:51:57] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has quit IRC (Read error: Connection reset by peer)[23:52:10] *** n_1-c_k <n_1-c_k!~nick@2a02:8010:63a6::70> has joined #postfix[23:56:07] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side!)[23:56:12] <lunaphyte> tell cybrNaut postmapq[23:56:15] <lunaphyte> oops[23:56:21] <lunaphyte> !tell cybrNaut postmapq[23:56:22] <knoba> cybrNaut: "postmapq" : You can check your lookups with the postmap command. Example: if you defined transport_maps = mysql:/etc/postfix/transport.cf you may check this mapping by running postmap -q example.com mysql:/etc/postfix/transport.cf and see if it works.[23:57:24] <double-p> lunaphyte: hehe.. https://www.youtube.com/watch?v=B5OPMI13qng[23:58:19] <double-p> (and worse might follow)