SpyidonasHey guys, after following this guide " http://www.krizna.com/ubuntu/setup-mail-server-ubuntu-14-04/ " my server can't send emails externaly (for example Outlook.com, Gmail , etc...) The odd thing is that if i send from the external server to my own and reply to that email, the server does send it successfully.00:39
Patrickdkand the logs are where?00:40
Spyidonasi tail -f syslog00:40
Patrickdkthat is nice00:40
Patrickdkbut I can't tail it00:40
Patrickdkso if you want people here to help you :)00:41
Spyidonasoh you mean to paste the logs. w8.00:41
SpyidonasThat's when i send from my server to external (and i never recieve it)00:43
Patrickdkthere are lines missing00:44
SpyidonasAnd that's when i reply and i recieve it.00:45
Patrickdkdid you get that from /var/log/mail.log ?00:45
Spyidonasno i got them from syslog00:45
Patrickdkto=<spyridonas@live.com>, relay=mx4.hotmail.com[]:25, delay=2.4, delays=0.29/0.02/1.4/0.76, dsn=2.0.0, status=sent (250  <54F3B259.6030208@buzztera.gr> Queued mail for delivery)00:45
Patrickdkthe email was delievered to hotmail00:46
Patrickdkusing that live.com account00:46
Patrickdkis that intended?00:46
SpyidonasYes but the inbox of the live.com account never recieves it.00:46
Spyidonasits not on spam etc00:46
Patrickdknot your problem00:46
Patrickdkyou can see it says00:46
Patrickdkthe hotmail.com server ACCEPTED the email00:47
Patrickdkwhat hotmail does to it after that, you will have to ask them00:47
SpyidonasThen why i recieve the reply and not the send ?00:47
Patrickdklikely, you just followed that howto guide, and your mailserver isn't setup correctly, dns entries setup ptr, ...00:47
SpyidonasSame thing on gmail etc.00:48
Patrickdkare you claiming that hotmail treats all email the same?00:48
Patrickdksurely not00:48
Patrickdkthey do use spam filters00:48
SpyidonasI don't think hotmail, tempemails, gmail, yahoo treat their emails all the same way00:48
Patrickdkthe reply email LOOKS completely different00:48
Spyidonasand i can't send to nobody00:48
Patrickdkit has a valid hotmail id that references a hotmail email00:48
Patrickdkwhat is your servers ip?00:49
SpyidonasIt's a digital ocean server , that's the ip.00:49
Patrickdkwhy does it not have a ptr entry?00:50
Patrickdkmailservers are required to have a ptr00:50
Spyidonasits a temporary server. Does it need the ptr entry ?00:50
SpyidonasI thought it can work without it.00:50
Patrickdkyou want to send mail?00:50
Patrickdkyou need a working server00:50
Patrickdkno ptr == not a working server, for email00:50
Patrickdkhopefully, you also set a proper helo name, and that works in dns, and matchs your non-existing ptr entry00:51
Patrickdkand you setup spf and dkim and dmarc entries00:51
Patrickdkand you do dkim sign every email00:51
Patrickdkno one has to accept your email00:52
Patrickdkit's about trust00:52
Patrickdkhotmail and gmail clearly are seeing all this stuff done wrong, and doesn't trust you00:52
SpyidonasI was going to do these stuff on the actuall server. Meh i guess i need to set them up again.00:52
Patrickdkbut they are making an exception for replies, cause then the hotmail/gmail user initiated that email00:52
Patrickdknot you00:52
SpyidonasOk i will setup everything then00:53
=== Lcawte is now known as Lcawte|Away
=== zz_DenBeiren is now known as DenBeiren
=== micahg_ is now known as micahg
=== markthomas|away is now known as markthomas
=== markthomas is now known as markthomas|away
lordievaderGood morning,06:24
=== kickinz1|afk is now known as kickinz1
=== kickinz1 is now known as kickinz1|afk
=== kickinz1|afk is now known as kickinz1
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== deegee is now known as drussell
SysTomIs anyone aware of a working fix for the isc-dhcp-server bug/issue with the permissions of the lease files?11:07
=== Lcawte|Away is now known as Lcawte
=== kickinz1 is now known as kickinz1|afk
=== Lcawte is now known as Lcawte|Away
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== mlocher is now known as Guest93449
Emmanuel_ChanelSomeone knows dovecot on Ubuntu well? I want to use both system accounts and virtual mail box on my mail server although I won't use any on the global net.13:47
Emmanuel_Chaneldovecot dies when I uncommented #!include auth-sql.conf.ext ...13:54
germanstudentMy (IPv6) config file @ /etc/sysctl.d/ won't persist after reboot. The config works on a running system with "sysctl --system" though. Is there some kind of race condition that overwrites /etc/sysctl.d network setting while booting?14:15
germanstudentcorrection: the file persists, but not the settings14:15
jamespageMadkiss, around? wanted to checkin with you re pacemaker corosync stack for vivid (and Debian?)14:17
jpdsgermanstudent: Pastebin your sysctl file.14:17
germanstudentjpds, http://pastebin.com/fUbkuw70 <- saved as 60-ipv6-disable.conf in /etc/sysctl.d14:20
jpdsgermanstudent: It's 2015, why are you disabling IPv6?14:21
germanstudentjpds, because openvpn will only route my IPv4 address and my IPv6 is still public. I can't find a workaround without disabling IPv6 altogether14:24
jpdsgermanstudent: 'is still public?'14:25
jpdsgermanstudent: Can't you just use ip6tables to block off the ports?14:25
germanstudentjpds, still public means some services (like netflix e.g.) will see my provider assigned IPv6 and geo locate to Germany, though I'm connected through an US OpenVPN server.14:28
germanstudentjpds, this is all so complicated. :/ Why doesn't openvpn route all traffic through the desired server by default *sigh* But I might have to visit another channel for this :)14:29
patdk-wkif your vpn service doesn't offer ipv6, that is fail14:29
patdk-wkopenvpn routes whatever you configure it to route14:30
patdk-wkoviously since your vpn provider doesn't support ipv6, they don't *request* ipv6 is routed over it14:30
patdk-wkit would be the same doing anything else, like ipsec, anyconnect, ...14:31
RoyKgermanstudent: is this an old version of openvpn? I beleive I've seen openvpn work well with 14.0414:31
germanstudentpatdk-wk, it is a rented VPN with IPv6 support (with root access). But why isn't it a default behaviour to hide local IPv6 address to the public, even if you specify an IPv4 to connect to?14:33
germanstudentRoyK it's the current one I guess 2.3.214:33
patdk-wkgermanstudent, heh? openvpn isn't suppose to default that14:33
RoyKgermanstudent: which ubuntu version?14:33
patdk-wkthat is a misconfigure of your vpn service14:34
patdk-wkor if your side openvpn config14:34
germanstudentpatdk-wk, a VPN service I use has the same misconfiguration them Maybe my dual stack internet access is a factor in this too14:35
patdk-wkI have been using openvpn with ipv4 and ipv6 over an ipv4 ip for the last 5 years without any problems14:35
RoyKgermanstudent: is this native IPv6?14:35
patdk-wkbut openvpn was not made to *hide my ip*14:35
germanstudentRoyK, yes. But carrier grade NAT for IPv414:36
patdk-wkit was made to do a vpn, so attempting to hide your ip, is out of scope, and needs additional work, exepcially when you have several ip's14:36
patdk-wkif this vpn service supports ipv6, I would wonder why your not using it14:36
germanstudentpatdk-wk, well, but it was made to connect to a network and communicate to that network solely, right? :/14:37
patdk-wkit was made to protect data from point A to B14:37
patdk-wkcommunicate solely or not, is optional14:37
patdk-wknormally defined as, split horizon14:38
germanstudentpatdk-wk, hm. thanks for your help. I guess I have to write a forum post or something. No IPv6 setting I tried seem to work14:38
germanstudentWhat's weird is that this doesn't happen with Mac or Windows.14:38
RoyKgermanstudent: that's strange indeed14:41
patdk-wkis it a dns issue?14:41
patdk-wkmaybe the dns server over the vpn doesn't do ipv6? possible maybe14:42
patdk-wkand ubuntu keeps falling back to the local dns14:42
germanstudentpatdk-wk, I have to do some more tests, before I can say more. But I entered googles dns in the openvpn config14:42
RoyKgermanstudent: do you have ipv6 dns servers in resolv.conf?14:42
germanstudentRoyK, no, IPv414:43
RoyKgermanstudent: add v6 servers, then14:43
germanstudentOkay, thank you14:43
RoyK2001:4860:4860::8888 and 2001:4860:4860::8844 if you're using the standard google dns servers14:44
germanstudentWill try14:44
=== Lcawte|Away is now known as Lcawte
=== kickinz1|afk is now known as kickinz1
=== zz_DenBeiren is now known as DenBeiren
=== mlocher_ is now known as mlocher
sarthorHi, I have problem of language right to left, here is link which show some help, but as a newbie I am not able to understand, If someone can help where to write that coding which link shows. here is link http://mpcabd.igeex.biz/python-arabic-text-reshaper/16:55
=== markthomas|away is now known as markthomas
=== adam_g_out is now known as adam_g
sarthorHi, I have problem of language right to left on ubtuntu-server , here is link which show some help, but as a newbie I am not able to understand, If someone can help where to write that code or how to follow, the link shows. link http://mpcabd.igeex.biz/python-arabic-text-reshaper/17:38
Emmanuel_ChanelSomeone can help me? I tried to install a mail server based on this page: https://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ I want to use both my system account, different from that. And I got this result: http://pastebin.ca/294707417:38
Emmanuel_ChanelWhat can I do for solving it?17:39
sarnoldEmmanuel_Chanel: check demsg for more segvs; you may have bad memory17:53
bekksEmmanuel_Chanel: So you are using 12.04?18:32
Emmanuel_ChanelNo... 14.04 now...18:36
Emmanuel_ChanelBut not understanding the mail server well, I feel that tutorial very good when I installed it on Ubuntu 12.04.18:36
bekksEmmanuel_Chanel: Which doesnt mean it works on 14.04.18:39
bekksEmmanuel_Chanel: Try this one first: https://www.exratione.com/2014/05/a-mailserver-on-ubuntu-1404-postfix-dovecot-mysql/18:41
Emmanuel_ChanelOh, nice! I didn't know that. I try.18:43
Emmanuel_ChanelThank you very much authough I haven't got a result yet.18:46
mgagnehallyn_: ping19:16
xibalbaHey folks, I'm seeing this in my `dmesg` `[233478.288816] TCP: TCP: Possible SYN flooding on port 8080. Dropping request.  Check SNMP counters.`; Can I disable the check for SYN Flooding on port 8080?19:20
xibalbahmm i dont see syn_flood in my iptables --list19:21
patdk-wkwhy would there be?19:21
xibalbai thought iptables would be handling the above message regarding syn flooding19:22
patdk-wkdon't see anything in that message that talks about iptables19:22
xibalbaok it's a kernel option then?19:22
patdk-wkthe question is, why do you ahve a synflood?19:22
patdk-wkare you getting dos?19:23
patdk-wkdo you just have a crapload of ligit traffic19:23
patdk-wkor is your application gone completely nuts19:23
xibalbait's just a bad client side app i need to get fixed, but i need to disable that synflooding check for the time being19:23
xibalba^^ complete nuts19:23
xibalbaa javascript websocket client connecting to the websocket server19:23
patdk-wkuse sysctl and disable it though19:23
patdk-wkbut that is likely to have all kinds of fun issues19:23
xibalbado youknow which options?  i just did syctl-a |grep syn to gleam the list19:23
xibalbaoh i know, it's temporary19:23
patdk-wknet.ipv4.tcp_syncookies likely is what you want19:24
patdk-wkbut this doesn't *fix* anything19:24
patdk-wkit just means the kernel won't start attempting to figure out ligit from non-ligit requests19:24
patdk-wkthe problem is, your app isn't accepting connections fast enough19:25
patdk-wkoverflowing the syn_backlog19:25
xibalbaright, we're trying to diagnose that now :)19:25
xibalbayeah, all my received queues in netstat are 503 too19:25
patdk-wktherefor making the kernel not know what to do, except drop connections19:25
xibalbaw/120+ connections from 1 client for a websocket javascript client19:25
xibalbaso we know it's borked19:25
patdk-wkincreasing your backlog would help, kindof :)19:25
xibalbai dont think it's being hit yet, it's 51219:25
xibalbanetstat -an |grep -iest |wc -l , is less than 20019:26
patdk-wkwell, the kernel settings ONLY set the max19:26
patdk-wkthe application sets what it wants19:26
patdk-wknormally they are around like 10/50/80/...19:26
patdk-wknot normally very large unless you override19:26
xibalbalet me see., this is a puma app19:26
hallyn_mgagne: hi19:29
mgagnehallyn_: hi19:29
mgagnehallyn_: I got the patches, can you guide me into proposing them?19:29
mgagnehallyn_: https://gist.github.com/mgagne/95046681c59e4e20989c19:29
hallyn_mgagne: now this is for in cloud archive right?19:32
RoyKmgagne: download the source code for the package, patch the code, build it and reinstall the package from the one you built. it's not really as straight forward as downloading a patched windows driver :P19:32
Madkisshello jamespage19:32
mgagnehallyn_: UCA is sub-product of Ubuntu itself, the packages themselves come from Ubuntu release like 13.10, 14.04, etc.19:32
Madkissjamespage: how can I help?19:33
mgagnehallyn_: they might have UCA specific fixes but IMO, this one isn't specific to UCA19:33
hallyn_mgagne: right, but we are being very strict about what upgrades we support (bc otherwise it becomes crazy-fragile), so i'm wondering whether this change should be specific to cloud archive19:33
hallyn_zul: jamespage: ^ around?19:33
hallyn_mgagne: th equestion is do we support upgrading from UCA to standard ubuntu archive of newer release19:33
zulhallyn_:  yeah19:33
mgagnehallyn_: right, I don't know the specific of the policies19:33
hallyn_mgagne: anyway, thank you for the patch;  we definately will fix it somehow that fixes it for UCA,19:34
hallyn_i'm only trying to find the right place19:34
hallyn_mgagne: there's a bug# for this right?19:34
mgagnehallyn_: 142561919:34
mgagnehallyn_: AFAIK, there is no UCA for juno/icehouse19:34
mgagnehallyn_: because trusty ships with icehouse already19:35
hallyn_mgagne: so what are you trying to upgrade from/to?  (release+archive)19:37
hallyn_this is all greek to me so getting my bearings and hoping zul is watching19:37
zulmgagne: https://wiki.ubuntu.com/ServerTeam/CloudArchive19:38
mgagnehallyn_: I'm running uca/precise/icehouse. We have nodes running QEMU 1.5 from uca/precise/havana (for various reasons).19:38
hallyn_sand you're upgrading between those two?19:39
mgagnehallyn_: UCA is just a backport of packages from a Ubuntu release supporting a specific OpenStack version.19:39
mgagnehallyn_: so for Havava, packages were backported from 13.10 to 12.04 into UCA19:39
hallyn_right, 13.10 is no longer supported ,and migration in archive was only ever supported from p->q, q->r, r->s, not from p->s19:41
mgagnehallyn_: to make the migration work, the patch needs to go in QEMU 2.0 (destination), you don't need to patch the source of the migration19:41
hallyn_so i think we want the fix straight into the uca19:41
hallyn_right, but it's hard to SRU something for something that is not supported in archive, given the strict SRU restrictions.19:42
hallyn_i'll talk to jamespage when he's around, and handle it somehow19:42
mgagneQEMU 2.0 is part of 14.04. someone running saucy cannot upgrade to trusty unless trusty is patched19:42
hallyn_(notes taken)19:42
jamespagehallyn_, mgagne is correct - for icehouse everything is just in trusty19:42
hallyn_jamespage: yeah but you can add a delta19:43
jamespagehallyn_, where?19:43
hallyn_in icehouse19:43
jamespagebut that's just 14.0419:43
jamespageno where else to make a delta19:43
hallyn_jamespage: ok, do you mind filling in SRU justfication for bug 1425619 ?19:43
hallyn_jamespage: thing is when we discussed the p->t migration (with infinity and others) it was almost decided it shoudn't be supported at all;  it was then decided we would do very lmited support19:44
hallyn_but really the patch looks good,19:44
jamespagehallyn_, well officially we support precise+icehouse cloud archive to trusty migration19:44
mgagnehallyn_: p->t support was already added with a very similar patch19:45
mgagnehallyn_: see related bug https://bugs.launchpad.net/bugs/129132119:45
hallyn_no wait,19:45
jamespageI'll be around in about 1.5 hrs19:45
hallyn_i'm aware, i pulled that patch :)19:45
mgagnehallyn_: thanks for that work bth =)19:46
hallyn_oh i didn't do the patch myself :)  ok, i think your patch looks good;  i'll try to sru it19:47
hallyn_thanks mgagne19:47
mgagneI guess I don't need to mention that I tested it and it works =)19:47
hallyn_:)  but i'm glad you did19:48
* hallyn_ out a bit, biab19:48
Emmanuel_Chanelbekks: Same error occurred again...19:52
bekksEmmanuel_Chanel: So take a look at the dovecot logs and config, for investigating its crashes.19:53
=== bilde2910|away is now known as bilde2910
=== bilde2910 is now known as bilde2910|away
jamespageMadkiss, hey - thanks for the pointer to your HA ppa - most useful20:58
roaksoaxit would have been nice to grab those from debian too :)20:59
Madkissjamespage: yw21:02
jamespageMadkiss, are you still maintaining corosync/pacemaker in Debian?21:03
=== zz_DenBeiren is now known as DenBeiren
Madkissjamespage: well. sort of.21:07
jamespagezul, are you still ontop of that eventlet version bump?21:28
zulyeah im on it21:28
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!