On 5/10/07, David DeFranco <[EMAIL PROTECTED]> wrote:
> Try removing "reject_unlisted_recipient" from your config.
>
> "reject_unauth_destination" is going to prevent you from becoming an open
> relay. Unless you have a specific list of valid recipients, or are doing
> some other kind of real time address validation, "reject_unlisted_recipient"
> is probably causing your issue.
I do have a specific list of valid senders (i.e. IP's which are going
to connect to the smtp server). tried removing
reject_unlisted_recipient without luck.
Anyway i added check_policy_service inet:127.0.0.1:10031 to the
beginning of the list and policyd is now checking emails, i have the
following in the throttle table
INSERT INTO throttle \
(_from,_count_max,_quota_max,_time_limit,_mail_size,_date,_priority)
VALUES ('12.64.95.73', # from address
2, # maximum messages per time unit
2500, # size in bytes
600, # time unit in seconds
10240000, # maximum message size
UNIX_TIMESTAMP(), # current time
1); # priority of record
and it is not working. below is the output from the command prompt
======================================
======================================
DEBUG: saved fd: numi = 0, connfd = 4
connection from: 127.0.0.1 port: 34897 slots: 0 of 4096 used
DEBUG: fd: 4 select(): fd 4 is ready for read
DEBUG: fd 4: w_read: returning -2 after reading 548 bytes
DEBUG: fd: 4 policy_array[4][0]:request=smtpd_access_policy
DEBUG: fd: 4 policy_array[4][1]:protocol_state=rcpt
DEBUG: fd: 4 policy_array[4][2]:protocol_name=esmtp
DEBUG: fd: 4 policy_array[4][3]:client_address=12.64.95.73
DEBUG: fd: 4
policy_array[4][4]:client_name=frndsatwork.domain.net.frndsatwork.domain.ne
DEBUG: fd: 4
policy_array[4][5]:reverse_client_name=frndsatwork.domain.net.frndsatwork.domai
DEBUG: fd: 4 policy_array[4][6]:helo_name=[12.64.95.73]
DEBUG: fd: 4 policy_array[4][7]:[EMAIL PROTECTED]
DEBUG: fd: 4 policy_array[4][8]:[EMAIL PROTECTED]
DEBUG: fd: 4 policy_array[4][9]:recipient_count=0
DEBUG: fd: 4 policy_array[4][10]:queue_id=
DEBUG: fd: 4 policy_array[4][11]:instance=448b.46423027.c6dfe.0
DEBUG: fd: 4 policy_array[4][12]:size=0
DEBUG: fd: 4 policy_array[4][13]:etrn_domain=
DEBUG: fd: 4 policy_array[4][14]:sasl_method=
DEBUG: fd: 4 policy_array[4][15]:sasl_username=
DEBUG: fd: 4 policy_array[4][16]:sasl_sender=
DEBUG: fd: 4 policy_array[4][17]:ccert_subject=
DEBUG: fd: 4 policy_array[4][18]:ccert_issuer=
DEBUG: fd: 4 policy_array[4][19]:ccert_fingerprint=
DEBUG: fd: 4 policy_array[4][20]:encryption_protocol=
DEBUG: fd: 4 policy_array[4][21]:encryption_cipher=
DEBUG: fd: 4 policy_array[4][22]:encryption_keysize=0
DEBUG: fd: 4 host_array[4][0]: frndsatwork.domain.net.frndsatwork.domain.ne
DEBUG: fd: 4 host_array[4][2]: 12.64.95.73
DEBUG: fd: 4 host_array[4][3]: 12.64.95.%
DEBUG: fd: 4 host_array[4][4]: 12.64.%.%
DEBUG: fd: 4 host_array[4][5]: 12.%.%.%
DEBUG: fd: 4 host_array[4][6]: nate
DEBUG: fd: 4 host_array[4][7]: domain.net
DEBUG: fd: 4 host_array[4][8]: nate
DEBUG: fd: 4 host_array[4][9]: domain.net
DEBUG: fd: 4 triplet_array[4][0]: 12.64.95
DEBUG: fd: 4 triplet_array[4][1]: [EMAIL PROTECTED]
DEBUG: fd: 4 triplet_array[4][2]: [EMAIL PROTECTED]
DEBUG: fd: 4 triplet_array[4][3]: 0
DEBUG: fd: 4 triplet_array[4][5]: 12.64.95.73
DEBUG: fd: 4 triplet_array[4][6]: 448b.46423027.c6dfe.0
DEBUG: fd: 4 checking whitelist
DEBUG: fd: 4, db_optquery(): SELECT COUNT(*) FROM whitelist WHERE
_whitelist='12.64.95.73' OR _whitelist='12.64.95.%' OR
_whitelist='12.64.%.%' OR _whitelist='12.%.%.%'
DEBUG: fd: 4 row: 0 data: 0 (recieved)
DEBUG: fd: 4 row: 0 data: 0 (extracted)
DEBUG: fd: 4 whitelist not found: 12.64.95.73
DEBUG: fd: 4 checking greylist
DEBUG: fd: 4 db_doquery(): SELECT _count,_datenew,_datelast FROM
triplet WHERE _host='12.64.95' AND _from='[EMAIL PROTECTED]' AND
_rcpt='[EMAIL PROTECTED]'
DEBUG: fd: 4 row: 0 data: 4 (recieved)
DEBUG: fd: 4 row: 0 data: 4 (extracted)
DEBUG: fd: 4 row: 1 data: 1178740908 (recieved)
DEBUG: fd: 4 row: 1 data: 1178740908 (extracted)
DEBUG: fd: 4 row: 2 data: 1178741699 (recieved)
DEBUG: fd: 4 row: 2 data: 1178741699 (extracted)
DEBUG: fd: 4 db_doquery(): UPDATE triplet SET
_datelast='1178742823',_count=_count+1 WHERE _host='12.64.95' AND
_from='[EMAIL PROTECTED]' AND _rcpt='[EMAIL PROTECTED]'
rcpt=1, greylist=update, host=12.64.95.73
(frndsatwork.domain.net.frndsatwork.domain.ne), [EMAIL PROTECTED],
[EMAIL PROTECTED], size=0
DEBUG: fd: 4 select(): fd 4 is ready for write
DEBUG: fd: 4 returning after 14 bytes of data written
======================================
======================================
>
>
>
> On 5/9/07, binoy <[EMAIL PROTECTED]> wrote:
> >
> > that gives me 'Relay Access Denied'. Infact adding permit_mynetworks
> > in any order except as the first option gives the same error.
> >
> > any other way to setup the IP restriction other than adding it in
> my_networks ?
> >
> >
> >
> > On 5/9/07, John Beaver <[EMAIL PROTECTED]> wrote:
> > > binoy wrote:
> > > > hi,
> > > > my first message to the list. This might be RTFM but here goes.
> > > >
> > > > I'm setting up a postfix smtp only server. I wanted to restrict
> > > > 1. IP's that can send through the server.
> > > > 2. the number of emails that can be sent via a Ip per hour.
> > > >
> > > > for (1) I added the allowed IP's to mynetworks and it kinda works,
> > > > sending from other ip's gives a relay error
> > > >
> > > > for (2) I decided to implement policyd. the service is running on the
> > > > port, however i am lost at the configuration of postfix. README
> > > > mentions the following
> > > > smtpd_recipient_restrictions =
> > > > reject_unauth_destination
> > > > reject_unlisted_recipient
> > > > check_policy_service inet:127.0.0.1:10031
> > >
> > > Add permit_mynetworks after this line.
> > > This will allow all emails to be checked by the policy server first,
> > > then allowed to send by the permit_mynetworks.
> > >
> > > smtpd_recipient_restrictions =
> > > reject_unauth_destination
> > > reject_unlisted_recipient
> > > check_policy_service inet: 127.0.0.1:10031
> > > permit_mynetworks
> > >
> > >
> > > john beaver
> > >
> > >
> -------------------------------------------------------------------------
> > > This SF.net email is sponsored by DB2 Express
> > > Download DB2 Express C - the FREE version of DB2 express and take
> > > control of your XML. No limits. Just data. Click to get it now.
> > > http://sourceforge.net/powerbar/db2/
> > > _______________________________________________
> > > policyd-users mailing list
> > > policyd-users@lists.sourceforge.net
> > >
> https://lists.sourceforge.net/lists/listinfo/policyd-users
> > >
> >
> >
> -------------------------------------------------------------------------
> > This SF.net email is sponsored by DB2 Express
> > Download DB2 Express C - the FREE version of DB2 express and take
> > control of your XML. No limits. Just data. Click to get it now.
> > http://sourceforge.net/powerbar/db2/
> > _______________________________________________
> > policyd-users mailing list
> > policyd-users@lists.sourceforge.net
> >
> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >
>
>
>
> --
> David DeFranco
> Wolf in Sheeple's clothing
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
