I did send 5 emails. i am just sending small test messages, so i dont
think size matters here.
the triplet table gets updated and the count shows 7 at this time.
maybe i am doing something silly. any help really appreciated.
On 5/10/07, John Beaver <[EMAIL PROTECTED]> wrote:
> binoy wrote:
> > On 5/10/07, David DeFranco <[EMAIL PROTECTED]> wrote:
> >> Try removing "reject_unlisted_recipient" from your config.
> >>
> >> "reject_unauth_destination" is going to prevent you from becoming an open
> >> relay. Unless you have a specific list of valid recipients, or are doing
> >> some other kind of real time address validation,
> >> "reject_unlisted_recipient"
> >> is probably causing your issue.
> >
> > I do have a specific list of valid senders (i.e. IP's which are going
> > to connect to the smtp server). tried removing
> > reject_unlisted_recipient without luck.
>
> Be VERY careful about being an open relay. All IP's listed in
> mynetworks have free reign to send whatever to whoever.
>
> > Anyway i added check_policy_service inet:127.0.0.1:10031 to the
> > beginning of the list and policyd is now checking emails, i have the
> > following in the throttle table
> >
> > INSERT INTO throttle \
> > (_from,_count_max,_quota_max,_time_limit,_mail_size,_date,_priority)
> > VALUES ('12.64.95.73', # from address
> > 2, # maximum messages per time unit
> > 2500, # size in bytes
> > 600, # time unit in seconds
> > 10240000, # maximum message size
> > UNIX_TIMESTAMP(), # current time
> > 1); # priority of record
> >
> >
> > and it is not working. below is the output from the command prompt
> > ======================================
>
> How did you determine it was not working?
> Max messages =2 and you sent 1 message, it should go through.
> Size is very tricky and there is only one way it will work. You'll have
> to search the archives for that solution, and be prepared to read
> several posts about the issues with it.
>
> > DEBUG: saved fd: numi = 0, connfd = 4
> > connection from: 127.0.0.1 port: 34897 slots: 0 of 4096 used
> > DEBUG: fd: 4 select(): fd 4 is ready for read
> > DEBUG: fd 4: w_read: returning -2 after reading 548 bytes
> > DEBUG: fd: 4 policy_array[4][0]:request=smtpd_access_policy
> > DEBUG: fd: 4 policy_array[4][1]:protocol_state=rcpt
> > DEBUG: fd: 4 policy_array[4][2]:protocol_name=esmtp
> > DEBUG: fd: 4 policy_array[4][3]:client_address=12.64.95.73
> > DEBUG: fd: 4
> > policy_array[4][4]:client_name=frndsatwork.domain.net.frndsatwork.domain.ne
> > DEBUG: fd: 4
> > policy_array[4][5]:reverse_client_name=frndsatwork.domain.net.frndsatwork.domai
> > DEBUG: fd: 4 policy_array[4][6]:helo_name=[12.64.95.73]
> > DEBUG: fd: 4 policy_array[4][7]:[EMAIL PROTECTED]
> > DEBUG: fd: 4 policy_array[4][8]:[EMAIL PROTECTED]
> > DEBUG: fd: 4 policy_array[4][9]:recipient_count=0
> > DEBUG: fd: 4 policy_array[4][10]:queue_id=
> > DEBUG: fd: 4 policy_array[4][11]:instance=448b.46423027.c6dfe.0
> > DEBUG: fd: 4 policy_array[4][12]:size=0
> > DEBUG: fd: 4 policy_array[4][13]:etrn_domain=
> > DEBUG: fd: 4 policy_array[4][14]:sasl_method=
> > DEBUG: fd: 4 policy_array[4][15]:sasl_username=
> > DEBUG: fd: 4 policy_array[4][16]:sasl_sender=
> > DEBUG: fd: 4 policy_array[4][17]:ccert_subject=
> > DEBUG: fd: 4 policy_array[4][18]:ccert_issuer=
> > DEBUG: fd: 4 policy_array[4][19]:ccert_fingerprint=
> > DEBUG: fd: 4 policy_array[4][20]:encryption_protocol=
> > DEBUG: fd: 4 policy_array[4][21]:encryption_cipher=
> > DEBUG: fd: 4 policy_array[4][22]:encryption_keysize=0
> > DEBUG: fd: 4 host_array[4][0]: frndsatwork.domain.net.frndsatwork.domain.ne
> > DEBUG: fd: 4 host_array[4][2]: 12.64.95.73
> > DEBUG: fd: 4 host_array[4][3]: 12.64.95.%
> > DEBUG: fd: 4 host_array[4][4]: 12.64.%.%
> > DEBUG: fd: 4 host_array[4][5]: 12.%.%.%
> > DEBUG: fd: 4 host_array[4][6]: nate
> > DEBUG: fd: 4 host_array[4][7]: domain.net
> > DEBUG: fd: 4 host_array[4][8]: nate
> > DEBUG: fd: 4 host_array[4][9]: domain.net
> > DEBUG: fd: 4 triplet_array[4][0]: 12.64.95
> > DEBUG: fd: 4 triplet_array[4][1]: [EMAIL PROTECTED]
> > DEBUG: fd: 4 triplet_array[4][2]: [EMAIL PROTECTED]
> > DEBUG: fd: 4 triplet_array[4][3]: 0
> > DEBUG: fd: 4 triplet_array[4][5]: 12.64.95.73
> > DEBUG: fd: 4 triplet_array[4][6]: 448b.46423027.c6dfe.0
> > DEBUG: fd: 4 checking whitelist
> > DEBUG: fd: 4, db_optquery(): SELECT COUNT(*) FROM whitelist WHERE
> > _whitelist='12.64.95.73' OR _whitelist='12.64.95.%' OR
> > _whitelist='12.64.%.%' OR _whitelist='12.%.%.%'
> > DEBUG: fd: 4 row: 0 data: 0 (recieved)
> > DEBUG: fd: 4 row: 0 data: 0 (extracted)
> > DEBUG: fd: 4 whitelist not found: 12.64.95.73
> > DEBUG: fd: 4 checking greylist
> > DEBUG: fd: 4 db_doquery(): SELECT _count,_datenew,_datelast FROM
> > triplet WHERE _host='12.64.95' AND _from='[EMAIL PROTECTED]' AND
> > _rcpt='[EMAIL PROTECTED]'
> > DEBUG: fd: 4 row: 0 data: 4 (recieved)
> > DEBUG: fd: 4 row: 0 data: 4 (extracted)
> > DEBUG: fd: 4 row: 1 data: 1178740908 (recieved)
> > DEBUG: fd: 4 row: 1 data: 1178740908 (extracted)
> > DEBUG: fd: 4 row: 2 data: 1178741699 (recieved)
> > DEBUG: fd: 4 row: 2 data: 1178741699 (extracted)
> > DEBUG: fd: 4 db_doquery(): UPDATE triplet SET
> > _datelast='1178742823',_count=_count+1 WHERE _host='12.64.95' AND
> > _from='[EMAIL PROTECTED]' AND _rcpt='[EMAIL PROTECTED]'
> > rcpt=1, greylist=update, host=12.64.95.73
> > (frndsatwork.domain.net.frndsatwork.domain.ne), [EMAIL PROTECTED],
> > [EMAIL PROTECTED], size=0
> > DEBUG: fd: 4 select(): fd 4 is ready for write
> > DEBUG: fd: 4 returning after 14 bytes of data written
> > ======================================
> > ======================================
> >
> >
> >>
> >>
> >> On 5/9/07, binoy <[EMAIL PROTECTED]> wrote:
> >>> that gives me 'Relay Access Denied'. Infact adding permit_mynetworks
> >>> in any order except as the first option gives the same error.
> >>>
> >>> any other way to setup the IP restriction other than adding it in
> >> my_networks ?
> >>>
> >>>
> >>> On 5/9/07, John Beaver <[EMAIL PROTECTED]> wrote:
> >>>> binoy wrote:
> >>>>> hi,
> >>>>> my first message to the list. This might be RTFM but here goes.
> >>>>>
> >>>>> I'm setting up a postfix smtp only server. I wanted to restrict
> >>>>> 1. IP's that can send through the server.
> >>>>> 2. the number of emails that can be sent via a Ip per hour.
> >>>>>
> >>>>> for (1) I added the allowed IP's to mynetworks and it kinda works,
> >>>>> sending from other ip's gives a relay error
> >>>>>
> >>>>> for (2) I decided to implement policyd. the service is running on the
> >>>>> port, however i am lost at the configuration of postfix. README
> >>>>> mentions the following
> >>>>> smtpd_recipient_restrictions =
> >>>>> reject_unauth_destination
> >>>>> reject_unlisted_recipient
> >>>>> check_policy_service inet:127.0.0.1:10031
> >>>> Add permit_mynetworks after this line.
> >>>> This will allow all emails to be checked by the policy server first,
> >>>> then allowed to send by the permit_mynetworks.
> >>>>
> >>>> smtpd_recipient_restrictions =
> >>>> reject_unauth_destination
> >>>> reject_unlisted_recipient
> >>>> check_policy_service inet: 127.0.0.1:10031
> >>>> permit_mynetworks
> >>>>
> >>>>
> >>>> john beaver
> >>>>
> >>>>
> >> -------------------------------------------------------------------------
> >>>> This SF.net email is sponsored by DB2 Express
> >>>> Download DB2 Express C - the FREE version of DB2 express and take
> >>>> control of your XML. No limits. Just data. Click to get it now.
> >>>> http://sourceforge.net/powerbar/db2/
> >>>> _______________________________________________
> >>>> policyd-users mailing list
> >>>> policyd-users@lists.sourceforge.net
> >>>>
> >> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>>
> >> -------------------------------------------------------------------------
> >>> This SF.net email is sponsored by DB2 Express
> >>> Download DB2 Express C - the FREE version of DB2 express and take
> >>> control of your XML. No limits. Just data. Click to get it now.
> >>> http://sourceforge.net/powerbar/db2/
> >>> _______________________________________________
> >>> policyd-users mailing list
> >>> policyd-users@lists.sourceforge.net
> >>>
> >> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>
> >>
> >> --
> >> David DeFranco
> >> Wolf in Sheeple's clothing
> >> -------------------------------------------------------------------------
> >> This SF.net email is sponsored by DB2 Express
> >> Download DB2 Express C - the FREE version of DB2 express and take
> >> control of your XML. No limits. Just data. Click to get it now.
> >> http://sourceforge.net/powerbar/db2/
> >> _______________________________________________
> >> policyd-users mailing list
> >> policyd-users@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>
> >>
> >
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by DB2 Express
> > Download DB2 Express C - the FREE version of DB2 express and take
> > control of your XML. No limits. Just data. Click to get it now.
> > http://sourceforge.net/powerbar/db2/
> > _______________________________________________
> > policyd-users mailing list
> > policyd-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/policyd-users
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
