got it working finally. thanks for all the help guys.
peace
binoy.
On 5/10/07, John Beaver <[EMAIL PROTECTED]> wrote:
>
> binoy wrote:
> > I did send 5 emails. i am just sending small test messages, so i dont
> > think size matters here.
> > the triplet table gets updated and the count shows 7 at this time.
> > maybe i am doing something silly. any help really appreciated.
> >
> try again not in debug mode. Show the logs where this happens.
>
> >
> > On 5/10/07, John Beaver <[EMAIL PROTECTED]> wrote:
> >> binoy wrote:
> >>> On 5/10/07, David DeFranco <[EMAIL PROTECTED]> wrote:
> >>>> Try removing "reject_unlisted_recipient" from your config.
> >>>>
> >>>> "reject_unauth_destination" is going to prevent you from becoming an open
> >>>> relay. Unless you have a specific list of valid recipients, or are doing
> >>>> some other kind of real time address validation,
> >>>> "reject_unlisted_recipient"
> >>>> is probably causing your issue.
> >>> I do have a specific list of valid senders (i.e. IP's which are going
> >>> to connect to the smtp server). tried removing
> >>> reject_unlisted_recipient without luck.
> >> Be VERY careful about being an open relay. All IP's listed in
> >> mynetworks have free reign to send whatever to whoever.
> >>
> >>> Anyway i added check_policy_service inet:127.0.0.1:10031 to the
> >>> beginning of the list and policyd is now checking emails, i have the
> >>> following in the throttle table
> >>>
> >>> INSERT INTO throttle \
> >>> (_from,_count_max,_quota_max,_time_limit,_mail_size,_date,_priority)
> >>> VALUES ('12.64.95.73', # from address
> >>> 2, # maximum messages per time unit
> >>> 2500, # size in bytes
> >>> 600, # time unit in seconds
> >>> 10240000, # maximum message size
> >>> UNIX_TIMESTAMP(), # current time
> >>> 1); # priority of record
> >>>
> >>>
> >>> and it is not working. below is the output from the command prompt
> >>> ======================================
> >> How did you determine it was not working?
> >> Max messages =2 and you sent 1 message, it should go through.
> >> Size is very tricky and there is only one way it will work. You'll have
> >> to search the archives for that solution, and be prepared to read
> >> several posts about the issues with it.
> >>
> >>> DEBUG: saved fd: numi = 0, connfd = 4
> >>> connection from: 127.0.0.1 port: 34897 slots: 0 of 4096 used
> >>> DEBUG: fd: 4 select(): fd 4 is ready for read
> >>> DEBUG: fd 4: w_read: returning -2 after reading 548 bytes
> >>> DEBUG: fd: 4 policy_array[4][0]:request=smtpd_access_policy
> >>> DEBUG: fd: 4 policy_array[4][1]:protocol_state=rcpt
> >>> DEBUG: fd: 4 policy_array[4][2]:protocol_name=esmtp
> >>> DEBUG: fd: 4 policy_array[4][3]:client_address=12.64.95.73
> >>> DEBUG: fd: 4
> >>> policy_array[4][4]:client_name=frndsatwork.domain.net.frndsatwork.domain.ne
> >>> DEBUG: fd: 4
> >>> policy_array[4][5]:reverse_client_name=frndsatwork.domain.net.frndsatwork.domai
> >>> DEBUG: fd: 4 policy_array[4][6]:helo_name=[12.64.95.73]
> >>> DEBUG: fd: 4 policy_array[4][7]:[EMAIL PROTECTED]
> >>> DEBUG: fd: 4 policy_array[4][8]:[EMAIL PROTECTED]
> >>> DEBUG: fd: 4 policy_array[4][9]:recipient_count=0
> >>> DEBUG: fd: 4 policy_array[4][10]:queue_id=
> >>> DEBUG: fd: 4 policy_array[4][11]:instance=448b.46423027.c6dfe.0
> >>> DEBUG: fd: 4 policy_array[4][12]:size=0
> >>> DEBUG: fd: 4 policy_array[4][13]:etrn_domain=
> >>> DEBUG: fd: 4 policy_array[4][14]:sasl_method=
> >>> DEBUG: fd: 4 policy_array[4][15]:sasl_username=
> >>> DEBUG: fd: 4 policy_array[4][16]:sasl_sender=
> >>> DEBUG: fd: 4 policy_array[4][17]:ccert_subject=
> >>> DEBUG: fd: 4 policy_array[4][18]:ccert_issuer=
> >>> DEBUG: fd: 4 policy_array[4][19]:ccert_fingerprint=
> >>> DEBUG: fd: 4 policy_array[4][20]:encryption_protocol=
> >>> DEBUG: fd: 4 policy_array[4][21]:encryption_cipher=
> >>> DEBUG: fd: 4 policy_array[4][22]:encryption_keysize=0
> >>> DEBUG: fd: 4 host_array[4][0]:
> >>> frndsatwork.domain.net.frndsatwork.domain.ne
> >>> DEBUG: fd: 4 host_array[4][2]: 12.64.95.73
> >>> DEBUG: fd: 4 host_array[4][3]: 12.64.95.%
> >>> DEBUG: fd: 4 host_array[4][4]: 12.64.%.%
> >>> DEBUG: fd: 4 host_array[4][5]: 12.%.%.%
> >>> DEBUG: fd: 4 host_array[4][6]: nate
> >>> DEBUG: fd: 4 host_array[4][7]: domain.net
> >>> DEBUG: fd: 4 host_array[4][8]: nate
> >>> DEBUG: fd: 4 host_array[4][9]: domain.net
> >>> DEBUG: fd: 4 triplet_array[4][0]: 12.64.95
> >>> DEBUG: fd: 4 triplet_array[4][1]: [EMAIL PROTECTED]
> >>> DEBUG: fd: 4 triplet_array[4][2]: [EMAIL PROTECTED]
> >>> DEBUG: fd: 4 triplet_array[4][3]: 0
> >>> DEBUG: fd: 4 triplet_array[4][5]: 12.64.95.73
> >>> DEBUG: fd: 4 triplet_array[4][6]: 448b.46423027.c6dfe.0
> >>> DEBUG: fd: 4 checking whitelist
> >>> DEBUG: fd: 4, db_optquery(): SELECT COUNT(*) FROM whitelist WHERE
> >>> _whitelist='12.64.95.73' OR _whitelist='12.64.95.%' OR
> >>> _whitelist='12.64.%.%' OR _whitelist='12.%.%.%'
> >>> DEBUG: fd: 4 row: 0 data: 0 (recieved)
> >>> DEBUG: fd: 4 row: 0 data: 0 (extracted)
> >>> DEBUG: fd: 4 whitelist not found: 12.64.95.73
> >>> DEBUG: fd: 4 checking greylist
> >>> DEBUG: fd: 4 db_doquery(): SELECT _count,_datenew,_datelast FROM
> >>> triplet WHERE _host='12.64.95' AND _from='[EMAIL PROTECTED]' AND
> >>> _rcpt='[EMAIL PROTECTED]'
> >>> DEBUG: fd: 4 row: 0 data: 4 (recieved)
> >>> DEBUG: fd: 4 row: 0 data: 4 (extracted)
> >>> DEBUG: fd: 4 row: 1 data: 1178740908 (recieved)
> >>> DEBUG: fd: 4 row: 1 data: 1178740908 (extracted)
> >>> DEBUG: fd: 4 row: 2 data: 1178741699 (recieved)
> >>> DEBUG: fd: 4 row: 2 data: 1178741699 (extracted)
> >>> DEBUG: fd: 4 db_doquery(): UPDATE triplet SET
> >>> _datelast='1178742823',_count=_count+1 WHERE _host='12.64.95' AND
> >>> _from='[EMAIL PROTECTED]' AND _rcpt='[EMAIL PROTECTED]'
> >>> rcpt=1, greylist=update, host=12.64.95.73
> >>> (frndsatwork.domain.net.frndsatwork.domain.ne), [EMAIL PROTECTED],
> >>> [EMAIL PROTECTED], size=0
> >>> DEBUG: fd: 4 select(): fd 4 is ready for write
> >>> DEBUG: fd: 4 returning after 14 bytes of data written
> >>> ======================================
> >>> ======================================
> >>>
> >>>
> >>>>
> >>>> On 5/9/07, binoy <[EMAIL PROTECTED]> wrote:
> >>>>> that gives me 'Relay Access Denied'. Infact adding permit_mynetworks
> >>>>> in any order except as the first option gives the same error.
> >>>>>
> >>>>> any other way to setup the IP restriction other than adding it in
> >>>> my_networks ?
> >>>>>
> >>>>> On 5/9/07, John Beaver <[EMAIL PROTECTED]> wrote:
> >>>>>> binoy wrote:
> >>>>>>> hi,
> >>>>>>> my first message to the list. This might be RTFM but here goes.
> >>>>>>>
> >>>>>>> I'm setting up a postfix smtp only server. I wanted to restrict
> >>>>>>> 1. IP's that can send through the server.
> >>>>>>> 2. the number of emails that can be sent via a Ip per hour.
> >>>>>>>
> >>>>>>> for (1) I added the allowed IP's to mynetworks and it kinda works,
> >>>>>>> sending from other ip's gives a relay error
> >>>>>>>
> >>>>>>> for (2) I decided to implement policyd. the service is running on the
> >>>>>>> port, however i am lost at the configuration of postfix. README
> >>>>>>> mentions the following
> >>>>>>> smtpd_recipient_restrictions =
> >>>>>>> reject_unauth_destination
> >>>>>>> reject_unlisted_recipient
> >>>>>>> check_policy_service inet:127.0.0.1:10031
> >>>>>> Add permit_mynetworks after this line.
> >>>>>> This will allow all emails to be checked by the policy server first,
> >>>>>> then allowed to send by the permit_mynetworks.
> >>>>>>
> >>>>>> smtpd_recipient_restrictions =
> >>>>>> reject_unauth_destination
> >>>>>> reject_unlisted_recipient
> >>>>>> check_policy_service inet: 127.0.0.1:10031
> >>>>>> permit_mynetworks
> >>>>>>
> >>>>>>
> >>>>>> john beaver
> >>>>>>
> >>>>>>
> >>>> -------------------------------------------------------------------------
> >>>>>> This SF.net email is sponsored by DB2 Express
> >>>>>> Download DB2 Express C - the FREE version of DB2 express and take
> >>>>>> control of your XML. No limits. Just data. Click to get it now.
> >>>>>> http://sourceforge.net/powerbar/db2/
> >>>>>> _______________________________________________
> >>>>>> policyd-users mailing list
> >>>>>> policyd-users@lists.sourceforge.net
> >>>>>>
> >>>> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>>> -------------------------------------------------------------------------
> >>>>> This SF.net email is sponsored by DB2 Express
> >>>>> Download DB2 Express C - the FREE version of DB2 express and take
> >>>>> control of your XML. No limits. Just data. Click to get it now.
> >>>>> http://sourceforge.net/powerbar/db2/
> >>>>> _______________________________________________
> >>>>> policyd-users mailing list
> >>>>> policyd-users@lists.sourceforge.net
> >>>>>
> >>>> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>>>
> >>>>
> >>>> --
> >>>> David DeFranco
> >>>> Wolf in Sheeple's clothing
> >>>> -------------------------------------------------------------------------
> >>>> This SF.net email is sponsored by DB2 Express
> >>>> Download DB2 Express C - the FREE version of DB2 express and take
> >>>> control of your XML. No limits. Just data. Click to get it now.
> >>>> http://sourceforge.net/powerbar/db2/
> >>>> _______________________________________________
> >>>> policyd-users mailing list
> >>>> policyd-users@lists.sourceforge.net
> >>>> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>>>
> >>>>
> >>> -------------------------------------------------------------------------
> >>> This SF.net email is sponsored by DB2 Express
> >>> Download DB2 Express C - the FREE version of DB2 express and take
> >>> control of your XML. No limits. Just data. Click to get it now.
> >>> http://sourceforge.net/powerbar/db2/
> >>> _______________________________________________
> >>> policyd-users mailing list
> >>> policyd-users@lists.sourceforge.net
> >>> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >> -------------------------------------------------------------------------
> >> This SF.net email is sponsored by DB2 Express
> >> Download DB2 Express C - the FREE version of DB2 express and take
> >> control of your XML. No limits. Just data. Click to get it now.
> >> http://sourceforge.net/powerbar/db2/
> >> _______________________________________________
> >> policyd-users mailing list
> >> policyd-users@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/policyd-users
> >>
> >
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by DB2 Express
> > Download DB2 Express C - the FREE version of DB2 express and take
> > control of your XML. No limits. Just data. Click to get it now.
> > http://sourceforge.net/powerbar/db2/
> > _______________________________________________
> > policyd-users mailing list
> > policyd-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/policyd-users
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
