John, now the policyd connects to the mysql and query for the user, but
it does not take into account the _mail_size value I've established for
the user.
In my throttle table I have this row:
| [EMAIL PROTECTED] | 0 | 2 |
1185474830 | 3066 | 0 | 0 | 16000000
| 3 | 0 | 2 | 3 | 0 |
0 | 0 | 0 | 0 |
and when I tried to send a 10 MB message I get a size limit error,
taking 1024000000 bytes value from the postfix default configuration,
and /I defined a 25000000 bytes value into postfixp-policyd.conf file
but it's not checked./
This is the mail.log related to the policyd:
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 db_charquery():
SELECT _from,_count_max,_count_cur,_date,_quota_cur,_quota_max,
_time_limit,_mail_size,_count_tot,_rcpt_max,_rcpt_cur,_rcpt_tot,
_log_warn, _log_panic, _abuse_tot FROM throttle WHERE
_from='[EMAIL PROTECTED]' OR _from='@xxx.gov.ar' ORDER BY _priority
DESC LIMIT 1
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8, db_optquery():
SELECT COUNT(_instance) from throttle_from_instance WHERE
_instance='7490.46a8eac4.d4569.0'
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 row: 0 data: 0
(recieved)
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 row: 0 data: 0
(extracted)
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 db_doquery(): INSERT
DELAYED INTO throttle_from_instance (_instance,_expire) VALUES
('7490.46a8eac4.d4569.0',1185475268)
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 checking throttle-from
Jul 26 15:41:08 mail2 postfix-policyd: rcpt=22, throttle=new(a),
host=10.64.128.14, [EMAIL PROTECTED], [EMAIL PROTECTED],
size=0/2840000, quota=0/250000000, count=1/512(1), rcpt=1/3600(1),
threshold=0%|0%|0%
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 db_doquery(): INSERT
DELAYED INTO throttle
(_date,_from,_quota_cur,_quota_max,_rcpt_max,_mail_size,_count_max,_time_limit)
VALUES (1185475268, '[EMAIL PROTECTED]', 0, 250000000, 3600, 2840000,
512, 3600)
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 select(): fd 8 is
ready for write
Jul 26 15:41:08 mail2 postfix-policyd: DEBUG: fd: 8 returning after 14
bytes of data written
Really thanks,
alejandro
John Beaver wrote:
> Alejandro Cabrera Obed wrote:
>
>> Dear John, thanks for your help. Sorry for interrupting you again
>> telling that:
>>
>> 1) The Ip's from my virtual mail users belong to "mynetworks", and I use
>> "permit_mynetworks" obviously for that reason.
>>
>> 2) My virtual mail users don't match the "check_recipient_access
>> hash:/etc/postfix/access" rule.
>>
>> So, if I want to set up a message size limit to the messages from my
>> virtual mail domain when they want to send a message to another internal
>> or external user....
>>
>> Do I have to invert the smtpd_recipient_restrictions rules or use the
>> reject_unlisted_recipient rule ??? Or what ???
>>
>
> If your policy server is ONLY doing throttling, then move the policy
> server call BEFORE the permit mynetworks. Currently, your policy server
> is never called for your users mail (thus not working).
>
> Try this:
> smtpd_recipient_restrictions =
> check_recipient_access hash:/etc/postfix/access
> check_policy_service inet:127.0.0.1:10031
> permit_mynetworks
> reject_unauth_destination
>
> John Beaver
>
>
>> John Beaver wrote:
>>
>>> Alejandro Cabrera Obed wrote:
>>>
>>>
>>>> Dear all, I have a Debian server with postfix 2.3.8 & postfix-policyd
>>>> 1.80-2 as part of my mail system. I need to set up message size limits
>>>> to different users from my mail server (they are virtual users because
>>>> my postfix has virtual domains), i.e.:
>>>>
>>>> [EMAIL PROTECTED] --- message size 2 MB
>>>> [EMAIL PROTECTED] --- message size 10 MB
>>>>
>>>> vdomain.com is one of my virtual domains.
>>>>
>>>> I follow the installation documentation but I can't put the system to
>>>> work. I tell you the relevant data in order to get your help:
>>>>
>>>> 1) SENDER Throttle by (envelope) From address:
>>>>
>>>> INSERT INTO throttle \
>>>>
>>>> (_from,_count_max,_count_cur,_date,_quota_cur,_quota_max,_time_limit,_mail_size,_count_tot,_rcpt_max,_rcpt_cur,_rcpt_tot,_abuse_cur,_abuse_tot,_log_warn,_log_panic,_priority)
>>>> VALUES ('[EMAIL PROTECTED]', # from address
>>>> ....
>>>> ....
>>>> ......
>>>> 2500000, # maximum message size (10 meg)
>>>> ......
>>>>
>>>>
>>> Not sure how this equals 10 MB but anyway...
>>>
>>>
>>>
>>>>
>>>> Same to [EMAIL PROTECTED]
>>>>
>>>> 2) In my main.cf:
>>>>
>>>> smtpd_recipient_restrictions =
>>>> check_recipient_access hash:/etc/postfix/access
>>>> permit_mynetworks
>>>> reject_unauth_destination
>>>> check_policy_service inet:127.0.0.1:10031
>>>>
>>>>
>>> Make sure your senders are not sending from machines in mynetworks and
>>> result in PERMIT in the check_recipient_access restriction.
>>> Check your logs and make sure the sender address from your users matches
>>> the entry in the DB.
>>>
>>>
>>>
>>>> 3) In my postix-policyd.conf I have these main lines:
>>>>
>>>> MYSQLHOST="localhost"
>>>> MYSQLDBASE="postfixpolicyd"
>>>> WHITELISTING=0
>>>> BLACKLISTING=0
>>>> BLACKLIST_HELO=0
>>>> BLACKLISTSENDER=0
>>>> SPAMTRAPPING=0
>>>> GREYLISTING=0
>>>> SENDERTHROTTLE=1
>>>> RECIPIENTTHROTTLE=0
>>>>
>>>> Finally, the throttle table is fullfilled with external mail accounts and
>>>> I have not my virtual mail acounts I have set up, they dissapeared.
>>>>
>>>>
>>> This will be the case because all mail coming in will also pass through
>>> the policyd server. You can avoid this by selectively calling the
>>> policyd server based on sender, or by using a separate instance of
>>> postfix that does outgoing mail only.
>>>
>>> John Beaver
>>>
>>> -------------------------------------------------------------------------
>>> This SF.net email is sponsored by: Splunk Inc.
>>> Still grepping through log files to find problems? Stop.
>>> Now Search log events and configuration files using AJAX and a browser.
>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>>> _______________________________________________
>>> policyd-users mailing list
>>> policyd-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/policyd-users
>>>
>>>
>>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
--
--------------------------------------------------------------------
Ing. Alejandro Cabrera Obed
Interconexion
SINTyS
Sistema de Identificación Nacional Tributario y Social
Consejo Nacional de Coordinación de Políticas Sociales
Presidencia de la Nación
Julio A. Roca 782 - Piso 5
Ciudad Autónoma de Bs. As.
Tel: (54 11) 4343-0181/89 interno 5172
4334-3676 4342-5648
[EMAIL PROTECTED]
NOTA DE RESPONSABILIDAD:
----------------------------------------------------------------------
Este mensaje proviene de Internet,tome los recaudos necesarios en su
manejo.
El contenido del presente mensaje y sus adjuntos es privado,
estrictamente confidencial y exclusivo para su destinatario, pudiendo
contener información protegida por normas legales y de secreto
profesional.
Bajo ninguna circunstancia su contenido puede ser transmitido o revelado a
terceros ni divulgado en forma alguna. En consecuencia de haberlo recibido
solicitamos contactar al remitente y eliminarlo de su sistema.
--------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
