On Wed, Aug 27, 2025 at 03:09:34PM +0200, Matteo Bini via Postfix-users wrote:
> All well and good for standard port TCP 25. However I can't do the same > for the submission port, because Dovecot quota service thinks > u...@mydomain.it is the same of u...@otherdomain.it. So if user pippo > has his mailbox full on my server, he won't be able to send messages to > pippo users on other servers (like pi...@gmail.com). > > Is there a way to tell Postfix to use the check_policy_service option > only for inbound addresses? The most direct way is to have the policy service perform the check selectively, only for specific domains. That said, use can use restriction classes to make the policy service callout be recipient (domain) specific. The basic mechanisms are described in <https://www.postfix.org/RESTRICTION_CLASS_README.html>. main.cf: smtpd_restriction_classes = check_quota check_quota = check_policy_service ... mua_relay_restrictions = reject_plaintext_session, permit_sasl_authenticated, reject mua_recipient_restrictions = check_recipient_access inline:{ { foo.example = check_quota } { bar.example = check_quota } } master.cf submission inet n - n - - smtpd -o { smtpd_relay_before_recipient_restrictions = yes } -o { smtpd_relay_restrictions = $mua_relay_restrictions } -o { smtpd_recipient_restrictions = $mua_recipient_restrictions } ... -- Viktor. 🇺🇦 Слава Україні! _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
