Phil Daws:
> Postscreen (Postfix 2.10) is working very well indeed but I am
> having an issue with understanding where a policy check should be
> implemented. main.cf looks like:
...
> Yet when I SASL authenticate the policy service does not appear
> to be triggered; as I am trying to limit number of emails sent by
> SASL username.
Are you connecting to port 25 or to port 587? Nowadays it is quite
common to use port 25 for MTA-to-MTA service and port 587 for mail
clients. Those may have their own smtpd_mumble_restrictions.
This an example master.cf entry from Postfix 2.11.
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
In particular this overrides smtpd_recipient_restrictions from main.cf.
Wietse