Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Hallo Waffenmeister! Ralf Hildebrandt ralf.hildebra...@charite.de wrote: Apr 7 14:07:52 delta postfix/qmgr[19078]: 1D8921B31260: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 14:07:53 delta postfix/pipe[19091]: 1D8921B31260: to=mi...@anup.de, relay=dovecot, delay=2542, delays=2542/0.01/0/0.29, dsn=4.3.0, status=deferred (temporary failure) Ich sehe hier nur einen Fehler vom transport dovecot. plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll Lass mal das quota_status_overquota feld weg. Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Also ich vermisse das reject-warning von postfix und es hat auch nicht den Anschein, dass postfix den Status der Quota bei dovecot über port 12340 abfrägt. Naja, vielleicht steht es an der falschen Stelle in den Restrictions! Das muss passieren BEVOR irgendwas ein OK zurückgibt. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 Andreas
Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Andreas Meyer anme...@anup.de: Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Gut. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Na dann sind deine Restrictions falsch und die Mail wird OK'ed bevor der Policy Server gefragt wird. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = --- hier einbauen --- ist ja nur zum Test check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 That did the trick! The order of the recipient_restricitons was wrong. Apr 7 20:24:55 delta postfix/smtpd[23806]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:55 delta postfix/smtpd[23806]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:24:56 delta postfix/smtpd[23806]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 552 5.2.2 mi...@anup.de: Recipient address rejected: Quota exceeded (mailbox for user is full); from=anme...@anup.de to=mi...@anup.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:24:56 delta postfix/smtpd[23806]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] The MUA does not get rid of the mail, when it would exceed the quota. But now the next problem. I cannot send this mail and get the following with smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12340 check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, Apr 7 20:31:43 delta postfix/smtpd[23820]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:44 delta postfix/smtpd[23820]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:45 delta postfix/smtpd[23820]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:31:46 delta postfix/smtpd[23820]: warning: problem talking to server 127.0.0.1:12340: Success Apr 7 20:31:46 delta postfix/smtpd[23820]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 451 4.3.5 Server configuration problem; from=anme...@anup.de to=dove...@listen.jpberlin.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:31:46 delta postfix/smtpd[23820]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:46 delta postfix/smtpd[23820]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] the mail is not sent out. I deactivated the check to get sent mail sent. Andreas