Rocco Scappatura wrote:
> Nigel,
>
>
>>> Here the log of e messages sent manually (telnet <MTA> 25) that is
>>>
>> not
>>
>>> considered by quota module of policyd (while I would like that my
>>> quota policy matches this message too). The notably fact (at least I
>>> think) is that $VAR1 = undef.
>>>
>>> [2009/02/24-09:47:04 - 5853] [CORE] INFO: 2009/02/24-09:47:04
>>>
> CONNECT
>
>>> TCP Peer: "127.0.0.1:35370" Local: "127.0.0.1:10031"
>>> [2009/02/24-09:47:04 - 5853] [PROTOCOLS/Postfix] DEBUG: Possible
>>> Postfix protocol
>>> [2009/02/24-09:47:04 - 5853] [PROTOCOLS/Postfix] INFO: Identified
>>> Postfix protocol
>>> [2009/02/24-09:47:04 - 5853] [TRACKING] DEBUG: No session tracking
>>> data exists for request: $VAR1 = {
>>> 'ccert_fingerprint' => '',
>>> 'sasl_method' => '',
>>> 'sasl_sender' => '',
>>> 'size' => '6',
>>> '_timestamp' => 1235465224,
>>> 'helo_name' => 'sndr',
>>> 'reverse_client_name' => 'unknown',
>>> 'queue_id' => '9C47115B6FA',
>>> 'encryption_cipher' => '',
>>> 'encryption_protocol' => '',
>>> 'etrn_domain' => '',
>>> 'ccert_subject' => '',
>>> 'request' => 'smtpd_access_policy',
>>> 'protocol_state' => 'END-OF-MESSAGE',
>>> 'stress' => '',
>>> '_protocol_peeraddr' => '127.0.0.1',
>>> 'recipient' => 'roc...@rcpt',
>>> 'sasl_username' => '',
>>> 'instance' => '7f9.49a3b408.9b0be.0',
>>> 'protocol_name' => 'SMTP',
>>> 'encryption_keysize' => '0',
>>> 'recipient_count' => '1',
>>> 'ccert_issuer' => '',
>>> 'sender' => 'roc...@sndr',
>>> 'client_name' => 'unknown',
>>> 'client_address' => 'xxx.yyy.zzz.uuu',
>>> '_protocol_transport' => 'Postfix'
>>> };
>>> [2009/02/24-09:47:04 - 5853] [TRACKING] DEBUG: Protocol state is
>>> 'END-OF-MESSAGE', decoding poliy...
>>>
>>>
>> This is in END-OF-MESSAGE stage.
>>
>>
>>> [2009/02/24-09:47:04 - 5853] [TRACKING] DEBUG: Decoded into: $VAR1 =
>>> undef;
>>>
>>>
>> This is because no tracking information is found for it. Either it
>> never matched a policy, or the message was not seen by policyd in the
>> RCPT stage.
>>
>>
>
> Sorry, but I have understood not completely well.. I have the following
> postfix setup:
>
> smtpd_recipient_restrictions =
> check_client_access
> proxy:mysql:/etc/postfix/mysql-check-client-access.cf
> permit_mynetworks
> permit_sasl_authenticated
> reject_unauth_destination
> reject_non_fqdn_sender
> reject_non_fqdn_recipient
> reject_unlisted_sender
> reject_unlisted_recipient
> reject_unknown_sender_domain
> reject_invalid_hostname
> reject_rbl_client zen.spamhaus.org
> reject_rbl_client list.dsbl.org
> check_policy_service inet:127.0.0.1:54000
> check_policy_service inet:127.0.0.1:10031
>
> smtpd_end_of_data_restrictions =
> check_policy_service inet:127.0.0.1:10031
>
> Moreover, the only active policy in Policyd is the one bound to the
> quota which limit the number of messages per hour to 60, from "!@" to
> "any".
>
> So:
>
> 1) The message have to be matched from the policy
> 2) How is then that "the message was not seen by policyd in the RCPT
> stage"? Why this could be happen? I can't figure out!
>
> Thank you for your interest!
>
This is not really a policyd related problem .... if you PERMIT
something BEFORE check_policyd_service in Postfix, Postfix will not make
a policy request and therefore policyd will not know about the message.
Then, when it hits the end_of_data stage, as check_policyd_service is
the only item there, it will say it cannot find the message ... which is
100% correct.Likewise if your first policy service permits the message, it will not be seen by the second policy service (policyd) in your configuration above. -N
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
