>> > Have I missed something obvious here ? >> >>> In this case, the message matches four policies : >>> DEBUG: END RESULT: prio=0 => policy ids: 1 >>> DEBUG: END RESULT: prio=50 => policy ids: 6 >>> DEBUG: END RESULT: prio=55 => policy ids: 9 >>> DEBUG: END RESULT: prio=60 => policy ids: 7 >>> >>> All four policies have a quota defined against them, therefore as I >>> understand it, only the quota defined for policy 7 should be applied. >>> >>> >> No ... they all will be if they have quotas set for each of them, the >> first to match will trigger the action (defer more than likely). >> >> >>> Eg, policy 9 quotas should only apply if policy 7 doesn't have a >>> quota defined, and policy 6 quota should only apply if policies 7 AND >>> 9 do not have quotas defined, and so on. >>> >>> >> Urmm .... all quotas applied to all policies matched will be checked in >> order, then updated, then checked for exceeding of the quota. >> > It's significantly different to other tests (eg greylisting) - and > (to me at least) it's very counter-intuitive. Logically, the whole > point of having priorities is to allow refinement
Actually ... it is to order the policies matched. The purpose of the policies is refinement. > - ie you have a > default <something>, <something> for a smaller subset, <something> > for an even smaller subset, etc. > That is why there was a sponsored feature implemented to "stop processing here". If its matched, no further processing will be done. > If all quotas for all matched policies are applied, then that means > I've got to redefine all my policies to make then mutually exclusive. > That's going to complicate things - but I think it can be done. > Well ... if a quota is linked to a policy, and the policy is matched ... yes ... it will be applied and updated. I don't see it ever working in any other way. Hence the feature above for "stop processing here". > My policies are : > 1 Default 0 source = any > 6 SASL Users 50 source = $* > 9 SASL high volume 55 source = %hi-vol-sasl > 7 Int & SASL 60 source = %FI_Network,$* > 8 Local mail 90 source = %internal_ips > > In general (for sending mail), most customers should be using policy > 6, those with higher throughput requirements use policy 9, and > machines on our own network use policy 7. > Locally generated mail should use policy 8 > Inbound mail will use the default policy 1 > > What you are saying then is I'll need to modify them like this : > 1 Inbound 0 source = !$*,!%internal_ips > 6 SASL Users 50 source = $*,!%hi-vol-sasl,!%FI_Network > 9 SASL high volume 55 source = %hi-vol-sasl > 7 Int & SASL 60 source = %FI_Network,$*,!%hi-vol-sasl > 8 Local mail 90 source = %internal_ips > > I believe that should make them mutually exclusive. Nothing matching > %internal_ips will be using SASL. In all cases, destination=all. > > Do those look right ? > > I don't see a problem with it :) -N _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
