Hello,
I am testing Postfix-policyd version 1.80-2.3 on Debian/Lenny. MySQL version
is 5.0.51a-24+lenny4.
What I am trying to do is sender-based the rate limit. My inital test worked
fine - the trottling kicked in when the same sender sent more messages than
allowed within a time limt. Now it stopped working. Log shows that
module=bypass and no trottling even the sender passes the message quota limit.
The only change -not sure if it is relavant - was that I turned on training
mode, then turned it back on.
The policy configuration differs from the default like this:
--- postfix-policyd.conf 2010-06-28 12:12:25.000000000 -0700
+++ /usr/share/postfix-policyd/postfix-policyd.conf 2008-03-30 22:27:50.0000
00000 -0700
# connection options:
@@ -81,7 +81,7 @@
# 2 -> 1+mysql queries+results
# 3 -> 1+2+network debugging
# 0=off
-DEBUG=3
+DEBUG=0
@@ -167,7 +167,7 @@
# if you want to allow any of the whitelisting features.
#
# 1=on 0=off
-WHITELISTING=0
+WHITELISTING=1
@@ -606,7 +606,7 @@
# fall back to the config defaults listed below.
#
# 1=on 0=off
-SENDERTHROTTLE=2
+SENDERTHROTTLE=0
@@ -632,7 +632,7 @@
# SENDER_THROTTLE_SASL or SENDER_THROTTLE_HOST but
# *NOT* both.
# 1=on 0=off
-SENDER_THROTTLE_HOST=0
+SENDER_THROTTLE_HOST=1
#
# quota exceeded temp rejection: default: 5xx
@@ -663,7 +663,7 @@
# how many messages a user is allowed to send out
# before the time limit has expired.
-SENDERMSGLIMIT=2
+SENDERMSGLIMIT=512
#
# maximum mail recipients per time period default: 5000
@@ -671,7 +671,7 @@
# how many recipients a user is allowed to send out
# before the time limit has expired.
#
-SENDERRCPTLIMIT=200
+SENDERRCPTLIMIT=3600
#
# maximum mail quota/size per time period default: 250 meg
@@ -688,7 +688,7 @@
# after how long does all quota last before counters
# are reset back to to zero.
#
-SENDERTIMELIMIT=5m
+SENDERTIMELIMIT=1h
I thought I'd try training mode. I found the trottling stopped working.
Although I set sender can only send 2 messages per 5 minutes, my messages pass
through alright beyond allowed limit. Then I turned off training mode, the
messages still pass through without triggering threshold.
Debugging log shows this:
Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 database_probe():
reconnecting..
Jun 28 11:59:15 postfix-server postfix-policyd: connecting to mysql database:
localhost
Jun 28 11:59:15 postfix-server postfix-policyd: connected.
...
Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 row: 0 data: 0
(extracted)
Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 db_doquery():
SELECT _count,_datenew,_datelast FROM triplet WHERE _host='171.64.10' AND
_from='sen...@senderdomain' AND _rcpt='r...@rcptdomain'
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 0 data: 24
(recieved)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 0 data: 24
(extracted)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 1 data:
1276369270 (recieved)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 1 data:
1276369270 (extracted)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 2 data:
1277747307 (recieved)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 2 data:
1277747307 (extracted)
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 db_doquery():
UPDATE triplet SET _datelast='1277751555',_count=_count+1 WHERE
_host='171.64.10' AND _from='sen...@sendermydomain' AND _rcpt='r...@rcptdomain'
Jun 28 11:59:16 postfix-server postfix-policyd: rcpt=5, greylist=update,
host=sender_IP (sender host), from=sen...@senderdomain, to=r...@rcptdomain,
size=0
Jun 28 11:59:16 postfix-server postfix-policyd: rcpt=5, module=bypass,
host=sender IP (sender host), from=sen...@senderdomain, to=r...@rcptdomain,
size=0
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 select(): fd 8 is
ready for write
Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 returning after 14
bytes of data written
Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 select(): fd 8 is
ready for read
Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 connection got an
EOF, data_read = 0
Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 shutting down fd 8
The database log doesn't show any errors:
100628 11:59:15 73 Quit
74 Connect postfix-poli...@localhost on postfixpolicyd
74 Query SELECT COUNT(*) FROM policy_training WHERE _rcpt
='sen...@senderdomain' OR _rcpt='@rcptdomain'
74 Query SELECT _count,_datenew,_datelast FROM triplet WH
ERE _host='IP' AND _from='sen...@senderdomain AND _rcpt='r...@rcptdomain'
100628 11:59:16 74 Query UPDATE triplet SET _datelast='1277751555',_count
=_count+1 WHERE _host='IP' AND _from='sen...@senderdomain' AND _rcpt='sender
@senderdomain'
100628 12:00:20 75 Connect r...@localhost on
75 Query select @@version_comment limit 1
100628 12:00:26 75 Query SELECT DATABASE()
75 Init DB postfixpolicyd
75 Query show databases
75 Query show tables
75 Field List blacklist
75 Field List blacklist_helo
75 Field List blacklist_sender
75 Field List helo
75 Field List policy
75 Field List policy_training
75 Field List spamtrap
75 Field List throttle
75 Field List throttle_from_instance
75 Field List throttle_rcpt
75 Field List triplet
75 Field List whitelist
75 Field List whitelist_dnsname
75 Field List whitelist_sender
100628 12:00:46 75 Query UPDATE triplet SET _datelast='1277751555',_count
=_count+1 WHERE _host='IP' AND _from='[email protected]' AND _rcpt='sender
@senderdomain'
100628 12:01:08 75 Quit
I have restarted policyd, mysqld multiple times, but I am stucked at the
module=bypass.
Any ideas what might cause this behavior?
Thanks!
Xueshan
--
Xueshan Feng <[email protected]>
Technical Lead, IT Services, Stanford University
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users
