-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm facing trouble getting quotas working on my MX servers. Checking
the archive and googling around I tried everything I found about the
issue, but unfortunatelly, no lucky.
1st thing, I made sure the check_policy_service was placed before any
check accepting the message
##############################################################
### main.cf snippet
smtpd_helo_restrictions =
permit_mynetworks
, reject_unauth_destination
, reject_unauth_pipelining
, check_helo_access $filtro_dominios_hello
smtpd_recipient_restrictions =
check_policy_service inet:127.0.0.1:10031
, permit_mynetworks
, reject_unauth_destination
, reject_unauth_pipelining
, check_client_access $filtro_ip_from
, check_sender_access $filtro_mail_from
, check_recipient_access $filtro_usuario
smtpd_end_of_data_restrictions =
check_policy_service inet:127.0.0.1:10031
2nd, Modules, are properly enabled:
##############################################################
### cluebringer.conf snippets
[server]
# Protocols to load
protocols=<<EOT
Postfix
EOT
# Modules to load
modules=<<EOT
Core
Quotas
EOT
...
# Access Control module
[AccessControl]
enable=0
# Greylisting module
[Greylisting]
enable=0
# CheckHelo module
[CheckHelo]
enable=0
# CheckSPF module
[CheckSPF]
enable=0
# Quotas module
[Quotas]
enable=1
##############################################################
### ruleset (database)
### Policy
mysql> select * from policies \G
ID: 5
Name: Quota_Inbound
Priority: 50
Description: Limite de entrada por dominio
Disabled: 0
### Quota setup
mysql> select * from quotas\G
ID: 4
PolicyID: 5
Name: Sender Quotas
Track: Sender:@domain
Period: 3600
Verdict: REJECT
Data:
Comment:
Disabled: 0
### session tracking
mysql> select count(*) from session_tracking;
+----------+
| count(*) |
+----------+
| 3 |
+----------+
### session tracking sample
mysql> select * from session_tracking limit 1 \G
Instance: 4d3.4fc5471e.688e3.0
QueueID: D9053117F
Timestamp: 1338328862
ClientAddress: 74.125.82.182
ClientName: mail-we0-f182.google.com
ClientReverseName: mail-we0-f182.google.com
Protocol: ESMTP
EncryptionProtocol:
EncryptionCipher:
EncryptionKeySize: 0
SASLMethod:
SASLSender:
SASLUsername:
Helo: mail-we0-f182.google.com
Sender: [email protected]
Size: 2549
RecipientData: /<[email protected]>#50=5;
### the frustrating part of it
mysql> select * from quotas_tracking \G
Empty set (0.00 sec)
##############################################################
### the logs (full debug)
[2012/05/29-18:59:54 - 1064] [CORE] NOTICE: Process Backgrounded
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] NOTICE: Policyd v2 /
Cluebringer - v2.0.10
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] NOTICE: Initializing system
modules.
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] NOTICE: System modules
initialized.
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] NOTICE: Module load started...
[2012/05/29-18:59:54 - 1064] [CORE] NOTICE: => Protocol(Postfix):
enabled
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] NOTICE: Module load done.
[2012/05/29-18:59:54 - 1064] [CBPOLICYD] DEBUG: Opening syslog,
destination = 'unix', facility = 'mail'.
[2012/05/29-18:59:54 - 1064] [CORE] NOTICE: 2012/05/29-18:59:54 cbp
(type Net::Server::PreFork) starting! pid(1064)
[2012/05/29-18:59:54 - 1064] [CORE] NOTICE: Using default listen value
of 128
[2012/05/29-18:59:54 - 1064] [CORE] NOTICE: Binding to TCP port 10031
on host 127.0.0.1
[2012/05/29-18:59:54 - 1064] [CORE] WARNING: Group Not Defined.
Defaulting to EGID '0 0 1 2 3 4 6 10'
[2012/05/29-18:59:54 - 1064] [CORE] WARNING: User Not Defined.
Defaulting to EUID '0'
[2012/05/29-18:59:54 - 1064] [CORE] INFO: Setting up serialization via
flock
[2012/05/29-18:59:54 - 1064] [CORE] INFO: Beginning prefork (4 processes)
[2012/05/29-18:59:54 - 1064] [CORE] INFO: Starting "4" children
[2012/05/29-18:59:54 - 1066] [CORE] DEBUG: Child Preforked (1066)
[2012/05/29-18:59:54 - 1066] [CBPOLICYD] DEBUG: Starting up caching engine
[2012/05/29-18:59:54 - 1067] [CORE] DEBUG: Child Preforked (1067)
[2012/05/29-18:59:54 - 1067] [CBPOLICYD] DEBUG: Starting up caching engine
[2012/05/29-18:59:54 - 1068] [CORE] DEBUG: Child Preforked (1068)
[2012/05/29-18:59:54 - 1068] [CBPOLICYD] DEBUG: Starting up caching engine
[2012/05/29-18:59:54 - 1064] [CORE] DEBUG: Parent ready for children.
[2012/05/29-18:59:54 - 1069] [CORE] DEBUG: Child Preforked (1069)
[2012/05/29-18:59:54 - 1069] [CBPOLICYD] DEBUG: Starting up caching engine
[2012/05/29-19:01:02 - 1064] [CORE] INFO: Starting "1" children
[2012/05/29-19:01:02 - 1066] [CORE] INFO: 2012/05/29-19:01:02 CONNECT
TCP Peer: "127.0.0.1:49031" Local: "127.0.0.1:10031"
[2012/05/29-19:01:02 - 1066] [TRACKING] DEBUG: No session tracking
data exists for request: $VAR1 = {
'ccert_fingerprint' => '',
'sasl_method' => '',
'sasl_sender' => '',
'size' => '0',
'_timestamp' => 1338328862,
'helo_name' => 'mail-we0-f182.google.com',
'reverse_client_name' => 'mail-we0-f182.google.com',
'queue_id' => '',
'encryption_cipher' => '',
'encryption_protocol' => '',
'etrn_domain' => '',
'ccert_subject' => '',
'request' => 'smtpd_access_policy',
'protocol_state' => 'RCPT',
'stress' => '',
'recipient' => '[email protected]',
'sasl_username' => '',
'instance' => '4d3.4fc5471e.688e3.0',
'protocol_name' => 'ESMTP',
'encryption_keysize' => '0',
'recipient_count' => '0',
'ccert_issuer' => '',
'sender' => '[email protected]',
'client_name' => 'mail-we0-f182.google.com',
'client_address' => '74.125.82.182',
'_protocol_transport' => 'Postfix'
};
[2012/05/29-19:01:02 - 1066] [TRACKING] DEBUG: Added session tracking
information for: $VAR1 = {
'ccert_fingerprint' => '',
'sasl_method' => '',
'sasl_sender' => '',
'size' => '0',
'_timestamp' => 1338328862,
'helo_name' => 'mail-we0-f182.google.com',
'reverse_client_name' => 'mail-we0-f182.google.com',
'queue_id' => '',
'encryption_cipher' => '',
'encryption_protocol' => '',
'etrn_domain' => '',
:$
'Sender' => '[email protected]',
'SASLSender' => '',
'Timestamp' => 1338329395,
'ProtocolState' => 'RCPT',
'Policy' => {
'50' => [
'5'
]
},
'Protocol' => 'ESMTP',
'ClientReverseName' => 'mail-wg0-f50.google.com',
'SASLMethod' => ''
};
[2012/05/29-19:09:55 - 1066] [CBPOLICYD] DEBUG: Got request, running
modules...
[2012/05/29-19:09:55 - 1066] [CBPOLICYD] DEBUG: Running module: Quotas
Plugin
[2012/05/29-19:09:55 - 1066] [CBPOLICYD] DEBUG: Done with modules
[2012/05/29-19:09:58 - 1239] [CORE] INFO: 2012/05/29-19:09:58 CONNECT
TCP Peer: "127.0.0.1:49053" Local: "127.0.0.1:10031"
[2012/05/29-19:09:58 - 1239] [TRACKING] DEBUG: Protocol state is
'END-OF-MESSAGE', decoding policy...
[2012/05/29-19:09:58 - 1239] [TRACKING] DEBUG: Decoded into: $VAR1 = {
'[email protected]' => {
'50' => [
'5'
]
}
};
[2012/05/29-19:09:58 - 1239] [TRACKING] DEBUG: Request translated into
session data: $VAR1 = {
'SASLUsername' => '',
'QueueID' => 'A164C117F',
'RecipientData' => '/<[email protected]>#50=5;',
'EncryptionCipher' => '',
'Instance' => '673.4fc54933.92b53.0',
'Size' => '2559',
'EncryptionKeySize' => '0',
'ParsedClientAddress' => {
'Broadcast_Long' => 1249727026,
'Network' => '74.125.82.50',
'IP_Long' => 1249727026,
'Broadcast' => '74.125.82.50',
'IP' => '74.125.82.50',
'Mask_Long' => 4294967295,
'Network_Long' => 1249727026
},
'ProtocolTransport' => 'Postfix',
'EncryptionProtocol' => '',
'Helo' => 'mail-wg0-f50.google.com',
'ClientAddress' => '74.125.82.50',
'ClientName' => 'mail-wg0-f50.google.com',
'Sender' => '[email protected]',
'SASLSender' => '',
'Timestamp' => 1338329398,
'ProtocolState' => 'END-OF-MESSAGE',
'_Recipient_To_Policy' => {
'[email protected]' => {
'50' => [
'5'
]
}
},
'Protocol' => 'ESMTP',
'ClientReverseName' => 'mail-wg0-f50.google.com',
'SASLMethod' => ''
};
[2012/05/29-19:09:58 - 1239] [CBPOLICYD] DEBUG: Got request, running
modules...
[2012/05/29-19:09:58 - 1239] [CBPOLICYD] DEBUG: Running module: Quotas
Plugin
[2012/05/29-19:09:58 - 1239] [CBPOLICYD] DEBUG: Done with modules
[2012/05/29-19:10:28 - 1064] [CORE] INFO: Killing "1" children
[2012/05/29-19:10:28 - 1692] [CBPOLICYD] DEBUG: Shutting down caching
engine (1692)
As much I could investigate by myself, I can see the END-OF-STATE and
RCPT checks, delivering the message to policyd, but quotas_tracking
doesn't get any data,
Thanks in advance for your help, I hope have provided enough information.
André Gustavo N. Lopes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJPxVDUAAoJED/ohHvKzwrPJVQH/AjxZ7bqosFMmzt+3BAh7b75
Hc/uIcQehaktsjkdV1hzi1rZXNcCTsRVK1tpjmpSbC+I5GAUzxARfjSs+MIwASAF
j39ZEA01HDI3TlRrHxl5JarB3Zzxi0Y9iy2xH3co5o6HTMshvCqN2Qwek/wUA6CH
OspYuVNrK54gDn2xMPPddvPnZlbM111Ok4Z+RRvnpX+/isoccK3ltRu04wPbYFAU
rmT5mnGvuY/IV979rlf7WkQgWf4lEjJkT/fnMgmGG6yLdbxnXs8F2ORzmbZVOvr6
GChTvWzCy/ZCwPTSIWrTUX/cd/EHdlVy7uqb/yeteL/90J/JCRWj4xKu8Y0snx0=
=nVEC
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users
