On 02/10/2013 15:45, Sandro Mello wrote:
Hello,I'm having problem with verdict configured to DEFER, I always got a reject when it reaches the Counter limit. I've tested with HOLD verdict and it works fine.I've read some topics about people who also have the same problem, I've tried to apply or debug the code, but I'm still not understanding the cause of the rejection on DEFER verdict.Tried with several versions and still not able to figure out. I am using: - Ubuntu 10.04.4 LTS - Zimbra 8.0.2.GA.5569.UBUNTU10.64 - network edition - policyd v2.1.0aDownloaded from: http://devlabs.linuxassist.net/projects/policyd/files version: v2.1.x-201104210611 Note: I'am not using the version that cames with Zimbra for now, I've packed from the version above and configured the following keys in main.cf:smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:10031, reject_invalid_helo_hostname, reject_non_fqdn_sender, permitI have a basic policy that DEFER all outbound messages to a set of recipient domains.Here are my confs: $ postconf -n smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:10031, reject_invalid_helo_hostname, reject_non_fqdn_sender, permit zimbra@lab01:/home/cluebringer/v.2.1.0a/cluebringer/cbp$ postconf -d |grep mail_versionmail_version = 2.10-20121007 milter_macro_v = $mail_name $mail_versionzimbra@lab01:/home/cluebringer/v.2.1.0a/cluebringer/cbp$ postconf -d |grep mail_version^Czimbra@lab01:/home/cluebringer/v.2.1.0a/cluebringer/cbp$ postconf -n alias_maps = hash:/etc/aliases always_add_missing_headers = yes bounce_notice_recipient = postmaster bounce_queue_lifetime = 5d broken_sasl_auth_clients = yes command_directory = /opt/zimbra/postfix/sbin config_directory = /opt/zimbra/postfix-2.10-20121007.2z/conf content_filter = daemon_directory = /opt/zimbra/postfix/libexec delay_warning_time = 0h disable_dns_lookups = no header_checks = import_environment = in_flow_delay = 1s inet_protocols = ipv4 lmtp_connection_cache_destinations = lmtp_connection_cache_time_limit = 4s lmtp_host_lookup = dns local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated mail_owner = postfix mailbox_size_limit = 0 mailq_path = /opt/zimbra/postfix/sbin/mailq manpage_directory = /opt/zimbra/postfix/man maximal_backoff_time = 4000s maximal_queue_lifetime = 10s message_size_limit = 10240000 minimal_backoff_time = 300s mydestination = localhost myhostname = lab01.mydomain.tld mynetworks = 127.0.0.0/8 192.168.6.0/24 [::1]/128 [fe80::]/64 newaliases_path = /opt/zimbra/postfix/sbin/newaliases non_smtpd_milters = notify_classes = resource,software policy_time_limit = 3600 propagate_unmatched_extensions = canonical queue_directory = /opt/zimbra/data/postfix/spool queue_run_delay = 300s recipient_delimiter = relayhost = sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf sendmail_path = /opt/zimbra/postfix/sbin/sendmail setgid_group = postdrop smtp_cname_overrides_servername = no smtp_sasl_auth_enable = no smtp_sasl_mechanism_filter = smtp_sasl_password_maps = smtp_sasl_security_options = noplaintext,noanonymous smtp_tls_security_level = smtpd_client_restrictions = reject_unauth_pipelining smtpd_data_restrictions = reject_unauth_pipelining smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031 smtpd_helo_required = yes smtpd_milters =smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:10031, reject_invalid_helo_hostname, reject_non_fqdn_sender, permitsmtpd_reject_unlisted_recipient = nosmtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destinationsmtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_optionssmtpd_sender_restrictions = check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_foreign.resmtpd_tls_auth_only = yes smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf virtual_alias_expansion_limit = 10000 virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf virtual_transport = error The logs are attached in this mail. I appreciate if anyone could give me a light on this issue. Thanks!
The logs indicate a defer was sent to Postfix for your second attempt...[2013/10/02-12:30:12 - 31201] [CORE] INFO: module=Quotas, action=defer, host=XXX.XXX.X.XXX, helo=lab01.mydomain.tld, [email protected], [email protected], reason=quota_match, policy=2, quota=2, limit=2, track=Recipient:@gmail.com, counter=MessageCount, quota=2.81/1 (280.9%)
Where are you seeing the reject? -N
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
