Dear all, Please help After testing it for two days, I found that the "Quota" works as 1. Total size of all mails within a specified time "period". The time specified in seconds "eg 3600 for one hour", policyd sets a counter and keeps adding mail sizes until it reaches the limit.
2. Total number of mails within a specified time "period". Same is
with this limit.
As opposed to that, my requirements are
1. That a user can not send mail that exceeds the mail size limit.
"Message cumulative size"
my work : I set the mail size limit to 3 MB. with time period 60 seconds.
observation: When I send a mail of 2 MB, it passes by. When I send a
second mail of 2 MB within 60 seconds, policyd blocks it (GOOD)
problem : when I send mail larger than 3 MB at first, it passes by (BAD)
2. That a user can not send mails to number not more than specified
"Message Count"
my work : I set the "Message count" to 20, within 3600 seconds.
observation: When I send mail to 15 recipients at first. And then sent
second mail to 10 recipients, policyd blocks it (GOOD)
problem : when I sent mail to 21 recipients at first attempt, it passes by (BAD)
This is the log output, when I set the "Message cumulative size" to
3000, but sent the mail of size 4.7 MB.
[2014/09/04-01:23:54 - 5442] [CORE] INFO: Starting "1" children
[2014/09/04-01:23:54 - 5539] [CORE] DEBUG: Child Preforked (5539)
[2014/09/04-01:23:54 - 5539] [CBPOLICYD] DEBUG: Starting up caching engine
[2014/09/04-01:23:54 - 5443] [CORE] INFO: 2014/09/04-01:23:54 CONNECT
TCP Peer: "[127.0.0.1]:41976" Local: "[127.0.0.1]:10031"
[2014/09/04-01:23:54 - 5443] [TRACKING] DEBUG: No session tracking
data exists for request: $VAR1 = {
'ccert_fingerprint' => '',
'sasl_method' => '',
'sasl_sender' => '',
'size' => 0,
'_timestamp' => 1409774034,
'helo_name' => '[192.168.122.251]',
'reverse_client_name' => 'unknown',
'queue_id' => '',
'encryption_cipher' => '',
'encryption_protocol' => '',
'etrn_domain' => '',
'ccert_subject' => '',
'request' => 'smtpd_access_policy',
'protocol_state' => 'RCPT',
'stress' => '',
'recipient' => '[email protected]',
'sasl_username' => '',
'instance' => '15a1.540771d2.bb8e2.0',
'protocol_name' => 'ESMTP',
'encryption_keysize' => '0',
'recipient_count' => '0',
'ccert_issuer' => '',
'sender' => '[email protected]',
'client_name' => 'unknown',
'client_address' => '192.168.122.253',
'_protocol_transport' => 'Postfix'
};
[2014/09/04-01:23:54 - 5443] [TRACKING] DEBUG: Added session tracking
information for: $VAR1 = {
'ccert_fingerprint' => '',
'sasl_method' => '',
'sasl_sender' => '',
'size' => 0,
'_timestamp' => 1409774034,
'helo_name' => '[192.168.122.251]',
'reverse_client_name' => 'unknown',
'queue_id' => '',
'encryption_cipher' => '',
'encryption_protocol' => '',
'etrn_domain' => '',
'ccert_subject' => '',
'request' => 'smtpd_access_policy',
'protocol_state' => 'RCPT',
'stress' => '',
'recipient' => '[email protected]',
'sasl_username' => '',
'instance' => '15a1.540771d2.bb8e2.0',
'protocol_name' => 'ESMTP',
'encryption_keysize' => '0',
'recipient_count' => '0',
'ccert_issuer' => '',
'sender' => '[email protected]',
'client_name' => 'unknown',
'client_address' => '192.168.122.253',
'_protocol_transport' => 'Postfix'
};
[2014/09/04-01:23:54 - 5443] [TRACKING] DEBUG: Protocol state is
'RCPT', resolving policy...
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Going to resolve
session data into policy: $VAR1 = {
'Recipient' => '[email protected]',
'SASLUsername' => '',
'QueueID' => '',
'RecipientData' => '',
'Instance' => '15a1.540771d2.bb8e2.0',
'EncryptionCipher' => '',
'Size' => '0',
'EncryptionKeySize' => '0',
'EncryptionProtocol' => '',
'Helo' => '[192.168.122.251]',
'ClientAddress' => '192.168.122.253',
'ClientName' => 'unknown',
'Sender' => '[email protected]',
'SASLSender' => '',
'Protocol' => 'ESMTP',
'ClientReverseName' => 'unknown',
'SASLMethod' => ''
};
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '12' in policy 'Default'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '14' in policy 'Default Outbound'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '3' in policy 'Default Inbound'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '8' in policy 'Default Inbound'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '9' in policy 'Default Inbound'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '4' in policy 'Default Internal'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: Found policy member
with ID '5' in policy 'Test'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:12/Name:Default]:
Main policy sources '[email protected]'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:12/Name:Default]: -
Resolved source '[email protected]' to a email address specification,
match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:12/Name:Default]:
Source matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:14/Name:Default
Outbound]: Main policy sources '[email protected]'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:14/Name:Default
Outbound]: - Resolved source '[email protected]' to a email address
specification, match = 1
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:14/Name:Default
Outbound]: Source matching result: matched=1
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:14/Name:Default
Outbound]: Destination not defined or 'any', explicit match: matched=1
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:14/Name:Default
Outbound]: Destination matching result: matched=1
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]: Main policy sources '!%internal_ips,!%internal_domains'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a
IP/CIDR specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_ips): Source group result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]: Group 'internal_domains' has 2 source(s) =>
@example.org,@example.com
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): - Resolved source '@example.org'
to a email address specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): - Resolved source '@example.com'
to a email address specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): Source group result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:3/Name:Default
Inbound]: Source matching result: matched=1
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]: Main policy destinations '%internal_domains'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]: Group 'internal_domains' has 2 destination(s) =>
@example.org,@example.com
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): - Resolved destination
'@example.org' to a email address specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): - Resolved destination
'@example.com' to a email address specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:3/Name:Default
Inbound]=>(group:internal_domains): Destination group result:
matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:3/Name:Default
Inbound]: Destination matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:8/Name:Default
Inbound]: Main policy sources ''
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:8/Name:Default
Inbound]: Source matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:9/Name:Default
Inbound]: Main policy sources ''
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:9/Name:Default
Inbound]: Source matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:4/Name:Default
Internal]: Main policy sources '%internal_ips,%internal_domains'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:4/Name:Default
Internal]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:4/Name:Default
Internal]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a
IP/CIDR specification, match = 0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:4/Name:Default
Internal]=>(group:internal_ips): Source group result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:4/Name:Default
Internal]: Source matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:5/Name:Test]: Main
policy sources '@example.net'
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: [ID:5/Name:Test]: -
Resolved source '@example.net' to a email address specification, match
= 0
[2014/09/04-01:23:54 - 5443] [POLICIES] INFO: [ID:5/Name:Test]: Source
matching result: matched=0
[2014/09/04-01:23:54 - 5443] [POLICIES] DEBUG: END RESULT: prio=10 =>
policy ids: 2
[2014/09/04-01:23:54 - 5443] [TRACKING] DEBUG: Policy resolved into: $VAR1 = {
'10' => [
'2'
]
};
[2014/09/04-01:23:54 - 5443] [TRACKING] DEBUG: Request translated into
session data: $VAR1 = {
'Recipient' => '[email protected]',
'SASLUsername' => '',
'QueueID' => '',
'RecipientData' => '',
'Instance' => '15a1.540771d2.bb8e2.0',
'EncryptionCipher' => '',
'Size' => '0',
'EncryptionKeySize' => '0',
'ParsedClientAddress' => {
'Broadcast_Long' => 3232267005,
'Network' => '192.168.122.253',
'IP_Long' => 3232267005,
'Broadcast' => '192.168.122.253',
'IP' => '192.168.122.253',
'Mask_Long' => 4294967295,
'Network_Long' => 3232267005
},
'ProtocolTransport' => 'Postfix',
'EncryptionProtocol' => '',
'Helo' => '[192.168.122.251]',
'ClientAddress' => '192.168.122.253',
'ClientName' => 'unknown',
'Sender' => '[email protected]',
'SASLSender' => '',
'Timestamp' => 1409774034,
'ProtocolState' => 'RCPT',
'Policy' => {
'10' => [
'2'
]
},
'Protocol' => 'ESMTP',
'ClientReverseName' => 'unknown',
'SASLMethod' => ''
};
[2014/09/04-01:23:54 - 5443] [CBPOLICYD] INFO: Got request #1
[2014/09/04-01:23:54 - 5443] [CORE] INFO: module=Quotas, mode=create,
host=192.168.122.253, helo=[192.168.122.251], [email protected],
[email protected], reason=quota_create, policy=2, quota=6, limit=7,
track=Sender:[email protected], counter=MessageCumulativeSize,
quota=0.00/3000 (0.0%)
[2014/09/04-01:23:55 - 5443] [TRACKING] DEBUG: Protocol state is
'END-OF-MESSAGE', decoding policy...
[2014/09/04-01:23:55 - 5443] [TRACKING] DEBUG: Decoded into: $VAR1 = {
'[email protected]' => {
'10' => [
'2'
]
}
};
[2014/09/04-01:23:55 - 5443] [TRACKING] DEBUG: Request translated into
session data: $VAR1 = {
'SASLUsername' => '',
'QueueID' => 'D26B04004C',
'RecipientData' => '/<[email protected]>#10=2;',
'EncryptionCipher' => '',
'Instance' => '15a1.540771d2.bb8e2.0',
'Size' => '6448',
'EncryptionKeySize' => '0',
'ParsedClientAddress' => {
'Broadcast_Long' => 3232267005,
'Network' => '192.168.122.253',
'IP_Long' => 3232267005,
'Broadcast' => '192.168.122.253',
'IP' => '192.168.122.253',
'Mask_Long' => 4294967295,
'Network_Long' => 3232267005
},
'ProtocolTransport' => 'Postfix',
'EncryptionProtocol' => '',
'Helo' => '[192.168.122.251]',
'ClientAddress' => '192.168.122.253',
'ClientName' => 'unknown',
'Sender' => '[email protected]',
'SASLSender' => '',
'Timestamp' => 1409774035,
'ProtocolState' => 'END-OF-MESSAGE',
'_Recipient_To_Policy' => {
'[email protected]' => {
'10' => [
'2'
]
}
},
'Protocol' => 'ESMTP',
'ClientReverseName' => 'unknown',
'SASLMethod' => ''
};
[2014/09/04-01:23:55 - 5443] [CBPOLICYD] INFO: Got request #2 (pipelined)
[2014/09/04-01:23:55 - 5443] [CORE] INFO: module=Quotas, mode=update,
host=192.168.122.253, helo=[192.168.122.251], [email protected],
[email protected], reason=quota_update, policy=2, quota=6, limit=7,
track=Sender:[email protected], counter=MessageCumulativeSize,
quota=6448.00/3000 (214.9%)
Sep 4 01:23:54 ms1 postfix-ms1/smtpd[5537]: connect from
unknown[192.168.122.253]
Sep 4 01:23:54 ms1 postfix-ms1/smtpd[5537]: D26B04004C:
client=unknown[192.168.122.253]
Sep 4 01:23:54 ms1 postfix-ms1/cleanup[5541]: D26B04004C:
message-id=<[email protected]>
Sep 4 01:23:55 ms1 postfix-ms1/qmgr[2061]: D26B04004C:
from=<[email protected]>, size=6602306, nrcpt=1 (queue active)
Sep 4 01:23:55 ms1 postfix-ms1/smtpd[5537]: disconnect from
unknown[192.168.122.253]
Sep 4 01:23:56 ms1 imapd: Connection, ip=[::ffff:192.168.122.251]
Sep 4 01:23:56 ms1 imapd: LOGIN, [email protected],
ip=[::ffff:192.168.122.251], port=[55915], protocol=IMAP
Sep 4 01:23:56 ms1 postfix-ms1/virtual[5542]: D26B04004C:
to=<[email protected]>, relay=virtual, delay=2.1,
delays=0.95/0.02/0/1.1, dsn=2.0.0, status=sent (delivered to maildir)
Sep 4 01:23:56 ms1 postfix-ms1/qmgr[2061]: D26B04004C: removed
Sep 4 01:23:56 ms1 imapd: LOGOUT, [email protected],
ip=[::ffff:192.168.122.251], headers=0, body=0, rcvd=6602205,
sent=203, time=1
Sep 4 01:23:57 ms1 imapd: Connection, ip=[::ffff:192.168.122.251]
Sep 4 01:23:57 ms1 imapd: LOGIN, [email protected],
ip=[::ffff:192.168.122.251], port=[55919], protocol=IMAP
Sep 4 01:23:57 ms1 imapd: LOGOUT, [email protected],
ip=[::ffff:192.168.122.251], headers=2511, body=0, rcvd=298,
sent=6853, time=0
And mail was successfully sent (BAD)
Please help me solving this problem.
Also please share, if there is a way of detecting the mail size limit
per user (like from the ldap attribute). As there is no need to set
counters.
--
Thanks & Regards
Jagannath Naidu
cbpolicyd.log
Description: Binary data
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
