Re: Different anvil for auth users?

Guy Mon, 23 Feb 2009 05:12:49 -0800

Hi Wietse,

2009/2/23 Wietse Venema <wie...@porcupine.org>:
> anvil is not a traffic shaping tool.
>
> For fine-grained policies, I suggest you use an external policy daemon.
> Such as http://www.policyd.org/
>
>        Wietse
>


Was just looking at that as an option. Been running the old version 1
but I'm looking at version 2 now since it seems to have a lot more
functionality.

I'm assuming that by having the policy daemon under
smtp_end_of_data_restrictions as well as smtpd_recipient_restrictions
is what allows it to catch outgoing mail as well?
In my current setup I have policyd v1 but it's after
permit_sasl_authenticated so no outgoing mail gets checked by the
policy daemon.

smtpd_recipient_restrictions =
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        check_client_access cidr:/etc/postfix/postfix-dnswl-permit,
        check_client_access cidr:/etc/postfix/postfix-dnswl-custom,
        reject_invalid_hostname,
        reject_rbl_client zen.spamhaus.org,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client b.barracudacentral.org,
        reject_rbl_client psbl.surriel.com,
        reject_rhsbl_client zen.spamhaus.org,
        reject_rhsbl_client bl.spamcop.net,
        check_policy_service inet:127.0.0.1:10031,
        permit

Thanks
Guy

-- 
Don't just do something...sit there!

Re: Different anvil for auth users?

Reply via email to