Hi all, I found that check_policy_service works (maybe*) in `smtpd_end_of_data_restrictions =`. So I'm guessing it might work in any *_restrictions configuration.
(*still having some issues getting this to work as expected, but I'll come back here if I get stuck) Colin On Tue, 26 Mar 2024 at 13:52, Colin McKinnon <colin.mckin...@gmail.com> wrote: > > Hi, > > I want to provision load balancing for my relays. The catch is that > there is already some customized routing in place based on recipient > domain and large block lists. These are currently handled by a > transport map. > > I would prefer not to implement 2 layers of relays. If this were > implemented as a plugin which is told the recipient address it could > determine how the mail should be routed. But I need to ensure that I > don't create any loops - i.e. the routing decision is based on the > recipient AND where the email came from/via. > > The policy server (https://www.postfix.org/SMTPD_POLICY_README.html) > seems to be ideal for my requirements since I get both recipient_name > and helo_name, however the documentation only covers its use in the > context of 'smtpd_recipient_restrictions'. I tried provisioning using: > > transport_maps = check_policy_service inet:127.0.0.1:8822 > hash:/etc/postfix/transport > smtpd_policy_service_default_action = DUNNO > smtpd_policy_service_timeout = 10s > > However it appears that check_policy_service is not valid here. > Although `postfix check` and a restart report no errors, when I try to > relay a message, it is not accepted at the relay (hostname test106) > which logs this: > > Mar 26 13:44:35 test106 postfix/smtpd[150541]: connect from > test107.southwold.net[10.0.0.107] > Mar 26 13:44:47 test106 postfix/trivial-rewrite[150545]: fatal: open > dictionary: expecting "type:name" form instead of > "check_policy_service" > Mar 26 13:44:48 test106 postfix/master[148536]: warning: process > /usr/lib/postfix/sbin/trivial-rewrite pid 150545 exit status 1 > Mar 26 13:44:48 test106 postfix/master[148536]: warning: > /usr/lib/postfix/sbin/trivial-rewrite: bad command startup -- > throttling > > Questions: > > 1) Can I use check_policy_service in other contexts than > smtpd_recipient_restrictions? (I don't want to interfere with > `smtpd_relay_restrictions = permit_mynetworks > permit_sasl_authenticated defer_unauth_destination` ) > > 2) If so, where would be the best place to put this? > > TIA > > Colin > > -- > -----BEGIN GEEK CODE BLOCK----- > Version: 3.1 > GCM d s+:+ a+ C+++(---)$ UL+++ P+(--) L+++ E--- W+++ N++ w-- PS++(+++()) > t+ 5+ X R- tv-- b++ DI++ D e+++ h---- > ------END GEEK CODE BLOCK------ -- -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCM d s+:+ a+ C+++(---)$ UL+++ P+(--) L+++ E--- W+++ N++ w-- PS++(+++()) t+ 5+ X R- tv-- b++ DI++ D e+++ h---- ------END GEEK CODE BLOCK------ _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
