Hi,
> > Hence I would like to have a sort of
> > smtpd_end_of_data_restrictions = check_policy_service something
> > that could accept/reject the mail before it is being handled to the MDA.
>
> You could write a policy service to do this, or simply use a utility outside
> of Postfix to update an access(5) map that sends 4xx or 5xx responses for
> users that exceed quota.
I have written the table, it send DUNNO or REJECT depending whether
the user is over quota or not.
Where is the best place to hook that table in Postfix?
smtpd_recipient_restrictions = check_recipient_access ldap:...
May not be the best choice because it seems it is check before the aliases are
expanded, so if a user over quota is part of an alias, the message will not
boun ce for that user.
Bests,
Olivier
alias_maps = hash:/etc/aliases, ldap:$config_directory/ldap_user_alias,
ldap:$config_directory/ldap_deleted_alias, ldap:$config_directory/l
dap_user_alias_fullname, ldap:$config_directory/ldap_deleted_alias_fullna
me, ldap:$config_directory/ldap_alias
command_directory = /usr/local/sbin
config_directory = /usr/local/ETC
content_filter = smtp-amavis:[localhost]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = /usr/local/share/doc/postfix
inet_interfaces = $myhostname, localhost
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated
local_recipient_maps = unix:passwd.byname, $alias_maps, ldap:$config_dir
ectory/ldap_local_recipient
mail_owner = postfix
mailbox_command = /usr/local/bin/procmail -t -a $HOME
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
masquerade_domains = cs.ait.ac.th
masquerade_exceptions = root
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$my
domain, ufo.$mydomain, banyan.$mydomain, ldap.$mydomain, door.$mydomain,
firewall.$mydomain, dns.$mydomain, amanda.$mydomain, database.$mydomain, sysl
.$mydomain, mailback.$mydomain, csim.ait.asia
mydomain = cs.ait.ac.th
mynetworks = 192.41.170.0/24, 203.159.32.0/32
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
recipient_canonical_maps = ldap:$config_directory/ldap_user_uncanonical,
ldap:$config_directory/ldap_deleted_uncanonical
relay_domains = cs.ait.ac.th, vgl-vforge.cs.ait.ac.th, ait.ac.th, dec.ait.ac.th,
interlab.ait.ac.th, gmseenet.org
sample_directory = /usr/local/etc
sender_canonical_maps = ldap:$config_directory/ldap_canonical
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_tls_loglevel = 2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/run/postfix/smtp_scache
smtp_tls_session_cache_timeout = 3600s
...skipping...
smtpd_client_restrictions = check_client_access cidr:$config_directory/amavis_by
pass
smtpd_recipient_restrictions = check_recipient_access ldap:$config_directory/lda
p_access permit_mynetworks permit_sasl_authenticated reject
_unauth_destination check_policy_service inet:127.0.0.1:10023
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /usr/local/ssl/ca/ait-itserv.crt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /usr/local/ssl/crt/combined/mail.cs.ait.ac.th.pem
smtpd_tls_key_file = /usr/local/ssl/key/mail.cs.ait.ac.th.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/run/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
tls_daemon_random_bytes = 32
tls_random_bytes = 32
tls_random_exchange_name = /var/run/postfix/prng_exch
tls_random_prng_update_period = 3600s
tls_random_reseed_period = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = hash:/usr/local/etc/transport
unknown_local_recipient_reject_code = 550
