Hi,
Please pardon the noobie question. I looked through the list archives and also
whatever docos I could locate online in an effort to help myself prior to
posting to the list.
I just installed policyd-weight and would like to configure it alongside my
postfix installation running on Debian etch system.
Here is my main.cf:
<snip>
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.example.com
mydomain = example.com
alias_maps = hash:/etc/aliases, hash:/etc/mail/aliases,
hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual_alias
myorigin = /etc/mailname
mydestination =$myhostname, $mydomain
relayhost =
relay_domains = $mydestination, example.com
mynetworks = 127.0.0.1, 69.192.26.135
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alltransport_maps = hash:/etc/postfix/transport
mailman_destination_recipient_limit = 1
</snip>
So, am I correct in my understanding I can invoke policyd-weight by simply
adding the line "check_policy_service inet:127.0.0.1:12525" to the bottom of my
main.cf and then restart postfix?
Secondly, I thiought I read somewhere I should adjust the value $REJECTLEVEL to
something like 4.5 rather than the default, and also change the value of
ADD_X_HEADER from 1 to 0 - any recommendations on that? What is the purpose
changing the ADD_X_HEADER value?
Finally, is there an easy way to verfiy all the BL sites in the default
configuration are still valid? What about maintaining and updating these
values, is that up to me as the administrator?
Thanks,
Dov
