On 10/10/2014 07:36 PM, Ronald F. Guilmette wrote: > Thank you. What you have written above does in fact clarify things a > good deal more. > > Just to make sure that I'm crystal clear however, let me ask: When you > say "terminated" what you are actually implying is just that the policy > server process receives EOF on stdin, correct?
AFAIK normal unix process signaling is used, even down to SIGKILL (aka kill -9) if the process is not responding. It will also take care of all child processes that might have been spawned by the policy server process. > And for the purpose of evaluating whether $max_use has been reached yet > or not, a "use" of the policy server is defined as "use for a single > SMTP connection/session", correct?[1] > > > =-=-=-=-=-=-=-=- > [1] I gather that if a policy server is invoked as part of the > smtpd_helo_restrictions or smtpd_client_restrictions (when > smtpd_delay_reject is *not* enabled) then in these cases the > "use" of the server will involve only a single actual request/ > response... since there is only a single TCP "connect" and only a > single HELO/EHLO per SMTP session... whereas if the policy server > is invoked as part of smtp_recipient_restrictions, then in this > case the "use" of the server includes _all_ of the several > request/response pairs that the Postfix will send to the policy > daemon... one for each RPCT TO relating to the current message, > correct? As far as I understand it, $max_use is counted/incremented by the postfix master daemon, for each new incoming connection (it is a behavior/parameter most of the postfix daemons share). So it won't take into account how many individual "uses" the policy service actually had to process. If mail was rejected by a earlier check it might not have been used at all. Best Regards, Lothar -- Lothar Gesslein Linux Consultant Mail: gessl...@b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
signature.asc
Description: OpenPGP digital signature
