On Tue, Nov 10, 2015 at 04:42:32PM -0600, Donald Bindner wrote: > smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10040 > > However, this kind of rule seems to run only for mail "passing > through" my Postfix server and not for mail originating locally. In > any event, the service running on port 10040 does not receive > connections from Postfix for mail that is generated locally. > > I'd love if someone would show an example that "hooks this up." I'm > confident that I have postfwd configured correctly to listen on port > 10040, I just need Postfix to talk to it.
It is not possible to rate-limit local submission. This is because local submission must be possible even with the mail system not running, so all it entails is direct writing of a queue file into the "maildrop" directory. If you want rate limits any legitimate sending agent needs to have the ability to delay and retry mail (an "Outbox" if you like), and while MUAs like Thunderbird that submit via SMTP can do that, the command-line sendmail(1) program cannot. What you can do is deny access to local submission, and require all mail be submitted via SMTP. This can make notification from cron jobs a bit difficult, but if such mail is sent by a system account to the user, you can allow local submission to just that account (and a few others). -- Viktor.