Hey Clovis, Ok i will try to put it short :
When a mail arrives at the mta ( postfix for example ), policyd determines where the email comes from and categorizes the email based on the policies : Policies -> Main : 1. Default -> matches *any* email that comes and goes. 2. Default Outbound -> matches outgoing emails. 3. Default Inbound -> matches incoming mails. 4. Default Internal -> matches emails sent from the mail server to the mail server ( in the ideal case ). So how does policyd do that ? Every policy has members ( Select the policy and select "Members" from the dropdown above ). You will see source, destination and disabled fields. I don't think disabled needs any explanation. Let's click on "Default Outbound". It says "%internal_domains" in the Source field and "!%internal_domains" in Destination field. This means that any email that comes with a Sender address that is qualified as a member of an "internal" domain ( i.e. the domain your mail server is serving ) and has a Recipient address that doesn't match any of the internal domains will be classified as an outbound ( outgoing ) email. Let's click on "Policies -> Groups". Looks familiar ? Here we define the "%internal_domains" - i.e. which domains belong to this mail server. Note that you can use the "internal_ips" if you want to base the qualification of "internal" mail on the ip address that the email comes from. Select "internal_domains" and select "Members" from the dropdown. You will see "@example.com" and "@example.org" ( not sure but i think that's the default ones ). What does that tell us ? All of the emails that were sent from [email protected] and don't have Recipient address that belongs to @example.com or example.org will be matched by the "Default Outbound" policy. The same rules apply for the "Default Inbound" policy, but instead there you have Source -> "!%internal_domains" ( or "!%internal_ips" ) and destination "%internal_domains" ( or "%internal_ips ). Ofcourse you can combine internal_domains and internal_ips or create other groups and base policies on them. After you are done setting your policies, you need to configure all other checks that policyd performs and link them to the policies you wish. That's the short version that i came up with while writing this email :) For a longer and polished version you will have to wait for the weekend. On Wed, 2009-09-02 at 09:55 -0300, Clovis Tristao wrote: > Hi Nikolai, > > Thank you, I will follow your suggestion, but where to start? > You have a basic tutorial about it, Policies ( Main and Groups ). > > Em 02-09-2009 02:05, Nikolai Bochev escreveu: > > Wait a week and you'll have a nice tutorial to get you started. > > But i would suggest getting familiar with Policies ( Main and Groups ) > > first. > > > > On Tue, 2009-09-01 at 10:48 -0300, Clovis Tristao wrote: > > > >> Hi, > >> > >> I need to put a server into production, but I am confused by this > >> interface web, do not know where to start. > >> Any idea? > >> > >> Thank you very much, > >> > >> Clóvis > >> > >> > >> Em 31-08-2009 09:20, Ðиколай Бочев escreveu: > >> > >>> Maybe next week when i get some free time i can put up a detailed howto. > >>> I am using policyd v2 on several production environments already and it > >>> does have a nice learning curve, once you figure out the basics :) > >>> > >>> On Wed, 2009-08-19 at 10:51 +0000, Nigel Kukard wrote: > >>> > >>> > >>>> Herman Baumgarten wrote: > >>>> > >>>> > >>>>> It would actually be nice if someone could give a tutorial on the whole > >>>>> policyd v2 > >>>>> ----- Original Message ----- > >>>>> From: "Clovis Tristao"<[email protected]> > >>>>> To:<[email protected]> > >>>>> Sent: Monday, August 17, 2009 8:42 PM > >>>>> Subject: [policyd-users] Tutorial Policyd v2 > >>>>> > >>>>> > >>>>> Hi, > >>>>> > >>>>> Someone could give a tutorial on Policyd v. 2.0, web interface > >>>>> configuration? > >>>>> Now, thanks > >>>>> > >>>>> > >>>>> > >>>>> > >>>> Any volunteers to write one? ;) > >>>> > >>>> -N > >>>> > >>>> > >>>> > >>>> __________________________________________________________________ > >>>> > >>>> _______________________________________________ > >>>> Users mailing list > >>>> [email protected] > >>>> http://lists.policyd.org/mailman/listinfo/users > >>>> > >>>> > >> > >> -- > >> Clovis Tristao - UNICAMP/Faculdade de Engenharia Agricola > >> Administrador de Redes - Secao de Informatica (SINFO) > >> E-mail: [email protected] http://www.feagri.unicamp.br > >> Fone(0xx19) 35211031-35211038 ou FAX(55xx19) 35211005/35211010 > >> _______________________________________________ > >> Users mailing list > >> [email protected] > >> http://lists.policyd.org/mailman/listinfo/users > >> > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.policyd.org/mailman/listinfo/users > > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.policyd.org/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
