I would say it depends a lot on your initial configuration.
We're in the process of finishing up some tests that initially just
duplicate what we have now under 1.X. We have a special, isolated
mailgateway machine that we're using for testing, which helps a lot.
There is no greylisting used in our case and the blacklisting is handled
independently, so that keeps it simpler. We are tied in to amavisd-new,
however.
We entered in all our whitelist parameters, created trusted and
untrusted groups and set up limits. Other than the procedure on how to
do the initial install and configuration, the rest was pretty
straight-forward. The next step wil be to implement user limits.
Two issues have arisen on which I'd like to throw back questions.
First, since all policies are combined, there does not appear to be a
way that a single user on a specific machine can be given a higher limit
if the machine itself already has a lower limit, or will the
individual's setting override the global one?
Second, in policyd 1.X, I wrote a reporting tool that generates messages
telling when quotas have been exceeded, something like this:
# To check for _all_ the limits, one should really use this:
$sql = qq{SELECT * FROM throttle where _count_cur >= _count_max
or _rcpt_cur >= _rcpt_max or _quota_cur >= _quota_max
or _abuse_cur=1};
but in policyd2, there appears to be no tracking of how many attempts
were made for a particular sender, recipient or machine; the DB
apparently only compares the allowed value to the matching group
policy. This makes it very hard to come up with a simple way to query
what instances are over quota and makes it impossible to tell by how
much -- did the user try to send 5 messages over the limit or 500000 ?
I'm asking if anyone has written a reporting tool that can extract at
least what instances are over quota at a given moment. If nothing like
this exists, I'd like to ask the authors to at least consider storing
this information in the table so that an easy comparison can be made
to see if the user or machine is over the limit. When the time
limit has expired, the counter could be zeroed out.
Thoughts on this? Thanks for reading.
Regards,
--Tobias
Brian Kolaci wrote:
> Hi,
>
> Are there any tips to migrating from 1.8 to 2.x ?
>
> I currently have scripts that populate the "whitelist_sender" table and
> manipulate the policy table to allow domains or specific email users to
> opt-in and opt-out of greylisting. So some users should be able to
> bypass the policyd greylisting inbound mail to their addresses if they
> choose, and there is a list of email addresses that I'd like to just
> plain whitelist.
>
> Can this be done using version 2.x? If so, how can I replicate that
> functionality?
>
> Thanks,
>
> Brian
>
> _______________________________________________
> Users mailing list
> [email protected]
> http://lists.policyd.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users
