Hello, I found the problem: @@ -606,7 +606,7 @@ # fall back to the config defaults listed below. # # 1=on 0=off -SENDERTHROTTLE=2 +SENDERTHROTTLE=0
SENDERTHROTTLE should be 1. I meant to set rate limit to 2 messages but modified the wrong configuration variable. Because SENDERTHROTTLE is the only module I want to use, when the if (SENDERTHROTTLE == 1) test fails in policyd.c, the code passes to catch all module=bypass. Yeah, it's an obvious mistake after all. Xueshan ----- Original Message ----- > Hello, > > I am testing Postfix-policyd version 1.80-2.3 on Debian/Lenny. MySQL > version is 5.0.51a-24+lenny4. > > What I am trying to do is sender-based the rate limit. My inital test > worked fine - the trottling kicked in when the same sender sent more > messages than allowed within a time limt. Now it stopped working. Log > shows that module=bypass and no trottling even the sender passes the > message quota limit. > > The only change -not sure if it is relavant - was that I turned on > training mode, then turned it back on. > > The policy configuration differs from the default like this: > > --- postfix-policyd.conf 2010-06-28 12:12:25.000000000 -0700 > +++ /usr/share/postfix-policyd/postfix-policyd.conf 2008-03-30 > 22:27:50.0000 00000 -0700 > # connection options: > @@ -81,7 +81,7 @@ > # 2 -> 1+mysql queries+results > # 3 -> 1+2+network debugging > # 0=off > -DEBUG=3 +DEBUG=0 > > @@ -167,7 +167,7 @@ > # if you want to allow any of the whitelisting features. > # # 1=on 0=off > -WHITELISTING=0 +WHITELISTING=1 > > @@ -606,7 +606,7 @@ > # fall back to the config defaults listed below. > # # 1=on 0=off > -SENDERTHROTTLE=2 +SENDERTHROTTLE=0 > > @@ -632,7 +632,7 @@ > # SENDER_THROTTLE_SASL or SENDER_THROTTLE_HOST but > # *NOT* both. > # 1=on 0=off > -SENDER_THROTTLE_HOST=0 +SENDER_THROTTLE_HOST=1 > > # > # quota exceeded temp rejection: default: 5xx > @@ -663,7 +663,7 @@ > # how many messages a user is allowed to send out > # before the time limit has expired. > > -SENDERMSGLIMIT=2 > +SENDERMSGLIMIT=512 > > # > # maximum mail recipients per time period default: 5000 > @@ -671,7 +671,7 @@ > # how many recipients a user is allowed to send out > # before the time limit has expired. > # -SENDERRCPTLIMIT=200 > +SENDERRCPTLIMIT=3600 > > # > # maximum mail quota/size per time period default: 250 meg > @@ -688,7 +688,7 @@ > # after how long does all quota last before counters > # are reset back to to zero. > # -SENDERTIMELIMIT=5m > +SENDERTIMELIMIT=1h > > > I thought I'd try training mode. I found the trottling stopped > working. Although I set sender can only send 2 messages per 5 minutes, > my messages pass through alright beyond allowed limit. Then I turned > off training mode, the messages still pass through without triggering > threshold. > > Debugging log shows this: > > Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 > database_probe(): reconnecting.. > Jun 28 11:59:15 postfix-server postfix-policyd: connecting to mysql > database: localhost > Jun 28 11:59:15 postfix-server postfix-policyd: connected. > > ... > > Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 row: 0 > data: 0 (extracted) > Jun 28 11:59:15 postfix-server postfix-policyd: DEBUG: fd: 8 > db_doquery(): SELECT _count,_datenew,_datelast FROM triplet WHERE > _host='171.64.10' AND _from='sen...@senderdomain' AND > _rcpt='r...@rcptdomain' Jun 28 11:59:16 postfix-server > postfix-policyd: DEBUG: fd: 8 row: 0 data: 24 (recieved) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 0 > data: 24 (extracted) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 1 > data: 1276369270 (recieved) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 1 > data: 1276369270 (extracted) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 2 > data: 1277747307 (recieved) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 row: 2 > data: 1277747307 (extracted) > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 > db_doquery(): UPDATE triplet SET > _datelast='1277751555',_count=_count+1 WHERE _host='171.64.10' AND > _from='sen...@sendermydomain' AND _rcpt='r...@rcptdomain' > Jun 28 11:59:16 postfix-server postfix-policyd: rcpt=5, > greylist=update, host=sender_IP (sender host), > from=sen...@senderdomain, to=r...@rcptdomain, size=0 > Jun 28 11:59:16 postfix-server postfix-policyd: rcpt=5, module=bypass, > host=sender IP (sender host), from=sen...@senderdomain, > to=r...@rcptdomain, size=0 > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 select(): > fd 8 is ready for write > Jun 28 11:59:16 postfix-server postfix-policyd: DEBUG: fd: 8 returning > after 14 bytes of data written > Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 select(): > fd 8 is ready for read > Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 > connection got an EOF, data_read = 0 > Jun 28 12:00:56 postfix-server postfix-policyd: DEBUG: fd: 8 shutting > down fd 8 > > The database log doesn't show any errors: > > 100628 11:59:15 73 Quit > 74 Connect postfix-poli...@localhost on postfixpolicyd > 74 Query SELECT COUNT(*) FROM policy_training WHERE _rcpt > ='sen...@senderdomain' OR _rcpt='@rcptdomain' > 74 Query SELECT _count,_datenew,_datelast FROM triplet WH > ERE _host='IP' AND _from='sen...@senderdomain AND > _rcpt='r...@rcptdomain' 100628 11:59:16 74 Query UPDATE triplet SET > _datelast='1277751555',_count =_count+1 WHERE _host='IP' AND > _from='sen...@senderdomain' AND _rcpt='sender > @senderdomain' 100628 12:00:20 75 Connect r...@localhost on > 75 Query select @@version_comment limit 1 > 100628 12:00:26 75 Query SELECT DATABASE() > 75 Init DB postfixpolicyd > 75 Query show databases > 75 Query show tables > 75 Field List blacklist > 75 Field List blacklist_helo > 75 Field List blacklist_sender > 75 Field List helo > 75 Field List policy > 75 Field List policy_training > 75 Field List spamtrap > 75 Field List throttle > 75 Field List throttle_from_instance > 75 Field List throttle_rcpt > 75 Field List triplet > 75 Field List whitelist > 75 Field List whitelist_dnsname > 75 Field List whitelist_sender > 100628 12:00:46 75 Query UPDATE triplet SET > _datelast='1277751555',_count =_count+1 WHERE _host='IP' AND > _from='[email protected]' AND _rcpt='sender > @senderdomain' 100628 12:01:08 75 Quit > > I have restarted policyd, mysqld multiple times, but I am stucked at > the module=bypass. > > Any ideas what might cause this behavior? > > Thanks! > > Xueshan > -- > > Xueshan Feng <[email protected]> > Technical Lead, IT Services, Stanford University -- Xueshan Feng <[email protected]> Technical Lead, IT Services, Stanford University _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
