On 01/28/11 02:00, Masim "Vavai" Sugianto wrote:
> Hi,
>
> I'm trying to implement PolicyD v2 into Zimbra 7 for quota tracking
> (sender rate-limit). PolicyD is running as expected but it seems that
> Quota Modules doesn't work. Quota modules is enable but Zimbra Postfix
> seems to bypassing the quota tracking.
>
> Below is my policy (limit up to 2 messages for 60 seconds for testing
> purpose only):
> BEGIN TRANSACTION;
> INSERT INTO "policies" VALUES(6, 'Zimbra', 0, 'Test Quota Policy', 0);
> DELETE FROM sqlite_sequence;
> INSERT INTO "sqlite_sequence" VALUES('policies', 6);
> INSERT INTO "sqlite_sequence" VALUES('policy_members', 6);
> INSERT INTO "sqlite_sequence" VALUES('policy_groups', 2);
> INSERT INTO "sqlite_sequence" VALUES('policy_group_members', 3);
> INSERT INTO "sqlite_sequence" VALUES('quotas', 4);
> INSERT INTO "sqlite_sequence" VALUES('quotas_limits', 5);
> INSERT INTO "sqlite_sequence" VALUES('checkhelo_blacklist', 4);
> INSERT INTO "policy_members" VALUES(6, 6, 'any', 'any', '', 0);
> INSERT INTO "quotas" VALUES(3, 6, 'Sender:user@domain',
> 'Sender:user@domain', 60, 'DEFER', 'Deferring: Too many messages from
> sender in last 60', '', 0);
> INSERT INTO "quotas" VALUES(4, 6, 'Recipient:@domain',
> 'Recipient:@domain', 60, 'REJECT', '', '', 0);
> INSERT INTO "quotas_limits" VALUES(4, 3, 'MessageCount', 2, '', 0);
> INSERT INTO "quotas_limits" VALUES(5, 4, 'MessageCount', 5, '', 0);
> COMMIT;
>
> And below are Cbpolicyd.log :
>
> [2011/01/28-08:43:57 - 11788] [CORE] DEBUG: Child Preforked (11788)
> [2011/01/28-08:43:57 - 11788] [CBPOLICYD] DEBUG: Starting up caching engine
> [2011/01/28-08:44:27 - 9222] [CORE] INFO: Killing "1" children
> [2011/01/28-08:44:27 - 9227] [CBPOLICYD] DEBUG: Shutting down caching
> engine (9227)
> [2011/01/28-08:46:07 - 9226] [CORE] INFO: 2011/01/28-08:46:07 CONNECT
> TCP Peer: "127.0.0.1:33089" Local: "127.0.0.1:10031"
> [2011/01/28-08:46:07 - 9222] [CORE] INFO: Starting "1" children
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Got request, running
> modules...
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Running module: Access
> Control Plugin
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Running module:
> HELO/EHLO Check Plugin
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Running module: SPF Check
> Plugin
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Running module:
> Greylisting Plugin
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
> [2011/01/28-08:46:07 - 12875] [CORE] DEBUG: Child Preforked (12875)
> [2011/01/28-08:46:07 - 9226] [CBPOLICYD] DEBUG: Done with modules
> [2011/01/28-08:46:07 - 12875] [CBPOLICYD] DEBUG: Starting up caching engine
> [2011/01/28-08:46:08 - 9224] [CORE] INFO: 2011/01/28-08:46:08 CONNECT
> TCP Peer: "127.0.0.1:33095" Local: "127.0.0.1:10031"
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Got request, running
> modules...
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Running module: Access
> Control Plugin
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Running module:
> HELO/EHLO Check Plugin
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Running module: SPF Check
> Plugin
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Running module:
> Greylisting Plugin
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
> [2011/01/28-08:46:08 - 9224] [CBPOLICYD] DEBUG: Done with modules
> [2011/01/28-08:46:38 - 9222] [CORE] INFO: Killing "1" children
> [2011/01/28-08:46:38 - 12875] [CBPOLICYD] DEBUG: Shutting down caching
> engine (12875)
>
> I'm testing both with port 25 and 465 (TLS mode) in trusted network.
> Any suggestion why Quota tracking doesn't work?Try enabling full debugging, you'll then see what policy checks are being done and if they matching ... this will more than likely help pinpoint where the problem lies. Regards Nigel
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
