Ok. So I finally have policyd working on my Postfix MTA with amavisd-new and I can see in the maillogs the interaction of policyd with the e-mails. But there is some testing that I would like to do and I can't figure out how to set a message size limit for a specific user. This is what I have so far and the message always goes out. I set the limit to 1MB and I intentionally send a message with a 3MB attachment.
This is what I have in my Test Policy: Test Priority: 50 Source: [email protected] Desination: ANY This is the quota I've configured Policy: Test Track: Sender:user@domain Period: 0 I associated a limit: Type: MessageCumulativeSize Counter Limit: 1000000 Now, I send an email to any address from [email protected] with a 3MB file attached and it goes through as if there isn't any policy there. I'm sure I'm missing something but right now I'm just blind. Here is what I have in my logs: Maillog: cbpolicyd[69946]: module=Quotas, mode=update, host=10.25.80.8, helo=mail.es.quimefa.cu, [email protected], to=o [email protected], reason=quota_update, policy=5, quota=3, limit=4, track=Sender:[email protected], counter=MessageCumulativeSize, quota= 0/1000000 (0.0%) cbpolicyd[69947]: module=Quotas, mode=update, host=10.25.80.8, helo=mail.es.quimefa.cu, [email protected], to=o [email protected], reason=quota_update, policy=5, quota=3, limit=4, track=Sender:[email protected], counter=MessageCumulativeSize, quota= 1967277/1000000 (196.7%) Cbpolicyd.log: [CORE] INFO: 2011/08/01-11:48:15 CONNECT TCP Peer: "127.0.0.1:12187" Local: "127.0.0.1:10031" [2011/08/01-11:48:15 - 69946] [PROTOCOLS/Postfix] DEBUG: Possible Postfix protocol [2011/08/01-11:48:15 - 69946] [PROTOCOLS/Postfix] INFO: Identified Postfix protocol [2011/08/01-11:48:15 - 69946] [TRACKING] DEBUG: No session tracking data exists for request: $VAR1 = { 'size' => '1967277', '_timestamp' => 1312213695, 'helo_name' => 'mail.es.quimefa.cu', 'reverse_client_name' => 'unknown', 'queue_id' => '', 'etrn_domain' => '', 'request' => 'smtpd_access_policy', 'protocol_state' => 'RCPT', 'stress' => 'yes', 'recipient' => '[email protected]', 'instance' => '11299.4e36cabf.ef191.0', 'protocol_name' => 'ESMTP', 'recipient_count' => '0', 'sender' => '[email protected]', 'client_name' => 'unknown', 'client_address' => '10.25.80.8', '_protocol_transport' => 'Postfix' }; [2011/08/01-11:48:15 - 69946] [TRACKING] DEBUG: Added session tracking information for: $VAR1 = { 'size' => '1967277', '_timestamp' => 1312213695, 'helo_name' => 'mail.es.quimefa.cu', 'reverse_client_name' => 'unknown', 'queue_id' => '', 'etrn_domain' => '', 'request' => 'smtpd_access_policy', 'protocol_state' => 'RCPT', 'stress' => 'yes', 'recipient' => '[email protected]', 'instance' => '11299.4e36cabf.ef191.0', 'protocol_name' => 'ESMTP', 'recipient_count' => '0', 'sender' => '[email protected]', 'client_name' => 'unknown', 'client_address' => '10.25.80.8', '_protocol_transport' => 'Postfix' }; [2011/08/01-11:48:15 - 69946] [TRACKING] DEBUG: Protocol state is 'RCPT', resolving policy... [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Going to resolve session data into policy: $VAR1 = { 'Recipient' => '[email protected]', 'SASLUsername' => undef, 'QueueID' => '', 'RecipientData' => '', 'Instance' => '11299.4e36cabf.ef191.0', 'EncryptionCipher' => undef, 'Size' => '1967277', 'EncryptionKeySize' => undef, 'EncryptionProtocol' => undef, 'Helo' => 'mail.es.quimefa.cu', 'ClientAddress' => '10.25.80.8', 'ClientName' => 'unknown', 'Sender' => '[email protected]', 'SASLSender' => undef, 'Protocol' => 'ESMTP', 'ClientReverseName' => 'unknown', 'SASLMethod' => undef }; [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Found policy member with ID '1' in policy 'Default' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Found policy member with ID '2' in policy 'Default Outbound' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Found policy member with ID '3' in policy 'Default Inbound' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Found policy member with ID '4' in policy 'Default Internal' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: Found policy member with ID '5' in policy 'Test' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:1/Name:Default]: Source not defined or 'any', explicit match: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:1/Name:Default]: Source matching result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:1/Name:Default]: Source matching result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:1/Name:Default]: Destination not defined or 'any', explicit match: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:1/Name:Default]: Destination matching result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]: Main policy sources '%internal_ips,%internal_domains' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CI DR specification, match = 1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_ips): Source group result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]: Group 'internal_domains' has 2 source(s) => @example.org,@examp le.com [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_domains): - Resolved source '@example.org' to a email address specification, match = 0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_domains): - Resolved source '@example.com' to a email address specification, match = 0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_domains): Source group result: matched=0 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:2/Name:Default Outbound]: Source matching result: matched=0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]: Main policy sources '!%internal_ips,!%internal_domains' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CID R specification, match = 1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_ips): Source group result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:3/Name:Default Inbound]: Source matching result: matched=0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]: Main policy sources '%internal_ips,%internal_domains' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CI DR specification, match = 1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_ips): Source group result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]: Group 'internal_domains' has 2 source(s) => @example.org,@examp le.com [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_domains): - Resolved source '@example.org' to a email address specification, match = 0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_domains): - Resolved source '@example.com' to a email address specification, match = 0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_domains): Source group result: matched=0 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:4/Name:Default Internal]: Source matching result: matched=0 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:5/Name:Test]: Main policy sources '[email protected]' [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:5/Name:Test]: - Resolved source '[email protected]' to a email address specification, match = 1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:5/Name:Test]: Source matching result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: [ID:5/Name:Test]: Destination not defined or 'any', explicit match: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] INFO: [ID:5/Name:Test]: Destination matching result: matched=1 [2011/08/01-11:48:15 - 69946] [POLICIES] DEBUG: END RESULT: prio=0 => policy ids: 1,5 [2011/08/01-11:48:15 - 69946] [TRACKING] DEBUG: Policy resolved into: $VAR1 = { '0' => [ '1', '5' ] }; [2011/08/01-11:48:15 - 69946] [TRACKING] DEBUG: Request translated into session data: $VAR1 = { 'Recipient' => '[email protected]', 'SASLUsername' => undef, 'QueueID' => '', 'RecipientData' => '', 'Instance' => '11299.4e36cabf.ef191.0', 'EncryptionCipher' => undef, 'Size' => '1967277', 'EncryptionKeySize' => undef, 'ParsedClientAddress' => { 'Broadcast_Long' => 169431048, 'Network' => '10.25.80.8', 'IP_Long' => 169431048, 'Broadcast' => '10.25.80.8', 'IP' => '10.25.80.8', 'Mask_Long' => 4294967295, 'Network_Long' => 169431048 }, 'ProtocolTransport' => 'Postfix', 'EncryptionProtocol' => undef, 'Helo' => 'mail.es.quimefa.cu', 'ClientAddress' => '10.25.80.8', 'ClientName' => 'unknown', 'Sender' => '[email protected]', 'SASLSender' => undef, 'Timestamp' => 1312213695, 'ProtocolState' => 'RCPT', 'Policy' => { '0' => [ '1', '5' ] }, 'Protocol' => 'ESMTP', 'ClientReverseName' => 'unknown', 'SASLMethod' => undef }; [2011/08/01-11:48:15 - 69946] [CBPOLICYD] DEBUG: Got request, running modules... [2011/08/01-11:48:15 - 69946] [CBPOLICYD] DEBUG: Running module: Access Control Plugin [2011/08/01-11:48:15 - 69946] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin [2011/08/01-11:48:15 - 69946] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin [2011/08/01-11:48:15 - 69946] [CBPOLICYD] DEBUG: Running module: Quotas Plugin [2011/08/01-11:48:16 - 69946] [CBPOLICYD] DEBUG: Done with modules _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
