Hi, I am trying to setup policyd to enforce quota's for sasl authenticated users on a postfix system. I have postfix and policyd all setup and configured and working, but policyd does not work as I expected it to, I am sure it's a failing on my part to understand something, but i have tried and failed, so I am hoping someone on this list can provide me with some clue:
The server runs postfix with Dovecot for sasl authentication, it is ONLY used for our users to send emails, nothing else. This has been running well for over a year, but there are some users who send a large quantity of emails through the system, whilst the majority are quite low level users. The idea was to have a default allowance of 100 emails in 24 hours for the majority, then setup higher levels for some users that pay more money, e.g. 250, 500 or 1000 emails in a 24 hour period. So I setup the following Policies: Name Priority SASL 250 52 SASL 500 54 SASL 1000 56 SASL Default 90 "SASL Default" policy has a Policy Member setup as follows: Source: $* Destination: any Now, say we have a user who authenticates via sasl with a username of "fred" who wants to send up to 250 emails, so we create a Policy Member under "SASL 250" as follows: Source: $fred Destination: any Under Quotas we have the following entries: Policy Track Period Verdict SASL 250 SASLUsername 86400 REJECT SASL 500 SASLUsername 86400 REJECT SASL 1000 SASLUsername 86400 REJECT SASL Default SASLUsername 86400 REJECT Each has the appropriate "MessageCount" set (250, 500 & 1000), "SASL Default" has a MessageCount = 100. Now user "fred" sends an email and I look in the quotas_tracking table I see this: +----------------+-------------------------------+-----------------+-----------+ | QuotasLimitsID | TrackKey | LastUpdate | Counter | +----------------+-------------------------------+-----------------+-----------+ | 7 | SASLUsername:fred | 1343056975 | 1.0000 | | 4 | SASLUsername:fred | 1343069231 | 1.0000 | +----------------+------------------------------+-------------------+-----------+ With QuotaLimitID 7 being the "SASL 250" quota and 4 being the "SASL Default" quota. So far all is good and the email is delivered. Now, user fred keeps sending emails until he gets to 101 then when he tries to send the 102'nd it fails - email is rejected due to the "SASL Default" quota being reached. Now I was under the impression that if I ordered the "SASL 250" policy with a lower number (higher priority) it would be checked first, and still be under quota, therefore allow the email to be sent, but it seems that the checks continue until one fails, only allowing an email to be sent if none of the policies fail. So my question is this: how can I configure policyd to do what I want? Thanks for bearing with me. Chris _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
