Hi, I did put policyd in the full debug mode by changing the cluebringer.conf as follow: -------------------------------------------------- # Log level: # 0 - Errors only # 1 - Warnings and errors # 2 - Notices, warnings, errors # 3 - Info, notices, warnings, errors # 4 - Debugging log_level=4 # File to log to instead of stdout log_file=/var/log/cbpolicyd/cbpolicyd.log # Log destination for mail logs... # main - Default. Log to policyd's main log mechanism, accepts NO args # syslog - log mail via syslog # format: log_mail=facility@method,args # # Valid methods for syslog: # native - Let Sys::Syslog decide # unix - Unix socket # udp - UDP socket # stream - Stream (for Solaris) # # Example: unix native log_mail=mail@syslog:native # -------------------------------------------------- The relevant entries in my main.conf are as follow:
# Requirements for the HELO statement smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit # Requirements for the sender details smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth$ # Requirements for the connecting server smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org # Requirement for the recipient address. Note that the entry for # "check_policy_service inet:127.0.0.1:10023" enables Postgrey. smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non$ smtpd_data_restrictions = reject_unauth_pipelining # nach policyd-Anleitung: smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031 I restarted everything and tested it by sending a mail from roundcube to an external mailserver (Outbound). I was watching 'cbpolicyd.log' at the same time. But there were no new entries. On the other hand, when I was sending Inbound mails I could watch the following entries in 'cbpolicyd.log'. Even if I can't see any policies matching tests: [2013/11/03-14:14:37 - 1909] [CORE] INFO: 2013/11/03-14:14:37 CONNECT TCP Peer: "[::ffff:127.0.0.1]:37919" Local: "[::ffff:127.0.0.1]:10031" [2013/11/03-14:14:37 - 1862] [CORE] INFO: Starting "1" children [2013/11/03-14:14:37 - 2608] [CORE] DEBUG: Child Preforked (2608) [2013/11/03-14:14:37 - 2608] [CBPOLICYD] DEBUG: Starting up caching engine [2013/11/03-14:14:37 - 1909] [CBPOLICYD] INFO: Got request #1 [2013/11/03-14:14:37 - 1909] [CBPOLICYD] INFO: Got request #2 (pipelined) [2013/11/03-14:14:39 - 2276] [CORE] INFO: 2013/11/03-14:14:39 CONNECT TCP Peer: "[::ffff:127.0.0.1]:37929" Local: "[::ffff:127.0.0.1]:10031" [2013/11/03-14:14:39 - 1862] [CORE] INFO: Starting "1" children [2013/11/03-14:14:39 - 2618] [CORE] DEBUG: Child Preforked (2618) [2013/11/03-14:14:39 - 2618] [CBPOLICYD] DEBUG: Starting up caching engine [2013/11/03-14:14:39 - 2276] [CBPOLICYD] INFO: Got request #1 [2013/11/03-14:14:39 - 2276] [CBPOLICYD] INFO: Got request #2 (pipelined) On Inbound mails the table policyd.session_tracking gets updated as expected. On Outbound mails the table policyd.session_tracking does NOT get updated. Could there be a conflict between entries in the main.cf and the master.cf? The strange thing, Inbound policies are working fine. Only Outbound policies do not work. I attached my main.cf, the master.cf and relevant policyd tabels to illustrate. Thanks for some more hints on how i can debug and track down this error. Steffen
master.cf
Description: Binary data
main.cf
Description: Binary data
policyd.policies +----+------------------+----------+--------------------------------+----------+ | ID | Name | Priority | Description | Disabled | +----+------------------+----------+--------------------------------+----------+ | 1 | Default | 0 | Default System Policy | 0 | | 2 | Default Outbound | 10 | Default Outbound System Policy | 0 | | 3 | Default Inbound | 10 | Default Inbound System Policy | 0 | | 4 | Default Internal | 20 | Default Internal System Policy | 0 | +----+------------------+----------+--------------------------------+----------+ policyd.policy_members +----+----------+-----------------------------------+--------------------+---------+----------+ | ID | PolicyID | Source | Destination | Comment | Disabled | +----+----------+-----------------------------------+--------------------+---------+----------+ | 1 | 1 | NULL | NULL | NULL | 0 | | 2 | 2 | %internal_ips,%internal_domains | !%internal_domains | NULL | 0 | | 3 | 3 | !%internal_ips,!%internal_domains | %internal_domains | NULL | 0 | | 4 | 4 | %internal_ips,%internal_domains | %internal_domains | NULL | 0 | +----+----------+-----------------------------------+--------------------+---------+----------+ policyd.quotas +----+----------+------------------------+--------------------+--------+---------+------+-----------+---------+----------+ | ID | PolicyID | Name | Track | Period | Verdict | Data | LastQuota | Comment | Disabled | +----+----------+------------------------+--------------------+--------+---------+------+-----------+---------+----------+ | 5 | 2 | Default Outbound Quota | Sender:user@domain | 3600 | REJECT | 3 | 0 | limit=3 | 0 | +----+----------+------------------------+--------------------+--------+---------+------+-----------+---------+----------+ policyd.quotas_limits +----+----------+--------------+--------------+---------+----------+ | ID | QuotasID | Type | CounterLimit | Comment | Disabled | +----+----------+--------------+--------------+---------+----------+ | 6 | 5 | MessageCount | 3 | limit=3 | 0 | +----+----------+--------------+--------------+---------+----------+
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
