Is there a way to apply policy only to outgoing mail?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Is there a way to apply policy only to outgoing mail?

Przemysław Orzechowski
Hi

Im trying to get cbpolicyd to be applied only to outgoing mail (Postfix
vresion 2.7.0)

Iv created for this separate transport:

transport in master.cf
smtpout        unix    -    -    -    -    2    smtp
     -o syslog_name=smtpout
     -o smtpd_recipient_restrictions=check_policy_service
inet:127.0.0.1:10031
     -o smtpd_end_of_data_restrictions=check_policy_service
inet:127.0.0.1:10031

but for some reason it does not work (postfix is not conecting to
cluebringer)

I have also created second instance (for testing purposes) that listens
on localhost only and placed

smtpd_recipient_restrictions=check_policy_service inet:127.0.0.1:10031
smtpd_end_of_data_restrictions=check_policy_service inet:127.0.0.1:10031

in master.cf
this works ok.

I'm trying to get a setup where i can limit mails each authenticated
user can send / hour

If I setup cluebringer on second instance there is no way (at least i
coudn't find one) to count mails / authenticated user as they are
authenticating to first instance wich then sends mails to second instance

The goal is to accept all mail from authenticated users regardless of
quota but slow down the outbound mails in accordance to quota

any suggestions welcome.

Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to apply policy only to outgoing mail?

Wietse Venema
Przemys?aw Orzechowski:
> Hi
>
> Im trying to get cbpolicyd to be applied only to outgoing mail (Postfix
> vresion 2.7.0)
>
> Iv created for this separate transport:
>
> transport in master.cf
> smtpout        unix    -    -    -    -    2    smtp

That is the Postfix SMTP *client*, the program that sends mail.

>      -o smtpd_recipient_restrictions=check_policy_service

That does not work because smtpd_recipient_restrictions is a feature
of the Postfix SMTP *server*, the program that receives mail.

> I'm trying to get a setup where i can limit mails each authenticated
> user can send / hour

Apply smtpd_mumble_restrictions on the Postfix SMTP *server*, the
program that receives mail.

If you really must exclude rate limits for local domains, this would
be easiest with a policy service that allows you to make exceptions.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to apply policy only to outgoing mail?

btb-2
In reply to this post by Przemysław Orzechowski
On 2013.09.04 09.29, Przemysław Orzechowski wrote:> Hi
>
> Im trying to get cbpolicyd to be applied only to outgoing mail (Postfix
> vresion 2.7.0)

you don't apply it to outgoing mail.  you apply it to incoming mail [this is why the terms "incoming" and "outgoing" are typically best avoided]
>
> I'm trying to get a setup where i can limit mails each authenticated
> user can send / hour

submission    inet    n   -   -   -   -   smtpd
    [...]
    -o smtpd_recipient_restrictions=[...],check_policy_service,inet:127.0.0.1:10031
    [...]

i would use a restriction class though, so most work can be confined to main.cf and master.cf be be a bit less awkward.

-ben
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to apply policy only to outgoing mail?

Przemysław Orzechowski
W dniu 04.09.2013 16:03, btb pisze:

> On 2013.09.04 09.29, Przemysław Orzechowski wrote:> Hi
>> Im trying to get cbpolicyd to be applied only to outgoing mail (Postfix
>> vresion 2.7.0)
> you don't apply it to outgoing mail.  you apply it to incoming mail [this is why the terms "incoming" and "outgoing" are typically best avoided]
>> I'm trying to get a setup where i can limit mails each authenticated
>> user can send / hour
> submission    inet    n   -   -   -   -   smtpd
>      [...]
>      -o smtpd_recipient_restrictions=[...],check_policy_service,inet:127.0.0.1:10031
>      [...]
>
> i would use a restriction class though, so most work can be confined to main.cf and master.cf be be a bit less awkward.
>
> -ben
>

The problem is i need to accept all mail from authenticated uders and
then send only as much as allowed (limits per login not mail from headers)
If i apply limits as You suggested mails will be just rejected (MUA will
not be able to submit email to server) if over limit wich is not allowed
by my company policy :/

So is theere any way to acomplish this in single or multi instance setup?