fatal: parameter "smtpd_recipient_restrictions"

hi

how do i get "check_policy_service unix:/var/spool/postfix/dbmail-postfix-policyd/socket"
on port 10026 to activate quota-checks before lmtp for messages from the spam-appliance
with a minimum or bette rno other checks than verify rcpt?

i tried directly before "permit_mynetworks" but get the following error
but why?

May 20 01:55:16 mail postfix/smtpd[11674]: fatal: parameter "smtpd_recipient_restrictions": specify at least one
working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

10.0.0.15:10026   inet   n   -   n   -   -   smtpd
 -o mynetworks=10.0.0.20
 -o smtpd_client_connection_count_limit=75
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o receive_override_options=no_header_body_checks,no_milters
 -o local_header_rewrite_clients=
 -o sender_dependent_relayhost_maps=
 -o content_filter=
 -o smtpd_delay_reject=no
 -o smtpd_client_restrictions=
 -o smtpd_helo_restrictions=
 -o smtpd_helo_required=no
 -o smtpd_sender_restrictions=
 -o smtpd_sender_login_maps=
 -o smtpd_data_restrictions=
 -o smtpd_end_of_data_restrictions=
 -o smtpd_restriction_classes=
 -o smtpd_error_sleep_time=0
 -o smtpd_soft_error_limit=1001
 -o smtpd_hard_error_limit=1000
 -o smtpd_client_connection_rate_limit=0
 -o smtpd_peername_lookup=no
 -o smtpd_use_tls=no
 -o smtpd_tls_security_level=none
 -o smtpd_sasl_auth_enable=no
 -o smtpd_reject_footer=
 -o max_idle=1h
 -o max_use=1000

Reindl Harald:

Checking application/pgp-signature: FAILURE
-- Start of PGP signed section.
[ Charset ISO-8859-1 unsupported, converting... ]
> hi
>
> how do i get "check_policy_service unix:/var/spool/postfix/dbmail-postfix-policyd/socket"
> on port 10026 to activate quota-checks before lmtp for messages from the spam-appliance
> with a minimum or bette rno other checks than verify rcpt?

master.cf has no way to specify whitespace in -o parameter=value.

Instead, use:

/etc/postfix/main.cf
    10026_smtpd_recipient_restrictions = foo, bar, baz

/etc/postfix/master.cf
    10.0.0.15:10026   inet   n   -   n   -   -   smtpd
        -o smtpd_recipient_restrictions=$10026_smtpd_recipient_restrictions

It's a hack, but it works and it is fully supported.

        Wietse
-- End of PGP section, PGP failed!

Am 20.05.2011 04:09, schrieb Wietse Venema:
> Reindl Harald:
>
> Checking application/pgp-signature: FAILURE
> -- Start of PGP signed section.
> [ Charset ISO-8859-1 unsupported, converting... ]

which mail-app?
thunderbird/enigmail says my original-message from list is OK

>> how do i get "check_policy_service unix:/var/spool/postfix/dbmail-postfix-policyd/socket"
>> on port 10026 to activate quota-checks before lmtp for messages from the spam-appliance
>> with a minimum or bette rno other checks than verify rcpt?
>
> master.cf has no way to specify whitespace in -o parameter=value.

good to know!

the error message is a little strange and i was not sure
if any of the other overrides below are conflicting with
specify a policy-service, 10026 should do as less checks
as possible since all messages are filtered here but i
want to get rid of backscatter-bounces on full mailboxes

> Instead, use:
>
> /etc/postfix/main.cf
>     10026_smtpd_recipient_restrictions = foo, bar, baz

barracuda_smtpd_recipient_restrictions =
 check_policy_service unix:/var/spool/postfix/dbmail-postfix-policyd/socket
 permit_mynetworks
 reject

> /etc/postfix/master.cf
>     10.0.0.15:10026   inet   n   -   n   -   -   smtpd
> -o smtpd_recipient_restrictions=$10026_smtpd_recipient_restrictions
>
> It's a hack, but it works and it is fully supported.

ok, i will try later at night becuase somebody will shott me to dead
if if play with the mailserver now :-)
--

Mit besten Grüßen, Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofmühlgasse 17
CTO / software-development / cms-solutions
p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
icq: 154546673, http://www.thelounge.net/

http://www.thelounge.net/signature.asc.what.htm