postfwd not rate limiting sasl users
Posted
by
golemwashere
on Server Fault
See other posts from Server Fault
or by golemwashere
Published on 2013-04-26T14:19:22Z
Indexed on
2013/10/28
15:59 UTC
Read the original article
Hit count: 1171
I would like to use postfwd version 2 to limit the amount of daily mail sent by my sasl authenticated users.
I installed latest tarball: postfwd-1.35 with latest postfix from Centos 6.4
In my I have only this rule
id=RULEZEROSASL
sasl_username=~/^(\S+)$/
action=rcpt(sasl_username/500/86400/REJECT only 500 recipients per day for $$sasl_username)
which should reject only mail with authenticated users (not mail from trusted mailservers).
My postfwd2 listens on tcp 10045 and in my postfix main.cf I have
# Restriction Classes
smtpd_restriction_classes = postfwdcheck
postfwdcheck = check_policy_service inet:127.0.0.1:10045
127.0.0.1:10045_time_limit = 3600
...
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
permit_tls_clientcerts
reject_unauth_destination
check_recipient_access hash:/etc/postfix/access
reject_invalid_helo_hostname
# postfwd con rate limiting
check_policy_service inet:127.0.0.1:10045
warn_if_reject reject_non_fqdn_helo_hostname
warn_if_reject reject_unknown_helo_hostname
warn_if_reject reject_unknown_client
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_sender_domain
reject_unknown_recipient_domain
warn_if_reject reject_unverified_sender
reject_unverified_recipient
reject_rbl_client zen.spamhaus.org
permit
in /etc/postfix/policy
. postfwdcheck
I see no rule matching entries in log and the command
postfwd2 -vv --dumpcache -f /etc/postfwd.cf
shows the request number
[STATS] postfwd2::policy 1.35: **5** requests since 0 days, 01:05:31 hours
increasing only for manual tests done with:
nc 127.0.0.1 10045 <request.sample
Any idea why postfwd is not engaged by postfix?
© Server Fault or respective owner