295248Re: Best practice for implementing an policy service on submission port
- Sep 4, 2013On Wed, Sep 04, 2013 at 01:06:52PM -0700, Quanah Gibson-Mount wrote:
> Previous to Postfix 2.10 and the split betweenTo avoid being in a state of sin, you should only put relay control
> smtpd_relay_restrictions and smtpd_recipient_restrictions, our
> policy service check was in smtpd_recipient_restrictions, and
> applied to both incoming and outgoing mail. With 2.10, in my
> efforts to do things correctly, I have left the policy service on
> port 25 with smtpd_recipient_restrictions, but for the submission
> port I have:
> -o smtpd_recipient_restrictions=
> to strip it out. However, one of the things the policy service
> (cluebringer/cpbolicyd) offers is rate limiting, which some clients
> want to implement on their outgoing email.
> Now, I could modify master.cf so it has:
> -o smtpd_recipient_restrictions=<policy service bits>
> but I was wondering if, for the submission port, there was a
> different recommended method.
in smtpd_relay_restrictions. All other controls go elsewhere. Given
the default setting of smtpd_delay_reject, you have many choices.
avoid putting explicit definitions of these in master.cf, instead:
and define these in main.cf. Place non-relay controls in any of the four
classes that make most sense to you.
- << Previous post in topic Next post in topic >>