295249Re: Best practice for implementing an policy service on submission port
- Sep 4, 2013On Wed, Sep 04, 2013 at 01:06:52PM -0700, Quanah Gibson-Mount wrote:
> Previous to Postfix 2.10 and the split betweenDo you have the same cbpolicyd handling both submission and MX? I
> smtpd_relay_restrictions and smtpd_recipient_restrictions, our
> policy service check was in smtpd_recipient_restrictions, and
> applied to both incoming and outgoing mail. With 2.10, in my
> efforts to do things correctly, I have left the policy service on
> port 25 with smtpd_recipient_restrictions, but for the submission
> port I have:
> -o smtpd_recipient_restrictions=
> to strip it out. However, one of the things the policy service
> (cluebringer/cpbolicyd) offers is rate limiting, which some clients
> want to implement on their outgoing email.
> Now, I could modify master.cf so it has:
> -o smtpd_recipient_restrictions=<policy service bits>
> but I was wondering if, for the submission port, there was a
> different recommended method.
suppose that's fine, but it makes your policies a bit harder to
maintain and master.
If so, I think I'd move it off to some other restriction stage that
could be shared among both/all smtpd instances.
smtpd_sender_restrictions=<policy service bits>
(and no -o to unset it for submission)
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
- << Previous post in topic Next post in topic >>