Re: many check_policy_service directives
- DULMANDAKH Sukhbaatar wrote:
> hello all.All defined policy services are checked in the order you specify.
> I'm not quite new to postfix, but having problem configuring policy
> service on my email server. I used greylisting combined with postfix
> blacklisting feature. And some time ago I found policyd-weight,
> checks many parameters, and many black lists, useful for me. But had
> problem combining postgrey and policyd-weight. If I configure one of
> them alone, it run's perfectly without any problem. And if I configure
> to use both of them postfix checks only policyd-weight, but not
> postgrey. And also it seems order of check_policy_service doesn't
> matter. Below excerpt from my configuration:
> smtpd_recipient_restrictions =
> check_policy_service inet:127.0.0.1:60000,
> check_policy_service inet:127.0.0.1:12525,
> I did some search on documentation of postfix policy and user
> restriction, and also google search. But not found anything useful for
> this problem. It it possible to configure more than one
> check_policy_service service?
The behavior you are seeing is because postgrey returns
DEFER_IF_PERMIT (as do most greylisting programs) which tells
postfix "don't defer mail immedeatly, but wait to see if a
later test will give a permanent reject".
The idea is you don't want to greylist mail you know you won't
This means that policyd-weight will reject mail regardless of
where you put the postgrey check.
If you don't like this behavior, change postgrey to return
DEFER rather than DEFER_IF_PERMIT.