Policyd - Ratelimiter per email account

Discussion in 'Installation/Configuration' started by Peter Xing, Dec 28, 2020.

  1. Peter Xing

    Peter Xing New Member

    Hi,

    I am trying to configure limiter for email. I managed to install policyd and configure it, but it seems postfix is always contacting it on port 10031

    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_policy_service inet:127.0.0.1:10031, check_sender_access regexp:/etc/postfix/tag_as_foreign.re

    When I remove check_sender_access regexp:/etc/postfix/tag_as_originating.re it seems to work. I am not sure what exactly is this tag_as_originating doing, but I suppose it is important

    I also tried this https://github.com/mpellegrin/ratelimit-policyd , but problem seems to be same. (just port is 10032 here)

    Here I found pointer to postfwd

    https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3481

    is this right way to go ?

    smtpd_restriction_classes = greylisting,postfwd
    postfwd = check_policy_service unix:private/postfwd
    smtpd_end_of_data_restrictions = postfwd

    I would expect that mature software such as ISPconfig has this somehow by default. I found this in default postfix config, but it looks like it is not working
    main.cf:smtpd_client_message_rate_limit = 100


    Thank you
     
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

  3. TonyG

    TonyG Active Member

    Now that I have SMTP and IMAP all working with Rspamd, Sieve, etc, I'm looking to implement quotas. I'm specifically interested in rate-limiting the number of emails that any given account sends out. So this topic has my attention.

    Jesse I see you also have ongoing interest in tickets 902 / 3875 and forum.

    Like @Peter Xing I've also started to look at Policyd, and I read that it's "heavy" compared to postfwd and other policy servers. For my limited purposes right now I'm fine with a "lite" solution.

    I don't yet understand what ISPConfig does with quotas. It seems it's only related to the disk space associated with received mail. But then there are these hooks to Postfix which facilitate addons that do other kinds of policy/quota processing. I don't know what data ISPConfig takes back from that "data provider" and what is done with the data, other than perhaps emailing when a quota condition is determined?

    I think it would help if we could assemble complete notes about exactly what is done and not with quotas in ISPConfig. Then everyone will be on the same page and it might help to elicit some code and other contributions.
     

Share This Page