thr3ads.net - dovecot - [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen [Apr 2013]

If this information is useful, please help other people find it:
Share via:

Andreas Meyer

2013-Apr-07 17:45 UTC

[Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

Hallo Waffenmeister!

Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote:
> > Apr  7 14:07:52 delta postfix/qmgr[19078]: 1D8921B31260:
from=<anmeyer at anup.de>, size=1492149, nrcpt=1 (queue active)
> > Apr  7 14:07:53 delta postfix/pipe[19091]: 1D8921B31260: to=<miles
at anup.de>, relay=dovecot, delay=2542, delays=2542/0.01/0/0.29, dsn=4.3.0,
status=deferred (temporary failure)
> 
> Ich sehe hier nur einen Fehler vom transport "dovecot".
> 
> > plugin {
> >     quota = maildir:User quota
> >     quota_grace = 10%%
> >     quota_rule = *:storage=500MB
> >     quota_rule2 = Trash:storage=+10%%
> > 
> >     quota_status_success = DUNNO
> >     quota_status_nouser = DUNNO
> >     quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist
voll
> 
> Lass mal das quota_status_overquota feld weg. 
Habe ich jetzt neben quota_grace = 10%% auch rausgenommen.

Apr  7 19:38:35 delta postfix/smtpd[23037]: connect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA
(128/128 bits)
Apr  7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE:
client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5,
sasl_username=anmeyer at anup.de
Apr  7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1]
Apr  7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0:
client=localhost[127.0.0.1]
Apr  7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0:
message-id=<20130407193818.62d8c328 at itxnew.bitcorner.intern>
Apr  7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=<anmeyer at
anup.de>, size=1492149, nrcpt=1 (queue active)
Apr  7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1]
Apr  7 19:39:02 delta postfix/smtpd[23037]: disconnect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=<miles at
anup.de>, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0,
status=deferred (temporary failure)
> > Also ich vermisse das reject-warning von postfix und es hat auch nicht
den
> > Anschein, dass postfix den Status der Quota bei dovecot ?ber port
12340
> > abfr?gt.
> 
> Naja, vielleicht steht es an der falschen Stelle in den Restrictions!
> Das muss passieren BEVOR irgendwas ein OK zur?ckgibt. 
Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340
ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich
den check am Ende hatte noch nach postgrey.

smtpd_recipient_restrictions     check_sender_access
hash:/etc/postfix/access_sender,
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_helo_hostname,
    reject_unlisted_recipient,
    warn_if_reject check_policy_service inet:127.0.0.1:12340
    reject_unknown_sender_domain,
    check_sender_access pcre:/etc/postfix/umlaute.pcre,
    check_recipient_access pcre:/etc/postfix/umlaute.pcre,
    reject_unauth_destination,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client zen.spamhaus.org,
    check_client_access cidr:/etc/postfix/client.cidr,
    check_policy_service inet:127.0.0.1:10023

  Andreas

Andreas Meyer

2013-Apr-07 18:36 UTC

head link

[Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote:
> * Andreas Meyer <anmeyer at anup.de>:
> 
> > Habe ich jetzt neben quota_grace = 10%% auch rausgenommen.
> 
> Gut.
>  
> > Apr  7 19:38:35 delta postfix/smtpd[23037]: connect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
> > Apr  7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection
from p54B32BC9.dip.t-dialin.net[84.179.43.201]
> > Apr  7 19:38:36 delta postfix/smtpd[23037]: TLS connection established
from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher
DHE-RSA-AES128-SHA (128/128 bits)
> > Apr  7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE:
client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5,
sasl_username=anmeyer at anup.de
> > Apr  7 19:39:01 delta postfix/smtpd[23139]: connect from
localhost[127.0.0.1]
> > Apr  7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0:
client=localhost[127.0.0.1]
> > Apr  7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0:
message-id=<20130407193818.62d8c328 at itxnew.bitcorner.intern>
> > Apr  7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0:
from=<anmeyer at anup.de>, size=1492149, nrcpt=1 (queue active)
> > Apr  7 19:39:01 delta postfix/smtpd[23139]: disconnect from
localhost[127.0.0.1]
> > Apr  7 19:39:02 delta postfix/smtpd[23037]: disconnect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
> > Apr  7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=<miles
at anup.de>, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0,
status=deferred (temporary failure)
> 
> Na dann sind deine Restrictions falsch und die Mail wird
"OK"'ed bevor
> der Policy Server gefragt wird.
> 
> > Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340
> > ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich
> > den check am Ende hatte noch nach postgrey.
> > 
> > smtpd_recipient_restrictions > 
>  ---> hier einbauen <---
>  ist ja nur zum Test
>  
> >     check_sender_access hash:/etc/postfix/access_sender,
> >     permit_mynetworks,
> >     permit_sasl_authenticated,
> >     reject_invalid_helo_hostname,
> >     reject_unlisted_recipient,
> >     warn_if_reject check_policy_service inet:127.0.0.1:12340
> >     reject_unknown_sender_domain,
> >     check_sender_access pcre:/etc/postfix/umlaute.pcre,
> >     check_recipient_access pcre:/etc/postfix/umlaute.pcre,
> >     reject_unauth_destination,
> >     reject_rbl_client bl.spamcop.net,
> >     reject_rbl_client zen.spamhaus.org,
> >     check_client_access cidr:/etc/postfix/client.cidr,
> >     check_policy_service inet:127.0.0.1:10023
That did the trick! The order of the recipient_restricitons was wrong.

Apr  7 20:24:55 delta postfix/smtpd[23806]: connect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:55 delta postfix/smtpd[23806]: setting up TLS connection from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:56 delta postfix/smtpd[23806]: TLS connection established from
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA
(128/128 bits)
Apr  7 20:24:56 delta postfix/smtpd[23806]: NOQUEUE: reject: RCPT from
p54B32BC9.dip.t-dialin.net[84.179.43.201]: 552 5.2.2 <miles at anup.de>:
Recipient address rejected: Quota exceeded (mailbox for user is full);
from=<anmeyer at anup.de> to=<miles at anup.de> proto=ESMTP
helo=<itxnew.bitcorner.intern>
Apr  7 20:24:56 delta postfix/smtpd[23806]: lost connection after RCPT from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:56 delta postfix/smtpd[23806]: disconnect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]

The MUA does not get rid of the mail, when it would exceed the quota.

But now the next problem. I cannot send this mail and get the following
with 

smtpd_recipient_restrictions     check_policy_service inet:127.0.0.1:12340
    check_sender_access hash:/etc/postfix/access_sender,
    permit_mynetworks,
    permit_sasl_authenticated,
    ....

Apr  7 20:31:43 delta postfix/smtpd[23820]: connect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:44 delta postfix/smtpd[23820]: setting up TLS connection from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:45 delta postfix/smtpd[23820]: TLS connection established from
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA
(128/128 bits)
Apr  7 20:31:46 delta postfix/smtpd[23820]: warning: problem talking to server
127.0.0.1:12340: Success
Apr  7 20:31:46 delta postfix/smtpd[23820]: NOQUEUE: reject: RCPT from
p54B32BC9.dip.t-dialin.net[84.179.43.201]: 451 4.3.5 Server configuration
problem; from=<anmeyer at anup.de> to=<dovecot at
listen.jpberlin.de> proto=ESMTP helo=<itxnew.bitcorner.intern>
Apr  7 20:31:46 delta postfix/smtpd[23820]: lost connection after RCPT from
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:46 delta postfix/smtpd[23820]: disconnect from
p54B32BC9.dip.t-dialin.net[84.179.43.201]

the mail is not sent out. I deactivated the check to get sent
mail sent.

  Andreas

Reasonably Related Threads

Search for more possibly parallel threads

dovecot - Apr 2013 - [Dovecot-de] Dovecot Quota via policy service abfragen

[Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

[Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

Reasonably Related Threads