Zimbra

salihgiray · #1 (**permalink**) 06-19-2009, 12:54 AM

Hello,

I'm trying to use apolicyd to limit mail size per user.

I installed apolicyd, added lines to /opt/zimbra/conf/postfix_recipient_restrictions.cf files like Postfix Policy page.

Everyting ok, but I couldn't add this to main.cf file :
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10001

I want to add line to zmtta.cnf file, but I couldn't figure out how to add. I try this, but didn't work :
POSTCONF smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001

So, how can I add "smtpd_end_of_data_restrictions" property to zimbra?

Thank you.

uxbod · #2 (**permalink**) 06-19-2009, 01:13 AM

Welcome to the forums

No need to touch zmmta.cf why not just do

Code:

su - zimbra
zmprov mcf zimbraMtaRestriction "smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001"
zmmtactl stop
zmmtactl start

just like in the PolicyD wiki article ?

salihgiray · #3 (**permalink**) 06-19-2009, 01:22 AM

zmprov mcf zimbraMtaRestriction "smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001"
ERROR: account.INVALID_ATTR_VALUE (zimbraMtaRestriction value length(78) larger then max allowed: 64)

uxbod · #4 (**permalink**) 06-19-2009, 01:29 AM

Oops, so try

Code:

su - zimbra
postconf -e smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001

and if it fails what error message is being returned ?

salihgiray · #5 (**permalink**) 06-19-2009, 01:46 AM

This is working :
su - zimbra
postconf -e "smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10001"

And apolicy is working too.

But this change is not permanent. It will gone when I restart smtp server.
How can I do this permanent?

uxbod · #6 (**permalink**) 06-19-2009, 01:51 AM

As a workaround you could try adding it to /opt/zimbra/postfix/conf/main.cf.default and restart the MTA ... I would also recommend filing a RFE at Bugzilla Main Page to increase the size of that LDAP variable so large parameters can be entered.

salihgiray · #7 (**permalink**) 06-19-2009, 02:22 AM

System is not using /opt/zimbra/postfix/conf/main.cf.default file. So it is worthless.
I added attribute size limit change enhancement to Bugzilla.

uxbod · #8 (**permalink**) 06-19-2009, 03:01 AM

Why are you adding apolicy to data_restrictions and not client_restrictions as the documentation says ? I have just installed apolicy to test and can get the client_restrictions to stick across restarts using

Code:

su - zimbra
zmlocalconfig -e postfix_smtpd_client_restrictions="reject_unauth_pipelining,check_policy_service inet:127.0.0.1:10001"

salihgiray · #9 (**permalink**) 06-19-2009, 03:49 AM

I already added to postfix_smtpd_client_restrictions.

But I need to use "size acl" and it is not working properly without smtpd_end_of_data_restrictions .

uxbod · #10 (**permalink**) 06-19-2009, 07:19 AM

Hmmm, only option I can see is to use either postconf or move your AS/AV checking infront of ZCS; which is infact what I am working on at the moment.

Zimbra

Downloads

Product Information

Toolbox

Why Join?