Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: [SOLVED] apolicyd and smtpd_end_of_data_restrictions

  1. #1
    salihgiray is offline Junior Member
    Join Date
    Jun 2009
    Location
    Istanbul
    Posts
    6
    Rep Power
    5

    Unhappy [SOLVED] apolicyd and smtpd_end_of_data_restrictions

    Hello,

    I'm trying to use apolicyd to limit mail size per user.

    I installed apolicyd, added lines to /opt/zimbra/conf/postfix_recipient_restrictions.cf files like Postfix Policy page.

    Everyting ok, but I couldn't add this to main.cf file :
    smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10001

    I want to add line to zmtta.cnf file, but I couldn't figure out how to add. I try this, but didn't work :
    POSTCONF smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001

    So, how can I add "smtpd_end_of_data_restrictions" property to zimbra?

    Thank you.

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Welcome to the forums

    No need to touch zmmta.cf why not just do
    Code:
    su - zimbra
    zmprov mcf zimbraMtaRestriction "smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001"
    zmmtactl stop
    zmmtactl start
    just like in the PolicyD wiki article ?

  3. #3
    salihgiray is offline Junior Member
    Join Date
    Jun 2009
    Location
    Istanbul
    Posts
    6
    Rep Power
    5

    Default

    zmprov mcf zimbraMtaRestriction "smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001"
    ERROR: account.INVALID_ATTR_VALUE (zimbraMtaRestriction value length(78) larger then max allowed: 64)

  4. #4
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Oops, so try
    Code:
    su - zimbra
    postconf -e smtpd_end_of_data_restrictions LOCAL check_policy_service inet:127.0.0.1:10001
    and if it fails what error message is being returned ?

  5. #5
    salihgiray is offline Junior Member
    Join Date
    Jun 2009
    Location
    Istanbul
    Posts
    6
    Rep Power
    5

    Default

    This is working :
    su - zimbra
    postconf -e "smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10001"

    And apolicy is working too.

    But this change is not permanent. It will gone when I restart smtp server.
    How can I do this permanent?

  6. #6
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    As a workaround you could try adding it to /opt/zimbra/postfix/conf/main.cf.default and restart the MTA ... I would also recommend filing a RFE at Bugzilla Main Page to increase the size of that LDAP variable so large parameters can be entered.

  7. #7
    salihgiray is offline Junior Member
    Join Date
    Jun 2009
    Location
    Istanbul
    Posts
    6
    Rep Power
    5

    Default

    System is not using /opt/zimbra/postfix/conf/main.cf.default file. So it is worthless.
    I added attribute size limit change enhancement to Bugzilla.

  8. #8
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Why are you adding apolicy to data_restrictions and not client_restrictions as the documentation says ? I have just installed apolicy to test and can get the client_restrictions to stick across restarts using
    Code:
    su - zimbra
    zmlocalconfig -e postfix_smtpd_client_restrictions="reject_unauth_pipelining,check_policy_service inet:127.0.0.1:10001"

  9. #9
    salihgiray is offline Junior Member
    Join Date
    Jun 2009
    Location
    Istanbul
    Posts
    6
    Rep Power
    5

    Default

    I already added to postfix_smtpd_client_restrictions.

    But I need to use "size acl" and it is not working properly without smtpd_end_of_data_restrictions .

  10. #10
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Hmmm, only option I can see is to use either postconf or move your AS/AV checking infront of ZCS; which is infact what I am working on at the moment.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •