I'm confused, but generally, 127.0.0.1 should be in the "whitelist" so
it should never trigger a refusal. That port can only be accessed from
something running on the machine itself. So, what exactly would go
wrong
to cause a failure here? The policyd daemon dying? If you fear that, set
up a cron job to monitor if it's running every minute and if not, start it
up again. If you are super -paranoid, you could even have a second
version of a postfix main.conf file handy and automatically copy over a
version that doesn't include policyd and restart postfix. There are
certainly lots of ways to monitor and deal with various types of failures.
--Tobias
On Mon, 10 Mar 2008, Sebastian Tymk?w wrote:
Hi,
I'm wonderning if there is any solution if policyd will fail.
Here is example :
============ main.conf =================
smtpd_client_restrictions =
check_policy_service inet:127.0.0.1:10031,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client relays.ordb.org,
============ main.conf =================
Now, if something goes wrong I will get:
Mar 10 14:02:21 host postfix/smtpd[46068]: warning: connect to
127.0.0.1:10031: Connection refused
Mar 10 14:02:21 host postfix/smtpd[46068]: warning: problem talking to
server 127.0.0.1:10031: Connection refused
And I won't be able to send or receive email through my server.
Is there any solution which allow me use policyd and will be safe for my
users if something goes wrong ?
What I mean is bypass policyd if it'll fail.
Best regards,
Sebastian Tymk?w
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
