You might want to run policyd within a wrapper - something like a while loop within a shell script then should it ever die it will restart.
If you're finding policyd is crashing often you might want to make sure you're running the latest stable release and/or provide some backtraces so the developers/someone on the list, can take a look for you. -Jon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tobias J. Kreidl Sent: 10 March 2008 16:18 To: policyd-users@lists.sourceforge.net Subject: [policyd-users] Policyd - if fail I'm confused, but generally, 127.0.0.1 should be in the "whitelist" so it should never trigger a refusal. That port can only be accessed from something running on the machine itself. So, what exactly would go wrong to cause a failure here? The policyd daemon dying? If you fear that, set up a cron job to monitor if it's running every minute and if not, start it up again. If you are super -paranoid, you could even have a second version of a postfix main.conf file handy and automatically copy over a version that doesn't include policyd and restart postfix. There are certainly lots of ways to monitor and deal with various types of failures. --Tobias On Mon, 10 Mar 2008, Sebastian Tymksw wrote: > Hi, > > I'm wonderning if there is any solution if policyd will fail. > Here is example : > ============ main.conf ================= smtpd_client_restrictions = > check_policy_service inet:127.0.0.1:10031, > permit_sasl_authenticated, > reject_unauth_destination, > reject_rbl_client relays.ordb.org, ============ > main.conf ================= > > Now, if something goes wrong I will get: > > Mar 10 14:02:21 host postfix/smtpd[46068]: warning: connect to > 127.0.0.1:10031: Connection refused > Mar 10 14:02:21 host postfix/smtpd[46068]: warning: problem talking to > server 127.0.0.1:10031: Connection refused > > And I won't be able to send or receive email through my server. > Is there any solution which allow me use policyd and will be safe for > my users if something goes wrong ? > What I mean is bypass policyd if it'll fail. > > Best regards, > > Sebastian Tymksw > ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users
