Phil Daws: > Postscreen (Postfix 2.10) is working very well indeed but I am > having an issue with understanding where a policy check should be > implemented. main.cf looks like: ... > Yet when I SASL authenticate the policy service does not appear > to be triggered; as I am trying to limit number of emails sent by > SASL username.
Are you connecting to port 25 or to port 587? Nowadays it is quite common to use port 25 for MTA-to-MTA service and port 587 for mail clients. Those may have their own smtpd_mumble_restrictions. This an example master.cf entry from Postfix 2.11. submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING In particular this overrides smtpd_recipient_restrictions from main.cf. Wietse