Hi, On Thu, May 8, 2014 at 3:47 PM, Wietse Venema <wie...@porcupine.org> wrote:
> Alex: > > Hi, > > > > I'm using postfix-2.10.3 on fedora20 with sqlgrey, distributed across > three > > separate servers through mysql. I've configured it using: > > > > check_policy_service inet:127.0.0.1:2501 > > > > in main.cf. However, this doesn't provide fault protection in the same > way > > as the greylist.pl example does in the smtpd policy docs describe. The > > The Postfix SMTP server uses the same policy daemon connection > for multiple queries. > > > issue is that sqlgrey is a daemon, not a binary that is spawned every > time > > a call is made. > > The policy daemon (running under the Postfix spawn daemon) is started > when a Postfix SMTP server connects to its port. The Postfix SMTP > server will try to use that connection for several queries. > > > is it okay to have the sqlgrey daemon run from master.cf in the same > way? > > The Postfix spawn daemon assumes that its command will read from > standard input, and that it will write to stadard output and > standard error. If sqlgrey works that way then it can be run from > the Postfix spawn daemon. Otherwise you need a different solution. > Okay, I'm seeing that it's possible to configure sqlgrey to listen on a socket, but I can't get that working either. I've configured sqlgrey to listen on the private/greylist socket created by postfix. When configuring master.cf to create a socket: greylist unix - n n - 0 spawn user=nobody argv=/usr/bin/perl /usr/sbin/sqlgrey and adding the check_policy_service to main.cf: check_policy_service unix:private/greylist It responds with: May 8 21:28:01 mail01 postfix/spawn[19944]: warning: command /usr/bin/perl exit status 1 May 8 21:28:01 mail01 postfix/smtpd[19940]: warning: premature end-of-input on private/greylist while reading input attribute name When I run it manually from the command-line, it reports that it's binded successfully to the postfix socket. I'm assuming somehow sqlgrey isn't properly understanding the data format necessary? Yet it communicates properly when only specified as a inet service in main.cf. If the daemon is inaccessible, mail delivery stops, and users receive a connection refused message. Is there any way to configure this to avoid the hard failure, without having to configure the private/greylist service? Thanks, Alex > > Wietse > > >