Re: check_policy_service not working - need a 4eye method or..

Sun, 02 Aug 2015 13:54:35 -0700 

Hi Viktor,
I think I have attached postconf -n at start (at least that was the master plan). Sorry if I missed it.... 

Here goes, unaltered

[root@top ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd 
$daemon_directory/$process_name $process_id & sleep 5

home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
meta_directory = /etc/postfix
mydestination = $myhostname, localhost.$mydomain, localhost, top.tesspot.com
mydomain = tesspot.com
myhostname = top.tesspot.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = no
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031

smtpd_recipient_restrictions = check_policy_service 
inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, 
reject_unauth_destination

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual


On 7/31/2015 4:37 PM, Viktor Dukhovni wrote:

On Fri, Jul 31, 2015 at 02:28:35PM +0200, Istvan Prosinger wrote:


On 2015-07-30 17:23, wie...@porcupine.org wrote:

Istvan Prosinger:

Hello everyone,

I have this im main.cf (I'ts actually an attempt to implement
cluebringer/policyd)

smtpd_recipient_restrictions = check_policy_service
inet:127.0.0.1:10031,
                                  permit_mynetworks,
                                  permit_sasl_authenticated,
                                  reject_unauth_destination


You say that's what it is set to, but show no hard evidence.

Try:

     postconf -n | mail -s "postconf -n output" "<your-email-address>"

Then forward the body of that email to the list (as untouched as
possible, do not rewrap lines, avoid Outlook and HTML, ...).























					Reply via email to