POSTFIX-ADD-POLICY(8) System Manager's Manual POSTFIX-ADD-POLICY(8)NAME
postfix-add-policy - add policy service to Postfix master.cf
SYNOPSIS
postfix-add-policy [policy name...] [username...] [argv...]
DESCRIPTION
The postfix-add-policy(8) command adds an smtp policy server named policy name running using username and called as argv to etc/post-
fix/master.cf to facilitate integration of SMTP policy servers such as postgrey or postfix-policyd-spf-perl. The configuration is based on
the Postfix SMTPD_POLICY_README. Adminstrators should verify it is appropriate for their requirements.
The original file is copied prior to modification and left in /etc/postfix to make it possible to revert changes easily.
Available in the Debian package for Postfix version 2.5.3 and later.
DIAGNOSTICS
If the given policy name already appears in the master.cf, a message will be printed to standard out and master.cf will not be modified.
ENVIRONMENT
MAIL_CONFIG
Directory with Postfix configuration files.
The postfix-add-policy(8) command should use this, but it currently doesn't. It is hard coded to /etc/postfix. This should be
changed.
CONFIGURATION PARAMETERS
None
FILES
/etc/postfix/master.cf
SEE ALSO postconf(5), Postfix configuration
LICENSE
This software is licensed under the MIT open source license.
AUTHOR(S)
Scott Kitterman
<scott@kitterman.com>
POSTFIX-ADD-POLICY(8)
Check Out this Related Man Page
policyd-weight(8) System Manager's Manual policyd-weight(8)NAME
policyd-weight - weighted SMTP policy daemon
STATUS
Beta, Documentation incomplete
SYNOPSIS
policyd-weight [-option] [-option2 <arg>] command
DESCRIPTION policyd-weight(8) is a SMTP policy daemon written in perl(1) for postfix(1). It evaluates based on RBL/RHSBL results, HELO and MAIL FROM
domain and subdomain arguments and the client IP address the possibility of forgery or SPAM. It is designed to be called before the SMTP
DATA command at the RCPT TO stage. This way it is a) possible to reject a mail attempt before the body has been received and b) to keep
multirecipient mail intact, i.e. provide the functionality of selective usage based on recipients.
To make policyd-weight(8) work with postfix(1), it is required to add a system account for $USER (default: polw)
Policyd-weight can operate in master.cf or daemon mode. In master.cf mode it uses postfix' spawn(8), which results in number of simultanous
requests perl instances. In daemon mode it uses shared memory and forks on load, and only if all child processes are busy.
At the time of writing the man-pages for policyd-weight assume a postfix installation. It has been reported that policyd-weight works with
other MTAs like Exim, too.
SETUP master.cf mode:
master.cf:
policy unix - n n - - spawn user=polw
argv=/usr/bin/perl /usr/local/bin/policyd-weight
main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
... authenticated permits ...
reject_unauth_destination,
... whitelists, role accounts, clients ...
check_policy_service unix:private/policy
daemon mode:
start the daemon with policyd-weight start. Poliyd-weight then listens on $TCP_PORT (default: 12525) for policy requests. To make postfix
talk to that port do following changes to main.cf:
main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
... authenticated permits ...
reject_unauth_destination,
... whitelists, role accounts, clients ...
check_policy_service inet:127.0.0.1:12525
It is possible to have more than one postfix server talk to the daemonized policyd-weight by configuring each postfix machine to query the
policy server with check_policy_service inet:IP:12525 where IP is the host on which policyd-weight runs.
Please note that check_policy_service should come at last, or at least after reject_unauth_destination, or else you may become an open
relay.
COMMANDS
Following commands exist and are reserved for daemon mode only:
start start the policy server
stop stop the policy server
restart restart the policy server
reload tells the policy server to reload its configuration
defaults prints the default settings to STDOUT and exits
OPTIONS -d operate in debug mode
Not for use in master.cf. In debug mode everything is reported on STDOUT instead of syslog(3). Also an own debug cache daemon will
be spawned. The socket-file is named after the value of $SPATH with ".debug" as suffix.
-f /path/to/file
Pass a configuration file to policyd-weight
-h show help
-k kill cache daemon
Not for use in master.cf. Together with -d this kills the debug cache daemon. Without -d it kills the global running cache daemon.
-s show cache entries
Not for use in master.cf.
-v show version
LOGGING
Logging is done via syslog(3) with facility "mail" and priority "info". For a complete list of log entries and their correspondending con-
figuration parameters refer to policyd-weight.conf(5).
BUGS
Please report bugs to r.felber@ek-muc.de
HISTORY
March 2005
Ralf Hildebrandt (Author of the Book of Postfix) is the spiritual father of policyd-weight. It was his idea to have a scored RBL
evaluation, I've added the weighted MAIL FROM/HELO DNS-evaluation. For that purpose I used Meng Wong's spf.pl which was shipped with
the postfix source as example.
FILES
/etc/policyd-weight.conf, Policyd-weight configuration file
/etc/postfix/main.cf, Postfix configuration parameters
/etc/postfix/master.cf, Postfix daemon processes
SEE ALSO policyd-weight.conf(5), Policyd-weight configuration file
master(5), Postfix master.cf file syntax
postconf(5), Postfix main.cf file syntax
access(5), Postfix SMTP access control table
LICENSE
GNU General Public License
AUTHOR
Robert Felber <r.felber@ek-muc.de>
Autohaus Erich Kuttendreier
81827 Munich, Germany
Aug 25th, 2006 policyd-weight(8)