Plugin: policyd

This plugin uses a Postfix SMTP Access Policy daemon for delivery consideration.

IMPORTANT: This plugin is written for and tested with mailfront 1.11. Nevertheless it requires the patch to mailfront 1.11 that is distributed with this package. See http://lists.untroubled.org/?list=bgware&cmd=showmsg&msgnum=5065 for more information.

Configuration

$POLICYD_LOOKUP

Communication socket of the policy daemon. The plugin supports local UNIX sockets and TCP sockets.

Format:

Local socket:

local:/path/to/name.socket

TCP socket:

tcp:IPv4:PORT (IPv4 must be a quad-dotted IP number and PORT a port number)

$POLICYD_FAILSAFE

The default behaviour of the plugin is to defer any SMTP delivery if the policy daemon is not available, at the risk of emails being finally rejected if the problem is not fixed. To let any mail pass in such a case set this variable to a numerical value greater than 0.

$POLICYD_CONNECT_TIMEOUT

The maximum amount of time to wait for a response when connecting to a policy daemon, in milliseconds (defaults to $POLICYD_TIMEOUT below).

$POLICYD_SEND_TIMEOUT

The maximum amount of time to wait for the output buffer to clear when sending data to the policy daemon, in milliseconds (defaults to $POLICYD_TIMEOUT below).

$POLICYD_TIMEOUT

The maximum amount of time to wait for a response from the policy daemon, in milliseconds (defaults to 5000).

Sender Action

None

Recipient Action

Calls the policy daemon, passing the remote side's IP address, the hostname from the EHLO/HELO command, the sender's and the recipient address to it and fetching the action response.

action responses from the policy daemon are treated like so:

DEFER_IF_PERMIT

Defer the message with code 451.

REJECT

Reject the message with code 550.

4NN

Defer the message with code 4NN.

5NN

Reject the message with code 5NN.

anything else

Do nothing (let message pass).

Data Action

None

Message Action

None