|Main Archive Page > Month Archives > postfix-users archives|
On Thu, May 8, 2014 at 3:47 PM, Wietse Venema <firstname.lastname@example.org> wrote:
> > Hi,
> > I'm using postfix-2.10.3 on fedora20 with sqlgrey, distributed across
> > separate servers through mysql. I've configured it using:
> > check_policy_service inet:127.0.0.1:2501
> > in main.cf. However, this doesn't provide fault protection in the same
> > as the greylist.pl example does in the smtpd policy docs describe. The
> The Postfix SMTP server uses the same policy daemon connection
> for multiple queries.
> > issue is that sqlgrey is a daemon, not a binary that is spawned every
> > a call is made.
> The policy daemon (running under the Postfix spawn daemon) is started
> when a Postfix SMTP server connects to its port. The Postfix SMTP
> server will try to use that connection for several queries.
> > is it okay to have the sqlgrey daemon run from master.cf in the same
> The Postfix spawn daemon assumes that its command will read from
> standard input, and that it will write to stadard output and
> standard error. If sqlgrey works that way then it can be run from
> the Postfix spawn daemon. Otherwise you need a different solution.
Okay, I'm seeing that it's possible to configure sqlgrey to listen on a
socket, but I can't get that working either.
I've configured sqlgrey to listen on the private/greylist socket created by
postfix. When configuring master.cf to create a socket:
greylist unix - n n - 0 spawn
user=nobody argv=/usr/bin/perl /usr/sbin/sqlgrey
and adding the check_policy_service to main.cf:
It responds with:
May 8 21:28:01 mail01 postfix/spawn: warning: command /usr/bin/perl
exit status 1
May 8 21:28:01 mail01 postfix/smtpd: warning: premature
end-of-input on private/greylist while reading input attribute name
When I run it manually from the command-line, it reports that it's binded
successfully to the postfix socket.
I'm assuming somehow sqlgrey isn't properly understanding the data format
necessary? Yet it communicates properly when only specified as a inet
service in main.cf.
If the daemon is inaccessible, mail delivery stops, and users receive a
connection refused message. Is there any way to configure this to avoid the
hard failure, without having to configure the private/greylist service?