postfwd rejected nicht mehr

[fulltilt]

Debian 10

Code: Alles auswählen

sudo postfwd -V 
postfwd2 1.35 (Net::DNS 1.19, Net::Server 2.009, Sys::Syslog 0.35, Time::HiRes 1.9759, Storable: 3.08, Perl 5.028001 on linux)

Mein postfwd scheint seit einiger Zeit nicht mehr zu rejecten, die matches werden im postfwd status und in den Logs angezeigt, es wird aber nix rejected.
Keine Ahnung woran das jetzt liegt, ob das von irgendwelchen Perl Updates kommt etc. hat bisher immer funktioniert seit Jahren.

Code: Alles auswählen

Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS] postfwd2::policy 1.35: 25 requests since 0 days, 00:30:00 hours
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS] Requests: 0.90/min last, 0.83/min overall, 1.00/min top
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS] Dnsstats: 0.00/min last, 0.00/min overall, 0.00/min top
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS] Hitrates: 0.0% ruleset, 0.0% parent, 0.0% child, 0.0% rates
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS] Timeouts: 0.0% (0 of 0 dns queries)
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS]   25 matches for id:  ratelimit007
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS]   25 matches for id:  R100
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS]   25 matches for id:  ratelimit003
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS]   25 matches for id:  ratelimit006
Jan 28 14:37:57 host1 postfwd2/master[30282]: [STATS]   25 matches for id:  ratelimit005

grep "Message rate limit exceeded" /var/log/mail.log
bleibt leer

postfix main.cf Part:

Code: Alles auswählen

smtpd_recipient_restrictions = reject_non_fqdn_recipient,
        reject_invalid_hostname,
        reject_unauth_pipelining,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        check_policy_service inet:127.0.0.1:10040,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_unlisted_recipient,
        check_client_access hash:/etc/postfix/rbl_override,
        check_client_access cidr:/etc/postfix/ip-block,
        check_recipient_access hash:/etc/postfix/recipient_access,
        reject_rbl_client bogons.cymru.com,
        reject_rbl_client korea.services.net,
        reject_rbl_client dnsbl.dronebl.org,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client db.wpbl.info=127.0.0.2,
        reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2,
        reject_rbl_client ix.dnsbl.manitu.net,
        reject_rbl_client zen.spamhaus.org,
        reject_rbl_client psbl.surriel.com,
        reject_rbl_client all.spamrats.com,
        reject_rbl_client b.barracudacentral.org,
        reject_rbl_client pbl.spamhaus.org,
        reject_rbl_client sbl-xbl.spamhaus.org,
        check_policy_service unix:private/policy-spf,
        permit

smtpd_data_restrictions = reject_multi_recipient_bounce, reject_unauth_pipelining

/etc/postfix/postfwd.cf

Code: Alles auswählen

# Whitelists
&&TRUSTED_NETS {
    client_address=127.0.0.1/32, xxx.xxx.xx.0/22
}

# Throttle unknown clients to 5 recipients per 5 minutes:
id=RULE001
        client_name == unknown
        action=rate(client_address/5/300/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)


# sasl
# 800 messages per 12 hours
id=R001
    sasl_username=~/./
    action=rate(sasl_username/700/43200/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 150 messages per 60 minutes
id=R002
    sasl_username=~/./
    action=rate(sasl_username/150/3600/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 100 messages per 30 minutes
id=R003
    sasl_username=~/./
    action=rate(sasl_username/100/1800/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 70 messages per 10 minutes
id=R004
    sasl_username=~/./
    action=rate(sasl_username/70/600/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 40 messages per 5 minutes
id=R005
    sasl_username=~/./
    action=rate(sasl_username/40/300/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)


# any other mails
# 40 messages per 5 minutes
id=ratelimit003
    sender=~/.*/
    action=rate(recipient_domain/40/300/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 30 messages per 30 minutes
id=ratelimit005
    sender=~/.*/
    action=rate(recipient_domain/30/1800/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 60 messages per 60 minutes
id=ratelimit006
    sender=~/.*/
    action=rate(recipient_domain/60/3600/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

# 800 messages per day
id=ratelimit007
    sender=~/.*/
    action=rate(recipient_domain/800/86400/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

Fehler finde ich keine in den Logs ...
woran kann das liegen?

[fulltilt]

OK, hab die limits mal runtergesetzt zum testen - die sasl_username auth. funktionieren, werden also rejected.
Mir geht es darum die incoming also nicht sasl_username zu limitieren ... sender=~/.*/ scheint hier nicht zu greifen:

Code: Alles auswählen

    sender=~/.*/
    action=rate(recipient_domain/60/3600/REJECT 4.7.1 - Message rate limit exceeded - unexpected volume or sending too fast.)

wie müßte das ausehen für eingehende Mails von externen Servern?