IRedMail/FAQ/Enable.Throttling/RHEL.CentOS

From iRedMail

Jump to: navigation, search

iRedMail ships Policyd-1.8.x for sender & recipient throttling, but it's disabled by default. You can enable it by follow below steps on RHEL/CentOS:

We choose to run two Policyd instances/daemons:

  • one listens on port 10031, used for greylisting, white/blacklisting and recipient throttling.
  • another one listens on port 10032, used for sender throttling.

Here we go:

  • Disable sender throttling in /etc/postfix-policyd.conf, but enable recipient throttling:
File: /etc/policyd.conf 
SENDERTHROTTLE=0
SENDER_THROTTLE_SASL=0
SENDER_THROTTLE_HOST=0

# Enable recipient throttling in this instance, will be invoked in Postfix
# smtpd_recipient_restrictions.
RECIPIENTTHROTTLE=1
  • Enable throttling in /etc/policyd_sender_throttle.conf:
File: /etc/policyd_sender_throttle.conf 
SENDERTHROTTLE=1
SENDER_THROTTLE_SASL=1
SENDER_THROTTLE_HOST=0

# Disable recipient throttling in this instance.
# Recipient Throttling can not work at smtpd_end_of_data_restrictions. Policyd v2 (a.k.a. Cluebringer)
# overcomes this and tracks the recipients for each smtpd instance. To track quotas
# precisely v2 can be used in smtpd_recipient_restrictions and smtpd_end_of_data_restrictions.
# v2 knows about the various restrictions.
# Reference: http://comments.gmane.org/gmane.mail.postfix.policyd/826
RECIPIENTTHROTTLE=0

Note: You may only enable SENDER_THROTTLE_SASL or SENDER_THROTTLE_HOST but NOT both.

  • Edit /etc/init.d/policyd, set ENABLE_SENDER_THROTTLE='YES' to start another policyd instance for throttling:
File: /etc/init.d/policyd 
ENABLE_SENDER_THROTTLE="YES"
  • Restart policyd service:
Terminal: 
# /etc/init.d/policyd restart

It will listen on two ports: 10031, 10032. You can verify it via command netstat:

Terminal: 
# netstat -ntlp | grep -i 1003
tcp        0      0 127.0.0.1:10031             0.0.0.0:*                   LISTEN      3454/policyd        
tcp        0      0 127.0.0.1:10032             0.0.0.0:*                   LISTEN      3459/policyd
  • Enable throttling in Postfix /etc/postfix/main.cf:
File: /etc/postfix/main.cf 
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10032

Restart postfix:

Terminal: 
# /etc/init.d/postfix restart

That's all.

Refer to Policyd official documentation to set throttling: http://policyd.sourceforge.net/readme.html

Retrieved from "http://iredmail.org/wiki/index.php?title=IRedMail/FAQ/Enable.Throttling/RHEL.CentOS"
Personal tools