Bug 38553 - Enable quota-checking for Postfix with Dovecot
Enable quota-checking for Postfix with Dovecot
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Mail - Dovecot
UCS 4.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: Daniel Tröder
Sönke Schwardt-Krummrich
:
Depends on: 38474 38475
Blocks: 34839 38716
  Show dependency treegraph
 
Reported: 2015-05-18 14:26 CEST by Daniel Tröder
Modified: 2015-07-09 18:14 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2015-05-18 14:26:45 CEST
Enable Dovecot 2.2 "quota-status" policy service and use in Postfix, so over-quota users don't produce backscatter.
Comment 1 Daniel Tröder univentionstaff 2015-05-25 10:05:01 CEST
Commit 60857 configures the quota-status service in Dovecot and sets it as a smtpd_recipient_restrictions for Postfix.

Mail from external servers get after RCPT TO:
552 5.2.2 <ADDRESS>: Recipient address rejected: Mailbox is full

BCC works: during one session one user can receive email, while anothers will be rejected.

Does however not prevent backscatter for users with an account on the system, as permit_sasl_authenticated must be before it, but IMO that is OK: The bounce mail stays local, so it does not taint the servers/IPs reputation.
Comment 2 Daniel Tröder univentionstaff 2015-06-17 10:10:26 CEST
Commit 61299 added UCRVs to make quota-service listen address/port configurable, see bug #38716.
Comment 3 Sönke Schwardt-Krummrich univentionstaff 2015-07-03 15:59:55 CEST
# swaks -s 10.200.18.22 -p 587 -tls -t mail1@nstx.local --body tmp/lorem.txt | grep full
<~* 552 5.2.2 <mail1@nstx.local>: Recipient address rejected: Mailbox is full

mail/dovecot/quota-status/ip and mail/dovecot/quota-status/port have been tested manually via netstat.
Comment 4 Janek Walkenhorst univentionstaff 2015-07-09 18:14:28 CEST
<http://errata.univention.de/ucs/4.0/237.html>