CBPolicyD has some modules and one of them is module accounting. What is usability of module accounting? with module accounting, we can rate limit sending/receipt email with daily, weekly and monthly method. Even Gmail, Yahoo or other email also limit sending/receipt email perday. You can see that information at this link : http://www.yetesoft.com/free-email-marketing-resources/email-sending-limit/.
Now, how we can also make like Gmail or Yahoo to limit sending email/receipt per day, per week or per month? with CBPolicyD accounting module, we also can do that. Previously, you should be enable CBPolicyD on your Zimbra mail server. If you are using Zimbra 8.5, you can use this guidance : https://imanudin.net/2014/09/08/how-to-install-policyd-on-zimbra-8-5/
For activating module accounting, open webui via browser, choose accounting | configure. Select add, and fill with the following example
Name : Rate limit perday Link to policy : Default Track : Sender:@domain . You can choose with your choice Period : Daily Message Count Limit : 5000 Message Cumulative Size Limit : empty. I am not using cumulative size Verdict : HOLD. Data : You can fill with information if policy has been fulfilled. for example, you can fill with "Sorry, your maximum email perday have been full" Stop processing here : No Comment : You can fill with comment or emptied Disabled : No
If no tables for module accounting and get information “no such table” while create rule, you can manually adding tables accounting to sqlite.
cd /opt/zimbra/cbpolicyd/share/database/ ./convert-tsql sqlite accounting.tsql > /tmp/accounting.sql vi /tmp/accounting.sql
Delete all lines starting with # (comment) and saved. Inject database to sqlite
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb < /tmp/accounting.sql
Don’t forget to enable accounting module on Zimbra
su - zimbra zmprov ms `zmhostname` zimbraCBPolicydAccountingEnabled TRUE zmcbpolicydctl restart
please check log cbpolicyd.log and you can get information like below
[2014/11/29-21:33:37 - 27354] [CORE] INFO: module=Accounting, mode=update, host=127.0.0.1, helo=mail.example.com, from=user@example.com, to=user2@gmail.com, reason=accounting_update, policy=1, accounting=2, track=Sender:@example.com, period=2014-11-29, count=2/5000 (0.0%), size=0/-
Good luck and hopefully useful 😀
Hi Imanudin,
Thank you for your excellent article. I have implemented Rate Limit per day. It is working fine. I want to exclude one user from this Rate Limit per day policy. How i can do it. Kindly guide me..
Thanks.
Hi Kondaiah,
You can define exclude user on Policy. Go to Policies | Main | select default policy | select members from action. Change member so that like below
Source : !exclude_user@domain
Sestination : any
Hi Iman,
Thank you so much. It is working perfectly..
Hi Iman,
I have configured policyd (cluebringer) service for my postfix relay server. it’s working for ‘message count’, but not working for ‘message cumulative size’. following are the logs from /var/log/maillog.
successfully rejecting log for message count:
Feb 4 16:09:12 smtp-relay cbpolicyd[6240]: module=Quotas, action=reject, host=192.168.1.140, helo=DESKTOPRCQ159I, from=bheemesh@mydomain.com, to=it@mydomain.com, reason=quota_match, policy=4, quota=3, limit=5, track=SASLUsername:, counter=MessageCount, quota=1.73/1 (172.5%)
Feb 4 16:09:12 smtp-relay postfix/smtpd[6545]: NOQUEUE: reject: RCPT from unknown[192.168.1.140]: 554 5.7.1 : Sender address rejected: sorry, your mail has crossed 1MB size limit; from= to= proto=ESMTP helo=
rejection-failed log for message cumulative size:
Feb 4 11:34:02 smtp-relay cbpolicyd[4786]: module=Quotas, mode=update, host=192.168.1.140, helo=DESKTOPRCQ159I, from=bheemesh@mydomain.com, to=it@mydomain.com, reason=quota_update, policy=4, quota=3, limit=4, track=Sender:bheemesh@mydomain.com, counter=MessageCumulativeSize, quota=2938.00/1000 (293.8%)
Feb 4 11:34:02 smtp-relay postfix/qmgr[4765]: BE6084024C: from=, size=3008593, nrcpt=1 (queue active)
Feb 4 11:34:08 smtp-relay postfix/smtp[4793]: BE6084024C: to=, relay=mail.mydomain.com[108.61.29.124]:587, delay=9.8, delays=3.4/0.04/1.9/4.5, dsn=2.0.0, status=sent (250 OK id=1iyrK3-0002TF-Lr)
Feb 4 11:34:08 smtp-relay postfix/qmgr[4765]: BE6084024C: removed
in above log, it’s showing “counter=MessageCumulativeSize, quota=2938.00/1000 (293.8%)”, but still it’s sending mail instead of rejecting. following are the system specs.
server OS: centos 6.9
postfix version: 2.6.6
policyd/cluebringer version: 2.0.14
requirement: reject mail if it’s above 1MB size for bheemesh@mydomain.com (per-user basis)
I have added mydomain.com in policies ->groups ->internal domains and added ip subnet 192.168.1.0/24 in internal_ips.
created quota (attached to Default Internal), track: sender:user@domain, period:120, verdict:reject, disabled:no.
added quota limits in above quota, MessageCumulativeSize, counter limit:1000, disabled:no, MessageCount, counter:2, disabled:no
Thanks.
Hi Bheemesh,
Yes, sometimes Policyd did not work for cumulative size. But, please make sure to check policyd on smtpd_end_of_data level
Hi Iman,
I have already configured all are correct. following is the configuration in /etc/postfix/main.cf file.
smtpd_sender_restrictions =
check_policy_service inet:127.0.0.1:10031
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
smtpd_end_of_data_restrictions =
check_policy_service inet:127.0.0.1:10031
Don’t know why only message count is working but cumulative size is not working.
Thanks.
Hi Bheemesh,
Yes, I think cumulative size did not work properly
Hi Iman,
we have two zimbra server in my environment we have enabled rate limt on both server but but when we send group mail then mails are reflecting in gateway.
And gateway is only for external mail routing but our local mails are also reflecting while we send group mail after enable rate limit.
Please help me in this issue.
Hi Gautam Kumar,
You can trial and error and adjust to your environment. Maybe you can check Source and Destination on your Policy.
Dear Iman,
Kindly tell me how to reset counter if it reaches to end?
I have not found any option to reset counter manually to allow a user to send email again before expiring day limit.
Hi Yawar Hayat,
You can try to remove counting on SQLite Database that used by CBPolicyD