Quota status to postfix in distributed environment

Karol Augustin karol at augustin.pl
Tue Feb 27 17:59:04 EET 2018 

On 2018-02-27 15:26, LuKreme wrote:
> Out of curiosity would it be possible to configure dovecot in such a
> way that if a message had been accepted by postfix because it couldn't
> check quota the message was delivered anyway, despite being over
> quota?
There is quota grace parameter, but it will work for the first email
AFAIK.

In properly configured setup there should be no risk of Dovecot being
inaccessible.

Anyway, I still believe that configuring Dovecot to store quota in mysql
and quering that using policy server is the best approach. Especially if
mysql server is properly replicated and always accessible. In my case
mysql is required for e-mail delivery anyways (aliases, users,
passwords, webmail etc).

Since OP didn't share his requirements regarding other parts of the
system there is not much that can be suggested to help. Especially that
it looks like he is forced to work with ancient versions of software,
which usually happens in environments where management doesn't listen to
architecture suggestions anyway.

> 
> I'd much rather that then risk backscatter.
> 
> (I used to have quotas, but with the size of disks I've found it
> easier to simply have a "clue bat”approach and a reasonable
> max-message size. When a user gets "too much”mail ask them to purge
> their older mails with attachments.

This is reasonable approach however there is remote possibility that if
user gets compromised someone might fill their account (and your disk)
using IMAP killing your server.

> 
> Granted, that's probably less workable than quotas for a large user
> base, but for a period of time I did automate these notices by listing
> users total storage and sending a heads-up message when they got over
> a specific number. Granted, that was in the days where a 100MB mail
> store was a reasonable limit.
> 
> -- 
> My main job is trying to come up with new and innovative and effective
> ways to reject even more mail. I'm up to about 97% now.
> 
>> On Feb 27, 2018, at 06:18, Karol Augustin <karol at augustin.pl> wrote:
>>
>> The issue you might encounter with this setup is that if both of your
>> dovecot nodes are unreachable Postfix will accept the e-mail and try to
>> deliver it. When the nodes come online it will fail if the user is over
>> quota and generate bounce to the envelope sender of the message, which
>> might produce backscatter.
>>
>> I resolved this problem by keeping quota information in Mysql table and
>> using custom policy server to check if user is allowed to receive more
>> e-mail.

-- 
Karol Augustin
karol at augustin.pl
http://karolaugustin.pl/
+353 85 775 5312

More information about the dovecot mailing list