quota-status fails when size=0 from Postfix

Noel noeldude at gmail.com
Thu Jul 29 22:31:06 EEST 2021


On 7/29/2021 2:15 PM, dovecot at ptld.com wrote:
>> Plus Dovecot complains that the policy service is only supposed 
>> to be
>> used in the RCPT stage. So clearly this is a bad approach.
>
> I want to explore this more. I tried it and also see:
>
> dovecot[1096]: quota-status(26164): Warning: Received policy query 
> from MTA in unexpected state END-OF-MESSAGE (service can only be 
> used for recipient restrictions)
>
> Why? Why does dovecot even care? Quota plugin is sent a user and a 
> size, it looks up quota for that user and computes if size will 
> put the user over limit and returns an answer. Why does dovecot 
> care or even know at what stage this is done? Why is it bad to 
> check quota after getting the real size? Seems like its designed 
> to allow spoofing from an evil mail client.
>
> What is the harm being done that causes this log warning? What is 
> the harm in ignoring the warning?


With multi-recipient mail, the recipient attribute is undefined at 
end-of-data.

So you have to pick your poison - during recipient restrictions the 
size may not be known or may not be accurate, at end-of-data the 
recipient may not be known *and* it's too late to reject a single 
recipient on a multi-recipient mail.

The only solution is to reject all mail for an over-quota recipient 
during recipient restrictions, and if the mail passes that stage, 
deliver it anyway even if it makes the user go over quota.


   -- Noel Jones



More information about the dovecot mailing list