<div dir="ltr"><div><div><div><div><div><div><div><div><div><div>Hi<br><br></div>I have implemented Quota status to postfix in our setup. I have an imap server (dovecot) and mail server (postfix) in every node. I am able to send quota status to postfix and mails are rejected after 100% mail quota is crossed. This rejection is happening both in across the nodes and within the nodes.<br><br></div>The problem is if I am sending mails to any node and if any other node's dovecot is down, mails are not going. For example, I am sending an email within the system but if some other node's dovecot is down then email within the system also will not go.<br><br><br></div>My dovecot version is 2.2.10.<br></div>My postfix version is 2.1.10.<br><br><br></div><u>doveconf -n output is below:-</u><br><br># 2.2.10: /etc/dovecot/dovecot.conf<br># OS: Linux 3.10.0-514.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.3 (Maipo) xfs<br>auth_debug = yes<br>base_dir = /var/run/dovecot/<br>first_valid_gid = 5000<br>first_valid_uid = 5000<br>hostname = CmdHQ<br>login_greeting = ^^^^^^^^^^Dovecot ready^^^^^^^^^^<br>mail_debug = yes<br>mail_gid = 6000<br>mail_location = Maildir:/var/mail/vmail/<a href="http://tcs.mil.in/%n">tcs.mil.in/%n</a><br>mail_plugins = " quota"<br>mail_uid = 6000<br>mbox_write_locks = fcntl<br>passdb {<br> args = /etc/dovecot/dovecot-ldap.conf<br> driver = ldap<br>}<br>plugin {<br> quota = maildir:User quota<br> quota_rule = *:storage=8KB<br> quota_rule2 = *:messages=12B<br> quota_status_nouser = DUNNO<br> quota_status_overquota = 552 5.2.2 Mailbox is over quota / mailbox is full<br> quota_status_success = DUNNO<br> quota_warning = storage=80%% quota-warning 80 %u<br>}<br>postmaster_address = <a href="mailto:postmaster@tcs.mil.in">postmaster@tcs.mil.in</a><br>service auth {<br> unix_listener auth-userdb {<br> mode = 0600<br> user = postfix<br> }<br>}<br>service lmtp {<br> unix_listener /var/spool/postfix/private/dovecot-lmtp {<br> group = postfix<br> mode = 0600<br> user = postfix<br> }<br>}<br>service quota-status {<br> client_limit = 1<br> executable = quota-status -p postfix<br> inet_listener {<br> port = 54317<br> }<br>}<br>service quota-warning {<br> executable = script /usr/local/bin/quota-warning.sh<br> unix_listener quota-warning {<br> group = postfix<br> mode = 0666<br> user = postfix<br> }<br> user = postfix<br>}<br>ssl = required<br>ssl_ca = </etc/dovecot/certs/cacert.pem<br>ssl_cert = </etc/dovecot/certs/1CorpHQ_IMAP_Admin@tcs.mil.in.pem<br>ssl_key = </etc/dovecot/certs/1CorpHQ_IMAP_Admin@tcs.mil.in.key<br>userdb {<br> args = /etc/dovecot/dovecot-ldap.conf<br> driver = ldap<br>}<br>verbose_ssl = yes<br>protocol lmtp {<br> info_log_path = /var/log/dovecot-lmtp.log<br> mail_plugins = " quota"<br>}<br>protocol lda {<br> info_log_path = /var/log/dovecot-lda.log<br> log_path = /var/log/dovecot-lda-errors.log<br> mail_plugins = " quota"<br>}<br>protocol imap {<br> mail_plugins = " quota"<br>}<br><br></div><div>Here "service quota status" is the concerned section in conf file.<br></div><div>________________________________________________________________________________________________________<br><br></div><u>Postfix configuration is below:- </u><br></div><br>smtpd_relay_restrictions = <br> check_policy_service inet:<a href="http://201.123.80.9:54317">201.123.80.9:54317</a><br> check_policy_service inet:<a href="http://201.123.80.23:54317">201.123.80.23:54317</a><br><br><br>virtual_transport=lmtp:unix:private/dovecot-lmtp<br><br><br></div><div>Here, I am querying both two nodes. 201.123.80.9 is the other node. 201.123.80.23 is the node within which, email is sent.<br></div><div>___________________________________________________________________________________________________________<br><br><u>logs while sending mail is below:-<br><br>F</u>eb 22 12:43:24 1CorpHQ postfix/proxymap[7327]: In dict_changed_name<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: initializing the server-side TLS engine<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: In dict_changed_name<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: 1CorpHQ: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: <a href="http://201.123.80.23">201.123.80.23</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: 1CorpHQ: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: <a href="http://201.123.80.23">201.123.80.23</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 220 <a href="http://1CorpHQserver.tcs.mil.in">1CorpHQserver.tcs.mil.in</a> ESMTP Postfix<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text EHLO 1CorpHQ<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: 1CorpHQ: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: <a href="http://201.123.80.23">201.123.80.23</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text <a href="http://250-1CorpHQserver.tcs.mil.in">250-1CorpHQserver.tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-PIPELINING<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-SIZE 10240000<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-VRFY<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-ETRN<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-STARTTLS<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-ENHANCEDSTATUSCODES<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-8BITMIME<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250 DSN<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text STARTTLS<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 220 2.0.0 Ready to start TLS<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: setting up TLS connection from 1CorpHQ[201.123.80.23]<br>Feb
22 12:43:24 1CorpHQ postfix/smtpd[7326]: 1CorpHQ[201.123.80.23]: TLS
cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH"<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:before/accept initialization<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 read client hello A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write server hello A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write certificate A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write key exchange A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write server done A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 flush data<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 read client key exchange A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 read finished A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write change cipher spec A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 write finished A<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: SSL_accept:SSLv3 flush data<br>Feb
22 12:43:24 1CorpHQ postfix/smtpd[7326]: Anonymous TLS connection
established from 1corphq[201.123.80.23]: TLSv1 with cipher
ECDHE-RSA-AES256-SHA (256/256 bits)<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text EHLO 1CorpHQ<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: 1CorpHQ: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: <a href="http://201.123.80.23">201.123.80.23</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text <a href="http://250-1CorpHQserver.tcs.mil.in">250-1CorpHQserver.tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-PIPELINING<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-SIZE 10240000<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-VRFY<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-ETRN<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-ENHANCEDSTATUSCODES<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250-8BITMIME<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250 DSN<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text MAIL FROM:<<a href="mailto:Cdr.1CorpHQ@tcs.mil.in">Cdr.1CorpHQ@tcs.mil.in</a>><br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: transport_maps: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: transport_maps: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: In dict_changed_name<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: In valid verify sender addr<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text 250 2.1.0 Ok<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: text RCPT TO:<<a href="mailto:CO.1CorpHQ@tcs.mil.in">CO.1CorpHQ@tcs.mil.in</a>><br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/trivial-rewrite[7330]: match_list_match: <a href="http://tcs.mil.in">tcs.mil.in</a>: no match<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: In valid verify sender addr<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: match_list_match: permit_mynetworks: no match<br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status: Debug: Loading modules from directory: /usr/lib64/dovecot<br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status: Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: Read auth token secret from /var/run/dovecot//auth-token-secret.dat<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: master in: USER#0111#<a href="http://011CO.1CorpHQ@tcs.mil.in#011service=quota-status">011CO.1CorpHQ@tcs.mil.in#011service=quota-status</a><br>Feb
22 12:43:24 1CorpHQ dovecot: auth: Debug: ldap(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
user search: base=dc=tcs,dc=mil,dc=in scope=subtree
filter=(&(objectClass=person)(uid=co.1corphq))
fields=homeDirectory,uidNumber,gidNumber<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: ldap(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>): no fields returned by the server<br>Feb
22 12:43:24 1CorpHQ dovecot: auth: Debug: ldap(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
result: homeDirectory missing; uidNumber missing; gidNumber missing<br>Feb 22 12:43:24 1CorpHQ dovecot: auth: Debug: userdb out: USER#0111#<a href="mailto:011co.1corphq@tcs.mil.in">011co.1corphq@tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status: Debug: auth input: <a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status: Debug: changed username to <a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status: Debug: Added userdb setting: plugin/=yes<br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>): Debug: Effective uid=6000, gid=6000, home=<br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>): Debug: Quota root: name=User quota backend=maildir args=<br>Feb
22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
Debug: Quota rule: root=User quota mailbox=* bytes=8192 messages=0<br>Feb
22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
Debug: Quota rule: root=User quota mailbox=* bytes=8192 messages=12<br>Feb
22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
Debug: Quota warning: bytes=6553 (80%) messages=0 reverse=no
command=quota-warning 80 <a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a><br>Feb 22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>): Debug: Quota grace: root=User quota bytes=819 (10%)<br>Feb
22 12:43:24 1CorpHQ dovecot: quota-status(<a href="mailto:co.1corphq@tcs.mil.in">co.1corphq@tcs.mil.in</a>):
Debug: maildir++: root=/var/mail/vmail/<a href="http://tcs.mil.in/co.1corphq">tcs.mil.in/co.1corphq</a>, index=,
indexpvt=, control=, inbox=/var/mail/vmail/<a href="http://tcs.mil.in/co.1corphq">tcs.mil.in/co.1corphq</a>, alt=<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: warning: connect to <a href="http://201.123.80.9:54317">201.123.80.9:54317</a>: Connection refused<br>Feb 22 12:43:24 1CorpHQ postfix/smtpd[7326]: warning: problem talking to server <a href="http://201.123.80.9:54317">201.123.80.9:54317</a>: Connection refused<br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: warning: connect to <a href="http://201.123.80.9:54317">201.123.80.9:54317</a>: Connection refused<br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: warning: problem talking to server <a href="http://201.123.80.9:54317">201.123.80.9:54317</a>: Connection refused<br>Feb
22 12:43:25 1CorpHQ postfix/smtpd[7326]: NOQUEUE: reject: RCPT from
1CorpHQ[201.123.80.23]: 451 4.3.5 Server configuration problem;
from=<<a href="mailto:Cdr.1CorpHQ@tcs.mil.in">Cdr.1CorpHQ@tcs.mil.in</a>> to=<<a href="mailto:CO.1CorpHQ@tcs.mil.in">CO.1CorpHQ@tcs.mil.in</a>>
proto=ESMTP helo=<1CorpHQ><br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: text 451 4.3.5 Server configuration problem<br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: text RSET<br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: text 250 2.0.0 Ok<br>Feb 22 12:43:25 1CorpHQ postfix/smtpd[7326]: lost connection after RSET from 1CorpHQ[201.123.80.23]<br><br></div>I am understanding what the logs are trying to say. But I am not able to resolve the issue even after searching solution on internet and trying different hit and trials by myself. I want that if i am sending email to any node or within node, the configuration relating to "check _policy_service" for other node does not interfere and mail goes properly. At the same time I can also fetch quota status from other nodes.<br><br></div>If I can get any help regarding this it will be really appreciable as I have tried a lot of options already.<br><br><br></div>Regards<br></div>