Hello,
Je dispose d’un postfix publique avec plusieurs noms de domaines et 20000 utilisateurs. Pour éviter de me retrouver ban chez nos plus gros fournisseurs de mails, , j’ai mis en place une règle pour limiter les envois. Je vois bien l’appel de cette règle dans mes logs, mais je n’ai pas l’impression qu’elle soit réellement appliquée, voici ce que j’ai fait :
dans le main.cf :
[…]
default_destination_rate_delay = 5s
transport_maps = hash:/etc/postfix/transport
slow_destination_concurrency_limit = 3
slow_destination_rate_delay = 10s
[…]
dans le master.cf :
[...]
slow unix - - n - - smtp -o syslog_name=postfix-slow
[...]
dans le transport :
orange.fr slow:
wanadoo.fr slow:
laposte.net slow:
free.fr slow:
hotmail.fr slow:
outlook.fr slow:
gmail.com slow:
yahoo.fr slow:
Maintenant, si je regarde mes logs, je vois par exemple ceci :
Nov 19 08:26:38 mail postfix-slow/smtp[25261]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Nov 19 08:26:38 mail postfix-slow/smtp[25261]: BBE9661F48: to=<123456@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.27]:25, delay=0.97, delays=0.22/0.03/0.52/0.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148398 v23si1958025wmh.50 - gsmtp)
Nov 19 08:28:06 mail postfix-slow/smtp[25261]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:28:08 mail postfix-slow/smtp[25261]: 4605961F48: to=<dsdsfdsfdsfdsfds@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.27]:25, delay=2.6, delays=0.48/0/0.21/1.9, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148488 q21si1877541wmj.95 - gsmtp)
Nov 19 08:29:15 mail postfix-slow/smtp[25261]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:29:16 mail postfix-slow/smtp[25261]: 2144B61F48: to=<123456@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.27]:25, delay=0.96, delays=0.59/0/0.14/0.23, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148556 145si1888551wme.106 - gsmtp)
Nov 19 08:30:18 mail postfix-slow/smtp[25261]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:30:18 mail postfix-slow/smtp[25261]: D32B061F48: to=<dsdsfdsf@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.27]:25, delay=0.48, delays=0.21/0/0.13/0.14, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148618 91si8358301wrj.101 - gsmtp)
Nov 19 08:33:22 mail postfix-slow/smtp[26007]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Nov 19 08:33:22 mail postfix-slow/smtp[26007]: F28BF61F6C: to=<0987654@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.26]:25, delay=0.64, delays=0.27/0.04/0.24/0.09, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148802 b9si1967534wmc.110 - gsmtp)
Nov 19 08:33:50 mail postfix-slow/smtp[26007]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:33:50 mail postfix-slow/smtp[26007]: 4B2CF61F6C: to=<0987654@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.26]:25, delay=0.43, delays=0.19/0/0.15/0.09, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148830 p66si1911481wmp.141 - gsmtp)
Nov 19 08:36:31 mail postfix-slow/smtp[26675]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:36:31 mail postfix-slow/smtp[26675]: 13E5E61F6C: to=<0987654@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.26]:25, delay=0.56, delays=0.36/0.01/0.11/0.07, dsn=2.0.0, status=sent (250 2.0.0 OK 1574148991 w12si1953200wmk.130 - gsmtp)
Nov 19 08:37:36 mail postfix-slow/smtp[26675]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.133.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
Nov 19 08:37:36 mail postfix-slow/smtp[26675]: 4BE4161F6C: to=<0987654@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.133.26]:25, delay=0.37, delays=0.16/0/0.13/0.08, dsn=2.0.0, status=sent (250 2.0.0 OK 1574149056 131si1897407wma.127 - gsmtp)
Nov 19 09:16:27 mail postfix-slow/smtp[32286]: Trusted TLS connection established to eur.olc.protection.outlook.com[104.47.1.33]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov 19 09:16:28 mail postfix-slow/smtp[32286]: E9E9A61F48: to=<sdfdsfdsf@hotmail.fr>, relay=eur.olc.protection.outlook.com[104.47.1.33]:25, delay=3.1, delays=2.1/0.02/0.42/0.56, dsn=2.6.0, status=sent (250 2.6.0 <23581296b1f696bbc571206096daec9a@monserveur.org> [InternalId=63964947962569, Hostname=VE1EUR01HT101.eop-EUR01.prod.protection.outlook.com] 16257 bytes in 0.281, 56.432 KB/sec Queued mail for delivery -> 250 2.1.5)
La règle slow est bien appelée, en revanche, j’ai l’impression que le délais de 5 sec entre chaque envoi n’est pas appliqué. Les envois ont l’air de se faire immédiatement sans tenir compte de la temporisation que j’ai demandé.
Qu’est-ce qui cloche dans ma paramétrie ?
merci