Zimbra :: Tech Center:Cluebringer Policy Daemon
Article Information |
---|
This article applies to the following ZCS versions. |
Postfix Cluebringer Policyd in Zimbra
Policyd is an anti-spam policy daemon for Postfix (written in C) that does Greylisting, Sender-(envelope, SASL or host / ip)-based throttling (on messages and/or volume per defined time unit), Recipient rate limiting, Spamtrap monitoring / blacklisting, HELO auto blacklisting and HELO randomization preventation.
It is included as a part of the Zimbra package, but it is not enabled by default.
Enabling policyd
First ensure sqlite is installed (It is listed as a suggested install).
To enable policyd, simply tell the Zimbra installation you want it enabled:
zmprov ms <mta server> +zimbraServiceEnabled cbpolicyd
After 1 to 2 minutes the zmconfigd process will detect that you want this service enabled, and automatically install the database and start the service.
- cbpolicyd_pid_file - location of PID file.
- cbpolicyd_log_file - location of log file.
- cbpolicyd_db_file - location of SQLite database
- cbpolicyd_cache_file - location of cache
- cbpolicyd_log_level - loglevel (default 3)
- cbpolicyd_log_mail - Default is main. Log to policyd's main log mechanism, accepts NO args
- cbpolicyd_log_detail - What detail of logging to provide. Default "modules"
- cbpolicyd_bind_port - Bind port for cbpolicyd. default 10031
- cbpolicyd_timeout - Timeout when talking to clients. Default 120 seconds. ZCS7 and ZCS 8 < ZCS8.0.4
- cbpolicyd_timeout_idle - Idle timeout. Defaults to 1020 seconds. ZCS8.0.4 and higher
- cbpolicyd_timeout_busy - Busy timeout. Defaults to 120 seconds. ZCS8.0.4 and higher
- cbpolicyd_bypass_timeout - Bypass timeout. Defaults to 30 seconds.
- cbpolicyd_bypass_mode - Bypass fail mode. Default is "tempfail"
- cbpolicyd_module_accesscontrol - Enable Access Control module. Default 0 (disabled)
- cbpolicyd_module_greylisting - Enable greylisting. Default 0 (disabled)
- cbpolicyd_module_greylisting_training - If greylisting is enabled, whether or not to run in training mode. Default 0 (Do not run in training mode) ZCS8 only
- cbpolicyd_module_greylisting_defer_msg - Message to give when deferring email. Default "Greylisting in effect, please come back later" ZCS8 only
- cbpolicyd_module_greylisting_blacklist_msg - Message to give when client is on blacklist. Default "Greylisting in effect, sending server blacklisted" ZCS8 only
- cbpolicyd_module_checkhelo - Enable checkhelo module. Default 0 (disabled)
- cbpolicyd_module_checkspf - Enable CheckSPF module. Default 0 (disabled)
- cbpolicyd_module_quotas - Enable Quotas module. Default 1 (enabled)
- cbpolicyd_module_amavis - Enable amavis module. Default 0 (disabled) ZCS8.0.4 and higher.
- cbpolicyd_module_accounting - Enable accounting module. Default 0 (disabled). ZCS8.0.4 and higher.
Disabling cbpolicyd
Disabling cbpolicyd is as simple as removing it as an enabled service:
- zmprov ms <mta server> -zimbraServiceEnabled cbpolicyd
This will trigger zmconfigd to rewrite the postfix configuration and shut down cbpolicyd.
See Also
Detailed cbpolicyd for zimbra information