I have configured Policyd v2 (cluebringer) to apply quota on msg count for SASL and non-SASL users. It is easy in policyd [1]. However I don't know how to configure postfix (2.7.1). Right now I have this (non important rules removed):
smtpd_recipient_restrictions =
check_policy_service inet:127.0.0.1:10031,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
check_policy_service must be before permit_sasl_authentificated to be able to check on SASL users (because permit_sasl_authentificated returns OK and no other permissions are checked after it).
But having it here means, that it would count every incoming email attempt in quota - regardless if it will be accepted by postfix or not (because greylist/blacklist and reject_unauth_destination are after check_policy_service). So all rejected spam would count on recipient users' quota.
How is it possible to have policyd be invoked for both SASL incoming email and for non-SASL email which is accepted for server?
1]: http://lists.policyd.org/pipermail/users_lists.policyd.org/2012-October/004002.html
In case of Postfix version 2.10 or newer, you can try to solved those problem by using
smtpd_relay_restrictionfeature. Snippet from postfix documentation explains how to use them properly.Then your configuration should like this