1 Topic by frank.daeuble

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Topic: Global Throttling not working

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Debian Wheezy
- Related log if you're reporting an issue:
====

Throttling by Domain or by User works as expected, but global Settings in System->Throttling doesn't work.
The records in DB cluebringer TABLE quotas and quotas_limits are created, but no matter how many emails I send to extern recievers, there is no record in TABLE quotas_tracking.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

Do you have any throttling setting override global setting?

3 Reply by frank.daeuble

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Re: Global Throttling not working

No, I have only set any throttling settings in iRedAdmin-Pro. I looked in cluebringer.conf but didn't found anything.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

*) Do you have any per-user or per-domain throttling?
*) Could you please show me output of below SQL command:

mysql> USE cluebringer;
mysql> SELECT * FROM policies \G
mysql> SELECT * FROM policy_groups \G
mysql> SELECT * FROM policy_members \G
mysql> SELECT * FROM quotas \G
mysql> SELECT * FROM quotas_limits \G

5 Reply by frank.daeuble

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Re: Global Throttling not working

No, I have removed all per-user or per-domain throttling

Here is the wanted output:

mysql> SELECT * FROM policies;

+----+------------------+----------+-------------------------------------------------+----------+
| ID | Name             | Priority | Description                                     | Disabled |
+----+------------------+----------+-------------------------------------------------+----------+
|  1 | Default          |        0 | Default System Policy                           |        0 |
|  2 | Default Outbound |       10 | Default Outbound System Policy                  |        0 |
|  3 | Default Inbound  |       10 | Default Inbound System Policy                   |        0 |
|  4 | Default Internal |       20 | Default Internal System Policy                  |        0 |
|  5 | Test             |       50 | Test policy                                     |        0 |
|  6 | whitelists       |        6 | Whitelisted sender, domain, IP                  |        0 |
|  7 | blacklists       |        8 | Blacklisted sender, domain, IP                  |        0 |
|  8 | no_greylisting   |       20 | Disable grelisting for certain domain and users |        0 |
+----+------------------+----------+-------------------------------------------------+----------+

mysql> SELECT * FROM policy_groups;

+----+-----------------------------+----------+---------+
| ID | Name                        | Disabled | Comment |
+----+-----------------------------+----------+---------+
|  1 | internal_ips                |        0 | NULL    |
|  2 | internal_domains            |        0 | NULL    |
|  3 | whitelists                  |        0 | NULL    |
|  4 | blacklists                  |        0 | NULL    |
|  7 | no_greylisting_for_internal |        0 | NULL    |
|  8 | no_greylisting_for_external |        0 | NULL    |
+----+-----------------------------+----------+---------+

mysql> SELECT * FROM policy_members;

+----+----------+-----------------------------------+------------------------------+---------+----------+
| ID | PolicyID | Source                            | Destination                  | Comment | Disabled |
+----+----------+-----------------------------------+------------------------------+---------+----------+
|  1 |        1 | NULL                              | NULL                         | NULL    |        0 |
|  2 |        2 | %internal_ips,%internal_domains   | !%internal_domains           | NULL    |        0 |
|  3 |        3 | !%internal_ips,!%internal_domains | %internal_domains            | NULL    |        0 |
|  4 |        4 | %internal_ips,%internal_domains   | %internal_domains            | NULL    |        0 |
|  5 |        5 | @example.net                      | NULL                         | NULL    |        0 |
|  6 |        6 | %whitelists                       | %internal_domains            | NULL    |        0 |
|  7 |        7 | %blacklists                       | %internal_domains            | NULL    |        0 |
| 10 |        8 | !%internal_ips,!%internal_domains | %no_greylisting_for_internal | NULL    |        0 |
| 11 |        8 | %no_greylisting_for_external      | %internal_domains            | NULL    |        0 |
+----+----------+-----------------------------------+------------------------------+---------+----------+

mysql> SELECT * FROM quotas;

+----+----------+-------------------+-----------------------+--------+---------+--------------------------------------------+---------+----------+
| ID | PolicyID | Name              | Track                 | Period | Verdict | Data                                       | Comment | Disabled |
+----+----------+-------------------+-----------------------+--------+---------+--------------------------------------------+---------+----------+
|  1 |        5 | Recipient quotas  | Recipient:user@domain |   3600 | REJECT  | NULL                                       | NULL    |        0 |
|  2 |        5 | Quota on all /24s | SenderIP:/24          |   3600 | REJECT  | NULL                                       | NULL    |        0 |
|  8 |        2 | default_outbound  | Sender:user@domain    |     60 | reject  | Quota exceeded (20 messages in 60 seconds) | NULL    |        0 |
+----+----------+-------------------+-----------------------+--------+---------+--------------------------------------------+---------+----------+

mysql> SELECT * FROM quotas_limits;

+----+----------+-----------------------+--------------+---------+----------+
| ID | QuotasID | Type                  | CounterLimit | Comment | Disabled |
+----+----------+-----------------------+--------------+---------+----------+
|  1 |        1 | MessageCount          |           10 | NULL    |        0 |
|  2 |        1 | MessageCumulativeSize |         8000 | NULL    |        0 |
|  3 |        2 | MessageCount          |           12 | NULL    |        0 |
|  9 |        8 | MessageCount          |           20 | NULL    |        0 |
+----+----------+-----------------------+--------------+---------+----------+

I think, this looks all fine, but in the TABLE quotas_tracking is no record with relating QuotasID

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

I see you have a throttling rule in 'quotas' table: 20 messages in 60 seconds.

1) if no record in table 'quotas_tracking', that means your testing email doesn't match both sender and recipient defined in table 'policies' (ID=2, name="Default Outbound").

2) Policy 'Default Outbound' defines email must be sent from an internal IP address (defined in sql table "policy_group_members") or sender must be an internal domain (Source='%internal_ips,%internal_domains'), and recipient must be an external domain (Destination='!%internal_domains').

So, my question is, what's the sender and recipient in your testing email? Was it sent from an internal IP address?
Could you please turn on debug mode in Cluebringer config file, restart Cluebringer service, send a testing email, and paste full log of this smtp session here to help troubleshoot?

# File: /etc/cluebringer/cluebringer.conf
# OS: Debian/Ubuntu

log_level=4
log_detail=modules,tracking,policies

7 Reply by frank.daeuble (edited by frank.daeuble 2014-02-01 00:52:12)

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Re: Global Throttling not working

The value 20 messages in 60sec is the normal value. For testing I decreased the value to 2.

Yes, I had sent mails from internal domain to an external domain. the same testmail matched the per-domain rule, so that should be fine.

Here is the log output (I just masked the real mail/domains):

[2014/01/31-17:36:40 - 14101] [CORE] INFO: Starting "1" children
[2014/01/31-17:36:40 - 14115] [CORE] INFO: 2014/01/31-17:36:40 CONNECT TCP Peer: "[127.0.0.1]:46801" Local: "[127.0.0.1]:10031"
[2014/01/31-17:36:40 - 14459] [CORE] DEBUG: Child Preforked (14459)
[2014/01/31-17:36:40 - 14459] [CBPOLICYD] DEBUG: Starting up caching engine
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: No session tracking data exists for request: $VAR1 = {
          'ccert_fingerprint' => '',
          'sasl_method' => 'PLAIN',
          'sasl_sender' => '',
          'size' => '428',
          '_timestamp' => 1391186200,
          'helo_name' => '[192.168.1.34]',
          'reverse_client_name' => 'unknown',
          'queue_id' => '',
          'encryption_cipher' => 'ECDHE-RSA-AES256-SHA',
          'encryption_protocol' => 'TLSv1',
          'etrn_domain' => '',
          'ccert_subject' => '',
          'request' => 'smtpd_access_policy',
          'protocol_state' => 'RCPT',
          'stress' => '',
          'sasl_username' => 'frank@xxx.net',
          'recipient' => 'xxx@gmx.de',
          'ccert_pubkey_fingerprint' => '',
          'instance' => '3874.52ebd118.56f33.0',
          'protocol_name' => 'ESMTP',
          'encryption_keysize' => '256',
          'recipient_count' => '0',
          'ccert_issuer' => '',
          'sender' => 'frank@xxx.net',
          'client_name' => 'unknown',
          'client_address' => '217.7.160.170',
          '_protocol_transport' => 'Postfix'
        };
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: Added session tracking information for: $VAR1 = {
          'ccert_fingerprint' => '',
          'sasl_method' => 'PLAIN',
          'sasl_sender' => '',
          'size' => '428',
          '_timestamp' => 1391186200,
          'helo_name' => '[192.168.1.34]',
          'reverse_client_name' => 'unknown',
          'queue_id' => '',
          'encryption_cipher' => 'ECDHE-RSA-AES256-SHA',
          'encryption_protocol' => 'TLSv1',
          'etrn_domain' => '',
          'ccert_subject' => '',
          'request' => 'smtpd_access_policy',
          'protocol_state' => 'RCPT',
          'stress' => '',
          'sasl_username' => 'frank@xxx.net',
          'recipient' => xxx@gmx.de',
          'ccert_pubkey_fingerprint' => '',
          'instance' => '3874.52ebd118.56f33.0',
          'protocol_name' => 'ESMTP',
          'encryption_keysize' => '256',
          'recipient_count' => '0',
          'ccert_issuer' => '',
          'sender' => 'frank@xxx.net',
          'client_name' => 'unknown',
          'client_address' => '217.7.160.170',
          '_protocol_transport' => 'Postfix'
        };
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: Protocol state is 'RCPT', resolving policy...
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Going to resolve session data into policy: $VAR1 = {
          'Recipient' => xxx@gmx.de',
          'SASLUsername' => 'frank@xxx.net',
          'QueueID' => '',
          'RecipientData' => '',
          'Instance' => '3874.52ebd118.56f33.0',
          'EncryptionCipher' => 'ECDHE-RSA-AES256-SHA',
          'Size' => '428',
          'EncryptionKeySize' => '256',
          'EncryptionProtocol' => 'TLSv1',
          'Helo' => '[192.168.1.34]',
          'ClientAddress' => '217.7.160.170',
          'ClientName' => 'unknown',
          'Sender' => 'frank@xxx.net',
          'SASLSender' => '',
          'Protocol' => 'ESMTP',
          'ClientReverseName' => 'unknown',
          'SASLMethod' => 'PLAIN'
        };
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '1' in policy 'Default'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '2' in policy 'Default Outbound'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '3' in policy 'Default Inbound'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '4' in policy 'Default Internal'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '5' in policy 'Test'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '6' in policy 'whitelists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '7' in policy 'blacklists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '10' in policy 'no_greylisting'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: Found policy member with ID '11' in policy 'no_greylisting'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:1/Name:Default]: Source not defined or 'any', explicit match: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:1/Name:Default]: Source matching result: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:1/Name:Default]: Destination not defined or 'any', explicit match: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:1/Name:Default]: Destination matching result: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]: Main policy sources '%internal_ips,%internal_domains'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CIDR specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:2/Name:Default Outbound]=>(group:internal_ips): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:2/Name:Default Outbound]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]: Main policy sources '!%internal_ips,!%internal_domains'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CIDR specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_ips): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]: Group 'internal_domains' has 9 source(s) => @xxx.net,...
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_domains): - Resolved source '@xxx.biz' to a email address specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_domains): - Resolved source '@xxx.net' to a email address specification, match = 1
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:3/Name:Default Inbound]=>(group:internal_domains): Source group result: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:3/Name:Default Inbound]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:4/Name:Default Internal]: Main policy sources '%internal_ips,%internal_domains'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:4/Name:Default Internal]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CIDR specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:4/Name:Default Internal]=>(group:internal_ips): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:4/Name:Default Internal]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:5/Name:Test]: Main policy sources '@example.net'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:5/Name:Test]: - Resolved source '@example.net' to a email address specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:5/Name:Test]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:6/Name:whitelists]: Main policy sources '%whitelists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:6/Name:whitelists]: Group 'whitelists' has 0 source(s) =>
[2014/01/31-17:36:40 - 14115] [POLICIES] WARNING: [ID:6/Name:whitelists]: No group members for source group 'whitelists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:6/Name:whitelists]=>(group:whitelists): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:6/Name:whitelists]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:7/Name:blacklists]: Main policy sources '%blacklists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:7/Name:blacklists]: Group 'blacklists' has 0 source(s) =>
[2014/01/31-17:36:40 - 14115] [POLICIES] WARNING: [ID:7/Name:blacklists]: No group members for source group 'blacklists'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:7/Name:blacklists]=>(group:blacklists): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:7/Name:blacklists]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]: Main policy sources '!%internal_ips,!%internal_domains'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]: Group 'internal_ips' has 1 source(s) => 10.0.0.0/8
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]=>(group:internal_ips): - Resolved source '10.0.0.0/8' to a IP/CIDR specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]=>(group:internal_ips): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]: Group 'internal_domains' has 9 source(s) => @xxx.net,...
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]=>(group:internal_domains): - Resolved source '@xxx.biz' to a email address specification, match = 0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]=>(group:internal_domains): - Resolved source '@xxx.net' to a email address specification, match = 1
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:10/Name:no_greylisting]=>(group:internal_domains): Source group result: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:10/Name:no_greylisting]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:11/Name:no_greylisting]: Main policy sources '%no_greylisting_for_external'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:11/Name:no_greylisting]: Group 'no_greylisting_for_external' has 0 source(s) =>
[2014/01/31-17:36:40 - 14115] [POLICIES] WARNING: [ID:11/Name:no_greylisting]: No group members for source group 'no_greylisting_for_external'
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: [ID:11/Name:no_greylisting]=>(group:no_greylisting_for_external): Source group result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:11/Name:no_greylisting]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: END RESULT: prio=0 => policy ids: 1
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: Policy resolved into: $VAR1 = {
          '0' => [
                   '1'
                 ]
        };
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: Request translated into session data: $VAR1 = {
          'Recipient' => 'xxx@gmx.de',
          'SASLUsername' => 'frank@xxx.net',
          'QueueID' => '',
          'RecipientData' => '',
          'Instance' => '3874.52ebd118.56f33.0',
          'EncryptionCipher' => 'ECDHE-RSA-AES256-SHA',
          'Size' => '428',
          'EncryptionKeySize' => '256',
          'ParsedClientAddress' => {
                                     'Broadcast_Long' => 3641155754,
                                     'Network' => '217.7.160.170',
                                     'IP_Long' => 3641155754,
                                     'Broadcast' => '217.7.160.170',
                                     'IP' => '217.7.160.170',
                                     'Mask_Long' => 4294967295,
                                     'Network_Long' => 3641155754
                                   },
          'ProtocolTransport' => 'Postfix',
          'EncryptionProtocol' => 'TLSv1',
          'Helo' => '[192.168.1.34]',
          'ClientAddress' => '217.7.160.170',
          'ClientName' => 'unknown',
          'Sender' => 'frank@xxx.net',
          'SASLSender' => '',
          'Timestamp' => 1391186200,
          'ProtocolState' => 'RCPT',
          'Policy' => {
                        '0' => [
                                 '1'
                               ]
                      },
          'Protocol' => 'ESMTP',
          'ClientReverseName' => 'unknown',
          'SASLMethod' => 'PLAIN'
        };
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Got request, running modules...
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
[2014/01/31-17:36:40 - 14115] [CBPOLICYD] DEBUG: Done with modules
[2014/01/31-17:36:41 - 14420] [CORE] INFO: 2014/01/31-17:36:41 CONNECT TCP Peer: "[127.0.0.1]:46807" Local: "[127.0.0.1]:10031"
[2014/01/31-17:36:41 - 14420] [TRACKING] DEBUG: Protocol state is 'END-OF-MESSAGE', decoding policy...
[2014/01/31-17:36:41 - 14420] [TRACKING] DEBUG: Decoded into: $VAR1 = {
          'xxx@gmx.de' => {
                                '0' => [
                                         '1'
                                       ]
                              }
        };
[2014/01/31-17:36:41 - 14420] [TRACKING] DEBUG: Request translated into session data: $VAR1 = {
          'SASLUsername' => 'frank@xxx.net',
          'QueueID' => '854286007D8',
          'RecipientData' => '/<xxx@gmx.de>#0=1;',
          'EncryptionCipher' => 'ECDHE-RSA-AES256-SHA',
          'Instance' => '3874.52ebd118.56f33.0',
          'Size' => '428',
          'EncryptionKeySize' => '256',
          'ParsedClientAddress' => {
                                     'Broadcast_Long' => 3641155754,
                                     'Network' => '217.7.160.170',
                                     'IP_Long' => 3641155754,
                                     'Broadcast' => '217.7.160.170',
                                     'IP' => '217.7.160.170',
                                     'Mask_Long' => 4294967295,
                                     'Network_Long' => 3641155754
                                   },
          'ProtocolTransport' => 'Postfix',
          'EncryptionProtocol' => 'TLSv1',
          'Helo' => '[192.168.1.34]',
          'ClientAddress' => '217.7.160.170',
          'ClientName' => 'unknown',
          'Sender' => 'frank@xxx.net',
          'SASLSender' => '',
          'Timestamp' => 1391186201,
          'ProtocolState' => 'END-OF-MESSAGE',
          '_Recipient_To_Policy' => {
                                      'xxx@gmx.de' => {
                                                            '0' => [
                                                                     '1'
                                                                   ]
                                                          }
                                    },
          'Protocol' => 'ESMTP',
          'ClientReverseName' => 'unknown',
          'SASLMethod' => 'PLAIN'
        };
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Got request, running modules...
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
[2014/01/31-17:36:41 - 14420] [CBPOLICYD] DEBUG: Done with modules
[2014/01/31-17:37:11 - 14101] [CORE] INFO: Killing "1" children
[2014/01/31-17:37:11 - 14114] [CBPOLICYD] DEBUG: Shutting down caching engine (14114)

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

frank.daeuble wrote:

[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:1/Name:Default]: Destination matching result: matched=1
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:2/Name:Default Outbound]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:3/Name:Default Inbound]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:4/Name:Default Internal]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:5/Name:Test]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:6/Name:whitelists]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:7/Name:blacklists]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:10/Name:no_greylisting]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] INFO: [ID:11/Name:no_greylisting]: Source matching result: matched=0
[2014/01/31-17:36:40 - 14115] [POLICIES] DEBUG: END RESULT: prio=0 => policy ids: 1
[2014/01/31-17:36:40 - 14115] [TRACKING] DEBUG: Policy resolved into: $VAR1 = {
          '0' => [
                   '1'
                 ]
        };

As you can see, this testing email doesn't match policy "Default Outbound".

Could you please try below SQL command, then try again?

sql> USE cluebringer;
sql> UPDATE policy_members SET Source='%internal_domains' WHERE PolicyID=2;

Looks like Cluebringer doesn't handle '%internal_ips,%internal_domains' correctly, but works fine with only '%internal_domains'.

9 Reply by frank.daeuble

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Re: Global Throttling not working

Yes, that did it. Thank you so much for the solution. We really like the iRedAdminPro, but the biggest benefit ot buying this software is getting your help on all that many packages and services - we appreciate that so much!

Do you recommend to remove %internal_ips in all policy Members? And can I delete the "Test policy", or is it needed for any debugging?

10 Reply by frank.daeuble

  • frank.daeuble
  • Member
  • Offline
  • Registered: 2013-10-14
  • Posts: 37

Re: Global Throttling not working

Just to close this issue:

Do you recommend to remove %internal_ips in all policy Members?
And can I delete the "Test policy", or is it needed for any further debugging?

11 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

frank.daeuble wrote:

Do you recommend to remove %internal_ips in all policy Members?

%internal_ips is used to define list of internal IP addresses, if you don't need it, it's ok to remove it.

frank.daeuble wrote:

And can I delete the "Test policy", or is it needed for any further debugging?

It's safe to delete it, we don't use it at all. It's pre-defined by Cluebringer, and it's useless.

12 Reply by slapper

  • slapper
  • Member
  • Offline
  • Registered: 2011-10-31
  • Posts: 10

Re: Global Throttling not working

I had the same problem enabling global trotting in IredMail-Pro-Mysql-1.8.1

login to mysql and make the following changes

sql> USE cluebringer;
sql> UPDATE policy_members SET Source='%internal_domains' WHERE PolicyID=2;

I suppose this patch will be added to the new IredMail-Pro version!

13 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Global Throttling not working

slapper wrote:

I suppose this patch will be added to the new IredMail-Pro version!

Fixed. Will be available in upcoming iRedMail and iRedAdmin-Pro.