Re: [EXIM] Restricting connections from a single IP address

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Piete Brooks
Datum:  
To: Nigel Metheringham
CC: exim-users
Betreff: Re: [EXIM] Restricting connections from a single IP address
> I'm considering the idea of having a mechanism for enforcing a maximum
> number of connections from a specific IP, however this feels like a
> significant change to exim (keeping per connection state in the central
> daemon, mopping up when children die etc).


I have the luxury of not getting much traffic, so I can do things like start
exim from inetd (removing the need for watcher processes to check that the
listener daemon hasn't died).
I use lock files and the like to restrict the number of callers (e.g. 5
external callers and 20 internal at any time), which could trivially be
extended to include the calling IP address / DNS name in the lock file.

However, I suspect that your throughput is several orders of magnitude larger,
so you cannot use similar approaches :-(


--
*** Exim information can be found at http://www.exim.org/ ***