On Mon, 2003-06-02 at 08:43, Patrick Starrenburg wrote:
> On Mon, 02 Jun 2003 06:50:59 GMT Ralf G. R. Bergs wrote:
>
> > Is there a way of saying "if the client connected gave more than <n>
> > rejected RCPT commands, disconnect it"? I suspect there isn't since I
> > couldn't find anything applicable.
>
> What we use got from someone else on the list (!) who only allowed two. We
> do three. For good measure delays them also.
>
> acl_check_rcpt:
>
> # We stall people who try 3 or more illegal recipients
> deny message = Max 3 failed recipients allowed
> condition = ${if >{$rcpt_fail_count}{2} {1}}
> delay = ${eval: ($rcpt_fail_count) * 30}s
> log_message = $rcpt_fail_count failed recipient attempts
This rejects further recipients.
If you *really* want to drop the connection then use the drop verb, but
be aware that this will have side effects - if a delivering MTA has an
initial set of bad recipients for whatever reason and you are dropping
the connection it may then retry the whole transaction (including the
bad recipients) since from its point of view the whole last connection
went bad.
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]