Autor: Edgar Lovecraft Datum: To: exim-users Betreff: Re: [exim] Limit number of recipients
"Fred Viles" wrote: > ..[snip]... >
> | On Thu, 5 May 2005, Ron McKeating wrote:
> | >
> | > recipients_max_reject
> |
> | You almost certainly don't want to use this.
>
> Why not?
See below...
> | You should instead check the
> | number of recipients in the predata or data ACLs and reject the whole
> | message, rather than just the last few recipients.
>
> ISTM that's exactly the effect you get when you set recipients_max to a
> value and and recipients_max_reject to TRUE.
No, that is not the same effect, what the recipients_max_reject does
is it allows up to the number of recipients as defined in recipients_max,
and then 5xx's any RCPT TO: command after that number. So if you set
recipients_max to 100, and have recipients_max_reject set TRUE,
then starting with RCPT TO: number 101 and above all get permanent
failures rather than the try again later (4xx) errors so that the rest
of the recipients can still get the message later when the sender
properly retries them. What is posted above just looks at the total
number of recipients and then rejects the entire message for everyone.
> And that's what the OP says he wants:
>
> | is it possible to
> | tell exim to only accept an email if it is for less than say 100
> | recipients ?
>
> So I don't get why you and Edgar think the OP should not set
> recipients_max_reject. What am I missing?
I do not suggest setting recipients_max_reject to TRUE because as
I just pointed out, any recipient after the recipients_max number
has been hit, get permanent failures.
It may be true that the OP does want to reject any message that has
been sent to more than 100 recipients in the same transaction, in
which case, Tony's suggestion does just that, and recipients_max_reject
does not. However, neither approach limits a message being sent to
1000 recipients 1, 10, 20, or 99 recipients at a time. If the OP
is wanting to reject on 'apparent' recipients in say the TO: header,
then this is something entirely different, and the OP needs to
remember that just because a RCPT TO: command is given that the
recipient given in that command may not ever be anywhere in the
message header, either the TO: header or the BCC: header, neither
of which are required to included in the message header by an RFC MUST.
I also got the impression that the OP either wanted the later of the
two as he did mention the limiting of header size, OR, the OP only wanted
to accept 100 RCPT commands for any given message at a time.
..And to answer Tony's response...
Tony Finch wrote: > ..[snip]... >
> TBH I remain to be convinced of the benefits of setting the option to
> anything less than four digits. (You might want to set it in order to
> protect against memory exhaustion attacks.)
I do not know if it is, but then again I run mail servers with very
large numbers of accounts, well over 100, or even 1000 users, so in
my particular case, it really does me no good, other than to split
the accepting and or delivering processes in to more messages with
lower recipient counts per message ;)