Author: W B Hacker Date: To: exim users Subject: Re: [exim] Blocking "some messages" for a specific time
misler wrote: > Hi
>
> We run Exim 4.5 as a Relay-Mail-Gateway. We get about 5000 Emails a day.
> This gateway accepts messages from specified users and relays them to an
> other service, which generates sms over GSM. So we have also some accounting
> for the allowed domains. Normally everything runs ok, but once we had an
> accident. Someone wrote for himself a script (with incorrect code) and this
> flooded our exim or on the other hand it used all credits from the sms
> service within 2 hours.
>
> Now my question:
>
> We'd like to block some users for about 2 or more hours if they write more
> than 10 messages in a minute. We are looking for a solution without
> databases.
>
> Are there any suggestions, please help?
>
> Regards
> Matthias Isler
Looks like you have closed a door you may need to open:
- To the extent that you wish to 'keep score', then impose a blackout period,
you have to store the scoring information AND check against a count-down of the
time-out, and not on just a per-message or per-connection timescale.
IOW - you have to do 'tally' writes to *something* external to Exim, as well as
reads and comparisons in (at least) two places, and 'per user' at that. None of
the built-in variables are enduring enough to do that.
That implies a 'database', even if the database is a simple text file, or a
special header that is parked in the queue with sleeping traffic.
- A possible alternative is to apply a fixed rate limit, one you can accomplish
by introducing a constant delay, applicable, at least, to selected sources and
destination routes (the SMS service). Ten messages in two hours? ~ one every 12
minutes...
The crudest way to do that might be to configure Exim as if it were connected
only by periodic dial-up access and/or alter the triggering and frequency of
queue runs. may sneed more than one Exim instance running for that - one
'normal', one 'batched'.
It might be easier to introduce the limiting in the SMS service - or in the
interface to it - instead of in Exim.
Another tool that you might 'bend' into shape could be the 'quota' tools,
wherein you increment by some fixed 'chunk' per-message and subtract with a
time-driven external process, simply check agaisnt quota. But htose are not
ordinarily 'outbound' routing-related tools.
JM2CW, but seems you need to give the whole issue a re-think, as the DB you want
to avoid, similar to those used for 'graylisting', seems the closest toolset you
can adapt with the least new work.
JFWIW, I'd just require a hefty deposit, charge the miscreant enough to earn a
fat profit, and let him use all the SMS he could pay for That breaks most of
'em from sucking eggs quickly enough, ELSE they are no longer your problem.
More creative minds than mine may have better ideas.