On Fri, Nov 10, 2006 at 11:59:19AM -0500, Eli wrote:
> What about something like this (which was what I was thinking):
>
> warn condition = ... bad recipient ...
> ratelimit = 1/1h/per_cmd
> delay = 30s
>
> I have no clue if this works though - I spent all of 5 minutes thinking over
> the problem and coming up with what I hope is a solution. The thought
> process is that if and ONLY if the condition is true (ie, there was a bad
> recipient and you DO want to increment the ratelimit count), then the
> ratelimit is checked (and incremented - which is the correct method of op
> here), and finally if the ratelimit is found to be exceeded, the delay of
> 30s is applied.
The problem is when you want to block based upon the number of bad
recipients. There is no way to write that ACL unless you only block
when they send a bad recipient.
deny condition = ... bad recipient ...
ratelimit = 10/1h/per_rcpt
Imagine the above ACL. Sure, it will start denying them when they have
sent more than 10 bad recipients in an hour. But how can you write that
ACL to check the ratelimit even if they havent sent a bad recipient?
You can't, because there is no way to read a ratelimit value without
incrementing.
--
Dean Brooks
dean@???