Re: [exim] Ratelimit Tricks - Using ratelimit withoutlimitin…

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: Dean Brooks
CC: exim-users
Subject: Re: [exim] Ratelimit Tricks - Using ratelimit withoutlimitingthe rate
Dean, I think I have it.

warn    condition = ${if 
match{$interface_address}{(69.50.231.3|69.50.231.5)}}
    ratelimit = 1 / 10s / strict


defer    condition = ${if 
match{$interface_address}{(69.50.231.2|69.50.231.18[0-9])}}
    condition = ${if < {$load_average}{40000}{true}{false}}
    !condition = ${if exists{/etc/exim/run/config-error.txt}}
    !dnslists = hostkarma.junkemailfilter.com=127.0.0.1,127.0.0.3
    !ratelimit = 1 / 10s / strict
        set acl_m7 = ${run{/etc/exim/sql/ip-report fake 
$sender_host_address}}
    log_message = Spammer Connected to FAKE highest MX record - 
I=$interface_address



The idea here is that connections to the warn ACL count as part of the
total for the second ACL. This if they hit the IP addresses in the first
one then if the come back within 10 seconds to the second ACL they will
be over the limit. Does this look right?