Re: [exim] ratelimit is counting wrong

Top Page
Delete this message
Reply to this message
Author: Dean Brooks
Date:  
To: exim-users
Subject: Re: [exim] ratelimit is counting wrong
On Wed, Oct 22, 2008 at 04:23:03PM +0200, Marten Lehmann wrote:
> > What you are trying to do should work the way it's coded. It's quite
> > likely that you have something else wrong in your ACLs. Please see
> > my other reply to your thread for more info.
>
> "should" is the correct description. Because it doesn't. According to
> your recommendation I extended the ACL so that it includes logging:
>
>    defer   authenticated = *
>            ratelimit     = 
> ${lookup{$authenticated_id}lsearch*@{/etc/mailrelay/ratelimits.txt}} / 
> 1h / per_rcpt / strict / $authenticated_id
>            message       = Sender rate limit reached, account 
> temporarily disabled.
>            log_message   = RATELIMIT EXCEEDED: $authenticated_id / 
> $sender_rate / $sender_rate_period

>
> And now I have logging lines like this:
>
> 2008-10-22 15:54:33 H=(mail.xxx) [1.2.3.4] F=<m.h@xxx> temporarily
> rejected RCPT <some@address>: RATELIMIT EXCEEDED: info@xxx / 2424.4 / 1h
>
> Just tell me how you would send a 0.4 portion of an email. So exim
> definetely does interpolate which I didn't ask it to do.


So what didn't work here? Did you not send 2400+ recipients, and it
blocked anyway? Or did you send a much higher or lower number of
recipients and you think the 2,400 value is way off?

Also, is this ACL in your RCPT acl, or do you have it in the MAIL or
DATA ACL? It should definitely be in your RCPT acl.

The rounding you are seeing isn't an interpolation, it's a decaying
of the rate limit, which is normal and a good thing. Rate limits,
by definition, have to work in a moving window of a specific time frame.
In your case, it's an hour. That hour is always moving through time.

If you move 2,500 messages all at once, and then check the value 5
minutes later, it will be less than 2,500 because your 1-hour frame of
reference has shifted slightly. After an entire hour has elapsed, it
will have decayed to zero. This is normal and a *good* thing.
Without it, rate limits wouldnt work at all. The decaying works
within one .1 unit of precision.

So, going back to your example above, what isn't working? You didnt
include the contents of ratelimits.txt, so hard to see what the
values were or what the authenticated id was.

Please explain in more detail what specifically isn't working, and
we'd be happy to help you. Ratelimits in Exim work wonderfully well,
but they do take a bit of time to wrap your mind around.

--
Dean Brooks
dean@???