Re: [exim] Rate-limiting outgoing mail processing per-domain

Pàgina inicial
Delete this message
Reply to this message
Autor: Kjetil Torgrim Homme
Data:  
A: Andrew McGill
CC: exim-users
Assumpte: Re: [exim] Rate-limiting outgoing mail processing per-domain
On Thu, 2008-10-23 at 12:32 +0200, Andrew McGill wrote:
> On Tuesday 21 October 2008 10:44:30 Graeme Fowler wrote:
> > On Tue, 2008-10-21 at 09:54 +0200, Andrew McGill wrote:
> > > I know that exim can control the incoming rate quite easily, but we would
> > > like to rate limit the *outgoing* RCPT TO: rate per authentication source
> > > when processing the queue, without limiting the incoming mail rate.
> >
> > You need something like this in the global settings:
> >
> > acl_not_smtp = acl_check_notsmtp
> > [...]
> >
> > Note that snippet isn't counting RCPTs, because in the not_smtp phase
> > there are no RCPT TO commands - it's not SMTP, see? It's counting
> > messages but it should give you a base to work from.
>
> Thanks Graeme - this does look hopeful - although some of the people we are
> trying to not to frustrate turn out to be hardened spammers, who won't be shy
> to send 1 mail to 10000 recipients. We'll need a few more measures that
> this.
>
> I guess exim can't really do outgoing rate throttling then :(


well, it can, as Graeme demonstrated. another tactic would be to update
the ratelimiting during submission (for each RCPT), and check it during
delivery (with acl_not_smtp, as above). this is also less likely to
cause problems if your queue builds up -- retries will be counted with
Graeme's suggestion, if I understand it correctly.

rather than rummage through Received, I think I would put the
authenticated name in an added header which I'd remove in the transport
before passing it on to other systems. or perhaps use a sha-digest of
the authenticated name, then you don't need to remove it, and it could
actually be useful for abuse complaints processing. Exim doesn't care
what bytes the key consists of as long as it identifies the source
uniquely.

-- 
regards,          | Redpill  _
Kjetil T. Homme   | Linpro  (_)