Luca Bertoncello wrote:
> Hi, list!
>
> Today I notice that my Exim refused many connection from my PC
> (AUTHENTICATED!) with the error:
>
> Connection from [X.Y.Z.K] refused: too many connections from that IP
> address
>
> Normally I would say, it is normal to refuse the connection coming from the
> same IP that sends too many E-Mails, but it was Nagios to send these E-Mails,
> and I need to have these E-Mails delivered...
>
> I couldn't find any restriction for the authenticated users. I just have this
> rule in acl_check_helo:
>
> defer message = Sender rate exceeds $sender_rate_limit messages
> per $sender_rate_period
> ratelimit = 1000 / 1h / per_conn / leaky / $sender_host_address
>
> So, how can I have a rate limit for NON authenticated E-Mails, but no
> restriction for the authenticated ones?
>
> Thanks a lot!
> Luca Bertoncello
> (lucabert@???)
>
*presuming* you authenticate in the conventional place:
Add a negated conditional:
defer
!condition = ${if eq{$interface_port}{587}}
message = Sender rate exceeds $sender_rate_limit messages per \
$sender_rate_period
ratelimit = 1000 / 1h / per_conn / leaky / $sender_host_address
ELSE:
defer
condition = ${if eq{$interface_port}{25}}
message = Sender rate exceeds $sender_rate_limit messages per \
$sender_rate_period
ratelimit = 1000 / 1h / per_conn / leaky / $sender_host_address
IF that is in fact the cause of the limit - which it may not be...
Check the settings for 'smtp_accept_max' and friends as well.
smtp_accept_max_per_host is a possible suspect.
HTH,
Bill
