> On Fri, 26 Feb 2010 15:31:32 +0000
> Andrew Hearn<andrew.hearn@???> wrote:
>
>> However, is there a way to ratelimit or deny hosts based on how many
>> messages they've sent that have been rejected/deferred by the recipients MX?
>>
>> Eg, if we've tried to relay messages for a host, and 100 in the past
>> hour have been denied or deferred by the recipients MX, then we can
>> block the sender from sending more. (as well as log it and contact the
>> customer)
>
acl_cnu_rate_trap:
accept ratelimit = 100 / 7d / strict/per_rcpt \
/ $sender_host_address,cnu
logwrite = [$sender_host_address] CNU rate \
$sender_rate / $sender_rate_period
!ratelimit = 1 / 7d / strict/per_rcpt \
/ $sender_host_address,cnu-warn
logwrite = mail warning to CONTACT_NAME
continue = ${run \
{/usr/sbin/sendmail -n -s high_CNU_rate_$sender_host_address CONTACT_NAME -- -f <>} \
{}{}}
accept
acl_noncust_verifies:
.
.
.
# All customer-source outbound mail does recipient-verify.
deny !verify = recipient/${if eq {$sender_address}{}\
{callout=60s,use_sender}\
{callout=20s,use_sender,defer_ok} }
message = recipient <$acl_m3> does not appear to exist \
(fail: $recipient_verify_failure)
set acl_m5 = reject ($domain would not verify ${quote_local_part:$local_part})
set acl_m_disp_action = reject
set acl_m_tstclass = TSTCLASS_VERIFY
set acl_m9 = $acl_m3
acl = acl_update_rcptaudit_record_and_msg
acl = acl_cnu_rate_trap
.
.
.
