This machine only does smtp auth for relaying purposes..
Does the ratelimit portion (or the entire acl if anyone cares to
comment..) does this logic/syntax make sense?
I am trying to say that "we will only smtp auth/relay 100 messages a day
for your ID; after 100 we deny you relaying capabilities."
below is the acl_check_rcpt
(thanks in advance for any input/advice..)
acl_check_rcpt:
deny message = Restricted characters in address
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require verify = sender
require verify = recipient
warn
message = X-Originating-IP: $sender_host_address
accept hosts = +relay_from_hosts
warn message = X-BSD-Auth-Id: $authenticated_id
deny
authenticated = *
#ratelimit = 5 / 1d / per_rcpt / strict / ${if
!eq{$authenticated_id}{} {$authenticated_id}{$sender_host_address}}
ratelimit = 100 / 1d / strict / $sender_address
#delay = 30s
log_message = Sender $sender_address rate $sender_rate
$sender_rate_period exceeded limit
deny
authenticated = *
#ratelimit = 5 / 1d / per_rcpt / strict / ${if
!eq{$authenticated_id}{} {$authenticated_id}{$sender_host_address}}
ratelimit = 100 / 1d / strict / $authenticated_id
#delay = 30s
log_message = Sender $sender_address rate $sender_rate
$sender_rate_period exceeded limit
accept authenticated = *
control = submission/domain=
#encrypted = *
drop message = sorry, relay by your ip is not permitted;\n \
You should setup smtp authentication.\n \
Please call 845.123.4567 if you need assistance.
log_message = relay not permitted
# EOF
When I had the ratelimit set from deny to warn I would get these messages:
2010-04-16 08:46:08 [25726] H=(MYCOMPUTER) [2.9.1.1]:7243 I=[6.7.6.1]:25
Warning: Sender user@??? rate 627.4 1d excedes limit delayed 30
seconds
2010-04-16 08:47:09 [25726] H=(MYCOMPUTER) [2.9.1.1]:7243 I=[6.7.6.1]:25
Warning: Sender user@??? rate 627.9 1d excedes limit delayed 30
seconds
2010-04-16 08:48:11 [25726] H=(MYCOMPUTER) [2.9.1.1]:7243 I=[6.7.6.1]:25
Warning: Sender user@??? rate 628.5 1d excedes limit delayed 30
seconds
so it at least *looked* like my warn was working and that the ratelimit
db was being counted properly..