On Fri, 2011-01-28 at 19:13 +0300, Andrew Kerich wrote: > Any ideas appreciated.
Perfect use case for the "ratelimit" ACL option.
Detect the offending message, increment the ratelimit DB, and check
against it with "noupdate" in another ACL. Set the appropriate time in
the ratelimit DB when you're incrementing/checking and entries will
automagically be discounted when they're too old.
This is exactly what I do at $workplace for inbound connections; too
much "badness" and they get deferred. Yours is identical, but the hosts
you want to throttle are "internal".
