Re: [exim] ratelimit woes

Top Page
Delete this message
Reply to this message
Author: Todd Lyons
Date:  
To: Jan Ingvoldstad
CC: exim-users
Subject: Re: [exim] ratelimit woes
On Thu, Feb 17, 2011 at 8:49 AM, Jan Ingvoldstad <frettled@???> wrote:

>   warn ratelimit = 0 / 1h / strict
>        logwrite = :main: \
>                   Rate: $sender_rate/$sender_rate_period \
>                   $message_id \
>                   $sender_address ($sender_host_name[$sender_host_address]) \
>                    -> $local_part@$domain


When you pasted the logged line that said 60.1/1h, that was created
from the above line, right?

>   deny authenticated = *
>        ratelimit = 60 / 1d / strict / $authenticated_id
>        message = Sending rate exceeded, $sender_rate/$sender_rate_period \
>                  (max $sender_rate_limit/$sender_rate_period)
>        logwrite = :main,reject: \
>                   Rate exceeded:  $sender_rate/$sender_rate_period \
>                   (max $sender_rate_limit) $message_id \
>                   $sender_address ($sender_host_name[$sender_host_address]) \
>                    -> $local_part@$domain


Because it should have matched this one too. Did you see two lines
logged with 60.1?

>  deny authenticated = *
>       ratelimit = 50 / 1h / strict / $authenticated_id
>       message = Sending rate exceeded, $sender_rate/$sender_rate_period \
>                 (max $sender_rate_limit/$sender_rate_period)
>       logwrite = :main,reject: \
>                  Rate exceeded:  $sender_rate/$sender_rate_period \
>                  (max $sender_rate_limit) $message_id \
>                  $sender_address ($sender_host_name[$sender_host_address]) \
>                   -> $local_part@$domain


As to why connection #51 (in the same hour) didn't match this one, I'm
not sure. Can you look at the config file with a hex editor and make
sure that there are no strange non-ascii characters in it? I really
doubt it, but it eliminates one possibility.

I also would think you want to match the more exact rules first,
reversing the order. But I don't use exim's built in ratelimit, I use
a system that I wrote utilizing memcache, so I'm just guessing.
Hopefully someone with ratelimit experience can chime in with more
authoritative answers.

--
Regards...      Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm.  -- Marcus Aurealius