Author: Ted Cooper Date: To: exim-users Subject: Re: [exim] String expansion in smtp_accept_max_per_connection?
On 12/05/11 19:02, Phil Pennock wrote: > On 2011-05-11 at 14:55 -0700, carbonated beverage wrote:
>> I saw the smtp_accept_max_per_connection variable is not subject to
>> string expansion -- are there plans to change this? If not, what have
>> others with this kind of requirement done to work around it?
>
> No plans which I'm aware of.
>
> Use ACLs; set a counter in the connect ACL in an $acl_c_foo variable,
> check it in the MAIL ACL: if it's zero, give an error, otherwise
> decrement it.
It's actually something I had thought about changing for quite some
time. There's a performance penalty, but with computers these days, it's
not that big. There should be something monitoring the logs or sockets
to ensure that a single IP address doesn't hammer the server though
(firewall it out if too abusive).
The $acl_c_foo values are only valid for the single connection, they are
not shared between connects from the same IP address and as such can't
be used as an alternative to an expandable smtp_accept_max_per_connection.
connect ACL + an external state tracking program works quite
effectively. I used ${readsocket}.
