[exim] Using ratelimit to count the number of rejected deliv…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Daniel Tryba
Datum:  
To: exim-users
Betreff: [exim] Using ratelimit to count the number of rejected delivery attempts
In order to throttle bad senders I was thinking about using ratelimit to count
the number of bad attempts per period.

in acl_smtp_rcpt and acl_smtp_data I try to establish the rates:

acl_smtp_rcpt:

warn ratelimit = 0 / 1h / strict / $sender_host_address
set acl_c10 = $sender_rate

warn ratelimit = 0 / 1h / readonly / rejected:$sender_host_address
set acl_c11 = $sender_rate

So here acl_c10 contains the total rate for a sender. acl_c11 should contain
the rejected rate, but this is always 0 at this point in the ACL.

Logging these with
warn log_message = Sender Rate: junk:$acl_c11 / total:$acl_c10 per
$sender_rate_period

To increase the rate for key rejected:$sender_host_address. I generate some
mails that will fail on recipient check:

deny message = Recipient verification failed
 ratelimit = 0 / 1h / strict / rejected:$sender_host_address
 log_message = DENY - Recipient verification failed for $local_part@$domain 
with $acl_verify_message rate: $sender_rate
 !verify         = recipient


Log shows that $sender_rate is greater than 0 and increases on each try:

2011-12-30 19:31:31 H=mail.office.pocos.nl [109.235.34.226] Warning: Sender
Rate: junk:0.0 / total:1.3 per 1h
2011-12-30 19:31:31 H=mail.office.pocos.nl [109.235.34.226]
F=<daniel@???> rejected RCPT <asdfsadfsdfa@???>: DENY - Recipient
verification failed for asdfsadfsdfa@??? with response to "RCPT
TO:<asdfsadfsdfa@???>" from example.org [1.2.3.4] was: 550 unknown
user rate: 1.3

Next try:
2011-12-30 19:32:18 H=mail.office.pocos.nl [109.235.34.226] Warning: Sender
Rate: junk:0.0 / total:2.3 per 1h
2011-12-30 19:32:18 H=mail.office.pocos.nl [109.235.34.226]
F=<daniel@???> ejected RCPT <asdfsadfsdfa@???>: DENY - Recipient
verification failed for asdfsadfsdfa@??? with response to "RCPT
TO:<asdfsadfsdfa@???>" from example.org [1.2.3.4] was: 550 unknown
user rate: 2.3

So the readonly ratelimit always returns 0 initially and on updates it is
suddenly the same as the default key ratelimit. But the default key isn't
incrementing at twice the rate so something else is being updated.

http://www.exim.org/exim-html-
current/doc/html/spec_html/ch40.html#SECTratelimiting
isn't particulary helpful to find what is going wrong in either my logic or
exims counting. I guess I'm missing something, could someone point out to me
how and if I can accomplish this?

BTW Exim version 4.72

--

POCOS B.V. - Croy 9c - 5653 LC Eindhoven
Telefoon: 040 293 8661 - Fax: 040 293 8658
http://www.pocos.nl/ - http://www.sipo.nl/
K.v.K. Eindhoven 17097024