In order to throttle bad senders I was thinking about using ratelimit to count
the number of bad attempts per period.
in acl_smtp_rcpt and acl_smtp_data I try to establish the rates:
acl_smtp_rcpt:
warn ratelimit = 0 / 1h / strict / $sender_host_address
set acl_c10 = $sender_rate
warn ratelimit = 0 / 1h / readonly / rejected:$sender_host_address
set acl_c11 = $sender_rate
So here acl_c10 contains the total rate for a sender. acl_c11 should contain
the rejected rate, but this is always 0 at this point in the ACL.
Logging these with
warn log_message = Sender Rate: junk:$acl_c11 / total:$acl_c10 per
$sender_rate_period
To increase the rate for key rejected:$sender_host_address. I generate some
mails that will fail on recipient check:
deny message = Recipient verification failed
ratelimit = 0 / 1h / strict / rejected:$sender_host_address
log_message = DENY - Recipient verification failed for $local_part@$domain
with $acl_verify_message rate: $sender_rate
!verify = recipient
Log shows that $sender_rate is greater than 0 and increases on each try:
2011-12-30 19:31:31 H=mail.office.pocos.nl [109.235.34.226] Warning: Sender
Rate: junk:0.0 / total:1.3 per 1h
2011-12-30 19:31:31 H=mail.office.pocos.nl [109.235.34.226]
F=<daniel@???> rejected RCPT <asdfsadfsdfa@???>: DENY - Recipient
verification failed for asdfsadfsdfa@??? with response to "RCPT
TO:<asdfsadfsdfa@???>" from example.org [1.2.3.4] was: 550 unknown
user rate: 1.3
Next try:
2011-12-30 19:32:18 H=mail.office.pocos.nl [109.235.34.226] Warning: Sender
Rate: junk:0.0 / total:2.3 per 1h
2011-12-30 19:32:18 H=mail.office.pocos.nl [109.235.34.226]
F=<daniel@???> ejected RCPT <asdfsadfsdfa@???>: DENY - Recipient
verification failed for asdfsadfsdfa@??? with response to "RCPT
TO:<asdfsadfsdfa@???>" from example.org [1.2.3.4] was: 550 unknown
user rate: 2.3
So the readonly ratelimit always returns 0 initially and on updates it is
suddenly the same as the default key ratelimit. But the default key isn't
incrementing at twice the rate so something else is being updated.
http://www.exim.org/exim-html-
current/doc/html/spec_html/ch40.html#SECTratelimiting
isn't particulary helpful to find what is going wrong in either my logic or
exims counting. I guess I'm missing something, could someone point out to me
how and if I can accomplish this?
BTW Exim version 4.72
--
POCOS B.V. - Croy 9c - 5653 LC Eindhoven
Telefoon: 040 293 8661 - Fax: 040 293 8658
http://www.pocos.nl/ -
http://www.sipo.nl/
K.v.K. Eindhoven 17097024