Re: [exim] How to limit to authenticate user to send mails p…

Top Page
Delete this message
Reply to this message
Author: Klaus Ethgen
Date:  
To: exim-users
Subject: Re: [exim] How to limit to authenticate user to send mails per Hour
Am Mo den 16. Sep 2013 um 10:32 schrieb Mihamina Rakotomandimby:
> On 2013-09-15 21:01, Er.shashank.singh wrote:
> >I am really frustrated as some spammers pick and id password from my server
> >and sends lot of mail to change from id like if the stole id and password
> >of abc@??? the they send lot of mails to user from mail id
> >as@???, ad@??? and so on to use the is auth id and password
> >of abc@???.
> Your message was not very clear.


Yes, indeed. But thats the problem off many "non-nativ-english". (I have
the same some times. ;-)

> But as far as I understood:
> - If people can steal credentials: secure your credentials


Not always possible. However, you can use authenticated = * in
combination with $authenticated_id in your acl to limit the sending
rate:
  deny
    authenticated = *
    ratelimit = RATE_LIMIT / 1h / per_rcpt / leaky / $authenticated_id
    log_message = Rejected $authenticated_id due over rate with $sender_rate/$sender_rate_period
    message = Rate limited


> - If people send spam: the solution is not rate limiting


There are some solutions about spam. One is to do outgoing checks of the
mails. This is not always acceptable in a big organisation. One another
solution is to go the legal way against the spammer. But this is seldom
possible as the spam source is coming from foreign countries.

Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C