On 21.04.2014 12:45 CE(S)T, Mike Cardwell wrote:
> The problem seems to be that you don't apply rate limiting. If an account
> is abused to send spam, the flow should be restricted by rate limiting,
> and you should put some process in place to scan the logs for such events
> and notify you. Read:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#SECTratelimiting
Okay, I got that. Does my configuration look good?
> acl_smtp_mail = acl_check_mail
...
> acl_check_mail:
> # Rate limiting on all messages per host
> defer ratelimit = 50 / 5m / strict
> message = Sending rate exceeded. Try again later.
> log_message = Sending rate exceeded: $sender_rate/$sender_rate_period (max $sender_rate_limit)
>
> # Keep authenticated users under control
> deny authenticated = *
> ratelimit = 10 / 5m / strict / $authenticated_id
>
> # System-wide rate limit
> defer message = Sorry, too busy. Try again later.
> ratelimit = 100 / 10s / $primary_hostname
--
Yves Goergen
http://unclassified.de
http://dev.unclassified.de
