On Oct/31 08:12AM, Duane Hill wrote:
>
> On Thursday, October 30, 2014, 11:33:43 PM, Biju wrote:
>
> > Hi All,
> >
> > I am trying to ratelimit outgoing messages in my exim4 daemon. Many a times,
> > our mail server has been hacked, multiple identity has been added and using
> > those ids, hackers send out bulk spam mails. Once the limit is overcome,
> > many domains are blacklisting us. As I understand from the manuals and
> > searching the mailing lists, outgoing mails can not be ratelimited. Please
> > correct me if I am wrong.
> >
> > What I am thinking is to rate limit using IP tables number of messages going
> > out domain wise to some limit. I can only reject connections using IP
> > tables. What I need is to defer the rejected connections. Where in the exim4
> > do I do this? Is it in routers?
> >
> > I am sure many of you may have faced such issues. Please help with
> > appropriate pointers.
>
> Doing a quick Google search (search terms: 'exim rate limit') turns up
> a post to github from Lena on 'Blocking compromised accounts
> (outgoing spam) and auth cracking'.
>
> https://github.com/Exim/exim/wiki/BlockCracking
>
> Perhaps you can use this or tailor it to your needs in accomplishing
> your task.
I'm no expert, but wouldn't the appropriate response be to learn to
secure the server, rather than hacking on exim to solve this problem?
Thanks in advance.
--
Joshua