> From: Charlie Elgholm
> Then one might suggest that the ratelimit-condition perhaps should be
> implemented for the routers as well.. Then we could do
>
> ratelimit = 100 / 1h / <options> / $domain
The ${acl string expansion item works in authenticators.
You can try to use it (or "acl" expansion condition) in routers.
Something like this:
begin acl
throttle:
warn condition = ${if !def:acl_m_throttler}
condition = ${if !def:acl_m_mxlist}
set acl_m_mxlist = ${lookup dnsdb{>: mxh=$acl_arg1}}
warn condition = ${if !def:acl_m_throttler}
set acl_m_throttler = ${if forany{$acl_m_mxlist}\
{match_domain{$item}{*.google.com}}{google}}
warn condition = ${if !def:acl_m_throttler}
set acl_m_throttler = ${if forany{$acl_m_mxlist}\
{match_domain{$item}{*.hotmail.com:*.outlook.com}}{ms}}
accept condition = ${if !def:acl_m_throttler}
accept ratelimit = 100 / 1h / per_cmd / strict / throttler-$acl_m_throttler
message = :defer:
accept
...
begin routers
...
throttled_mx:
driver = redirect
allow_defer
no_verify
data = ${acl{throttle}{$domain}}
If this works then please post your modifications to this.
