Autor: Heiko Schlittermann Data: A: exim-users Assumpte: Re: [exim] Better way to deal with phished users?
Niels Kobschätzki via Exim-users <exim-users@???> (Mo 05 Jul 2021 14:00:02 CEST): > >
> > ...beside exims "ratelimiting" (which is just lowering the impact at the cost
> > of all users)
>
> actually depending on how the rate limiting works it doesn’t impact all users and I can whitelist users that are legitimate but would be hit by the rate-limiting.
I think, if you follow the initial suggestion, limiting the pure number
of distinct addresses per interval, the impact should be relativly low.
Users sending tons of mails to the same destination are not impacted,
users sending a newsletter to a ton of destinations are not impacted, if
you choose a well balanced rate (e.g. for Exim's ratelimit "engine" it's
a subtle difference between 60/1m and 3600/1h.
And, as the ratlimit condition is expanded, you can do what ever your
creativity dictates (e.g. lookup the limits in a database).