Re: [exim] Ratelimiting recipients per sender_address

Página superior
Este mensaje es parte del siguiente hilo:
M\El árbol completo de hilos, ordenados por fecha
MMJeremy Harris, mensaje del <-
MSlavko, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Evgeniy Berdnikov
Fecha:  
A: exim-users
Asunto: Re: [exim] Ratelimiting recipients per sender_address
On Thu, Mar 09, 2023 at 04:47:32PM +0100, Olaf Hopp (SCC) via Exim-users wrote:
> Dear list,
> we want to ratelimit incomming mail bursts (e.g. due
> to phishing attacks).
> To get an idea of reasonable values I have
> 
>   warn
>      ratelimit = 100  / 60s / strict / $sender_address
>      log_message =  RATELIMIT EXCEEDED for $sender_address $sender_rate messages / $sender_rate_period

>
> But when the mail has two or more recipients this is also just counted as one mail

Probably something like that would work:

defer
condition = ${if !eq{$sender_address}{$acl_c_sender_seen}}
ratelimit = 100 / 60s / strict / $sender_address
log_message = RATELIMIT EXCEEDED for $sender_address ...

warn
set acl_c_sender_seen = $sender_address

Not tested.
--
Eugene Berdnikov

Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: [exim] Ratelimiting recipients per sender_addressRe: [exim] Ratelimiting recipients per sender_address->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)