Mark Constable writes:
On 08/05/12 08:01, Sam Varshavchik wrote: >> Rate limiting is implemented in the main scheduler, and applies to any >> transport mechanism, not just ESMTP > > http://www.courier-mta.org/modules.html > > Look at the various module.* files in etc. It's not something that, for > a decade now, anyone really cared about, in my memory. The default settings > seems to work for everyone.Thanks Sam, never had to look at this stuff before. We had a phishing spam where just one client answered with her auth details and in about 8 hours 660K spams were sent via her account before I manually blocked the sending IP and cancelled the mailq messages. Normal users would never be sending at 80K per hour so I'm wondering how to limit that message per hour rate down to a few hundred per hour per user, but I guess "per user" is not possible. In this scenario, what might be the best tweaks to MAXDELS, MAXHOST, MAXRCPT?
It's not the scenario for these knobs. These knobs are there mostly to set the maximum upper limits to keep one from blowing away all the RAM and network bandwidth. That the kind of "rate limiting" this is.
Anyone have any suggestions how to prevent this kind of abuse?
There's nothing there that can be readily used for something like this. I suppose one can hack up a perlfilter script that counts messages from each authenticated user.
pgpHFchMN9zDp.pgp
Description: PGP signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users