Just a request to anyone who may have a working outgoing rate limiting solution and would be willing to share the method and recipe/howto to make it work. We've had 4 compromised user accounts in as many weeks and if wasn't for SOURCE_ADDRESS and being able to a swap server IPs we'd really be in trouble. Each time somewhere between 20k and 60k spams went out before we manually blocked the users account.
If this keeps up then some kind of fancy SMS based alert system might be needed but in any case if there was some way to rate limit the outgoing messages then that would help enormously. We can send about 30K to 40K messages per hour so even a 1 second delay between ALL outgoing messages would cut that down to 10% of a possible spam deluge and probably not really affect our normal clients outgoing mail flow. Being able to exponentially back off the incoming rate of authenticated (ports 587/465) relayed messages would be even better, and the same for general incoming messages on port 25 too for that matter. Being to do so per user would be a dream but even global system wide rate limiting would be better than none at all. I know using the filtering system has been suggested as the way to go but it will take me another 1/4 to 1/2 a year to come up with anything so I'm making it clear that if anyone has got a solution they can share then please do so, if you can spare the time. This is one of the few areas where postfix really does have an advantage... ~ postconf | sort | grep rate amavis_destination_rate_delay = $default_destination_rate_delay anvil_rate_time_unit = 60s bsmtp_destination_rate_delay = $default_destination_rate_delay default_destination_rate_delay = 0s dovecot_destination_rate_delay = $default_destination_rate_delay error_destination_rate_delay = $default_destination_rate_delay ifmail_destination_rate_delay = $default_destination_rate_delay lmtp_destination_rate_delay = $default_destination_rate_delay local_destination_rate_delay = $default_destination_rate_delay maildrop_destination_rate_delay = $default_destination_rate_delay mailman_destination_rate_delay = $default_destination_rate_delay relay_destination_rate_delay = $default_destination_rate_delay retry_destination_rate_delay = $default_destination_rate_delay scalemail-backend_destination_rate_delay = $default_destination_rate_delay smtpd_client_connection_rate_limit = 0 smtpd_client_message_rate_limit = 100 smtpd_client_new_tls_session_rate_limit = 0 smtpd_client_recipient_rate_limit = 0 smtp_destination_rate_delay = $default_destination_rate_delay uucp_destination_rate_delay = $default_destination_rate_delay virtual_destination_rate_delay = $default_destination_rate_delay ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
