We're seeing this too, more and more recently in the past few months. It would be fantastic if courier could internally incorporate rate-limiting on outgoing mail, preferably per auth-user in esmtpd and per uuid in local.
-Jeff On Sep 10, 2013, at 7:24 AM, Mark Constable <ma...@renta.net> wrote: > Just a request to anyone who may have a working outgoing rate limiting > solution and would be willing to share the method and recipe/howto to > make it work. We've had 4 compromised user accounts in as many weeks > and if wasn't for SOURCE_ADDRESS and being able to a swap server IPs > we'd really be in trouble. Each time somewhere between 20k and 60k > spams went out before we manually blocked the users account. > > If this keeps up then some kind of fancy SMS based alert system might > be needed but in any case if there was some way to rate limit the > outgoing messages then that would help enormously. We can send about > 30K to 40K messages per hour so even a 1 second delay between ALL > outgoing messages would cut that down to 10% of a possible spam deluge > and probably not really affect our normal clients outgoing mail flow. > > Being able to exponentially back off the incoming rate of authenticated > (ports 587/465) relayed messages would be even better, and the same for > general incoming messages on port 25 too for that matter. Being to do > so per user would be a dream but even global system wide rate limiting > would be better than none at all. > > I know using the filtering system has been suggested as the way to go > but it will take me another 1/4 to 1/2 a year to come up with anything > so I'm making it clear that if anyone has got a solution they can share > then please do so, if you can spare the time. > > This is one of the few areas where postfix really does have an advantage... > > ~ postconf | sort | grep rate > amavis_destination_rate_delay = $default_destination_rate_delay > anvil_rate_time_unit = 60s > bsmtp_destination_rate_delay = $default_destination_rate_delay > default_destination_rate_delay = 0s > dovecot_destination_rate_delay = $default_destination_rate_delay > error_destination_rate_delay = $default_destination_rate_delay > ifmail_destination_rate_delay = $default_destination_rate_delay > lmtp_destination_rate_delay = $default_destination_rate_delay > local_destination_rate_delay = $default_destination_rate_delay > maildrop_destination_rate_delay = $default_destination_rate_delay > mailman_destination_rate_delay = $default_destination_rate_delay > relay_destination_rate_delay = $default_destination_rate_delay > retry_destination_rate_delay = $default_destination_rate_delay > scalemail-backend_destination_rate_delay = $default_destination_rate_delay > smtpd_client_connection_rate_limit = 0 > smtpd_client_message_rate_limit = 100 > smtpd_client_new_tls_session_rate_limit = 0 > smtpd_client_recipient_rate_limit = 0 > smtp_destination_rate_delay = $default_destination_rate_delay > uucp_destination_rate_delay = $default_destination_rate_delay > virtual_destination_rate_delay = $default_destination_rate_delay > > ------------------------------------------------------------------------------ > How ServiceNow helps IT people transform IT departments: > 1. Consolidate legacy IT systems to a single system of record for IT > 2. Standardize and globalize service processes across IT > 3. Implement zero-touch automation to replace manual, redundant tasks > http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk > _______________________________________________ > courier-users mailing list > courier-users@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
