Marc Perkel wrote: > Trying to figure a good way to do some fancy rate limiting. What I'd > like to do is test a rate limit without adding to the count. > > Here's the situation. I get a dictionary attack from an IP address. So > what I want to do is count bad recipients so that every time I get a bad > recitient from an IP address I add 1 to the count. > > In a separate ACL I want to look at the count and if it is greater than > my limit I want to do a defer. But I don't want the defer test to affect > the count. But I'm not seeing a way to test a count without adding to > the count. > > The idea here is to have one ACL affect the count but a different ACL to > test the cout without affecting it. > >
Dictionary attack, and you want to go out and play? What's wrong with: drop !verify = recipient delay = JAILs How often do you get a mixture of valid traffic for valid recipients and bogus recipients in the same connection? I haven't had any *this* year, though the year isn't over yet.... Shoot *that* messenger also. At the front gate. The MACRO for JAIL time is just gut-shooting and letting him bleed-out the few things precious to a spambot. A source IP stack with available capacity. And time. Pretty low overhead. Bill 'Beware the fury of a patient man' Dryden -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
