Matt wrote:
Looking at this on rate-limiting:
http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECTratelimiting
I have this in exim.conf
warn ratelimit = 1000 / 12h / per_rcpt / strict
delay = 10s
log_message = Sender $sender_address rate $sender_rate /
$sender_rate_period excedes limit delayed 10 seconds
Works well to stop virus infected PC's in the IP pools I relay for.
Since all webmail comes from 127.0.0.1 it does not work very well for
that. I have webmail locked down so as they cannot change there
source email address. Is there a way with ratelimit I can add a
second rule for 127.0.0.1 that ratelimits be source email address
instead of just source IP?
Almost certainly. But not knowing WHICH Webmail app - where to look?
- parsing the messages for '127.0.0.1' instead of $sender_address would
obviously hit all-comers, not just the infected.
- parsing the *message* headers for the 'From:' or 'Reply-to:' is far
less reliable, 'specially as we are speaking of vermin that may very
well alter those.
But .. depending on the Webmail app, what MAY work is using the Luser's
Login UID and PWD eg: AUTH creds - of each individual submitter -
instead of the source address.
Can Exim be handed these from the Webmail daemon in a manner still
associated with each submitter and message?
Bill
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
