On 21.04.2014 12:45 CE(S)T, Mike Cardwell wrote:
The problem seems to be that you don't apply rate limiting. If an account
is abused to send spam, the flow should be restricted by rate limiting,
and you should put some process in place to scan the logs for such events
and notify you. Read:
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#SECTratelimiting
Okay, I got that. Does my configuration look good?
acl_smtp_mail = acl_check_mail
...
acl_check_mail:
# Rate limiting on all messages per host
defer ratelimit = 50 / 5m / strict
message = Sending rate exceeded. Try again later.
log_message = Sending rate exceeded:
$sender_rate/$sender_rate_period (max $sender_rate_limit)
# Keep authenticated users under control
deny authenticated = *
ratelimit = 10 / 5m / strict / $authenticated_id
# System-wide rate limit
defer message = Sorry, too busy. Try again later.
ratelimit = 100 / 10s / $primary_hostname
--
Yves Goergen
http://unclassified.de
http://dev.unclassified.de
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
