> -----Original Message----- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema > Sent: Saturday, August 13, 2011 6:36 PM > To: Postfix users > Subject: Re: Outbound mail rate limits by user > > No matter what MTA you use, it will need to know a) how many the > sender has sent and b) what the limit for that sender is. > > Therefore, some per-sender configuration is unavoidable.
I think a milter that tracks per-sender traffic outbound is the best idea. The MTA doesn't have to know anything other than how to talk to the milter, so the source and configuration stay clean; the milter can contain all the knowledge of local user databases (LDAP/SQL/whatever), per-user limits that might vary by class-of-service, etc. And a single milter can be referenced by multiple MTAs, so this could easily be a single site-wide facility. The only question you have to ask is how to identify a user reliably. Someone who knows you're rate-limiting outbound could easily spoof the From: or MAIL FROM to try to get around it; you'll need to handle attacks like that. I've implemented stuff like this before with milter, so I know it can be done. -MSK