Jeff Koch wrote:

Does anyone know if there is a way to limit the frequency with which users pop in to check their email. We have a problem where hundreds of users are checking their email every minute and putting an excessive load on the server. We would like to refuse pop3 connections to a user unless ten minutes has passed.

Thanks in advance for any help.

There is support for something like that in the CVS version of vpopmail. If you are using CDB, it is pretty well tested, and might be safe to use. MySQL is lightly tested, and appears to work. No other back ends have been tested.

If you don't want to take that chance, you can look at the following patch to vchkpw.c for a way to install just that feature.

If you change the source file to look like the right column, leaving out the #ifdef MIN_LOGIN_INTERVAL and associated #endifs it will add that ability. in the if(), change '< MIN_LOGIN_INTERVAL' to the '< {number of seconds}' you want to reject logins for. 600 seconds = 10 minutes, so maybe use 580 so if they set their mail clients to 10 minutes they are safe.

This patch is nasty... as long as they check email every minute, they will NEVER receive it. They _must_ set their interval between checks to be longer than the time limit you specify, or every check after the first will fail. But then that is what you want them to do, right?

Be prepared for lots of panic stricken users, and maybe a lynch mob. :)

Eventually I want to put in a grace count which will allow someone to short cycle a few times before the penalty goes into effect. If you are expecting something important you can manually check say 5 to 10 times within the normal interval, but repeated short attempts will trigger the penalty delay.

Reply via email to