Re: [courier-users] limiting the rate that authenticated users can send mail
Brought to you by:
mrsam
From: Gordon M. <yi...@eb...> - 2012-11-14 16:36:45
|
On 11/13/2012 09:57 PM, Andy Gajetzki wrote: > Is > there a mechanism in courier that would prevent this from happening > again? How do you guys with big mail servers prevent this from > happening? No, but pythonfilter includes a "ratelimit" module: http://phantom.dragonsdawn.net/~gordon/courier-pythonfilter/ The ratelimit module limits email by IP, but should work properly in the case you describe. I've seen a few similar incidents at sites run by people I know, and helped clean up the mess. In those that I recall, the email was sent by only a few IPs. If you wanted to restrict by username, it would be a trivial modification to the filter (just change getSendersMta to getAuthUser), but that'll cost more CPU time since auth data is retrieved from headers rather than the control files. Pythonfilter also includes "dropmsg" now, which will help you clean out a queue full of spam much more quickly than you can using cancelmsg, and without sending a DSN to the "sender". It's also best to use "dropmsg" with the sender's IP address, but it can drop messages based on the sender's IP, envelope address, or auth data. |