Heiko Schlittermann <[email protected]> (Mi 25 Sep 2019 13:12:45 EDT): > Maybe we use ratelimit to restrict the numbers of distinct > sender_host_addresses that are allowed to do (successful) > authentication.
We can.
> The challenge will be to find the right balance between being too sloppy
> and too strict.
cl_check_mail:
deny authenticated = *
ratelimit = 2/1d / per_conn/unique=$sender_host_address /
$authenticated_id
Of course, 2/1d is a way strict :)
Maybe you can scan your log files to get an idea about a good choice.
--
Heiko
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
