Jaroslaw Grzabel wrote:
Hi,
Wietse Venema wrote:
Instead, use a policy daemon with persistent database.
As far as I remember I tried once http://www.policyd.org, but it didn't
work for me. As I remember there was a problem with message accounting,
...
Or maybe you have different policy daemon in mind ?
The point is that you are using anvil in a manner contrary to
its documented intent; don't be surprised if it doesn't work
the way you expect it to.
As documented:
- anvil must not be used for quota or traffic shaping; it's
intent is a last-resort DoS protection tool.
- anvil keeps the table of known IPs and counts in memory;
this is not suitable for more than a few minutes worth of data.
The proper solution for your requested policy is to use an
external policy server or milter that keeps a database of
connections, or maybe a traffic-shaping firewall feature.
I don't have a suggestion for what you should use, but I know
anvil just isn't suitable.
-- Noel Jones
