Hello,
I am trying to set rate limits on our smtp relays to prevent abusive
(compromised) user hosts from flooding the service with fast, intensive mail
floods.
I have used the following directives (I can post whole main.cf, but I don't
think it's necessary):
smtpd_recipient_limit = 100
smtpd_error_sleep_time = 5
smtpd_client_recipient_rate_limit = 60
smtpd_client_connection_rate_limit = 30
smtpd_client_message_rate_limit = 100
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
anvil_rate_time_unit = 300
However, these limits do not seem to apply, I have recently experienced a
massive flood from a single user that managed to send hundreds of thousands of
mails overnight.
I thought that especially limiting the number of recipients to 60 / 5 minutes
will be quite effective against spam floods, but the anvil is probably working
in a different way than I thought, please advice.
Thank you kindly in advance.
Best regards
Daniel Ryslink
