----- Original Message ----- > From: Wietse Venema <wie...@porcupine.org> > To: Postfix users <postfix-users@postfix.org> > Cc: > Sent: Saturday, August 13, 2011 8:35 PM > Subject: Re: Outbound mail rate limits by user > > Wietse: >> With Postfix 2.7 and later use a per-sender FILTER action without >> next-hop destination: >> >> ? ? send...@example.com??? FILTER sender-class-1: >> >> In master.cf specify a sender-class-1 SMTP client. >> >> ? ? sender-class-1? ? ? unix? -? ? ? -? ? ? n? ? ? -? ? ? -? ? ? smtp >> >> In main.cf specify sender-class-1_destination_rate_delay=1 to limit >> the per-sender rate to one message per second. > > Steve Fatula: >> Won't this mean I would need a separate class for every sender? And >> if I have 1,000 senders (which I do)?> No matter what MTA you use, it will >> need to know a) how many the > sender has sent and b) what the limit for that sender is. > > Therefore, some per-sender configuration is unavoidable.
True of course, but, was thinking of using a milter to do this since it works for locally submitted mail as well. However, your solution makes way more sense. The milter or other methods block mail if you exceed some limit. Using your way, they simply pile up in the queue I presume, which means software still works and is not blocking anything. So, mailing list managers like mailman still work (they don't have rate throttling unless the newest version does). I like! Making sure one cannot simply change the sender from is easy, and required as well else it's easy to get around. The issue had been preventing use of the sendmail binary for web cgi and logged in users. I believe that can be solved by using msmtp or some such smtp client to replace sendmail binary so that those scripts and users can still send mail, with the exact same restrictions as smtpd received mail. Problem should be solved then. So, my question is if I had a large number of classes as you suggested, would there be any memory or performance hit of any significance? Or, would it mostly function as it does without the classes? (assuming no one violates the limit). Not sure how they work internally in Postfix. If so, this is the prefect solution as nothing breaks, and, rates are limited, yet, people can still send a large amount of mail when they need to. If anyone ever did break in and try and send out tons of automated spam, it would just pile up in the queue and would be pretty obvious.
