----- Original Message ----- > From: Wietse Venema <wie...@porcupine.org> > To: Postfix users <postfix-users@postfix.org> > Cc: > Sent: Monday, August 15, 2011 9:00 AM > Subject: Re: Outbound mail rate limits by user > > > In the case of single-recipient email, this can be done with delays > on the Postfix receiving side. > > 1) Force client concurrency of 1. > > /etc/postfix/main.cf: > smtpd_client_connection_count_limit = 1 > smtpd_client_event_limit_exceptions = > ...hosts not subject to connection count limit... > > 2) Insert delays before receiving mail; s/client/sender/ if appropriate. > > /etc/postfix/main.cf: > smtpd_client_restrictions = > check_client_access hash:/etc/postfix/client_access > > /etc/postfix/client_access: > 1.2.3.4 sleep 2
Well, since this is on the submission port it doesn't affect incoming email (which of course is good). And, since I got rid of ability for users to use sendmail binary, this means I have one point of entry into postfix for users sending mail. Which makes it easier to control rates (amongst many other advantages), and gives me many ways to tackle the issue. For people relaying mail via submission port, hard to see why they would need more than 1 connection if legitimate. Will have to experiment some. I have been playing with a "new" (for me) milter which is proving very promising for the various issues I posted about lately. mailfromd. It finally gives me the ability to streamline and sequence the checks and various things we are doing, far better than the normal milter and content filter flow since most everything can be done from within it. It also does rate throttling, so, I just may use it for this issue, have to experiment some first. Thanks for all your suggestions. There are so many postfix configuration settings! I've used or encountered maybe 1/10 of them. You've given me a lot of good ideas and have come up with some more based on those ideas.
