Hello postfix-users, I'm looking for a way to limit the time or the number of messages an established smtp authenticated session can be used for. I already have rate limiting (anvil for anti-dos and policy delegation for maintaining a quota per hour) in place. But if I lock a (hacked) user account and prohibit further smtp auth logins, an established connection can still be used to send messages.
As long as this authenticated session sends messages below the configured rate limits and quotas, no errors will occur. Therefore the options smtpd_soft_error_limit smtpd_hard_error_limit do not help disconnecting this session. I know postfix has quite a few options to configure the connection reuse behavior as client, using the "smtp_connection_cache_"-options, but how would I approach my problem with postfix being an smtp server and a long lasting smtp authenticated session. I could think of a few techniques to find and tear down such unwanted connections. But I hope that maybe I did miss some global setting in postfix of how long a single smtp session may last, regardless of what the client (successfully) does with it. Especially since postfix as smtp client has no many options for these kind of issues. Thanks, Regards Christian
