Am 24.10.2014 um 22:22 schrieb Mike Cardwell:
* on the Fri, Oct 24, 2014 at 03:41:22PM -0400, Wietse Venema wrote:
Is there a way to limit connections from web applications on the same
server for postfix?
The web application sends messages via smtp on localhost (127.0.0.1:25).
Need to limit the maximum 5k messages per hour. Is that possible?
You don't want to do that in Postfix, as it would have
to reject mail, and rejected mail would not be delivered.
Rate limit the PHP application.
I did this for a shared hosting system about ten years ago using the
ident functionality in Exim. I installed a local ident daemon and
then configured Exim to talk to it. Once Exim knew the user, it could
apply user-level ratelimiting to both mail submitted via the
executable and that submitted via a TCP socket together.
If Postfix doesn't have ident support and allowing tcp connections
for mail submission is important, you might want to take a look at
Exim instead
that's not the problem
the problem is that a website script can't handle a temporary reject and
so you end in lose random mails if for whatever reason the app exceeds
the limits
if you fear injected junk than install a content-filter or just remove
functionality on websites which allow to define destination address by
untrusted user input (recommedn page with a user-defined content part
and so on)
