:-) smtpd_client_recipient_rate_limit :"The maximal number of recipient addresses that any client is allowed to send to this service per time unit, regardless of whether or not Postfix actually accepts those recipients."
I'm afraid I know several anvil related limits for *clients* rather than user accounts. I'm wondering if postfix allows setting similar restriction not for a client but for a SASL authenticated user?
Let's think of the following situation:A user account security has been compromised (the attackers know the username and password for SASL login). Attackers want to use this account for sending spam. If they try to do it from a single IP - that's no problem, anvil-related limits will limit the damage. But in case of an attack from a botnet many dozen of attacking hosts - numerous logins from different IPs to that account, each host sends, let's say 10 e-mails (one per minute) each for 20 recipients and disconnects. I'm afraid smtpd_client_*_rate/count_limit will not prevent it..? Something like:
"The maximal number of recipient addresses that any SASL authenticated user is allowed to send to this service per time unit, regardless of whether or not Postfix actually accepts those recipients."
would be perfect. Best regards, Marek
smime.p7s
Description: S/MIME Cryptographic Signature
