Re: [policyd-users] Hourly Limits

Mon, 13 Jul 2009 04:19:14 -0700 

[email protected] escreveu:

I've seen that policyd permits to limit SASL users or hosts. Ok, i
can't use those 2 solutions, because, first won't work as i'm not
using SASL (no authenticated users), and second of course won't work
because the host is the same for all users (my webserver).

Any other idea? I think that the solution is limiting evenlope sender
(the system user).
limiting the system user would limit your system globally, thus avoiding some user to send mails when some other user reached the system quota, which is global for the system. That doesnt seem to be the most intelligent way.
i really dont see some easy solution without involving some script adjusting. I would suggest:
1) sending a mail to your customers explaininig why you're implementing quota. Make them believe this is good for them, as the system will not be used for SPAM sending and, thus, will have a lower chance of having problems of RBLs and stuff.
2) so you'll have to force your users to adjust their script and always set a From header. Maybe you'll have to block system user from sending directly .... with that done, you can limit securely on the sender. But that would still allow some malicious user to change From header and bypass quota limitation.
3) even better would be NOT allowing email sending without SASL authentication, so you could limit that on the SASL authenticated user. 

   without those changes, i cant see a secure way of doing that.


Oh, i have another question: i've installed policyd with apt-get. I
think it's version 1, not 2. How can i check?



   this is the output from v1.82 ...

[r...@correio ~]# /usr/local/policyd/policyd --version
policyd v1.82
usage: /usr/local/policyd/policyd -c /path/to/policyd.conf
[r...@correio ~]#

   from 2 you should probably get something similar telling the version.


--


        Atenciosamente / Sincerily,
        Leonardo Rodrigues
        Solutti Tecnologia
        http://www.solutti.com.br

        Minha armadilha de SPAM, NÃO mandem email
        [email protected]
        My SPAMTRAP, do not email it

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users

Reply via email to