Osmany Goderich wrote: >Bandwidth? Wow I guess I was totally wrong about how policyd worked. So let >me understand this...If I want a user to ONLY be able to send one 1MB >message at a time, what do I put? 20 seconds? I'm guessing that's what it >would take minimum for a user to send one e-mail and write a second one. Is >this how this works? Oh by the way I checked that the verdict is in REJECT.
OK, it looks like you expected something different. Policyd applies a quota PER TIME PERIOD - it's not a fixed message size limit. So, for example, if you want to limit users to 1MB per quarter hour, you'd set a quota of 1MB and a period of 1/4 hour. That would not limit the size of an individual message - the user could send one 1MB message, or ten 100k messages, or 100 x 10k messages. It's also not a "X in the previous Y minutes" affair either. Each time a message is sent, the quota is increased accordingly. Also each time, the quota is reduced according to the time that's passed. Eg, sticking with the example of 1MB/15m, then if the user sent a 1MB message, that would put their quota up to 100%. If they then send another one after 5 minutes, the quota would be reduced by 1/3 (5/15) to get 66%, and then the 100% would be added for the new message - making 166%. Further messages will now be blocked. After another 5 minutes, the quota would be reduced by 1/3 to give about 111% so the user is still blocked. AFter another 5 minutes, the quota would be reduced again (to around 74% and another message would be allowed) - but the quota would be increased again and messages would be blocked. Similarly, if the user attempted to send a stream of 100k messages, they'd quickly run the quota up to 110%, then they'd be blocked until it came down to 100% and one more message would get through taking it back up over 100% and so on. I hope that makes sense. Now, there is a lot of room for juggling the figures. The same long term rate could be achieved by setting 4MB/hour. The difference is that the user could then stuff out 4MB before getting throttled. So as well as setting a rate, the "quantity" (whether message size of message count) side of the equation also sets a burst capability - the user can send a burst up to that quantity very quickly, but once they do that the rate will be the same. This burst capability doesn't actually mean they can exceed the allowed rate - to use it they need to have been sending at well below the rate for a period beforehand so as to let the quota go down so as to give some headroom for a burst. Eg, using the same figures (4MB/hour), the user could spit out about 40 x 100k messages in a burst and then would be limited to about one new message per 1 /12 minutes - but to do that they would have to have sent nothing for the previous hour. Long term they would be limited to the 1 message every 1 1/2 minutes average. As for limiting message size, Postfix can do that - but only on a site wide basis. I'm not aware of any tool to do that on a per user (or per class) basis. Most operators don't really care about message size (within limits) and so a site-wide restriction is usually enough. They are more interested in limiting : a) the number of messages sent (limits the damage from spam) b) the bandwidth used (ie the volume per time) -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
