North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Time to check the rate limits on your mail servers

  • From: Peter Corlett
  • Date: Thu Feb 03 18:08:27 2005
  • Newsgroups: newsgate.nanog

Peter Corlett <[email protected]> wrote:
> My exim.conf calls you a liar.

Since I've had a few private emails about my rude and abrupt comment
(although not complaining about it, which is encouraging :), I'd
better explain further, just in case there were people who are curious
but not curious enough to email me.

Exim4 contains support for executing SQL statements in, for example,
PostgreSQL. The original intent was probably so that you can do a
SELECT on a PostgreSQL database for performing expansions instead of
the more traditional flat files and DBMs/CDBs. However, you can also
do an INSERT or UPDATE, which now allows you to maintain state between
SMTP transactions.

So, to perform rate-limiting, you would create a couple of ACLs:

a) A "deny" ACL that blocks/defers mail submission if a SELECT
   indicates that the user has exceeded their quota.

b) A "warn" ACL (effectively a no-op as far as access control is
   concerned) that does an INSERT or UPDATE to increment the user's

To identify a "user" in exim.conf, you can use, for example, their IP
address, authenticated username, or some other information available
from the SMTP transaction.

You can either have a cron job reset the usage counters, or craft your
SQL statements so that old counters are ignored. If done right, you
would even get counts of daily mail volume for each individual
customer in a handy SQL-queriable database for free.

The only source of knowledge is experience.
							- Albert Einstein