Page 1 of 4

Limit emails per hour per domain

Posted: Thu Sep 08, 2016 9:03 pm
by mike08
Hi there,

So, I'm having an issue while applying the answer from this post viewtopic.php?t=8246

Once I restart exim I get the following message:
[....] Stopping MTA for restart:2016-09-08 14:51:29 Exim configuration error in line 338 of /var/lib/exim4/config.autogenerated.tmp:
option "acl_not_smtp" unknown
Invalid new configfile /var/lib/exim4/config.autogenerated.tmp, not installing
/var/lib/exim4/config.autogenerated.tmp to /var/lib/exim4/config.autogenerated

I'm running vesta v16, Debian 7 64 bits and exim4.80

I have added those values above the rewrite section

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 1:00 pm
by skurudo

Code: Select all

begin acl

        acl_check_rcpt:
                deny message = Sender rate SMTP overlimit - $sender_rate / $sender_rate_period
                ratelimit = 100 / 1h / leaky

                accept  hosts = net-lsearch;/etc/exim/whitelist
and this?

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 2:29 pm
by dpeca
This works for me:
(I bolded the things that I added in config file)

######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################

acl_not_smtp = acl_not_smtp

begin acl

....
......
......
....

acl_not_smtp:
deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
ratelimit = 3 / 1h / leaky
accept


But the problem is - this is not limit per account but per server?
I tried to send from different emails - and limit is counted for all email account together - not separated per email account.
Or Exim recognize me as the same user via my IP address?
I'll check...
Edit: Nope.
It's a limit for whole server.

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 3:20 pm
by mike08
What if it is tested with?

Code: Select all

acl_not_smtp:
deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
ratelimit = 3 / 1h / per_rcpt / leaky
accept
Not yet at home so I can't test it.

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 3:57 pm
by dpeca
The same thing.

2016-09-09 17:47:39 1biO1j-0006Sn-3y F=<info@domain.com> rejected by non-SMTP ACL: Sender rate overlimit - 3.0 / 1h
2016-09-09 17:47:39 1biO1j-0006Sp-50 F=<> rejected by non-SMTP ACL: Sender rate overlimit - 3.0 / 1h
2016-09-09 17:47:39 1biO1j-0006Sp-50 Error while reading message with no usable sender address (R=1biO1j-0006Sn-3y): rejected by non-SMTP ACL: Sender rate overlimit - 3.0 / 1h
2016-09-09 17:47:39 1biO1j-0006Sn-3y Child mail process returned status 1


This is OK, because it's the first email account, sent 2 emails, he could not sent third email.

2016-09-09 17:48:41 1biO2j-0006TC-B8 F=<admin@otherdomain.com> rejected by non-SMTP ACL: Sender rate overlimit - 2.9 / 1h
2016-09-09 17:48:41 1biO2j-0006TE-C7 F=<> rejected by non-SMTP ACL: Sender rate overlimit - 2.9 / 1h
2016-09-09 17:48:41 1biO2j-0006TE-C7 Error while reading message with no usable sender address (R=1biO2j-0006TC-B8): rejected by non-SMTP ACL: Sender rate overlimit - 2.9 / 1h
2016-09-09 17:48:41 1biO2j-0006TC-B8 Child mail process returned status 1


But this is another domain, another email account... that didn't sent emails, but limit see it as the same thing.

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 4:45 pm
by dpeca
This:

Code: Select all

  ratelimit = 2 / 1h / $sender_address
Works.

But I wonder is it possible for spammer just to change email in From: field and continue to send spam?

Edit: yep :(

Any idea what is a variable for authenticated username?
Something from here - http://www.exim.org/exim-html-current/d ... SECTexpvar ?

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 6:50 pm
by mike08
Just found this:

Code: Select all

acl_not_smtp:
deny authenticated = *
ratelimit = 300 / 1h / strict / ${authenticated_id}_minute
message = Sending rate exceeded, $sender_rate/$sender_rate_period \
(max $sender_rate_limit/$sender_rate_period)
logwrite = :main,reject: \
Rate exceeded: $sender_rate/$sender_rate_period \
(max $sender_rate_limit) $message_id \
$sender_address ($sender_host_name[$sender_host_address]) \
-> $local_part@$domain

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 6:52 pm
by dpeca
and is it working?

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 7:03 pm
by dpeca
On my server ${authenticated_id} has 'admin' value, even I didn't logged as admin.
And that value is the same for all email accounts, so it's not working.

Re: Limit emails per hour per domain

Posted: Fri Sep 09, 2016 7:13 pm
by mike08
Yeah, it isnt working for me either, all messages are being rejected.