blob: 1c45dd03c78a75e483df76b7dc5d3874c7a5a05c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
### This file managed by Puppet
# Before deploying a rule
# 1. test with an additional "sender==test@domain.org;" in the rule so it
# only applies to your test account
# 2. then when ready to test for all users, use WARN and watch the logs
# for a few days and make sure it working the way you like
# 3. Then when ready to deploy for real set a proper error code
## Overrides - make like the following example
# id=exampleuser; sasl_username==exampleuser; action=dunno
## Rules that apply to all senders
# Recipient Per Message Limit
# We only receive mail via smtp from sasl authenticated users
# directly. We want to limit to a lower amount to prevent phished accounts
# spamming
id=RCPTSENDER; recipient_count=150; action=REJECT Too many recipients, please try again. Contact http://<%= @domain %>/tickets/new if this is in error. ERROR:RCPTSENDER
# Message Rate Limit
# This limits sasl authenticated users to no more than 50/60mins
# NOTE: sasl_username needs to be set to something or this check will fail
id=MSGRATE ; sasl_username=!!(^$); action==rate($$sasl_username/100/3600/450 4.7.1 exceeded message rate. Contact Contact http://<%= @domain %>/tickets/new if this is in error. ERROR:MSGRATE)
# Total Recipient Rate Limit
# This adds up the recipients for all the sasl authenticated users messages
# and can't exceed more than 250/60min
# NOTE: sasl_username needs to be set to something or this check will fail
id=RCPTRATE ; sasl_username=!!(^$); action==rcpt($$sasl_username/500/3600/450 4.7.1 exceeded message rate. Contact http://<%= @domain %>/tickets/new if this is in error. ERROR:RCPTRATE)
|