Re: Time to check the rate limits on your mail servers

["Sam Hayes Merritt, III" <sam () themerritts org>]

On Thu, 3 Feb 2005, Michael Loftis wrote:
> --On Thursday, February 03, 2005 11:42 +0000 Michael.Dillon () radianz com 
> wrote:
>
> > Do you let your customers send an unlimited number of
> > emails per day? Per hour? Per minute? If so, then why?
>
> Because there are *NO* packages available that offer limiting.  Free or 
> commercial.

I disagree.

On a per IP basis, sendmail now offers

ClientRate, number of connections allowed within a 60 second sliding 
window from a given IP

and

ClientConn, number of active connections allowed from an IP at any time


Used in conjunction with Jochen Bern's bm patch available from 
http://www.informatik.uni-trier.de/~bern/sendmail/ which limits the number 
of mail commands given in a single connection, you can rate limit your 
users fairly well. We have used these limits for ~6 months now and have 
only had to whitelist 3 sites from the Client limits.

You could probably adjust the window size for the ClientRate and then 
limit the number of smtp commands per connection to achieve like an hourly 
limit of some sort.


sam