Milter-greylist

Hi all,
 I´m trying to set a milter-greylist rule to control users who send many big messages, so I intend to set a rule to limit users who send more than 200 messages and hour bigger than 500KB, so far I found that I could use a rule like this:

  list "USERS" addr { 158.227.4.29/16 }
 ratelimit "MESSAGES_PER_HOUR" rcpt 2 / 1m key "%f%i"
racl blacklist list "USERS" ratelimit "MESSAGES_PER_HOUR" msg "LIMIT_1H. You have passed the limit".


But I don´t see where should I limit the size of the messages, I read somewhere  that you can use msgsize in a dacl rule, but I don´t see how to merge both.

 Any hint?
   Thanks a lot.

MARENTXU <maren.zubizarreta@...> wrote:

> But I don´t see where should I limit the size of the messages, I read
> somewhere  that you can use msgsize in a dacl rule, but I don´t see how
> to merge both.

I just had a look at the code, and it is indeed possible, though I did
not remember implementing it: you can ratelimit sessions, recipients or
bytes.

The rules would by like this (not tested, this is a wild guess):

list "USERS" addr { 158.227.4.29/16 }
ratelimit "MESSAGES_PER_HOUR" rcpt 200 / 1h key "%f%i"
ratelimit "BYTES_PER_HOUR" data 500M / 1h key "%f%i"

racl blacklist list "USERS" ratelimit "MESSAGES_PER_HOUR" \
    msg "LIMIT_1H. You have passed the recipient limit".
dacl blacklist list "USERS" ratelimit "BYTES_PER_HOUR" \
    msg "LIMIT_1H. You have passed the bytes limit".

Of course it works even beter if you use authenticated SMTP and have the
User identity in the key.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Yes I will try it, but with these rules, I limit
both recipients and bytes, but apparently not at the same time,
I mean, if some user just sends 50 10MB mesages in A DAY this
would trigger the ratelimit. Or if some other user sends 201 messages in one hour this would trigger it too.

And this would be a problem afor us as we have, for example,
messages from mailing lists that are delivered to >201 users 
but they are small, and I don't want to limit them.
   
  Is there a way to set the limit and be applied only to users
who send big messges many times , but no users sending many small 
messages, or few very big messages ?

 Thanks


--- In milter-greylist@yahoogroups.com, manu@... wrote:

>
> MARENTXU <maren.zubizarreta@...> wrote:
> 
> > But I don´t see where should I limit the size of the messages, I read
> > somewhere  that you can use msgsize in a dacl rule, but I don´t see how
> > to merge both.
> 
> I just had a look at the code, and it is indeed possible, though I did
> not remember implementing it: you can ratelimit sessions, recipients or
> bytes.
> 
> The rules would by like this (not tested, this is a wild guess):
> 
> list "USERS" addr { 158.227.4.29/16 }
> ratelimit "MESSAGES_PER_HOUR" rcpt 200 / 1h key "%f%i"
> ratelimit "BYTES_PER_HOUR" data 500M / 1h key "%f%i"
> 
> racl blacklist list "USERS" ratelimit "MESSAGES_PER_HOUR" \
>     msg "LIMIT_1H. You have passed the recipient limit".
> dacl blacklist list "USERS" ratelimit "BYTES_PER_HOUR" \
>     msg "LIMIT_1H. You have passed the bytes limit".
> 
> Of course it works even beter if you use authenticated SMTP and have the
> User identity in the key.
> 
> -- 
> Emmanuel Dreyfus
> http://hcpnet.free.fr/pubz
> manu@...
>

On Tue, Nov 22, 2011 at 09:31:31AM -0000, MARENTXU wrote:
>   Is there a way to set the limit and be applied only to users
> who send big messges many times , but no users sending many small 
> messages, or few very big messages ?

You can ratelimit by recipients with a condition on message size,
and ratelimit by size with a condition on recipients:

 dacl ratelimit "RCPT-LIMIT-SMALL" msgsize < 2M msg "RCPT-LIMIT-SMALL"
 dacl ratelimit "RCPT-LIMIT-BIG" msgsize > 2M msg "RCPT-LIMIT-BIG"

 dacl ratelimit "DATA-LIMIT-SMALL" rcptcount < 10 msg "DATA-LIMIT-SMALL"
 dacl ratelimit "DATA-LIMIT-BIG" rcptcount > 10 msg "DATA-LIMIT-BIG"

-- 
Emmanuel Dreyfus
manu@...