https://github.com/nbari/policyd-rate-limit
Postfix rate limiter SMTP policy daemon
https://github.com/nbari/policyd-rate-limit
limit postfix postfix-policy-server quota rate rate-limit rate-limiting smtp
Last synced: 2 months ago
JSON representation
Postfix rate limiter SMTP policy daemon
- Host: GitHub
- URL: https://github.com/nbari/policyd-rate-limit
- Owner: nbari
- License: bsd-3-clause
- Created: 2020-02-03T12:47:29.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-06-21T22:16:14.000Z (over 2 years ago)
- Last Synced: 2024-11-17T01:06:48.447Z (11 months ago)
- Topics: limit, postfix, postfix-policy-server, quota, rate, rate-limit, rate-limiting, smtp
- Language: Rust
- Homepage:
- Size: 106 KB
- Stars: 4
- Watchers: 2
- Forks: 0
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# policyd-rate-limit
[](https://crates.io/crates/policyd-rate-limit)
[](https://travis-ci.org/nbari/policyd-rate-limit)
Postfix rate limiter SMTP policy daemon
# How it works
It depends on the [Postfix policy delegation protocol](http://www.postfix.org/SMTPD_POLICY_README.html), it searches for the `sasl_username` and based on the defined limits stored in a MySQl database it rejects or allows `action=DUNNO` the email to be sent.
# How to use
```txt
USAGE:
policyd-rate-limit [OPTIONS] --dsn [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-d, --dsn mysql://:@tcp(:)/
--max mysql pool max connections [default: 50]
--min mysql pool min connections [default: 3]
-s, --socket path to Unix domain socket [default: /tmp/policy-rate-limit.sock]
SUBCOMMANDS:
cuser Create the user if not found, defaults: 100 messages per day
help Prints this message or the help of the given subcommand(s)
```
For the subcommand `cuser`:
```txt
Create the user if not found, defaults: 100 messages per day
USAGE:
policyd-rate-limit --dsn cuser [OPTIONS]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-l, --limit maximum allowed messages [default: 100]
-r, --rate rate in seconds, limits the messages to be sent in the defined period [default: 86400]
```
Use a supervisor ([immortal](https://immortal.run)) to run `policyd-rate-limit`,
for example to create users if not found and to only allow 3 emails every hour
use:
policyd-rate-limit -d mysql://root:test@tcp(localhost)/policyd -s /var/run/policy-rate-limit.sock cuser -l 3 -r 3600
The database schema:
```sql
CREATE SCHEMA IF NOT EXISTS `policyd` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
USE policyd;
CREATE TABLE IF NOT EXISTS `ratelimit` (
`username` VARCHAR(128) NOT NULL COMMENT 'sender address (SASL username)',
`quota` INT(10) UNSIGNED NOT NULL DEFAULT '0' COMMENT 'limit',
`used` INT(10) UNSIGNED NOT NULL DEFAULT '0' COMMENT 'current recipient counter',
`rate` INT(10) UNSIGNED DEFAULT '0' COMMENT 'seconds after which the counter gets reset',
`rdate` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'datetime when counter was reset',
PRIMARY KEY (`username`))
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8
COLLATE = utf8_general_ci;
```
# Postfix configuration
Add the path of the policy-rate-limit socket to `smtpd_sender_restrictions` for example:
smtpd_sender_restrictions: check_policy_service { unix:/tmp/policy-rate-limit.sock, default_action=DUNNO }
> check the perms of the socket, you may need `chmod 666`