EXIM blocking users send out emails

[georgeb]

1. Is it possible to block (by user or global) to send out emails (via smtp auth) if "to:" contains more than a number of recipients (at exim configuration level) ?
(ex. user x is trying to send email to 100 receipients . )
2. Limit / hour of sending out emails is 10.
Question a). If a user is sending out one email for 1000 recipients is considered like
1 email or 1000 emails ?
3. If is considered 1000 emails what is happening with all 990 emails, will be in queque for next hour and deliver 10 emails after one hour or are deleted (rejected), removed from queque?
4. All emails with logs in exim_mainlog was sent out or no?

It is not really clear for me.
I had one user who sent out a lot emails, and my server ip was black listed, with limit / hour but emails ran out.

Why?

Regards,
George B.

 

[cPanelTristan]

Hello George,

Are you certain the user was using SMTP authentication? If an email is sent out, it should be limited to 10 per hour for the number of emails sent where 1000 recipients are 1000 emails. In that case, 990 emails should be held in the queue for that hour and not be sent.

Most times, the user isn't even using SMTP authentication but sendmail using the PHP mail() function in a script, which isn't limited by the exim SMTP authentication rules. There aren't any limits for sendmail and scripts can easily bypass limits for that reason.

Thanks.

 

[georgeb]

Hello George,

Are you certain the user was using SMTP authentication? If an email is sent out, it should be limited to 10 per hour for the number of emails sent where 1000 recipients are 1000 emails. In that case, 990 emails should be held in the queue for that hour and not be sent.

Most times, the user isn't even using SMTP authentication but sendmail using the PHP mail() function in a script, which isn't limited by the exim SMTP authentication rules. There aren't any limits for sendmail and scripts can easily bypass limits for that reason.

Thanks.

Thanks for your response. They can only use exim to send emails mail() is disabled. For me is strange the limit. If I don't watch the server for let's say 24 hours with a limit of 100 emails / hour user can send 2400 emails no? This is not good. Maybe something can be done to remove emails (or move those emails to another folder and empty queque) no?.

Are you certain the user was using SMTP authentication?

Yes, because he was send emails from outlook. He put like 500 recipients in "to:" and send the message. The emails wasn't sent because I have some "sentinels" who is checking the difference between 5 minutes of queue and if is over 100 emails is turning mail server down, blocking port 25. Another script is checking if the port is blocked and is moving all the emails from queue to a temporary fold and is opening the port 25, so after this everything is OK (with a cron). That's my system. At least I am limiting the damages.

My question now is: what is the purpose of limit / hour if the message are not removed or else like suspend account etc?


Sorry for my bad English.

Regards,
George B.