The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Rate limiting outgoing email for users

Discussion in 'E-mail Discussions' started by tywe, Aug 30, 2009.

  1. tywe

    tywe Member

    Joined:
    Oct 13, 2007
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    One of my clients is running a customized free e-mail service on his domain, which of course is a target for spammers to try to abuse. I need to know any ideas that would help to prevent this from happening, because it is causing problems when spammers are sending out spam from our server.

    So far, the only solution I could find was to enable rate limiting in Exim for local senders, which appears to work in my testing, but somehow these spammers are still managing to bypass it and send out as much as they want. The way I enabled the rate limiting was to create a file at /usr/local/cpanel/etc/exim/acls/ACL_RATELIMIT_BLOCK/1localsenders and put the following content in it:

    # Local senders rcpt rate limiting 25 per 2 hours (300 per day)
    deny ratelimit = 25 / 2h / leaky / per_rcpt / $authenticated_id
    log_message = Local senders rcpt rate limit ( $sender_address ) exceeds \
    $sender_rate per $sender_rate_period

    Like I said, this appears to work great in my testing, but somehow they still get past it, so if anyone has any ideas on how to fix this or if there are other methods that would help to control the spammers, please let me know. I wonder how all the other free e-mail services deal with this issue?

    Thanks in advance!
     
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Houston, Tx
    Custom ACL

    Hello,

    Unfortunately we do not support custom ACL's, however I have attached a link to some information that may help you with your issue.



    Exim - ACL

    Hope that helps, let me know if you have any other questions.

    Thanks
     
  3. tywe

    tywe Member

    Joined:
    Oct 13, 2007
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the info, ACLs always confuse me for some reason.. But, are you trying to say that my ACL is wrong? It seems like it is right to me, and even works when I test it, but obviously I'm doing something wrong if some of the spammers are able to bypass it.. I'll read this ACL document you sent a few more times, maybe I'll understand better..

    Thanks again for any advice you can offer.
     
  4. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    config server is a plus

    have you looked @ config server?
    Also - might be good to take that client and put them on a different ip (that site) - set PTR for that site of course ...

    Force any email from that domain to go out over that other IP - thus helping a little in case the ip gets on a blacklist

    just a thought :)
     
Loading...

Share This Page