From 96ba4e3bb89c3e1efb11edc794319ff6c970d978 Mon Sep 17 00:00:00 2001 From: Matthew Saunders Brown Date: Tue, 18 Feb 2025 15:56:54 -0800 Subject: [PATCH] drop connection if there are too many RCPT failures --- etc/exim4/exim4.conf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/etc/exim4/exim4.conf b/etc/exim4/exim4.conf index 6479699..2c1943e 100644 --- a/etc/exim4/exim4.conf +++ b/etc/exim4/exim4.conf @@ -11,6 +11,7 @@ bounce_message_file = /etc/exim4/bounce_message_text smtp_accept_max = 50 smtp_accept_max_per_host = 10 smtp_accept_queue_per_connection = 50 +RCPT_FAIL_COUNT_MAX = 5 .include /etc/exim4/exim_local.conf @@ -365,6 +366,12 @@ acl_rcpt_to: accept hosts = : +relay_from_hosts + drop + message = Too many RCPT failures + condition = ${if ={$rcpt_fail_count}{RCPT_FAIL_COUNT_MAX} {1}} + ! verify = recipient + log_message = Too many RCPT failures ($rcpt_fail_count) + # Get rate limit for user and log current rate. # Hourly rate limit is extracted from db, multiplied by 10 to get daily rate limit. # The idea being that the hourly rate limit should be a maximum, peak rate, not a sustained rate.