postfwd.cf.j2 1.32 KB
Newer Older
1
# lower rate limit for certain authenticated users
Florian Pritz's avatar
Florian Pritz committed
2
&&SASL_WHITELIST {
3
4
5
6
7
8
	# other servers relay via orion using authentication. username is the
	# hostname part of the fqdn
{% for host in groups['all'] %}
	sasl_username={{ hostvars[host].inventory_hostname_short }}
{% endfor %}
	# add other usernames to bypass rate-limits here:
Florian Pritz's avatar
Florian Pritz committed
9
10
11
	sasl_username=devnull;
};

12
13
14
15
# no rate-limit for some authenticated users
# luna is handling mailman and other services that distribute a lot of mail.
&&NO_RATE_LIMIT_USERS {
        sasl_username=luna
16
        sasl_username=aur;
17
18
19
20
21
22
};
id=NoRateLimit;
        protocol_state==END-OF-MESSAGE;
        &&NO_RATE_LIMIT_USERS;
        action=dunno;

23
# lower rate limit for certain users (360/3600 == average 1 email every 10 seconds)
Florian Pritz's avatar
Florian Pritz committed
24
25
26
id=SaslWhitelist;
	protocol_state==END-OF-MESSAGE;
	&&SASL_WHITELIST;
27
	action=rcpt(sasl_username/360/3600/REJECT You can only send to 360 recipients per 1h per user)
Florian Pritz's avatar
Florian Pritz committed
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
id=SaslWhitelist2;
	protocol_state==END-OF-MESSAGE;
	&&SASL_WHITELIST;
	action=dunno;

# sasl_username != doesn't work for whatever reason
id=RcptRate;
	protocol_state==END-OF-MESSAGE;
	sasl_username!~/^$/;
	action=rcpt(sasl_username/100/21600/REJECT You can only send to 100 recipients per 6h per user)

# this causes postfwd to log something for every mail; easier testing
id=logging;
	protocol_state==END-OF-MESSAGE;
	action=dunno;