postfwd.cf.j2 1.23 KB
Newer Older
1
# lower rate limit for certain authenticated users
Florian Pritz's avatar
Florian Pritz committed
2
&&SASL_WHITELIST {
Jelle van der Waa's avatar
Jelle van der Waa committed
3
	# other servers relay via mail.archlinux.org using authentication. username is the
4
5
6
7
8
	# hostname part of the fqdn
{% for host in groups['all'] %}
	sasl_username={{ hostvars[host].inventory_hostname_short }}
{% endfor %}
	# add other usernames to bypass rate-limits here:
Florian Pritz's avatar
Florian Pritz committed
9
10
11
	sasl_username=devnull;
};

12
13
# no rate-limit for some authenticated users
&&NO_RATE_LIMIT_USERS {
14
        sasl_username=aur;
15
16
17
18
19
20
};
id=NoRateLimit;
        protocol_state==END-OF-MESSAGE;
        &&NO_RATE_LIMIT_USERS;
        action=dunno;

21
# lower rate limit for certain users (360/3600 == average 1 email every 10 seconds)
Florian Pritz's avatar
Florian Pritz committed
22
23
24
id=SaslWhitelist;
	protocol_state==END-OF-MESSAGE;
	&&SASL_WHITELIST;
25
	action=rcpt(sasl_username/360/3600/REJECT You can only send to 360 recipients per 1h per user)
Florian Pritz's avatar
Florian Pritz committed
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
id=SaslWhitelist2;
	protocol_state==END-OF-MESSAGE;
	&&SASL_WHITELIST;
	action=dunno;

# sasl_username != doesn't work for whatever reason
id=RcptRate;
	protocol_state==END-OF-MESSAGE;
	sasl_username!~/^$/;
	action=rcpt(sasl_username/100/21600/REJECT You can only send to 100 recipients per 6h per user)

# this causes postfwd to log something for every mail; easier testing
id=logging;
	protocol_state==END-OF-MESSAGE;
	action=dunno;