4 releases (2 stable)
Uses new Rust 2024
1.0.1 | Apr 23, 2025 |
---|---|
1.0.0 | Apr 18, 2025 |
0.1.0 | Feb 12, 2020 |
0.0.1 | Feb 3, 2020 |
#61 in Email
293 downloads per month
29KB
517 lines
policyd-rate-limit
Postfix rate limiter SMTP policy daemon
How it works
It depends on the Postfix policy delegation protocol, it searches for the sasl_username
and based on the defined limits stored in a SQL(MySQL/PostgreSQL/SQLite) database it rejects or allows action=DUNNO
the email to be sent.
How to use
Postfix policy daemon for rate limiting
Usage: policyd-rate-limit [OPTIONS] --dsn <dsn>
Options:
-s, --socket <SOCKET> Path to the Unix domain socket [default: /tmp/policy-rate-limit.sock]
--dsn <dsn> Database connection string [env: DSN=]
--pool <pool> Pool size for database connections [default: 5]
-l, --limit <limit> Maximum allowed messages [default: 10]
-r, --rate <rate> rate in seconds, limits the messages to be sent in the defined period [default: 86400]
-v, --verbose... Increase verbosity, -vv for debug
-h, --help Print help
-V, --version Print version
The database schema (postgres example):
CREATE TABLE IF NOT EXISTS ratelimit (
username VARCHAR(128) NOT NULL, -- sender address (SASL username)
quota INTEGER NOT NULL DEFAULT 0, -- limit
used INTEGER NOT NULL DEFAULT 0, -- current recipient counter
rate INTEGER DEFAULT 0, -- seconds after which the counter gets reset
rdate TIMESTAMP WITHOUT TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP, -- datetime when counter was reset
PRIMARY KEY (username)
);
Postfix configuration
Add the path of the policy-rate-limit socket to smtpd_sender_restrictions
for example:
smtpd_sender_restrictions: check_policy_service { unix:/tmp/policy-rate-limit.sock, default_action=DUNNO }
check the perms of the socket
Dependencies
~64MB
~1M SLoC