blob: 4b6a87fa276a051db1d0405f860ee2349348a653 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
CONNECTION RATE CONTROL FOR SENDMAIL
------------------------------------
This patch adds connection rate control feature to sendmail.
This means :
- sendmail counts on a sliding window the number of connections
for each smtp client, and if it exceeds maximum configured
value, connection is refused with a TEMPFAIL result.
- you may surely want to exclude some hosts/networks from this
control (local networks, trusted networks, ...). You may
indicate the list of trusted servers (by ip address) at
some configuration file.
This file Table of Contents :
1. Remarks
2. Changes and History
3. Getting the stuff
4. Stuff Contents
5. Installing
******************************************************************
REMARKS :
---------
* This feature will be integrated into sendmail in a future version.
* This feature is experimental. Some details on the way it works
or its interface may change in the future.
* The contents of this stuff is valid for sendmail 8.12.9
All feedback, comments and questions about this stuff are welcome :
Jose-Marcio.Martins@ensmp.fr (the maintainer)
with CC to
sendmail@sendmail.org
CHANGES AND HISTORY :
---------------------
2003/06/11 - Jose Marcio Martins da Cruz - First Release
2003/07/03 - Jose Marcio Martins da Cruz
Two macros were defined :
- {client_rate} : connection rate of the client
- {server_rate} : connection rate of the server
GETTING THE STUFF :
-------------------
You can download all you need at :
http://j-chkmail.ensmp.fr/sm
You need the two patches you'll find there.
STUFF CONTENTS :
----------------
This stuff contains two patches :
- ratectrl.src.patch : this patch shall be used to modify
/PATH_TO_SRC/sendmail-8.12.9/sendmail - sendmail C source
files
- ratectrl.cf.patch : this patch shall be used to modify
/PATH_TO_SRC/sendmail-8.12.9/cf - m4 configuration kit
for sendmail
- rate.mc : this is an example of configuration file to be
used with this stuff, if you want to do connection rate
control with rulesets. To use it, you shall define the
variable :
D{RuleRateMaxClient}5
This contribution comes from Stephane Lentz
Stephane.Lentz@ansf.alcatel.fr
INSTALLING :
------------
1. Copy the patches :
cd /PATH_TO/sendmail-8.12.9
cp /elsewhere/ratectrl.src.patch .
cp /elsewhere/ratectrl.cf.patch .
2. Eventually save original source code :
cp -pr sendmail sendmail.org
cp -pr cf cf.org
3. Apply the patches
cd sendmail
patch < ../ratectrl.src.patch
cd ../cf
patch < ../ratectrl.cf.patch
4. Inform sendmail Build system that you want to use this stuff
Add the following line to the file devtools/Site/site.config.m4 :
APPENDDEF(`confENVDEF',`-D_FFR_CONNECTION_RATE_CONTROL')
5. Rebuild sendmail and install
cd /PATH_TO/sendmail-8.12.9
./Build -c
su
./Build install
6. Modify your configuration file (sendmail.mc for your site)
You may add the following lines :
FEATURE(rate_control)
This will create the following lines at your sendmail.cf file :
-----
O CheckConnectionRate=True
F{rate_exclude} -o /etc/mail/rate-control-exclude
# maximum server connection rate (connections / minute)
#O MaxConnectionRate=600
# maximum connection rate per client (connections / minute)
#O MaxClientConnectionRate=5
# Width of the window
#O ConnectionRateWindowSize=60
----
Configuration parameters you may define at your mc file
confRATE_EXCLUDE_FILE The name of the file defining class {rate_exclude}.
Access to the server will be granted to IP hosts
networks matching this class without connection
rate control.
Default Value : /etc/mail/rate-control-exclude
confMAX_CLIENT_CONNECTION_RATE : Maximum connections per minute allowed
for hosts/networks not matching {rate_exclude}
class.
Default Value : 5 connections / minute.
confMAX_CONNECTION_RATE : Maximum connections per minute for the server.
Default Value : 600 connections / minute.
confCONNECTION_RATE_WINDOW_SIZE : Width of the measuring sliding window.
The value used to do rate control is the mean
of the number of connections inside this window.
Default Value : 60 (1 minute)
|
