Reputation: 1212
Postfix - Rate limit for all domains
My client is a travel agency and has thousands of opted-in emails (no spam). Every week they send a message to all customers once, but I'm having problems with some providers and want to rate limit the entire server, for all outgoing domains.
I found some configurations to limit one message per domain per minute. I know how to create extra configuration (using transport file), to increase the numbers for some domains.
For some reason, Postfix is not rate-limiting anything :(
smtp_destination_rate_delay = 60s
default_destination_concurrency_limit = 1
smtp_destination_concurrency_limit = 1
smtp_destination_recipient_limit = 1
smtp_initial_destination_concurrency = 1
/etc/postfix/transport is empty
For example, for Hotmail, sending several messages in the same minute:
Jun 21 09:08:16 deres postfix/smtp[9905]: ABFB92165: to=<[email protected]>, relay=hotmail-com.olc.protection.outlook.com[104.47.32.33]:25, delay=14, delays=11/0/0.83/1.4, dsn=2.6.0, status=sent (250 2.6.0 <600ef56d-18e7-4c10-9c7b-d0e5267c5589@SN1NAM01FT007.eop-nam01.prod.protection.outlook.com> [InternalId=9380208589439, Hostname=SN1NAM01HT004.eop-nam01.prod.protection.outlook.com] 442267 bytes in 1.070, 403.463 KB/sec Queued mail for delivery)
Jun 21 09:08:17 deres postfix/smtp[9849]: 59A7E2296: to=<[email protected]>, relay=hotmail-com.olc.protection.outlook.com[104.47.32.33]:25, delay=14, delays=12/0/0.91/1.3, dsn=2.6.0, status=sent (250 2.6.0 <b6edd8d6-1302-45e9-8eef-a80b1d2659cd@SN1NAM01FT054.eop-nam01.prod.protection.outlook.com> [InternalId=9882719764030, Hostname=SN1NAM01HT090.eop-nam01.prod.protection.outlook.com] 442313 bytes in 0.689, 626.054 KB/sec Queued mail for delivery)
Jun 21 09:08:18 deres postfix/smtp[9836]: 0D0C122E7: to=<[email protected]>, relay=hotmail-com.olc.protection.outlook.com[104.47.32.33]:25, delay=14, delays=12/0/0.76/1.5, dsn=2.6.0, status=sent (250 2.6.0 <8bd2a3d4-d20b-44f0-a90e-fc060b83380b@SN1NAM01FT014.eop-nam01.prod.protection.outlook.com> [InternalId=9354438785755, Hostname=SN1NAM01HT074.eop-nam01.prod.protection.outlook.com] 442283 bytes in 1.031, 418.834 KB/sec Queued mail for delivery)
The only thing (that I don't believe can impact) is that the customer sends the messages using an alternate port (5544 instead of 25/465/587).
Any ideia? Thank you.
Edit: as requested, my config.
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_queue_lifetime = 1h
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5
default_destination_concurrency_limit = 1
delay_warning_time = 4
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_backoff_time = 40m
maximal_queue_lifetime = 24h
message_size_limit = 26214400
minimal_backoff_time = 15m
mydestination = localhost.$mydomain, localhost
mydomain = deres.domain.com.br
myhostname = deres.domain.com.br
mynetworks = all
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
queue_run_delay = 15m
readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-relay_domains_maps.cf
sample_directory = /usr/share/doc/postfix-2.2.2/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_defer_if_no_mx_address_found = no
smtp_destination_concurrency_limit = 1
smtp_destination_rate_delay = 55s
smtp_destination_recipient_limit = 1
smtp_initial_destination_concurrency = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_client_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining,permit_sasl_authenticated
smtpd_discard_ehlo_keywords = silent-discard,dsn
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain ,reject_rbl_client zen.spamhaus.org ,reject_rbl_client bl.spamcop.net ,reject_rbl_client b.barracudacentral.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_CAfile = /etc/letsencrypt/live/ca.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/letsencrypt/live/...removed
smtpd_tls_key_file = /etc/letsencrypt/live/...removed
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/sentora/configs/postfix/virtual_regexp
virtual_gid_maps = static:12
virtual_mailbox_base = /var/sentora/vmail
virtual_mailbox_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_mailbox_maps.cf
virtual_minimum_uid = 101
virtual_transport = dovecot
virtual_uid_maps = static:101
Upvotes: 3
Views: 14178
Answers (2)
Reputation: 1212
Solved.
Fixed with:
default_destination_recipient_limit = 2
smtp_destination_recipient_limit = 2
Upvotes: 4
Reputation: 3886
Sorry, I misread your question. You WANT rate limiting but don't seem to be getting it. Correct?
The settings you showed should work. Have you done a postfix reload? PF won't pick up changes in it's config file without a reload or restart.
If that doesn't do it, do a postconf -n, which will show the settings that it thinks you have in your config file, and post it here.
If what it thinks you set and what you actually set are different, you'll need to do some detective work to see where it's getting settings from.
Upvotes: 1
Related Questions
- How do I configure Postfix to only relay emails from a specific domain?
- rate limiting outgoing e-mails with postfix
- Postfix Whitelist for RBL
- Throttle Python smtphandler emails
- postfix: send a copy of every email to a given email address
- Why smtpd_recipient_limit and other email related options in postfix does not work?
- Postfix : restricting specific domain for specific user
- Postfix: how to block incoming emails to a specific recipient?
- Limit in Mails from an ip
- Throttling outgoing email using PHP code