kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/mail/sendmail/files/CONNECTION_RATE_CONTROL
Dirk Meyer 07f037cbeb - new option SENDMAIL_WITH_CONNECTION_RATE 
taken from:
http://j-chkmail.ensmp.fr/sm/
2004-03-26 19:03:18 +00:00

167 lines
4.3 KiB
Text
Raw Blame History

CONNECTION RATE CONTROL FOR SENDMAIL
------------------------------------
This patch adds connection rate control feature to sendmail.
This means :
- sendmail counts on a sliding window the number of connections
for each smtp client, and if it exceeds maximum configured
value, connection is refused with a TEMPFAIL result.
- you may surely want to exclude some hosts/networks from this
control (local networks, trusted networks, ...). You may
indicate the list of trusted servers (by ip address) at
some configuration file.
This file Table of Contents :
1. Remarks
2. Changes and History
3. Getting the stuff
4. Stuff Contents
5. Installing
******************************************************************
REMARKS :
---------
* This feature will be integrated into sendmail in a future version.
* This feature is experimental. Some details on the way it works
or its interface may change in the future.
* The contents of this stuff is valid for sendmail 8.12.9
All feedback, comments and questions about this stuff are welcome :
Jose-Marcio.Martins@ensmp.fr (the maintainer)
with CC to
sendmail@sendmail.org
CHANGES AND HISTORY :
---------------------
2003/06/11 - Jose Marcio Martins da Cruz - First Release
2003/07/03 - Jose Marcio Martins da Cruz
Two macros were defined :
- {client_rate} : connection rate of the client
- {server_rate} : connection rate of the server
GETTING THE STUFF :
-------------------
You can download all you need at :
http://j-chkmail.ensmp.fr/sm
You need the two patches you'll find there.
STUFF CONTENTS :
----------------
This stuff contains two patches :
- ratectrl.src.patch : this patch shall be used to modify
/PATH_TO_SRC/sendmail-8.12.9/sendmail - sendmail C source
files
- ratectrl.cf.patch : this patch shall be used to modify
/PATH_TO_SRC/sendmail-8.12.9/cf - m4 configuration kit
for sendmail
- rate.mc : this is an example of configuration file to be
used with this stuff, if you want to do connection rate
control with rulesets. To use it, you shall define the
variable :
D{RuleRateMaxClient}5
This contribution comes from Stephane Lentz
Stephane.Lentz@ansf.alcatel.fr
INSTALLING :
------------
1. Copy the patches :
cd /PATH_TO/sendmail-8.12.9
cp /elsewhere/ratectrl.src.patch .
cp /elsewhere/ratectrl.cf.patch .
2. Eventually save original source code :
cp -pr sendmail sendmail.org
cp -pr cf cf.org
3. Apply the patches
cd sendmail
patch < ../ratectrl.src.patch
cd ../cf
patch < ../ratectrl.cf.patch
4. Inform sendmail Build system that you want to use this stuff
Add the following line to the file devtools/Site/site.config.m4 :
APPENDDEF(`confENVDEF',`-D_FFR_CONNECTION_RATE_CONTROL')
5. Rebuild sendmail and install
cd /PATH_TO/sendmail-8.12.9
./Build -c
su
./Build install
6. Modify your configuration file (sendmail.mc for your site)
You may add the following lines :
FEATURE(rate_control)
This will create the following lines at your sendmail.cf file :
-----
O CheckConnectionRate=True
F{rate_exclude} -o /etc/mail/rate-control-exclude
# maximum server connection rate (connections / minute)
#O MaxConnectionRate=600
# maximum connection rate per client (connections / minute)
#O MaxClientConnectionRate=5
# Width of the window
#O ConnectionRateWindowSize=60
----
Configuration parameters you may define at your mc file
confRATE_EXCLUDE_FILE The name of the file defining class {rate_exclude}.
Access to the server will be granted to IP hosts
networks matching this class without connection
rate control.
Default Value : /etc/mail/rate-control-exclude
confMAX_CLIENT_CONNECTION_RATE : Maximum connections per minute allowed
for hosts/networks not matching {rate_exclude}
class.
Default Value : 5 connections / minute.
confMAX_CONNECTION_RATE : Maximum connections per minute for the server.
Default Value : 600 connections / minute.
confCONNECTION_RATE_WINDOW_SIZE : Width of the measuring sliding window.
The value used to do rate control is the mean
of the number of connections inside this window.
Default Value : 60 (1 minute)
Reference in a new issue View git blame Copy permalink