iredmail
commented
1 year ago PR is incorrect, but the issue has been fixed by https://github.com/iredmail/iRedAPD/commit/14b8ffc27a32e6f77a7b447d2d90eeb023830238
Closed jdbravo closed 1 year ago
iredmail
commented
1 year ago PR is incorrect, but the issue has been fixed by https://github.com/iredmail/iRedAPD/commit/14b8ffc27a32e6f77a7b447d2d90eeb023830238
The throttle plugin has several checks (t_settings): msg_size, max_rcpts, max_msgs, and max_quota.
Each of them keeps track of whether the throttle_tracking should be reset (setting init_time = now). The problem is that if any of these checks have an 'expired' value of True, but if any consequent checks have an 'expired' value of False the throttle_tracking is never restarted.
This means that a user can exceed the limits established in the throttle. Due to the time (_period + now) will always be greater than (_init_time + _period) therefore in the case of max_msgs, _cur_msgs will always be 0, and this will allow the number of messages to be infinite.