How to increase rate limit for a user / domain?

[richbleeker]

I'm using mailcow to send out transactional mails for my web app. Problem comes up when I need to send off 80 emails one-after-another when we run the month-end billing to clients.

Is there any way to increase this limit or disable the rate limiter altogether?

postfix/cleanup[843]: 0509A41721: milter-reject: END-OF-MESSAGE from myhost.domain.com[x.x.x.x]: 4.7.1 Ratelimit \"user\" exceeded; from=

[andryyy]

Sure!

Open or create the file data/conf/rspamd/local.d/ratelimit.conf and insert the following content:

rates {
  # Limit for all mail per authenticated user (burst 20, rate 1 per minute)
  user = [2000, 0.01666666667];
}

Default is 20, I set it to 2000.

Restart Rspamd after that by running docker-compose restart rspamd-mailcow.

[richbleeker]

That's exactly what I was looking for! Thanks @andryyy :-)

On 2017/04/04 10:19 PM, André Peters wrote:

Sure!

Open or create the file |data/conf/rspamd/local.d/ratelimit.conf| and insert the following content:

|rates { # Limit for all mail per authenticated user (burst 20, rate 1 per minute) user = [20, 0.01666666667]; } |

Restart Rspamd after that by running |docker-compose restart rspamd-mailcow|.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/andryyy/mailcow-dockerized/issues/176#issuecomment-291619724, or mute the thread https://github.com/notifications/unsubscribe-auth/AQUe2hWmFE2F5x_2T9G7Dd9sTiD7LA7bks5rsqXGgaJpZM4MzCZI.

[richbleeker]

Oh dear, I'm still getting the error:

Apr 13 12:46:23 lead postfix/cleanup[122]: B956F41CE2: milter-reject: END-OF-MESSAGE from hostname.domain.com[x.x.x.x]: 4.7.1 Ratelimit \"user\" exceeded; from=sender@domain.com to=recipient@otherdomain.com proto=ESMTP helo=

and this is what my ratelimit.conf looks like:

rich@lead:~/mailcow-dockerized/data/conf/rspamd/local.d$ cat ratelimit.conf
rates {
  # Limit for all mail per recipient (burst 100, rate 2 per minute)
  to = [0, 0.033333333];
  # Limit for all mail per one source ip (burst 30, rate 1.5 per minute)
  to_ip = [0, 0.025];
  # Limit for all mail per one source ip and from address (burst 20, rate 1 per minute)
  to_ip_from = [0, 0.01666666667];
  # Limit for all bounce mail (burst 10, rate 2 per hour)
  bounce_to = [10, 0.000555556];
  # Limit for bounce mail per one source ip (burst 5, rate 1 per hour)
  bounce_to_ip = [5, 0.000277778];
  # Limit for all mail per authenticated user (burst 20, rate 1 per minute)
  user = [2000, 0.01666666667];
}
# If symbol is specified, then it is inserted instead of setting result
#symbol = "R_RATELIMIT";
whitelisted_rcpts = "postmaster,mailer-daemon";
max_rcpt = 5;

[andryyy]

Can you confirm these settings with "docker-compose exec rspamd-mailcow rspamadm configdump | grep -i rates -n10"? Is the user 2000, 0.016 active here? Can you also please run "docker-compose exec redis-mailcow /bin/bash -c 'redis-cli --scan --pattern "rl*" | xargs redis-cli del'" to clean the old ratelimit records?

[richbleeker]

First command returns:

ratelimit {
1280:    rates {
1281-        to [
1282-            100,
1283-            0.033333,
1284-            0,
1285-            0.033333,
1286-        ]
1287-        to_ip [
1288-            30,
1289-            0.025000,
1290-            0,
1291-            0.025000,
1292-        ]
1293-        to_ip_from [
1294-            20,
1295-            0.016667,
1296-            0,
1297-            0.016667,
1298-        ]
1299-        bounce_to [
1300-            10,
1301-            0.000556,
1302-            10,
1303-            0.000556,
1304-        ]
1305-        bounce_to_ip [
1306-            5,
1307-            0.000278,
1308-            5,
1309-            0.000278,
1310-        ]
1311-        user [
1312-            20,
1313-            0.016667,
1314-            2000,
1315-            0.016667,
1316-        ]
1317-    }

After running the second command to clean the records, I re-ran the configdump and it shows the same thing (i.e. it appears that there is a limit for 20 and for 2000...

[andryyy]

Is it possible you hit the limit of 2000? The settings are correct and will be merged.

Am 13.04.2017 um 16:02 schrieb Rich B notifications@github.com:

First command returns:

ratelimit { 1280: rates { 1281- to [ 1282- 100, 1283- 0.033333, 1284- 0, 1285- 0.033333, 1286- ] 1287- to_ip [ 1288- 30, 1289- 0.025000, 1290- 0, 1291- 0.025000, 1292- ] 1293- to_ip_from [ 1294- 20, 1295- 0.016667, 1296- 0, 1297- 0.016667, 1298- ] 1299- bounce_to [ 1300- 10, 1301- 0.000556, 1302- 10, 1303- 0.000556, 1304- ] 1305- bounce_to_ip [ 1306- 5, 1307- 0.000278, 1308- 5, 1309- 0.000278, 1310- ] 1311- user [ 1312- 20, 1313- 0.016667, 1314- 2000, 1315- 0.016667, 1316- ] 1317- } After running the second command to clean the records, I re-ran the configdump and it shows the same thing (i.e. it appears that there is a limit for 20 and for 2000...

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[richbleeker]

No, I had only sent about 10 emails in quick succession... (about 15 seconds apart) Also had restarted all docker instances...

Hmmm

[andryyy]

Thanks to notkoos from #rspamd I found out the values are not merged for these type of settings, so you may want to move the file from local.d/ to override.d/. This should do the trick.

[richbleeker]

Awesome! My user[] array now looks like this:

1301-        user [
1302-            2000,
1303-            0.016667,
1304-        ]

Thanks for doing that background research!

[fatalbanana]

Note that that will have the effect of redefining all ratelimits.

Alternatively you could use string syntax in local.d, eg: rates { user = "2000 / 1m"; }, see here for more information.

[andryyy]

Thanks to @fatalbanana for helping me out with all my questions regarding Rspamd. :)

[shivangpatel]

@andryyy : how to / from where I can set 10 mail/week for example.com and 20 mail/week for exam.com domain ? Above info is for applying rate limit globally in application... right?

[andryyy]

You can edit a domain and change it there. But iirc week is not available. Could probably be created.

You won’t need to change any conf file anymore

[shivangpatel]

@andryyy : Or it is possible to get number of send mail from mysql and based on that we can set this limit and when that particular domain reach that threshold we can stop to send mail.

[andryyy]

The whole logic is in Rspamd. You could read the Redis keys to calculate the “remaining messages”. But this is a more complex calculation, some buckets have burst rates depending on the message reputation etc.

Why not just use the given function? You can set 20 mails per day etc.

[EnriqCG]

This might seem obvious but is not clarified anywhere. Rate limiting only applies to outgoing email?

[andryyy]

Our function returns a ratelimit based on the authenticated user. :-) So this is only applied outgoing.

[mamair]

After January – Mooray, updates now I have this problem too. Changed limit described as above (in override.d) and it doesnt work. Config dump approved changed setting.Just still get the error message when i want to send mass mails. Befor update I could send around 500 mails at once and I changed nothing in settings.

Only difference I see is that with config dump as described above I get only a limit for "user".

The second command to clean old settings results in error: "OCI runtime exec failed: exec failed: container_linux.go:345: starting container process caused "exec: \"/bin/bash\": stat /bin/bash: no such file or directory": unknown"

[andryyy]

We can set ratelimits in the UI. Do not change the override file.

We don't have a "user" limit. you should revert to the mailcow defaults.

Try a git checkout origin/master data/conf/rspamd/override.d/ratelimit.conf