Results 1 to 3 of 3

Thread: Restrict oubound mail

  1. #1
    Join Date
    Feb 2007
    Rep Power

    Default Restrict oubound mail

    This is an odd request, but hopefully there is somebody savvy enough to do tell my how this might be done.

    So I have a problem of some of our marketing people not fallowing the rules and sending out bulk email through my corporate server. Really NOT cool. I have told them they really can't do that,but I want to make sure it never happens again...

    So here's what I want to do: I would like to block every email going through that has more than say 25 recipients (a distribution list only counts as 1 right?).

    I know that it is possible to block all outbound on a per user basis, but I need these people to be able to send mail, just not bulk.

    Any thoughts?
    Thank you,

  2. #2
    Join Date
    May 2006
    Rep Power


    smtpd_recipient_limit (default 1000) parameter controls how many recipients the SMTP server will take per message delivery request.
    -You can't restrict this to a to/cc/bcc field - it's all recipients. For that you'd have to use a regular expression in header_checks to arbitrarily limit the length of each header to something reasonable. (We could do this in the web-client though if someone wants to open an RFE in bugzilla.)

    smtpd_recipient_overshoot_limit (default 1000) - The number of recipients that a remote SMTP client can send in excess of the hard limit specified with smtpd_recipient_limit, before the Postfix SMTP server increments the per-session error count for each excess recipient. "Postfix will 4xx the 'overshoot' addresses so a sending MTA can try them again later."

    Then see the smtpd_hard_error_limit (default 20) parameter to know at what number of errors it will disconnect.

    So you technically need to consider like 3 values here - which affect both inbound & outbound mail.

    (I've heard of an smtpd_extra_recipient_limit but I've never used it / might just be for in queues.)

    Then there's the throttling tools:

    smtpd_client_recipient_rate_limit (default: 0 no limit) - The maximum number of recipient addresses that an SMTP client may specify in the time interval specified via anvil_rate_time_unit (default: 60s -careful adjusting this affects other things)" and note that this is "regardless of whether or not Postfix actually accepts those recipients" Those over will receive a 450 4.7.1 Error: too many recipients from [the.client.ip.address] It's up to the client to deliver those recipients at some later time.

    It may prove prudent to also adjust:
    smtpd_client_connection_rate_limit (default: 0)- The maximal number of connection attempts any client is allowed to make to this service per time unit. The time unit is specified with the anvil_rate_time_unit configuration parameter.
    smtpd_client_message_rate_limit (default: 0) - The maximal number of message delivery requests that any client is allowed to make to this service per time unit, regardless of whether or not Postfix actually accepts those messages. The time unit is specified with the anvil_rate_time_unit configuration parameter.

    The purpose of these features are to limit abuse, as opposed to regulating legitimate mail traffic, but some use them that way.

    There's also Policyd which can do sender-(envelope, SASL, or host / ip)-based throttling on messages and/or volume per defined time unit, plus recipient rate limiting.

    To adjust:
    su - zimbra
    postconf -e 'smtpd_recipient_limit = 1000'
    To apply settings:
    postfix reload
    To check current settings:
    postconf | grep smtpd_recipient_limit
    Note: When your looking this up, smtpd_recipient_limit is not to be confused with default_destination_recipient_limit parameter, which controls how many recipients a Postfix delivery agent will send with each copy of an email message. If an email message exceeds that value, the Postfix queue manager breaks up the list of recipients into smaller lists. Postfix will attempt to send multiple copies of the message in parallel. So that really isn't limiting the number of addresses, it just breaks it into chunks for other servers to accept easier.
    Last edited by mmorse; 03-19-2009 at 01:38 PM.

  3. #3
    Join Date
    Feb 2007
    Rep Power


    Thanks man.

    I assume that there is no way to get more specific....

    like... You can send to 25+ recipients if they are all in house, but not if it is going to the outside world...

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 06:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. Mail not getting to mail boxes
    By ehults in forum Installation
    Replies: 5
    Last Post: 10-31-2005, 08:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts