infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-12 12:24:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

add basic rate limiters

Browse Source 
limiting is done based on remote ip's, with 3 ip mask variants to limit networks
of machines. often with two windows, enabling short bursts of activity, but not
sustained high activity. currently only for imap and smtp, not yet http.

limits are currently based on:
- number of open connections
- connection rate
- limits after authentication failures. too many failures, and new connections will be dropped.
- rate of delivery in total number of messages
- rate of delivery in total size of messages

the limits on connections and authentication failures are in-memory. the limits
on delivery of messages are based on stored messages.

the limits themselves are not yet configurable, let's use this first.

in the future, we may also want to have stricter limits for senders without any
reputation.
This commit is contained in:
Mechiel Lukkien
2023-02-07 22:56:03 +01:00
parent 1617b7c0d6
commit 2154392bd8
7 changed files with 584 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
imapserver/server_test.go
View File

@ -300,6 +300,8 @@ func startNoSwitchboard(t *testing.T) *testconn {
}
func startArgs(t *testing.T, first, isTLS, allowLoginWithoutTLS bool) *testconn {
limitersInit() // Reset rate limiters.
if first {
os.RemoveAll("../testdata/imap/data")
}