Description of problem: We need to implement Sendmail's rate throttling module to automatically reject hosts which get infected by viruses or spambots. Sendmail does provide for this in the form of the 'ratecontrol' and 'conncontrol' modules but they are not working. Documentation on these modules is available in /usr/share/sendmail-cf/README Version-Release number of selected component (if applicable): 8.13.1-3.RHEL4.5 How reproducible: Always Steps to Reproduce: 1. Add lines to /etc/mail/sendmail.mc (after 'FEATURE(access_db): dnl # Limit machines sending viruses define(`confCONNECTION_RATE_WINDOW_SIZE', `600s')dnl FEATURE(`greet_pause', `2000')dnl FEATURE(`ratecontrol')dnl FEATURE(`conncontrol')dnl 2. Add lines to /etc/mail/access: GreetPause:127.0.0.1 0 ClientConn:127.0.0.1 0 ClientConn:10.0 5 ClientConn:192.168 5 ClientConn: 50 ClientRate:127.0.0.1 0 ClientRate:10.0 10 ClientRate:192.168 10 ClientRate: 100 3. Rebuild configuration files and restart sendmail: make -C/etc/mail m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf service sendmail restart Actual results: We've unfortunately just been blacklisted due to a user's machine being infected by a spambot which sent out over 16,000 messages over a two hour window. Expected results: The configuration above should automatically limit clients when sending more than 10 emails within 600 seconds (10 minutes) when the connection originates from the 192.168.0.0/16 or 10.0.0.0/16 subnets. Additional info:
This is a duplicate of 219762
*** This bug has been marked as a duplicate of 219762 ***