Greg Freemyer wrote:
On Tue, Jan 9, 2018 at 11:51 AM, Per Jessen <per@computer.org> wrote:
Carlos E. R. wrote:
On Tuesday, 2018-01-09 at 14:27 +0100, Per Jessen wrote:
Carlos E. R. wrote:
However, I wonder if requiring some auth even for local clients would have helped :-? Local clients most often just the sendmail wrapper, so not much authentication there. Right...
And being "localhost" there are no checkings on smtp either, but that one can be changed.
I wonder then if what uses sendmail can be confined. Apparmour, perhaps? On a machine that only occasionally sends email, I think I would implement some rate-limiting in postfix - one email per minute, for instance.
Is that a config option? I could do that on this server.
Check out the destination_concurrency_limit settings - that will limit the rate per destination (yahoo, google, aol etc), that might be a starting point. To limit all outbound traffic, you need a policy daemon. That's a little more involved, but entirely doable, see e.g. "policyd". /Per -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org