[Rspamd-Users] ratelimit-module behaves differently in rspamd 3.5
Andreas Piper
piper at hrz.uni-marburg.de
Tue Mar 21 08:13:25 UTC 2023
Hello,
after upgrading to rspamd-3.5 lots of 'Ratelimit exceeded'-events
started to appear and blocked a lot of legitimate sending-attempts.
Downgrading to rspamd-3.4 solved this immediately. The log-entries do
not show any differing reasons, but ratelimiting in 3.5 appears to be
triggered much more often than in 3.4 with identical configuration.
Is there any hint to what may be changed in the configuration to get
ratelimiting working again correctly?
I use rspamd on Debian 11 (bullseye), here is my local.d/ratelimit.conf,
which is derived directly from the rspamd-documentation
(https://rspamd.com/doc/modules/ratelimit.html).
Thanks for any help,
Andreas
rates {
from = {
selector = 'from:addr';
# You can define more than one bucket, however, you need to use
array syntax only
bucket = [
{
burst = 100;
rate = "10 / 1min";
},
{
burst = 10;
rate = "100 / 1min";
}]
}
to = {
bucket = [
{
burst = 100;
rate = "10 / 1min";
},
{
burst = 10;
rate = "100 / 1min";
}]
}
user = {
bucket = [
{
burst = 100;
rate = "10 / 1min";
},
{
burst = 10;
rate = "100 / 1min";
}]
}
}
# If symbol is specified, then it is inserted instead of setting result
info_symbol = "R_RATELIMIT";
max_rate_mult = 10;
max_bucket_mult = 20;
ham_factor_rate = "1.00"
spam_factor_rate = "0.96"
ham_factor_burst = "1.00"
spam_factor_burst = "0.92"
whitelisted_ip = "/etc/rspamd/maps.d/rate_ip_whitelist.map"
whitelisted_user = "/etc/rspamd/maps.d/rate_user_whitelist.map"
enabled=true;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4242 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.rspamd.com/pipermail/users/attachments/20230321/cfd97fd3/attachment.bin>
More information about the Users
mailing list