aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/email/config
diff options
context:
space:
mode:
authorArmaël Guéneau <armael.gueneau@ens-lyon.org>2024-11-19 20:13:12 +0100
committerArmaël Guéneau <armael.gueneau@ens-lyon.org>2024-11-19 20:24:09 +0100
commitc66bff55f41bc132592c87b819756417201d3bf0 (patch)
tree26d06420e05e8e6fae6b83391f74813e5c36e7a5 /cluster/prod/app/email/config
parent3f51534e0335e1335312adebf8a285abcf9faf1b (diff)
downloadnixcfg-c66bff55f41bc132592c87b819756417201d3bf0.tar.gz
nixcfg-c66bff55f41bc132592c87b819756417201d3bf0.zip
postfix: add rate-limiting exceptions for our own nodes
Diffstat (limited to 'cluster/prod/app/email/config')
-rw-r--r--cluster/prod/app/email/config/postfix/main.cf7
1 files changed, 5 insertions, 2 deletions
diff --git a/cluster/prod/app/email/config/postfix/main.cf b/cluster/prod/app/email/config/postfix/main.cf
index 5593716..ca9c87d 100644
--- a/cluster/prod/app/email/config/postfix/main.cf
+++ b/cluster/prod/app/email/config/postfix/main.cf
@@ -83,11 +83,14 @@ smtpd_forbid_unauth_pipelining = yes
smtpd_discard_ehlo_keywords = chunking
smtpd_forbid_bare_newline = yes
-smtpd_client_connection_rate_limit = 2
-
#===
# Rate limiting
#===
+smtpd_client_connection_rate_limit = 2
+# do not rate-limit ourselves
+# in particular, useful for forgejo who opens a lot of SMTP connections
+smtpd_client_event_limit_exceptions = $mynetworks /etc/postfix/rate-limit-exceptions
+
slow_destination_recipient_limit = 20
slow_destination_concurrency_limit = 2