Previous Article :
After installing, configuring and securing PolicyD, we can apply some policy rule on PolicyD, such as setting up maximum number of emails that can be sent by any account in a certain time interval. For example, each user can only send a maximum of 300 emails per hour, so if there are some compromised account they cannot send email beyond the limit.
CONFIGURING POLICY
- Open the Administration Web PolicyD page, http://lpServerZimbra:7780/webui/index.php
- Select Quotas | Configure menu
- In the Action options, select Add and enter the details as below :
Name : Delivery Per User
Track : Select Sender@domain. This means that policy will be applies to each user on the domain
Period : The length of time that given in seconds. Ideally is in counts per hour or 3600 seconds
Link to policy : Select Default
Verdict : The rules that will be apply if it meets the period, such as defer (hold the messages until next time interval)
Data : Information that is given if it meets the rule, for example the information is a “Maximum 2 email delivery per minute” or “Maximum 300 emails delivery per hour”
Stop processing here : choose Yes, means that rule will not processing another rule
Comment : can be filled with anything you like
- Click Submit
- by default, the newly created rule set in the disabled state. Set it enable by choose PolicyD that you just created, and then on the Action option, select change
- Change the parameter Disable=’Yes’ to Disable=’No’ on the Disabled option and click submit
- Select the newly created policy again and then select Limits on the Action option
- Select Add, then select the Message Count and fill in with the number of maximum emails on Counter Limit
- Click Back to Limits and choose the rule that you have just created. Select Change In the Action option
- Change the parameter ‘Yes’ to ‘No’ on the Disabled option and click submit
Try to send emails beyond the limit. On the above screenshot, I’ve set maximum 2 emails for each user per minute. This is for example only so it wasn’t too long to see match condition for the above rule. for production use, better to set maximum emails limit per hour rather than per minutes, to consider the possibility email in CC or BCC which also counted as a single email.
The following is an example screenshot while PolicyD block email from being sent because because the sender has exceeded the maximum limit of sending email quota.