Zimbra Tips : Rate-Limit Sending Message with PolicyD

Previous Article :

  1. Zimbra Tips : Installing & Configuring PolicyD on Zimbra 8
  2. Zimbra Tips : Securing PolicyD Web Admin

After installing, configuring and securing PolicyD, we can apply some policy rule on PolicyD, such as setting up maximum number of emails that can be sent by any account in a certain time interval. For example, each user can only send a maximum of 300 emails per hour, so if there are some compromised account they cannot send email beyond the limit.

policyd_logo

CONFIGURING POLICY

  1. Open the Administration Web PolicyD page, http://lpServerZimbra:7780/webui/index.php
  2. Select Quotas | Configure menu
  3. In the Action options, select Add and enter the details as below :
    Name : Delivery Per User
    Track : Select Sender@domain. This means that policy will be applies to each user on the domain
    Period : The length of time that given in seconds. Ideally is in counts per hour or 3600 seconds
    Link to policy : Select Default
    Verdict : The rules that will be apply if it meets the period, such as defer (hold the messages until next time interval)
    Data : Information that is given if it meets the rule, for example the information is a “Maximum 2 email delivery per minute” or “Maximum 300 emails delivery  per hour
    Stop processing here : choose Yes, means that rule will not processing another rule
    Comment : can be filled with anything you like
    vavai-setting-up-policyd-rule
  4. Click Submit
  5. by default, the newly created rule set in the disabled state. Set it enable by choose PolicyD that you just created, and then on the Action option, select change
    vavai-enable-policyd-rule
  6. Change the parameter Disable=’Yes’ to Disable=’No’ on the Disabled option and click submit
  7. Select the newly created policy again  and then select Limits on the Action option
  8. Select Add, then select the Message Count and fill in with the number of maximum emails  on Counter Limit
    vavai-set-policyd-rule-limits
  9. Click Back to Limits and choose the rule that you have just created. Select Change In the Action option
  10. Change the parameter ‘Yes’ to ‘No’ on the Disabled option and click submit

Try to send emails beyond the limit. On the above screenshot, I’ve set maximum 2 emails for each user per minute. This is for example only so it wasn’t too long to see match condition for the above rule. for production use, better to set maximum emails limit  per hour rather than per minutes, to consider the possibility email in CC or BCC which also counted as a single email.
The following is an example screenshot while PolicyD block email from being sent because because the sender has exceeded the maximum limit of sending email quota.

Leave a Reply

Your email address will not be published. Required fields are marked *