diff options
author | Tony Finch <dot@dot.at> | 2005-05-25 09:58:16 +0000 |
---|---|---|
committer | Tony Finch <dot@dot.at> | 2005-05-25 09:58:16 +0000 |
commit | 3348576fbe3b012b66076e49e5414cd04bbafbaa (patch) | |
tree | cdfe3478f172592df7e4ffbee2538baedb341f9e | |
parent | 958541e992051a5afcf573985eb5d4e772dc6979 (diff) |
Change the result of the ratelimit ACL condition when clients are sending
exactly at the limit, in order to improve the behaviour of certain edge
cases. The result was FAIL (under limit) and it's now OK (over limit).
-rw-r--r-- | doc/doc-txt/NewStuff | 6 | ||||
-rw-r--r-- | src/src/acl.c | 15 |
2 files changed, 13 insertions, 8 deletions
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index e0d87c44a..143fb6cb0 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.45 2005/05/23 16:58:55 fanf2 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.46 2005/05/25 09:58:16 fanf2 Exp $ New Features in Exim -------------------- @@ -132,8 +132,8 @@ TF/04 There is a new ratelimit ACL condition which can be used to measure ratelimit = <m> / <p> / <options> / <key> - If the average client sending rate is greater than m messages per time - period p then the condition is true, otherwise it is false. + If the average client sending rate is less than m messages per time + period p then the condition is false, otherwise it is true. The parameter p is the smoothing time constant, in the form of an Exim time interval e.g. 8h for eight hours. A larger time constant means it diff --git a/src/src/acl.c b/src/src/acl.c index 8125e38c9..a96e2d188 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/acl.c,v 1.34 2005/05/23 16:58:56 fanf2 Exp $ */ +/* $Cambridge: exim/src/src/acl.c,v 1.35 2005/05/25 09:58:16 fanf2 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -2022,8 +2022,8 @@ if (anchor != NULL && (t = tree_search(*anchor, key)) != NULL) { dbd = t->data.ptr; /* The following few lines duplicate some of the code below. */ - if (dbd->rate > limit) rc = OK; - else rc = FAIL; + if (dbd->rate < limit) rc = FAIL; + else rc = OK; store_pool = old_pool; sender_rate = string_sprintf("%.1f", dbd->rate); HDEBUG(D_acl) @@ -2130,8 +2130,13 @@ else dbd->rate = (1 - a) / i_over_p + a * dbd->rate; } -if (dbd->rate > limit) rc = OK; - else rc = FAIL; +/* Clients sending at the limit are considered to be over the limit. This +matters for edge cases such the first message sent by a client (which gets +the initial rate of 0.0) when the rate limit is zero (i.e. the client should +be completely blocked). */ + +if (dbd->rate < limit) rc = FAIL; + else rc = OK; /* Update the state if the rate is low or if we are being strict. If we are in leaky mode and the sender's rate is too high, we do not update |