Does anyone know how to limit the number of email recipients allowed per account per day in qmail or exim?

In qmail, move qmail-queue to qmail-real-queue and chmod it 4750 qmailq:qmail, and create a program, chmod 2755 qmailq:qmail in its place which
1. Works out who is calling it,
2. Counts the number of recipients,
3. Subtracts that number from a database, and
4. Either returns an error or hands the message over to qmail-real-queue.

Of course, you'll also want to block outgoing connections to TCP/25 to all users other than qmailr, in order to make sure that people don't bypass qmail.

I don't know about Exim, but I imagine the solution would probably be rather similar.

Of course this works good when limiting emails that a CGI script can send out, if you're using suexec. Because step 1 can be accomplished.

But for SMTP, it seems like unless you're doing SMTP auth, you'll have to base the count of emails on the sender email address, or the IP address. Neither of which is very constant, IMHO.

There are a few methods to attempt do this already available to download at qmail.org, if you don't want to write your own.

Like cperciva, I'm clueless on exim.

SMTP relay isn't a problem; with either SMTP AUTH or SMTP-after-POP3, all you have to do is ensure that an appropriate environment variable is set (eg $USER) and check that variable if the calling UID is priviledged.

>you'll also want to block outgoing connections to TCP/25
>to all users other than qmailr,

How do i block ports by uid on linux? Sorry for my ignorance, but as you can tell, i'm just learning *nix right now.

Jake

The appropriate rules will depend upon which firewall you're using; for ipfw, for example, a simple

allow tcp from any to any 25 uid qmailr
deny tcp from any to any 25

will suffice. Read the man pages for your firewall, and if it can't do this, get a better firewall.

Thanks cperciva! That's beautiful.
Jake