v0.5.0

• Initial release

Features:

• Super easy Postfix integration using check_policy_service in smtpd_data_restrictions
• Set individual sender (SASL username) quotas
• Limit senders to number of recipients per time period
• Automatically fills ratelimits table with new senders (SASL username) upon first email sent
• Set your own time period (usually 24hrs) by resetting the counters via Systemd cleanup timer (or cronjob)
• Continues to raise counters (msg_counter, rcpt_counter) even in over quota state, so you know if a sender keeps retrying/spamming.
• Keeps totals of all messages/recipients sent for each sender (SASL username)
• Stores both message and recipient counters in database (ratelimits table)
• Stores detailed information for all sent messages (msgid, sender, rcpt_count, blocked, from_addr, client ip, client hostname) in database (messages table)
• Logs detailed message information to Syslog (using LOG_MAIL facility, so the logs end up in mail.log)
• Maximum failure safety: On any unexpected exception, the daemon still replies with a DUNNO action, so that the mail is not getting rejected by Postfix. This is done both on Postfix integration side and application exception handling side.
• Block action message "Rate limit reached, retry later." can be configured.
• Lots of configuration params via a simple .env
• Tuned for high performance, using network or unix sockets, and threading.
• Secure setup, nothing running under root, only on postfix user.
• A super slick minimal codebase with only a few dependencies (PyMySQL, python-dotenv, yoyo-migrations), using Python virtual environment for easy pip install. PyMySQL is a pure-Python MySQL client library, so you won't have any trouble on any future major system upgrades.
• Provides an Ansible Galaxy role onlime.policyd_rate_guard for easy installation on a Debian mailserver.
• A well maintained project, as it is in active use at Onlime GmbH, a Swiss webhoster with a rock-solid mailserver architecture.