# Limit per user for PHP scripts
acl_not_smtp:
deny message = Website of user $authenticated_id is sending too many emails - rate overlimit = $sender_rate / $sender_rate_period
ratelimit = 1 / 1h / $authenticated_id
warn ratelimit = 1 / 1h / strict / $authenticated_id
log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
1 email / hr to test this setting.
Then I logged in to my roundcube (so thats php script) and sent 6 different emails to my gmail replicating a SPAM content.
Which all have been sent and received by the gmail account successfully.
Am I missing something?
I checked the package > email and still set to 200.
I also checked the user > mail > and the corresponding email is also set to 200.
I set them to 1 and the limit worked.
Which begs the question, does it bypass the exim4.conf.template?
Then what is the high level config for a single hestia user?
If package has unlimited domains and unlimited email accounts with a limit of 10/hr.
Will the user be able to send 10 emails / domain / account / hour?
Even 10 emails / account / hour?
We currently don’t have a method to limit “not smtp” email for a specific user.
To prevent spam from their application, I will set the exim.
However, if another user is affected by the limit, how can I set his own limit of his specific email address or account?
I have an unfortunate scenario that one of my users was hacked and started sending spam. To counter this, I have now set the ratelimit to lets say 10.
However, some honest users may be affected by this and should not be limited by 10.
We don’t have method to limit it for a specific user at the moment.
The only method to by pass this is let the user use SMTP plugin for their website / worrpress or other application