Rework ratelimit plugin

- Switch to `rates` instead of old and stupid strings to setup
- Check if a bucket is zero and disable the corresponding limits
- Turn off all buckets by default
- Check either `rcpt` or `user` buckets, not all together
- Document new `rates` and `symbol` options
- Inform user about what buckets are used in the configuration

1 files changed, 17 insertions, 7 deletions

diff --git a/conf/modules.d/ratelimit.conf b/conf/modules.d/ratelimit.conf
index c6f243708..317957ac4 100644
--- a/conf/modules.d/ratelimit.conf
+++ b/conf/modules.d/ratelimit.conf
@@ -1,11 +1,21 @@
 ratelimit {
     .include(try=true,priority=1) "${DBDIR}/dynamic/ratelimit.conf"
-    limit = "to:100:0.033333333";
-    limit = "to_ip:30:0.025";
-    limit = "to_ip_from:20:0.01666666667";
-    limit = "bounce_to:10:0.000555556";
-    limit = "bounce_to_ip:5:0.000277778";
-    limit = "user:20:0.01666666667";
+    rates {
+        # Limit for all mail per recipient (burst 100, rate 2 per minute)
+        to = [100, 0.033333333];
+        # Limit for all mail per one source ip (burst 30, rate 1.5 per minute)
+        to_ip = [30, 0.025];
+        # Limit for all mail per one source ip and from address (burst 20, rate 1 per minute)
+        to_ip_from = [20, 0.01666666667];
+        # Limit for all bounce mail (burst 10, rate 2 per hour)
+        bounce_to = [10, 0.000555556];
+        # Limit for bounce mail per one source ip (burst 5, rate 1 per hour)
+        bounce_to_ip = [5, 0.000277778];
+        # Limit for all mail per authenticated user (burst 20, rate 1 per minute)
+        user = [20, 0.01666666667];
+    }
+    # If symbol is specified, then it is inserted instead of setting result
+    #symbol = "R_RATELIMIT";
     whitelisted_rcpts = "postmaster,mailer-daemon";
     max_rcpt = 5;
-}
\ No newline at end of file
+}