Update setup with new rate limit config vars.

master
Diman0 3 years ago
parent 24aadf2f52
commit ac496eed19

@ -29,9 +29,14 @@ POSTMASTER={{ postmaster }}
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt) # Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR={{ tls_flavor }} TLS_FLAVOR={{ tls_flavor }}
# Authentication rate limit (per /24 on ipv4 and /56 on ipv6) # Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
{% if auth_ratelimit_pm > '0' %} {% if auth_ratelimit_ip > '0' %}
AUTH_RATELIMIT={{ auth_ratelimit_pm }}/minute AUTH_RATELIMIT_IP={{ auth_ratelimit_ip }}/hour
{% endif %}
# Authentication rate limit per user (per /24 on ipv4 and /56 on ipv6)
{% if auth_ratelimit_user > '0' %}
AUTH_RATELIMIT_USER={{ auth_ratelimit_user }}/day
{% endif %} {% endif %}
# Opt-out of statistics, replace with "True" to opt out # Opt-out of statistics, replace with "True" to opt out

@ -48,10 +48,18 @@ Or in plain english: if receivers start to classify your mail as spam, this post
</div> </div>
<div class="form-group"> <div class="form-group">
<label>Authentication rate limit (per source IP address)</label> <label>Authentication rate limit per IP for failed login attempts for non-existing accounts</label>
<!-- Validates number input only --> <!-- Validates number input only -->
<p><input class="form-control" style="width: 9%; display: inline;" type="number" name="auth_ratelimit_pm" <p><input class="form-control" style="width: 9%; display: inline;" type="number" name="auth_ratelimit_ip"
value="10000" required > / minute value="60" required > / hour
</p>
</div>
<div class="form-group">
<label>Authentication rate limit per user for failed login attempts for existing accounts</label>
<!-- Validates number input only -->
<p><input class="form-control" style="width: 9%; display: inline;" type="number" name="auth_ratelimit_user"
value="100" required > / day
</p> </p>
</div> </div>

Loading…
Cancel
Save