Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Feature Requests
  3. Basic outbound email limits, per email account, at SMTP level for IP protection

Basic outbound email limits, per email account, at SMTP level for IP protection

Scheduled Pinned Locked Moved Feature Requests
email
9 Posts 5 Posters 1.3k Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      J Offline
      jackt
      wrote on last edited by girish
      #1

      I would love to see some sort of per user outbound email safeguards put in place. Limitations such as XX per hour, XX per minute, per user. OR Near immediate notification of problem accounts sending bulk emails. This is done to protect IP registration.

      girishG 1 Reply Last reply
      2
      • J jackt

        I would love to see some sort of per user outbound email safeguards put in place. Limitations such as XX per hour, XX per minute, per user. OR Near immediate notification of problem accounts sending bulk emails. This is done to protect IP registration.

        girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #2

        @jackt said in Basic outbound email limits, per email account, at SMTP level for IP protection:

        This is done to protect IP registration.

        Can you clarify what this means? Do you mean someone might register the server IP as spam ? (Maybe 'report' is the better word here).

        M 1 Reply Last reply
        1
        • girishG girish

          @jackt said in Basic outbound email limits, per email account, at SMTP level for IP protection:

          This is done to protect IP registration.

          Can you clarify what this means? Do you mean someone might register the server IP as spam ? (Maybe 'report' is the better word here).

          M Offline
          M Offline
          msbt
          App Dev
          wrote on last edited by msbt
          #3

          @girish I had a customer that wanted to send out hundreds of cold emails to potential clients they had collected, which is forbidden in my country (also everything with 50+ recipients if you don't offer an option to unsubscribe).

          Luckily I cought it quickly because they complained about an issue in webmail (apparently you can't paste that many addresses in the bcc field) and told them off, but as @jackt suggests, it would be nice to have a "safeguard" or a custom limit so they can't go over from the technical side.

          Since I'm using Postmark on most of my servers, it wouldn't necessarily be about IP reputation, but legal issues and eventually money, if there are thousands of emails going out 😉

          1 Reply Last reply
          3
          • J Offline
            J Offline
            jackt
            wrote on last edited by
            #4

            Thanks for the replies.

            @girish. We plan on having hundred of users on a dedicated mail server. At least one of these accounts will abuse mail privileges at some point. Currently a user can send out tens of thousands of emails on the SMTP level without restriction. This can cause the mail server IP's to be banned affecting the deliverability of other account holder sends. Swapping out an IP sucks. We are able to put some restrictions in using RoundCube but they can be bypassed with a skilled email marketing company.

            We would love to see some basic outbound email limitations put in place. At the very least limiting the number of outbound emails per hour, per user account. Even if its 100 per hour it will offer some protection to the site owner.

            Some sort of notification would work as well. Emailing/texting admin if a user sends more than XX emails in a 15 minute period.

            I hope this clarifies. We have been searching for a solution fro 4 days now. It just doesn't exist.

            #3

            girishG 1 Reply Last reply
            1
            • J jackt

              Thanks for the replies.

              @girish. We plan on having hundred of users on a dedicated mail server. At least one of these accounts will abuse mail privileges at some point. Currently a user can send out tens of thousands of emails on the SMTP level without restriction. This can cause the mail server IP's to be banned affecting the deliverability of other account holder sends. Swapping out an IP sucks. We are able to put some restrictions in using RoundCube but they can be bypassed with a skilled email marketing company.

              We would love to see some basic outbound email limitations put in place. At the very least limiting the number of outbound emails per hour, per user account. Even if its 100 per hour it will offer some protection to the site owner.

              Some sort of notification would work as well. Emailing/texting admin if a user sends more than XX emails in a 15 minute period.

              I hope this clarifies. We have been searching for a solution fro 4 days now. It just doesn't exist.

              #3

              girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #5

              @jackt We don't have any outbound rate limiting feature.

              Just investigated this a bit (so some notes for myself): The rate limit plugin (which we already use) does have it but we haven't configured it with any limits - https://github.com/haraka/haraka-plugin-limit . However, the limits in that plugin are global and not for a specific account - https://github.com/haraka/haraka-plugin-limit/blob/master/config/limit.ini#L101

              jdaviescoatesJ 1 Reply Last reply
              3
              • girishG girish

                @jackt We don't have any outbound rate limiting feature.

                Just investigated this a bit (so some notes for myself): The rate limit plugin (which we already use) does have it but we haven't configured it with any limits - https://github.com/haraka/haraka-plugin-limit . However, the limits in that plugin are global and not for a specific account - https://github.com/haraka/haraka-plugin-limit/blob/master/config/limit.ini#L101

                jdaviescoatesJ Offline
                jdaviescoatesJ Offline
                jdaviescoates
                wrote on last edited by
                #6

                @girish said in Basic outbound email limits, per email account, at SMTP level for IP protection:

                limits in that plugin are global

                That's probably good/ OK, no?

                Impossible to know in advance which user will try to abuse the system.

                I use Cloudron with Gandi & Hetzner

                girishG 1 Reply Last reply
                0
                • jdaviescoatesJ jdaviescoates

                  @girish said in Basic outbound email limits, per email account, at SMTP level for IP protection:

                  limits in that plugin are global

                  That's probably good/ OK, no?

                  Impossible to know in advance which user will try to abuse the system.

                  girishG Offline
                  girishG Offline
                  girish
                  Staff
                  wrote on last edited by
                  #7

                  @jdaviescoates yes, possibly. I have to test if it works. I don't trust those "plugins" even if they are from the upstream project. Indeed, the top most commit in that plugin is by me 🙂

                  1 Reply Last reply
                  3
                  • J Offline
                    J Offline
                    jackt
                    wrote on last edited by
                    #8

                    Thanks for the effort. I agree that global restrictions will help. The ideal solution will be account level restrictions OR notification of spikes so we can quickly identify the problem account. The goal is to limit the need for full time monitoring.

                    1 Reply Last reply
                    2
                    • C Offline
                      C Offline
                      CRBear
                      wrote on last edited by
                      #9

                      I also hope that this feature will be implemented soon to prevent servers from ending up on blacklists. It will also help prevent users from sending mass emails without coordination. Virtually every mail provider has enabled this feature for good reason.

                      1 Reply Last reply
                      0
                      • marcusquinnM marcusquinn referenced this topic on
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes


                        • Login

                        • Don't have an account? Register

                        • Login or register to search.
                        • First post
                          Last post
                        0
                        • Categories
                        • Recent
                        • Tags
                        • Popular
                        • Bookmarks
                        • Search