Mailcow-dockerized: Ratelimit exceeded
Hey,
I recently noticed that some mails from my raspberrypi (using "sendemail") which sends me daily notices and similar stuff don't arrive. The raspi has its own account on the domain example.org and sends the mails to another account on the same domain. After some debugging I experienced this error:
Aug 19 16:05:19 levinus-rasp sendemail[28235]: ERROR => Received: 451 4.7.1 Ratelimit \"mailcow\" exceeded
I looked into the rspamd log and found this:
2018-08-19 16:05:19 #12(rspamd_proxy) <c68e1c>; proxy; proxy_accept_socket: accepted milter connection from 172.22.1.1 port 43798
2018-08-19 16:05:19 #12(rspamd_proxy) <c68e1c>; milter; rspamd_milter_process_command: got connection from [ipv6]:41778
2018-08-19 16:05:19 #15(normal) <b67b36>; task; accept_socket: accepted connection from 172.22.1.11 port 60858, task ptr: 00007FB98346D900
2018-08-19 16:05:19 #15(normal) <b67b36>; task; rspamd_message_parse: loaded message; id: <526751.284112351-sendEmail@levinus-rasp>; queue-id: <37A7DFFF63>; size: 682; checksum: <459a3531240b27da787c278f
5349d71e>
2018-08-19 16:05:19 #15(normal) <5id1wc>; lua; lua_redis.lua:193: using default redis server for module dyn_rl
2018-08-19 16:05:19 #15(normal) <5id1wc>; lua; rspamd.local.lua:73: dynamic ratelimit request for user [email protected] returned invalid or empty data ("") or error ("nil") - trying dynamic ratelimit for
domain...
2018-08-19 16:05:19 #15(normal) <5id1wc>; lua; rspamd.local.lua:79: found dynamic ratelimit in redis for domain example.org with value 30 / 1m
2018-08-19 16:05:19 #15(normal) <b67b36>; lua; settings.lua:335: check for settings
2018-08-19 16:05:19 #15(normal) <5id1wc>; lua; ratelimit.lua:10: DYN_RL symbol has value 30 / 1m for object example.org, returning rs_dynrl_example.org...
2018-08-19 16:05:19 #15(normal) <b67b36>; lua; ratelimit.lua:479: ratelimit "mailcow(rs_dynrl_example.org)" exceeded, (30 / 0.016667): 3.51347453 (5.0627:8.4702 dyn)
2018-08-19 16:05:19 #15(normal) <b67b36>; task; lua_task_set_pre_result: <526751.284112351-sendEmail@levinus-rasp>: set pre-result to soft reject: 'Ratelimit "mailcow" exceeded'
2018-08-19 16:05:19 #15(normal) <b67b36>; task; rspamd_task_write_log: id: <526751.284112351-sendEmail@levinus-rasp>, qid: <37A7DFFF63>, ip: ipv6, user: [email protected],
from: <[email protected]>, (default: F (soft reject): [0.00/12.50] [DYN_RL(0.00){30 / 1m;levinus.de;},DYN_RL_CHECK(0.00){}]), len: 682, time: 2.751ms real, 2.025ms virtual, dns req: 0, digest: <459a3531240
b27da787c278f5349d71e>, rcpts: <[email protected]>, mime_rcpts: <[email protected]>
2018-08-19 16:05:19 #15(normal) <b67b36>; task; rspamd_protocol_http_reply: regexp statistics: 0 pcre regexps scanned, 0 regexps matched, 175 regexps total, 0 regexps cached, 0B bytes scanned using pcre,
0B bytes scanned total
2018-08-19 16:05:19 #12(rspamd_proxy) <21b5fa>; proxy; proxy_milter_finish_handler: finished milter connection
The ratelimit for the account [email protected] is disabled. The ratelimit for the domain example.org is 30 mails / 1m. So the right information is in the db. But:
There were only 5 outgoing mails in that period. What am I doing wrong?
levinuss
All 13 comments
Iirc that was recently fixed in Rspamd. Let me check.
Yes, it was fixed. I'm unsure if we should wait for a new release or cherry pick the fix.
andryyy
on 19 Aug 2018
Thx for the fast answer. If it is (or was) a confirmed bug its no problem for me to just deactivate ratelimiting on my domains until the fix arrives. I don't know whether its worth it to cherry pick it.
Its probably better to leave this issue open until the fix arrives in mailcow for other ppl that might notice it?
levinuss
on 19 Aug 2018
Yes, I will close it when the fix is implemented.
andryyy
on 19 Aug 2018
I too have this problem.
imp1sh
on 18 Sep 2018
Two days ago I made an updated and now I'm on 3b9a697c23c38b54ceab34e10c8ad11bf80792f0.
The problem still persists ( which I expected since the bug is not fixed, yet) but the problem is now that there's a customer with a specific domain who has this problem and I cannot remove the rate limit in the user's domain settings. When I set it to 0 and hit save the site refreshes and the old limit of 100 messages per hour is still there.
imp1sh
on 21 Sep 2018
Maybe your browser just autofills the old value into the form input? I cannot reproduce it, it always removes the value. Wether I use 0 or "".
andryyy
on 21 Sep 2018
A coworker of mine has verified the problem. It's only this specific domain that has this problem. The other domains I can change the value...
Can I somehow - globally deactivate ratelimiting in rspamd.conf?
imp1sh
on 21 Sep 2018
But you tried different browsers?
I don't see why it should work for one domain but not for the other. :-/ I even tried a Umlaut domain.
Sounds like a Redis problem. Any logs?
If everything fails, try docker-compose exec redis-mailcow redis-cli HDEL RL_VALUE domain.tld
andryyy
on 21 Sep 2018
Yes, I tried different computers and different Browsers. The output of the command you asked for is:
(integer) 1
imp1sh
on 21 Sep 2018
Okay, is it gone?
andryyy
on 21 Sep 2018
OH m枚r, please forget about it. It seem to have been the browser actually. Even though I tried different OS and Browser I did not flush my Browser's cache which solved the problem. Sorry for the hassle.
imp1sh
on 21 Sep 2018
Is the fix included in rspamd 1.8.0?
levinuss
on 5 Oct 2018
Yes :-)
andryyy
on 5 Oct 2018
Related issues
a3li
路
3Comments
damdinsharav
路
3Comments
thannaske
路
3Comments
GalacticLion7
路
3Comments
Adorfer
路
3Comments
Most helpful comment
Yes, I will close it when the fix is implemented.