Changing firewall to include rate limits

I’ll admit that I don’t have a ton of IPTables knowledge but I didn’t noticed any rate limits on the inbound SMTP, POP, IMAP, and HTTPS connections… I am used to seeing something like this:

-A INPUT -p tcp -m tcp --dport 993 -m state --state NEW -m recent --set --name imapssl --rsource
-A INPUT -p tcp -m tcp --dport 993 -m state --state NEW -m recent --update --seconds 10 --hitcount 20 --name imapssl --rsource -j LOG_AND_DROP
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT

Is there rate limits already in the rules and I am just missing it?

No one has suggested that before. We have (and are extending) rate limiting on failed logins, resulting in IP blocks. But not rate limiting for connections in general (that don’t result in failed logins). Definitely worth considering adding.

(Also see

Sent you a pull request for changes to the setup files that will implement limited inbound connections…

This topic was automatically closed after 61 days. New replies are no longer allowed.