Hello, I am looking for guidance on whether the NGINX Mail Proxy (SMTP/IMAP/POP3) can enforce any form of message-based throttling.
Requirement:
We want to restrict an internal application so that it cannot send more than 100 emails per hour. The application routes SMTP traffic through our NGINX Mail Proxy Server, and we want the limit enforced at the proxy layer rather than modifying the application itself.
Current setup:
- NGINX Mail Proxy using the mail {} module
- SMTP AUTH is handled by an external auth server
- Application sends outbound email through NGINX → backend relay
- Basic timeouts and SSL are already configured
What I found so far:
- The mail module does not support limit_req or rate-limiting similar to HTTP
- I only see options for limit_conn (concurrent connections) and limit_rate (bandwidth throttling)
- I cannot find any native method to enforce a limit such as “100 messages per hour per IP or per authenticated user”
My question:
Is there a native way in the NGINX mail module (or stream module) to rate-limit SMTP messages per hour?
If not, what is the recommended workaround?
- External policy server?
- Custom module?
- Implementing the rate limit on the backend SMTP server instead?
- Third-party modules that can enforce SMTP command throttling?
Any advice, examples, or configuration guidance would be greatly appreciated.
Thank you.