Merge pull request #77 from systemli/configurable-rate-limit-message

✨ Make rate limit rejection message configurable

Author: 0x46616c6b

.env.example

@@ -6,6 +6,7 @@ DOMAIN_LISTEN_ADDR=":10002"
 MAILBOX_LISTEN_ADDR=":10003"
 SENDERS_LISTEN_ADDR=":10004"
 METRICS_LISTEN_ADDR=":10005"
+RATE_LIMIT_MESSAGE="Rate limit exceeded, please try again later"
 
 LOG_LEVEL=debug
 LOG_FORMAT=text

README.md

@@ -15,6 +15,7 @@ The adapter is configured via environment variables:
 - `SOCKETMAP_LISTEN_ADDR`: The address to listen on for socketmap requests. Default: `:10001`.
 - `POLICY_LISTEN_ADDR`: The address to listen on for policy requests (rate limiting). Default: `:10003`.
 - `METRICS_LISTEN_ADDR`: The address to listen on for metrics. Default: `:10002`.
+- `RATE_LIMIT_MESSAGE`: The rejection message returned when a sender exceeds their quota. Default: `Rate limit exceeded, please try again later`.
 
 In Postfix, you can configure the adapter using the socketmap protocol like this:
 

config.go

@@ -24,6 +24,9 @@ type Config struct {
 
 	// MetricsListenAddr is the address to listen for metrics requests.
 	MetricsListenAddr string
+
+	// RateLimitMessage is the message returned when rate limit is exceeded.
+	RateLimitMessage string
 }
 
 // NewConfig creates a new Config with default values.
@@ -55,12 +58,18 @@ func NewConfig() (*Config, error) {
 		policyListenAddr = ":10003"
 	}
 
+	rateLimitMessage := os.Getenv("RATE_LIMIT_MESSAGE")
+	if rateLimitMessage == "" {
+		rateLimitMessage = "Rate limit exceeded, please try again later"
+	}
+
 	return &Config{
 		UserliBaseURL:             userliBaseURL,
 		UserliToken:               userliToken,
 		PostfixRecipientDelimiter: postfixRecipientDelimiter,
 		SocketmapListenAddr:       socketmapListenAddr,
 		PolicyListenAddr:          policyListenAddr,
 		MetricsListenAddr:         metricsListenAddr,
+		RateLimitMessage:          rateLimitMessage,
 	}, nil
 }

config_test.go

@@ -39,6 +39,7 @@ func (s *ConfigTestSuite) TestNewConfig() {
 		s.Equal("", config.PostfixRecipientDelimiter)
 		s.Equal(":10001", config.SocketmapListenAddr)
 		s.Equal(":10002", config.MetricsListenAddr)
+		s.Equal("Rate limit exceeded, please try again later", config.RateLimitMessage)
 	})
 
 	s.Run("custom config", func() {
@@ -47,6 +48,7 @@ func (s *ConfigTestSuite) TestNewConfig() {
 		os.Setenv("POSTFIX_RECIPIENT_DELIMITER", "+")
 		os.Setenv("SOCKETMAP_LISTEN_ADDR", ":20001")
 		os.Setenv("METRICS_LISTEN_ADDR", ":20002")
+		os.Setenv("RATE_LIMIT_MESSAGE", "Too many emails")
 
 		config, err := NewConfig()
 
@@ -56,6 +58,7 @@ func (s *ConfigTestSuite) TestNewConfig() {
 		s.Equal("+", config.PostfixRecipientDelimiter)
 		s.Equal(":20001", config.SocketmapListenAddr)
 		s.Equal(":20002", config.MetricsListenAddr)
+		s.Equal("Too many emails", config.RateLimitMessage)
 	})
 }
 

main.go

@@ -48,7 +48,7 @@ func main() {
 	defer stop()
 
 	rateLimiter := NewRateLimiter(ctx)
-	policyServer := NewPolicyServer(userli, rateLimiter, logger.Named("policy"))
+	policyServer := NewPolicyServer(userli, rateLimiter, config.RateLimitMessage, logger.Named("policy"))
 
 	var wg sync.WaitGroup
 

policy.go

@@ -16,17 +16,19 @@ import (
 // PolicyServer implements a Postfix SMTP Access Policy Delegation server
 // for rate limiting outgoing mail based on sender quotas.
 type PolicyServer struct {
-	client      UserliService
-	rateLimiter *RateLimiter
-	logger      *zap.Logger
+	client           UserliService
+	rateLimiter      *RateLimiter
+	rateLimitMessage string
+	logger           *zap.Logger
 }
 
 // NewPolicyServer creates a new PolicyServer with the given UserliService
-func NewPolicyServer(client UserliService, rateLimiter *RateLimiter, logger *zap.Logger) *PolicyServer {
+func NewPolicyServer(client UserliService, rateLimiter *RateLimiter, rateLimitMessage string, logger *zap.Logger) *PolicyServer {
 	return &PolicyServer{
-		client:      client,
-		rateLimiter: rateLimiter,
-		logger:      logger,
+		client:           client,
+		rateLimiter:      rateLimiter,
+		rateLimitMessage: rateLimitMessage,
+		logger:           logger,
 	}
 }
 
@@ -235,7 +237,7 @@ func (p *PolicyServer) handleRequest(ctx context.Context, req *PolicyRequest) st
 		policyRequestDuration.WithLabelValues("check", "reject").Observe(time.Since(startTime).Seconds())
 		quotaExceededTotal.Inc()
 
-		return "REJECT Rate limit exceeded, please try again later"
+		return "REJECT " + p.rateLimitMessage
 	}
 
 	p.logger.Debug("Message allowed",

policy_test.go

@@ -81,7 +81,7 @@ func TestPolicyServer_HandleRequest_SkipNonEndOfMessage(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "RCPT",
@@ -103,7 +103,7 @@ func TestPolicyServer_HandleRequest_NoSender(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "END-OF-MESSAGE",
@@ -125,7 +125,7 @@ func TestPolicyServer_HandleRequest_APIError(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "END-OF-MESSAGE",
@@ -148,7 +148,7 @@ func TestPolicyServer_HandleRequest_NoLimits(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "END-OF-MESSAGE",
@@ -170,7 +170,7 @@ func TestPolicyServer_HandleRequest_AllowedMessage(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "END-OF-MESSAGE",
@@ -192,7 +192,7 @@ func TestPolicyServer_HandleRequest_RateLimited(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	req := &PolicyRequest{
 		ProtocolState: "END-OF-MESSAGE",
@@ -218,14 +218,39 @@ func TestPolicyServer_HandleRequest_RateLimited(t *testing.T) {
 	}
 }
 
+func TestPolicyServer_HandleRequest_CustomRateLimitMessage(t *testing.T) {
+	mockClient := &MockUserliServiceForPolicy{
+		quota: &Quota{PerHour: 1, PerDay: 100},
+	}
+	rateLimiter := &RateLimiter{
+		counters: make(map[string]*senderCounter),
+	}
+	server := NewPolicyServer(mockClient, rateLimiter, "Too many emails", zap.NewNop())
+
+	req := &PolicyRequest{
+		ProtocolState: "END-OF-MESSAGE",
+		Sender:        "user@example.org",
+		SaslUsername:  "user@example.org",
+	}
+
+	// First message passes
+	server.handleRequest(context.Background(), req)
+
+	// Second message should be rejected with custom message
+	response := server.handleRequest(context.Background(), req)
+	if response != "REJECT Too many emails" {
+		t.Errorf("Expected 'REJECT Too many emails', got %s", response)
+	}
+}
+
 func TestPolicyServer_HandleRequest_UsesSaslUsername(t *testing.T) {
 	mockClient := &MockUserliServiceForPolicy{
 		quota: &Quota{PerHour: 1, PerDay: 100},
 	}
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	// First request uses sasl_username
 	req1 := &PolicyRequest{
@@ -255,7 +280,7 @@ func TestPolicyServer_Integration(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	// Start server on random port
 	listener, err := net.Listen("tcp", "127.0.0.1:0")
@@ -317,7 +342,7 @@ func TestPolicyServer_HandleConnection(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	serverConn, clientConn := net.Pipe()
 	defer serverConn.Close()
@@ -367,7 +392,7 @@ func TestPolicyServer_HandleConnection_MultipleRequests(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	serverConn, clientConn := net.Pipe()
 	defer serverConn.Close()
@@ -412,7 +437,7 @@ func TestPolicyServer_StartPolicyServer(t *testing.T) {
 	rateLimiter := &RateLimiter{
 		counters: make(map[string]*senderCounter),
 	}
-	server := NewPolicyServer(mockClient, rateLimiter, zap.NewNop())
+	server := NewPolicyServer(mockClient, rateLimiter, "Rate limit exceeded, please try again later", zap.NewNop())
 
 	ctx, cancel := context.WithCancel(context.Background())
 	var wg sync.WaitGroup