Skip to main content

Rate limiting

Rate limiting is a strategy to limit network traffic. As the name suggests, it puts a limit on how often someone can repeat an action (such as trying to log into an account) within a given time period. Rate limiting can help mitigate certain types of malicious activity such as brute force attacks. It is also useful to reduce the load on your IMAP server.


To limit the number of concurrent IMAP connections that a user can have, use the imap.rate-limit.concurrent setting. For example:

concurrent = 4


To limit the number of IMAP requests that a user can make within a given time period, use the imap.rate-limit.requests setting. For example:

requests = "2000/1m"