|Anti-spam technique: Rate limits|
|Date of first use:||early 2000|
|Difficulty of implementation:||Low|
Humans and legitimate mail servers usually send messages at a limited rate. Spam robots can, sometimes, send bursts of messages. An SMTP server can count the number of connections per client over some time window and reject connections, with a temporary reply code, when a threshold is reached. Limits are usually applied to connections, messages or recipients.
Nowadays, rate limiting effectiveness is too low to be considered as a real anti-spam measure, but it remains very effective against DoS and other abuses. It can suffer from false positives against legitimate bursty mail sources such as mailing lists.