Scrip for rate limitation to break email loops

The instance I’m managing has a policy of allowing anyone to create tickets. As a result, it is occasionally struck with email loops, when poorly-configured systems auto-respond to the ticket creation confirmation email.

In order to stop these email loops, I created a “scrip” (RT scripts) that blocks users that create more than a certain number of tickets in a day.

This will add a comment in the last ticket indicating the block. Blocked users will be informed through “permission denied” emails.

I’m sharing this in case this is useful for anyone (I’d like to add it to the wiki but it’s currently closed)

Note: Technically, this will not stop the email loop between RT and users (you can’t prevent emails from being sent from scrips), but it will stop new tickets creation. I use this method because I’m not hosting this instance and have therefore no access to server-side settings, which would be necessary to completely break the loop.

Scrip

  • Description: Ticket creation rate limiting
  • Condition: On Create
  • Action: User Defined
  • Template: Blank

Custom action preparation code:

my $user = $self->TransactionObj->Creator;
my $limit = 30; # Maximum tickets per day

# A user that won't be affected by the rate limitation
my $excluded_user = 'someuse@domain.com';

if ($self->TicketObj->RequestorAddresses eq $excluded_user) {
    return 0; # Allow the ticket creation without limits for excluded user
}

# Get today's date in a format RT can use
my $today = RT::Date->new($RT::SystemUser);
$today->Set(Format => 'unknown', Value => 'today');
$today->SetToMidnight();

# Search for tickets created by the user today
my $tickets_today = RT::Tickets->new($RT::SystemUser);
$tickets_today->LimitCreated(OPERATOR => '>=', VALUE => $today->ISO);
$tickets_today->Limit(FIELD => 'Creator', VALUE => $user);

if ($tickets_today->Count > $limit) {
    $self->TicketObj->Comment(Content => "Rate limit reached for user" );
    return 1; # Prevent ticket creation
}

return 0; # Allow ticket creation to proceed

Custom action commit code:

# Delete the ticket
# my $ticket = $self->TicketObj;
#$ticket->Delete();

my $user = $self->TicketObj->CreatorObj;

my $res = $user->SetEmailAddress("");
my $res2 = $user->SetDisabled(1);

$self->TicketObj->Comment(Content => "Email address change result: $res\nUser disabling result: $res2");

return 1;
1 Like