Thank you very much zhang!
Please update me

Raz

yes it is wrong sorry, my bad.
its not working only with the @ip option

my iredapd.conf:
############################################################
# DO NOT TOUCH BELOW LINE.
#
# Import default settings.
# You can always override default settings by placing custom settings in this
# file.
from libs.default_settings import *
############################################################

# Listen address and port.
listen_address = "127.0.0.1"
listen_port = "7777"

# Run as a low privileged user.
run_as_user = "iredapd"

# Path to pid file.
pid_file = '/var/run/iredapd.pid'

# Path to log file.
# Set 'log_file = /dev/null' if you don't want to keep the log.
log_file = "/var/log/iredapd/iredapd.log"

# Log level: info, debug.
log_level = "debug"

# Backend: ldap, mysql, pgsql.
backend = "mysql"

# Enabled plugins.
plugins = ["reject_null_sender", "reject_sender_login_mismatch", "greylisting", "throttle", "amavisd_wblist", "sql_alias_access_policy"]

# For LDAP backend.
#
# LDAP server setting.
# Uri must starts with ldap:// or ldaps:// (TLS/SSL).
#
# Tip: You can get binddn, bindpw from /etc/postfix/ldap/*.cf.
#
ldap_uri = 'ldap://127.0.0.1:389'
ldap_basedn = 'o=domains,dc=iredmail,dc=org'
ldap_binddn = 'cn=vmail,dc=iredmail,dc=org'
ldap_bindpw = 'password'

# For SQL (MySQL/MariaDB/PostgreSQL) backends, used to query mail accounts.
vmail_db_server = "192.168.X.X"
vmail_db_port = "3306"
vmail_db_name = "vmail"
vmail_db_user = "vmail"
vmail_db_password = "XXX"

# For Amavisd policy lookup and white/blacklists.
amavisd_db_server = "192.168.X.X"
amavisd_db_port = "3306"
amavisd_db_name = "amavisd"
amavisd_db_user = "amavisd"
amavisd_db_password = "XXXXXX"

# iRedAPD database, used for greylisting, throttle.
iredapd_db_server = "192.168.X.X"
iredapd_db_port = "3306"
iredapd_db_name = "iredapd"
iredapd_db_password = "XXXXXX"

in throttle table
'84', '@ip', 'external', '0', '600', '10240000', '20', '4096000000'

in throttle_tracking after sending first mail:
57    84    XX.XX.XX.XX    600    1    28381    1493618941    1493618941

after second mail in iredapd.log:

2017-05-01 09:09:24 DEBUG smtp session: request=smtpd_access_policy
2017-05-01 09:09:24 DEBUG smtp session: protocol_state=RCPT
2017-05-01 09:09:24 DEBUG smtp session: protocol_name=ESMTP
2017-05-01 09:09:24 DEBUG smtp session: client_address=XX.XX.XX.XX
2017-05-01 09:09:24 DEBUG smtp session: client_name=owa.external.com
2017-05-01 09:09:24 DEBUG smtp session: client_port=16239
2017-05-01 09:09:24 DEBUG smtp session: reverse_client_name=external.mail.com
2017-05-01 09:09:24 DEBUG smtp session: helo_name=mail.com
2017-05-01 09:09:24 DEBUG smtp session: sender=raz@external.com
2017-05-01 09:09:24 DEBUG smtp session: recipient=raz@internal.com
2017-05-01 09:09:24 DEBUG smtp session: recipient_count=0
2017-05-01 09:09:24 DEBUG smtp session: queue_id=
2017-05-01 09:09:24 DEBUG smtp session: instance=6d19.5906d114.3f3c9.0
2017-05-01 09:09:24 DEBUG smtp session: size=29623
2017-05-01 09:09:24 DEBUG smtp session: etrn_domain=
2017-05-01 09:09:24 DEBUG smtp session: stress=
2017-05-01 09:09:24 DEBUG smtp session: sasl_method=
2017-05-01 09:09:24 DEBUG smtp session: sasl_username=
2017-05-01 09:09:24 DEBUG smtp session: sasl_sender=
2017-05-01 09:09:24 DEBUG smtp session: ccert_subject=
2017-05-01 09:09:24 DEBUG smtp session: ccert_issuer=
2017-05-01 09:09:24 DEBUG smtp session: ccert_fingerprint=
2017-05-01 09:09:24 DEBUG smtp session: ccert_pubkey_fingerprint=
2017-05-01 09:09:24 DEBUG smtp session: encryption_protocol=TLSv1
2017-05-01 09:09:24 DEBUG smtp session: encryption_cipher=AES128-SHA
2017-05-01 09:09:24 DEBUG smtp session: encryption_keysize=128
2017-05-01 09:09:24 DEBUG smtp session: policy_context=
2017-05-01 09:09:24 DEBUG --> Apply plugin: reject_null_sender
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO
2017-05-01 09:09:24 DEBUG --> Apply plugin: reject_sender_login_mismatch
2017-05-01 09:09:24 DEBUG Not an authenticated sender (no sasl_username).
2017-05-01 09:09:24 DEBUG [SQL] query local domain (internal.com):
SELECT domain
                   FROM domain
                  WHERE domain='external.com'
                  LIMIT 1
2017-05-01 09:09:24 DEBUG SQL query result: None
2017-05-01 09:09:24 DEBUG [SQL] query alias domains (external.com):
SELECT alias_domain
                   FROM alias_domain
                  WHERE alias_domain='external.com' OR target_domain='external.com'
                  LIMIT 1
2017-05-01 09:09:24 DEBUG SQL query result: None
2017-05-01 09:09:24 DEBUG Sender domain is not hosted locally.
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO
2017-05-01 09:09:24 DEBUG --> Apply plugin: greylisting
2017-05-01 09:09:24 DEBUG [SQL] Query greylisting whitelists:
SELECT id, sender, comment
               FROM greylisting_whitelists
              WHERE account IN ('raz@internal.com', '@internal.com', '@.')
2017-05-01 09:09:24 DEBUG No whitelist found.
2017-05-01 09:09:24 DEBUG [SQL] query greylisting settings:
SELECT id, account, sender, sender_priority, active
               FROM greylisting
              WHERE account IN ('raz@internal.com', '@internal.com', '@.')
              ORDER BY priority DESC, sender_priority DESC
2017-05-01 09:09:24 DEBUG [SQL] query result: [(1, '@.', '@.', 0, 1)]
2017-05-01 09:09:24 DEBUG Greylisting should be applied according to SQL record: (id=1, account='@.', sender='@.')
2017-05-01 09:09:24 DEBUG [SQL] check whether client address (XX.XX.XX.XX) passed greylisting:
SELECT id
               FROM greylisting_tracking
              WHERE client_address='XX.XX.XX.XX'
                    AND passed=1
              LIMIT 1
2017-05-01 09:09:24 DEBUG Client address (XX.XX.XX.XX) passed greylisting.
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO
2017-05-01 09:09:24 DEBUG --> Apply plugin: throttle
2017-05-01 09:09:24 DEBUG Check sender throttling.
2017-05-01 09:09:24 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='external' AND account IN ('XX.XX.XX.XX', '@ip', '@.', 'raz@external.com', '@external.com', '@.external.com', '@com', '@.com', 'XX.XX.XX.*', 'XX.XX.*.XX')
         ORDER BY priority DESC

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[(84, '@ip', 0, 600, 20, 4096000000, 10240000)]
2017-05-01 09:09:24 DEBUG sender throttle setting: msg_size=10240000 (bytes)/id=84/account=@ip; max_msgs=20/id=84/account=@ip; max_quota=4096000000 (bytes)/id=84/account=@ip;
2017-05-01 09:09:24 DEBUG [SQL] Query throttle tracking data:
SELECT id, tid, account, cur_msgs, cur_quota, init_time, last_time
               FROM throttle_tracking
              WHERE (tid=84 AND account='raz@external.com')

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[]
2017-05-01 09:09:24 DEBUG Tracking IDs: {}
2017-05-01 09:09:24 DEBUG Period of max_msgs expired, reset.
2017-05-01 09:09:24 INFO [XX.XX.XX.XX] sender throttle, raz@external.com -> max_msgs (0/20, period: 600 seconds, time left: 10 minutes)
2017-05-01 09:09:24 DEBUG [OK] Passed all sender throttle settings.
2017-05-01 09:09:24 DEBUG Check recipient throttling.
2017-05-01 09:09:24 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='inbound' AND account IN ('XX.XX.XX.XX', '@ip', '@.', 'raz@internal.com', '@internal.com', '@.internal.com', '@com', '@.com', 'XX.XX.XX.*', 'XX.XX.*.XX')
         ORDER BY priority DESC

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[(75, '@internal.com', 100, 600, 10, 4096000000, 10240000)]
2017-05-01 09:09:24 DEBUG recipient throttle setting: msg_size=10240000 (bytes)/id=75/account=@internal.com; max_msgs=10/id=75/account=@internal.com; max_quota=4096000000 (bytes)/id=75/account=@internal.com;
2017-05-01 09:09:24 DEBUG [SQL] Query throttle tracking data:
SELECT id, tid, account, cur_msgs, cur_quota, init_time, last_time
               FROM throttle_tracking
              WHERE (tid=75 AND account='raz@internal.com')

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[(55, 75, 'raz@internal.com', 2, 56760, 1493618848, 1493618941)]
2017-05-01 09:09:24 DEBUG Tracking IDs: {(75, 'raz@internal.com'): 55}
2017-05-01 09:09:24 INFO [XX.XX.XX.XX] recipient throttle, raz@internal.com -> max_msgs (2/10, period: 600 seconds, time left: 8 minutes, 27 seconds)
2017-05-01 09:09:24 DEBUG [OK] Passed all recipient throttle settings.
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO
2017-05-01 09:09:24 DEBUG --> Apply plugin: sql_alias_access_policy
2017-05-01 09:09:24 DEBUG [SQL] query access policy:
SELECT accesspolicy, goto, moderators
               FROM alias
              WHERE address='raz@internal.com'
AND islist=1
                    AND active=1
              LIMIT 1

2017-05-01 09:09:24 DEBUG SQL query result: None
2017-05-01 09:09:24 DEBUG [SQL] Check whether recipient domain is an alias domain:
SELECT target_domain
                   FROM alias_domain
                  WHERE alias_domain = 'internal.com'
                  LIMIT 1

2017-05-01 09:09:24 DEBUG [SQL] query result: None
2017-05-01 09:09:24 DEBUG Recipient domain is not an alias domain.
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO Recipient is not a mail alias account or no access policy
2017-05-01 09:09:24 DEBUG --> Apply plugin: amavisd_wblist
2017-05-01 09:09:24 DEBUG Possible policy senders: ['@.', 'raz@external.com', '@external.com', '@.external.com', '@com', '@.com', 'raz@*', 'XX.XX.XX.XX', 'XX.XX.XX.*', 'XX.XX.*.XX']
2017-05-01 09:09:24 DEBUG Possible policy recipients: ['@.', 'raz@internal.com', '@internal.com', '@.internal.com', '@com', '@.com']
2017-05-01 09:09:24 DEBUG [SQL] query local domain (external.com):
SELECT domain
                   FROM domain
                  WHERE domain='external.com'
                  LIMIT 1
2017-05-01 09:09:24 DEBUG SQL query result: None
2017-05-01 09:09:24 DEBUG [SQL] query alias domains (external.com):
SELECT alias_domain
                   FROM alias_domain
                  WHERE alias_domain='external.com' OR target_domain='external.com'
                  LIMIT 1
2017-05-01 09:09:24 DEBUG SQL query result: None
2017-05-01 09:09:24 DEBUG Apply wblist for inbound message.
2017-05-01 09:09:24 DEBUG [SQL] Query local addresses:
SELECT id, email
               FROM users
              WHERE email IN ('@.', 'raz@internal.com', '@internal.com', '@.internal.com', '@com', '@.com')
           ORDER BY priority DESC
2017-05-01 09:09:24 DEBUG Local addresses (in `users`): [(2, '@internal.com')]
2017-05-01 09:09:24 DEBUG [SQL] Query external addresses:
SELECT id, email
               FROM mailaddr
              WHERE email IN ('@.', 'raz@external.com', '@external.com', '@.external.com', '@com', '@.com', 'raz@*', 'XX.XX.XX.XX', 'XX.XX.XX.*', 'XX.XX.*.XX')
           ORDER BY priority DESC
2017-05-01 09:09:24 DEBUG No record found in SQL database.
2017-05-01 09:09:24 DEBUG No valid sender id or recipient id.
2017-05-01 09:09:24 DEBUG <-- Result: DUNNO
2017-05-01 09:09:24 DEBUG Session ended.
2017-05-01 09:09:24 INFO XX.XX.XX.XX RCPT, raz@external.com -> raz@internal.com, DUNNO [0.0317s]
2017-05-01 09:09:24 DEBUG smtp session: request=smtpd_access_policy
2017-05-01 09:09:24 DEBUG smtp session: protocol_state=END-OF-MESSAGE
2017-05-01 09:09:24 DEBUG smtp session: protocol_name=ESMTP
2017-05-01 09:09:24 DEBUG smtp session: client_address=XX.XX.XX.XX
2017-05-01 09:09:24 DEBUG smtp session: client_name=owa.external.com
2017-05-01 09:09:24 DEBUG smtp session: client_port=16239
2017-05-01 09:09:24 DEBUG smtp session: reverse_client_name=owa.external.com
2017-05-01 09:09:24 DEBUG smtp session: helo_name=mail.external.com
2017-05-01 09:09:24 DEBUG smtp session: sender=raz@external.com
2017-05-01 09:09:24 DEBUG smtp session: recipient=raz@internal.com
2017-05-01 09:09:24 DEBUG smtp session: recipient_count=1
2017-05-01 09:09:24 DEBUG smtp session: queue_id=5794D606FA
2017-05-01 09:09:24 DEBUG smtp session: instance=6d19.5906d114.3f3c9.0
2017-05-01 09:09:24 DEBUG smtp session: size=28381
2017-05-01 09:09:24 DEBUG smtp session: etrn_domain=
2017-05-01 09:09:24 DEBUG smtp session: stress=
2017-05-01 09:09:24 DEBUG smtp session: sasl_method=
2017-05-01 09:09:24 DEBUG smtp session: sasl_username=
2017-05-01 09:09:24 DEBUG smtp session: sasl_sender=
2017-05-01 09:09:24 DEBUG smtp session: ccert_subject=
2017-05-01 09:09:24 DEBUG smtp session: ccert_issuer=
2017-05-01 09:09:24 DEBUG smtp session: ccert_fingerprint=
2017-05-01 09:09:24 DEBUG smtp session: ccert_pubkey_fingerprint=
2017-05-01 09:09:24 DEBUG smtp session: encryption_protocol=TLSv1
2017-05-01 09:09:24 DEBUG smtp session: encryption_cipher=AES128-SHA
2017-05-01 09:09:24 DEBUG smtp session: encryption_keysize=128
2017-05-01 09:09:24 DEBUG smtp session: policy_context=
2017-05-01 09:09:24 DEBUG Skip plugin: reject_null_sender (protocol_state != END-OF-MESSAGE)
2017-05-01 09:09:24 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2017-05-01 09:09:24 DEBUG Skip plugin: greylisting (protocol_state != END-OF-MESSAGE)
2017-05-01 09:09:24 DEBUG --> Apply plugin: throttle
2017-05-01 09:09:24 DEBUG Check sender throttling.
2017-05-01 09:09:24 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='external' AND account IN ('XX.XX.XX.XX', '@ip', '@.', 'raz@external.com', '@external.com', '@.external.com', '@com', '@.com', 'XX.XX.XX.*', 'XX.XX.*.XX')
         ORDER BY priority DESC

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[(84, '@ip', 0, 600, 20, 4096000000, 10240000)]
2017-05-01 09:09:24 DEBUG sender throttle setting: msg_size=10240000 (bytes)/id=84/account=@ip; max_msgs=20/id=84/account=@ip; max_quota=4096000000 (bytes)/id=84/account=@ip;
2017-05-01 09:09:24 DEBUG [SQL] Query throttle tracking data:
SELECT id, tid, account, cur_msgs, cur_quota, init_time, last_time
               FROM throttle_tracking
              WHERE (tid=84 AND account='raz@external.com')

2017-05-01 09:09:24 DEBUG [SQL] Query result:
[]
2017-05-01 09:09:24 DEBUG Tracking IDs: {}
2017-05-01 09:09:24 DEBUG Period of max_msgs expired, reset.
2017-05-01 09:09:24 INFO [XX.XX.XX.XX] sender throttle, raz@external.com -> msg_size (28381/10240000, period: 600 seconds, time left: 10 minutes)
2017-05-01 09:09:24 DEBUG Period of max_quota expired, reset.
2017-05-01 09:09:24 INFO [XX.XX.XX.XX] sender throttle, raz@external.com -> max_quota (0/4096000000, period: 600 seconds, time left: 10 minutes)
2017-05-01 09:09:24 DEBUG [SQL] Insert new tracking record(s):
INSERT INTO throttle_tracking
                                 (tid, account, cur_msgs, period, cur_quota, init_time, last_time)
                          VALUES (84, 'XX.XX.XX.XX', 1, 600, 28381, 1493618964, 1493618964)
2017-05-01 09:09:24 ERROR <!> Error while applying plugin "throttle": ['Traceback (most recent call last):\n', '  File "/opt/iRedAPD-2.0/libs/utils.py", line 101, in apply_plugin\n', '  File "/opt/iredapd/plugins/throttle.py", line 571, in restriction\n', '  File "/opt/iredapd/plugins/throttle.py", line 508, in apply_throttle\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 906, in execute\n    return self._execute_text(object, multiparams, params)\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1054, in _execute_text\n    statement, parameters\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1146, in _execute_context\n    context)\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1341, in _handle_dbapi_exception\n    exc_info\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/util/compat.py", line 200, in raise_from_cause\n    reraise(type(exception), exception, tb=exc_tb)\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1139, in _execute_context\n    context)\n', '  File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 450, in do_execute\n    cursor.execute(statement, parameters)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/cursors.py", line 158, in execute\n    result = self._query(query)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/cursors.py", line 308, in _query\n    conn.query(q)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 820, in query\n    self._affected_rows = self._read_query_result(unbuffered=unbuffered)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 1002, in _read_query_result\n    result.read()\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 1285, in read\n    first_packet = self.connection._read_packet()\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 966, in _read_packet\n    packet.check_error()\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 394, in check_error\n    err.raise_mysql_exception(self._data)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 120, in raise_mysql_exception\n    _check_mysql_exception(errinfo)\n', '  File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 112, in _check_mysql_exception\n    raise errorclass(errno, errorvalue)\n', 'IntegrityError: (pymysql.err.IntegrityError) (1062, u"Duplicate entry \'84-XX.XX.XX.XX\' for key \'tid_account\'") [SQL: "INSERT INTO throttle_tracking\\n                                 (tid, account, cur_msgs, period, cur_quota, init_time, last_time)\\n                          VALUES (84, \'XX.XX.XX.XX\', 1, 600, 28381, 1493618964, 1493618964)"]\n']
2017-05-01 09:09:24 DEBUG Skip plugin: sql_alias_access_policy (protocol_state != END-OF-MESSAGE)
2017-05-01 09:09:24 DEBUG Skip plugin: amavisd_wblist (protocol_state != END-OF-MESSAGE)
2017-05-01 09:09:24 DEBUG Session ended.
2017-05-01 09:09:24 INFO XX.XX.XX.XX END-OF-MESSAGE, raz@external.com -> raz@internal.com, DUNNO [0.0674s]

Thank you

Fixed moment ago:
https://bitbucket.org/zhb/iredapd/commi … 40a6534aa7