|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: disconnect on rejected client connection
From: Ralf Hildebrandt (Ralf.Hildebrandt
charite.de)
Date: Tue Jun 06 2006 - 01:31:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Joshua Goodall <joshua_goodallpacific.net.au>:
> On a very high throughput server we may see peaks of hundreds of inbound
> connections rejected due to RBLs.
>
> Our prime concern in that case is to dump the connection as fast as
> possible to free up smtpd processes. I'm not interested in any other
> details of the connection; I want them gone, ASAP.
>
> However, currently the effect of check_client_access is to hold the
> connection open and just increase the error count, thus relying on the
> spammer's SMTP client implementation to quit gracefully and free up the
> slot in a reasonable time. Uh-huh.
>
> What say we to a smtpd_disconnect_rejected_client = yes option that
> dumps the disgraceful offender ungracefully after their welcoming 554
> banner? I am trialling this now on some of our mail input servers (yes
> it also requires smtpd_delay_reject = no)
It's already there. Look at the error limits.
postconf |grep error_limit
--
Ralf Hildebrandt (Ralf.Hildebrandtcharite.de) spamtrapcharite.de
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.postfix-buch.com
Why you can't find your system administrators:
Managed to find time to sleep for an hour or two.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]