OT: All processes of Sendmail stuck... DDOS?

Res res at ausics.net
Mon Mar 20 11:27:53 GMT 2006


On Mon, 20 Mar 2006, Ugo Bellavance wrote:

> Most of our MX's are having this problem.
> Using a mix of Greet pause, connexion throttling, greylisting, RBLs.

Ensure the ident time is 1-3 seconds

Greet pause, mostly you can get away with setting of 2000

Greylisting... is not really good idea on busy servers, its also very time 
consuming with those with many MX's, might take an hour or so for mail 
to get received.

RBL's, here might be the problem, try manual lookups on somthing on each 
RBL used, maybe there is one with problem.

> The number of connexions rejected by sendmail by these different processes 
> have known a very significant increase lately.  Before implementing

> Greylisting, MailScanner was processing ~ 100 000 msg/day max on all of our 
> servers.  Now all the log entries for rejected connexions by sendmail totals 
> ~ 400 000/ day, and it doesn't look like it si going to stop.

not suprised, dump it and fast!

> We are not getting complaints (yet), and the ressources seems to be able to 
> cope with the problem without significant problems.

your lucky, we have users who like to email themselves if it doesnt 
arrive within 30 seconds they ring the support desk :)


More information about the MailScanner mailing list