How can MailScanner "push back"?
Leland J. Steinke
steinkel at pa.net
Thu Aug 23 18:51:21 IST 2007
Has anybody set up a scheme where MailScanner tells the MTA to stop or
slow message acceptance, short of blocking inbound port 25, when message
scanning gets too far behind?
We use postfix (so I will try not to reply to my own message). I have
been playing with the idea of tuning the number of inbound smtpd
processes in master.cf to match the capacity of the MailScanner instance
running on the underlying hardware. The initial results are not
particularly encouraging. Even with in-house RBLs and reduced
spam-score thresholds for RBL addition, some of our servers are being
overrun with apparent StormWorm emails from IPs all over the map,
reducing the RBL's effectiveness.
As another way to slow the onslaught in postfix, I added extra client
and HELO restrictions, adding reject_unknown_client and
reject_unknown_hostname to smtpd_{client,helo}_restrictions,
respectively. It looks like the HELO restriction is blocking almost as
much legitimate mail as illegitimate.
Leland
More information about the MailScanner
mailing list