How can MailScanner "push back"?

Leland J. Steinke steinkel at pa.net
Thu Aug 23 18:51:21 IST 2007


Has anybody set up a scheme where MailScanner tells the MTA to stop or 
slow message acceptance, short of blocking inbound port 25, when message 
scanning gets too far behind?

We use postfix (so I will try not to reply to my own message).  I have 
been playing with the idea of tuning the number of inbound smtpd 
processes in master.cf to match the capacity of the MailScanner instance 
running on the underlying hardware.  The initial results are not 
particularly encouraging.  Even with in-house RBLs and reduced 
spam-score thresholds for RBL addition, some of our servers are being 
overrun with apparent StormWorm emails from IPs all over the map, 
reducing the RBL's effectiveness.

As another way to slow the onslaught in postfix, I added extra client 
and HELO restrictions, adding reject_unknown_client and 
reject_unknown_hostname to smtpd_{client,helo}_restrictions, 
respectively.  It looks like the HELO restriction is blocking almost as 
much legitimate mail as illegitimate.


Leland


More information about the MailScanner mailing list