How can MailScanner "push back"?

Michael Huntley michael at huntley.net
Thu Aug 23 19:53:13 IST 2007


Greylisting stopped a terrible mail storm on our system. 

http://postgrey.schweikert.ch/

Cheers!

Michael

vinum vesco valens viscus



Leland J. Steinke wrote:
> Has anybody set up a scheme where MailScanner tells the MTA to stop or
> slow message acceptance, short of blocking inbound port 25, when
> message scanning gets too far behind?
>
> We use postfix (so I will try not to reply to my own message).  I have
> been playing with the idea of tuning the number of inbound smtpd
> processes in master.cf to match the capacity of the MailScanner
> instance running on the underlying hardware.  The initial results are
> not particularly encouraging.  Even with in-house RBLs and reduced
> spam-score thresholds for RBL addition, some of our servers are being
> overrun with apparent StormWorm emails from IPs all over the map,
> reducing the RBL's effectiveness.
>
> As another way to slow the onslaught in postfix, I added extra client
> and HELO restrictions, adding reject_unknown_client and
> reject_unknown_hostname to smtpd_{client,helo}_restrictions,
> respectively.  It looks like the HELO restriction is blocking almost
> as much legitimate mail as illegitimate.
>
>
> Leland


More information about the MailScanner mailing list