How can MailScanner "push back"?
Michael Huntley
michael at huntley.net
Thu Aug 23 19:53:13 IST 2007
Greylisting stopped a terrible mail storm on our system.
http://postgrey.schweikert.ch/
Cheers!
Michael
vinum vesco valens viscus
Leland J. Steinke wrote:
> Has anybody set up a scheme where MailScanner tells the MTA to stop or
> slow message acceptance, short of blocking inbound port 25, when
> message scanning gets too far behind?
>
> We use postfix (so I will try not to reply to my own message). I have
> been playing with the idea of tuning the number of inbound smtpd
> processes in master.cf to match the capacity of the MailScanner
> instance running on the underlying hardware. The initial results are
> not particularly encouraging. Even with in-house RBLs and reduced
> spam-score thresholds for RBL addition, some of our servers are being
> overrun with apparent StormWorm emails from IPs all over the map,
> reducing the RBL's effectiveness.
>
> As another way to slow the onslaught in postfix, I added extra client
> and HELO restrictions, adding reject_unknown_client and
> reject_unknown_hostname to smtpd_{client,helo}_restrictions,
> respectively. It looks like the HELO restriction is blocking almost
> as much legitimate mail as illegitimate.
>
>
> Leland
More information about the MailScanner
mailing list