msmilter connect timeouts.
Mark Sapiro
mark at msapiro.net
Fri Nov 9 02:23:21 UTC 2018
To recap, with
Milter Max Children = 1
I was seeing messages like:
Nov 8 04:21:32 sbh16 postfix/smtpd[5059]: warning: milter
inet:127.0.0.1:33333: can't read SMFIC_OPTNEG reply packet header:
Connection reset by peer
Nov 8 04:21:32 sbh16 postfix/smtpd[5059]: warning: milter
inet:127.0.0.1:33333: read error in initial handshake
and
Nov 8 04:21:51 sbh16 postfix/smtpd[5064]: warning: milter
inet:127.0.0.1:33333: can't read SMFIC_OPTNEG reply packet header:
Connection timed out
Nov 8 04:21:51 sbh16 postfix/smtpd[5064]: warning: milter
inet:127.0.0.1:33333: read error in initial handshake
in my mail.log. I increased the setting to
Milter Max Children = 10
and that seemed to eliminate the problem.
However, this morning I was hit by a mass spam attack resulting in 73 of
these connects
Nov 8 04:21:26 sbh16 postfix/smtpd[5028]: connect from
unknown[46.229.220.205]
within 14 seconds and 3 of these produced the "Connection reset by peer"
message and 39 produced the "Connection timed out" message for a total
of 42 "read errors".
I wonder if setting smtpd_client_connection_count_limit in Postfix to a
smaller value, maybe even 10, would avoid this.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the MailScanner
mailing list