Le 7 sept. 07 à 18:03, Benny Pedersen a écrit :
On Fri, September 7, 2007 10:46, Xavier Beaudouin wrote:Hum. Anvil on postfix is a very good idea to avoid too mutch ressourcesHow many concurrent smtpd processes do you have on your MX?Up to 1.5k per MX in peak during bot attacks.utilization.there needs to be limit on smtpd_policy.* in postfixif one session got 10000 recpients, postfix call policyd 10000 times, one prrecipient remember this when limit is problem :-)
Allowing unlimited recipients per sessions is quite stupid and helps a lots dictionnaries attacks.
On my systems, I limit multi recipients to a max of 100 per smtp session.
And... smtp errors / warning to 5... /Xavier
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ policyd-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/policyd-users
