Alexey V Paramonov:
> Hi,
> I'm looking for a good solution to make my postfix server operate faster.
> My setup is Postfix + Policyd-weight + fail2ban, but nothing helps under
> heavy load, and the problem is not with the server performance (CPU load
> is not so high, about 30%), the problem is in the number of
> smtp connections to port 25 - it's about 400-600 and "normal" users just
> can't get through and connect to the server to send their mail (they get
> "server timeout").
> Policyd-weight filteres such connections, but it doesn't drop them -
> seems like it holds them open for some time and gives penality for each
> mail send attempt, closing them only after N retries.
> Is it possible to drop such too fast reconnections from same IPs using
> Postfix or maybe iptables?
> Or, maybe there is another way?
Use an SMTP reply code of "421" to force Postfix to disconnect.
(with Postfix 2.6, reply code "521" will work too).
Wietse
