Bill Cole: > On 10 Jan 2012, at 16:56, Dennis Carr wrote: > > If you mean the act of disabling the ability of using a telnet client > > to connect to port 25, you're best not doing this - or, just set any > > session timeouts to something short to prevent manual interaction. > > I hope that is simply an offhand random thought and not something you've > actually done. > > Reducing timeouts to the point where they would seriously interfere with > people doing manual SMTP will almost certainly mean failing to comply > with the SMTP standard and would carry a real risk of blocking > legitimate mail. While it is true that most SMTP transport happens as > fast as the sender can get 2xx responses, it does not always work that > way. Also: when you diverge from the standard for no compelling reason > you will find sympathy with any interop problems to be in short supply.
By default, Postfix plays time limit games only under overload conditions. The timeout settings are: smtpd_per_record_deadline Overload: yes Normal: no smtpd_starttls_timeout Overload: 10s Normal: 300s smtpd_timeout Overload: 10s Normal: 300s The per-record deadline feature (Postfix >= 2.9) changes timeout behavior from "time limit per read operation" to "time limit per command", meaning the entire command must be received within the deadline. Wietse