Bill Cole:
> On 10 Jan 2012, at 16:56, Dennis Carr wrote:
> > If you mean the act of disabling the ability of using a telnet client
> > to connect to port 25, you're best not doing this - or, just set any
> > session timeouts to something short to prevent manual interaction.
>
> I hope that is simply an offhand random thought and not something you've
> actually done.
>
> Reducing timeouts to the point where they would seriously interfere with
> people doing manual SMTP will almost certainly mean failing to comply
> with the SMTP standard and would carry a real risk of blocking
> legitimate mail. While it is true that most SMTP transport happens as
> fast as the sender can get 2xx responses, it does not always work that
> way. Also: when you diverge from the standard for no compelling reason
> you will find sympathy with any interop problems to be in short supply.
By default, Postfix plays time limit games only under overload conditions.
The timeout settings are:
smtpd_per_record_deadline Overload: yes Normal: no
smtpd_starttls_timeout Overload: 10s Normal: 300s
smtpd_timeout Overload: 10s Normal: 300s
The per-record deadline feature (Postfix >= 2.9) changes timeout
behavior from "time limit per read operation" to "time limit per
command", meaning the entire command must be received within the
deadline.
Wietse
