Charles Marcus: > > We are set up for performance with VRFY probes and by modifying > > your postfix config file so postfix will not nave a performance > > issue by setting postfix option smtpd_soft_error_limit to be larger > > than smtpd_hard_error_limit.
That is nonsense, as demonstrated below: # postconf smtpd_hard_error_limit=1 smtpd_soft_error_limit=2 # postfix reload # telnet 127.0.0.1 smtp Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 hades.porcupine.org ESMTP Postfix hello foo 502 5.5.2 Error: command not recognized 421 4.7.0 hades.porcupine.org Error: too many errors Connection closed by foreign host. These people never tested this recommendation, just like they never tested their software against Postfix or else they would have been aware of the smtpd_junk_command_limit feature. It should be safe to dumb down Postfix defenses, provided that no-one else can connect to your SMTP server. However given the poor quality assurance with respect to Postfix, I would be suspicious about the quality assurance of their code. Wietse