On Thu, Oct 08, 2015 at 02:15:36AM +1100, Voytek wrote:
> I think I've stopped compromised user sending by stopping and restarting
> Postfix, prior to that, I've reloaded Postfix after adding/postmaping
> sasl_access list - that didn't help, only stopping Postfix stopped it
With Berkeley-DB tables, updated tables are only picked up by smtpd
when a client disconnects and a new client connects.
So if a client was hanging on to a single connection and sending
lots of messages back to back without disconnecting, it might be
able to continue despite table changes.
If your smtpd is not chrooted, you might have better luck with CDB,
than Berkeley DB, though I am not sure whether tinycdb (like DJB's
original implementation) detects table file changes and automatically
reopens the table on the fly.
Otherwise, you may be better off with SQL or LDAP tables, which can
change in real time.
> I'm worried that 'there is more' ?
There's nothing more.
--
Viktor.
