I run a low volume mail server - about a dozen messages per day. Like you, I have had open relay attacks, and also persistent probes with no messages being sent.
So far, the best answer I have found is to limit simultaneous connections to one per host. My current anti-abuse settings are:- smtpd_error_sleep_time = 2s smtpd_soft_error_limit = 3 smtpd_hard_error_limit = 6 smtpd_junk_command_limit = 2 smtpd_client_connection_count_limit = 1 postscreen_client_connection_count_limit = 1 They allow genuine users an "honest" mistake or two (or a glitch on the connection), but is very hard on bad callers. since implementing the above measures, bad connections have fallen by more than half, and persistent multiple connection attempts have almost stopped. Hope this helps. Allen C On 9/24/2015 3:28 AM, Thomas Keller wrote: > I am using Postfix as personal mailserver, with very light traffic. > > I do, however, get a lot of open-relay attacks. > Often, these attacks come in bursts, tens of attacks within couple of > seconds, from the same IP. > > Would this situation be a good use of "rate_limits" ? > -- View this message in context: http://postfix.1071664.n5.nabble.com/fine-tuning-smtpd-client-rate-limit-tp79587p79980.html Sent from the Postfix Users mailing list archive at Nabble.com.
