I found this in "man iptables-extensions" <BEGIN QUOTE> Examples:
# allow 2 telnet connections per client host iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT <END QUOTE> It could be adapted to offer basic DoS protection for postfix. Unfortunately my MXhost does not have the extension module :-( Allen C