Hello,
Depending on the volume of mail, you might want to consider having a
pool of outbound servers with a DNS round-robin, along with a dedicated
fallback server that only handles bounces. So that your primary queues
are only handling active deliveries, and your fallback just handles the
bounces/delayed messages.
Matthew
Wietse Venema wrote:
Jonathan S?lea:
Good evening,
I am in the process of setting up a smtp-relay for a hosting provider.
Basically, the relay should relay emails from hundreds of servers out to
the net. I do want some "protection" against if a website is hacked and
starts to spew out thousands of emails.
For example:
www.siteA.xyz on ServerY is hacked and someone is using mail() in order
to send hundreds of thousands email via localhost - that is relayed to
the smtp relay (that only accepts mail from internal servers). And
instead of relaying them out to the web it does stop thoose kind of email.
Is that possible? Can postfix just dump the emails "down the drain"
instead of sending them? And can that be triggered if ServerY sends 100
emails in 10 seconds for example.
You can use postfwd (www.postfwd.org) to enforce rate limits
on many SMTP properties (client, sender, recipient, ...).
I hope my problem is easy to understand :)
Quite clear. Thanks for being a good network citizen.
Wietse
