Hi,
some months ago we switch from rblsmtpd to spamdyke in order to have
more info in the log about blocked IP. But after switch to spamdyke the
number of concurrency incoming SMTP sessions was increased about 10 time.
This because with rblsmtpd we set a timeout of 10 seconds and spamdyke
have a global timeout that we set at 180 seconds (idle-timeout-secs). So
when an IP in blacklist connects to our MX it grabs a qmail-smtpd
process for 180 seconds instead of 10.
Increasing the number of /var/qmail/control/concurrencyincoming is not a
solution because we expose our cluster to receive a number of sessions
that we could be unable to manage.
Can spamdyke close a connections with IP in blacklist after a time
shorter than idle-timeout-secs?
Here an example of timeout:
with spamdyke
$ time telnet mx01.mail.net 25
Trying 192.168.1.135...
Connected to mx01.mail.net.
Escape character is '^]'.
220 mx01.mail.net ESMTP
helo ciao.com
250 mx01.mail.net
MAIL FROM: ales...@ciao.it
250 Refused. Your IP address is listed in the RBL at www.spamhaus.org:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
RCPT TO: ales...@ciao.com
554 Refused. Your IP address is listed in the RBL at www.spamhaus.org:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
[ here we should close the connection ]
DATA
554 Refused. Your IP address is listed in the RBL at www.spamhaus.org:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
421 Timeout. Talk faster next time.
Connection closed by foreign host.
real 3m46.105s
user 0m0.000s
sys 0m0.000s
with rblsmtpd:
$ time telnet mx01.mail.net 25
Trying 192.168.1.135...
Connected to mx01.mail.net.
Escape character is '^]'.
220 rblsmtpd.local
Connection closed by foreign host.
real 0m10.389s
user 0m0.000s
sys 0m0.000s
Thanks
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
