Quoting Rajkumar S <[EMAIL PROTECTED]>: > Hi, > > Does any one seeing increasing smtp concurrency for the past couple of > weeks? I run couple of (qmail/simscan/spamassassin) mail servers and > all experience the same problem. The spam does not increase, but this > is hogging my mail servers. Probably a new crop of spamming tools? > > I am attaching one qmail-mtrg graph that shows the problem. > > http://img403.imageshack.us/img403/2224/smtpmonthyq4.png > > raj >
Some botnets are starting to hold mail connections open for much longer after getting a 5xxx blacklist response. Reason is unknown; could be coding errors or deliberate. Many people are changing their smtpd timeouts form the RFC 300 seconds down to 45 seconds: http://blogs.msdn.com/tzink/archive/2007/09/01/new-spamming-tactic.aspx Here's the postfix for it: ## to deal with botnets not hanging up # Drop default from RFC limit of 300s to 45s # smtpd_timeout = 45s Some people are even using 10 seconds, which seems short to me. The RFC requires 300 seconds. Jeff C.