> As some of your probably know, qmail sends a lot of mail at a > time and does not do connection caching, so it'll just hit > the box with 15 or so mails at > a time if the mail is destined for that specific host.
> Does anyone have some good tuning tips? Yes: I've run into similar problems with hosts that try to open literally hundereds of concurrent connections. If you happen to be running linux there's an iptables module that can be VERY helpful here: CONFIG_IP_NF_MATCH_CONNLIMIT: This match allows you to restrict the number of parallel TCP connections to a server per client IP address (or address block). This allows you to limit each server to, say, 5 concurrent connections, so you only affect the servers trying many concurrent connections while still allowing connections from other hosts. Here's the command line used on my server for max 10 connections per server: iptables -N log_reject iptables -A log_reject -m limit --limit 5/m -j LOG iptables -A log_reject -j REJECT iptables -A INPUT -p tcp --syn --dport smtp -m connlimit --connlimit-above 10 -j log_reject Bye, Martin _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
