On Fri, 2005-02-25 at 16:43 -0600, -ray wrote: > On Fri, 25 Feb 2005, Matthew S. Cramer wrote: > > > I implemented months ago and slowly increased the pause up to > > 1250 ms. I wanted to avoid any false positives (I have had none) and > > found that any further increase in the pause doesn't substantially > > increase the amount of rejections. > > > > We hit about 125,000-150,000 rejections due to the pause, per month. > > I upgraded sendmail last night and started with a greet_pause of 5 > seconds. I think a legit mailserver can wait 5 seconds for the > 220...sometimes dns takes longer than that! The biggest pain is my access > map is in LDAP so i had to remember howto create ldap objects, haha. > > I also added ConnControl limit of 15. I don't think there's a legit > reason for any one host to open more than 15 tcp connections. Comments? > > ray
Those numbers are about in line with what we use (we see about 2-3 million email delivery attempts or so per day) Default greet_pause of 5000 ms ClientConn: 10 ClientRate: 15 Generally these work nice and cause no problems with legitimate mail delivery. We have exceptions to the list for certain ips of course .... Sven _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
