On 05/29/2006 11:59:51 PM, Peter wrote:
I am running 3.8 with postfix and amavisd-new. I have noticed a large
number of postfix disconnections in my logs recently and I'm wondering
whether this is normal or not.
Postfix has a tarpit setting that delays initial SMTP replies
because spammers often just blast ahead without waiting for
replies, or won't wait for a reply and will just disconnect.
This may be what you're seeing. Certainly longer connections
are going to result in more state in the state table.
I've not paid attention to the postfix logs in a while,
but I don't seem to have any "lost CONNECTION" messages
now.
In the last month or so there was a posting on this list
that described how state will go bad if your rules don't
catch the start of the tcp connection. You might want
to try adding "flags S/SA keep state" to your pf rules
to make sure that you've no problems on that front.
I'd expect it not to make a difference, unless you're
not catching the beginning of the connection in which
case the further restriction will block the problem
connections entirely. Then at least you'll have something
to look at.
Regards,
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
