Daniel Ryslink:
> Hello,
>
> I am trying to set rate limits on our smtp relays to prevent abusive
> (compromised) user hosts from flooding the service with fast, intensive mail
> floods.
>
> I have used the following directives (I can post whole main.cf, but I don't
> think it's necessary):
>
> smtpd_recipient_limit = 100
> smtpd_error_sleep_time = 5
> smtpd_client_recipient_rate_limit = 60
> smtpd_client_connection_rate_limit = 30
> smtpd_client_message_rate_limit = 100
> smtpd_soft_error_limit = 10
> smtpd_hard_error_limit = 20
> anvil_rate_time_unit = 300
According to the instructions in the mailing list welcome message,
send postconf -n output instead of cut-and-paste.
> However, these limits do not seem to apply, I have recently experienced a
> massive flood from a single user that managed to send hundreds of thousands
> of
> mails overnight.
According to the instructions in the mailing list welcome message,
show Postfix LOGGING to demonstrate that the mail actually arrived
via the Postfix SMTP SERVER and not via a PHP script that invokes
the Postfix SENDMAIL command.
Wietse
> I thought that especially limiting the number of recipients to 60 / 5 minutes
> will be quite effective against spam floods, but the anvil is probably
> working
> in a different way than I thought, please advice.
>
> Thank you kindly in advance.
>
> Best regards
> Daniel Ryslink
>
>
