Daniel Ryslink: > Hello, > > I am trying to set rate limits on our smtp relays to prevent abusive > (compromised) user hosts from flooding the service with fast, intensive mail > floods. > > I have used the following directives (I can post whole main.cf, but I don't > think it's necessary): > > smtpd_recipient_limit = 100 > smtpd_error_sleep_time = 5 > smtpd_client_recipient_rate_limit = 60 > smtpd_client_connection_rate_limit = 30 > smtpd_client_message_rate_limit = 100 > smtpd_soft_error_limit = 10 > smtpd_hard_error_limit = 20 > anvil_rate_time_unit = 300
According to the instructions in the mailing list welcome message, send postconf -n output instead of cut-and-paste. > However, these limits do not seem to apply, I have recently experienced a > massive flood from a single user that managed to send hundreds of thousands > of > mails overnight. According to the instructions in the mailing list welcome message, show Postfix LOGGING to demonstrate that the mail actually arrived via the Postfix SMTP SERVER and not via a PHP script that invokes the Postfix SENDMAIL command. Wietse > I thought that especially limiting the number of recipients to 60 / 5 minutes > will be quite effective against spam floods, but the anvil is probably > working > in a different way than I thought, please advice. > > Thank you kindly in advance. > > Best regards > Daniel Ryslink > >