Re: How to limit max trying helo or ehlo times to mail server?

Fri, 21 Oct 2016 18:29:26 -0700 

OK, I found 
http://www.postfix.org/postconf.5.html#smtpd_client_connection_count_limit



The default value is 50.



So it seems no need to modify anything after reading Noel Jones's analyzation.



Thanks.




---- On 星期五, 21 十月 2016 11:51:50 -0700Noel Jones <[email protected]> 
wrote ----




On 10/21/2016 1:13 PM, vod vos wrote: 

> Hi guys, 

> 

> When I reviewed the mail.log, it showed a IP was trying to test if 

> relay was open or not. However, the times were too many. 

> 

> * 

> What is the max limited times of postfix defaultly defined? 

> 

 

See the STRESS_README document. 

http://www.postfix.org/STRESS_README.html 

 

 

> 

> * 

> And how to modify it or how to set helo/ehlo restriction? 

> 

> 

> Thanks. 

> 

> Here is the log: 

 

Many unrelated entries snipped. 

 

 

 

> 

> Oct 19 22:21:34 mail postfix/smtpd[1796]: connect from 

> unknown[61.145.214.178] 

 

client connects. 

 

 

> Oct 19 22:21:42 mail postfix/smtpd[1796]: NOQUEUE: reject: RCPT from 

> unknown[61.145.214.178]: 554 5.7.1 <[email protected]>: 

> Relay access denied; from=<[email protected]> 

> to=<[email protected]> proto=ESMTP 
helo=<XL-20160621FCVQ> 

 

Client attempts unauthorized relay, postfix rejects it. 

 

> 

> 

> Oct 19 22:21:42 mail postfix/smtpd[1796]: NOQUEUE: reject: RCPT from 

> unknown[61.145.214.178]: 554 5.7.1 <[email protected]>: 

> Relay access denied; from=<[email protected]> 

> to=<[email protected]> proto=ESMTP 
helo=<XL-20160621FCVQ> 

 

(other Relay attempts snipped) 

 

> 

> Oct 19 22:22:05 mail postfix/smtpd[1796]: improper command 

> pipelining after DATA from unknown[61.145.214.178]: 

 

client talks out of turn, then tries some more unauthorized relays. 

... 

 

> Oct 19 22:22:29 mail postfix/smtpd[1796]: too many errors after DATA from 
unknown[61.145.214.178] 

 

postfix hangs up on the bad client. 

 

> 

> 

> Oct 19 22:22:29 mail postfix/smtpd[1796]: disconnect from 
unknown[61.145.214.178] ehlo=1 mail=10 rcpt=0/10 data=0/10 rset=10 
commands=21/41 

 

Client tried 10 recipients, 0 were accepted; all were unauthorized 

relay attempts. After the 10th attempt, postfix disconnected. 

 

 

Looks as if postfix is working just fine. Nothing more to do here. 

 

 

 

 -- Noel Jones

Reply via email to