Helmut Schneider:
> Am 26.07.2022 um 14:28 schrieb Wietse Venema:
> > Wietse Venema:
> >> Helmut Schneider:
> >> > Error: too many connections from 172.20.16.26
> >>
> >> LOOK IN YOUR LOGS.
> >
> > That will tell you if this is a concurrency or rate limti problem.
> > However, the problem is that your exclusion configuration is broken.
> >
> > You specify a CIDR table, but you failed to tell Postfix
> > that the table is in CIDR format.
> >
> > smtpd_client_event_limit_exceptions = cidr:/path/to/file
>
> $ postmulti -i postfix-in -x postconf
> smtpd_client_connection_limit_exceptions
> smtpd_client_connection_limit_exceptions =
> cidr:/etc/postfix-in/smtpd_client_connection_limit_exceptions
> $ postmulti -i postfix-in -x postconf smtpd_client_event_limit_exceptions
> smtpd_client_event_limit_exceptions =
> cidr:/etc/postfix-in/smtpd_client_event_limit_exceptions
> $
>
> <Relaoded postfix>
> <Flushed queue>
>
> Jul 26 16:30:52 mail02 postfix-out/error[1388996]: 51DF9B70D8E1:
> to=<blabla>, relay=none, delay=32196, delays=32196/0.61/0/0.01,
> dsn=4.7.0, status=deferred (delivery temporarily suspended: host
> mailin[172.20.16.27] refused to talk to me: 421 4.7.0 mail02 Error: too
> many connections from 172.20.16.26)
>
> 172.20.16.26 and 172.20.16.27 are both on the same host so I'm sure I
> fixed the CIDR notation in all config files (thanks for the hint).
Sorry, I misread your original posting.
The behavior is controlled with
smtpd_client_event_limit_exceptions =
cidr:/etc/postfix-in/smtpd_client_event_limit_exceptions
In your smtpd_client_event_limit_exceptions file you have
$ cat /etc/postfix-in/smtpd_client_event_limit_exceptions
$mynetworks
[...]
Postfix does not support $mynetworks substitution in
files other than main.cf or master.cf.
You have to enumerate the address patterns.
Thus:
smtpd_client_event_limit_exceptions =
/etc/postfix-in/smtpd_client_event_limit_exceptions
In smtpd_client_event_limit_exceptions:
127.0.0.0/8 OK
10.0.0.0/8 OK
172.16.0.0/12 OK
192.168.0.0/16 OK
Wietse
