I have a few questions along the same lines.. I have tcp server set to
limit to 900 as indicated below. However I've had several sites in the
past month who send mail with stray linfeeds..it's becomming alot more
common lately unfortunately. But the problem I have is qmail kills the
connection with code 256, as expected. Their end immediately retries
with no delay. I see a volume from one site alone of 36 attempts per
second, with as much as 2,200 simultaneous connections to my smtp port
from the site. It takes my mail server to it's knees, the queue builds
up and no mail is processed until I block the site via tcp.smtp. This is
then essentially a dos attack is it not? The server btw is a intel
pII/300 with 256mb ram, qmail 1.03 with vpopmail and about 12k pop
accounts covering 125 domains. Maildirs are mounted via nfs from a
metastor raid array and queue is on a seperate scsi-2 drive from the OS
(FreeBSD 3.4 stable).
Is this a problem other people are having? I've scanned the lists
concerning the stray linefeed problems and not found anything quite
describing it the way it's happening to me. I end up contacting a more
often than not clueless isp or company who is sending the message thats
causing the overload. Usually I leave them blocked till the message
expires in their queue. As a result, I have 9 sites now blocked in this
manner. Is there a better way to handle this or is it a configuration
problem on my server that causes the severe overload?
--
Stephen Comoletti
Systems Administrator
Delanet, Inc. http://www.delanet.com
ph: (302) 326-5800 fax: (302) 326-5802
"Mullen, Patrick" wrote:
> > Would it be possible to lmit the number of spawns that
> > tcpserver can make from one ip address concurrently to
> > preven one ip spawning up to the limit of concurrent daemons
> > and denying access to that daemon? I can't think
> > of a way to do it from what i've read of the docs but it
>
> I don't know about the "one-ip" part, but tcpserver DOES
> have a limit on the number of concurrent processes. I
> think it's the "-c" switch. `man tcpserver` is quite
> informative.
>
> ~Patrick
