Hi,
I'm looking for a good solution to make my postfix server operate faster.
My setup is Postfix + Policyd-weight + fail2ban, but nothing helps under
heavy load, and the problem is not with the server performance (CPU load
is not so high, about 30%), the problem is in the number of
smtp connections to port 25 - it's about 400-600 and "normal" users just
can't get through and connect to the server to send their mail (they get
"server timeout").
Policyd-weight filteres such connections, but it doesn't drop them -
seems like it holds them open for some time and gives penality for each
mail send attempt, closing them only after N retries.
Is it possible to drop such too fast reconnections from same IPs using
Postfix or maybe iptables?
Or, maybe there is another way?