Chris Adams <[email protected]> wrote: > We have multiple SMTP servers and multiple policyd servers (all VMs). > We had a compromised user sending a high volume of spam this morning > from a bunch of different IPs (standard spammer behavior). The user > falls under our default policy of 50 messages per 30 minutes, but they > were able to send thousands of messages this morning without hitting the > limit. > > The problem appears to be that cbpolicyd didn't properly track the > quota. I see messages in the log that show the quota being incremented > and then jumping back to 1 rapidly (all in a second or two).
So I guess you have an instance of Postfix plus an instance of PolicyD per server. How are they sharing a database ? Is the database also distributed, or do they access one shared instance ? And how many servers are involved ? _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
