I installed chkuser beside simscan and some other updates on a high-volume
Due to the fact that simscan / clamav needs quite a lot of memory and CPU, I
am looking to optimize the whole system.
After intensive logging I found out, that chkuser sends something like "You
are violating my security policy" when CHKUSERRCPTLIMIT and / or
CHKUSER_WRONGRCPTLIMIT is reached.
That's fine so far, but the other side is still sending masses of "rcpt to".
This causes qmail-smtpd to stay open for a very long time until the sender
finishes sending his spam.
Wouldn't it make sense to let chkuser terminatie this specific qmail-smtpd
instance if one of the above limits is reached?
If yes, how could it be implemented?
Btw: Using RBL's is no solution because most of these sessions are coming from
well-known (good) ISP's.
Greetings from Switzerland