Hi folks, I installed chkuser beside simscan and some other updates on a high-volume mailserver. Due to the fact that simscan / clamav needs quite a lot of memory and CPU, I am looking to optimize the whole system. After intensive logging I found out, that chkuser sends something like "You are violating my security policy" when CHKUSERRCPTLIMIT and / or CHKUSER_WRONGRCPTLIMIT is reached. That's fine so far, but the other side is still sending masses of "rcpt to". This causes qmail-smtpd to stay open for a very long time until the sender finishes sending his spam.
Wouldn't it make sense to let chkuser terminatie this specific qmail-smtpd instance if one of the above limits is reached? If yes, how could it be implemented? Btw: Using RBL's is no solution because most of these sessions are coming from well-known (good) ISP's. Greetings from Switzerland Tobias