Am Dienstag, 29. MÃrz 2005 18:37 schrieb Jeremy Kitchen:
> On Tuesday 29 March 2005 10:31 am, Tobias Orlamuende wrote:
> > After intensive logging I found out, that chkuser sends something like
> > "You are violating my security policy" when CHKUSERRCPTLIMIT and / or
> > CHKUSER_WRONGRCPTLIMIT is reached.
> > That's fine so far, but the other side is still sending masses of "rcpt
> > to". This causes qmail-smtpd to stay open for a very long time until the
> > sender finishes sending his spam.
> so? the resources consumed by a single copy of qmail-smtpd hanging around
> for some spammer to give up are minimal.
IMHO not :-(
qmail-smtpd is running for 40 minutes and counts up (until now) to 105
processes where the oldest one dates from one minute after startup of
qmail-smtpd. Load of this Dueal-Opteron (240) is about 100.
Timeoutsmtpd is set in control...
Most of the started qmail-smtpd's are closed correctly, but some stay open
which gives this amount...
I am not 100% sure if this problem is caused by chkuser, but for me it looks
like. The strange thing is, that most of these open sessions are using
Btw: Anybody made bad experiences with this patch ?
I started with Bill Shupp's tls-auth-patch but the loead was even going much
higher than now.
> > Wouldn't it make sense to let chkuser terminatie this specific
> > qmail-smtpd instance if one of the above limits is reached?
> perhaps, but why?
> > If yes, how could it be implemented?
> just edit the code. Find the place where it flips on the "ok, we're not
> accepting anymore" limit... and have it exit.
Nice. But for me as somebody who has nearly no knowledge of C it is quite
Maybe you, Jeremy, or somebody else on this list has any hints for the above