On Fri, Feb 06, 2009 at 01:37:41PM -0500, Wietse Venema wrote:
> smtpd_timeout = ${stress?10s}${stress:300s}
> smtpd_hard_error_limit = ${stress?2}${stress:20}
I guess disabling reverse DNS lookups under stress is too drastic. It
would certainly not help folks with "reject_unknown_client", even if
implemented correctly as a "transient" (due to stress) lookup failure.
> Another issue is smtpd_timeout granularity. Currently it is the
> same for all SMTP commands, but some suggested it makes sense to
> distinguish between some of the SMTP stages.
I think I once suggested shorter timeouts outside the mail transaction
(before MAIL FROM or after "."). This would prevent abuse of the MTA
by software with poor connection caching strategies. If we limit it to
just after ".", the shorter timeout could be on by default, even with
no stress. Did not envision short timeouts between "MAIL" and "DATA",
but that was long before "-o stress".
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
