I think that the question is about the total connection lifetime.
Is there any way to limit the connection lifetime?
Imagine one random connection source with very slow interaction with
postfix (example: writing letter by letter in the socket), with this
(example a virus) you can use all connections available for the MX.
--
Danilo Paffi Monteiro
2009/4/7 Noel Jones <njo...@megan.vbhcs.org>:
> Alexandre Carlim wrote:
>>
>> My question was, how is the best way to manage the time of smtpd
>> executation. How can i prevents malicious connections. For exemple , if i
>> do this:
>>
>> ""
>> #!/usr/bin/expect -f
>>
>> spawn telnet $argv 25
>>
>> expect "220"
>>
>> send "helo localhost .\r"
>>
>> expect "250.*"
>>
>> send "mail from:<u...@gmail.comr>\r"
>>
>> expect "250.*"
>>
>> set i 1
>>
>> while { $i < 50 } {
>>
>> send "rcpt to:<u...@gmail.com <mailto:u...@gmail.com>>\r"
>>
>> expect "250.*"
>>
>> sleep 50
>>
>> }
>>
>> ""
>>
>> I can occupy a processes of smtpd for a long time, only checking
>> recipients. There is another way to control this, What i can do is only
>> tunning this settings ?
>>
>>
>> smtp_rcpt_timeout,
>> smtp_connect_timeout,
>> smtp_data_init_timeout,
>> smtp_data_done_timeout,
>> smtp_mail_timeout
>>
>
> smtp_*_timeout parameters used when postfix is sending mail.
>
> You can adjust the smtpd_timeout for when postfix is receiving mail. Note
> all the timeout parameters are for how long a client can pause without
> sending data, not the total connection lifetime.
> http://www.postfix.org/postconf.5.html#smtpd_timeout
>
> -- Noel Jones
>
