Danilo Paffi Monteiro:
> I think that the question is about the total connection lifetime.
>
> Is there any way to limit the connection lifetime?
No. This would prevent delivery of large messages over slow connections.
However, Postfix 2.5 has an option to change SMTP server timeouts
when all server ports are busy. This is on by default in Postfix
2.6, and available as a patch for Postfix 2.3 and 2.4.
> Imagine one random connection source with very slow interaction with
> postfix (example: writing letter by letter in the socket), with this
> (example a virus) you can use all connections available for the MX.
They don't have to write very slow to achieve that.
Wietse
> --
> Danilo Paffi Monteiro
>
> 2009/4/7 Noel Jones <njo...@megan.vbhcs.org>:
> > Alexandre Carlim wrote:
> >>
> >> My question was, how is the best way to manage the time of smtpd
> >> executation. How can i ?prevents malicious connections. For exemple , if i
> >> do this:
> >>
> >> ""
> >> #!/usr/bin/expect -f
> >>
> >> spawn telnet $argv 25
> >>
> >> expect "220"
> >>
> >> send "helo localhost .\r"
> >>
> >> expect "250.*"
> >>
> >> send "mail from:<u...@gmail.comr>\r"
> >>
> >> expect "250.*"
> >>
> >> set i 1
> >>
> >> while { $i < 50 } {
> >>
> >> ? ?send "rcpt to:<u...@gmail.com <mailto:u...@gmail.com>>\r"
> >>
> >> ? ?expect "250.*"
> >>
> >> ? ?sleep 50
> >>
> >> }
> >>
> >> ""
> >>
> >> I can ?occupy a processes of smtpd for a long time, only checking
> >> recipients. There is another way to control this, What i can do is only
> >> tunning this settings ?
> >>
> >>
> >> smtp_rcpt_timeout,
> >> smtp_connect_timeout,
> >> smtp_data_init_timeout,
> >> smtp_data_done_timeout,
> >> smtp_mail_timeout
> >>
> >
> > smtp_*_timeout parameters used when postfix is sending mail.
> >
> > You can adjust the smtpd_timeout for when postfix is receiving mail. ?Note
> > all the timeout parameters are for how long a client can pause without
> > sending data, not the total connection lifetime.
> > http://www.postfix.org/postconf.5.html#smtpd_timeout
> >
> > ?-- Noel Jones
> >
>
>
