bper put forth on 9/20/2010 3:29 PM: > > Hello, > > I have set up a postfix-dovecot server with smtp-auth using sasl by > following this link: > https://help.ubuntu.com/10.04/serverguide/C/postfix.html > > It seems to be working OK. The only thing is that when I view my logs, I see > a lot of 'relaying denied', 'noqueue reject', 'too many errors after rcpt', > and 'disconnect' messages from a lot of unknown domain names and ip > addresses. > > I'm hoping that this means that the server is secure and doing its job > bouncing mail from unauthorized requests. > > *** Is that true?
It's not _bouncing_ mail, it's _REJECTING_ those connections before the mail is sent. This is by design, and is a good thing. > Even if it was true, it has to be slowing down the server receiving so many > unauthorized requests. Define "slowing down" in relative terms. The lowest end cheapest servers shipping today can reject hundreds of these connections _per second_ or millions per day without breaking a sweat. Actually accepting and queuing mail for delivery can bog an undersized server down under heavy load, but you'll never run into a problem with spam rejection bogging down a server--unless you've done something stupid and allow unlimited concurrent connections. In that case, if someone decided to DDOS you with zombie spam, you could run out of memory. Postfix is configured by default with 100 concurrent connections, IIRC, so even with as little as 512MB of RAM (or less depending on your Postfix restrictions/tables/etc) you aren't susceptible to this. > *** Is there a way to avoid this or is this just a function of life in the > world of email spam? Would a spam filter like Spamassasin help this type of > issue? Lol. This _is_ rudimentary spam filtering. That's what those log entries are telling you. Do you not understand them because they don't say "blocked spam"? heheh. If you install SA to do the same thing, the load on your server will _increase_. If you can reject spam connections with Postfix _before_ invoking a content filter, you decrease server load dramatically. Welcome to mail server operations 101. :) You've got a lot to learn, but there's time. The internet isn't going away tomorrow. Stick around and read all the posts. You can learn quite a bit. -- Stan
