Robert Schetterer:
> ---snip
[bunch of end-user IP addresses]
> Dec 7 19:41:34 mail02 postfix/smtpd[8315]: lost connection after
> STARTTLS from host-111-184-248-207.dynamic.kbtelecom.net[111.184.248.207]
> --snipend
>
> anyone else with this ?
> what might best to do , configure postscreen etc ?
If it ties up your SMTP daemons, postscreen can deal with them,
but for this you need to turn on an "after-220-greeting" test, for
example
postscreen_pipelining_enable = yes
And perhaps:
postscreen_pipelining_action = ignore
Every 30 days by default, an SMTP client will spend one SMTP session
just to renew its whitelist status, and gets 4xx replies for attempts
to deliver mail (see postscreen_pipelining_ttl parameter documentation).
The next time the client connects, it will be allowed to deliver mail.
You'd need to use memcache if you want to share the postscreen
whitelist among multiple MTAs.
Wietse
