Thank you very much! you explaining very well! I will close my eyes in this
case.

Thanks very much again!
-Motty

On Fri, Dec 21, 2012 at 10:07 AM, Noel Jones <njo...@megan.vbhcs.org> wrote:

> On 12/21/2012 11:25 AM, motty cruz wrote:
> > Hello,
> > I have the following in my configuration but does not seem to make
> > any difference on the connection errors I see in the logs
> >
> > smtpd_error_sleep_time=1h
>
> The above is a good way to DoS yourself.  Error sleep time should be
> 0s or 1s, never more than a few seconds.  This has nothing to do
> with your log snippet below.
>
> > smtpd_soft_error_limit=10
> > smtpd_hard_error_limit=20
>
>
> Those are OK, but have nothing to do with your log snippet below.
>
>
> >
> >
> > log:
> > Dec 21 09:22:53 mas postfix/smtpd[23941]: connect from
> > unknown[186.81.31.93]
> > Dec 21 09:22:54 mas postfix/smtpd[23941]: NOQUEUE: reject: RCPT from
> > unknown[186.81.31.93]: 554 5.7.1 Client host rejected: cannot find
> > your hostname, [186.81.31.93]; from=<kg....@lincoln.com
> > <mailto:kg....@lincoln.com>> to=<jason_grif...@sscsinc.com
> > <mailto:jason_grif...@sscsinc.com>> proto=SMTP helo=<lincoln.com
> > <http://lincoln.com>>
> > Dec 21 09:22:54 mas postfix/smtpd[23941]: lost connection after RCPT
> > from unknown[186.81.31.93]
> > Dec 21 09:22:54 mas postfix/smtpd[23941]: disconnect from
> > unknown[186.81.31.93]
> >
> > it's been going for about an hour and it does not stop, any idea?
>
> It's unclear what you want to stop.  The above client was rejected
> with the "reject_unknown_client_hostname" restriction.  The
> rejection is correct as the client hostname does not have a matching
> A record. (name->address mapping failed).
> http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname
>
> The client is also listed on several RBLs.  If your intention is to
> stop seeing rejections from this client in your logs, either close
> your eyes, or firewall the IP.  Unless you're getting enough
> connections from this client to constitute a DoS attack, it's not
> bothering postfix in the least, and not accepting any mail from the
> offending client.
>
> If your intention is to temporarily block a persistent spammer, use
> fail2ban.
>
>
>
>   -- Noel Jones
>

Reply via email to