On Mon, Feb 25, 2013 at 10:30:41AM +0000, Peter S?rensen wrote: > Currently we have a lot of attacks on Our gateway system serving > up to 200 smtpd On each server. We have 3 servers which add up to > max 600 concurrent smtpd processes. > > I would like to reserve let's say 50 smtpd on each server to just > handle outgoing mail. > > Is that possible ?
No, this is not a Postfix limitation, it is a logical impossibility, the SMTP server does not know which mail is "outgoing" and which is "incoming" until it has accepted the connection and started the SMTP transaction with the client, by which point it is no longer "reserved". This said you are free to implement separate TCP (ip:port) endpoints for different service levels, and if necessary even restrict access to some of them via firewall rules or and/or network prefixes that are only routable internally to your organization. Consider http://www.postfix.org/MULTI_INSTANCE_README.html as a best practice approach for supporting separate mail flows on a single Postfix server. -- Viktor.
