Am 07.01.2015 um 22:46 schrieb Wietse Venema:
li...@rhsoft.net:
Hi
are there some data which value is acceptable for
"postscreen_greet_wait" to not end in legit SMTP servers give up and try
again later?
I would not recommend more than the 6-second default. Legitimate
mailing lists may operate with reduced time limits, and if a client
hangs up before postscreen_greet_wait completes, then they will
never be added to the postscreen whitelist, and therefore they will
never get a chance to deliver mail.
hmm - we had now 10 sceonds for around 4 months
the config change was at 22:03:27
see what happens after that in the logs
Jan 7 22:02:14 mail-gw postfix/postscreen[12964]: HANGUP after 1.7 from
[72.46.131.60]:50792 in tests after SMTP handshake
Jan 7 22:02:39 mail-gw postfix/postscreen[12964]: HANGUP after 0.25
from [212.178.231.68]:4764 in tests after SMTP handshake
Jan 7 22:03:32 mail-gw postfix/postscreen[24091]: HANGUP after 0.02
from [37.133.75.151]:50523 in tests after SMTP handshake
Jan 7 22:03:40 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[62.81.35.228]:2316 in tests before SMTP handshake
Jan 7 22:03:42 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[181.135.235.24]:62334 in tests before SMTP handshake
Jan 7 22:03:45 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[177.227.247.188]:56905 in tests before SMTP handshake
Jan 7 22:03:47 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[189.210.83.109]:61984 in tests before SMTP handshake
Jan 7 22:03:52 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[177.44.232.137]:3258 in tests before SMTP handshake
Jan 7 22:03:57 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[190.145.73.125]:2082 in tests before SMTP handshake
Jan 7 22:03:58 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[77.229.146.142]:53130 in tests before SMTP handshake
Jan 7 22:03:59 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[103.230.222.254]:65419 in tests before SMTP handshake
Jan 7 22:04:02 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[68.190.82.102]:1292 in tests before SMTP handshake
Jan 7 22:04:02 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[186.177.165.79]:26934 in tests before SMTP handshake
Jan 7 22:04:09 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[91.142.239.39]:58970 in tests before SMTP handshake
Jan 7 22:04:09 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[190.105.11.33]:51718 in tests before SMTP handshake
Jan 7 22:04:11 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[84.117.84.132]:57652 in tests before SMTP handshake
Jan 7 22:04:16 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[85.185.130.200]:15881 in tests before SMTP handshake
Jan 7 22:04:16 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[46.55.180.30]:62846 in tests before SMTP handshake
Jan 7 22:04:23 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[177.224.47.142]:58340 in tests before SMTP handshake
Jan 7 22:04:24 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[179.26.157.236]:55688 in tests before SMTP handshake
Jan 7 22:04:25 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[190.234.180.62]:15160 in tests before SMTP handshake
Jan 7 22:04:27 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[187.175.118.96]:24833 in tests before SMTP handshake
Jan 7 22:04:29 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[190.50.122.76]:61259 in tests before SMTP handshake
Jan 7 22:04:33 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[201.249.150.185]:22216 in tests before SMTP handshake
Jan 7 22:04:36 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[85.11.184.57]:3806 in tests before SMTP handshake
Jan 7 22:04:36 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[46.115.141.89]:56896 in tests before SMTP handshake
Jan 7 22:04:36 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[207.93.5.242]:57103 in tests before SMTP handshake
Jan 7 22:04:37 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[46.25.158.137]:55404 in tests before SMTP handshake
Jan 7 22:04:40 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[179.8.145.167]:10762 in tests before SMTP handshake
Jan 7 22:04:41 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[59.176.33.96]:18862 in tests before SMTP handshake
Jan 7 22:04:43 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[111.249.240.79]:56872 in tests before SMTP handshake
Jan 7 22:04:46 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[189.197.5.244]:3474 in tests before SMTP handshake
Jan 7 22:04:47 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[81.137.54.144]:35212 in tests before SMTP handshake
Jan 7 22:04:49 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[80.149.55.65]:3499 in tests before SMTP handshake
Jan 7 22:04:51 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[151.29.253.89]:4543 in tests before SMTP handshake
Jan 7 22:04:52 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[95.86.115.18]:55179 in tests before SMTP handshake
Jan 7 22:04:56 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[176.24.153.161]:49954 in tests before SMTP handshake
Jan 7 22:04:57 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[177.70.89.141]:48022 in tests before SMTP handshake
Jan 7 22:04:58 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[216.123.161.253]:7336 in tests before SMTP handshake
Jan 7 22:04:58 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[190.135.199.83]:3241 in tests before SMTP handshake
Jan 7 22:05:00 mail-gw postfix/postscreen[24097]: HANGUP after 11 from
[186.124.26.58]:18383 in tests before SMTP handshake
we see a massive botnet starting with around Dec/27 and daily deliveriy
attempts rasied from 5000 to 50000 - previously i had 10 seconds and 3
in case of stress - after raise it for testing to 20 seconds i see *a
lot * more HANGUP logmessages and so that connections ends in no success
even if they would pass RBL's if the only would wait
cat maillog | grep HANGUP | grep "Jan 7" | wc -l
9883
cat maillog | grep HANGUP | grep "Jan 7 22" | wc -l
599
