There is no protection you can add to prevent this
fair enuf
other than firewalling them completely.
the wishful-thinking of fw'ing MS's entire ASN has crossed my mind more than once ;-)
Why do they do this? Only they know.
if they do, they certainly don't respond to @support/etc inquiries
Maybe they don't like something about the cipher used, but that seems unlikely since the session seems to be established normally. Maybe they have a message bigger than your announced SIZE=, but that shouldn't result in repeated connections. Maybe they just have something stuck in their queue. At any rate, nothing you can do about any of this.
fwiw, here 250-SIZE 104857600 i'd expect (well, hope) that all the outlook.com servers were config'd similarly. if they are, then i wouldn't expect to see _any_ *.outlook.com traffic; i do. tho, atm, the good/bad ratio is dropping like a stone.
I guess twiddle the TLS knobs (or use the defaults) to maybe get them to use a different cipher, but that's just a shot in the dark and frankly I'd be surprised if it helped.
i've already dropped back to defaults. no change in behavior. i was wondering if there was something to _add_; sounds like a likely no.
What should you do? Just ignore it. Unless it gets to the DDOS point, even thousands of short-lived ghost connections won't stress postfix or interfere with other mail.
point taken. i certainly haven't noticed any related load blips as a result.
The biggest annoyance is junking up the logs.
+1
You could try to catch a tcp dump of one of the offending connections, but I expect that will look perfectly normal from your end.
as far as i recognize 'normal', vs typical, that's been the case; i'll poke again, but TBH, not really worth the diagnostic bother beyond the annoyance. as long as something isn't broken on my end; so far, i haven't see anything that looks like anything more than noise. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
