On 3/04/19 17:13, Viktor Dukhovni wrote:
>
>
> It seems you're in a sardonic mood, ... best to not go there.
If I gave that impression, I apologize.
All I was trying to say is that, because of the bug, you may be more
likely to run out of disk space by trying to send to bona fide domains
lik
> On Apr 3, 2019, at 7:02 AM, Luc Pardon wrote:
>
>> ... and watch their mail queues melt down.
>
> ... because of all the mail that will get stuck in the queue with
> "server unavailable or unable to receive mail" for _any_ MX that has
> _both_ A and records.
No, because failing delive
On 3/04/19 01:16, Wietse Venema wrote:
> I prefer to remove the ability to disable safety mechanisms.
And in your initial response, you also wrote:
> Probably better to not allow a limit-less smtp_mx_address_limit,
> as it makes Postfix vulnerable to resource exhaustion attack.
Both respons
Luc Pardon:
> On the same topic: what if smtp_mx_address_limit was simply made to
> apply for each family separately? E.g. the default of 5 would mean: keep
> max 5 IPv6 addresses _and_ max 5 IPv4's ?
The purpose of these and other Postfix limits is not to frustrate
legitimate mail operators. Inst
On 2/04/19 13:21, Wietse Venema wrote:
> Probably better to not allow a limit-less smtp_mx_address_limit,
> as it makes Postfix vulnerable to resource exhaustion attack.
>
> Wietse
>
Fair enough, but then the docs for smtp_mx_address_limit ought to be
changed to remove the "or zero (no
Probably better to not allow a limit-less smtp_mx_address_limit,
as it makes Postfix vulnerable to resource exhaustion attack.
Wietse
According to the docs, the smtp_mx_address_limit parameter determines
"the maximal number of MX (mail exchanger) IP addresses that can result
from mail exchanger lookups, or zero (no limit)".
However, when setting it to zero, the SMTP client won't even attempt to
deliver to a server that has _both
