[nycbug-talk] Postfix filter for Exchange
trish at bsdunix.net
Thu Jul 27 11:56:23 EDT 2006
On Thu, 27 Jul 2006, Pete Wright wrote:
> Hi All,
> So for some reason we run exchange as our mail store, and
> frankly I'd rather not start another fight as to how we should probably move
> to more robust mail solution. we do have an issue where runaway scripts
> start generating *ton's* of email in a very short period of time. We
> have been trying our best to resolve this issue by bludgening those who
> write the offending code, but it still happens from time to time.
> So, to help us out with this I am going to propose putting a
> Postfix filter infront of the exchange server to kill these mail bombs
> before they take down exchange. The exchange admin's promise there is
> nothing they can do to properlly rate limit, or kill these mail bombs
> before spooling them. I am not so sure about that, but do not have the
> time to learn exchange.
> Has anyone implemented such a solution for a highvolume
> mailserver, if so any caveat's i should be looking out for? Or is there
> a sendmail milter that does this already that i don't know about?
I actually use sendmail to ratelimit this kind of stuff fairly easily
actually. There are a couple settings in sendmail.cf that throttle
connection frequency, one is
# maximum number of new connections per second
Also, you can do things like this:
# load average at which we just queue messages
# load average at which we refuse connections
# log interval when refusing connections for this long
# load average at which we delay connections; 0 means no limit
# maximum number of children we allow at one time
and tune those so that it doesn't get so out of hand as well, no need for
milters, this is all sendmail.cf settings itself.
I mean theoertically you can also write something in .cf itself to filter
the keywords from the offending scripts.... *laugh*
Hope that helps.
Trish Lynch trish at bsdunix.net
Ecartis Core Team trish at listmistress.org
Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16
More information about the talk