[Mimedefang] Sendmail::Milter

Les Mikesell lesmikesell at gmail.com
Tue Nov 24 13:45:40 EST 2009


Andrzej Adam Filip wrote:
> Tilman Schmidt <t.schmidt at phoenixsoftware.de> wrote:
>> Am 2009-11-23 21:38 schrieb -:
>>> I too limit connections to one, and one per 5 minutes.  Should
>>> remotes violate that, they get two warnings (ICMP admin-prohibited),
>>> and if they're too eager, they fall into my TCP TARPIT.
>> I wonder. Do you have any data on how typical mail server software
>> reacts to that sort of policy? What does, for example, a Sendmail or
>> Exchange server in default configuration do if it tries to deliver two
>> mails to a destination server, the first one succeeds, and the second
>> one fails with "administratively prohibited"?
> 
> AFAIK sendmail does not distinguish between reasons why establishing TCP
> connection have failed. Have I missed something?

Any reasonable smtp mailer will handle a connection failure by retrying 
any other MX listed in DNS and if none succeed, queuing for subsequent 
retries.  It doesn't make a lot of sense to limit at rates that that 
aren't a threat to your service unless you have a dictionary attack with 
mostly invalid recipients (which sendmail already knows how to 
throttle).  Otherwise you'll just back up mailing lists.

-- 
   Les Mikesell
    lesmiksell at gmail.com





More information about the MIMEDefang mailing list