On Mon, 8 May 2000, Jason Gunthorpe wrote:
> 1) Abusive SMTP input
> Our list server runs qmail and as we all know it fires off one connect
> per recpient. This new exim server has many people subscribed to the
> various lists so qmail hammers it very hard. Exim neatly limits to 20
> connections, but instead of just delaying new connects and letting them
> sit on the listen queue (like tcpserver does) exim fires back a '4xx too
> many concurrent users' response. This seems less than ideal. I would
> like to see an option for tcpserver-like behavior
ph10@??? said:
> This would require extensive revision of the logic of the code in the
> daemon, and I'm not sure you actually gain much, do you? By giving a
> 4xx error you get the remote host to back off for a bit, which takes
> load off your system.
I guess (not knowing tcpserver very well), that this is restricting the
total number of connections to a port [of course you can almost
certainly run exim under tcpserver as an altermative].
Exim can both restrict the total number of connections, *and* the
number of connections from a single ip (which is a better qmail abuse
preventer :-) ).
I am not sure if you can see the connecting IP address prior to
accepting the connection (ie I cannot think of a portable way) - and if
you can't then this behaviour can't be emulated at that level.
Personally I think I prefer the mailer to accept the connection and say
it can't deal with it now rather than hanging at the connect stage - it
gives the sender a chance to work out his retry strategy.
With regard to the other qmail stuff, it might be easiest to just write
a qmail director in C and have that as an option for qmail->exim
transition.
Nigel.
--
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000 Fax +44 1423 858866 ]