Szerző: W B Hacker Dátum: Címzett: exim users Tárgy: Re: [exim] ACL to drop connectio
Frank Elsner wrote: > On Fri, 11 Jun 2010 11:58:32 -0400 Jean-Paul natola wrote:
>> Hi all,
>>
>>
>>
>> I'm wondering if there is a way to tell exim to drop an connection from a
>> host that is attempting more than one simultaneous smtpconnection
>
> You can set smtp_accept_max_per_host = 1
>
> but this affects all hosts talking to you.
>
> Don't know how to realize this for selected hosts only.
>
>
>
> --Frank Elsner
>
smtp_accept_max_per_host = 2
... is a considerably less-problematic minimum and still throws up a significant
barrier to zombot farms, bespoke spam engines, and non-compliant MTA & MLM.
smtp_accept_max_per_host = 3
Is usually 'good enough' and even less problematic w/r legit arrivals.
W/R 'selected hosts' - should be doable in acl_smtp_connect with a bit of work,,
BUT .. I don't see the need.
'polite' hosts will not attempt to intentionally swamp you in the first place
[1], but *may* actually have many close-but-not-simultaneous messages to deliver
through mere chance.
The second and subsequent may overlap prior connection(s) not yet completed and
released. Ordinarily no harm, as those deferred (not dropped or denied) will
retry 'Real Soon Now'.
IF, OTOH, one gets a daily massive run of a newsletter or such, it *should* come
in one connection, multiple recipients anyway [1]. Or at least 'batches' of
same. So where's the harm in applying a requirement for good manners to the sender?
Bill
[1] Qmail has permission to bend over, grab its ankles and kiss it's ever-loving
massively-parallel nature goodbye. Act like a zombot farm, be treated like one.