Peter J. Holzer wrote:
Not quite - there is also at least the per-connection data in the MTA -
this may be only a small data structure or a whole process.
I've never seen an idle connection cause distress to a running system.
We've run into the connection limit a number of times on our MXs, but
that's because I've set that too conservatively (there was still plenty
of free RAM when the limit was reached).
I see it all the time, but randomly. But loading limits design to
control the attacks and throttle it will allow you and your customers
to go to sleep like a baby. I just never considered that CS clients
can be contributing to these random capacity limits events always to
be due to 100% related to DoS Attacks.
If you are seeing 6.7 secs and my is averaging about the same, then
that seems to suggest we already seen the affects of CS clients out
there lowering the highest potential throughput of receivers.