That matches my experience. Whatever problem might once have been
addressed by limiting the number of connections per source, it doesn't
exist any more.
My server hits its overall limit of 60 all the time when it's getting a
lot of spam, but it's never more than a handful of those 60 from a single
IP.
R's,
John
Here's the answer I got:
At 3:05 PM -0500 3/1/13, David Ross wrote:
It would depend on how many connections you have allocated to regular SMTP
and how many to authenticated SMTP.
One EIMS server I have in a small business has both set to 20. Server has
been up since Feb 23 and the max connections to date are 7 regular and 4
authenticated at any one time. And with a limit of 20 on the regular SMTP
connections I've never seen it hit 20 for at least 5 or more years.
I suspect this is not as much of an issue now that computers can more
easily handle a lot of connections and spammers are likely better at not
flooding any one server with connections. I suspect the later also depends
on the number of domains hosted.
Most of the heavy attacks I see these days come in waves where they fire
off from 100 or so IPs in a /24 each with a different domain as the sending
entity. Spread over a few hours with under 5 connection attempts per IP.
The office I mentioned with 2 domains and 20 people sees one or two of
these a day.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp