On 4/3/2013, at 1:14 ᴘᴍ, Randall Gellens
At 11:22 AM -0500 3/3/13, John R Levine wrote:
That matches my experience. Whatever problem might once have been addressed
by limiting the number of connections per source, it doesn't exist any more.
I misstated the EIMS restrictions in my original message. When I checked the
documentation, it turns out that EIMS does not enforce restrictions on number
of connections from the same source. Instead, EIMS has a three-level budget:
total number of incoming connections; number reserved for hosts in the OK
state (having passed graylisting); and number reserved for whitelisted hosts.
I apologize for mischaracterizing the restrictions (I blame faulty
recollection and being too lazy to check before writing).
EIMS also has restrictions on the number of connections from the same IP, it is
an older setting that I didn't remove when I added the newer priority based
limits, it can still be handy for blocking some trivial DoS attacks.
I agree that a limit per IP is pretty much irrelevant if a bot-net is trying to
send you spam, and that is definitely a far more common problem these days. On
a number of occasions I've seen more than 60,000 unique IPs over 24 hours
repeatedly trying to connect to one of my servers that would normally handle
~100 legitimate messages a day. Reserving some connections for recently seen
well behaved hosts and for whitelisted hosts definitely helps legitimate mail
to get through under those circumstances.
ietf-smtp mailing list