Regan Murphy wrote:
servers which makes managing the lookup lists simple. And before I hear
cries of "argh, not mailmarshal again..." Its configured so that is does *not* send outbound notifications for viruses etc.
I prefer things like patching postfix to do AV scanning on-the-fly, rejecting virus mails at the end of the DATA command where virus or spam is found. Whilst it doesn't stop the resource drain, it does have the effect of notifying the sending MTA owner (when properly configured) that they have a virus sending issue, and it eliminates all possibility of your server generating backscatter. It also has the side effect of: In the unlikely event of a false positive the sender is notified of the rejection. ....and it's fully RFC compliant ;-) For those who think that is a serious potential for DoS - I can sustain (and have) 25 messages per second on my incoming MTA without breaking a sweat, complete with LDAP lookups on all the addresses to a "remote" directory server for both final destination and 'user exists'. (I'm sure a few of you know of my past history when it comes to getting DDoS'd ;-))... $dayjob is managing MTAs for a large edu.au (85k accounts) - we at peek don't have more than 25 connections incoming at anyone time - we average 4 messages per second over any 24 hour period. Regards, Mat (FYI my postfix servers are configured to reject connections at 40 concurrent incoming connections - for sanity.)