Sympthom:

my postfix/dovecot server stops connection requests on port 25 if the mail reject limit exceeds around 400 per minute.

Port 25 is available but  no 220 promt is coming. So I assume not enough smtp or amavis deamons on port 10024 10025 are available.

A short postfix reload “solves” the problem, spammer are gone and connections are free agai for real users.

 

I did review my master.conf an see:

 

smtp      inet  n       -       n       -       20      smtpd

  -o smtpd_proxy_filter=localhost:10024

  -o content_filter=

 

But no smtp_client_connection_count_limit is set (a la):

 

smtp      inet  n       -       n       -       20      smtpd

  -o smtpd_proxy_filter=localhost:10024

  -o content_filter=

  -o smtp_client_connection_count_limit=10

 

 

Question:

I’ve domains where the postfix accepts the smtp directly and I’ve domains which have a mailfirewall in front and refuses smtp from all other servers (mailfirewall = mx).

This mailfirewall does also spam and virus checks and sends the “good” mails than to my postfix server.

I assume that the “smtp_client_connection_count_limit” from above affects my mailfirewall too.

How can I exclude my mailfirewall from this client_connection_count_limit (or how can I set a seperate limit for my mailfirewall) – or makes this no sense and the limit set is best solution?

 

For this mailfirewall I’ve condfigured in main.cf:

check_recipient_access hash:/etc/postfix/recipient_access

 

:/etc/postfix/recipient_access:

mydomain.tld                   check_if_mailfirewall_is_sender

 

main.cf:

check_if_mailfirewall_is_sender =

 check_client_access hash:/etc/postfix/mailfirewall-ip,

 check_recipient_access pcre:/etc/postfix/nice_mailfirewall_reject.pcre,

 reject

 

 

Liebe Gruesse,

Georg