Postfix Overview - Introduction - SCN Research

More documents

Recommendations

Info

Postfix Rate Controls How long a message stays in the queue before it is sent back as undeliverable. Page 4 of 4 minimal_backoff_time (default: 1000 seconds) The minimal amount of time a message won't be looked at, and the minimal amount of time to stay away from a "dead" destination. maximal_backoff_time (default: 4000 seconds) The maximal amount of time a message won't be looked at after a delivery failure. qmgr_message_recipient_limit (default: 1000) The size of many in-memory queue manager data structures. Among others, this parameter limits the size of the short-term, in-memory "dead" list. Destinations that don't fit the list are not added. Slowing down bad clients First of all, no defense will protect against an all-out denial of service attack. I just don't want to raise impossible expectations. But there are a few simple things one can do in order to deal with confused or malicious client programs. Some defenses are part of a more general strategy: for example, how long a line of text may be before it is broken up into pieces, and how much text may be carried in a multi-line message header. See the resource controls documentation for details. The Postfix SMTP server increments a per-session error counter whenever a client request is unrecognized or unimplemented, or whenever a client request violates UCE restrictions or other reasons. The error counter is reset when a message is transferred successfully. As the per-session error count increases, the SMTP server changes behavior. The idea is to limit the damage by slowing down the client. The behavior is controlled by the following parameters: smtpd_error_sleep_time (default: 5 seconds) When the per-session error count is small, the SMTP server pauses only when reporting a problem to a client. The purpose is to prevent naive clients from going into a fast connect-error-disconnect loop. smtpd_soft_error_limit (default: 10) When the per-session error count exceeds this value, the SMTP server sleeps error_count seconds before responding to a client request. smtpd_hard_error_limit (default: 100) When the per-session error count exceeds this value, the SMTP server disconnects. Unfortunately, the Postfix SMTP server does not yet know how to limit the number of connections from the same client, other than by limiting the total number of SMTP server processes (see process limit). Things could be worse: some mailers don't even implement an SMTP server process limit. That's of course no excuse. I'm still looking for a good solution. Up one level | Basic Configuration | UCE Controls | Rate Controls | Resource Controls | Address Manipulation http://www.porcupine.org/postfix-mirror/rate.html 6/26/01
Postfix Configuration - Resource Controls Page 1 of 3 Postfix Configuration - Resource Controls Up one level | Basic Configuration | UCE Controls | Rate Controls | Resource Controls | Address Manipulation Introduction The Postfix system is designed to run within a finite memory budget. To this end, there are configurable limits on the size of in-memory objects such as text line fragments, on the number of instances of such objects, and on the time an operation may take. In addition, strategies are in place for dealing with resource exhaustion. The idea is to keep running under conditions of stress, without making the problem worse. • Object size limits • Object count limits • Time limits • Acquiring exclusive file locks • Error recovery Object size limits The first step towards a fixed memory resource budget is to limit the size of each in-memory object. Once the size of in-memory objects is limited, total memory consumption is limited by limiting the number of object instances. Simple, no? line_length_limit (default: 2048 bytes) How long a line of text can be before it is broken up into pieces. All Postfix perimeter programs (SMTP server, SMTP client, local pickup and local delivery) enforce this line length limit when reading data from an untrusted source. Long lines are reconstructed upon delivery. header_size_limit (default: 102400 bytes) How much text may be carried in a multi-line message header. Header text that does not fit in $header_size_limit bytes overflows into the message body. This limit is enforced by the cleanup header rewriting code. extract_recipient_limit (default: 10240 recipients) How many recipients Postfix will extract from message headers before it gives up. This limits the damage that a run-away program can do with "sendmail -t". The following parameters restrict the use of file system storage: message_size_limit (default: 10240000 bytes) The maximal size of a Postfix queue file, including envelope information (sender, recipient, etc.). queue_minfree (default: no restriction) How many bytes of free space are needed in the queue file system. The SMTP server declines inbound http://www.porcupine.org/postfix-mirror/resource.html 6/26/01
Page 1: Postfix Overview - Introduction Pag
Page 4 and 5: Postfix Overview - Goals and Featur
Page 6 and 7: Postfix Overview - Global Architect
Page 8 and 9: Postfix Overview - Queue Management
Page 10 and 11: Postfix Overview - Security assista
Page 12 and 13: Postfix Anatomy - Receiving Mail Pa
Page 14 and 15: Postfix Anatomy - Delivering Mail p
Page 16 and 17: Postfix Anatomy - Command-line Util
Page 18 and 19: Postfix Configuration - Basics What
Page 20 and 21: Postfix Configuration - Basics My o
Page 23 and 24: Postfix Configuration - UCE Control
Page 33 and 34: Postfix Rate Controls Page 1 of 4 P
Page 35: Postfix Rate Controls The defer_tra
Page 39: Postfix Configuration - Resource Co
Page 42 and 43: Postfix Configuration - Address Man
Page 44 and 45: Postfix Configuration - Address Man
Page 47 and 48: ACCESS(5) ACCESS(5) Page 1 of 3 NAM
Page 49: 1 Page 3 of 3 http://www.porcupine.
Page 52 and 53: ited to regular files. For example,
Page 54 and 55: BOUNCE(8) BOUNCE(8) Page 1 of 2 NAM
Page 56 and 57: CANONICAL(5) CANONICAL(5) Page 1 of
Page 58 and 59: canonical_maps List of canonical ma
Page 60 and 61: CONFIGURATION PARAMETERS The follow
Page 62 and 63: BOUNCE(8) BOUNCE(8) Page 1 of 2 NAM
Page 64 and 65: FLUSH(8) FLUSH(8) Page 1 of 3 NAME
Page 66 and 67: fast_flush_purge_time Remove an emp
Page 68 and 69: Problems and transactions are logge
Page 70 and 71: parameter. Page 4 of 5 Timeout cont
Page 72 and 73: LOCAL(8) LOCAL(8) Page 1 of 7 NAME
Page 74 and 75: estricts delivery to external comma
Page 76 and 77: details and for default values. Use
Page 78 and 79: that is written to upon delivery).
Page 80 and 81: Page 2 of 3 SIGTERM Upon receipt of
Page 82 and 83: PCRE_TABLE(5) PCRE_TABLE(5) Page 1
Page 84 and 85: PICKUP(8) PICKUP(8) Page 1 of 2 NAM
Page 86 and 87:
PIPE(8) PIPE(8) Page 1 of 5 NAME pi
Page 88 and 89:
This macro expands to the extension
Page 90 and 91:
ounce(8) non-delivery status report
Page 92 and 93:
-r When updating a table, do not wa
Page 94 and 95:
POSTCAT(1) POSTCAT(1) Page 1 of 1 N
Page 96 and 97:
POSTDROP(1) POSTDROP(1) Page 1 of 2
Page 98 and 99:
POSTFIX(1) POSTFIX(1) Page 1 of 2 N
Page 100 and 101:
POSTKICK(1) POSTKICK(1) Page 1 of 2
Page 102 and 103:
POSTLOCK(1) POSTLOCK(1) Page 1 of 2
Page 104 and 105:
POSTLOG(1) POSTLOG(1) Page 1 of 1 N
Page 106 and 107:
default, postmap creates a new data
Page 108 and 109:
POSTSUPER(1) POSTSUPER(1) Page 1 of
Page 110 and 111:
LICENSE The Secure Mailer license m
Page 112 and 113:
The queue manager implements a vari
Page 114 and 115:
This parameter also limits the size
Page 116 and 117:
REGEXP_TABLE(5) REGEXP_TABLE(5) Pag
Page 118 and 119:
RELOCATED(5) RELOCATED(5) Page 1 of
Page 120 and 121:
Yorktown Heights, NY 10598, USA Pag
Page 122 and 123:
Page 2 of 5 -C config_file (ignored
Page 124 and 125:
Page 4 of 5 DIAGNOSTICS Problems ar
Page 126 and 127:
SHOWQ(8) SHOWQ(8) Page 1 of 1 NAME
Page 128 and 129:
command after a configuration chang
Page 130 and 131:
Page 4 of 4 smtp_helo_timeout Timeo
Page 132 and 133:
Support older Microsoft clients tha
Page 134 and 135:
Page 4 of 5 smtpd_hard_error_limit
Page 136 and 137:
SPAWN(8) SPAWN(8) Page 1 of 2 NAME
Page 138 and 139:
TRANSPORT(5) TRANSPORT(5) Page 1 of
Page 140 and 141:
the entire domain being looked up.
Page 142 and 143:
details and for default values. Use
Page 144 and 145:
VIRTUAL(5) VIRTUAL(5) Page 1 of 4 N
Page 146 and 147:
site is equal to $myorigin, when si
Page 148 and 149:
VIRTUAL(8) VIRTUAL(8) Page 1 of 4 N
Page 150 and 151:
Specifies a minimum uid that will b
show all

Postfix Overview - Introduction - SCN Research

Create successful ePaper yourself

Delete template?

Save as template?