The smtpd daemon can enforce a number of limits on incoming mail. The limits are configurable through several parameters in the main.cf file. You can limit the size of messages, the number of recipients for a single delivery, and the length of lines in a message. You can also limit the number of errors to allow from a single client before breaking off communications.
parameter limits the size of any message your system will
accept. The default is 10 MB. If you have limited disk space or memory,
you might want to lower the value. On the other hand, if your users
commonly receive large attachments, you may have to increase it.
Increasingly frequent errors from the same client might indicate a problem or an attack. Postfix
keeps a counter of errors, and handles potential problem clients by
introducing delays with each error. The delays can help protect your
system from misconfigured or malignant clients. As the number of errors
increases so does the length of each delay. The length of the initial
delay is specified by
smtpd_error_sleep_time with a default of one second. After the number of errors
exceeds the value set for
smtpd_soft_error_limit , Postfix increases the delay by one second for every
error, so that with each error, there is a slightly longer delay.
Finally, when the error count hits the value set in
smtpd_hard_error_limit , Postfix gives up on the client and disconnects.
If a malicious program connects to your mail server and sends garbage commands, attempting to crash your server, the bogus commands appear to Postfix as errors from a misbehaving client. Assume the following values for the delay parameters:
smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20
With these settings, Postfix initially waits one second (
smtpd_error_sleep_time) after each error
before responding to the client. After 10 (
smtpd_soft_error_limit) such probes, Postfix
starts increasing the length of each delay. After 11 errors, Postfix
waits 11 seconds. After 12 errors, Postfix waits 12 seconds, and so on.
Once the number of errors hits 20 (
smtpd_hard_error_limit), Postfix disconnects,
cutting off the malicious program. If the program connects again, it
simply gets the same treatment each time it starts creating