Tim (about sendmail greet pause): >> How does it work? If it pauses the current connection with that server, >> independently of any other system trying to send you mail, then only one >> thing at a time gets delayed, so it shouldn't be a DOS. But if sendmail >> pauses completely while one thing talks to it, and won't do anything >> else until that task is completed, yes, I see potential problems. Steve Friedman: > It's a DoS because the system can have only a finite number of sockets > open (this is both a kernel limit and a postfix tuning parameter limit), > and greet pause ties them up doing nothing for a period of time. This is a genuine question: Is that actually worse than having the server tied up dealing with lots of spam? I would imagine that anyone who wanted to try this approach, would also want to increase the number of sockets that could be handled, to avoid getting DOSd. It would also seem prudent to reset a connection if more traffic came through when you'd told it to wait. -- (This box runs FC6, my others run FC4 & FC5, in case that's important to the thread.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
