With qmail on a Plesk box, you can edit /etc/xinetd.d/smtp_psa to add instances= and per_ip= to limit the number of concurrent connections and connections per IP.
I can't figure out how to do this with PG as there's no equivalent file.
I seem to recall something about tcpserver but I don't remember the details.
There seems to be some stuff in /etc/tcpcontrol related to qmail but there are several files and I don't know what's what.
This page http://wiki.qmailtoaster.com/index.php/ ... figuration indicates that there are options that can be added, presumably to one of the above files, but I'm unclear as to where to add what.
I'm also unclear as to how to turn edited .rules files into cdb files
Can someone please enlighten me?
PG - how to limit connections/per IP?
PG - how to limit connections/per IP?
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: PG - how to limit connections/per IP?
They can be controlled from /etc/tcpcontrol/smtp.rules using a 2 step process.
Example (from qmail-scanner-reconfigure), add this to the file:
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
And compile the rules, note this does not require a restart to apply the changes. THey are immediate:
tcprules smtp.cdb smtp.tmp <smtp.rules
Note there is a file called "smtp.tmp" here. This is just specifying a temporary filename to the tcprules command, it doesnt need to exist. Its kind of like specifying a mktemp file
Example (from qmail-scanner-reconfigure), add this to the file:
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
And compile the rules, note this does not require a restart to apply the changes. THey are immediate:
tcprules smtp.cdb smtp.tmp <smtp.rules
Note there is a file called "smtp.tmp" here. This is just specifying a temporary filename to the tcprules command, it doesnt need to exist. Its kind of like specifying a mktemp file
Re: PG - how to limit connections/per IP?
Thanks Scott.
So we're talking about editing smtp.rules to (for example) look something like this? :
:allow,MAXCONNIP="5",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
Then run:
tcprules smtp.cdb smtp.tmp <smtp.rules
Which would limit the number of connections per IP to 5.
What about the tcpserver -c XX bit? (XX=max connections in total).
So we're talking about editing smtp.rules to (for example) look something like this? :
:allow,MAXCONNIP="5",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
Then run:
tcprules smtp.cdb smtp.tmp <smtp.rules
Which would limit the number of connections per IP to 5.
What about the tcpserver -c XX bit? (XX=max connections in total).
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: PG - how to limit connections/per IP?
Yeah, just like that (:allow,var1="x",var2="y",var3="z"), example:
:allow,MAXCONNIP="5",MAXLOAD="500",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
changing it in the smtp.cdb file will apply against the tcpserver config via the -x flag. There is another place you can get to the raw startup command, and manipulate the -c flag in the tcp-service script: /service/smtpd/run
and look at the line:
readdefault concurrency concurrencysmtpd 20
This changes the total number of SMTP connections, if you wanted finer grained control per IP, you'd do that with MAXCONNIP in smtp.cdb. But theres no reason why you cant use both (I do that myself).
Like the .cdb files, changing these settings do not require a restart to go into effect.
:allow,MAXCONNIP="5",MAXLOAD="500",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
changing it in the smtp.cdb file will apply against the tcpserver config via the -x flag. There is another place you can get to the raw startup command, and manipulate the -c flag in the tcp-service script: /service/smtpd/run
and look at the line:
readdefault concurrency concurrencysmtpd 20
This changes the total number of SMTP connections, if you wanted finer grained control per IP, you'd do that with MAXCONNIP in smtp.cdb. But theres no reason why you cant use both (I do that myself).
Like the .cdb files, changing these settings do not require a restart to go into effect.
Re: PG - how to limit connections/per IP?
Thanks Scott. That's really useful info.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>