Re: Disable sending mails via telnet

Bill Cole:
> On 10 Jan 2012, at 16:56, Dennis Carr wrote:
> > If you mean the act of disabling the ability of using a telnet client
> > to connect to port 25, you're best not doing this - or, just set any
> > session timeouts to something short to prevent manual interaction.
>
> I hope that is simply an offhand random thought and not something you've
> actually done.
>
> Reducing timeouts to the point where they would seriously interfere with
> people doing manual SMTP will almost certainly mean failing to comply
> with the SMTP standard and would carry a real risk of blocking
> legitimate mail. While it is true that most SMTP transport happens as
> fast as the sender can get 2xx responses, it does not always work that
> way. Also: when you diverge from the standard for no compelling reason
> you will find sympathy with any interop problems to be in short supply.

By default, Postfix plays time limit games only under overload conditions.

The timeout settings are:

    smtpd_per_record_deadline Overload: yes Normal: no
    smtpd_starttls_timeout Overload: 10s Normal: 300s
    smtpd_timeout Overload: 10s Normal: 300s

The per-record deadline feature (Postfix >= 2.9) changes timeout
behavior from "time limit per read operation" to "time limit per
command", meaning the entire command must be received within the
deadline.

        Wietse

• This message: [ Message body ]
• Next message: Michael Maymann: "Re: Send bouncing to specific bounce-account"
• Previous message: Bill Cole: "Re: Global user delivery"
• In reply to: Bill Cole: "Re: Disable sending mails via telnet"
• Next in thread: Rod Dorman: "Re: Disable sending mails via telnet"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]