Postfix limit incoming or receiving email rate

Q. I have noticed that spammers continually try to make a connection (email flooding attack). How do I enforce a number of limits on incoming mail so that I can protect hosted email domains?


A. Postfix (smtpd daemon) can enforce a number of limits on incoming email. This will stop email flooding attacks.

A bot connects to your Postfix email server and sends garbage commands or spam, attempting to crash your server. You can limit:

=> The length of lines in a message and so on

=> The size of messages

=> The number of recipients for a single delivery

Try following directives in your postfix config file:
smtpd_error_sleep_time – The SMTP server response delay after a client has made more than $smtpd_soft_error_limit errors, and fewer than smtpd_hard_error_limit errors, without delivering mail.
smtpd_soft_error_limit : The number of errors a remote SMTP client is allowed to make without delivering mail before the Postfix SMTP server slows down all its responses.
smtpd_hard_error_limit : The maximal number of errors a remote SMTP client is allowed to make without delivering mail. The Postfix SMTP server disconnects when the limit is exceeded.

Open config file
# vi
Append following directives:
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

Save and restart/reload postfix configuration
# /etc/init.d/postfix restart

Postfix waits one second before each error such as HELO command not provided or FQDN hostname does not exists etc After 10 such errors postfix will start to increase delay. If error limits touches 20 Postfix will disconnect client.

You can see this in action from /var/log/maillog file:

Dec 15 16:50:59 server postfix/anvil[20799]: statistics: max connection rate 1/60s for (smtp: at Dec 15 16:47:29
Dec 15 16:50:59 server postfix/anvil[20799]: statistics: max connection count 1 for (smtp: at Dec 15 16:47:29
Dec 15 16:50:59 server postfix/anvil[20799]: statistics: max cache size 2 at Dec 15 16:47:38

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

8 comments… add one
  • chandrasekhar Mar 4, 2007 @ 7:49

    How do we configure the squirrelmail in fedora core 6..? i have configured in my frdora-6 with DNS and Sendmail it’s working fine. even i am able to send/receive a mails with IMAP using command line or like Outlook.
    when i login to webmail using Squirrelmail in web it is giving login prompt but if i give username and password it’s saying Permission deny error 13.

    What would be the cause..? please help anyone..!

  • javier Jun 2, 2007 @ 14:18

    How do I limit per account or per ip, the sending rate and the incoming rate? Thanks.

  • robert poehler Aug 10, 2009 @ 17:15

    Another good way is to block outgoing spam is to check the amount of sent emails per user which get bounced. Normally this happens not more than 10 times per hour. When this amount grows it’s time to check the sender.

  • Prashanth Feb 24, 2010 @ 6:42

    Hi All

    Can some body help me to configure my Postfix server.
    What i am really looking for is mail flow control..
    I have postfix server configured internaly which is open relay.

    since it is open realy server facing a probelm due to huge mail flood from application server.

    So i want to controll the mail flow rate based on sending host/client in postfix.

    For ex.
    host is sending too many mails

    i want control /slow down the mail flow from ths host only based on time/no of connection

    Can anybody help me on this ?

    • dodi Sep 11, 2010 @ 11:07

      maybe you try this in

      smtpd_client_message_rate_limit = 10

      The maximum number of message delivery requests that an SMTP client may make in the time interval

      • prashanth Sep 27, 2010 @ 13:56

        Hey …thank you very much…

  • Florent Aug 1, 2013 @ 15:39

    Hi, thanks for this advice, but how to do the same thing by client (and not for all client).

  • Tapal Mar 4, 2015 @ 4:16

    We are trying to multithread postfix server.
    System Specification: ubuntu 14.04 LTS and Intel Core i3
    We read about Posix multithreading and postfiix supports posix libraries.
    So our question is in which postfix files we could place multithreading code and where

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.