diff options
Diffstat (limited to 'html/anvil.8.html')
-rw-r--r-- | html/anvil.8.html | 242 |
1 files changed, 242 insertions, 0 deletions
diff --git a/html/anvil.8.html b/html/anvil.8.html new file mode 100644 index 0000000..2acb09a --- /dev/null +++ b/html/anvil.8.html @@ -0,0 +1,242 @@ +<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> +<html> <head> +<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> +<title> Postfix manual - anvil(8) </title> +</head> <body> <pre> +ANVIL(8) ANVIL(8) + +<b>NAME</b> + anvil - Postfix session count and request rate control + +<b>SYNOPSIS</b> + <b>anvil</b> [generic Postfix daemon options] + +<b>DESCRIPTION</b> + The Postfix <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains statistics about client connec- + tion counts or client request rates. This information can be used to + defend against clients that hammer a server with either too many simul- + taneous sessions, or with too many successive requests within a config- + urable time interval. This server is designed to run under control by + the Postfix <a href="master.8.html"><b>master</b>(8)</a> server. + + In the following text, <b>ident</b> specifies a (service, client) combination. + The exact syntax of that information is application-dependent; the + <a href="anvil.8.html"><b>anvil</b>(8)</a> server does not care. + +<b>CONNECTION COUNT/RATE CONTROL</b> + To register a new connection send the following request to the <a href="anvil.8.html"><b>anvil</b>(8)</a> + server: + + <b>request=connect</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of simultaneous connections + and the number of connections per unit time for the (service, client) + combination specified with <b>ident</b>: + + <b>status=0</b> + <b>count=</b><i>number</i> + <b>rate=</b><i>number</i> + + To register a disconnect event send the following request to the + <a href="anvil.8.html"><b>anvil</b>(8)</a> server: + + <b>request=disconnect</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server replies with: + + <b>status=0</b> + +<b>MESSAGE RATE CONTROL</b> + To register a message delivery request send the following request to + the <a href="anvil.8.html"><b>anvil</b>(8)</a> server: + + <b>request=message</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of message delivery + requests per unit time for the (service, client) combination specified + with <b>ident</b>: + + <b>status=0</b> + <b>rate=</b><i>number</i> + +<b>RECIPIENT RATE CONTROL</b> + To register a recipient request send the following request to the + <a href="anvil.8.html"><b>anvil</b>(8)</a> server: + + <b>request=recipient</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of recipient addresses per + unit time for the (service, client) combination specified with <b>ident</b>: + + <b>status=0</b> + <b>rate=</b><i>number</i> + +<b>TLS SESSION NEGOTIATION RATE CONTROL</b> + The features described in this section are available with Postfix 2.3 + and later. + + To register a request for a new (i.e. not cached) TLS session send the + following request to the <a href="anvil.8.html"><b>anvil</b>(8)</a> server: + + <b>request=newtls</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of new TLS session requests + per unit time for the (service, client) combination specified with + <b>ident</b>: + + <b>status=0</b> + <b>rate=</b><i>number</i> + + To retrieve new TLS session request rate information without updating + the counter information, send: + + <b>request=newtls_report</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of new TLS session requests + per unit time for the (service, client) combination specified with + <b>ident</b>: + + <b>status=0</b> + <b>rate=</b><i>number</i> + +<b>AUTH RATE CONTROL</b> + To register an AUTH request send the following request to the <a href="anvil.8.html"><b>anvil</b>(8)</a> + server: + + <b>request=auth</b> + <b>ident=</b><i>string</i> + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of auth requests per unit + time for the (service, client) combination specified with <b>ident</b>: + + <b>status=0</b> + <b>rate=</b><i>number</i> + +<b>SECURITY</b> + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server does not talk to the network or to local users, and + can run chrooted at fixed low privilege. + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains an in-memory table with information about + recent clients requests. No persistent state is kept because standard + system library routines are not sufficiently robust for update-inten- + sive applications. + + Although the in-memory state is kept only temporarily, this may require + a lot of memory on systems that handle connections from many remote + clients. To reduce memory usage, reduce the time unit over which state + is kept. + +<b>DIAGNOSTICS</b> + Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>. + + Upon exit, and every <b><a href="postconf.5.html#anvil_status_update_time">anvil_status_update_time</a></b> seconds, the server logs + the maximal count and rate values measured, together with (service, + client) information and the time of day associated with those events. + In order to avoid unnecessary overhead, no measurements are done for + activity that isn't concurrency limited or rate limited. + +<b>BUGS</b> + Systems behind network address translating routers or proxies appear to + have the same client address and can run into connection count and/or + rate limits falsely. + + In this preliminary implementation, a count (or rate) limited server + process can have only one remote client at a time. If a server process + reports multiple simultaneous clients, state is kept only for the last + reported client. + + The <a href="anvil.8.html"><b>anvil</b>(8)</a> server automatically discards client request information + after it expires. To prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a> server from discarding + client request rate information too early or too late, a rate limited + service should always register connect/disconnect events even when it + does not explicitly limit them. + +<b>CONFIGURATION PARAMETERS</b> + On low-traffic mail systems, changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automati- + cally as <a href="anvil.8.html"><b>anvil</b>(8)</a> processes run for only a limited amount of time. On + other mail systems, use the command "<b>postfix reload</b>" to speed up a + change. + + The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for + more details including examples. + + <b><a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (60s)</b> + The time unit over which client connection rates and other rates + are calculated. + + <b><a href="postconf.5.html#anvil_status_update_time">anvil_status_update_time</a> (600s)</b> + How frequently the <a href="anvil.8.html"><b>anvil</b>(8)</a> connection and rate limiting server + logs peak usage information. + + <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> + The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- + figuration files. + + <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> + How much time a Postfix daemon process may take to handle a + request before it is terminated by a built-in watchdog timer. + + <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> + The time limit for sending or receiving information over an + internal communication channel. + + <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> + The maximum amount of time that an idle Postfix daemon process + waits for an incoming connection before terminating voluntarily. + + <b><a href="postconf.5.html#max_use">max_use</a> (100)</b> + The maximal number of incoming connections that a Postfix daemon + process will service before terminating voluntarily. + + <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> + The process ID of a Postfix command or daemon process. + + <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> + The process name of a Postfix command or daemon process. + + <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> + The syslog facility of Postfix logging. + + <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> + A prefix that is prepended to the process name in syslog + records, so that, for example, "smtpd" becomes "prefix/smtpd". + + Available in Postfix 3.3 and later: + + <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b> + The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process. + +<b>SEE ALSO</b> + <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server + <a href="postconf.5.html">postconf(5)</a>, configuration parameters + <a href="master.5.html">master(5)</a>, generic daemon options + +<b>README FILES</b> + <a href="TUNING_README.html">TUNING_README</a>, performance tuning + +<b>LICENSE</b> + The Secure Mailer license must be distributed with this software. + +<b>HISTORY</b> + The anvil service is available in Postfix 2.2 and later. + +<b>AUTHOR(S)</b> + Wietse Venema + IBM T.J. Watson Research + P.O. Box 704 + Yorktown Heights, NY 10598, USA + + Wietse Venema + Google, Inc. + 111 8th Avenue + New York, NY 10011, USA + + ANVIL(8) +</pre> </body> </html> |