On 30/11/17 03:03, Robert Giles wrote:
David,
I'd say that if you set the mail_max_userip_connections value to a large-ish number (300-400), your users likely won't notice an issue on their iOS 10.x and iOS 11.x devices.? It's more of an annoyance in the logs, and occasionally the iOS Mail app will show that it is stuck checking mail for a few minutes (when the new max_userip_connections is reached again, but with a large number, it happens much less frequently).
Keep in mind max_userip applies to *authenticated* users, so a true, malicious DoS situation is less likely.
Maybe not malicious DoS, but if your running a shared platform, or supports hundreds of users using Apple products, you can do the arithmetic and see that you can run into problems with resource starvation.
And yeah, I'm definitely tired of Apple going off and breaking their software, because the blame always comes back on IT instead of Apple :(
Apple, are you listening? Would it kill you to design your software not to treat remote mail servers like personal servers that can serve up connections like candy? (I also see that some iOS clients keeps an open SMTP connection on standby, even though it's not sending mail.)
Joseph Tam <jtam.home@gmail.com>