- Unix Commands Reference
- Unix Commands - Home
anvil Command in Linux
The anvil command in Linux monitors the number of sessions a client initiates and the frequency of their requests. By managing these metrics, anvil controls server load and prevents potential abuse, like denial-of-service (DoS) attacks, by restricting excessive connections and requests.
Table of Contents
Here is a comprehensive guide to the options available with the anvil command −
- anvil Command in Linux
- Configuration Parameters of Linux anvil Command
- Connection Count and Rate Control with anvil in Postfix
- Message Rate Control with anvil in Postfix
- Recipient Rate Control with anvil in Postfix
- TLS Session Negotiation Rate Control with anvil in Postfix
- Security Features of anvil Command in Postfix
- Diagnostics with anvil Command in Postfix
- Bugs in anvil Command
anvil Command in Linux
The Postfix anvil(8) server keeps track of client connection counts and request rates. By utilizing these statistics, the server can defend itself against clients that might try to overload it with too many simultaneous connections or excessive requests in a short time frame.
Monitoring these metrics allows Postfix to enforce limits and prevent potential abuse or denial-of-service (DoS) attacks. The master(8) process in Postfix controls the anvil(8) server, managing all other Postfix processes.
Configuration Parameters of Linux anvil Command
On low-traffic mail systems, anvil(8) processes automatically pick up changes to “main.cf” since they run for only a short time. While on higher-traffic systems, use "postfix reload" command to speed up changes.
The following table provides a summary of parameters −
| Tag | Description |
|---|---|
| anvil_rate_time_unit | The time unit (default value is 60 seconds) over which client connection rates are calculated. |
| anvil_status_update_time | Specifies how frequently the anvil(8) server logs peak usage information for connection and rate limiting (the default interval is 600 seconds). |
| config_directory | Indicates the Postfix main.cf and master.cf configuration files’ default location (usually refer to postconf -d output). |
| daemon_timeout | Specifies the maximum time (default: 18,000 seconds) that a Postfix daemon process can spend handling a request before it is terminated by a system’s built-in watchdog timer. |
| ipc_timeout | Sets the time limit (the default value is 3,600 seconds) for sending or receiving desired information on an internal communication channel. |
| max_idle | Defines the maximum time (default: 100 seconds) that an idle process of Postfix daemon will wait for the next service request before exiting |
| max_use | Determines the max no. of connection requests (default: 100) before a termination of a Postfix daemon process. |
| process_id | Provides the Postfix daemon process ID (read-only). |
| process_name | Displays the Postfix command name (read-only). |
| syslog_facility | The syslog facility (default: mail) of Postfix logging. |
| syslog_name | Prepend the name of the mail system (the default is postfix) to the process name inside the syslog records (For example, “smtpd” becomes “postfix/smtpd”). |
Connection Count and Rate Control with anvil in Postfix
The anvil command in Postfix manages and controls client connection numbers and request frequencies. Let’s see how to interact with it and set up these parameters −
Registering a New Connection
To log a new connection, send this request to the anvil(8) server −
request=connect ident=string
Here, “ident” represents a string that identifies the client.
The anvil(8) server will respond with the current number of simultaneous connections and the rate of connections per time unit for the specified (service, client) combination identified by “ident” −
status=0 count=number rate=number
Registering a Disconnect Event
If you want to log a disconnect event, you can simply send this request to the anvil(8) server −
request=disconnect ident=string
The anvil(8) server will reply with −
status=0
Message Rate Control with anvil in Postfix
The anvil component in Postfix limits how often clients can send messages to prevent spam and DoS attacks. This helps protect the mail server from potential abuse.
For logging a message delivery request, simply deliver this request to the anvil(8) server −
request=message ident=string
When you send a message delivery request to the anvil(8) server with the specified (service, client) combination identified by ident, it will provide you with the rate of message delivery requests per unit time.
status=0 rate=number
Recipient Rate Control with anvil in Postfix
anvil in Postfix controls how often clients can send emails to recipients to prevent abuse. It limits the number of recipients a client can address within a specified period.
For initiating a recipient request with the anvil(8) server, submit the below-given request −
request=recipient ident=string
Upon receiving this request, the anvil(8) server promptly responds with essential information. It includes the status of the request to confirm the successful registration −
status=0 rate=number
Additionally, the response specifies the rate of recipient addresses processed per unit time (rate=number). This allows effective monitoring and management of recipient request activities for the specified service and client combination.
TLS Session Negotiation Rate Control with anvil in Postfix
The anvil component in Postfix controls and monitors TLS session rates to keep the mail server secure and efficient. It limits how often clients can start TLS sessions.
To register a new (non-cached) TLS session request, send the following to the anvil(8) server −
request=newtls ident=string
As a result, the anvil(8) server will respond with the number of new TLS session requests per unit time for the desired (service, client) combination that is identified by ident −
status=0 rate=number
For obtaining the new TLS session request rate without updating the counter, simply send −
request=newtls_report ident=string
The anvil(8) server will respond with the number of new TLS session requests per unit time for the desired (service, client) combination identified by ident −
status=0 rate=number
Note − The features discussed here are available in Postfix 2.3 and later versions.
Security Features of anvil Command in Postfix
anvil in Postfix enhances mail server security by effectively managing various aspects of client interactions.
It operates independently from network or local users and can run in a chrooted environment with restricted privileges. Also, it maintains an in-memory table to track recent client requests, avoiding persistent state due to concerns over the robustness of standard system library routines in update-intensive applications.
While this in-memory state is temporary, systems handling connections from numerous remote clients may experience high memory usage. To mitigate this, reducing the time unit for retaining the state can help conserve memory.
Diagnostics with anvil Command in Postfix
The anvil command in Postfix helps diagnostics by offering essential details on server operations and client interactions. It allows administrators to monitor and resolve issues efficiently. It ensures the mail server runs smoothly. Issues and transactions are recorded by syslogd(8).
When the server exits, it logs the highest count and rate values it has recorded. This logging also happens at intervals specified by anvil_status_update_time. The logs include the corresponding (service, client) details and the time these events occurred. To reduce unnecessary overhead, the server does not monitor activities that are not subject to concurrency or rate limits.
Bugs in anvil Command
Addressing NAT Issues
Multiple systems may share the same client address in networks using network address-translating routers or proxies. This can lead to false triggers of connection count or rate limits.
Limitations in Preliminary Implementation
In the initial setup, a server enforcing connection count or rate limits can handle only a single remote client at a time. If the server detects multiple simultaneous clients, it ignores all but the most recent client reported.
Handling Client Request Information
The anvil(8) server discards expired client request information automatically to ensure accurate timing of client request rate information.
Best Practice for Rate-Limited Services
Rate-limited services should always log connect/disconnect events, even if they are not explicitly enforcing them. By consistently registering connect/disconnect events, even when not explicitly limiting them, you can prevent the anvil(8) server from removing client request rate information too early or late.
Conclusion
Anvil in Linux monitors client sessions and requests frequencies to manage server load effectively and protect against abuse, such as denial-of-service (DoS) attacks. The Postfix anvil(8) server tracks client connection counts and request rates, using these statistics to defend against clients attempting to overload the server with too many connections or requests. This Linux guide explained different aspects of the anvil command in detail.