@DomiP
Danke für die Info. Untenstehend die Antwort vom Provider. Die ist evtl. auch von Interesse für andere users.
Quote
Yes, there is a problem.
Rspamd is a free and opensource project that has no relations with Synology. Rspamd also provides some spam fighting infrastructure: list of freemail domains, public fuzzy hashes and some other resources that I provide for no charge (but that still consumes my server's resources though). My main intention here is to provide a better spam filter for users.
Synology has included 3 years old version of Rspamd (specifically, 1.6.2) that has a nausty bugs when loading http maps:
It loads them via HTTPS using main `rspamd.com` domain (newer versions use `maps.rspamd.com`)
There is a mistake in backpressure algorithm that caused more checks in case of any error instead of reducing number of checks
SSL caching is broken there so each request is a new SSL handshake
Then I have ended up with 7k ssl handshakes per second that killed my server and made the whole `rspamd.com` site unavailable for all users. I have to write a script that detects old clients and ban them to avoid DDoS attack. I've talked with Synology and I've been told that they cannot update the version used in the MailPlus so far.
Hence, the only my decision is to continue banning of the IPs who are using this buggy version. In the meantime I will continue to discuss the situation with Synology hoping that we could resolve it somehow. I think you can also ask Synology to resolve this issue - it might be helpful after all.
I'm sorry for inconveniences caused from my side.
unquote