Many people will have seen their postfix reporting new errors these days, like if is overloaded:

postfix/master[7287]: warning: service "smtp" (25) has reached its process limit "100": new clients may experience noticeable delays

This is not really because your system is overloaded. To me, it looks more like a (deliberate?) malfunction of some spammers software. When you rejected it’s spam mail a few times, it starts opening up lots of connections to your system, but never sends any data. They just sit there and time out.

The solution is simple: limit the number of connections per client. Make sure the ‘anvil’ service is enabled (default at least on Debian) and then add

smtpd_client_connection_count_limit = 10

to your postfix configuration.

You should now begin to see messages such as

postfix/smtpd[21680]: warning: Connection concurrency limit exceeded: 11 from unknown[210.210.247.52] for service smtp

A corean cable IP. Yeah, I don’t think this would have been legitimate mail traffic anyway.

Feel free to pick the limit value even lower than 10 on really busy systems (or if these ‘attacks’ become stronger) - most people should never need more than 2 parallel connections (note: you can send multiple emails over one connection, there isn’t much to be gained by using more than one connection).