diff --git a/postfix/postfix-main.cf.template b/postfix/postfix-main.cf.template
index c8e44b7..6a90044 100644
--- a/postfix/postfix-main.cf.template
+++ b/postfix/postfix-main.cf.template
@@ -31,7 +31,11 @@ command_time_limit = 30s
 maillog_file = /var/log/postfix.log
 
 # Rate limiting - prevent abuse/DoS
-smtpd_client_connection_rate_limit = 10
+# Connection rate limit is per source IP per anvil_rate_time_unit.
+# 10 was too low for load testing (20 concurrent users from one IP exhausted
+# the limit in ~10s, causing connection resets for users 11-20). 100 allows
+# realistic concurrency headroom while still protecting against DoS.
+smtpd_client_connection_rate_limit = 100
 smtpd_client_message_rate_limit = 50
 smtpd_client_recipient_rate_limit = 100
 anvil_rate_time_unit = 60s