Re: [Exim] Gotta love exim

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Dave C.
CC: exim-users
Subject: Re: [Exim] Gotta love exim
On Fri, 22 Sep 2000, Dave C. wrote:

> On another tack, (this is directed mostly at PH10), how hard would it
> be to add an option to exim that if a given host failed some sort of
> syntax or verification, a configurable number of times within a
> configurable timeframe, that connections from that host would be
> refused outright for a configurable following timeframe?


Exim already has sender_verify_max_retry_rate for sender rejections, but
this applies to *temporary* rejections. Something like a syntax error in
HELO is a permanent rejection.

I've noted your idea, but I'm not convinced it is worth doing for this
reason: currently the bad host connects, you send a welcome, it sends a
bad HELO, you send a rejection and it goes away. If your idea were
implemented, then every time this happened, Exim would have to consult a
file and update it, to record the statistics. (And it would have to
consult the file for all good connections, too.) Then, when it was
rejecting, what would happen is: bad host connects, Exim reads file,
finds it should reject, and rejects. Just a couple of TCP/IP packets
saved. On balance, especially because Exim would have to maintain a
file and read it for all connections, I think you might well end up with
more overhead processing cost that the current situation.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.