[Exim] heavy load - being an open relay?

Top Page
Delete this message
Reply to this message
Author: Daniel W.
Date:  
To: exim-users
Subject: [Exim] heavy load - being an open relay?

hello.

I recently discovered my box is under heavy load and investigated a
bit. A "ps ax" showed me quite a lot exim processes. A closer look at
the "mainlog" logfile showed me lines like the following ones:

.......................................................................
2002-09-25 11:47:09 17u8l8-0004uJ-00 <= <> H=mc2-s12.law16.hotmail.com
[65.54.237.61] P=esmtp S=9739 id=3OCcSkpLi00001d3e@???
2002-09-25 11:47:09 17u8l8-0004uJ-00 => epico <nobody@???>
D=localuser T=local_delivery

2002-09-25 11:47:09 17u8l8-0004uJ-00 Completed
2002-09-25 11:48:17 17u8mF-0004uQ-00 <= Mailer-Daemon@???
H=email.niagarac.on.ca [192.197.62.37] P=smtp S=3152
id=sd913fa4.085@???
2002-09-25 11:48:17 17u8mF-0004uQ-00 => epico <nobody@???>
D=localuser T=local_delivery
2002-09-25 11:48:17 17u8mF-0004uQ-00 Completed
.......................................................................

Believing I was an open relay for everyone I purged exim and
re-installed it. This time I used the config file taken of the
examples archive. (i used the debian one before) I changed hardly
anything...but..still getting these messages in my mainlog file.
Am I an open relay?!

exim version: 3.35-1
os: debian gnu/linux woody
exim is running as user/grou mail/mail.
epico is a local user. just mentioning this because I wonder what
"epico <nobody@???>" means. I guess nothing good :-/
I'm on dialup. narf.ninth.biz therefore points to a dynamic ip.
(ddns service @ www.changeip.com)
All I want to do is receiving and sending mail :-/

my exim.conf file in extracts:
.......................................................................
primary_hostname =
# qualify_domain =
# qualify_recipient =
local_domains = narf.ninth.biz
# local_domains_include_host_literals
forbid_domain_literals
local_domains_include_host = true
never_users = root
# host_accept_relay = localhost
# host_accept_relay = my.friends.host : 192.168.0.0/16
# relay_domains =
host_lookup = *
receiver_verify
sender_verify
# rbl_domains = blackholes.mail-abuse.org
# rbl_domains = blackholes.mail-abuse.org:dialups.mail-abuse.org
# percent_hack_domains = *
ignore_errmsg_errors_after = 2d
timeout_frozen_after = 7d

transports configuration:
group=mail
DIRECTORS CONFIGURATION:
user = mail
group = mail
.......................................................................

that's it.
any hint?

best regards, daniel