Re: [Exim] EXIM input and msglog

Góra strony
Delete this message
Reply to this message
Autor: Nico Erfurth
Data:  
Dla: Leonardo Boselli, exim-users
Temat: Re: [Exim] EXIM input and msglog
Leonardo Boselli wrote:

Please reply to the whole list, not personally to me.

>>>I have the same problem, but the queued messages are all non
>>>delivery messages sent to hosts not on line or even to message that
>>>got a 550 user unknown.
>>You mean Bounces?
>
> more or less ... these are messages from spammers that send
> from inexistent addresses to inexinstent addresses ...


So these are bounces that can't be send out --> Frozen message;)

>>1a)  to prevent generating too much bounces you should enable sender
>>and
>>     receiver verification, this will remove MANY frozen messages too,

>
> receiver verification is hard ... at least i think, since there is a lot of
> forwarding, and deliver is prefix based (based on the first
> charachters of the username messages are sent to other
> machines, or to programs such the one i cite under 1b that accept
> for group of address ...)


With the use of verify = false you can exclude the some routers from the
verification, but, as the verification just ensures that some
director/router WILL catch the address after you accepted it.
So activating receiver-verify is a good idea usually.

> For sender: for various reason there are many legitimate messages
> thatb arrive with inexistent addresses [althought in this case i know
> exactly what are the hosts that can send me that].


Normal sender verification will just test for a legal domain.

>>     sent by spammers
>>1b) if you have a smaller system and can afford the overhead, think
>>     about adding a callout-check [*1]

>
> I did once, uning an external program (the mail for a certain
> address was sent back to the sender, adding a verification code,
> *he would have to reply to this new address that in turn would have
> put the message in the mailbox.
> It worked excellently, no spam arriving ... but a lot of people had
> complaint about it !


I meant exims sender-callout.


>>2)  Think about adding RBLs to stop more spam before it hits your
>>server 3a) exim3: look for auto_thaw, timeout_frozen_after,
>>     ignore_errmsg_errors and ignore_errmsg_errors_after.

>
> I tried once, but it stopped also legitimate messages.


I would enforce it, as long as you use good maintained RBLs and you get
mails from good system, there is no problem, if a legitimate mail is
bounced, the sending host has more problems than your mailserver.

>>3b) exim4: look for auto_thaw, timeout_frozen_after, and
>>     ignore_bounce_errors_after.

>
> I have set then ... and in effect now they disappears after 4 days ...
> that looks reasonable. The queue has been reduced to ine fifth of
> what was before !


;)
I think 4d is a good value.

> I will get more try to see if i can throw them away earlier (i do not
> want absolutely throw away legitimate messages !)


If you use ignore_bounce_errors_after it will not harm very much, as
these bounces are mostly (99%) generated because of spammers.

But if you want to be on the totaly secure side, use
move_frozen_messages and use some tools to investigate them (eXimon),
but you should do this at least on a daily base.

ciao