[Exim] Managing load with ACL verification?

Top Page
Delete this message
Reply to this message
Author: Dean Brooks
Date:  
To: exim-users
Subject: [Exim] Managing load with ACL verification?
Hi,

Question for the group (running Exim 4.10):

How do you manage system load when using ACL-time recipient verification?

In our current configuration, we dont do recipient verification. That
is, we simply accept the mail and either route immediately or place it
on the queue, based upon load average or max-connection throttles.
This works well because if the load average gets too high or we get
too many connections, we simply place items on the queue and deal with
them later, which usually brings the load back down.

We want to turn on recipient verification to avoid having to process
many of these spam messages that end up bouncing anyway.

However, if I turn on ACL-time recipient verification, I see now way
to control the load if we get bombarded with thousands of connections.
The load-average and connection throttles seem to only deal with placing
items on a queue *after* the ACLs are run.

In fact, the only way I can see to deal with this is to flat out reject
the connection if load is too high.

Question: Is there a way to tell in a "condition" statement that
queue_only is set? That is, could I make a condition statement in
the recipient verification ACL that *only* does the verify if
queue_only hasn't been triggered?

Thanks for any help - maybe I'm missing something...

Regards,

Dean Brooks
dean@???