Re: [Exim] Offer some exim advice?

Top Page
Delete this message
Reply to this message
Author: Suresh Ramasubramanian
Date:  
To: konrad, Brett Thorson
CC: exim-users
Subject: Re: [Exim] Offer some exim advice?
At 04:21 PM 2/13/2003 +0000, Konrad Michels wrote:
>I'd personally put an al-cheapo box in front of the exim machine running
>iptables and with a default INPUT chain policy of DROP, and then use
>port-forwarding to pass port 25 connections on to the exim box on a
>reserved IP address. This I tend to find takes a lot of work off the
>mail server itself and lets it use CPU cycles for something more
>constructive than dropping packets from skidiots who have nothing better
>to do than run port scanners!


You need a few other ports (dns, ident etc). At any rate, you need to
explicitly reject connections to (say) IDENT, rather than dropping
packets. That way, you are looking at guaranteed 30s delays ...

         srs