first of all.. thanks for any input ahead.. :-)
ok, here is more detail about my configuration..
the machine is more than a mail server.. but i kill all other processes..
and exim still uses up all resources..
is there another way to prevent soo many connections.. from all those hosts?
i've recently added the "acl_smtp_connect" and that seems to have gotten rid
of the connection refused messages.. but the server is still bogged down..
and we're talking about a server with 2.0ghz quad xeon with 1gig ram
the server also runs cpanel as it's frontend...
some stuff from my exim.conf
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message
acl_smtp_connect = check_connect
check_connect:
deny message = rejected because $sender_host_address is \
in a black list at $dnslist_domain\n\
$dnslist_text
dnslists = blackholes.mail-abuse.org : relays.mail-abuse.org :
blacklist.tudelft.nl : \
proxies.relays.monkeys.com : relays.ordb.org : flowgoaway.com :
*.cluecentral.net : \
*.blackholes.us : *.nerd.dk : korea.services.net :vbl.mookystick.com :
\
bl.spamcop.net : sbl.spamhaus.org
accept
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
# rejects bogus email addresses.
deny local_parts = ^.*[@%!/|]
# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
{yes}{no}}
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{mailman-bounces\+.*}} \
{exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{mailman-bounces\+.*}} \
{exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
{yes}{no}}
require verify = sender
accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
accept condition = ${perl{checkrelayhost}{$sender_host_address}}
accept hosts = +auth_relay_hosts
endpass
message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication
turned on in your email client.
authenticated = *
deny message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication
turned on in your email client.
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
accept
>
> Steve Lazaridis said:
> > i keep getting error messages.. "connection refused: too many
connections"
> > meanwhile the server is totally bogged down.. by exim using all system
> > resources..
> >
> > I've added blacklist support.. and it rejects alot of stuff.. but i
still
> > get bombarded with connection request..
>
> Yep... provide more detail.
>
> There can a be a lot of different ways that a system can get bombarded.
>
> What I have to deal with may be quite different from what you have to deal
> with. Some of them might require a temporary solution, an extreame
> solution (router block) or simply changing where and how you have your ACL
> blocks setup.
>
> Also might be you have too many other things running on the same box...?
> is it a dedicated mail server?
>
> more detail needed.
>
> --
> Kevin
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at
http://www.exim.org/ ##
>
