Re: [Exim] connection refused

Top Page
Delete this message
Reply to this message
Author: John W. Baxter
Date:  
To: Exim users list
Subject: Re: [Exim] connection refused
There was a machine the other day trying MANY connections per second...so
much so that the act of rejecting on load average was keeping the load
average high enough to reject non-blessed hosts.

Its IP is now in the border firewall, listed in the attacker host (where
anything it tries gets blocked at the firewall). The border firewall
machines continue to loaf along. (After that attack, I don't much care
that the machine can't send mail to postmaster. The owner can use another
machine to do that if he cares.)

For hosts like that, Exim anything is too late to block...iptables is too
late if you have something fast "outside" that.

--John

On 9/12/2003 8:57, "Steve Lazaridis" <slaz@???> wrote:

> This is a multi-part message in MIME format.
> --
> [ Picked text/plain from multipart/alternative ]
> i keep getting error messages.. "connection refused: too many connections"
> meanwhile the server is totally bogged down.. by exim using all system
> resources..
>
> I've added blacklist support.. and it rejects alot of stuff.. but i still get
> bombarded with connection request..
>
> any ideas?
>
> any tips are appreciated