Author: John W. Baxter Date: To: Exim users list Subject: Re: [Exim] connection refused
There was a machine the other day trying MANY connections per second...so
much so that the act of rejecting on load average was keeping the load
average high enough to reject non-blessed hosts.
Its IP is now in the border firewall, listed in the attacker host (where
anything it tries gets blocked at the firewall). The border firewall
machines continue to loaf along. (After that attack, I don't much care
that the machine can't send mail to postmaster. The owner can use another
machine to do that if he cares.)
For hosts like that, Exim anything is too late to block...iptables is too
late if you have something fast "outside" that.
--John
On 9/12/2003 8:57, "Steve Lazaridis" <slaz@???> wrote:
> This is a multi-part message in MIME format.
> --
> [ Picked text/plain from multipart/alternative ]
> i keep getting error messages.. "connection refused: too many connections"
> meanwhile the server is totally bogged down.. by exim using all system
> resources..
>
> I've added blacklist support.. and it rejects alot of stuff.. but i still get
> bombarded with connection request..
>
> any ideas?
>
> any tips are appreciated