----- Original Message -----
From: "Bob Tanner" <tanner@???>
To: <exim-users@???>
Sent: Wednesday, October 29, 2003 8:47 PM
Subject: [Exim] Connection throttling?
> Is there a way to throttle the number of connections an IP address makes to
> exim _while_ always allowing a subset of IPs to connect?
>
> The problem I have is my secondary MX hosts are being pounded by the
spammers,
> so I turned down my smtp_accept_max and smtp_accept_max_per_host.
>
> Now my logs show
>
> 2003-10-29 19:53:35 Connection from <legit IP> refused: too many connections
>
> I'd like to throttle the number of connection for all IPs, but always allow
> connections from a subset of known IP blocks to get through.
>
> --
> Bob Tanner <tanner@???> | Phone : (952)943-8700
> http://www.mn-linux.org, Minnesota, Linux | Fax : (952)943-8500
> Key fingerprint = AB15 0BDF BCDE 4369 5B42 1973 7CF1 A709 2CC1 B288
>
>
You could do this with iptables (firewall), using an "accept" rule for the
desirable IP blocks, followed by a "rate limit" rule for all other IPs, for
TCP SYN packets to port 25.
I will not be even a little surprised to find out Exim already has some way to
handle this; but, I am not expert enough there to help.
Regards,
Jim Roberts
Punster Productions, Inc.