Re: [Exim] Blocking an a broken server

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim-Users (E-mail)
Subject: Re: [Exim] Blocking an a broken server
On Fri, 23 Apr 2004, Christopher Chaduka wrote:

> On Friday 23 April 2004 12:44, Ron McKeating wrote:
> > If you wanted to block all email from a broken exchange server that kept
> > sending out the same emails over and over again, but only a temporary
> > measure until it was fixed, what would be the quickest way to do it. I
> > have the helo name and the ip address.
>
> host_reject_connection      = x.x.x.x


With respect, that would not be my choice. Likelihood is they'd keep
hassling you (and cutting rejection reports in your log) for days (or
go off and hassle your secondary MX). You're better off responding to
the call, and hitting it over the head with 5xx at the opimal moment.

Without knowing just what the breakage is, it's hard to be sure what
that optimal moment is: but I'd start by trying what Chris said -
rejection at RCPT time.

In the unlikely event that doesn't produce the desired effect, then
firewalling would be my next option. Of course, by that point they'd
have lost any way to get a message to your postmaster to discuss the
problem.

If it's only a single message that's causing the problem, you could
catch its message-id in the DATA ACL and reject the repeat(s), without
affecting other traffic. You didn't say what kind of mail site this
was: friendly-but-broken, or hostile-and-broken.