I have finally watch what is bring down my smarthost-router which is exim
4.34 sa-exim (spamd) exiscan (clamd) box. I have about 4+ spammer that are
hitting it what 20 -30 email that contain about 100 BCC or CC each in them.
This has the nice effect of crashing spamd and then the entire box. I guess
spamd is not setup to handle that load even though don't use more then
20%-50% to scan it with spamd. Once before someone said I should check
users via either ldap or a file so that the smart-host doesn't pass
everything on do you have a example of how I can do this before it gets to
spamd.
Verify via a file with a list of users would be great:>
Main mail server inside is a exim 4.31 box exiscan (clamd)
Things I that I know I can't use
LDAP at this time (due to IT dept being understaffed for a LDAP switch over)
Verify =sender (this blocks way to many emails for us to use)
Helo checks (this blocks way to many emails for us to use)
Thank you
