Tony Godshall wrote:
>
> I asked this over on debian-user and got some response but
> nothing specific. So I joined this list and perused its
> archives. Interesting stuff but nothing close. Here
> goes...
For questions about Debian config files, you want to post to the Debian
exim-users list, which is documented in
/usr/share/doc/debian-base/README.debian.gz.
> Symptom: tons of "Unroutable address" logs like this in my
> /var/log/exim4/mainlog...
>
> 2005-11-22 12:34:53 H=adsl-63-195-120-242.dsl.snfc21.pacbell.net
> (thesitefights.com) [63.195.120.242]
> F=<connie.cisneros_qx@???> rejected RCPT <middleton@???>:
> Unrouteable address
There's nothing wrong; that's just Exim logging that it's doing the
right thing with those bogus addresses.
> iptables rule:
>
> #reject for 40 seconds each time we get a smtp_penalty_box hit
> iptables -A INPUT \
> -m recent --name smtp_penalty_box --rcheck --seconds 40 \
> -j DROP
That's really unnecessary. You're just blocking the spammer at a lower
layer, when Exim is doing a perfectly adequate job itself. If you don't
get this stuff right, you now have two things to debug, and for this
home-rolled iptables blocking, no-one can help you debug it. As well,
for the case where someone legitimately misspells an address on your
server, they now get a mail server failure when they try to resend with
the right address.
However, if you really want to use it, ${run...} is the right way to do
it, as Jakob said.
- Marc
