Marc Sherman wrote:
> Tony Godshall wrote:
>
>>I asked this over on debian-user and got some response but
>>nothing specific. So I joined this list and perused its
>>archives. Interesting stuff but nothing close. Here
>>goes...
>
>
> For questions about Debian config files, you want to post to the Debian
> exim-users list, which is documented in
> /usr/share/doc/debian-base/README.debian.gz.
>
>
>>Symptom: tons of "Unroutable address" logs like this in my
>>/var/log/exim4/mainlog...
>>
Either you forward many messages, or your server is an open relay.
Normaly the "Unroutable address" only comes when the server til
forwarding/sending.
>>2005-11-22 12:34:53 H=adsl-63-195-120-242.dsl.snfc21.pacbell.net
>>(thesitefights.com) [63.195.120.242]
>>F=<connie.cisneros_qx@???> rejected RCPT <middleton@???>:
>>Unrouteable address
>
>
> There's nothing wrong; that's just Exim logging that it's doing the
> right thing with those bogus addresses.
>
>
>>iptables rule:
>>
>> #reject for 40 seconds each time we get a smtp_penalty_box hit
>> iptables -A INPUT \
>> -m recent --name smtp_penalty_box --rcheck --seconds 40 \
>> -j DROP
>
>
> That's really unnecessary. You're just blocking the spammer at a lower
> layer, when Exim is doing a perfectly adequate job itself. If you don't
> get this stuff right, you now have two things to debug, and for this
> home-rolled iptables blocking, no-one can help you debug it. As well,
> for the case where someone legitimately misspells an address on your
> server, they now get a mail server failure when they try to resend with
> the right address.
>
> However, if you really want to use it, ${run...} is the right way to do
> it, as Jakob said.
>
> - Marc
>
Instead of using iptables use the delay function in exim, the delays
answers to the connected ervers, also try adding RBLs
--
Venlig hilsen / Best regards
Lasse Birnbaum Jensen
