On Mon, Dec 11, 2006 at 02:40:15PM +0000, Tim Jackson wrote:
> Johann Spies wrote:
>
> > $ grep "1GtlXi-00052O-5W demime acl condition" -c /var/log/exim4/mainlog
> > 2560
> > And on another server:
> > $ $ grep -c "1GtlJE-0004Xq-OP demime acl condition" /var/log/exim4/mainlog
> > 2326
> >
> > What is causing this? This type of log-entry has cause an hourly
> > logfile to grow to 650Mb (normally about 2-3 Mb).
>
> Sounds like you are being mailbombed with malformed spam.
Thanks for your answer, Tim.
You were correct, but the the problem was not the number of spam, but
that it caused so many lines in the log. Why would exim log 2500 lines
for a single message? Or did the malformed spam cause the message in
the acl_check_data-section to jump to and from the external scanner a
lot of times?
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"For thou art my hope, O Lord GOD; thou art my trust
from my youth." Psalms 71:5