[exim] SMTP temporary refusal, caveats?

Top Page
Delete this message
Reply to this message
Author: Jethro R Binks
Date:  
To: exim-users
Subject: [exim] SMTP temporary refusal, caveats?
Hello,

Our MX servers were state of the art one day, but with spam levels rising
inexorably, there have been times where they have struggled to cope,
resulting in mail queues. They are mainly CPU-bound.

For a while I had the following setting, set rather arbitrarily in the
past to something high, and subsequently rather neglected:

smtp_load_reserve = 40

The servers were getting bogged down well before reaching this load
average however, so I lately changed it:

smtp_load_reserve = 10

This results in us temporarily refusing to accept connections when the
load is above 10 (which happens when things get busier).

I also have a setting for smtp_reserve_hosts to give preferential service
to more trusted parties.

A benefit of this is that when the machines are busier (probably having
received a flurry of spam), we temporarily shed off connections, including
those likely to be from spammers. Using the greylisting theory, the SMTP
engines from the spammers won't return for another go, so not only have I
deferred accepting mail to let this host cope with what it already has to
hand, I have probably also stopped some spam from arriving at all, now or
later. A double win, maybe ...

Here's the crunch: I have a question relating to all this; should I take
similar precautions as I would if implementing greylisting, in particular,
use of the puremagic whitelist, to avoid penalising legitimate MTAs that
don't behave properly? We do of course have other MXs they could try, or
they can retry the same one later when it might be more amenable to accept
mail. Should I worry about it, or just accept that if they can't play the
rules right then I don't want to receive mail from them? (I haven't had a
complaint of lost mail yet, but it has only been a few days and a
weekend).

One thing I have noticed is that as a result of this, the volume of mail
accepted, in terms of number of messages, has gone down a little bit,
maybe 5-10%, but the volume in terms of message size has been slashed by
about 75%. I wonder if I can attribute this to the loss of lots of
image-spam ...

Any comments welcome, positive or negative. I feel this change was too
easy, and something might bite.

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK