[exim] Serious Problems .. over 100,000 messages in the queu…

Top Page
Delete this message
Reply to this message
Author: Andrew Rosolino
Date:  
To: exim-users
Subject: [exim] Serious Problems .. over 100,000 messages in the queue

For some reason our queue has over 100,000 e-mail messages in at and they are
as old as 48 days!!!
I have these variables set:
deliver_queue_load_max = 10
auto_thaw = 1d
ignore_bounce_errors_after = 2d
timeout_frozen_after = 2d

There is also a bigger problem.. most of those e-mails are all SPAM being
sent from our server =(.. we are being badly abused!!!

I have it set to delete SPAM messages and not deliver them but its not even
deleting it.. I am using SpamAssasin by the way.. here is some headers

Return-path: <nehpkbarnettsot@???>
Received: from host83-206-dynamic.6-87-r.retail.telecomitalia.it
([87.6.206.83] helo=pcpiero)
    by alpha2.shiftcode.com with esmtp (Exim 4.66)
    (envelope-from <nehpkbarnettsot@???>)
    id 1I15hM-0000EF-IO
    for admin@???; Wed, 20 Jun 2007 15:18:37 -0400
Received: from 67.28.113.14 (HELO mxvm3.mail.yahoo.com)
     by cashmakerclicks.com with esmtp (;+P/J4/36A=: (:H1)
     id R6,A-/-K(8G:0-L5
     for admin@???; Wed, 20 Jun 2007 19:18:36 -0100
Date:    Wed, 20 Jun 2007 19:18:36 -0100
From:    "Timmy Key" <nehpkbarnettsot@???>
X-Mailer: The Bat! (v3.71.14) Educational
X-Priority: 3 (Normal)
Message-ID: <943854241.15530397833888@???>
To: admin@???
Subject: Summer is almost here, be ready
MIME-Version: 1.0
Content-Type: multipart/alternative;
  boundary="----------DAD329AD3293293"
X-Spam: Not detected
X-Spam-Subject: ***SPAM*** Summer is almost here, be ready
X-Spam-Status: Yes, score=26.4
X-Spam-Score: 264
X-Spam-Bar: ++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system
"alpha2.shiftcode.com", has
    identified this incoming email as possible spam.  The original message
    has been attached to this so you can view it (if it isn't spam) or label
    similar future email.  If you have any questions, see
    the administrator of that system for details.
    Content preview:  Profit by your chance! – Anatrim – The up-to-the-moment
and
    most exciting product for weighty people is now available – As told on
Oprah
    Can you retain all the times when you plead to yourself to do any thing for
    being saved from this horrible number of lbs? Happily, now no major
sacrifice
    is demanded. With Anatrim, the ground-breaking, you can get healthier mode
    of life and a really slender figure. Notice what people say to us! [...] 
    Content analysis details:   (26.4 points, 10.0 required)
    pts rule name              description
    ---- ----------------------
--------------------------------------------------
    3.5 BAYES_99               BODY: Bayesian spam probability is 99 to 100%
    [score: 1.0000]
    4.3 RCVD_FORGED_WROTE2     RCVD_FORGED_WROTE2
    2.8 RCVD_BAD_ID            RCVD_BAD_ID
    2.5 RCVD_FORGED_WROTE      Forged 'Received' header found ('wrote:' spam)
    0.0 HS_INDEX_PARAM         URI: Link contains a common tracker pattern.
    0.0 HTML_MESSAGE           BODY: HTML included in message
    1.4 MIME_QP_LONG_LINE      RAW: Quoted-printable line longer than 76 chars
    1.9 URIBL_AB_SURBL         Contains an URL listed in the AB SURBL blocklist
    [URIs: promfore.com]
    1.5 URIBL_WS_SURBL         Contains an URL listed in the WS SURBL blocklist
    [URIs: promfore.com]
    1.5 URIBL_JP_SURBL         Contains an URL listed in the JP SURBL blocklist
    [URIs: promfore.com]
    1.5 URIBL_OB_SURBL         Contains an URL listed in the OB SURBL blocklist
    [URIs: promfore.com]
    0.5 URIBL_SC_SURBL         Contains an URL listed in the SC SURBL blocklist
    [URIs: promfore.com]
    1.1 URIBL_RHS_DOB          Contains an URI of a new domain (Day Old Bread)
    [URIs: promfore.com]
    0.9 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
    [87.6.206.83 listed in zen.spamhaus.org]
    0.9 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP
address
    [87.6.206.83 listed in dnsbl.sorbs.net]
    1.5 URIBL_SBL              Contains an URL listed in the SBL blocklist
    [URIs: promfore.com]
    0.1 RDNS_DYNAMIC           Delivered to trusted network by host with
    dynamic-looking rDNS
    0.5 DYN_RDNS_SHORT_HELO_HTML Sent by dynamic rDNS, short HELO, and HTML
X-Spam-Flag: YES


alpha2.shiftcode.com is our server.. how can we stop this from happening =(
--
View this message in context: http://www.nabble.com/Serious-Problems-..-over-100%2C000-messages-in-the-queue-tf4222242.html#a12011045
Sent from the Exim Users mailing list archive at Nabble.com.