Hi folks,
I'm afraid I need some help with this, google and the docs couldn't help me here. I try to get rid of spam as early as possible in smtp-time. I therefore drop all mails with foreign domains right away, they are spam anyway:
(this is debian config)
acl_check_rcpt:
accept
hosts = :
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS
deny
domains = +local_domains
local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
message = restricted characters in address
.endif
drop
message = relay not permitted
!domains = +local_domains : +relay_to_domains
But instead of dropping the connection and deleting the remains, exim stores all those spammails as "frozen"
.
.
.
1m 4.2K 1KrCLe-00023r-VL <> *** frozen ***
1m 7.5K 1KrCLf-00023s-0H <> *** frozen ***
1m 7.5K 1KrCLm-000243-JW <> *** frozen ***
1m 3.8K 1KrCLy-00024E-CV <> *** frozen ***
0m 7.7K 1KrCMN-00024n-TP <> *** frozen ***
0m 7.9K 1KrCMc-00024x-4Z <> *** frozen ***
0m 3.9K 1KrCMm-000259-NC <> *** frozen ***
net-gw2:/home/admin# exim4 -v -M 1KrCLe-00023r-VL
delivering 1KrCLe-00023r-VL
LOG: MAIN
Unfrozen by forced delivery
LOG: MAIN
** sandmacu@???: Unrouteable address
LOG: MAIN
Frozen (delivery error message)
Is this normal behavior? I'd prefer that exim simply right away deletes those messages/ doesn't store them at all.
Is there anything I can do to accomplish this?
I currently set timeout for frozen mails to 2 minutes, which keeps the input spool clean, but to me this seems to be no good solution. If some strange network error occurs, ham might be among the frozen messages...
Btw, we do keep an eye on the number of spammails rejected, to see if some scanning for correct adresses takes place. So no concerns about that ;)
Thanks in advance for any idea of a better solution,
Anja