In exim_panic log I am seeing this on a regular basis:
spam acl condition: error reading from spamd socket: Connection timed
out
Depending on the time of the day, and phase of the moon, it is happening
every between 8 mins and 15 mins.
In the data section of ACL (the last item is):
warn condition = ${if or{\
{eq
{${substr_0_6:$sender_host_address}}{161.74}}\
{>{$message_size}{30K}}\
}\
{0}{1}}
spam = exim
message = X-New-Subject: **SPAM** $h_Subject:
log_message = found spam score over treshold ($spam_score
($spam_bar
)) Sender=\'$sender_address\' Subject=$h_Subject
We are also using clamd to check for virus just before spamd
The Exim version is:
Exim version 4.60
SpamAssassin version is:
SpamAssassin Server version 3.2.5
running on Perl 5.8.3
with SSL support (IO::Socket::SSL 1.13)
with zlib support (Compress::Zlib 1.41)
spamd is run as follows:
/usr/bin/spamd -d -x -m 5 --max-conn-per-child=200 --timeout-tcp=30
--timeout-child=270 --socketpath=/var/run/spamd_socket -u exim -r
/var/run/spamd.pid
In the Exim config file, I have the following:
local_scan_timeout = 10m
receive_timeout = 0s
rfc1413_query_timeout = 1s
smtp_receive_timeout = 12m
Just to give you an example, this is what we are seeing on the exim
logs:
2009-02-19 13:22:46 1La8pa-0001yS-HX spam acl condition: error reading
from spamd socket: Connection timed out
exigrep 1La8pa-0001yS-HX exim_mainlog
2009-02-19 13:22:46 1La8pa-0001yS-HX spam acl condition: error reading
from spamd socket: Connection timed out
2009-02-19 13:22:46 1La8pa-0001yS-HX H=outmail002.ash1.tfbnw.net
(mx-out.facebook.com) [69.63.184.102] Warning: ACL "warn" statement
skipped: condition test deferred
2009-02-19 13:22:46 1La8pa-0001yS-HX <=
groupmaster+os_=f_ac@??? H=outmail002.ash1.tfbnw.net
(mx-out.facebook.com) [69.63.184.102] P=esmtp S=2295
id=0d660fa47a86360bf02344b1baa0b89a@??? T="Abdullah Al
Andalusi invited you to join the group \"The Fivefold Extremist\"..."
from <groupmaster+os_=f_ac@???> for
j.iqbal1@???
2009-02-19 13:22:48 1La8pa-0001yS-HX => w1102708@???
<j.iqbal1@???> R=route_internal_bydns
T=internal_smtp H=aspmx.l.google.com [74.125.79.27] C="250 2.0.0 OK
1235049768 10si3007491eyz.40"
2009-02-19 13:22:48 1La8pa-0001yS-HX Completed
I have seen this kind of message from other exim users, and I shall be
grateful if somebody can give me some idea of how to fix the problem.
I think we are allowing lot of spam messages through due to the fact
that it is not being checked.
Regards
Sujit Choudhury
University of Westminster
--
The University of Westminster is a charity and a company limited by
guarantee. Registration number: 977818 England. Registered Office:
309 Regent Street, London W1B 2UW, UK.
![M](../imgs/f.png "\\"Remorque\\" en 2009-02-19 14:52")
