Re: [exim] Refused: too many connections from that IP addres…

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Refused: too many connections from that IP address
Luca Bertoncello wrote:
> Hi, list!
>
> Today I notice that my Exim refused many connection from my PC
> (AUTHENTICATED!) with the error:
>
> Connection from [X.Y.Z.K] refused: too many connections from that IP
> address
>
> Normally I would say, it is normal to refuse the connection coming from the
> same IP that sends too many E-Mails, but it was Nagios to send these E-Mails,
> and I need to have these E-Mails delivered...
>
> I couldn't find any restriction for the authenticated users. I just have this
> rule in acl_check_helo:
>
>   defer   message         = Sender rate exceeds $sender_rate_limit messages
>   per $sender_rate_period
>           ratelimit       = 1000 / 1h / per_conn / leaky / $sender_host_address

>
> So, how can I have a rate limit for NON authenticated E-Mails, but no
> restriction for the authenticated ones?
>
> Thanks a lot!
> Luca Bertoncello
> (lucabert@???)
>


*presuming* you authenticate in the conventional place:

Add a negated conditional:

defer
   !condition = ${if eq{$interface_port}{587}}
   message    = Sender rate exceeds $sender_rate_limit messages per \
              $sender_rate_period
   ratelimit  = 1000 / 1h / per_conn / leaky / $sender_host_address



ELSE:

defer
   condition = ${if eq{$interface_port}{25}}
   message    = Sender rate exceeds $sender_rate_limit messages per \
              $sender_rate_period
   ratelimit  = 1000 / 1h / per_conn / leaky / $sender_host_address



IF that is in fact the cause of the limit - which it may not be...

Check the settings for 'smtp_accept_max' and friends as well.

smtp_accept_max_per_host is a possible suspect.

HTH,

Bill