Re: [exim] "no immediate delivery" vs. queuing

Top Page
Delete this message
Reply to this message
Author: Lena
Date:  
To: exim-users
Subject: Re: [exim] "no immediate delivery" vs. queuing
> From: Yves Goergen

> Recently somebody misused one of the accounts on my mail server to send
> out large amounts of spam. Reading the logs, it came all from a single
> IP address, in a single SMTP connection.
>
> I found the following log line:
>
> no immediate delivery: more than 10 messages received in one connection


> The queue had over 300,000 files when I had to apply some black magic to
> delete it completely.


If you had used https://github.com/Exim/exim/wiki/BlockCracking ,
less than hundred spam messages would have been queued,
then abused username+password would have been automatically disabled,
next spams not accepted.

> The user's inbox had over 20,000 error messages


It'd have 100 error messages (or less if multiple recipients per spam message).

> I don't want to
> face that situation ever again even if an account is misused.


Did you hear of the page linked above?
What do you think should be done for its promotion?