It seems like some of the spammers have changed tactics and are now sending messages with 98 or so bad RCPT addresses, which (happily) Exim detects. But now I’m getting a flood of messages in syslog, such as:
2023-05-28 00:24:39 REJECT [168.121.195.104]: bad recipient count high [9]
2023-05-28 00:24:39 H=([168.121.195.104]) [168.121.195.104] F=<70g3gpds9l3n8@???>
rejected RCPT <comercial@???>: Rejected for too many bad recipients
…many lines deleted…
2023-05-28 00:24:39 REJECT [168.121.195.104]: bad recipient count high [98]
2023-05-28 00:24:39 H=([168.121.195.104]) [168.121.195.104] F=<70g3gpds9l3n8@???> rejected RCPT <admin@???>: Rejected for too many bad recipients
I can easily change the configuration to make this happen silently, but I would like some visibility that this is happening, for example, in my daily logwatch output. Has anyone devised a way to cut down on the number of messages without eliminating them entirely?
-Jim
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
