|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Attacked by spammers
|
On Wed, Aug 08, 2001 at 03:47:52AM -0400, Chuck Peters wrote:
> I think that I am missing something though, 2223 rejected spams over 7
> hours isn't all that much mail that it should have stopped the mail server
> 29 times.
How large are the messages?
Does the MTA hangup on invalid input, or just sit there continuously
issuing 5xx "invalid command" errors for all of the input (plausibly
MBs of it)?
Is this spam detected by some complicated parsing system or just
by relaying restrictions?
(There's precious little reason not to just close a socket as soon
as a relay restriction is triggered in an MTA, though most--including
both Sendmail and Postfix--do not by default.)
> Aug 7 22:55:55 mercury inetd[269]: smtp/tcp server failing (looping),
> service terminated
exim runs out of inetd? Yech.
Lots of reasons this could kill your mail delivery. Is inetd set up
to throttle connections for that daemon when there are too many
connects? (Probably...)
That particularly problem makes it look like inetd decided exim was
spinning out of control, though. What do exim's logs at that time
look like?
--
~ g r @ eclipsed.net
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|