email notification that exim failed after configuration change to stop ratware

mkecrash

Registered
Jan 28, 2015
1
0
1
cPanel Access Level
Root Administrator
I am methodically making changes to my exim configuration to fight spam. I have had a dramatic increase last year and I can find no simple solution to control it.

I am following the excellent tips from Building a Poor Man’s Barracuda – cPanel edition.

One suggestion is to turn on smtp_enforce_sync and stop spammers from using smtp pipelining. This sounds appealing because ratware ignores protocol rules.

In conjunction with this syncing I use a banner delay by adding accept delay = 15s to custom_begin_connect. Apparently, a good ham sender will follow proper protocol rules and wait.

This seems to work. I can find numerous sync error notifications in the exim fail log.

The problem is that for every sync error there seems to be a matching email message sent from chkservd notifying me that exim has failed because the a response of 220 was not returned from a status check.

The email reason is: Service check failed to completeexim-26: [554 != 220]

I have rolled back my changes because the repeated attempts to restart exim appear unnecessary. And instead of receiving spam messages I get these error messages filling up my inbox.

Does smtp_enforce_sync with banner delay work in cpanel?

Can I control chkservd to properly check on exim? I bet that it is not waiting long enough for a good response.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
I have rolled back my changes because the repeated attempts to restart exim appear unnecessary. And instead of receiving spam messages I get these error messages filling up my inbox.
Hello :)

You will likely need to disable monitoring for Exim via "WHM Home » Service Configuration » Service Manager" and use a third-party monitoring service if Chkservd is not compatible with your custom changes. It's not possible to increase the response time that Chkservd waits before determining if a service is down.

Thank you.