Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

exim + spam problem

Discussion in 'General Discussion' started by pphillips, Nov 17, 2004.

  1. pphillips

    pphillips Well-Known Member

    Joined:
    Nov 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    156
    I've searched these forums and found a lot of info about high load due to exim but nothing hit the button on the head. Here is my issue:

    2.4Ghz P4 server 1GB ram, only about 60 websites on it, none all that popular, except for 1 domain. One domain gets tens or hundreds of thousands of emails a day sent to random addresses (at his domain) and we have them set to :blackhole:, but maybe 500 a day go to real addresses and get caught by spam assassin. I'm pretty certain this is causing the high load. Exim crashes several times a day and auto-restarts and there are often dozens and dozens of exim processes running. I'm almost cetain this is causing the problem, but I dont know of a fix other than changing the MX record for that domain away. Anyway to completely ignore any bad email on this domain and prevent all this load? The load will often jump to 20+ and I dont feel comfortable with it being over 1.

    Thanks!!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,366
    Likes Received:
    6
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
  3. pphillips

    pphillips Well-Known Member

    Joined:
    Nov 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    156
    I tried a dictionary attack setup similar to this but it caused exim to fail. I'm not sure how much that would help, because the email is coming from different sources. It's as if all of these addresses made it to a spam cd and all the spammers are sending mail to it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. rvskin

    rvskin Well-Known Member
    PartnerNOC

    Joined:
    Feb 19, 2003
    Messages:
    400
    Likes Received:
    1
    Trophy Points:
    168
    You should consider to implement RBL, and HELO ACL at Exim.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. pphillips

    pphillips Well-Known Member

    Joined:
    Nov 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    156
    How do I do that? Do you know of any tutorials online?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. rvskin

    rvskin Well-Known Member
    PartnerNOC

    Joined:
    Feb 19, 2003
    Messages:
    400
    Likes Received:
    1
    Trophy Points:
    168
    Follow my signature you will find it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. WebVandals

    WebVandals Member

    Joined:
    Sep 8, 2003
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    151
    For anyone experiencing this, you can *dramatically* reduce your server load in cases like the one described above by changing your "spam magnet" domain's default address to :fail: and NOT :blackhole:.

    Details here:
    http://www.configserver.com/free/fail.html
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice