Re: Remove mail in smarthost Exim queues sent from specific IP address
On Tue, Feb 13, 2007 at 12:48:52PM -0000, Dan Harris wrote:
> I work for an ISP and one of our customers has been reported to us for
> sending Unsolicited Bulk Email via our smarthosts, which run Exim4. We've
> disconnected the users DSL line so no more can be sent, but now we have the
> problem of removing several thousand UBEs from the outbound exim queues,
> when we only have a source IP address to go on. Is there an easy way to
> achieve this?
A combination of exipick or exiqgrep with exim -Mrm will probably do.
> Also while I'm on the subject, what is the current thinking on preventing
> this kind of abuse (accidental or otherwise)? We've looked into connection
> throttling based on the number of emails sent, but is there a better way?
Later exim versions have rather nice rate limiting options.
Additionally, most current worms can be avoided by ditching
authentication by IP address and instead requiring SMTP clients to
authenticate.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
Reply to: