FYI: This isn't for my Bitfolk server, but one I have hosted elsewhere.
My home server is unable to connect to my primary mail server currently:
"421 Too many concurrent SMTP connections".
This is due to spammers who are literally spamming my primary mail
server so hard I can't send mail to it (9,472 spam messages rejected by
my server so far today as at 15:10). I had similar issues towards the
end of January:
http://www.solutium.net/images/jan2014_spam_rejects.png
I do have some basic rules in Exim to reject based on SMTP protocol
violations (no stats on that unfortunately), but most of my spam
rejection is based on Spamassassin processing the email. I have
increased --max-children to 10, but am still getting "prefork: server
reached --max-children setting, consider raising it" in the logs, but am
now also getting other errors, e.g.:
Feb 16 12:21:55 quartz spamd[4090]: check: exceeded time limit in Mail::SpamAssassin::Plugin::Check::_eval_tests_type11_prineg400_set3, skipping further tests
Feb 16 12:21:56 quartz spamd[4119]: rules: failed to run BAYES_99 test, skipping:
Feb 16 12:21:56 quartz spamd[4104]: rules: failed to run BAYES_99 test, skipping:
Feb 16 12:21:56 quartz spamd[4104]: (__alarm__ignore__(10480)
Feb 16 12:21:56 quartz spamd[4119]: (__alarm__ignore__(10493)
and
Feb 16 12:41:28 quartz spamd[4090]: Issuing rollback() due to DESTROY without explicit disconnect() of DBD::mysql::db handle sa_bayes:localhost at /usr/share/perl5/Mail/SpamAssassin/Plugin/Bayes.pm line 1516, <GEN4204> line 2.
Can any one provide some hints for IPTables rules or Exim config to rate
limit my SMTP ports without interfering too much with normal mail
operations? Alternatively, any suggestions to help Spamassassin process
quicker/better?
On the Spamassassin side, I have shortcircuiting turned on (see below).
The server has 4GB RAM (free output below).
# free
total used free shared buffers cached
Mem: 4127104 3537512 589592 0 161452 2253820
-/+ buffers/cache: 1122240 3004864
Swap: 3903784 143636 3760148
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
shortcircuit USER_IN_WHITELIST on
shortcircuit USER_IN_DEF_WHITELIST on
shortcircuit USER_IN_ALL_SPAM_TO on
shortcircuit SUBJECT_IN_WHITELIST on
# the opposite; blacklisted mails can also save CPU
#
shortcircuit USER_IN_BLACKLIST on
shortcircuit USER_IN_BLACKLIST_TO on
shortcircuit SUBJECT_IN_BLACKLIST on
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on
# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99 spam
shortcircuit BAYES_00 ham
Thanks
Gavin
.%20%20I%20had%20similar%20issues%20towards%20the%0A>%20end%20of%20January:%20http://www.solutium.net/images/jan2014_spam_rejects.png%0A>%20%0A>%20I%20do%20have%20some%20basic%20rules%20in%20Exim%20to%20reject%20based%20on%20SMTP%20protocol%0A>%20violations%20(no%20stats%20on%20that%20unfortunately),%20but%20most%20of%20my%20spam%0A>%20rejection%20is%20based%20on%20Spamassassin%20processing%20the%20email.%20%20I%20have%0A>%20increased%20--max-children%20to%2010,%20but%20am%20still%20getting%20%22prefork:%20server%0A>%20reached%20--max-children%20setting,%20consider%20raising%20it%22%20in%20the%20logs,%20but%20am%0A>%20now%20also%20getting%20other%20errors,%20e.g.:%0A>%20%0A>%20Feb%2016%2012:21:55%20quartz%20spamd%5B4090%5D:%20check:%20exceeded%20time%20limit%20in%20Mail::SpamAssassin::Plugin::Check::_eval_tests_type11_prineg400_set3,%20skipping%20further%20tests%0A>%20Feb%2016%2012:21:56%20quartz%20spamd%5B4119%5D:%20rules:%20failed%20to%20run%20BAYES_99%20test,%20skipping:%0A>%20Feb%2016%2012:21:56%20quartz%20spamd%5B4104%5D:%20rules:%20failed%20to%20run%20BAYES_99%20test,%20skipping:%0A>%20Feb%2016%2012:21:56%20quartz%20spamd%5B4104%5D:%20%20(__alarm__ignore__(10480)%0A>%20Feb%2016%2012:21:56%20quartz%20spamd%5B4119%5D:%20%20(__alarm__ignore__(10493)%0A>%20%0A>%20and%0A>%20%0A>%20Feb%2016%2012:41:28%20quartz%20spamd%5B4090%5D:%20Issuing%20rollback()%20due%20to%20DESTROY%20without%20explicit%20disconnect()%20of%20DBD::mysql::db%20handle%20sa_bayes:localhost%20at%20/usr/share/perl5/Mail/SpamAssassin/Plugin/Bayes.pm%20line%201516,%20<GEN4204>%20line%202.%0A>%20%0A>%20%0A>%20Can%20any%20one%20provide%20some%20hints%20for%20IPTables%20rules%20or%20Exim%20config%20to%20rate%0A>%20limit%20my%20SMTP%20ports%20without%20interfering%20too%20much%20with%20normal%20mail%0A>%20operations?%20%20Alternatively,%20any%20suggestions%20to%20help%20Spamassassin%20process%0A>%20quicker/better?%0A>%20%0A>%20On%20the%20Spamassassin%20side,%20I%20have%20shortcircuiting%20turned%20on%20(see%20below).%20%0A>%20The%20server%20has%204GB%20RAM%20(free%20output%20below).%0A>%20%0A>%20%0A>%20%0A>%20%0A>%20%0A>%20%0A>%20Thanks%0A>%20%0A>%20Gavin%0A>%20%0A>%20%0A>%20 "Reply to this message")
