[bitfolk] Spam overwhelming my mail server

FYI: This isn't for my Bitfolk server, but one I have hosted elsewhere. My home server is unable to connect to my primary mail server currently: "421 Too many concurrent SMTP connections". This is due to spammers who are literally spamming my primary mail server so hard I can't send mail to it (9,472 spam messages rejected by my server so far today as at 15:10). I had similar issues towards the end of January: http://www.solutium.net/images/jan2014_spam_rejects.png I do have some basic rules in Exim to reject based on SMTP protocol violations (no stats on that unfortunately), but most of my spam rejection is based on Spamassassin processing the email. I have increased --max-children to 10, but am still getting "prefork: server reached --max-children setting, consider raising it" in the logs, but am now also getting other errors, e.g.: Feb 16 12:21:55 quartz spamd[4090]: check: exceeded time limit in Mail::SpamAssassin::Plugin::Check::_eval_tests_type11_prineg400_set3, skipping further tests Feb 16 12:21:56 quartz spamd[4119]: rules: failed to run BAYES_99 test, skipping: Feb 16 12:21:56 quartz spamd[4104]: rules: failed to run BAYES_99 test, skipping: Feb 16 12:21:56 quartz spamd[4104]: (__alarm__ignore__(10480) Feb 16 12:21:56 quartz spamd[4119]: (__alarm__ignore__(10493) and Feb 16 12:41:28 quartz spamd[4090]: Issuing rollback() due to DESTROY without explicit disconnect() of DBD::mysql::db handle sa_bayes:localhost at /usr/share/perl5/Mail/SpamAssassin/Plugin/Bayes.pm line 1516, <GEN4204> line 2. Can any one provide some hints for IPTables rules or Exim config to rate limit my SMTP ports without interfering too much with normal mail operations? Alternatively, any suggestions to help Spamassassin process quicker/better? On the Spamassassin side, I have shortcircuiting turned on (see below). The server has 4GB RAM (free output below). # free total used free shared buffers cached Mem: 4127104 3537512 589592 0 161452 2253820 -/+ buffers/cache: 1122240 3004864 Swap: 3903784 143636 3760148 # Some shortcircuiting, if the plugin is enabled # ifplugin Mail::SpamAssassin::Plugin::Shortcircuit # # default: strongly-whitelisted mails are *really* whitelisted now, if the # shortcircuiting plugin is active, causing early exit to save CPU load. # Uncomment to turn this on # shortcircuit USER_IN_WHITELIST on shortcircuit USER_IN_DEF_WHITELIST on shortcircuit USER_IN_ALL_SPAM_TO on shortcircuit SUBJECT_IN_WHITELIST on # the opposite; blacklisted mails can also save CPU # shortcircuit USER_IN_BLACKLIST on shortcircuit USER_IN_BLACKLIST_TO on shortcircuit SUBJECT_IN_BLACKLIST on # if you have taken the time to correctly specify your "trusted_networks", # this is another good way to save CPU # # shortcircuit ALL_TRUSTED on # and a well-trained bayes DB can save running rules, too # # shortcircuit BAYES_99 spam shortcircuit BAYES_00 ham Thanks Gavin