Thanks for the response. The dc_accept_relay should've been dc_host_accept_relay, I should've taken that out, thanks for pointing to it.
Here's a snippet from my /var/log/exim4/mainlog, the paniclog and reject log are empty. As you can see there are all kinds of different addresses from arbitrary traffic going to arbitrary domains. Mostly it gets denied, but sometimes it succeeds with a 'Completed' message, but what I want is for it to not try at all! I would've thought that I shouldn't be seeing any of this stuff. <LOG-SNIPPET> 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H <= <> R=1FrfGX-0002bI-3K U=Debian-exim P=local S=2482 2006-06-26 22:14:46 1FrfGX-0002bI-3K Completed 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H ** [EMAIL PROTECTED] <[EMAIL PROTECTED]> R=dnslookup T=remote_smtp: retry time not reached for any host after a long failure period 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H Frozen (delivery error message) 2006-06-26 22:14:47 1FrfX0-0003LM-4v => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=cluster6.us.messagelabs.com [216.82.249.195] X=TLS-1.0:RSA_AES_256_CBC_SHA1:32 2006-06-26 22:14:47 1FrfX0-0003LM-4v Completed 2006-06-26 22:14:47 1FrfEe-0002Z2-BA a.mx0.gatewaydefender.com [209.153.138.190] Connection timed out 2006-06-26 22:14:50 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED]: an MX or SRV record indicated no SMTP service 2006-06-26 22:14:51 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=wppim001.aexp.com [193.32.34.92] X=TLS-1.0:RSA_AES_256_CBC_SHA1:32 2006-06-26 22:14:51 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: host mailhub-new.vianetworks.nl [212.61.15.154]: 554 Service unavailable; Client host [24.68.130.247] blocked using safe.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?24.68.130.247 2006-06-26 22:14:53 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: host mx10.uni.net [217.72.103.201]: 550 5.1.1 <[EMAIL PROTECTED]> User unknown; rejecting 2006-06-26 22:14:54 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=mail.atriniti.com [68.15.40.154] 2006-06-26 22:14:55 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after MAIL FROM:<[EMAIL PROTECTED]> SIZE=2513: host mx2.earthlink.net [209.86.93.227]: 550 Dynamic IPs/open relays blocked. Contact <[EMAIL PROTECTED]>. 2006-06-26 22:14:56 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: host URO.COM.INBOUND15.MXLOGIC.NET [208.65.145.3]: 550 Recipient unknown 2006-06-26 22:14:57 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=mx4.hotmail.com [65.54.245.104] 2006-06-26 22:14:58 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after initial connection: host mailin-02.mx.netscape.net [205.188.158.57]: 554- (RTR:BB) http://postmaster.info.aol.com/errors/554rtrbb.html\n554 Connecting IP: 24.68.130.247 2006-06-26 22:14:58 1FrfWq-0003L8-M0 == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (-44): SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: host mailwash16.pair.com [66.39.2.16]: 450 <[EMAIL PROTECTED]>: Recipient address rejected: Service temporarily unavailable 2006-06-26 22:15:02 1FrfWS-0003Lu-HQ => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=msa-mx2.hinet.net [168.95.5.113] 2006-06-26 22:15:02 1FrfWS-0003Lu-HQ Completed 2006-06-26 22:15:04 1FrfWK-0003LL-Hx ** [EMAIL PROTECTED] R=dnslookup T=remote_smtp: SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: host mx3.nownuri.net [203.238.128.89]: 550 5.1.1 k2000 Unknown User </LOG-SNIPPET> When you say obfuscated, are you referring to the configuration in general or specific components? Many thanks, Dustin ----- Original Message ----- From: Marc Haber <[EMAIL PROTECTED]> Date: Tuesday, June 27, 2006 2:17 am Subject: Re: [exim] Stopping arbitrary traffic > On Mon, 26 Jun 2006 22:13:33 -0700, Dustin Nicholas Jenkins > <[EMAIL PROTECTED]> wrote: > >I'm running kernel 2.6.17.1 with exim4 as my internet site SMTP > >configuration. I've done all the options as described by the site > to > >stop arbitrary traffic from using my site, but the logs still show > all > >kinds of stuff coming through. > > Please show logs. > > >dc_accept_relay='192.168.1.0/24' > > What's that? > > Your configuration looks - obfuscated - but fine. Please tell us more > about your problem. > > Greetings > Marc > > -- > -------------------------------------- !! No courtesy copies, > please !! ----- > Marc Haber | " Questions are the | Mailadresse im > HeaderMannheim, Germany | Beginning of Wisdom " | > http://www.zugschlus.de/Nordisch by Nature | Lt. Worf, TNG > "Rightful Heir" | Fon: *49 621 72739834 > > -- > ## List details at http://www.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://www.exim.org/eximwiki/ > -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
