bandwidth.tally 15 GB in size
- Thread starter urbee
- Start date
zEitEr
Super Moderator
Hello,
How is possible what? Did you try to see the content of the file?
How is possible what? Did you try to see the content of the file?
zEitEr
Super Moderator
To answer the question somebody should examine your bandwith.tally to make sure, that it is not broken and contains valid and actual data.
This is what was in:
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550260&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550260&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550261&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550262&path=/root
Ofcourse domain.si is replaced from the actual domain. And there are multiple different IP addresses. It seems like some attack. Now the file was 5.9 gb in size.
Is it possible to disable bandwith logs for all customers? Or somehow prevent this. It seems a legit log just someone abusing/attacking us and making it huge.
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550260&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550260&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550261&path=/root
1669=type=email&[email protected]&method=outgoing&id=1SzawN-0005jK-Pj&[email protected]&sender_host_address=113.118.13.187&log_time=1344550262&path=/root
Ofcourse domain.si is replaced from the actual domain. And there are multiple different IP addresses. It seems like some attack. Now the file was 5.9 gb in size.
Is it possible to disable bandwith logs for all customers? Or somehow prevent this. It seems a legit log just someone abusing/attacking us and making it huge.
zEitEr
Super Moderator
Hmm, I guess it's possible to disable counting in exim.pl (see sub log_email section in /etc/exim.pl). But why? You might need to tune your exim.conf and stop abusing of your mail server in order to prevent it in future.