Exim 4.60 & SpamAssassin 3.1.0 Problems

M

modem

Verified User
Joined
Apr 7, 2004
Messages
364
This past weekend I did an update from Exim 4.54 to Exim 4.60 as well as updating from SpamAssassin 3.0.4 to 3.1.0. After doing this I've noticed that several emails a day are getting stuck in Exim and being "Frozen". I check this by using WebMin with the Exim module so that I can view what is going on in the Exim Queue. Several of these messages have been frozen for a few days, some a few hours. I can manually remove them and come back later and more are there. It appears that these are spam messages getting frozen vs legitimate ones.

Anyone have any ideas??
 
Ideas as to what? I don't see a question.

Have you done any research to see what a "Frozen" email is and what it means?

You can learn a lot with google.

For example, I found this great post. Even though it's on a debian forum, it's got some good information, and perhaps even the answer to what might be your question.
:)

Jeff
 
Actually the issue at hand is that when I upgraded to Exim 4.60 from 4.53 it ran for a few days then started producing the BSMTP / 421 lost connection errors. I had also updated to SA 3.1.0 from 3.0.4. The thing was a day after updating SA I started getting *ALOT* of complaints from clients about weird and intermittent 421 errors.

I think what I was asking in that jumbled garb above is what in the world would cause that. Even with the inundated amount of Frozen messages that started appearing their date/timestamps were off (emails listed coming from 1911), it was still more amounts of frozen messages that I had ever had at any given time before. I wasn't sure what was causing all of this to happen.

After doing more reading and researching it appears I've fallen victim to the BSMTP error others was having. I wrote you a private message regarding a series of posts you made in Sept 05 regarding this. Please respond back to me if you get that PM.
 
I received the private message. I can't take the time to respond to private messages, especially those requiring research, unless you want to become a client :D .

I'm willing to help everyone on these forums as time and resources permit, and you get the additional benefits of other people helping as well; I'm certianly not the only knowledgeable person on these forums :) .

On our own servers, we've never taken the time to resolve the bsmtp error issue; perhaps someone else has.

We generally run SpamBlocker instead of SpamAssassin.

Jeff
 
Just a note to pass along your way, I got Exim 4.60 installed along with making the nessecary changes in the exim.conf file to enable spamblocker (changing example.com to my domain, updating the whitelist & blacklist files which are empty for me). However I'm still averaging about 3-4 emails per hour that are spam. I went back and disabled spamassassing 3.1.0 with 5 child processes and exim no longer has that problem. So it definately does appear to be related directly to spam assassin, or how Exim accesses it...?
 
Presumably you added your domain(s) to /etc/virtual/use_rbl_domains.

Three to four spam emails an hour are nothing.

Did you check your /var/log/exim/rejectlog to see how many emails SpamBlocker is blocking?

Jeff
 
This is a sample from the logfile that is 10.7MB in size. It's all mail being sent to non-exsistant addresses. I didn't see anything there listing it as being blocked from SpamBlocker, but I assume that is SpamBlocker doing it's job?

2005-12-31 14:32:31 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:31 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:31 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:32 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:32 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:32 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
2005-12-31 14:32:32 H=pcp0010368457pcs.woodln01.md.comcast.net [69.139.238.89] F=<[email protected]> rejected RCPT <[email protected]>:
 
I suppose SpamBlocker can take the credit for blocking emails being sent to nonexistent addresses, because the original DA exim.conf file, before I wrote SpamBlocker, accepted such emails, and then tried to return them.

But the main effect of SpamBlocker is to block based on blocklists.

Do you have domains listed in /etc/virtual/use_rbl_domains?

Can you post the top five lines (yes, comments) from your /etc/exim.conf file so I can see what version you're using?

Thanks.

Jeff
 
Currently I have no domains listed in the black or whitelist files. That is due to me just now paying more attention to your SpamBlocker code vs just totally relying on SpamAssassin. Actually I was going to ask you that in a followup question was whether Exim actually wrote the domains it blocked to those files or do I have to manually (or through the use of a script) add blocked/allowed domains to those files?

Here is the first several lines of my Exim.conf file:

######################################################################
# SpamBlocker.exim.conf.2.0-release #
# Runtime configuration file for DirectAdmin/Exim 4.24 and above #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ########
# WARNING! Be sure to back up your previous exim.conf file before #
# attempting to use this exim.conf file. #
# #
 
You're using the most current file. That's good :) .

You still haven't answered my question, but I'll answer yours:

SpamBlocker writes nothing to whitelist or blocklist files. Those are local files you maintain yourself either through the root login or the SpamBlocker Plugin.

The blocklists installed into SpamBlocker are dynamic lists (some more dynamic than others) maintained at no small expense by dedicated anti-spam volunteers. There's no reason to duplicate them on your own server.

Now can you answer my question:

Do you have anything in /etc/virtual/use_rbl_domains?

Jeff
 
Whoops, I forgot that after reading it. That file is empty, just like the others I manually created.
 
Fill it, if you want to manually maintain a list of domains using the blocklists.

Or if you want everyone to use the blocklists, just delete it and link it to /etc/virtual/domains.

Jeff
 
Thanks. I thought that file actually took care of that automatically blocking for all the domains.
 
jlasman said:

On our own servers, we've never taken the time to resolve the bsmtp error issue; perhaps someone else has.
Jeff
Click to expand...

Well, since the Exim implementation into DirectAdmin was created and maintained by DirectAdmin, and the Exim.conf file DA uses was written/modified by yourself.... I'm kind of surprised you're not willing to share with the rest of us what that resolution was.

Clearly DA and Jeff Lasman are both, in parts, responsible for the Exim subsystem within DA - keeping information like this to yourself is tatamount to "haha I fixed it but I'm not telling you" which is quite unbecoming. The concept of forums is to share information, not exhibit superiority.
 
hostpc.com said:
Well, since the Exim implementation into DirectAdmin was created and maintained by DirectAdmin, and the Exim.conf file DA uses was written/modified by yourself.... I'm kind of surprised you're not willing to share with the rest of us what that resolution was.

Clearly DA and Jeff Lasman are both, in parts, responsible for the Exim subsystem within DA - keeping information like this to yourself is tatamount to "haha I fixed it but I'm not telling you" which is quite unbecoming. The concept of forums is to share information, not exhibit superiority.
Click to expand...

Very Good Point!!!!
 
hostpc.com said:
Well, since the Exim implementation into DirectAdmin was created and maintained by DirectAdmin, and the Exim.conf file DA uses was written/modified by yourself.... I'm kind of surprised you're not willing to share with the rest of us what that resolution was.
Click to expand...
Where do you see that I resolved the issue? In two posts to this thread I wrote that I have not resolved the issue. Except by turning of SpamAssassin.

I'm trying to resolve the issue with a complete rewrite of the exim.conf file, but I haven't really gotten any constructive help from the exim-users group and I'm pretty much on my own.

I'll post it as soon as I know it's working, and I'll happily give it to anyone who wants to test it in advance, since I don't believe in SpamAssassin.

If you read the exim-users list and other lists you'll find that this really appears to be a SpamAssassin problem.
Clearly DA and Jeff Lasman are both, in parts, responsible for the Exim subsystem within DA - keeping information like this to yourself is tatamount to "haha I fixed it but I'm not telling you" which is quite unbecoming.
Click to expand...
Simply not true. Where did I say I have a resolution but I'm not sharing it?
The concept of forums is to share information, not exhibit superiority.
Click to expand...
And where did I do that?

Jeff
 
Originally posted by Charles2
Very Good Point!!!!
Click to expand...
Well it might have been a good point if it were based on a true assumption.

I haven't seen where anywhere I said I'd resolved the issue, and I have NOT resolved the issue.

Nor has anyone else on the exim-users list been able to resolve the issue.

Most posts are saying it's because SpamAssassin is overloaded. Some have gone so far as to say that anyone using SpamAssassin should be using blocklists to get rid of most of the spam first.

Which is exactly what I've been saying since I first wrote exim.conf.

Jeff
 
You must log in or register to reply here.
Back
Top