Thanks to all who replied. I decided to make a summary of the replies as some of them were private.
On 8.X.2002 at 15:36 Anton Zinoviev wrote: > > 1. The spammers continue attempts to use lml.bas.bg as a relay. As a > result exim generates about 50Mb log files per hour. How I can > stop exim from logging messages like ".... refused relay to ..."? Reports to relevant ISPs can be made if there is only a small number of IP/netblocks. (Unfortunately this is not my case.) The local firewall can be used. Postfix is a good alternative of exim. > 2. It is possible that in the queues of exim there are still some > spams. How can I remove them? In order to look at the queue: exim -bp (the same as mailq) To look at the header, body of the waiting messages: exim -Mvh <serial> exim -Mvb <serial> To remove a message: exim -Mrm <serial> If there is a common pattern in the waiting spam, then use (something different can be used instead of the first line): mailq | grep <identifying item> | awk 'NF>=3 {print $3}' | xargs exim -Mrm To remove a message and send error message to the sender: exim -Mg <serial> To do the same with all waiting messages as normal messages usually are delivered immediately: cd /var/spool/exim/msglog; exim -Mg * After that command the contents of /var/spool/exim/{db,msglog,input} can be wiped as exim automaticaly recovers anything it needs. In order to avoid frozen messages I used `killall exim'. > 3. In the log-files of exim I have a huge list of e-mail addresses > of spammers (such as [EMAIL PROTECTED]). Can I do something > useful with them? No, they are random and have nothing with the spammers. > 4. It seams to me that spammers ought to pay ordb.org for their > service. A few years ago when I had similar problem ordb gave > me enough time to fix the problem. Why don't they do the same > now? As humans we can make mistakes. Ordb.org doesn't give their lists of relays to anyone, <http://ordb.org/faq/#zone_transfer>. Spammers have their own automated scans. Most of the servers in the base of Ordb.org are already abused open relays. Sincerely, Anton Zinoviev