Hi all, Without warning, my exim mailserver ( Linux.bushnet.net) started showing lots of 'connection refused' in the logs. This is for a a wide range of domains for both incoming mail and outgoing. Strangely, the affected mails are relayed without a problem after awhile -- at inconsistent intervals. This has led to massive delays in mails both incoming and outgoing. Have checked to see if the server might be blacklisted but it is not - at least not by the main blacklist. Below is an example of my mainlog..
# /usr/exim/bin/exim -bV Exim version 4.63 #1 built 22-Sep-2006 12:23:54 Copyright (c) University of Cambridge 2006 Berkeley DB: Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001) Support for: crypteq iconv() OpenSSL Content_Scanning Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz Authenticators: cram_md5 plaintext Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir autoreply pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /usr/exim/configure ############# # exigrep -l 1GZL0U-0006VR-9U /var/log/exim/mainlog 2006-10-16 08:27:24 cwd=/var/spool/exim 3 args: /usr/exim/bin/exim -Mc 1GZL0U-0006VR-9U 2006-10-16 09:15:19 cwd=/var/spool/exim 9 args: /usr/exim/bin/exim -MCS -MCP -MC remote_smtp mx1.mail.ukl.yahoo.com 195.50.106.7 11 1GZL0U-0006VR-9U +++ 1GZL0U-0006VR-9U not completed +++ 2006-10-16 08:27:22 1GZL0U-0006VR-9U PD5 checking message for malware 2006-10-16 08:27:24 1GZL0U-0006VR-9U PD6 checking mail for spam 2006-10-16 08:27:24 1GZL0U-0006VR-9U <= [EMAIL PROTECTED] H=(Lwanga) [41.220.1.228]:28746 I=[217.212.242.5]:25 P=esmtp S=12674 [EMAIL PROTECTED] T="RE: CCM FACILITATOR" from <[EMAIL PROTECTED]> for [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] 2006-10-16 08:27:37 1GZL0U-0006VR-9U mxc01.mxrc.co.za [196.35.198.22]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U pcbhda.dyndns.org [196.209.53.80]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U mxc01.mxrc.co.za [196.37.246.22]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U lycas.pcb.co.za [196.14.2.14]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U mxc01.mxrc.co.za [196.35.198.23]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U mxc01.mxrc.co.za [196.37.246.26]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U mxc01.mxrc.co.za [196.37.246.21]:25 Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (111): Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (111): Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (111): Connection refused 2006-10-16 08:27:37 1GZL0U-0006VR-9U == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (-53): retry time not reached for any host 2006-10-16 09:15:25 1GZL0U-0006VR-9U => [EMAIL PROTECTED] F=<[EMAIL PROTECTED]> P=<[EMAIL PROTECTED]> R=dnslookup T=remote_smtp S=13094 H=mx1.mail.ukl.yahoo.com [195.50.106.7]:-1* C="250 ok dirdel" QT=48m3s DT=3s. ############# 2006-10-16 09:30:43 1GZLzf-0000aT-MO PD5 checking message for malware 2006-10-16 09:30:45 1GZLzf-0000aT-MO PD6 checking mail for spam 2006-10-16 09:30:45 1GZLzf-0000aT-MO <= [EMAIL PROTECTED] H=(Gilat) [41.220.6.134]:28811 I=[217.212.242.5]:25 P=smtp S=413384 [EMAIL PROTECTED] T="Fw: MTN Backup to disk solution in 3 phases (II)" from <[EMAIL PROTECTED]> for [EMAIL PROTECTED] 2006-10-16 09:30:45 1GZLzf-0000aT-MO gmail-smtp-in.l.google.com [66.249.93.27]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO gmail-smtp-in.l.google.com [66.249.93.114]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO alt2.gmail-smtp-in.l.google.com [64.233.167.27]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO alt2.gmail-smtp-in.l.google.com [64.233.167.114]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO alt1.gmail-smtp-in.l.google.com [72.14.205.27]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO gsmtp163.google.com [64.233.163.27]:25 Connection refused 2006-10-16 09:30:45 1GZLzf-0000aT-MO == [EMAIL PROTECTED] R=dnslookup T=remote_smtp defer (111): Connection refused Before this, this server had worked perfectly for about two years. Any ideas ? -- Richard -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
