Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

The service “exim” appears to be down

Comments

3 comments

  • cPRex Jurassic Moderator
    Hey hey! I'm sorry to hear about this issue. It's unlikely a host's typical DDoS protection would also include connections over the mail ports, as those systems are usually designed for web traffic only. Do you have cPHulk enabled on the machine? This would track failed logins and there is an option to "Block IP addresses at the firewall level if they trigger brute force protection" that would permanently block anyone with failed logins. You'll just want to make sure you whitelist your own IP so you can login if something triggers a block on the root user, but that may be a good solution for this problem after it has been running for an hour or so as cPHulk monitors the following services:
    • cPanel services (Port 2083).
    • WHM services (Port 2087).
    • Mail services (Dovecot and Exim).
    • The Pure-FTPd service.
    • Secure Shell (SSH) access.
    0
  • 360webfirm
    I do have it enabled for sure. I also have c panel monitor all of that. The issue is that its too many connections, but thsoe are not really connections as there are only two email on the complete server for internal emails, most of the accounts use external MX records and emails from places like Google, Outlook etc. I dont like to support email so I ask clients to buy email elsewhere. Its just two small acounts that have one email each so I am sure this is NOT using the connections, but rather the email is being DDOS from an outside source. With Exim being offline, will this cause issues with External emails? Example, one client that uses Google for thier email and have it set to remote with MX records from Google on the zone. If the Exim is not working, will this effect those external emails?
    0
  • cPRex Jurassic Moderator
    Turning off Exim will not have any affect on domains using remote MX records, as incoming mail wouldn't reach your server. If their website has any forms or tools that send messages, those would no longer be able to send mail. Another option would be to only allow your user's remote IP addresses to connect through SMTP, POP, and IMAP using WHM >> Host Access Control, as other connections would then be blocked:
    0

Please sign in to leave a comment.