I have a domain which is receiving lots of junk mail; perhaps "backscatter" from some spamming. I thought I'd share my experience dealing with it. This was seriously hammering my server: Code: top - 02:09:37 up 60 days, 10:11, 1 user, load average: 22.36, 85.27, 83.81 Tasks: 197 total, 2 running, 195 sleeping, 0 stopped, 0 zombie Cpu(s): 7.0% us, 1.3% sy, 0.0% ni, 0.0% id, 91.0% wa, 0.7% hi, 0.0% si Mem: 506736k total, 482052k used, 24684k free, 7100k buffers Swap: 1015800k total, 981944k used, 33856k free, 32044k cached One solution which helped was to change the default address from :blackhole to :fail This did massively reduce the server load. However it means I'm now backscattering junk myself from this domain. One question is - is there anyway I can get the effect of :blackhole with the server load of :fail I watched the junk via: tail -f /var/log/exim_mainlog Something else which might help others - my server was so overwhelmed I could not get to WHM/Cpanel so via ssh I ran: perl -pi -e "s/:blackhole:/:fail:/g;" /etc/valiases/thedomainname.co.uk then restarted This gave me most of my functionality back... Another question - why did it take some time for some domains to work? accessing sites via IPs worked straight away, but even though BIND was up and working again accessing by domain didn't - it took a few minutes - as if something was propagating? Perhaps some DNS cache somewhere on my ISP maybe??? I then changed the MX record on the domain to mail.example.com (this hasn't had much effect) yet, the site runs a forum so I'll have to turn it back at somepoint but I thought this might help get rid of this evening's problem? Any comments / suggestions?