Page 12 of 21 FirstFirst ... 21011121314 ... LastLast
Results 221 to 240 of 408

Thread: SpamBlocker-Powered exim.conf, Version 4

  1. #221
    nobaloney's Avatar
    nobaloney is offline NoBaloney Internet Svcs - In Memoriam †
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Quote Originally Posted by dvnscr View Post
    I didn't find in version 4

    acl_connect:
    accept hosts = *
    delay = 3s - this line

    is there a reason?
    I don't see that anywhere in either my latest SpamBlocker version 4.1, or in the older one distributed by DirectAdmin. Where did you get your file?

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  2. #222
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    It used to be there in v3, but it's best to split that rule in two:
    - 3s delay for unknown senders
    - no delay for authorized senders
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  3. #223
    nobaloney's Avatar
    nobaloney is offline NoBaloney Internet Svcs - In Memoriam †
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Why is it helpful at all? Does it cause servers to drop and resend? Or just delay busy servers trying to do their jobs?

    And how would you define an authorized sender?

    There's got to be a reason why I dropped it; maybe it's because I thought it wasn't helpful.

    So help me here .

    Thanks.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  4. #224
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    You just delay busy servers which will wait anyway because they're polite . Some spammers won't wait and will get told off that way.
    And you're right, I've just checked my code and you don't change the rule based on the sender, but based on the port. We force our customers to use port 587 for smooth email sending.
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  5. #225
    nobaloney's Avatar
    nobaloney is offline NoBaloney Internet Svcs - In Memoriam †
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    If my recollection is correct my latest SpamBlocker exim.conf file for DirectAdmin, Version 4.1, requires plaintext authentication over port 587, and doesn't allow receive before sending as authentication (though the code may still be there; I honestly don't remember).

    I personally use (but not for everyone) an MX 0 (lowest cost [highest priority] MX) that doesn't answer at all. I consider that more polite, because we don't ask the busy server to wait 3 seconds, only to try again the newer MX. My experience has been that this also works because spammers often won't try second MX if first one doesn't respond.

    What code would you recommend I use? And where do you put it?

    Thanks.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  6. #226
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    Quote Originally Posted by jlasman View Post
    I personally use (but not for everyone) an MX 0 (lowest cost [highest priority] MX) that doesn't answer at all. I consider that more polite, because we don't ask the busy server to wait 3 seconds, only to try again the newer MX. My experience has been that this also works because spammers often won't try second MX if first one doesn't respond.
    We use the same trick and it does lighten the load. The delay is a historical feature. Lots of Exim scripts do delay connections, sometimes by adding more time at each retry. I haven't done my homework to figure out if the downsides outweigh the plus sides...
    People on BlackBerry may want to remove it in order to get even more instant emails .

    Here is something that works...
    Code:
    begin acl
    
    #EDIT#24:
    acl_connect:   
      # Accept right away messages sent on port 587
      accept  hosts = +auth_relay_hosts
              condition = ${if eq {$interface_port}{587} {yes}{no}}  
              
      # Accept hosts who are polite enough to wait rather than just send, as spammers do
      accept hosts = *
    	     delay = 3s
             
      # Deny hosts who don't wait      
      deny message = Too quick on the draw - to unblock wait for helo/ehlo
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  7. #227
    nobaloney's Avatar
    nobaloney is offline NoBaloney Internet Svcs - In Memoriam †
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    I'll think about it and perhaps ask around. Please remind me in a week or so if you remember.

    Thanks.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  8. #228
    Join Date
    Nov 2009
    Location
    São Paulo - Brazil
    Posts
    161
    Quote Originally Posted by jlasman View Post
    I personally use (but not for everyone) an MX 0 (lowest cost [highest priority] MX) that doesn't answer at all. I consider that more polite, because we don't ask the busy server to wait 3 seconds, only to try again the newer MX. My experience has been that this also works because spammers often won't try second MX if first one doesn't respond.
    For those who want to know more about this technique, it is called "nolisting":

    http://nolisting.org/
    http://en.wikipedia.org/wiki/Nolisting

    We also use it with success.

  9. #229
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    And a simple way to implement it is just to use one of the billion IPv6 your DC has given you as a dead IP for your MX.
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  10. #230
    Join Date
    Mar 2007
    Posts
    92
    Quote Originally Posted by jlasman View Post
    I don't remember why I've removed them. I have been thinking of reinserting them.

    More comments?

    Jeff
    It's a good setting to have in by default. I used to get server lock up bad when customers set a vacation message and goes off for a few days, then get hit by another server's auto/vacation message. What makes it worse is if the other mailbox is also full or undeliverable.

    It won't be noticed initially while the mailbox has space or just exceeded. But at some point, the size of the queue reaches a tipping point and the whole thing just goes dead until a reboot followed by stopping exim before it can get started again.

    On the other hand, I suppose if you had implemented quota checking during smtp, before accept, then this may had been removed since it won't be necessary anymore.

    However, I just looked at the v4 conf file I downloaded to deal with backscatter and it doesn't seem like any pre-accept quota checking is in?

  11. #231
    Join Date
    Mar 2004
    Location
    Edinburgh,Scotland
    Posts
    329

    Strange Clamd/exim Issue

    Installed the latest version 4 of spamblocker. Installed clamd via custombuild using the default set-up and have enabled the following in exim.conf:

    av_scanner = clamd:/var/run/clamav/clamd

    And enabled all the clamd parts thereafter but the issue I receive upon sending is:

    malware acl condition: clamd: unable to connect to UNIX socket /var/run/clamav/clamd.pid (Permission denied)
    This indicated that the path is wrong to the clamd file but the directory is there and the clamd process running:

    tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 0 7752 5502/clamd
    Any ideas?


    Jon

  12. #232
    Join Date
    Oct 2004
    Location
    London, UK
    Posts
    6,641
    Use the:

    Code:
    av_scanner = clamd:127.0.0.1 3310

    option in exim.conf instead of pid/sock file and restart exim.

    Regards
    SeLLeRoNe - Andrea Iannucci
    DevOps Engineer - System Administrator
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

  13. #233
    Join Date
    Jul 2007
    Posts
    413
    I'm having a strrange problem with my Android phone and Spamblocker 4. Note that spamblocker 3.1-beta was working. I only replaced the exim.conf and the exim.pl to break it.

    I get an error in my logs

    2012-01-13 11:01:59 H=82.sub-166-250-69.myvzw.com (10.187.38.2) [166.250.69.82] rejected EHLO or HELO 10.187.38.2: HELO is an IP address (See RFC2821 4.1.3)
    So I commented out in EDIT#25 the part saying to check if HELO is an IP. That stopped it from logging that error but mail still doesn't go out. Any idea's
    www.sweetpc.biz
    Web Hosting, email, website design, dedicated servers, vps, colocation

  14. #234
    Join Date
    Jul 2007
    Posts
    413
    Okay, I don't know why, but deleting the account that was working fine on my phone and adding it back fixed the problem after commenting out the line in EDIT#25. The real question is what are the ramifications of letting HELO be an IP address?
    www.sweetpc.biz
    Web Hosting, email, website design, dedicated servers, vps, colocation

  15. #235
    Join Date
    Jun 2007
    Location
    California
    Posts
    498
    My guess is that deleting and re-adding the account probably caused something to run automatically to figure out what the server requires. The newest SpamBlocker exim.conf file is more picky about how it accepts email for transit off the server.

    You've had to change your settings to allow HELO to be an IP address because your cellphone vendor isn't using a hostname in the HELO, as it should. The ramification is that you may end up getting more spam; many spammers use IP#s in their HELO.

    You could probably change your exim.conf file to allow IP#s only when submitting authenticated email on port 587, but I've not looked into how to do that.

    Jeff
    Serving the DirectAdmin community since 2003
    See Additional posts under user nobaloney

    directadmin@nobaloney.net +1 951 643-5345
    Contract DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    http://www.nobaloney.net
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  16. #236
    Join Date
    Jul 2007
    Posts
    413
    Quote Originally Posted by NoBaloney2 View Post
    You've had to change your settings to allow HELO to be an IP address because your cellphone vendor isn't using a hostname in the HELO, as it should. The ramification is that you may end up getting more spam; many spammers use IP#s in their HELO.

    You could probably change your exim.conf file to allow IP#s only when submitting authenticated email on port 587, but I've not looked into how to do that.

    Jeff
    I've had to do a few other mods to get email going. HELO seems to be the only thing I am having trouble with. I had to disable a couple of the checks in EDIT#27 as well (P.S. Loving the EDIT# documentation, makes your SpamBlocker 1000% easier to configure. thanks!)

    I've Googled HELO a bit, but haven't really found a brief explaination. From what I gather it is a newer protocol that uses FQDN for a handshake. Seems like a good idea, but I've been getting complaints about good mail not being able to get thru.
    www.sweetpc.biz
    Web Hosting, email, website design, dedicated servers, vps, colocation

  17. #237
    Join Date
    Jun 2007
    Location
    California
    Posts
    498
    By default we only use the first and third stanzas under EDIT#27. The others appear problematic to me. Which ones do you use? Not use?

    Jeff
    Last edited by NoBaloney2; 01-17-2012 at 09:53 AM. Reason: fixed error; wrote second, should be third
    Serving the DirectAdmin community since 2003
    See Additional posts under user nobaloney

    directadmin@nobaloney.net +1 951 643-5345
    Contract DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    http://www.nobaloney.net
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  18. #238
    Join Date
    Jul 2007
    Posts
    413
    Quote Originally Posted by NoBaloney2 View Post
    By default we only use the first and second stanzas under EDIT#27. The others appear problematic to me. Which ones do you use? Not use?

    Jeff
    I am only using #3 (EDIT#27 deny #3), the others are all commented out.
    www.sweetpc.biz
    Web Hosting, email, website design, dedicated servers, vps, colocation

  19. #239
    Join Date
    Jun 2007
    Location
    California
    Posts
    498
    Sorry, my error. We use first and third. I've corrected my post.

    HELO has been around almost forever, most of now use EHLO, to advertise extended capabilities, but the rules are similar.

    Everything should work with #3 enabled; you might just get some additional spam if #1 isn't enabled as well.

    Jeff
    Serving the DirectAdmin community since 2003
    See Additional posts under user nobaloney

    directadmin@nobaloney.net +1 951 643-5345
    Contract DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    http://www.nobaloney.net
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  20. #240
    Join Date
    Feb 2012
    Posts
    41

    Dnsbl check seems not work

    Hi!

    I edited the default conf, but it seems that dnsbl check doesn't work. Has someone an hint? (This is the first time I configure an exim mail server, so apologize in advance if it is a trivial issue.)

    use_rbl_domains is a symlink to domains

    My orig/myconf diff:

    Code:
    --- SpamBlockerTechnology-Version-4.1.exim.conf.txt.orig	2012-02-13 18:03:15.619666818 +0100
    +++ /etc/exim.conf	2012-02-18 15:45:33.095466016 +0100
    @@ -57,10 +57,10 @@
     # CONFIGURATION STARTS HERE
     
     #EDIT#1:
    -# primary_hostname =
    +primary_hostname = xxxxxxxxxxxxxxx
     
     #EDIT#2-CLAMAV:
    -# av_scanner = clamd:/var/run/clamav/clamd
    +av_scanner = clamd:/tmp/clamd.socket
     
     #EDIT#3:
     # qualify_domain =
    @@ -81,7 +81,7 @@
     local_from_check = false
     
     #EDIT#9:
    -message_size_limit = 20M
    +message_size_limit = 70M
     smtp_receive_timeout = 5m
     smtp_accept_max = 100
     message_body_visible = 3000
    @@ -136,7 +136,7 @@
     hostlist whitelist_hosts_ip = /etc/virtual/whitelist_hosts_ip
     
     #EDIT#15:
    -#domainlist skip_av_domains = lsearch;/etc/virtual/skip_av_domains
    +domainlist skip_av_domains = lsearch;/etc/virtual/skip_av_domains
     
     #EDIT#16:
     hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
    @@ -244,8 +244,8 @@
       #       condition  = ${if match{$sender_helo_name}{\N\.home$\N}}
     
     #EDIT#28:
    -  # warn domains = +skip_av_domains
    -  # set acl_m0 = $tod_epoch
    +  warn domains = +skip_av_domains
    +  set acl_m0 = $tod_epoch
     
     #EDIT#29:
       deny  domains       = !+local_domains
    @@ -319,12 +319,14 @@
            !authenticated = *
            dnslists = \
            cbl.abuseat.org : \
    -       dnsbl.njabl.org : \
            bl.spamcop.net : \
            dnsbl.ahbl.org : \
            combined.rbl.msrbl.net : \
    -       b.barracudacentral.org : \
            zen.spamhaus.org : \
    +       dul.dnsbl.sorbs.net : \
    +       combined.njabl.org : \
    +       bhnc.njabl.org : \
    +       psbl.surriel.com : \
            hostkarma.junkemailfilter.com=127.0.0.2
     
     #EDIT#42:
    @@ -366,27 +368,27 @@
     
     #EDIT#46:
       ## accept without checking if in skip_av_domains
    -  # accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}}
    +   accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}}
     
       ## deny if email contains malformed MIME header
    -  # deny message = This message contains malformed MIME (malformed_MIME:$demime_reason)
    -  # demime = *
    -  # condition = ${if >{$demime_errorlevel}{2}{1}{0}}
    +   deny message = This message contains malformed MIME (malformed_MIME:$demime_reason)
    +   demime = *
    +   condition = ${if >{$demime_errorlevel}{2}{1}{0}}
     
       ## deny if email containing virus or other harmful content
    -  # deny message = This message contains a virus or other harmful content (virus_in_message:$malware_name)
    -  # demime = *
    -  # malware = *
    +   deny message = This message contains a virus or other harmful content (virus_in_message:$malware_name)
    +   demime = *
    +   malware = *
      
       ## deny  if email contains an attachment of type we don't accept.
    -  # deny message = This message contains an attachment of a type which we do not accept (attachment_not_allow:.$found_extension)
    -  # demime = bat:com:pif:prf:scr:vbs:html
    +   deny message = This message contains an attachment of a type which we do not accept (attachment_not_allow:.$found_extension)
    +   demime = bat:com:pif:prf:scr:vbs:html
      
       ## Accept but put warning into headers if message over 1000k
    -  # warn message = X-Antivirus-Scanner: Skipped scanning; size over 1000K. You should use an Antivirus Scanner
    -  # condition = ${if >={$message_size}{1000k} {1}{0}}
    +   warn message = X-Antivirus-Scanner: Skipped scanning; size over 1000K. You should use an Antivirus Scanner
    +   condition = ${if >={$message_size}{1000k} {1}{0}}
      
    -  # warn message = X-Antivirus-Scanner: Seems clean.  You should still use an Antivirus Scanner
    +   warn message = X-Antivirus-Scanner: Seems clean.  You should still use an Antivirus Scanner
     
       ## The end of the acl_check_message acl (ClamAV)
       ## Do NOT comment out the line below or all messages will be denied.
    @@ -438,19 +440,19 @@
     #DIRECTORS CONFIGURATION
     
     #EDIT#50:
    -# spamcheck_director:
    -#   driver = accept
    -#   condition = "${if and { \
    -#    {!def:authenticated_id} \
    -#    {!def:h_X-Spam-Flag:} \
    -#    {!eq {$received_protocol}{spam-scanned}} \
    -#    {!eq {$received_protocol}{local}} \
    -#    {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
    -#    {<{$message_size}{100k}} \
    -#    } {1}{0}}"
    -#  retry_use_local_part
    -#  transport = spamcheck
    -#  no_verify
    + spamcheck_director:
    +   driver = accept
    +   condition = "${if and { \
    +    {!def:authenticated_id} \
    +    {!def:h_X-Spam-Flag:} \
    +    {!eq {$received_protocol}{spam-scanned}} \
    +    {!eq {$received_protocol}{local}} \
    +    {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
    +    {<{$message_size}{100k}} \
    +    } {1}{0}}"
    +  retry_use_local_part
    +  transport = spamcheck
    +  no_verify
     
     majordomo_aliases:
       driver = redirect
    @@ -691,6 +693,12 @@
     #COMMENT#61:
     remote_smtp:
       driver = smtp
    +  interface = 89.163.177.50
    +  dkim_domain = $sender_address_domain
    +  dkim_selector = x
    +  dkim_private_key = ${if exists{/etc/virtual/$sender_address_domain/dkim.private.key}{/etc/virtual/$sender_address_domain/dkim.private.key}{0}}
    +  dkim_canon = relaxed
    +  dkim_strict = 0
     
     #EDIT#62:
     address_pipe:

Page 12 of 21 FirstFirst ... 21011121314 ... LastLast

Similar Threads

  1. Which version of Exim is SpamBlocker compatible with?
    By Christopher in forum SpamBlocker4
    Replies: 2
    Last Post: 01-04-2013, 11:40 AM
  2. Replies: 4
    Last Post: 02-23-2012, 04:40 PM
  3. SpamBlocker-Powered exim.conf Version 4 changelog
    By nobaloney in forum SpamBlocker4
    Replies: 2
    Last Post: 06-19-2011, 02:51 PM
  4. Spamblocker Version
    By chrisrandell in forum SpamBlocker
    Replies: 8
    Last Post: 05-03-2009, 04:36 PM
  5. Turning Spamblocker on in exim.conf
    By louie55 in forum E-Mail
    Replies: 4
    Last Post: 01-31-2005, 06:19 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •