Page 1 of 21 12311 ... LastLast
Results 1 to 20 of 408

Thread: SpamBlocker-Powered exim.conf, Version 4

  1. #1
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122

    SpamBlocker-Powered exim.conf, Version 4

    SpamBlocker-Powered exim.conf, Version 4 is ready!

    After four years or so, the new SpamBlocker-powered exim.conf file is now released for immediate availability.

    Features:
    • Much better documentation; almost every line is documented
    • Optional defined smtp connect-time ACL for more control
    • Better detection of incorrect hostnames at helo time
    • Rejection of mailer-daemon replies if server didn't send email
    • Choice of blocking order: choose either block for all domains except those on exclusion list, or block for no domains except those on inclusion list
    • Local and DNS-based whitelists
    • Local and DNS-based blocklists
    • A newly-updated selection of DNS-based blocklists, including some which may not be free to use depending on your usage patterns
    • A single list of DNS-based blocklists makes it easier to see what you're using, and to make changes as required/desired
    • Optional blocking of local relay submission on localhost
    • Blocking of .html attachments by default to block recent attacks
    • Optional integration with SpamAssassin
    • Optional integration with ClamAV
    • Easy Spam Fighter (ESF)
    • Block Cracking (BC)

    Requirements:
    • Exim 4.60 or later, compiled for DirectAdmin
    • Dovecot / Maildir

    New: Installation is available

    More information and download available at the NoBaloney Internet Services website.
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  2. #2
    Join Date
    Feb 2005
    Location
    The Netherlands
    Posts
    340
    Fantastic, congrats on the release, does this also mean version 4 is suitable for production servers as of now?

  3. #3
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    It's suitable for mine. It's been working on two of them for about a week since the last change.

    That's one of the reasons for the delay; another reason was so I could release it with the documentation.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  4. #4
    Join Date
    Aug 2005
    Posts
    162
    I just updated one of our servers to the new SpamBlockerTechnology powered conf file along with exim.pl. Everything appears to be working fine, but I am seeing the following error in the "/var/log/exim/mainlog" file.

    Code:
    2010-09-24 16:09:29 unknown named host list "+relay_hosts"
    Any idea what would be causing this?
    Last edited by rocketcity; 09-24-2010 at 02:25 PM.
    =Greg=
    Rocket City Hosting

  5. #5
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    Does your newly-installed copy of exim.conf have these lines:
    Code:
    #EDIT#16:
    # hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
    The # mark at the beginning of the second line is an error. (I'll fix it in our distribution file within an hour or two.)

    Remove the # mark and restart exim.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  6. #6
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    Thanks for bringing the error to my attention.

    Update made in our distribution file. Note we're no longer adding version numbers for very minor changes; instead the date-time stamp will be the indicator.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  7. #7
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,641
    Will this version be used by JBMC by default in time, or will it be just for manual (self) installs?
    Regards, Peter
    UK Web Hosting - Professional & Reliable Shared and VPS Hosting! Offering DirectAdmin licences on our VPS's

  8. #8
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    That will be entirely up to them. I know John has looked at it already.

    There are some additional files required, and of course it requires that Maildir/Dovecot be installed. It may require contents of one file to be moved to two other files.

    DirectAdmin and in fact anyone else can reuse or redistribut it in any manor; as long as it stays under the GNU General Public License.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  9. #9
    Join Date
    Aug 2005
    Posts
    162
    Thanks Jeff, that worked.
    =Greg=
    Rocket City Hosting

  10. #10
    Join Date
    Nov 2006
    Posts
    7
    it seems that SpamBlocker4 breaks compatibility with 'pop before smtp' and only accepts smtp authentication via username/password.

    there are several embedded email clients (in fax machines for example) that support only "pop before smtp" and cannot send email

    R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)

    any suggestions how to fix this?

  11. #11
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    Have you read the README file? This is covered in the README (nobaloney.net) file, at EDIT#27.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  12. #12
    Join Date
    Nov 2006
    Posts
    7
    I have read the README (many times actually) but it's doesn't give an answer to what I was pointing out.

    I DO want my SMTP to require authentication but also to accept it in the form of POP before SMTP.

    The da-popb4smtp keeps track of logins by writing to file pophosts_user. Is there a way to use this file to enable this kind of access?

  13. #13
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    I've made no changes to exim.conf to disable popb4smtp, and the file still exists and should work. My feeling is the problem is that the helo requirement is blocking the user, and the only way I know how to solve that is to change the helo requirement.

    Because you posted
    R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)
    I presume that's what you think as well.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  14. #14
    Join Date
    Jan 2008
    Location
    Deventer, Netherlands
    Posts
    27
    I'm also getting various "R1" messages with SpamBlocker 4 in my mainlog from valid users of our SMTP server:
    "R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)".

    Users are using Outlook, and didn't have any problems sending with SpamBlocker 3.

    How do I debug such problems further? Can I detect/find out which HELO they did send?

  15. #15
    Join Date
    Jan 2008
    Location
    Deventer, Netherlands
    Posts
    27
    For your information, below the exact messages, both are valid users, it's their own IP, they try to send valid e-mails, and they are customers of us:

    Code:
    2010-10-06 10:29:43 H=###-84-106-208.adsl.xs4all.nl (GebruikerPC) [83.163.5.###] F=<info@###.nu> rejected RCPT <###@gmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)
    2010-10-06 10:29:43 H=###-84-106-208.adsl.xs4all.nl (GebruikerPC) [83.163.5.###] incomplete transaction (QUIT) from <info@###.nu>
    2010-10-06 10:29:45 H=###-163-177-140.adsl.xs4all.nl (hoofdpc) [83.163.177.###] F=<info@###.nl> rejected RCPT <###@###.nl>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)
    2010-10-06 10:29:53 H=###-163-177-140.adsl.xs4all.nl (hoofdpc) [83.163.177.###] incomplete transaction (QUIT) from <info@###.nl>
    Last edited by AndriesLouw; 10-12-2010 at 01:28 AM.

  16. #16
    Join Date
    Jan 2008
    Location
    Deventer, Netherlands
    Posts
    27

    Exclamation

    Sorry for my double-double post, but the problems seem to be related to popb4smtp;

    If you use POP-authentication before SMTP, error "R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)" is triggered, because the user isn't authenticated.

    If you let the user change his/her settings to use SMTP-authentication with user/pass, all problems are solved. At least this worked for my users.

    Is it possible to change the message if the user isn't authenticated, instead of trowing a confusing "HELO"-error? Because the problem isn't the HELO but the authentication that's missing.

  17. #17
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    You can change the message to anything you want.

    However the problem IS because HELO is incorrect. If the user is authenticated, then HELO isn't checked.

    HELO is incorrect because local (desktop) machines generally don't identify themselves ins HELO with as fully qualified domain name.

    If you remove the HELO check and the user isn't authenticated, then another ACL will catch that an unauthenticated user is trying to relay through the server, and a different error will be generated.

    However, then spammers who send email from their desktop machines (generally compromised desktop machines) will be able to spam recipients on your server.

    Be sure to restart exim after making any changes to the exim.conf file.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  18. #18
    Join Date
    Dec 2006
    Posts
    51
    Quote Originally Posted by jlasman View Post
    Does your newly-installed copy of exim.conf have these lines:
    Code:
    #EDIT#16:
    # hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
    The # mark at the beginning of the second line is an error. (I'll fix it in our distribution file within an hour or two.)

    Remove the # mark and restart exim.

    Jeff
    I've made this modify but messages in paniclog persist, any ideas on how to resolve this?

    010-10-06 14:44:35 unknown named host list "+relay_from_hosts"

  19. #19
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    You've found another error in the new file. It's not a critical error mail delivery, because it stops delivery, but without notice to the sending (spamming) server, as it should, but it still needs to be fixed so it will notify the sending server.

    Replace
    Code:
    +relay_from_hosts
    with
    Code:
    +relay_hosts
    and restart exim.

    I've changed the distribution code.

    I'll create a new thread with a changelog in the next few days.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  20. #20
    Join Date
    Dec 2006
    Posts
    51
    I've modified the file, thanks

Page 1 of 21 12311 ... LastLast

Similar Threads

  1. Which version of Exim is SpamBlocker compatible with?
    By Christopher in forum SpamBlocker4
    Replies: 2
    Last Post: 01-04-2013, 11:40 AM
  2. Replies: 4
    Last Post: 02-23-2012, 04:40 PM
  3. SpamBlocker-Powered exim.conf Version 4 changelog
    By nobaloney in forum SpamBlocker4
    Replies: 2
    Last Post: 06-19-2011, 02:51 PM
  4. Spamblocker Version
    By chrisrandell in forum SpamBlocker
    Replies: 8
    Last Post: 05-03-2009, 04:36 PM
  5. Turning Spamblocker on in exim.conf
    By louie55 in forum E-Mail
    Replies: 4
    Last Post: 01-31-2005, 06:19 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •